Asymmetric Cryptography


               The section “Modern Cryptography” in Chapter 6 introduced the basic
               principles behind both private (symmetric) and public (asymmetric)
               key cryptography. You learned that symmetric key cryptosystems

               require both communicating parties to have the same shared secret
               key, creating the problem of secure key distribution. You also learned
               that asymmetric cryptosystems avoid this hurdle by using pairs of
               public and private keys to facilitate secure communication without the
               overhead of complex key distribution systems. The security of these

               systems relies on the difficulty of reversing a one-way function.
               In the following sections, we’ll explore the concepts of public key

               cryptography in greater detail and look at three of the more common
               public key cryptosystems in use today: Rivest–Shamir–Adleman
               (RSA), El Gamal, and the elliptic curve cryptography (ECC).


               Public and Private Keys


               Recall from Chapter 6 that public key cryptosystems rely on pairs of
               keys assigned to each user of the cryptosystem. Every user maintains
               both a public key and a private key. As the names imply, public key
               cryptosystem users make their public keys freely available to anyone
               with whom they want to communicate. The mere possession of the
               public key by third parties does not introduce any weaknesses into the

               cryptosystem. The private key, on the other hand, is reserved for the
               sole use of the individual who owns the keys. It is never shared with
               any other cryptosystem user.

               Normal communication between public key cryptosystem users is
               quite straightforward. Figure 7.1 shows the general process.