Public Key Algorithms

Similar documents
Chapter 3 Public Key Cryptography

Overview. Public Key Algorithms I

Chapter 9. Public Key Cryptography, RSA And Key Management

Public Key Algorithms

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Chapter 9 Public Key Cryptography. WANG YANG

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Lecture 2 Applied Cryptography (Part 2)

Chapter 7 Public Key Cryptography and Digital Signatures

CS669 Network Security

Public Key (asymmetric) Cryptography

CSC 474/574 Information Systems Security

RSA (material drawn from Avi Kak Lecture 12, Lecture Notes on "Computer and Network Security" Used in asymmetric crypto.

Cryptography and Network Security. Sixth Edition by William Stallings

Applied Cryptography and Computer Security CSE 664 Spring 2018

Public Key Cryptography

Public-key encipherment concept

Public Key Encryption. Modified by: Dr. Ramzi Saifan

LECTURE 4: Cryptography

Public Key Cryptography and the RSA Cryptosystem

Public Key Cryptography and RSA

Lecture 6: Overview of Public-Key Cryptography and RSA

Public Key Algorithms

Crypto Basics. Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

ASYMMETRIC CRYPTOGRAPHY

Applied Cryptography and Network Security

CS 161 Computer Security

Public Key Cryptography

RSA. Public Key CryptoSystem

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

Introduction to Cryptography Lecture 7

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Great Theoretical Ideas in Computer Science. Lecture 27: Cryptography

CPSC 467b: Cryptography and Computer Security

Encryption. INST 346, Section 0201 April 3, 2018

Computer Security 3/23/18

Kurose & Ross, Chapters (5 th ed.)

Enhanced Asymmetric Public Key Cryptography based on Diffie-Hellman and RSA Algorithm

Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Topics. Number Theory Review. Public Key Cryptography

Introduction to Cryptography and Security Mechanisms. Abdul Hameed

Public-Key Cryptography

Introduction to Cryptography Lecture 7

Network Security. Chapter 4 Public Key Cryptography. Public Key Cryptography (4) Public Key Cryptography

Secure Multiparty Computation

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Lecture 3 Algorithms with numbers (cont.)

4 PKI Public Key Infrastructure

Assignment 9 / Cryptography

An overview and Cryptographic Challenges of RSA Bhawana

Module: Cryptographic Protocols. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security

Cryptography Intro and RSA

Algorithms (III) Yijia Chen Shanghai Jiaotong University

Channel Coding and Cryptography Part II: Introduction to Cryptography

RSA (algorithm) History

Number Theory and RSA Public-Key Encryption

Algorithms (III) Yu Yu. Shanghai Jiaotong University

Admin ENCRYPTION. Admin. Encryption 10/29/15. Assignment 6. 4 more assignments: Midterm next Thursday. What is it and why do we need it?

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

PUBLIC KEY CRYPTO. Anwitaman DATTA SCSE, NTU Singapore CX4024. CRYPTOGRAPHY & NETWORK SECURITY 2018, Anwitaman DATTA

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest

Math236 Discrete Maths with Applications

Algorithms (III) Yijia Chen Shanghai Jiaotong University

CS 6324: Information Security More Info on Key Establishment: RSA, DH & QKD

Lecture 6 - Cryptography

What did we talk about last time? Public key cryptography A little number theory

Math From Scratch Lesson 22: The RSA Encryption Algorithm

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 6 Introduction to Public-Key Cryptography

David Wetherall, with some slides from Radia Perlman s security lectures.

CS Network Security. Nasir Memon Polytechnic University Module 7 Public Key Cryptography. RSA.

Key Exchange. Secure Software Systems

CS61A Lecture #39: Cryptography

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

10.1 Introduction 10.2 Asymmetric-Key Cryptography Asymmetric-Key Cryptography 10.3 RSA Cryptosystem

CS 161 Computer Security

Introduction to Cryptography and Security Mechanisms: Unit 5. Public-Key Encryption

Public Key Encryption

Security: Cryptography

L13. Reviews. Rocky K. C. Chang, April 10, 2015

CS Computer Networks 1: Authentication

Tuesday, January 17, 17. Crypto - mini lecture 1

CS Lab 11. Today's Objectives. Prime Number Generation Implement Diffie-Hellman Key Exchange Implement RSA Encryption

1 Extended Euclidean Algorithm

Part VI. Public-key cryptography

Cryptography and Network Security

Key Management and Distribution

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security

INTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET)

Real-time protocol. Chapter 16: Real-Time Communication Security

LECTURE NOTES ON PUBLIC- KEY CRYPTOGRAPHY. (One-Way Functions and ElGamal System)

A nice outline of the RSA algorithm and implementation can be found at:

