- Another major advantage of public-key systems is that they can provide a method for digital signatures. - Authentication via secret-key systems requires the sharing of some secret and sometimes requires trust of a. - For example, the Kerberos secret-key. - Public-key authentication, on the other hand, prevents this type of repudiation. - This property of public-key. - Secret-key authentication systems such as Kerberos were designed to authenticate access to network resources, rather than to authenticate documents, a task which is better achieved via digital signatures.. - A disadvantage of using public-key cryptography for encryption is speed:. - there are popular secret-key encryption methods which are significantly faster than any currently available public-key encryption method. - public-key cryptography can share the burden with secret-key cryptography to get the best of both worlds.. - For encryption, the best solution is to combine public- and secret-key systems in order to get both the security advantages of public-key systems and the speed advantages of secret-key systems. - The public-key system can be used to encrypt a secret key which is then used to encrypt the bulk. - This is explained in more detail in Question 2.12 in the case of RSA. - Public-key cryptography is not meant to replace secret-key cryptography, but rather to supplement it, to make it more secure. - The first use of public-key techniques was for secure key exchange in an otherwise secret-key system [29]. - Secret-key cryptography remains extremely important and is the subject of much ongoing study and research. - Some secret-key encryption systems are discussed in Questions 5.1 and 5.5.. - Many secret-key cryptosystems have been patented, including DES (see Question 5.1). - The basic ideas of public-key cryptography are contained in U.S. - patents are held by Public Key Partners (PKP), of Sunnyvale, California, which also holds the rights to the RSA patent (see Question 2.19).. - Usually all of these public-key patents are licensed together.. - All legal challenges to public-key patents have been settled before. - In a recent case, for example, PKP brought suit against the TRW Corporation which was using public-key cryptography (the ElGamal system) without a license. - Some patent applications for cryptosystems have been blocked by intervention by the NSA (see Question 7.3) or other intelligence or defense agencies,. - the National Security Agency (NSA, see Question 7.3) may become directly involved at this point. - one agreement was reached that allows simplified procedures for export of two bulk encryption ciphers, RC2 and RC4 (see Question 8.6), when the key size is limited. - The Board is an official advisory board to NIST (see Question 7.1) whose members are drawn from both the government and the private sector. - RSA is a public-key cryptosystem for both encryption and authentication;. - The public key is the pair (n,e). - mod n, where e and n are Bob's public key. - is recovered: m = s^e mod n, where e and n belong to Alice's public key.. - RSA, and public-key cryptography in general, is best suited for a multi-user environment. - Also, any system in which digital signatures are desired needs RSA or some other public-key system.
Xem thử không khả dụng, vui lòng xem tại trang nguồn hoặc xem
Tóm tắt