Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Public key cryptography > Public key algorithms - Pg. 811

Authentication Asymmetric keys are also useful for authentication. What happens if you encrypt a message using your own private key is shown in Figure A-7. Encrypted message Clear text message Decryption algorithm Internet ?a4$*@"z Encryption algorithm Clear text message Public Key Private Key Figure A-7 Public-key cryptography: encryption using a private key results in authentication As stated earlier, this indicates that anybody with access to your public key (and that should be anyone) would be able to decipher the message. This type of encryption, therefore, is obviously of no use to hide a message. By encrypting a message with your private key, a receiver must use your public key to decipher it, and that is the point: it proves that the message could only have come from you. Public key algorithms Asymmetric encryption algorithms, commonly called Public Key Cryptography Standards (PKCS), are based on mathematical algorithms. The basic idea is to find a mathematical problem that is hard to solve. The algorithm in most widespread use today is RSA. However, some companies have begun to implement public-key cryptosystems based on so-called elliptic curve algorithms. With the growing proliferation of IPSec, the Diffie-Hellman algorithm is gaining popularity. A brief overview of all three methods follows: RSA Invented in 1977 by Rivest, Shamir, and Adleman (who formed RSA Data Security, Inc.), the idea behind RSA is that integer factorization of very large numbers is extremely hard to do. Key lengths of public and private keys are typically 512 bits, 768 bits, 1024 bits, or 2048 bits. The work factor for RSA with respect to key length is sub-exponential, which means that the effort does not rise exponentially with the number of key bits. It is roughly 2 (0.3*n) . z/OS (both gskkyman and RACF) also support the generation and storage of the Digital Signature Algorithm, or DSA key pairs. DSA asymmetric key generation is a standard published by the US Federal Government. DSA, along with RSA, is currently described in Federal Information Processing Standard, or FIPS 186-3. Public-key cryptosystems based on elliptic curves use a variation of the mathematical problem of finding discrete logarithms. It has been stated that an elliptic curve cryptosystem implemented over a 160-bit field has roughly the same resistance to attack as RSA with a 1024-bit key length. Properly chosen elliptic curve cryptosystems have an Appendix A. Basic cryptography DSA Elliptic Curve 811