Cryptographic Techniques. Information Technologies for IPR Protections 2003/11/12 R107, CSIE Building

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Ideal Security Protocol. Identify Friend or Foe (IFF) MIG in the Middle 4/2/2012

Transcription:

Public Key Algorithms CS 472 Spring 13 Lecture 6 Mohammad Almalag 2/19/2013 Public Key Algorithms - Introduction Public key algorithms are a motley crew, how? All hash algorithms do the same thing: Take the message and perform an irreversible transformation on it. All secret key algorithms do the same thing: Take a block and encrypt it in a reversible way. Chaining methods to convert the block cipher into message cipher. But public key algorithms look very different from each other. 1

Public Key Algorithms - Introduction They are different: In how they perform their functions. What functions they perform. Examples of public key algorithms and their functions: RSA and ECC (encryption and digital signatures) AlGamal and DSS (digital signatures) Diffie-Hellman (establishment of a shared secret) Zero knowledge proof systems (authentication) Public Key Cryptography public-key/two-key/asymmetric cryptography involves the use of two keys: a public-key (e), which may be known by anybody, and can be used to encrypt messages, and verify signatures a private-key (d), known only to the recipient, used to decrypt messages, and sign (create) signatures is asymmetric because those who encrypt messages or verify signatures cannot decrypt messages or create signatures 2

Public Key Cryptography Public Key Characteristics Public-Key algorithms rely on two keys where: it is computationally infeasible to find decryption key knowing only algorithm & encryption key it is computationally easy to en/decrypt messages when the relevant (en/decrypt) key is known either of the two related keys can be used for encryption, with the other used for decryption (for some algorithms) 3

Public Key Applications Can classify uses into 3 categories: encryption/decryption (provide secrecy) digital signatures (provide authentication) key exchange (of session keys) Some algorithms are suitable for all uses, others are specific to one Security of Public Key Schemes like private key schemes brute force exhaustive search attack is always theoretically possible but keys used are too large (>512bits) security relies on a large enough difference in difficulty between easy (en/decrypt) and hard (cryptanalyse) problems more generally the hard problem is known, but is made hard enough to be impractical to break requires the use of very large numbers hence is slow compared to private key schemes 4

Example (Insecure) Public Key Algorithm Multiplication modulo p (where p is a prime) For example, let p=127 Choose e and d so that e*d=1 mod 127 e.g. e=53 and d=12 To encrypt a number, multiply by 53 mod 127 To decrypt a number, multiply by 12 mod 127 Decryption must restore the initial value! Why Isn t This Secure? The number 127 is too small. You could compute d from e by trying all possible values Modular division is possible - the inverse can be computed quickly even when p is large 5

Math-words Factor of an Integer: Any integer which divides evenly into a given integer. For example, 8 is a factor of 24 Greatest Common Factor (gcf): The largest integer that divides evenly into each of a given set of numbers. For example, 6 is the gcf of 30 and 18 Relatively Prime: relatively prime numbers have a (gcf) of 1 For example, 6 and 35 are relatively prime (gcf = 1) Totient function (Φ): The totientφ(n) of a positive integer n greater than 1 is defined to be the number of positive integers less than n that are coprime to n. RSA Named after its inventors: Rivest, Shamir, and Adelman Uses modular exponentiation Choose a modulus n and a public exponent e The key length is variable (e.g., 512 bits) The block size is variable Must be smaller than the key length The ciphertext block will be the length of the key Security due to cost of factoring large numbers 6

RSA If you can find d from e, why can t someone else? Factoring large numbers is hard Finding d from e is easy if you can factor n, but it s hard if you can t Pick two large primes and multiply them together to get n. You can now factor n because you constructed n After computing d from e, you can forget the factors of n What does factoring have to do with it? Define Φ(n) to be the # of integers < n and relatively prime to n If p is a prime, Φ(p) = p-1 Euler proved: x Φ(n) mod n = 1 So x kφ(n) mod n = 1 and x kφ(n)+1 mod n = x If we can find d*e = 1 mod Φ(n), they d be exponentiative inverses If n=p*q (p,q primes), Φ(n)=(p-1)(q-1) (remove multiples of p and multiples of q) 7

RSA Key Setup each user generates a public/private key pair by: selecting two large primes at random -p,q computing their system modulus n=p.q -define Φ (n)=(p-1)(q-1) selecting at random the encryption key e where 1<e<Φ (n), gcd(e, Φ(n))=1 solve following equation to find decryption key d e.d=1 mod Φ (n) and 0 d n publish their public encryption key: PU={e,n} keep secret private decryption key: PR={d,n} How to Find Large Primes If factoring is hard, how do you find large primes? It turns out you can test a number for primality easily even though factoring is hard! Pick random large numbers and test them until you find a prime one http://www.math.utah.edu/~pa/math/largepr ime.html 8

How do you test for primality? Fermat s theorem (note: Fermat was born 100 years earlier than Euler..it s a special case of Euler s theorem) x p 1 mod p = 1 if p prime So to test if n is a prime, pick x and raise x to n-1. If it s not 1, n definitely not prime But can it be 1 even if n not prime? Yes, but probably not. Can use different x s RSA Use to encrypt a message M the sender: obtains public key of recipient PU={e,n} computes: C = M e mod n, where 0 M<n to decrypt the ciphertext C the owner: uses their private key PR={d,n} computes: M = C d mod n note that the message M must be smaller than the modulus n (block if needed) 9

Numerical Example of RSA To generate the encryption and decryption keys, we can proceed as follows: 1. Generate randomly two large primes p and q 2. Compute n = pq and φ = (p 1)(q 1) 3. Choose a number e so that: gcd(e, φ) = 1 4. Find the multiplicative inverse of e modulo φ, i.e., find d so that ed 1 (mod φ) Numerical Example of RSA The encryption public key is KE = (e, n) and the decryption private key is KD = (d, n) The encryption function is: E(M) = mod n The decryption function is: D(M) = mod n These functions satisfy: D(E(M)) = M and E(D(M)) = M for any 0 M < n 10

Numerical Example of RSA Let s look at a numerical example 1. Let p = 7 and q = 13 be the two primes. 2. n = pq = 91 and φ = (p 1)(q 1) = 72 3. Choose e. Let s look among the primes: Try e = 2. gcd(2, 72) = 2 (does not work) Try e = 3. gcd(3, 72) = 3 (does not work) Try e = 5. gcd(5, 72) = 1 (it works) We choose e = 5 Numerical Example of RSA 4. Let s find d. We want to find d such that: ed 1 (mod φ) which is equivalent to find d such that ed + φk = 1 for some integer k. Recall that gcd(e, φ) = 1 We can use the Extended Euclid s Algorithm to find integers x and y such that ex + φy = gcd(e, φ) If e = 5 and φ = 72, we find x = 29 and y = 2. Indeed, 5(29) + 72( 2) = gcd(5, 72) = 1. Then, d = 29 In general, we use d = x mod φ 11

Numerical Example of RSA 5. The encryption and decryption functions are: Encryption: E(M) = mod n = mod 91 Decryption: D(M) = mod n = mod 91 Numerical Example of RSA Suppose the message is M = 10 E(M) = E(10) = 10 mod 91 = 82 D(E(M)) = D(82) = 82 mod 91 = 10 12

Numerical Example of RSA Let s see how to compute efficiently: 82 mod 91 Using the square-and-multiply algorithm: 82 82 (mod 91) 82 81 (mod 91) 82 81 9 (mod 91) 82 9 81 (mod 91) 82 81 9 (mod 91) Numerical Example of RSA Since 29 = 16 + 8 + 4 + 1 (in binary 29 is 11101), we deduce that: 82 81 81 81 81 (mod 91) (9) (81) (9) (82) (mod 91) 10 (mod 91) We conclude that 82 mod 91 = 10 13

Diffie-Hellman Allows two individuals to agree on a secret key, even though they can only communicate in public Alice chooses a private number and from that calculates a public number Bob does the same Each can use the other s public number and their own private number to compute the same secret An eavesdropper can t reproduce it Why is Diffie-Hellman Secure? We assume the following is hard: Given g, p, and g X mod p x < n With the best known mathematical techniques, this is somewhat harder than factoring a composite of the same magnitude as p Subtlety: they haven t proven that the algorithms are as hard to break as the underlying problem 14

Diffie-Hellman Alice choose random A agree on g,p T A =g A mod p Bob choose random B T B =g B mod p compute T BA mod p compute T AB mod p agree on g AB mod p Man-in-the-Middle Attack Alice Trudy Bob T A =g A mod p T T =g T mod p agree on g AT mod p {data}g AT mod p {data}g AT mod p T T =g T mod p T B =g B mod p agree on g TB mod p {data}g TB mod p {data}g TB mod p 15

Signed Diffie-Hellman (Avoiding Man in the Middle) Alice choose random A Bob choose random B [T A =g A mod p] signed with Alice s Private Key [T B =g B mod p] signed with Bob s Private Key verify Bob s signature verify Alice s signature agree on g AB mod p Diffie-Hellman for Encryption Alice Bob choose g, p choose random B choose random A publish g, p, T B =g B mod p compute T A =g A mod p compute T B A encrypt message using g AB mod p send T A, encrypted msg compute T A B decrypt message using g AB mod p 16

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback