Symmetric or Asymmetric Key(s)

The concept of symmetry and asymmetry refers to the keys distribution in 2 parties (sender and receiver). If the information is encoded and decoded with the same key $k$, we say the scheme is symmetric. Otherwise, it is asymmetric.

Private Key Encryption and MAC

Private key encryption scheme and message authentication code (MAC) are symmetric primitives. In fact, private key encryption scheme is also called symmetric encryption.

Private key encryption: Alice encrypts the message $m$ by running $Enc_k(m)\to c$. Bob decrypts the ciphertext $c$ by running $Dec_k(c)\to m$.

Message authentication code (MAC): Alice authenticates $m$ by running $Mac_k(m)\to t$. Bob verifies the tag $t$ by checking $Vrfy_k(m,t)$ equals to $1$ or not.

Message Authentication Code (MAC) provides integrity, which ensures that the information is not tampered during transmission.

Alice applies the MAC algorithm to $m$ and produces an unforgeable tag $t:=Mac_k(m)$. Alice sends the tag $t$ along with the message $m$: Bob then verifies the tag to check whether the message $m$ is tampered or not.

Public Key Encryption and Digital Signature

Public key encryption scheme and digital signature are asymmetric primitives. Public key encryption scheme is also called asymmetric encryption.

In asymmetric primitives, the key-generation algorithm $Gen(1^n)$ will produce a pair of keys $\langle pk, sk \rangle$. The public key $pk$ is publicly distributed, while private key $sk$ is only held by one party.

Public key encryption: Alice encrypts the message $m$ with public key $pk$ by running $Enc_{pk}(m)\to c$. Bob decrypts the ciphertext $c$ with private key by running $Dec_{sk}(c)\to m$.

Digital signature: Alice signs $m$ with private key by running $Sign_{sk}(m)\to \sigma$. Bob verifies the signature $\sigma$ by checking $Vrfy_{pk}(m, \sigma)$ equals to $1$ or not.

Note that in public key encryption, receriver Bob holds the private key; while in digital signature, sender Alice holds the private key.

MAC Versus Digital Signature

MAC and digital signature both provide integrity. However, the asymmetry of digital signature guarentees more than that.

  • Public Verifiability

    A third party not directly participating in the protocol should also be able to verify the generated values. It is based on the publicity of $pk$. MAC cannot achieve this since $k$ must be kept secret for the defence of a malicious third party.

  • Transferability

  • Non-repudiation

    Once the signer signs a message $m$, he can NOT deny having done so afterwards. It is based on the secrecy of $sk$: $sk$ is only known by signer and is paired up with $pk$. Anyone with $pk$ could convince that signer holds $sk$ with zero-knowledge of $sk$.

Wovon man nicht sprechen kann, darüber muss man schweigen.