This is known as a digital signature. When the receiver receives the message, they run the hash function over the data to regenerate the message digest. They decrypt using the public key, and if the digests match, then they know that the message was really sent by the purported sender, and that the message was not interfered with - the integrity of the message has been protected. Figure Then the following occurs: 1.
Now, because we want a secure algorithm, we're not quite as free as all that, but still, we do have considerably latitude. For asymmetric operations, it's different; we have complimentary 'public' and 'private' operations say, 'encrypt' and 'decrypt'.
The public and private keys must be related, but not in an obvious way; the holder of the public key must not be able to do the private operation unless he is also given a copy of the private key, in which case it becomes easy.
Because of this requirement, we can't use any arbitrary algorithm, instead we need to base it on a problem that allows this non-obvious relationship. Several such problems such as factorization, discrete logs in specific groups groups, the RSA problem, th DH problem in specific groups, lattice problems have been proposed and are as far as we know secure; however, none of them are as quick to evaluate as the symmetric operations.
Sign up to join this community. The best answers are voted up and rise to the top. Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Learn more.
Why is public-key encryption so much less efficient than secret-key encryption? Ask Question. Asked 10 years, 2 months ago. Active 7 years, 10 months ago.
Viewed 29k times. After giving a high level explanation of the difference between secret-key encryption and public-key encryption, the book says: So why do we bother with secret-key encryption if public-key encryption is so much easier? Why is public-key encryption so much less efficient then secret-key encryption?
Improve this question. Add a comment. Active Oldest Votes. Improve this answer. Thomas Pornin Thomas Pornin 83k 15 15 gold badges silver badges bronze badges. Samuel Neves Samuel Neves Sign up or log in Sign up using Google. However, TechBeacon warns that good encryption practices have to be used so that you don't experience many speed disadvantages of encryption with a public key. This includes using as few network connections as possible and sticking with close servers when you can.
Many public key systems use a third party to certify the reliability of public keys. For instance, if you were to encrypt sensitive corporate data to send to your attorney's computer, you'd want to be sure that the computer you were sending it to was really tied to his law firm.
The third party, called a certification authority, digitally signs their public key, turning it into a digital certificate, so that you can be sure it's safe to use. However, if the certification authority gets compromised, the criminal that did it could issue false certificates and fool people into sending data to the wrong place.
This has already happened. There are two ways to crack data encrypted with a public key system. The first is to find a hole in the underlying mathematics that can be used to break the cipher. As of the date of publication, no such hole is publicly known.
0コメント