Public Key Cryptography

之前所討論的symmetric cryptography最終都有一個無法解決的問題:
如何交換key

大概只能打扮成


然後到咖啡店


跟對方面交XDD

因為加解密都用同一把key,所以key沒有辦法透過公開網路交換

What is Public-Key (PK) Cryptography

則是一個是私人金鑰,另一個則是公開金鑰

公開金鑰可以再公開網路中傳輪

私有金鑰則自己保管

主要有兩種用途

  • 加密資訊

  • 數位簽章(驗證來源是否正確)

如果要同時加密資訊並驗證來源

NOTE: Does the order matter?

Sure!!

如果先用對方public key加密,再用自己private 簽名

對方收到後先驗證來源後,只能保證加密後的資料是你的

但plain text來源無法驗證

Graphic PK cryptography example

Ice cream vandor problem

Q:

  • What is the minimum number of vans we need?

  • At which intersections would we base our vans?

This problem is hard to solve:

O(n choose k) = O(n!/k!(n-k)!)

However, this solution is easy to check:

O(n)

Encrypt

Decrypt

real-world PK crypt algorithm

  1. knapsack problem
  • it has been broken 😰

  1. RSA algorithm

Performance

那既然有了 PK , 那我們還需要symmetric cryptography幹麻?

大家可以安全的交換隱密資訊了💪💪💪

What a wonderful world ~~

.

.

.

但事實是

非對稱的加密非常~慢

benchmark

於是美好世界

In practice

當然不是這樣世界就毀了

現實中將對稱跟非對稱一起用

用對稱加密資訊,再用非對稱加密key,這樣資訊跟key都可以在網路上傳輸啦~

同時又兼顧效能

whole picture

Coding Time~

  • 騙你的,只要用library就好

  • rbnacl都做完所有該做的事了

rbnacl-pk-simple_boxlink
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

require 'rbnacl/libsodium'

# KEY CREATION
personA_private_key = RbNaCl::PrivateKey.generate
personA_public_key  = personA_private_key.public_key

personB_private_key = RbNaCl::PrivateKey.generate
personB_public_key  = personB_private_key.public_key

# KEY EXCHANGE
personA_box = RbNaCl::SimpleBox.from_keypair(
  personB_public_key,
  personA_private_key
)

personB_box = RbNaCl::SimpleBox.from_keypair(
  personA_public_key,
  personB_private_key
)

# SENDING
message = "secret"
ciphertext = personA_box.encrypt(message)

# RECEIVING
plaintext = personB_box.decrypt(ciphertext)

最近會儘快把前幾週的上課筆記給補起來👻👻👻