Chapter 4
Public Key Crypto
You should not live one way in private, another in public.
—Publilius Syrus
Three may keep a secret, if two of them are dead.
—Ben Franklin
4.1 Introduction
In this chapter, we delve into the remarkable subject of public key cryptography. Public key crypto is sometimes know as asymmetric cryptography, or two key cryptography, or even non-secret key cryptography, but we’ll stick with public key cryptography.
In symmetric key cryptography, the same key is used to both encrypt and decrypt the data. In public key cryptography, one key is used to encrypt and a different key is used to decrypt and as a result, the encryption key can be made public. This eliminates one of the most vexing problems of symmetric key crypto, namely, how to securely distribute the symmetric key. Of course, there is no free lunch, so public key crypto has its own issues when it comes to dealing with keys (see the section on public key infrastructure, below). Nevertheless, public key crypto is a big “win” in many real-world applications.
Actually, public key cryptography is usually defined more broadly than the two-key encryption and decryption description given in the previous paragraph. Any system that has cryptographic application and involves some crucial information being made public is likely to be considered a public key cryptosystem. For example, one popular public key system discussed in this chapter can only be used to establish a shared symmetric, not to encrypt or decrypt ...
