IJSTE - International Journal of Science Technology & Engineering | Volume 2 | Issue 11 | May 2016

ISSN (online): 2349-784X

Public Key Cryptology An Art of Keeping

Secrecy and Authenticity
Dr. Sangeetha Jose
Assistant Professor
Department of Information Technology
Government Engineering College Idukki

Sudin S.
H. O. D & Assistant Professor
Department of Mathematics
Government Engineering College Idukki

Abstract
Cryptology consists of several mechanisms which ensure confidentiality and authenticity of the data. The fundamental objective
of cryptology is the secure communication between sender and receiver through insecure channel. Modern cryptosystems can be
broadly categorized in to secret key (symmetric) and public key (asymmetric) cryptosystems based up on the key which is used
for data transmission. This paper focuses on the discussion of different categories of public key cryptosystems with its merits and
demerits.
Keywords: Authenticity, Confidentiality, Encryption, Cryptology, Security, Signature
________________________________________________________________________________________________________
I.

INTRODUCTION

Malicious entities may eagerly listen to the communication between two entities. Cryptology plays a pivotal role in providing
security and authenticity of the data. Cryptology consists of cryptography and cryptanalysis. Cryptography is the study of hiding
information while ensuring integrity, confidentiality, authenticity and privacy of the data. Cryptanalysis refers to the study of the
existing cryptosystems in order to identify the weakness of the design of the cryptosystems. The fundamental objective of
cryptology is the secure communication between the two entities called sender and receiver through insecure channel.
Cryptography makes use of extensive usage of different mathematical areas especially the number theoretic concepts [1].
Encryption and digital signatures are the critical primitives in cryptography. Encryption ensures the confidentiality of the data
while digital signature sustains the authentication and non-repudiation. Modern cryptosystems are broadly classified in to secret
key (symmetric) and public key (asymmetric) cryptosystems based up on the type of the key. These cryptosystems help us to
achieve different security goals such as confidentiality, integrity, authentication, non-repudiation and access control. This motivate
us for a detailed study on various categories of modern cryptosystems especially on public key cryptosystems which overcome
security hurdles and provide security services.
This paper is organised as follows. Section II describes the related works in cryptology. Section III discusses categories of
cryptosystems along with its merits and demerits. Section IV concludes with its future research scope.
II. RELATED WORKS
Security of cryptosystems can be evaluated with mainly two frameworks: computational security and unconditional security [2].
A cryptosystem is known to be computationally secure if the best algorithm for breaking that cryptosystem requires very large
number of operations. In other words, even by applying best known method, a large amount of computer time is required to break
the cryptosystem. Provable security is the technique with which we can check that a cryptosystem is computationally secure or not
[3].
As shown in figure 1, the security proof of provable security is given in such a way that if the cryptosystem can be broken in
some specific way, then it would be possible to efficiently solve some well-studied hard problems that are considered to be difficult
to solve in polynomial time. In other words, there is no known deterministic polynomial time solution for the hard problem
assumptions like integer factorisation, discrete logarithm problem (DLP) etc. That is, we need to solve some hard problems in
order to break the designed cryptosystem.

All rights reserved by www.ijste.org

32

Public Key Cryptology An Art of Keeping Secrecy and Authenticity

(IJSTE/ Volume 2 / Issue 11 / 005)

Fig. 1: Provable security

Since there is no polynomial time algorithm exists to solve these problems, the cryptosystem is considered to be computationally
secure. These kinds of cryptosystems are known as provably secure cryptosystems. This approach does not provide absolute proof
of security, but provides proof of security relative to some hard problem. This is similar to proving NP (non-deterministic
polynomial time) - completeness of a given problem which shows that the given problem is at least as difficult as the other existing
NP - complete problems. If a cryptosystem cannot be broken even with infinite computational resources, then that cryptosystem is
known to be unconditionally secure. Shannon [4] proved that only one-time pad is secure against adversaries having infinite
computational power.
Modern cryptography can be broadly classified as secret (symmetric) key cryptosystems and public (asymmetric) key
cryptosystems based up on the key which is used for data transmission [5].
Secret Key Cryptosystems
Secret (symmetric) key cryptosystem is the one in which both sender (Alice) and receiver (Bob) use the same secret key (K) for
data transmission. In these cryptosystems, secret key has to be shared among sender and receiver prior to the communication. This
requires a secure channel and if the sender and the receiver are geographically far apart, it seems to be a cumbersome task to
achieve. Secret key cryptosystem is shown in Figure 2.

