5 Asymmetric encryption

 

This chapter covers

  • Introducing the key-distribution problem
  • Demonstrating asymmetric encryption with the cryptography package
  • Ensuring nonrepudiation with digital signatures

In the previous chapter, you learned how to ensure confidentiality with symmetric encryption. Symmetric encryption, unfortunately, is no panacea. By itself, symmetric encryption is unsuitable for key distribution, a classic problem in cryptography. In this chapter, you’ll learn how to solve this problem with asymmetric encryption. Along the way, you’ll learn more about the Python package named cryptography. Finally, I’ll show you how to ensure nonrepudiation with digital signatures.

5.1 Key-distribution problem

Symmetric encryption works great when the encryptor and decryptor are the same party, but it doesn’t scale well. Suppose Alice wants to send Bob a confidential message. She encrypts the message and sends the ciphertext to Bob. Bob needs Alice’s key to decrypt the message. Alice now has to find a way to distribute the key to Bob without Eve, an eavesdropper, intercepting the key. Alice could encrypt her key with a second key, but how does she safely send the second key to Bob? Alice could encrypt her second key with a third key, but how does she . . . you get the point. Key distribution is a recursive problem.

5.2 Asymmetric encryption

5.2.1 RSA public-key encryption

5.3 Nonrepudiation

5.3.1 Digital signatures

5.3.2 RSA digital signatures

5.3.3 RSA digital signature verification

5.3.4 Elliptic-curve digital signatures

Summary