A Hybrid Cryptosystem Solution

Cryptograhy is the science of keeping data secure. Encryption is the process of using cryptography to encode data so that its meaning is not immediately obvious. There are two main types of cryptography that are used, symmetric and asymmetric. It is also possible to use a hybrid of the two; Hybrid Cryptosystem Solution is an example of this. Symmetric and asymmetric cryptography both have advantages and disadvantages that will be discussed in this paper. Hybrid Cryptosystem Solution brings the best of each together and also works to minimize the disadvantages. This will also be discussed. Alice and Bob are often used as examples when cryptography is explained, therefore I will also use them for most examples. Cryptographic Terms Cryptography: process of making and using codes to secure transmission of information Encryption: converting original message into a form unreadable by unauthorized individuals Every security system must provide a bundle of security functions that can assure the secrecy of the system. These functions are usually referred to as the goals of the security system. These goals can be listed under the following five main categories: Authentication: This means that before sending and receiving data using the system, the receiver and sender identity should be verified. Secrecy or Confidentiality: Usually this function (feature) is how most people identify a secure system. It means that only the authenticated people are able to interpret the message (date) content and no one else. Integrity: Integrity means that the content of the communicated data is assured to be free from any type of modification between the end points (sender and receiver). The basic form of integrity is packet check sum in IPv4 packets. Non-Repudiation: This function implies that neither the sender nor the receiver can falsely deny that they have sent a certain message.

Service Reliability and Availability: Since secure systems usually get attacked by intruders, which may affect their availability and type of service to their users. Such systems should provide a way to grant their users the quality of service they expect. Symmetric Encryption Symmetric cryptography, also known as conventional or secret encryption, is when the encryption and decryption keys are the same value. An example of symmetric cryptography is the Caesar Cipher. When Alice and Bob want to exchange data, they must first decide upon an algorithm such as the Caesar Cipher. Alice first writes her message in plaintext, then shifts each letter of her message 3 characters to the left. So, A becomes D, B becomes E, and so on. Bob knows in order to decrypt the data, he shifts each ciphertext letter back 3 characters, this then reveals the plaintext. Both Alice and Bob know that shifting each letter the appropriate direction is the key. Symmetric encryption is also known as a shared secret cryptography or shared key cryptography because it uses a single shared key that is used to encrypt and decrypt the message.

Symmetric encryption: uses same secret key to encipher and decipher message

 Encryption methods can be extremely efficient, requiring minimal processing Both sender and receiver must possess encryption key If either copy of key is compromised, an intermediate can decrypt and read messages Advantages to using symmetric encryption: Data is encrypted very quickly. Provides authentication, as long as the key stays secret Symmetry of key allows encryption and decryption with the same key Disadvantages of symmetric encryption: If the key is revealed (lost, stolen, guessed, etc) the interceptors can immediately decrypt anything that was encrypted using the key. An imposter using an intercepted key can produce bogus messages by impersonating the legitimate sender. Distribution of keys becomes a problem, especially if keys change frequently. Keys must be transmitted with extreme security because they allow access to all the information encrypted with them. For applications that extend throughout the world, this can be a very complex task. Asymmetric Encryption Asymmetric encryption (public-key encryption) Uses two different but related keys; either key can encrypt or decrypt message If Key A encrypts message, only Key B can decrypt Highest value when one key serves as private key and the other serves as public key Asymmetric encrypt ion, also known as public key encryption, is encryption that uses two different keys for encrypt ion and decryption. One key is a public key that can be distributed to anyone. The other is a mathematically related key called a private key or secret key. This is a key that should be kept secret from the world. Only the owner

should have access to the private key or any back - up copies of it. One should protect his/her secret key in the same manner that they would treat their bank PIN or credit card information. Advantages to using asymmetric encryption: For any number n users (represented as n), only 2*n, (N=2 *n) keys are required instead of n*(n - 1)/ 2 as with symmetric encryption. In other words when n=3, N=6, when n=4, N=8, and when n=10, N=20. In asymmetric encryption, each user only has 1 key pair. This means only a persons public key is exchanged and each group of people do not need separate keys. The problem of distributing keys is solved because a users public key can be shared by anyone. Disadvantages of using asymmetric encryption: Only a few public key algorithms are both secure and practical Some algorithms are only suitable for key distribution Slow: 100 - 1000 times slower than symmetric algorithms (RSA vs. DES) Only three algorithms work well for both key distribution and encryption: RSA, ElGamal, Rabin.

Hybrid Encryption Solution

In cryptography, public-key cryptosystems are convenient in that they do not require the sender and receiver to share a common secret in order to communicate securely (among other useful properties). However, they often rely on complicated mathematical computations and are thus generally much more inefficient than comparable symmetric-key cryptosystems. In many applications, the high cost of encrypting long messages in a public-key cryptosystem can be prohibitive. A hybrid cryptosystem is one which combines the convenience of a public-key cryptosystem with the efficiency of a symmetric-key cryptosystem.

A hybrid cryptosystem can be constructed using any two separate cryptosystems:

a key encapsulation scheme, which is a public-key cryptosystem, and a data encapsulation scheme, which is a symmetric-key cryptosystem.

The hybrid cryptosystem is itself a public-key system, whose public and private keys are the same as in the key encapsulation scheme. Note that for very long messages the bulk of the work in encryption/decryption is done by the more efficient symmetric-key scheme, while the inefficient public-key scheme is used only to encrypt/decrypt a short key value.

Example for Hybrid System

To encrypt a message addressed to Alice in a hybrid cryptosystem, Bob does the following: 1. Obtains Alice's public key. 2. Generates a fresh symmetric key for the data encapsulation scheme. 3. Encrypts the message under the data encapsulation scheme, using the symmetric key just generated. 4. Encrypt the symmetric key under the key encapsulation scheme, using Alice's public key. 5. Send both of these encryptions to Alice. To decrypt this hybrid ciphertext, Alice does the following: 1. uses her private key to decrypt the symmetric key contained in the key encapsulation segment. 2. uses this symmetric key to decrypt the message contained in the data encapsulation segment.

Advantages to using Hybrid The combination of these two encryption methods combines the convenience of public - key encryption with the speed of conventional encryption. Using Conventional encryption is about 100 to 1,000 times faster than public - key encryption, which solves the problem of slow encryption with asymmetric algorithms. Public- key encryption provides a solution to key distribution and data transmission issues when using symmetric encryption. When used together, performance and key distribution are improved without any sacrifice in security. It ties together the advantages of public key and symmetric cryptography, while also providing a feasible solution to the disadvantages of both. Hybrid Cryptosystem is a powerful hybrid cryptosystem that combines the advantages of both symmetric and asymmetric cryptography. At the same time, Hybrid Cryptosystem minimizes the disadvantages of each system.