Overview. Public Key Algorithms I

Similar documents
Chapter 3 Public Key Cryptography

CSC 474/574 Information Systems Security

Public Key Algorithms

Public Key Algorithms

Chapter 7 Public Key Cryptography and Digital Signatures

Crypto Basics. Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion

Chapter 9. Public Key Cryptography, RSA And Key Management

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Public Key Algorithms

Chapter 9 Public Key Cryptography. WANG YANG

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

Public Key Encryption. Modified by: Dr. Ramzi Saifan

Cryptography and Network Security. Sixth Edition by William Stallings

Public Key (asymmetric) Cryptography

Public Key Cryptography and RSA

Lecture 2 Applied Cryptography (Part 2)

Public Key Cryptography

Public-Key Cryptography

Public-key encipherment concept

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

CS669 Network Security

Lecture 6: Overview of Public-Key Cryptography and RSA

RSA (material drawn from Avi Kak Lecture 12, Lecture Notes on "Computer and Network Security" Used in asymmetric crypto.

Applied Cryptography and Computer Security CSE 664 Spring 2018

LECTURE 4: Cryptography

Cryptography Intro and RSA

Introduction to Cryptography and Security Mechanisms. Abdul Hameed

Public Key Cryptography and the RSA Cryptosystem

Lecture 6 - Cryptography

Channel Coding and Cryptography Part II: Introduction to Cryptography

Secure Multiparty Computation

Public Key Cryptography

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 6 Introduction to Public-Key Cryptography

CPSC 467b: Cryptography and Computer Security

Great Theoretical Ideas in Computer Science. Lecture 27: Cryptography

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Key Exchange. Secure Software Systems

Introduction to Cryptography and Security Mechanisms: Unit 5. Public-Key Encryption

Topics. Number Theory Review. Public Key Cryptography

Network Security. Chapter 4 Public Key Cryptography. Public Key Cryptography (4) Public Key Cryptography

CS573 Data Privacy and Security. Cryptographic Primitives and Secure Multiparty Computation. Li Xiong

CS 161 Computer Security

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

Module: Cryptographic Protocols. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security

Number Theory and RSA Public-Key Encryption

PUBLIC KEY CRYPTO. Anwitaman DATTA SCSE, NTU Singapore CX4024. CRYPTOGRAPHY & NETWORK SECURITY 2018, Anwitaman DATTA

Uzzah and the Ark of the Covenant

10.1 Introduction 10.2 Asymmetric-Key Cryptography Asymmetric-Key Cryptography 10.3 RSA Cryptosystem

RSA. Public Key CryptoSystem

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Applied Cryptography and Network Security

CS Network Security. Nasir Memon Polytechnic University Module 7 Public Key Cryptography. RSA.

A nice outline of the RSA algorithm and implementation can be found at:

1. Diffie-Hellman Key Exchange

RSA (algorithm) History

Part VI. Public-key cryptography

Kurose & Ross, Chapters (5 th ed.)

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security

Lecture 3 Algorithms with numbers (cont.)

Lecture 20 Public key Crypto. Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides from Miller and Bailey s ECE 422

What did we talk about last time? Public key cryptography A little number theory

CS 161 Computer Security

ASYMMETRIC CRYPTOGRAPHY

CRYPTOGRAPHY & DIGITAL SIGNATURE

Diffie-Hellman. Part 1 Cryptography 136

CS 6324: Information Security More Info on Key Establishment: RSA, DH & QKD

Algorithms (III) Yijia Chen Shanghai Jiaotong University

Algorithms (III) Yu Yu. Shanghai Jiaotong University

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

Algorithms (III) Yijia Chen Shanghai Jiaotong University

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

Introduction to Cryptography Lecture 7

Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Study Guide to Mideterm Exam

Key Management and Distribution

Chapter 3. Principles of Public-Key Cryptosystems

LECTURE NOTES ON PUBLIC- KEY CRYPTOGRAPHY. (One-Way Functions and ElGamal System)

CPSC 467: Cryptography and Computer Security

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

Modern cryptography 2. CSCI 470: Web Science Keith Vertanen

Tuesday, January 17, 17. Crypto - mini lecture 1

Introduction to Cryptography Lecture 7

Keywords Security, Cryptanalysis, RSA algorithm, Timing Attack

CSE 127: Computer Security Cryptography. Kirill Levchenko

An overview and Cryptographic Challenges of RSA Bhawana

Computer Security 3/23/18

Cryptography and Network Security Chapter 10. Fourth Edition by William Stallings

2.1 Basic Cryptography Concepts

Cryptography and Network Security

L13. Reviews. Rocky K. C. Chang, April 10, 2015

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest

Crypto CS 485/ECE 440/CS 585 Fall 2017

CPSC 467b: Cryptography and Computer Security

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security

Encryption. INST 346, Section 0201 April 3, 2018

Transcription:

Public Key Algorithms I Dr. Arjan Durresi Louisiana State University Baton Rouge, LA 70810 Durresi@csc.lsu.Edu These slides are available at: http://www.csc.lsu.edu/~durresi/csc4601-04/ Louisiana State University 9- Public Key Algorithms- 1 Overview Why Public Key Cryptography? Public Key Cryptography Applications Modular arithmetic RSA Diffie-Hellman Key Exchange Louisiana State University 9- Public Key Algorithms- 2

Private-Key Cryptography Traditional private/secret/single key cryptography uses one key Shared by both sender and receiver If this key is disclosed communications are compromised Also is symmetric, parties are equal Hence does not protect sender from receiver forging a message & claiming is sent by sender Louisiana State University 9- Public Key Algorithms- 3 Public-Key Cryptography Probably most significant advance in the 3000 year history of cryptography Uses two keys a public & a private key Asymmetric since parties are not equal Uses clever application of number theoretic concepts to function Complements rather than replaces private key crypto Louisiana State University 9- Public Key Algorithms- 4

Public-Key Cryptography Public-key/two-key/asymmetric cryptography involves the use of two keys: a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures Is asymmetric because those who encrypt messages or verify signatures cannot decrypt messages or create signatures Louisiana State University 9- Public Key Algorithms- 5 Encryption Louisiana State University 9- Public Key Algorithms- 6

Authentication Louisiana State University 9- Public Key Algorithms- 7 Public-Key Cryptosystems Louisiana State University 9- Public Key Algorithms- 8

Why Public-Key Cryptography? Developed to address two key issues: key distribution how to have secure communications in general without having to trust a KDC with your key digital signatures how to verify a message comes intact from the claimed sender Public invention due to Whitfield Diffie & Martin Hellman at Stanford Uni in 1976 known earlier in classified community Louisiana State University 9- Public Key Algorithms- 9 Public-Key Characteristics Public-Key algorithms rely on two keys with the characteristics that it is: computationally infeasible to find decryption key knowing only algorithm & encryption key computationally easy to en/decrypt messages when the relevant (en/decrypt) key is known either of the two related keys can be used for encryption, with the other used for decryption (in some schemes) Louisiana State University 9- Public Key Algorithms- 10

Private vs. Public Key Encryption Louisiana State University 9- Public Key Algorithms- 11 Public-Key Applications Can classify uses into 3 categories: encryption/decryption (provide secrecy) digital signatures (provide authentication) key exchange (of session keys) Some algorithms are suitable for all uses, others are specific to one Louisiana State University 9- Public Key Algorithms- 12

Algorithms use Louisiana State University 9- Public Key Algorithms- 13 Security of Public Key Schemes Like private key schemes brute force exhaustive search attack is always theoretically possible But keys used are too large (>512bits) Security relies on a large enough difference in difficulty between easy (en/decrypt) and hard (cryptanalyse) problems More generally the hard problem is known, its just made too hard to do in practise Requires the use of very large numbers Hence is slow compared to private key schemes Louisiana State University 9- Public Key Algorithms- 14

Modular Arithmetic Public key algorithms are based on modular arithmetic. Modular addition. Modular multiplication. Modular exponentiation. Louisiana State University 9- Public Key Algorithms- 15 Modular Addition Addition modulo (mod) K Poor cipher with (d k +d m ) mod K, e.g., if K=10 and d k is the key. Examples: 5+5=0, 9+9=8 Additive inverse: addition mod K yields 0. Decrypt by adding inverse. 7+4 =1 1+6 =7 Louisiana State University 9- Public Key Algorithms- 16

Modular Multiplication Multiplication modulo K Multiplicative inverse: multiplication mod K yields 1 Only some numbers have inverse for example 3-7 Use Euclid s algorithm to find inverse Given x, n, it finds y such that x y mod n = 1 All number relatively prime to n will have mod n multiplicative inverse Louisiana State University 9- Public Key Algorithms- 17 Prime Numbers Prime numbers only have divisors of 1 and self they cannot be written as a product of other numbers note: 1 is prime, but is generally not of interest eg. 2,3,5,7 are prime, 4,6,8,9,10 are not Prime numbers are central to number theory List of prime number less than 200 is: 2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71 73 79 83 89 97 101 103 107 109 113 127 131 137 139 149 151 157 163 167 173 179 181 191 193 197 199 Louisiana State University 9- Public Key Algorithms- 18

Prime Factorisation to factor a number n is to write it as a product of other numbers: n=a b c note that factoring a number is relatively hard compared to multiplying the factors together to generate the number the prime factorisation of a number n is when its written as a product of primes eg. 91=7 13 ; 3600=2 4 3 2 5 2 Louisiana State University 9- Public Key Algorithms- 19 Relatively Prime Numbers & GCD two numbers a, b are relatively prime if have no common divisors apart from 1 eg. 8 & 15 are relatively prime since factors of 8 are 1,2,4,8 and of 15 are 1,3,5,15 and 1 is the only common factor conversely can determine the greatest common divisor by comparing their prime factorizations and using least powers eg. 300=2 1 3 1 5 2 18=2 1 3 2 hence GCD(18,300)=2 1 3 1 =6 Louisiana State University 9- Public Key Algorithms- 20

a p-1 mod p = 1 Fermat's Theorem where p is prime and gcd(a,p)=1 Also known as Fermat s Little Theorem Useful in public key and primality testing Louisiana State University 9- Public Key Algorithms- 21 Totient Function x, m relative prime: no other common factor than 1 Totient function ø(n): number of integers less than n relatively prime to n if n is prime, ø(n)=n-1 if n=p q, and p, q are primes, ø(n)=(p-1)(q-1) Louisiana State University 9- Public Key Algorithms- 22

Euler Totient Function ø(n) When doing arithmetic modulo n complete set of residues is: 0..n-1 reduced set of residues is those numbers (residues) which are relatively prime to n eg for n=10, complete set of residues is {0,1,2,3,4,5,6,7,8,9} reduced set of residues is {1,3,7,9} Number of elements in reduced set of residues is called the Euler Totient Function ø(n) Louisiana State University 9- Public Key Algorithms- 23 Euler Totient Function ø(n) To compute ø(n) need to count number of elements to be excluded in general need prime factorization, but for p (p prime) ø(p) = p-1 eg. for p.q (p,q prime) ø(37) = 36 ø(p.q) = (p-1)(q-1) ø(21) = (3 1) (7 1) = 2 6 = 12 Louisiana State University 9- Public Key Algorithms- 24

Euler's Theorem A generalisation of Fermat's Theorem a ø(n) mod N = 1 eg. where gcd(a,n)=1 a=3;n=10; ø(10)=4; hence 3 4 = 81 = 1 mod 10 a=2;n=11; ø(11)=10; hence 2 10 = 1024 = 1 mod 11 Louisiana State University 9- Public Key Algorithms- 25 Modular Exponentiation x y mod n = x y mod ø(n) mod n for n prime and for square free if y = 1 mod ø(n) then x y mod n = x mod n Louisiana State University 9- Public Key Algorithms- 26

RSA (Rivest( Rivest, Shamir, Adleman) The most popular one. Support both public key encryption and digital signature. Assumption/theoretical basis: Factoring a big number is hard. Variable key length (usually 512 bits). Variable plaintext block size. Plaintext must be smaller than the key. Ciphertext block size is the same as the key length. Louisiana State University 9- Public Key Algorithms- 27 What Is RSA? To generate key pair: Pick large primes (>= 256 bits each) p and q Let n = p*q, keep your p and q to yourself! For public key, choose e that is relatively prime to ø(n) =(p-1)(q-1), let pub = <e,n> For private key, find d that is the multiplicative inverse of e mod ø(n), i.e., e*d = 1 mod ø(n), let priv = <d,n> Louisiana State University 9- Public Key Algorithms- 28

How Does RSA Work? Given pub = <e, n> and priv = <d, n> encryption: c = m e mod n, m < n decryption: m = c d mod n signature: s = m d mod n, m < n verification: m = s e mod n Louisiana State University 9- Public Key Algorithms- 29 Why Does RSA Work? Given pub = <e, n> and priv = <d, n> n =p*q, ø(n) =(p-1)(q-1) e*d = 1 mod ø(n) x e d = x mod n encryption: c = m e mod n decryption: m = c d mod n = m e d mod n = m mod n = m (since m < n) digital signature (similar) Louisiana State University 9- Public Key Algorithms- 30

Why Is RSA Secure? Factoring 512-bit number is very hard! But if you can factor big number n then given public key <e,n>, you can find d, hence the private key by: Knowing factors p, q, such that, n = p*q Then ø(n) =(p-1)(q-1) Then d such that e*d = 1 mod ø(n) Factoring n might not be the only way to break RSA Louisiana State University 9- Public Key Algorithms- 31 RSA Example 1. Select primes: p=17 & q=11 2. Compute n = pq =17 11=187 3. Compute ø(n)=(p 1)(q-1)=16 10=160 4. Select e : gcd(e,160)=1; choose e=7 5. Determine d: de=1 mod 160 and d < 160 Value is d=23 since 23 7=161= 10 160+1 6. Publish public key KU={7,187} 7. Keep secret private key KR={23,187} Louisiana State University 9- Public Key Algorithms- 32

RSA Example cont sample RSA encryption/decryption is: given message M = 88 (nb. 88<187) encryption: C = 88 7 mod 187 = 11 decryption: M = 11 23 mod 187 = 88 Louisiana State University 9- Public Key Algorithms- 33 Example 2 Communication between Alice and Bob Alice chooses: p=7, q=11. So n=77 and ø(n)=60 gcd(e, 60)=1; choose e = 17 de=1 mod 60 and d < 60 Value is d=53 since 53 17=901= 15 60+1 Plaintext: HELLO WORLD A 00,, Z -25, blank 26 Plaintext: 07 04 11 11 14 26 22 14 17 11 03 Louisiana State University 9- Public Key Algorithms- 34

Example 2 (cont.) 07 17 mod 77 =28,, 03 17 mod 77 = 75 Ciphertext : 28 16 44 44 42 38 22 42 19 44 75 No one would use RSA on blocks of small size Open to rearrangements of blocks and language analysis The plaintext is padded with random data to make up a block Include information about the order of blocks. If rearranged the receiver will be aware Louisiana State University 9- Public Key Algorithms- 35 Example 3 RSA used for authentication Alice encrypts HELLO WORLD with her private key: 07 53 mod 77 =35,, 03 53 mod 77 = 75 35 09 44 93 12 24 94 04 05 Providing both confidentiality and authentication. Bob s public key is 37 and private key is 13 The ciphertext is: (07 53 mod 77) 37 mod 77 = 07 (03 53 mod 77) 37 mod 77 = 47 Bob decrypts: (07 13 mod 77) 17 mod 77 = 07 (47 13 mod 77) 17 mod 77 = 03 Louisiana State University 9- Public Key Algorithms- 36

How Efficient are the RSA Operations? Encryption and decryption should be very efficient, because they will be routinely performed Finding RSA keys (n,d,e) not very critical it is done less frequently. Encryption and decryption: Raising a large number to a large power for example 123 54 mod 678 For RSA to be secure number with 150 digits raised in power of 150 it will take more than the life of the universe Louisiana State University 9- Public Key Algorithms- 37 Exponentiation [(A mod n)x(b mod n)] mod n = (a x b) mod n 123 2 = 123 x 123 = 213 mod 678 123 3 = 123 x 213 = 435 mod 678 Can use the Square and Multiply Algorithm A fast, efficient algorithm for exponentiation Concept is based on repeatedly squaring base and multiplying in the ones that are needed to compute the result Look at binary representation of exponent 123 54 : 54 = 110110 Compute 123 raised to a sequence of powers 1, 11, 110, 1101, 11011, 110110 123 2 = 123x123 = 15129 = 213 mod 678 123 3 = 123 2 x123 = 213x123 = 435 mod 678 123 6 = (123 3 ) 2 = 435 2 = 189225 = 63 mod 678 123 12 = (123 6 ) 2 = 63 2 = 579 mod 678 1231 3 = 123 12 x123 = 579x123 = 27 mod 678 Louisiana State University 9- Public Key Algorithms- 38

RSA Key Generation Users of RSA must: determine two primes at random - p, q select either e or d and compute the other primes p,q must not be easily derived from modulus N=p.q means must be sufficiently large typically guess and use probabilistic test exponents e, d are inverses, so use Inverse algorithm to compute the other (Euclid s algorithm) Louisiana State University 9- Public Key Algorithms- 39 RSA Security Three approaches to attacking RSA: brute force key search (infeasible given size of numbers) mathematical attacks (based on difficulty of computing ø(n), by factoring modulus N) timing attacks (on running of decryption) Louisiana State University 9- Public Key Algorithms- 40

