Trusted Computing Can Depend on Asymmetric Cryptography Algorithms to Assure the Integrity of Protected Data
Published in Military & Aerospace Electronics
ASHBURN, Va. – There are three general categories of cryptographic algorithms commonly employed in trusted computing: secure hashing, symmetric cryptography, and asymmetric cryptography.
Asymmetric algorithms enable systems designers to use a pair of keys to access data. One key signs or encrypts data, while the other verifies or decrypts data.
This pairing of keys provides the opportunity for novel cryptographic operations when compared to more traditional symmetric algorithms. Normally, in asymmetric cryptography, the key pairs are called the “private key," or one that is securely stored and not shared, and the “public-key," a matching key that is freely shared with others.
Asymmetric cryptographic algorithms enable several use cases. One is personalized encryption, where the sender encrypts data using the public key. Only the matching private key can decrypt it, which protects the data’s confidentiality against external attackers.
Digitally signing of data also uses asymmetric cryptography by processing the data to be signed using the private key of the sender. Once the other system receives the data, it can use the already shared corresponding public key to verify the signing.
What’s more, the public key can verify data authenticity after signing This use case fails, however, if the does not maintain the private key's confidentiality securely. Most digital signing algorithms do not work directly with the data at signing but instead operate on a hash of the data to sign. This approach enhances performance as most algorithms operate with large numbers, making it infeasible to process a large amount of data directly converted into a number.
A third use case for asymmetric cryptography involves key agreement protocols, which use asymmetric algorithms because of the increased speed of symmetric algorithms. The slower asymmetric cryptographic operations enable initial key agreements and then use a secret key for fast symmetric cryptographic operations to protect the confidentiality of communications.
Key agreement protocols are appropriate when both parties know the other’s public key from the start. Each party computes a shared secret value using his own private key and the other party’s public key. Using secure hashing algorithms to derive additional keys may protect the shared secret value further.
Asymmetric Cryptographic Algorithm Attack
Computer hackers can use several types of attacks on asymmetric algorithms. In most of these attacks, the attacker already knows the public portion of a key pair and searches for the corresponding private key. A successful attack would enable the attacker to sign non-authentic data or decrypt data encrypted for that specific recipient.
Decomposing System Security to Prevent Cyber Attacks in Trusted Computing Architectures
Trusted computing systems designers should consider system security early in the design process to prevent cyber attacks.
The Trusted Computing Implications of Interfaces, and How They Can Influence System Performance
Steve Edwards and David Sheets explore the implications of how interfaces influence system design in trusted computing.
The State of Cyber Resiliency Metrics on Embedded Systems
We look at how the ability of an embedded system to identify, prevent, and respond to cyber attacks is defined by measuring its level of cybersecurity and cyber resiliency.
Trusted Computing for Defense & Aerospace
Curtiss-Wright goes well beyond standard approaches to Trusted Computing to provide truly secure solutions for air, ground, and sea platforms. We keep cybersecurity and physical protection in mind, from design and testing to supply chain and manufacturing. This comprehensive, end-to-end approach creates an effective mesh of protection layers that integrate to ensure reliability of Curtiss-Wright products in the face of attempted compromise.