# Asymmetric-key Cryptography (Public Key Encryption)

Asymmetric key encryption is a cryptographic system that uses pairs of keys. Public keys can be distributed widely. Private keys can only be known to the owner. This achieves encryption and authentication, where the public key verifies a holder of the paired private key. Any user can encrypt a message by using the receiver’s public key in a public key encryption system. Only one way to decrypt that message is receivers’ private key.

The combination of public and private key pair has economic benefits. The strength of the public key cryptography depends on the computational effort that is necessary to find the private key from the paired public key. Since effective security is only needed for a private key while the public key can be opened without any restrictions of security. The public key cryptography system basically depends on cryptographic algorithms, basic mathematical problems which have no efficient solution such as,

- integer factorization
- elliptic curve relationships
- discrete logarithm

Public key algorithms, different from private key algorithms, do not need a secure channel for an initial exchange of secret keys between the parties. Asymmetric key encryption is basically used in the exchange of small blocks of data because of its computational complexity.

E.g. session key

The asymmetric key is employed for encryption of long message sequence because of its simplified algorithms so that in the paired public and private key system; public key is used for small data blocks while the private key is used in long data blocks.

### Few algorithms applied to Asymmetric-key encryption.

#### RSA

Ron Rivest, Adi Shamir, and Leonard Adleman were the co-founders of RSA algorithm. The name RSA has obtained the first letters of the name of the above developers. The reliability of this algorithm mainly based on the difficulty of factoring very large numbers. RSA is the most ordinary public key algorithm used in nowadays.

As a result of broad cryptanalysis over the past 33 years, several weaknesses of RSA has been detected and diminished successfully. Therefore RSA is a more safe platform of algorithm which provides correct threat mitigations. Due to rapidly developing computing technology some RSA key lengths have been no longer considered as secure. Currently, 1024 bits are used as minimum recommended key length, but it is sensible of using large keys like 2014 bit keys for application which will be used in the future. Moreover in RSA power of two (2) commonly used as key lengths such as 512,1024 and 2048. But this is not intensively essential. Technically each and every implementation has restrictions so that any length of key can be utilized.

E.g. They only accept multiples of 8, 16, 32, or 64 bits.

#### Rabin And Elgamal

This algorithm is consumed in the open-source community and as a default algorithm in the GNU privacy guard which is an alternative open source to Pretty Good Privacy (PGP). Hybrid cryptosystems are used Rabin and Elgamal cryptosystem.

#### Elliptic-curve cryptography

Neal Koblitz and Victor S Miller have introduced the Utilization of the elliptic curves in cryptography in 1985. Usually, they have been taken too much time to execute but practically fit with modern computers, They can be thought of as genuinely secure, but not secure enough RSA.

#### Diffie–Hellman key exchange

It is a commonly utilized public-key algorithm for key transfer. When the use of adequate long keys and standard generators, it is considered as a secure algorithm. The complexity of discrete logarithm problems has affected the security of Diffie Hellman. The United States has claimed the patent of Diffie-Hellman. Generally, secure encrypted correspondence between two parties required that they first transfer keys by some safe physical channel, for example, paper key records transported by a confided in dispatch. The Diffie Hellman key transfer technique permits two gatherings that have no earlier learning of each other to mutually build up a shared secret key over an uncertain channel. This key would then be able to be utilized to encode ensuing correspondences utilizing a symmetric key cipher.

### Strengths of Asymmetric-key cryptography

- The key transfer is not required in asymmetric-key cryptography.
- In asymmetric key cryptography, the private keys are not required to exchange to anyone, as a result of that the security of asymmetric key cryptography is increased.
- It can give digital signatures that can be utilized as a part of later.
- The characteristic of asymmetric key cryptography obtains considerable advantages than symmetric key algorithms. The behavior of unique private and public keys facilitates each user to manage the secure transformation of information without first needing the particular way to secretly exchange the keys. This the major weakness of secret key cryptography which becomes the main advantage of the public key encryption.

### Weaknesses of Asymmetric-key cryptography

- There are many secret-key encryption methods which can be more fast and accurate than public-key cryptography, the mathematical problem of factorization is influence on the security of asymmetric key cryptography; it is not much hard to produce two large prime numbers and to multiply them, but a given a large number that is the product of two prime, that is needed to strong computational power to find the two prime factors.
- Public key cryptography is more computationally expensive than their fellows in secret key cryptography because it’s uniqueness. Asymmetric key should be longer than keys on secret cryptography to acquire an identical security find in secret cryptography as well, keys in asymmetric key cryptography are prone to brute force attacks than keys in secret key cryptography. Not only that algorithms in public key cryptography are cracked easily by attacker than brute force method. Well known broadly consumed RSA has specific algorithm which can prevent from attacks lesser than brute force time. Other algorithm also can protect from brute force attack by creating them as longer keys. But the security of these algorithms are depend on the available computational power of attackers.
- In public key cryptography a third party can pass his or her own public key with a message claiming to original sender. By using this attackers can impersonate members of convention without any acknowledgement of fraud

#### Reference

https://en.wikipedia.org/wiki/Public-key_cryptography

https://developer.mozilla.org/en-US/docs/Archive/Security/Encryption_and_Decryption#Symmetric-Key_Encryption

https://en.wikipedia.org/wiki/Elliptic-curve_cryptography

https://www.cryptopp.com/algorithms.html