8.4 Asymmetric encryption

If you imagine a padlock, it consists of a bolt, a key, and a locking mecha- nism. Each padlock is unique. They all have different keys and different locking mechanisms. The way these padlocks are made in the factory, it is impossible to guess the shape of the key by simply looking at the locking mechanism. It is possible to close the bolt on the padlock without having a key. This makes it much more secure than the previous encryption methods described, which would be more akin to a combination lock, where the combination needs to be set when inserting the bolt into the lock.

Now imagine three people: a tourist, a travel agent, and a thief. The tourist wants to send $1,000 to the travel agent, but if the thief gets to the key before the travel agent, he will steal the money. If the tourist were to put the money in a box and then lock it, the travel agent would not have a way to reopen the box if she did not have the key. If the key were to be sent, the thief would surely steal the key and the money before anyone knew what had happened.

The solution is that the tourist asks the travel agent to send him an open padlock and keep the key. The tourist then puts the money in the box, locks it, and sends it back. The travel agent still has the key, so she can open the

8.5 Using RSA as asymmetric encryption 213

box and bank the money. The thief may have seen the padlock, and may even have been able to examine the locking mechanism, but he could not open it.

In this case, the padlock key is called the private key , and the locking mechanism is the public key . In computing, the padlocks become one-way mathematical equations, and the keys become numbers.

An example of a one-way mathematical equation is as follows:

A prime number is a number that is divisible only by itself and 1 (e.g., 13). Given a number z , which is a product of two prime num- bers x and y , determine the values of x and y , where neither x nor y is equal to 1.

For example, what two numbers multiply to give 22,321? To solve this problem by hand, you could multiply every prime number

between 1 and 149 (square root of 22,321). Other techniques to factor large primes exist, but this would take a computer merely seconds to do; however, if the number to be factored was in the order of billions, it no longer remains feasible for desktop PCs to solve.

The Rivest-Shamir-Adleman (RSA) is quite slow in comparison to most of the shared key (symmetrical) encryption technologies available. In a sys- tem using a combination of public key and shared key, overall encryption speed can be increased.

If a message is encrypted with the Triple Data Encryption Standard (3DES), then the key is encrypted with RSA. The same level of security is offered, but with a much faster execution.