Unit 3: Asymmetric Key Algorithm and RSA

Study Notes

Digital signature provides non-repudiation of message, message authentication, and data integrity.
Digital signature ensures that sender cannot deny sending the message.
Digital signature is used in public-key primitives of message authentication.
Digital signature binds a person/entity to digital data, which can be independently verified by receiver and third party.

Encryption with digital signature provides confidentiality, authentication, integrity, and non-repudiation.
There are two methods to combine digital signature with encryption: sign-then-encrypt and encrypt-then-sign.
Encrypt-then-sign is a more reliable method, where receiver verifies the signature using sender's public key and then decrypts the data using private key.

Knapsack encryption algorithm is a public key cryptography algorithm developed by Ralph Merkle and Mertin Hellman in 1978.
It uses two different keys: public key for encryption and private key for decryption.
Easy knapsack problem is used as private key and hard knapsack problem is used as public key.

Asymmetric key algorithm uses two separate keys for encryption and decryption.
Public key is used for encryption and private key is used for decryption.
Advantage of asymmetric key algorithm is easier key distribution and integrity of message.
Disadvantage of asymmetric key algorithm is slower due to multiple keys.

RSA algorithm is a public key encryption technique that uses prime numbers for security.
RSA algorithm has two sets of keys: private key and public key.
RSA algorithm is used for key exchange, email security, web security, and encryption systems.

Symmetric key cryptography uses the same secret key for encryption and decryption.
Asymmetric key cryptography uses a pair of keys: public key for encryption and private key for decryption.
Symmetric key cryptography is faster and more efficient, but it has a key distribution problem.
Asymmetric key cryptography is more secure, but it is slower and more complex.### Asymmetric Encryption
Uses public and private keys for encryption and decryption
Digital signatures verify the validity and credibility of a message, software, or digital record
Provides proof of origin, identification, and status of an electronic record, transaction, or post

Encrypted email: uses public key to encrypt a file and private key to decode it
SSL/TLS cryptographic protocols: provides encrypted connections between websites and browsers
Bitcoin and other cryptocurrencies: public keys for transactions and private keys for security
Each unspent transaction output (UTXO) in the Bitcoin ledger is associated with a public key

No need to exchange keys, eliminating the key distribution issue
Improved security: private keys are never exchanged or exposed to others
Provides digital signatures that can be revoked
Message verification ensures the sender's authenticity and prevents message alteration

Slow speed compared to symmetric key encryption
Authentication of public keys is required to ensure they belong to the intended individual
Consumes more computer resources than symmetric key encryption
Loss of a private key can be irreversible

Each person has a public-private key pair
Private key is used for signing, and public key is used for verification
Hash value and signature key produce the digital signature
Verification algorithm compares the output with the hash value to verify the signature