Cryptographic Standards and Security Mechanisms

Abstract

Cryptography is the study of techniques that can provide the privacy of communications and the protection of sensitive communications over the network (Encryption and Decryption). Encryption is the transformation of the data into a form that can’t be possible to read without the appropriate key, and as such it ensures that the privacy of such data is intact and it’s hidden from anyone unauthorized to read such data. On the other hand, decryption is the reverse process of encryption which ensures that data is transformed to its original form. The process of encryption and decryption usually requires a key, and for some mechanisms, the same key can be used for encryption and decryption process (RSA Laboratories, 2000).

In today’s technologies, cryptography is more than just encryption, and decryption. For example, authentication, and digital signature are parts of the security mechanism that is required by any security systems where a particular key and digital timestamp might be implemented (RSA Laboratories, 2000).

The standards specifications of the Public-Key Cryptography are produced by the RSA (Stands for Rivest, Shamir, and Adleman who are the developers of the Public-Key encryption and authentication algorithm) laboratories to accelerate the deployment of the Public-key cryptography among security developers worldwide. The first publication of such standards was published in 1991, and further improvement to the PKCS occurs through workshops and discussions. The Public-Key Cryptography Standards (PKCS) are a set of standard protocols that provide a security to the information exchange over a public network (RSA Laboratories, 2000).

Public-Key Cryptography Standards (PKCS)

Wang (n.d.) explained that cryptographic standards serve in avoiding common mistakes for used schema, and one of the common standards initiated by RSA is Public-Key Cryptography Standards (PKCS) which has a great effect on the use of the public key cryptography in practical implementation. The public key cryptography is based on cryptographic algorithm where two related keys are used: a private key and public key. With such mechanism, the client will keep the private key as a secret for later use while the public key is published in public directory (e.g. LDAP directory). The algorithm is required for public-key encryption/decryption and also for the signature algorithm. In addition, the encryption algorithm is used to encrypt data via the public key and as such; the recipient who has the corresponding private key will be able to decrypt the data. A signature algorithm along with the message transformed is used. The PKCS standards developed by RSA Laboratories helped to accelerate the public-key cryptography, and also contributed to other standards such as SSL/TLS (Secure Socket Layer/Transport Layer Security). 

Fry and Langhammer (2005) explained that RSA implementation of the Public-Key relies heavily on mathematics with large number to provide its security services. Communication performance can be related to the RSA implementation in providing its security services when computational software (e.g. VPN applications) is used. Based on the RSA paper for implementing Public-Key Cryptography, a modular exponentiation of encryption and decryption are used.  For the ease of the implementation it was proposed that both decryption and encryption use an identical function, and the only difference will be the input data.

Bexroukov (2009) explained that Public-Key encryption (asymmetric encryption) involves pair of keys (a public-key and Private-key) associated with an entity that required authentication. Public-Key cryptography facilitates the following tasks:

  • Encryption and decryption – two parties communicating together required that the sender encrypts the information before it is sent, and the receiver decrypts the information once it’s received, while in transmission process, the encrypted information is incomprehensive to any intruder.
  • Tamper detection – Allows the recipient to ensure that the information never been modified during the transmission.
  • Authentication Allows the recipient to identify the origin of the information, and also confirm the identity of the sender.
  • Non-repudiation Prevents sender from denying or claiming in later date that the information never been sent.

Public-Key encryption requires large computation, and as such; it is not recommended for a large amount of data. However, it is permissible to use public-key encryption to send symmetric key that can be used to encrypt any additional data. The power of encryption is related to the idea that it’s hard to locate the key by intruder since the both cipher and the length of the key used is very hard to be predicted. In general longer keys provide more powerful encryption (Bexroukov, 2009).

Jain, R. (2009) explained that Public-Key encryption was first invented in 1997 by Diffie and Hellman, and included the following implementation:

 

  • Encrypted Message = Encrypt (Key1, Message)
  • Message = Decrypt(Key2, Encrypted Message)

Conclusion

The Public-Key Cryptography Standards (PKCS) are produced via specification produced by RSA Laboratories in an effort to create the security standards that can be followed world wide. It becomes a standard of many other PKCS series such as SSL and S/MIME. With the public key cryptograph messages can be encrypted, and send to another person without key exchange (Network Management & Security, 2009).

Public-key cryptography is part of almost every security protocol where shared secret can be able to be negotiated between two parties online without any need to exchange any secrets data such as passwords and passphrase. With the public cryptography each party will take a part of the communication via pair of keys (a public key and a private key). Since the knowledge of the public key to the public doesn’t compromise the security of the algorithms, the public key can be exchanged online.  All the parts of the communication such as Public-Key cryptography, messages, and keys (private key and public key), are expressed numerically, and the entire operations are expressed mathematically during the communication process. Both public key and private key are represented by a mathematical function called the one-way function where the forward operation can be done easily while reversing such operation will be difficult to be done (Ms, 2002).

Finally, according to the public key cryptography, the public key is being calculated by the private key during the forward operation using the one-way function while obtain the private key from the public key is a reverse operation (Ms, 2002).  

References

Bexroukov, N. (2009) Introduction to Public-Key Cryptography [Online]. Available from: http://www.softpanorama.org/Algorithms/public_key_cryptography.shtml (Accessed: 20 November 2010).

Fry, J. & Langhammer, M. (2005) RSA & Public Key Cryptography in FPGAs [Online]. Available from: http://www.altera.com/literature/cp/rsa-public-key-cryptography.pdf (Accessed: 20 November 2010).

Jain, R. (2009) Public Key Encryption [Online]. Available from: http://www.cse.wustl.edu/~jain/cse571-09/ftp/l_08pka/sld003.htm (Accessed: 20 November 2010).

Ms, A. (2002) Public Key Cryptography [Online]. Available from: http://www.tataelxsi.com/whitepapers/pub_key2.pdf?pdf_id=public_key_TEL.pdf (Accessed: 20 November 2010). 

Network Management & Security (2009) Public-Key Asymmetric Cryptography [Online]. Available from: http://www.javvin.com/networksecurity/pk.html (Accessed: 20 November 2010).

RSA Laboratories (2000) Frequently Asked questions about Today’s Cryptography [Online]. Available from: http://www.rsa.com/rsalabs/node.asp?id=2124  (Accessed: 20 November 2010).

Wang, Y. (n.d.) Public-Key Cryptography Standards: PKCS [Online]. Available from: http://coitweb.uncc.edu/~yonwang/papers/pkcs.pdf (Accessed: 20 November 2010).

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: