This lecture explores public key cryptosystems (PKC). It contrasts the asymmetric ciphers of PKC with the symmetric ciphers discussed in the previous lecture. It explores how RSA encryption works and considers some of the ways in which it can be attacked. It highlights the relative slowness of PKC and how this limits its application to the encryption of small things such as symmetric cipher keys and hashes (the latter providing a digital signature for message authentication). The lecture concludes with a look at the issue of public key trust, and the role of certificates and certificate authorities in achieving this.

• Lecture video
• Slides (PDF)
• Code examples
• Exercises:
  • Hybrid Encryption in Java
  • Digital Signatures in Java
  • Digital Signatures With Minisign
• Other resources:
  • Factorization of a 768-bit RSA modulus (PDF)
  • Article on factoring of RSA-240
  • Reconstructing RSA private keys from random key bits (PDF)
  • ROCA: Vulnerable RSA Generation - CVE-2017-15361
  • An easy introduction to elliptic curve cryptography (Cloudflare)
  • Breaking the encryption scheme of the Moscow internet voting system
  • Extended Validation certificates are dead (Troy Hunt)
  • Let’s Encrypt