Hybrid cryptosystem

Hybrid cryptosystem

In cryptography, public-key cryptosystems are convenient in that they do not require the sender and receiver to share a common secret in order to communicate securely (among other useful properties). However, they often rely on complicated mathematical computations and are thus generally much more inefficient than comparable private-key cryptosystems. In many applications, the high cost of encrypting long messages in a public-key cryptosystem can be prohibitive. A hybrid cryptosystem is one which combines the convenience of a public-key cryptosystem with the efficiency of a private-key cryptosystem.

A hybrid cryptosystem can be constructed using any two separate cryptosystems:
* a key encapsulation scheme, which is a public-key cryptosystem, and
* a data encapsulation scheme, which is a private-key cryptosystem.

The hybrid cryptosystem is itself a public-key system, whose public and private keys are the same as in the key encapsulation scheme.

To encrypt a message m addressed to Alice in a hybrid scheme, Bob does the following:
* Generates a random (private) key for the data encapsulation scheme (say, s).
* Encrypt the message m under the data encapsulation scheme, using the key s just generated.
* Encrypt the key s under the key encapsulation scheme, using Alice's public key.
* Send both of these encryptions to Alice.

Alice can use her private key to decrypt s, and then use s to decrypt the message m.

Note that for very long messages m, the bulk of the work in encryption/decryption is done by the more efficient private-key scheme, while the inefficient public-key scheme is used only to encrypt/decrypt a short key value.

ecurity

If both the key encapsulation and data encapsulation schemes are secure against adaptive chosen ciphertext attack, then the hybrid scheme inherits that property as well.cite journal
last = Cramer
first = Ronald
coauthors = Shoup, Victor
title = Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack
journal = SIAM Journal on Computing
volume = 33
issue = 1
pages = 167–226
date = 2004
doi = 10.1137/S0097539702403773
accessdate = 2007-09-12 ] However, it is possible to construct a hybrid scheme secure against adaptive chosen ciphertext attack even if the key encapsulation has a slightly weakened security definition (though the security of the data encapsulation must be slightly stronger).cite conference
first = Hofheinz
last = Dennis
coauthors = Kiltz, Eike
title = Secure Hybrid Encryption from Weakened Key Encapsulation
booktitle = Advances in Cryptology -- CRYPTO 2007
pages = 553-571
publisher = Springer
date = 2007
url = http://homepages.cwi.nl/~kiltz/papers/hybrid.pdf]

References


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • Cramer–Shoup cryptosystem — The Cramer–Shoup system is an asymmetric key encryption algorithm, and was the first efficient scheme proven to be secure against adaptive chosen ciphertext attack using standard cryptographic assumptions. Its security is based on the… …   Wikipedia

  • Cramer-Shoup cryptosystem — The Cramer Shoup system is an asymmetric key encryption algorithm, and was the first efficient scheme proven to be secure against adaptive chosen ciphertext attack using standard cryptographic assumptions. Its security is based on the… …   Wikipedia

  • Symmetric-key algorithm — Symmetric key algorithms are a class of algorithms for cryptography that use trivially related, often identical, cryptographic keys for both decryption and encryption.The encryption key is trivially related to the decryption key, in that they may …   Wikipedia

  • ElGamal encryption — In cryptography, the ElGamal encryption system is an asymmetric key encryption algorithm for public key cryptography which is based on the Diffie Hellman key agreement. It was described by Taher Elgamal in 1984 [Taher ElGamal, A Public Key… …   Wikipedia

  • гибридная криптосистема — Криптосистема с открытым ключом задействуется только для управления общими ключами, которые затем используются в традиционных криптосистемах с секретным ключом. [[http://www.rfcmd.ru/glossword/1.8/index.php?a=index d=23]] Тематики защита… …   Справочник технического переводчика

  • Public-key cryptography — In an asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of the paired private key can decrypt. Security depends on the secrecy of that private key …   Wikipedia

  • Cryptography — Secret code redirects here. For the Aya Kamiki album, see Secret Code. Symmetric key cryptography, where the same key is used both for encryption and decryption …   Wikipedia

  • cryptology — cryptologist, n. cryptologic /krip tl oj ik/, cryptological, adj. /krip tol euh jee/, n. 1. cryptography. 2. the science and study of cryptanalysis and cryptography. [1635 45; < NL cryptologia. See CRYPTO , LOGY] * * * Introduction …   Universalium

  • Outline of cryptography — See also: Index of cryptography articles The following outline is provided as an overview of and topical guide to cryptography: Cryptography (or cryptology) – practice and study of hiding information. Modern cryptography intersects the… …   Wikipedia

  • Knapsack problem — BKP redirects here. For other uses, see BKP (disambiguation). Example of a one dimensional (constraint) knapsack problem: which boxes should be chosen to maximize the amount of money while still keeping the overall weight under or equal to… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”