5 Asymmetric encryption
This chapter covers
- Introducing the key-distribution problem
- Demonstrating asymmetric encryption with the cryptography package
- Ensuring non-repudiation with digital signatures
In the previous chapter you learned how to ensure confidentiality with symmetric encryption. Symmetric encryption unfortunately is no panacea. By itself, symmetric encryption is unsuitable for key-distribution, a classic problem in cryptography. In this chapter you learn how to solve this problem with asymmetric encryption. Along the way, you learn more about a Python package named cryptography. Finally, I show you how to ensure non-repudiation with digital signatures.
5.1 Key-distribution problem
Symmetric encryption works great when the encryptor and decryptor are the same party but it doesn’t scale well. Suppose Alice wants to send Bob a confidential message. She encrypts the message and sends the ciphertext to Bob. Bob needs Alice’s key to decrypt the message. Alice now has to find a way to distribute the key to Bob without Eve, an eavesdropper, intercepting the key. Alice could encrypt her key with a second key, but how does she safely send the second key to Bob? Alice could encrypt her second key with a third key, but how does she … you get the point. Key distribution is a recursive problem.