Fig. 2: Secret (symmetric) key cryptosystem

Public Cryptosystems
In order to surmount the drawbacks of symmetric key cryptosystems, a new concept called public (asymmetric) key cryptosystems
or public key cryptosystems was emerged. It was put forward by Diffie and Hellman [6]. In public key cryptosystems both sender
(Alice) and receiver (Bob) have public and private keys (as in figure 3) where public keys are known to everyone and private keys
are secret.

All rights reserved by www.ijste.org

33

Public Key Cryptology An Art of Keeping Secrecy and Authenticity

(IJSTE/ Volume 2 / Issue 11 / 005)

Fig. 3: Asymmetric keys in public (asymmetric) key cryptosystem

Data can be transmitted securely by using the public key of the receiver and can be retrieved by using the private key of the
receiver as shown in figure 4. The binding of the keys is in such a way that even if the public key is exposed, the private key cannot
be obtained. Here, there is no need to share the secret key prior to the data transmission. Rivest et al. [7] proposed the first known
public key cryptosystem called RSA (Rivest, Shamir and Adleman) cryptosystem. They received Turing award for their
contributions to public key cryptography.

Fig. 4: Asymmetric (public) key cryptosystem

III. A DETAILED STUDY ON CATEGORIES OF PUBLIC KEY CRYPTOSYSTEMS

Public key cryptosystem is broadly classified in to public key infrastructure based cryptosystem, identity based cryptosystem and
certificate less cryptosystem based up on the management of the keys.
Public Key Infrastructure (PKI) Based Cryptosystem
Since public key is made available in an open source, ensuring the authenticity of public keys is the prime challenge in public key
cryptosystems. Hence public key should be authenticated by a certifying authority (CA) which is considered to be a trusted party.
Figure 5 illustrates the process of certificate generation. User generated public key is submitted to the registration authority (RA)
and after verifying the identity of the user, registration authority forwards it to certifying authority (CA). Certifying authority issues
certificates which binds public key with the user and the public key cryptosystem uses certificate to ensure the authenticity of the
public key of the user. This type of cryptosystem is known as public key infrastructure (PKI) based cryptosystem [8].

All rights reserved by www.ijste.org

34

Public Key Cryptology An Art of Keeping Secrecy and Authenticity

(IJSTE/ Volume 2 / Issue 11 / 005)

Fig. 5: Certificate Generation

PKI is a secure system that is required to manage and control certificates. If sender wants to transfer encrypted data to a receiver,
sender must make sure that he/she is using the correct public key of the receiver which is not a manipulated key by the adversary.
For each transaction the validity of the certificate has to be verified by the sender, since public key of the receiver has to be
authenticated. This can be done with the help of certifying authority which keeps certificate revocation lists (CRL) and certificates
in the directory. Figure 6 illustrates the certificate management in a public key infrastructure based cryptosystem. Certificate
generation and certificate management are costlier processes and hence it causes overhead. Hence researchers started their work
to find out a new cryptosystem which does not require any certificates.

Fig. 6: Certificate Management

Identity (ID) Based Cryptosystem

Identity (ID) based cryptosystem removes the need of certificates where users unique identity like email id is used as a public key
which is publicly known. Shamir [9] proposed this concept in 1984 and Boneh and Franklin [10] (based on pairing) and Cocks
[11] (based on quadratic residues) designed the ID based cryptosystems in 2001.

All rights reserved by www.ijste.org

35

Public Key Cryptology An Art of Keeping Secrecy and Authenticity

(IJSTE/ Volume 2 / Issue 11 / 005)

Fig. 7: Identity (ID) Based Cryptosystem

In the ID based system, the secret (private) key is generated by a trusted third party called private key generator (PKG). User has
to submit the public key (i.e, identity) to the PKG. PKG uses his master private key and generates the private key for the user. This
leads to key escrow problem if PKG is malicious. That is, PKG knows the secret keys of all users and hence he can impersonate
any user. Hence PKG should be assumed to be a trusted party. This is the major drawback of ID based system. Figure 7 elaborates
identity (ID) based cryptosystem.
Certificate less Cryptosystem
Certificate less cryptosystem overcomes the shortcomings of both PKI (overhead of certificate management) and ID based
cryptosystems (key escrow problem). Al-Riyami and Paterson [12] proposed this new system in 2003 which does not require any
certificates as in PKI based cryptosystem and also surmounts the key escrow problem.

