Full information security has become one of the main goals of modern society. And it cannot be provided without effective methods of encrypting information. But the classical methods, such as symmetric cryptography, even though they provided a high level of resistance to hacking, but were not very convenient for active and regular use. Therefore, a revolutionary new approach was invented - public key cryptography.
What is it, exactly?
Asymmetric encryption works according to the following principles:
- Generation of a pair of keys - public and private. Knowing the first, it is impossible to pick up the second in a reasonable time. However, having the second, you can create an unlimited number of open ones.
- With the help of open code and well-known encryption methods, information is encrypted in such a way that it can only be decrypted with a closed one.
- The public key can be freely available and distributed through unprotected information transfer channels.
In fact, this is achieved by using a so-called "one-way function". It is so called because it cannot be calculated, even knowing an unlimited number of its possible points. Only the presence of the so-called "loophole" - the private key - makes this process possible.
Advantages and disadvantages
The advantages of this method of data protection are as follows:
- The ability to transfer information over an unprotected channel.
- Only the sending side should meet high security requirements.
- This method facilitates the process of user authentication.
It also has some rather significant disadvantages:
- This algorithm is extremely difficult to change.
- The encryption and decryption process is slow and computationally intensive.
- The keys used in it are much longer than in symmetric encryption.
The length is larger due to the fact that there is a direct pattern between the public and private keys, which can be trivially selected. Therefore, for the level of security that gives a symmetric key with a length of 128 bits (the minimum actually used), an asymmetric key of the order of 2304 bits is required. It is inconvenient to work with such sizes, so the process is generally slower.
In addition, despite its high stability, this method of encoding information can still be hacked. Two methods are most often used.
The first is the actual computation of a private key from known public keys. If the algorithm used is known and the hacker has several ciphertexts at his disposal, then hacking becomes technically possible. Especially with the use of modern technological tools.
The second is the wedging of a third party into the process of transferring encrypted data, replacing the transmitted public keys with their own and decrypting messages at the expense of their own private ones. However, this method does not work in a situation where secure certificates are used.
Asymmetric encryption and the Bitcoin blockchain
Despite the fact that Bitcoin uses pairs of public and private keys, it does not specifically use asymmetric encryption. In contrast to the second common practical application of asymmetric cryptography - digital signatures. That means, any message within the blockchain may not be encrypted, but is necessarily digitally signed as an identifier. This is because the more secure ECDSA algorithm is used, which does not provide additional encoding, in contrast to the simpler but functional RSA algorithm.
Modern use
At the current moment, the most famous options for using such encryption methods are as follows:
- RSA is an algorithm suitable for generating digital signatures and encrypting information. Underlies asymmetric cryptography in general.
- DSA is the basic algorithm for generating digital signatures without additional encoding. It is the basis for FIPS-186-4, the official digital signature standard in the United States.
- ECDSA is the most common digital signature creation algorithm.
- GOST 34.10-2018 is the Russian standard for electronic digital signatures.
In addition, similar encryption methods are used to create hybrid systems that combine the best of the two existing methods of encoding information. As examples, we can name Security Sockets Layer (SSL) and Transport Layer Security (TLS), which formed the basis for creating secure communication channels on the Internet. In particular, the HTTPs protocol.