What is Asymmetric Key Authentication in information security?

Information SecuritySafe & SecurityData Structure

Asymmetric encryption is a type of encryption that needs two separates yet mathematically associated keys to encrypt and decrypt information. The public key encrypts data while its correlating private key decrypts it.

Asymmetric key authentication is a cryptographic approach that uses a different verification key in the CAD than the proving key utilized by the smart card. This method is usually executed using trapdoor one-way functions, in which smart card creates an electronic signature with its secret key and the CAD needs a public key to authenticate the signature.

The Rivest-Shamir-Adelman (RSA) public key cryptosystem is the generally implemented asymmetric key authentication method. It places the security of the algorithm in the complexity of factoring large prime numbers.

Authentication using the asymmetric key with a trapdoor function is defined in the following steps which are as follows −

  • The CAD transmits a random number (X) to the smart card.

  • The smart card transmits its identification word (I) and the random number encrypted (Y) with the secret key (k) in the smart card. It also supports its public key (n) as a certificate formed with n and I. The certificate supports a way for the CAD to test the validity of the public key.

  • The CAD checks the cards response by deciphering Y (X') and comparing it to the initial random number.

Implementation of RSA needed an exponentiation structure for computing the electronic signature, an associatively large random access memory (RAM) for saving intermediate values, larger program memory for storing the more instructions needed by the algorithm, and more time for computation.

Currently, cards that have implemented asymmetric key cryptography are sold at a larger cost than general goals cards, but are also able to calculate electronic signatures for documents.

The Digital Signature Standard (DSS) developed by the National Institute of Standards and Testing (NIST) can be used to smart card authentication. This method was developed for making document signatures in the U.S. Government and can be a suitable choice for government application authentication. Its strength lies in the complexity in computing discrete logarithms. It has an advantage that several intermediate values for an authentication can be "pre-evaluated" so that the authentication time can be decreased.

The crux of public key systems, particularly those that are used for authentication goals, is key distribution. The certificate enable the smart cards to support the verification key to the CAD. The certificate is formed when the card is initialized utilizing a system wide secret key.

The CAD are loaded with the system wide verification key that can authenticate the certificate supplied by the smart card. When the card used the certificate, the CAD analyse the certificate into the smart card's verification key and the card identity number. The identity number is used as a check value to provide the public key's authenticity.

Updated on 09-Mar-2022 08:04:22