Factoring Problem Mathematical approach takes 3 forms: factor N=p.q, hence find ø(n) and then d determine ø(n) directly and find d find d directly Currently believe all equivalent to factoring have seen slow improvements over the years as of Aug-99 best is 130 decimal digits (512) bit with GNFS biggest improvement comes from improved algorithm cf Quadratic Sieve to Generalized Number Field Sieve barring dramatic breakthrough 1024+ bit RSA secure ensure p, q of similar size and matching other constraints Louisiana State University 9- Public Key Algorithms- 41 Progress in Factorization Louisiana State University 9- Public Key Algorithms- 42

MIPS-year needed to Factor Louisiana State University 9- Public Key Algorithms- 43 Timing Attacks Developed in mid-1990 s Exploit timing variations in operations eg. multiplying by small vs large number or time varying which instructions executed Infer operand size based on time taken RSA exploits time taken in exponentiation Countermeasures use constant exponentiation time add random delays blind values used in calculations Louisiana State University 9- Public Key Algorithms- 44

Diffie-Hellman Key Exchange Shared key, public communication No authentication of partners What s involved? p is a prime (about 512 bits), and g < p p and g are publicly known Louisiana State University 9- Public Key Algorithms- 45 Diffie-Hellman Key Exchange Procedure Alice Bob pick secret S a randomly pick secret S b randomly compute T A =g Sa mod pcompute T B =g Sb mod p send T A to Bob send T B to Alice compute T Sa B mod p compute T Sb A mod p Alice and Bob reached the same secret g SaSb mod p, which is then used as the shared key. Louisiana State University 9- Public Key Algorithms- 46

DH Security - Discrete Logarithm Is Hard T = g s mod p Conjecture: given T, g, p, it is extremely hard to compute the value of s (discrete logarithm) Louisiana State University 9- Public Key Algorithms- 47 Diffie-Hellman Scheme Security factors Discrete logarithm very difficult. Shared key (the secret) itself never transmitted. Disadvantages: Expensive exponential operation DoS possible. The scheme itself cannot be used to encrypt anything it is for secret key establishment. No authentication, so you can not sign anything Louisiana State University 9- Public Key Algorithms- 48

Bucket Brigade Attack...Man In The Middle Alice Trudy Bob g Sa =123 g Sx =654 g Sb =255 123 --> 654 --> <--654 <--255 654 Sa =123 Sx 255 Sx =654 Sb Trudy plays Bob to Alice and Alice to Bob Louisiana State University 9- Public Key Algorithms- 49 Diffie-Hellman in Phone Book Mode DH was subject to active man-in-the-middle attack because their public key-component was intercepted and substituted Phone book mode allows everyone to generate the public key-component in advance and publish them through other reliable means, e.g. <T B > for bob All communicating parties agree on their common <g, p> Louisiana State University 9- Public Key Algorithms- 50

Encryption With Diffie-Hellman Everyone computes and publishes <p, g, T> T=g S mod p Alice communicates with Bob: Alice Picks a random secret S a Computes g b Sa mod p b Use K ab = T b Sa mod p b to encrypt message Send encrypted message along with g b Sa mod p b Bob (g b Sa ) Sb mod p b = (g b Sb ) Sa mod p b = T b Sa mod p b = K ab Use K ab to decrypt Louisiana State University 9- Public Key Algorithms- 51 Example Alice and Bob have chosen p=53 and g=17 Their private keys are S a =5 and S b =7 Their public keys are: T a =17 5 mod 53 = 40 and T b =17 7 mod 53 = 6 Suppose Bob wishes to send Alice a message Bob computes a shared secret key using Alice s public key and his private key: K ab = T S a b mod p = 40 7 mod 53 = 38 Send message encrypted with K ab Alice computes the key she shares with Bob: K ab = T b S a mod p = 6 5 mod 53 = 38 Decrypt message with K ab Louisiana State University 9- Public Key Algorithms- 52

Summary Public Key Cryptography? Public Key Cryptography Applications Modular arithmetic RSA Diffie-Hellman Key Exchange Louisiana State University 9- Public Key Algorithms- 53

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback