hybrid cryptograph
TRANSCRIPT
7/27/2019 Hybrid Cryptograph
http://slidepdf.com/reader/full/hybrid-cryptograph 1/8
A Hybrid Cryptosystem Solution
Cryptograhy is the science of keeping data secure. Encryption is the process of using
cryptography to encode data so that it’s meaning is not immediately obvious. There are
two main types of cryptography that are used, symmetric and asymmetric. It is also
possible to use a hybrid of the two; Hybrid Cryptosystem Solution is an example of this.
Symmetric and asymmetric cryptography both have advantages and disadvantages that
will be discussed in this paper. Hybrid Cryptosystem Solution brings the best of each
together and also works to minimize the disadvantages. This will also be discussed.
Alice and Bob are often used as examples when cryptography is explained, therefore I
will also use them for most examples.
Cryptographic Terms
Cryptography: process of making and using codes to secure transmission of
information
Encryption: converting original message into a form unreadable by unauthorized
individuals
Every security system must provide a bundle of security functions that can assure the
secrecy of the system. These functions are usually referred to as the goals of the security
system. These goals can be listed under the following five main categories:
Authentication: This means that before sending and receiving data using the
system, the receiver and sender identity should be verified.
Secrecy or Confidentiality: Usually this function (feature) is how most people
identify a secure system. It means that only the authenticated people are able to interpret
the message (date) content and no one else.
Integrity: Integrity means that the content of the communicated data is assured to
be free from any type of modification between the end points (sender and receiver). The basic form of integrity is packet check sum in IPv4 packets.
Non-Repudiation: This function implies that neither the sender nor the receiver
can falsely deny that they have sent a certain message.
7/27/2019 Hybrid Cryptograph
http://slidepdf.com/reader/full/hybrid-cryptograph 2/8
Service Reliability and Availability: Since secure systems usually get attacked by
intruders, which may affect their availability and type of service to their users. Such
systems should provide a way to grant their users the quality of service they expect.
Symmetric Encryption
Symmetric cryptography, also known as conventional or secret encryption, is
when the encryption and decryption keys are the same value. An example of symmetric
cryptography is the Caesar Cipher. When Alice and Bob want to exchange data, they
must first decide upon an algorithm such as the Caesar Cipher. Alice first writes her
message in plaintext, then shifts each letter of her message 3 characters to the left. So, A
becomes D, B becomes E, and so on. Bob knows in order to decrypt the data, he shifts
each ciphertext letter back 3 characters, this then reveals the plaintext. Both Alice and
Bob know that shifting each letter the appropriate direction is the key. Symmetric
encryption is also known as a shared secret cryptography or shared key cryptography because it uses a single “shared” key that is used to encrypt and decrypt the message.
Symmetric encryption: uses same “secret key” to encipher and decipher message
7/27/2019 Hybrid Cryptograph
http://slidepdf.com/reader/full/hybrid-cryptograph 3/8
Encryption methods can be extremely efficient, requiring minimal
processing
Both sender and receiver must possess encryption key
If either copy of key is compromised, an intermediate can decrypt and readmessages
Advantages to using symmetric encryption:
Data is encrypted very quickly.
Provides authentication, as long as the key stays secret
Symmetry of key allows encryption and decryption with the
same key
Disadvantages of symmetric encryption:
If the key is revealed (lost, stolen, guessed, etc…) theinterceptors can immediately decrypt anything that was
encrypted using the key. An imposter using an intercepted key
can produce bogus messages by impersonating the legitimate
sender.
Distribution of keys becomes a problem, especially if keys
change frequently. Keys must be transmitted with extreme
security because they allow access to all the information
encrypted with them. For applications that extend throughout
the world, this can be a very complex task.
Asymmetric Encryption
Asymmetric encryption (public-key encryption)
Uses two different but related keys; either key can encrypt or decrypt
message
If Key A encrypts message, only Key B can decrypt
Highest value when one key serves as private key and the other serves as
public key
Asymmetric encrypt ion, also known as public key encryption, is encryption that uses
two different keys for encrypt ion and decryption. One key is a public key that can be
distributed to anyone. The other is a mathematically related key called a private key or
secret key. This is a key that should be kept secret from the world. Only the owner
7/27/2019 Hybrid Cryptograph
http://slidepdf.com/reader/full/hybrid-cryptograph 4/8
should have access to the private key or any back - up copies of it. One should protect
his/her secret key in the same manner that they would treat their bank PIN or credit card
information.
Advantages to using asymmetric encryption:
For any number n users (represented as “n”), only 2*n, (N=2 *n)
keys are required instead of n*(n - 1)/ 2 as with symmetric
encryption. In other words when n=3, N=6, when n=4, N=8, and
when n=10, N=20. In asymmetric encryption, each user only has
1 key pair. This means only a person’s public key is exchanged
and each group of people do not need separate keys.
The problem of distributing keys is solved because a user’s
public key can be shared by anyone.
Disadvantages of using asymmetric encryption:
Only a few public key algorithms are both secure and practical
Some algorithms are only suitable for key distribution
Slow: 100 - 1000 times slower than symmetric algorithms (RSA
vs. DES)
Only three algorithms work well for both key distribution and
encryption: RSA, ElGamal, Rabin.
7/27/2019 Hybrid Cryptograph
http://slidepdf.com/reader/full/hybrid-cryptograph 5/8
Hybrid Encryption SolutionIn cryptography, public-key cryptosystems are convenient in that they do not
require the sender and receiver to share a common secret in order to communicate
securely (among other useful properties). However, they often rely on complicated
mathematical computations and are thus generally much more inefficient than
comparable symmetric-key cryptosystems. In many applications, the high cost of
encrypting long messages in a public-key cryptosystem can be prohibitive. A hybrid
cryptosystem is one which combines the convenience of a public-key cryptosystem with
the efficiency of a symmetric-key cryptosystem.
7/27/2019 Hybrid Cryptograph
http://slidepdf.com/reader/full/hybrid-cryptograph 6/8
A hybrid cryptosystem can be constructed using any two separate cryptosystems:
a key encapsulation scheme, which is a public-key cryptosystem, and
a data encapsulation scheme, which is a symmetric-key cryptosystem.
The hybrid cryptosystem is itself a public-key system, whose public and private keys
are the same as in the key encapsulation scheme.
Note that for very long messages the bulk of the work in encryption/decryption is
done by the more efficient symmetric-key scheme, while the inefficient public-key
scheme is used only to encrypt/decrypt a short key value.
7/27/2019 Hybrid Cryptograph
http://slidepdf.com/reader/full/hybrid-cryptograph 7/8
Example for H ybr id System
To encrypt a message addressed to Alice in a hybrid cryptosystem, Bob does the
following:
1. Obtains Alice's public key.
2. Generates a fresh symmetric key for the data encapsulation scheme.
3. Encrypts the message under the data encapsulation scheme, using the symmetric
key just generated.
4. Encrypt the symmetric key under the key encapsulation scheme, using Alice's
public key.
5. Send both of these encryptions to Alice.
To decrypt this hybrid ciphertext, Alice does the following:
1. uses her private key to decrypt the symmetric key contained in the key
encapsulation segment.
2. uses this symmetric key to decrypt the message contained in the data
encapsulation segment.
7/27/2019 Hybrid Cryptograph
http://slidepdf.com/reader/full/hybrid-cryptograph 8/8
Advantages to using Hybrid
The combination of these two encryption methods combines the convenience of
public - key encryption with the speed of conventional encryption.
Using Conventional encryption is about 100 to 1,000 times faster than public - key
encryption, which solves the problem of slow encryption with asymmetric
algorithms.
Public- key encryption provides a solution to key distribution and data
transmission issues when using symmetric encryption.
When used together, performance and key distribution are improved without any
sacrifice in security.
It ties together the advantages of public key and symmetric cryptography, while
also providing a feasible solution to the disadvantages of both.
Hybrid Cryptosystem is a powerful hybrid cryptosystem that combines the
advantages of both symmetric and asymmetric cryptography. At the same time,
Hybrid Cryptosystem minimizes the disadvantages of each system.