Data is an invaluable resource in today’s competitive business environment. Thus, businesses must maintain data secrecy and security while controlling access to data. Moreover, with digitization becoming a norm and organizations automating their data processing operations, the chances of unauthorized access to sensitive data increase. Hence, businesses must establish a secure environment that protects valuable data and mitigates potential data threats.
Cryptography plays a critical role in data security to maintain confidentiality and integrity. A subtype of cryptography, public-key encryption or public-key cryptography, forms a crucial component in most data security policies worldwide.
This article will explore the concept of a public key in cryptography and its utility in protecting data.
Learn Software Development Courses online from the World’s top Universities. Earn Executive PG Programs, Advanced Certificate Programs or Masters Programs to fast-track your career.
What is cryptography in data security?
Cryptography refers to a set of techniques for protecting information and communications by disguising data so that only the intended recipient can process and read the contents. It relies on algorithms to encrypt data that only authorized individuals can decipher. Thus, cryptography mainly involves scrambling plaintext or ordinary text into ciphertext (encryption) and then reverting (decryption).
The word cryptography has its roots in the Greek term ‘Kryptos,’ meaning ‘hidden.’ Some of the earliest records of the use of cryptography dates back to the ancient Egyptians and Romans, including Julius Caesar’s famous Caesar cipher. Although the techniques used in the old days seem primitive and straightforward in today’s age and time, the ancient ciphers are a striking reminder of the necessity to protect sensitive information. With the evolution of technology, cryptography today has numerous applications, including digital signatures, internet browsing, messenger apps, emails, credit card transactions, online verifications, and cryptographic key generation.
What is a key in cryptography?
In cryptography, a key is a string of random characters in a defined order used to alter or scramble data within an encryption algorithm. In other words, a key in cryptography encrypts or locks data so that only someone with a valid key can decrypt or unlock it. The plaintext is the original data, and the ciphertext is after the key encrypts it.
Cryptography plays a massive role in data security systems. There are two broad classifications of cryptographic algorithms, symmetric-key algorithms (secret key algorithms) and asymmetric key algorithms (public key algorithms).
Popular Courses & Articles on Software Engineering
Meaning of Public-Key Cryptography
Public-key cryptography or asymmetric key encryption is a cryptography process where data is encrypted and decrypted using different keys. Although the keys are different, they are mathematically related to facilitating plaintext retrieval by decrypting the ciphertext. The most commonly used form of public-key encryption is based on the RSA algorithm.
In the asymmetric encryption process, one key encrypts the data, and another but corresponding key decrypts the data. The key that encrypts data is the public key, while a private key decrypts the information.
Moreover, the public key is widely known, whereas the private key is a secret. It means that while other people can use your public key to send you encrypted information, only you have access to the private or secret key to decode the text.
Advantages of Public-Key Cryptography
Public-key cryptography has the following functionalities:
- Encryption and decryption: The encryption and decryption features enable two parties to communicate with each other by disguising the information they exchange. The sender scrambles or encrypts the data before sending it, and the recipient unscrambles or decrypts the data after receiving it. Meanwhile, the encrypted data in transit remains incomprehensible to third parties.
- Nonrepudiation: Public-key encryption has a security mechanism called nonrepudiation that prevents data alteration and ensures that no party can deny that they received/sent a message via encryption.
Public-Key Cryptography vs. Private Key Cryptography
Unlike a public-key encryption system, symmetric or private key cryptography involves the sender and receiver sharing a single, common key that encrypts and decrypts messages. Thus, symmetric key encryption algorithms create a block cipher of a fixed length of bits with a secret key that the sender uses to encrypt data and the recipient uses to decode or decrypt it. A classic example of private key cryptography is the AES or Advanced Encryption Standard established by the National Institute of Standards and Technology (NIST) in November 2001.
So, what are the key differences between public-key cryptography and private key cryptography? The following table highlights the distinctions.
|Public-Key Cryptography||Private-Key Cryptography|
|A public key/two key cryptography system involving two keys.||A secret/single key cryptography system using only one key.|
|Anybody can use the public key to encrypt data whereas only the recipient knows the private key and uses it for data decryption.||Both the sender and the receiver share the same key.|
|Parties are not equal, hence asymmetric.||Symmetric because parties are equal.|
|The party that encrypts messages cannot decrypt messages.||Since parties are equal, the receiver can forge a message and falsely claim it is sent by the sender.|
The RSA Algorithm Behind Public-Key Encryption
The RSA algorithm is a widely used asymmetric cryptographic algorithm relying on a public key and a private key to encrypt and decrypt messages. Created in 1978, the RSA algorithm is named after Ron Rivest, Adi Shamir, and Leonard Adleman, its inventors.
Here’s a simplified explanation of how the RSA algorithm in public-key encryption works:
1. Generation of keys
- Select two large prime numbers ‘p’ and ‘q.’
- Calculate n = p*q
- Find out the totient function: Φ(n) = (p-1)(q-1)
- Now, select an integer ‘e’ which is co-prime to Φ(n) and 1 < e < Φ(n).
- The pair (n,e) is the public key.
- Now, calculate ‘d’ such that d.e = 1 mod Φ(n) or 1 mod (p-1)(q-1)
- Use the extended Euclidean algorithm to find out d. The private key is the pair (n,d).
- A given plaintext ‘P’ is a series of numbers less than n. If the ciphertext is ‘C,’ the encryption is done using the following mathematical step:
C = Pe mod n
- The plaintext can be retrieved using the private key (n,d) in the following step:
P = Cd mod n
The following pseudocode is an example of the RSA algorithm in action:
int x = 61, int y = 53;
int n = x * y;
// n = 3233.
// compute the totient, phi
int phi = (x-1)*(y-1);
// phi = 3120.
int e = findCoprime(phi);
// find an ‘e’ which is > 1 and is a co-prime of phi.
// e = 17 satisfies the current values.
// Using the extended euclidean algorithm, find ‘d’ which satisfies
// this equation:
d = (1 mod (phi))/e;
// d = 2753 for the example values.
public_key = (e=17, n=3233);
private_key = (d=2753, n=3233);
// Given the plaintext P=123, the ciphertext C is :
C = (123^17) % 3233 = 855;
// To decrypt the cypher text C:
P = (855^2753) % 3233 = 123;
Private key cryptography is the traditional encryption system. However, it leaves transmitted messages vulnerable to interception by third parties because a single secret key encrypts and deciphers the data. Thus, cryptologists developed the public-key cryptography system to address the limitation of the conventional system. In public-key cryptography, the sender encrypts the message using a public key, whereas the receiver can decode the message with a private key available only with the receiver. As a result, third parties cannot read the message in transit because only the receiver’s private key can decipher it. Public-key cryptography systems mostly use the RSA algorithm and play a vital role in modern encryption technologies.
Join upGrad in Your Journey Towards Becoming a Data Security Professional
Are you looking for a comprehensive platform to learn data security? Your search ends with the Cybersecurity Certificate Program from upGrad in partnership with Purdue University. The 8-months online course is suitable for entry-level to mid-level IT professionals, technical professionals, tech support professionals, analysts, engineers, and fresh graduates.
- Certificate of recognition from upGrad and Purdue University
- 300+ learning hours, 15+ live sessions, and four projects
- Comprehensive syllabus covering cryptography and encryption
- Learn relevant programming languages and tools
- Industry and peer networking
- 360-degree learning support