Fig.8. Certificate less Cryptosystem

As in the figure 8, certificate less cryptosystem requires a trusted third party called key generation centre (KGC) similar to PKG.
KGC generates only partial information (partial private key is computed by using identity of the user) for making the private
(secret) key of the user. The private key of a user is generated by the partial private key from KGC and by the secret value from
the user. Therefore, KGC alone cannot generate private key of the user and thus avoids key escrow problem. User binds his secret
value to his public key. Partial private key consists of identity of the user. Therefore, certificate less cryptosystem does not require
any certificate to authenticate public key as well as it overcomes key escrow problem because KGC does not know the private key
of the user.
IV. CONCLUSION AND FUTURE SCOPE
In this paper we discussed the classification of public key cryptosystems based up on the management of the keys. We also
discussed about its merits and demerits. From the study we could analysed that certificate less cryptosystems are better than other
cryptosystems because it overcomes the demerits of both PKI and ID based cryptosystems. Even though symmetric key
cryptosystems are faster than public key cryptosystems, authenticity and non-repudiation can only be achieved with the help of
public key cryptosystems. Hence a detailed study on the categories of public key cryptosystems is very much essential to keep the
security and authenticity of different real world problems.

All rights reserved by www.ijste.org

36

Public Key Cryptology An Art of Keeping Secrecy and Authenticity

(IJSTE/ Volume 2 / Issue 11 / 005)

REFERENCES
Menezes, A. J., S. A. Vanstone, and P. C. V. Oorschot, Handbook of applied cryptography, CRC Press, Inc., Boca Raton, FL, USA, 1996, 1st edition.,ISBN
0849385237, 87132.
[2] Stinson, D., Cryptography: Theory and Practice, Third Edition,Taylor & Francis, 2005. ISBN 9781584885085, 119139. URL
http://books.google.co.in/books?id=uhl_kYfpgo4C
[3] Goldwasser, S. and S. Micali, Probabilistic encryption, Journal of Computer System Sciences, 28(2), 270299, 1984. ISSN 0022-0000.URL
http://www.sciencedirect.com/science/article/pii/00220000 84 900709.\
[4] Shannon, C., Communication theory of secrecy systems, Bell System Technical Journal, 28, 656715. URL http://www.bibsonomy.
org/bibtex/2b07c0c91f6c750562d884d919065a6e8/nmenke.
[5] Stallings, W., Cryptography and network security: Principles and practice, Pearson Education, 2002, 3rd edition. ISBN 0130914290, 2631.
[6] Diffie,W. and M. E. Hellman, New directions in cryptography, In IEEE Transactions on Information Theory, volume 22. IEEE Press, Piscataway, NJ,
USA, 1976, 644654. URL http://dx.doi.org/10.1109 / TIT. 1976.1055638.
[7] Rivest, R. L., A. Shamir, and L.M.Adleman, A Method for Obtaining Digital Signatures and Public-Key Cryptosystems, volume 21, ACM, New York,
NY, USA, 1978, 120126. URL http://doi.acm.org/10.1145/359340.359342.
[8] Vacca, J., Public Key Infrastructure: Building Trusted Applications and Web Services, Information security books. Auerbach Publications/CRC Press LLC,
2004. ISBN 9780849308222, 89. URL http://books.google. com.ng /books?id=tlbzmAEACAAJ.
[9] Shamir, A., Identity-based cryptosystems and signature schemes, In Proceedings of CRYPTO84 on Advances in Cryptology. Springer-Verlag New York,
Inc., New York, NY, USA, 1985. ISBN 0-387-15658-5, 4753. URL http://dl.acm.org/citation.cfm?id=19478.19483.
[10] Boneh, D. and M. K. Franklin, Identity-Based Encryption from the Weil Pairing (Extended Abstract), In J. Kilian (ed.), CRYPTO, volume 2139 of Lecture
Notes in Computer Science. Springer, 2001. ISBN 3-540-42456-3, 213229.
[11] Cocks, C., An Identity Based Encryption Scheme Based on Quadratic Residues, In B. Honary (ed.), IMA Int. Conf., volume 2260 of Lecture Notes in
Computer Science. Springer, 2001. ISBN 3-540-43026-1, 360363.
[12] Al-Riyami, S. S. and K. G. Paterson, Certificateless Public Key Cryptography. In C.-S. Laih (ed.), ASIACRYPT, volume 2894 of Lecture Notes in Computer
Science. Springer, 2003. ISBN 3-540-20592-6, 452473.
[1]

All rights reserved by www.ijste.org

37