Information Technology and Public Key Cryptography - Essay Example

?Introduction Standards are developed for simplifying compatibility issues, as different PKI users configure and operate on different PKI infrastructures. Moreover, security will not be guaranteed, as users may incorporate vulnerable PKI resulting in security breaches and other hacking activities. For making a standardized worldwide approach, the Public Key Cryptography Standards (PKCS) are specified and developed by RSA laboratories with the contribution of secure system developers located globally. The document of PKCS is adapted and implemented globally, as the assistance from the PKCS series are now a part of various formal and de facto standards such as ANSI XP documentation, PKIX, SET, MIME and SSL (Public-Key Cryptography Standards. 2007). Similarly, the RSA cryptography standard is associated with a Public Key Cryptography Standards (PKCS) that highlights data encryption by utilizing RSA algorithm. The primary objective or reason for this standard is the construction of digital envelops and digital signatures. Moreover, the standard also defines syntax for private and publics keys of RSA. The syntax is utilized for digital certificates and the syntax for private keys is utilized for private key encryption (RSA Cryptography Standard. 2007). Public key cryptography relies on algorithms associated with asymmetric cryptography along with two incorporated keys i.e. a public key and a private key. Likewise, these two keys are separate and are utilized for decrypting and encrypting data or messages. If any user composes an electronic mail, he or she possesses a private for the email themselves. However, if the sender tries to open the email, he or she must possess a public key for accessing it. RSA public key encryption algorithm converts the private key to public key. Moreover, a signature algorithm that ensures authenticity of the sender can be incorporated with the private key without the intervention of the private key, as fundamentally it will not be possible to search two messages possessing similar signatures. The PKCS incorporates different versions such as v 2.1 standards that are associated with deploying public key cryptographic encryption along with digital signatures with appendix. Moreover, it also reflects ANS.1 syntax that illustrates keys for identifying different schemes. RSA is basically a public key algorithm that is invented by Rivest, Shamir and Adleman (Biskup) and is focused on an exponentiation module that comprises of two great prime numbers. Likewise, the security incorporated in RSA algorithm is focused on the solidity of multiplying the procedure associated with great prime numbers. Moreover, in the next version i.e. version 2.1, RSA multiprime function was incorporated. The table 1.1 shows the encryption and decryption of messages by private and public keys. Activity Keys Sending an Encrypted Message or data Utilizing the receivers public key Sending an encrypted signature Utilizing the sender’s private key Decrypting an encrypted message Utilizing the receivers private key Decrypting an encrypted signature Utilizing the sender’s public key Figure 1.1 Comparison X.509 and PGP X.509 is considered to be an ITU-T standard that is known for Public Key Infrastructure (PKI). Likewise, it specifies standardized formats associated with public key certificates and a validation algorithm for certification path. Moreover, this standard was preliminary developed in 1988 and was integrated with X.500 standard (X.509. 2007). After the integration, it was considered to be a solid hierarchical mechanism of Certificate Authorities (CA) that is responsible for issuing certificates. It is a fact that X.500 system was not completely deployed, as the IETF working group associated with public key infrastructure has acquired the standard for Internet that is considered to be a flexible environment (X.509. 2007). Besides, in the year 1998, PGP was considered to be a relatively low cost solution possessing features such as robust file, disk and email encryption suite that is based on Network Associates that is a PGP certificate. Moreover, PGP is now becoming widely acceptable PKI (McClure 1998). The PGP PKI is fast but there is one drawback, as it does not have built in support for X.509. Moreover, it is also limited in terms of foundation libraries from its PGP sdk components (McClure 1998). However, apart from the factors that need an upgrade, PGP PKI is an easy and quick solution for deploying encryption on a global scale for data transmission and electronic mail. If any organization decides to deploy PGP, the infrastructure will be able to incorporate any X.509 infrastructure (McClure 1998). Some of the summarized features and drawbacks for PGP PKI are illustrated below (McClure 1998): “Network Associates' new security suite is a low-cost, easy-to-implement alternative to the high-maintenance world of public key infrastructures. Pros: Low cost; minimum setup headaches; signature expiration; key splitting; Lightweight Directory Access Protocol certificate server; photo identification; Transport Layer Security support. Cons: Certificate server not X.509-based; no Netscape plug-in support. Network Associates Inc., Santa Clara, Calif.; (800) 764-3337; fax: (408) 970-9727; www.nai.com. Price: $84 for single seat; $26 per seat for 1,000 seats. Platform: Windows N T 4.0” If we compare the certificate structure of X.509 PKI and PGP PKI, the X.509 structure is small as compare to PGP PKI. The field for a simplified X.509 PKI incorporates subject, issuer, Validity time, key, Subject alternate name and signature. Similarly, the simplified PGP PKI incorporates key, subject name, issuer, validity time, signature and again another segment of all the similar fields and two spaces for sub keys. In order to facilitate distinctive features of web of trust systems, a modifiable message format was established by the PGP for encoding messages that are encrypted along with database entries, certificates and revocation messages (Vacca). Moreover, the design that is defined in RFC 2440 facilitates a PGP certificate to encompass signatures and names, as they are conflicting in the case of X.509. Moreover, the specification associated with XKMS defines that a meta-PKI can be utilized for registering locating and validating keys that can be by an X.509 certificate authority or a PGP referrer, SPKI signer or the infrastructure of SPKI (Vacca). Likewise, the specifications incorporate two protocol specifications i.e. X-KISS (XML Key Information Service Specification) and X-KRSS (XML Key Registration Service Specification) (Vacca). There are some studies that reflect amendments or modifications in the design of X.509 architecture, as the new design will obtain the certificate in an easy way along with saving costs associated with applications supporting certificate functions. Likewise, the primary objective is to grant access to Internet complaint services that will utilize signatures based on certificate and encryption features without human intervention. Bibliography BISKUP, J., Security in Computing Systems: Challenges, Approaches and Solutions Springer. MCCLURE, S., 1998. PGP brings security to masses. InfoWorld, 20(40), pp. 44C. Public-Key Cryptography Standards. 2007. Network Dictionary, , pp. 392-392. RSA Cryptography Standard. 2007. Network Dictionary, , pp. 421-421. VACCA, J.R., Computer and information security handbook Amsterdam ; Morgan Kaufmann, c2009. X.509. 2007. Network Dictionary, , pp. 535-535. Read More