What is Asymmetric Key Cryptography in information security?

Asymmetric cryptography is a second form of cryptography. It is called a Public-key cryptography. There are two different keys including one key is used for encryption and only the other corresponding key should be used for decryption. There is no other key can decrypt the message and not even the initial key used for encryption. The style of the design is that every communicating party needs only a key pair for communicating with any number of other communicating parties.

Asymmetric cryptography is scalable for use in high and ever expanding environments where data are generally exchanged between different communication partners. Asymmetric cryptography is used to exchange the secret key to prepare for using symmetric cryptography to encrypt information.

In the case of a key exchange, one party produce the secret key and encrypts it with the public key of the recipient. The recipient can decrypt it with their private key. The remaining communication would be completed with the secret key being the encryption key. Asymmetric encryption is used in key exchange, email security, Web security, and some encryption systems that needed key exchange over the public network.

The main problem for asymmetric-key cryptography is proving that a public key is authentic, and has not been tampered with or restored by a malicious third party. The beneficial method to this problem is to use a Public-key Infrastructure (PKI), in which one or more third parties, called a certificate authorities, certify ownership of key pairs. Another method, used by PGP, is the “web of trust” method to provide authenticity of key pairs.

Asymmetric key cryptography is a cryptographic technique that uses a several verification key in the CAD than the proving key used by the smart card. This method is usually implemented using trapdoor one-way functions, in which smart card creates an electronic signature with its secret key and the CAD needs a public key to authenticate the signature.

The Rivest-Shamir-Adelman (RSA) public key cryptosystem is the most frequently implemented asymmetric key authentication method. It places the security of the algorithm in the complexity of factoring large prime numbers.

The Digital Signature Standard (DSS) developed by the National Institute of Standards and Testing (NIST) can be used to smart card authentication. This method was produced for making document signatures in the U.S. Government and can be a preferred choice for government application authentication. Its strength lies in the complexity in computing discrete logarithms. It has an advantage that several intermediate values for an authentication can be "pre-evaluated" so that the authentication time can be decreased.

The crux of public key systems, particularly those that are used for authentication purposes, is key distribution. The certificate enables the smart cards to support the verification key to the CAD. The certificate is formed when the card is boot up using a system wide secret key.

Updated on: 10-Mar-2022

8K+ Views

Kickstart Your Career

Get certified by completing the course

Get Started