Securing your apps with Public Key Cryptography & Digital Signature
Mohit Arora, Freescale Semiconductor
11/22/2011 2:11 PM EST
Public Key Cryptography offers ultimate security being based asymmetric keys; however it does have a specific purpose and is often not a replacement of symmetric crypto algorithms like AES. This article provides some basic information about the security mechanisms behind Public Key Cryptography with practical details on how it is used by some of the popular tools like PGP, SSL as well as Digital Signature.
Public keys and private keys
One of the main problems with symmetric key cryptography is using the same private key for both encryption and decryption. Two parties sending messages to each other must agree to use the same private key before they start transmitting secure information. Since the two parties may be in different parts of the world, private key must be passed through the network.
An interceptor, that manages to get hold of private key somehow, can easily decrypt the encrypted messages. Security of the Private key is the biggest problem with symmetric key cryptography. There need to be a secure way to communicate the private key between the sender and receiver – if there were a secure way to do this, then the cryptography would not have been necessary in the first place in order to create that secure channel.
Public Key Cryptography solves this problem. The primary feature of public-key cryptography is that it removes the need to use the same key for encryption and decryption. With public-key cryptography, keys come in pairs of matched “public” and “private” keys.
The public portion of the key pair can be distributed in a public manner without compromising the private portion, which must be kept secret by its owner.
An operation (for example, encryption) done with the public key can only be undone with the corresponding private key.
E-mail This Article | Printer-Friendly Page |
|
Related Articles
New Articles
- Quantum Readiness Considerations for Suppliers and Manufacturers
- A Rad Hard ASIC Design Approach: Triple Modular Redundancy (TMR)
- Early Interactive Short Isolation for Faster SoC Verification
- The Ideal Crypto Coprocessor with Root of Trust to Support Customer Complete Full Chip Evaluation: PUFcc gained SESIP and PSA Certified™ Level 3 RoT Component Certification
- Advanced Packaging and Chiplets Can Be for Everyone
Most Popular
- System Verilog Assertions Simplified
- System Verilog Macro: A Powerful Feature for Design Verification Projects
- UPF Constraint coding for SoC - A Case Study
- Enhancing VLSI Design Efficiency: Tackling Congestion and Shorts with Practical Approaches and PnR Tool (ICC2)
- PCIe error logging and handling on a typical SoC