What are the advantages and disadvantages of public key
cryptography compared with secret key cryptography ?
Answer / prashant
The primary advantage of public-key cryptography is
increased security and convenience: private keys never need
to transmitted or revealed to anyone. In a secret-key
system, by contrast, the secret keys must be transmitted
(either manually or through a communication channel), and
there may be a chance that an enemy can discover the secret
keys during their transmission.
Another major advantage of public-key systems is that they
can provide a method for digital signatures. Authentication
via secret-key systems requires the sharing of some secret
and sometimes requires trust of a third party as well. As a
result, a sender can repudiate a previously authenticated
message by claiming that the shared secret was somehow
compromised by one of the parties sharing the secret. For
example, the Kerberos secret-key authentication system
involves a central database that keeps copies of the secret
keys of all users; an attack on the database would allow
widespread forgery. Public-key authentication, on the other
hand, prevents this type of repudiation; each user has sole
responsibility for protecting his or her private key. This
property of public-key authentication is often called non-
repudiation.
A disadvantage of using public-key cryptography for
encryption is speed: there are popular secret-key
encryption methods that are significantly faster than any
currently available public-key encryption method.
Nevertheless, public-key cryptography can be used with
secret-key cryptography to get the best of both worlds. For
encryption, the best solution is to combine public- and
secret-key systems in order to get both the security
advantages of public-key systems and the speed advantages
of secret-key systems. The public-key system can be used to
encrypt a secret key which is used to encrypt the bulk of a
file or message. Such a protocol is called a digital
envelope, which is explained in more detail in Question 16
in the case of RSA.
Public-key cryptography may be vulnerable to impersonation,
however, even if users' private keys are not available. A
successful attack on a certification authority (see
Question 127) will allow an adversary to impersonate
whomever the adversary chooses to by using a public-key
certificate from the compromised authority to bind a key of
the adversary's choice to the name of another user.
In some situations, public-key cryptography is not
necessary and secret-key cryptography alone is sufficient.
This includes environments where secure secret-key
agreement can take place, for example by users meeting in
private. It also includes environments where a single
authority knows and manages all the keys, e.g., a closed
banking system. Since the authority knows everyone's keys
already, there is not much advantage for some to
be "public" and others "private." Also, public-key
cryptography is usually not necessary in a single-user
environment. For example, if you want to keep your personal
files encrypted, you can do so with any secret-key
encryption algorithm using, say, your personal password as
the secret key. In general, public-key cryptography is best
suited for an open multi-user environment.
Public-key cryptography is not meant to replace secret-key
cryptography, but rather to supplement it, to make it more
secure. The first use of public-key techniques was for
secure key exchange in an otherwise secret-key system
[DH76]; this is still one of its primary functions. Secret-
key cryptography remains extremely important and is the
subject of much ongoing study and research. Some secret-key
cryptosystems are discussed in the sections on block
ciphers and stream ciphers.
Is This Answer Correct ? | 10 Yes | 4 No |
What happens if my key is lost ?
What is Ciphertext?
what is pretty good privacy?
Who needs a key pair ?
How to change the encrypted file icon?
What is the difference between hardware and software encryption?
What is the Popular Symmetric-Key Encryption Method
How to change the location of the Kryptel (Silver Key) program group?
How to remove the Kryptel (Silver Key) icon from the desktop?
How does one find random numbers for keys ?
What happens if a private key is compromised ?
what is trapdoor and how does it works?