search

tylercyber / Senior-Capstone-Project

0 stars 0 forks source link

Analysis of Asymmetric Encryption Methods #3

Closed tylercyber closed 4 years ago

tylercyber commented 4 years ago

Conduct an analysis of existing asymmetric encryption methods used by enterprises, such as RSA, DSA, TLS, ElGamal.

tylercyber commented 4 years ago

RSA: One of the first public key cryptosystems Within RSA the asymmetry is based on the practical difficulty of factoring the product of two large prime numbers. Is a relatively slow algorithm compared to other methods of encryption, due to this fact it is less commonly used to encrypt/decrypt user data. Wide variety of attacks that can be used by malicious actors in order to bypass RSA encryption; Padding schemes, Timing attacks, side-channel attacks etc.

DSA: Based upon modular exponentiation, is a variant of both the Schnoor and ElGamal schemes. Its possible to create a malicious version of DSA where parameters of the algorithm are altered in a way to subliminally leak information. DSA is particular sensitive to the parameters utilized in the algorithm itself, if any of these parameters are violated than the entire private key can be leaked to a malicious actor.

TLS: (Transport Layer Security) TLS is a cryptographic protocol which is based from SSL Is a hybrid of both asymmetric and symmetric encryption methods Initial data transmitted in the encrypted conversation is encrypted using symmetric cryptography, however the identity of the communicating individuals is authenticated via public-key cryptography (asymmetric encryption). Offers a wide range of methods for communicating parties to encrypt data, authenticate message integrity alongside exchanging keys. Offers protection against a potential downgrade of the protocol to a less secure version Is vulnerable to specific attacks, such as; renegotiation attacks, downgrade attacks, BEAST attacks etc.

ElGamal: Based upon the Diffie Hellman key exchange. The efficiency of the ElGamal depends solely on the properties of the cyclic group or padding schemes utilized. El Gamal also has probabilistic encryption, which essentially means that any single plaintext can be encrypted by using multiple ciphertexts. Commonly used as a part of a hybrid cryptosystem were the data is symmetrically encrypted. This is due to the fact that asymmetric encryption methods are often slower than symmetrical methods for the same level of security.