CS669 Network Security

Similar documents
Public Key Encryption. Modified by: Dr. Ramzi Saifan

Cryptography and Network Security. Sixth Edition by William Stallings

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Chapter 3 Public Key Cryptography

Public Key Cryptography

Public Key Algorithms

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest

Public Key Cryptography and RSA

Overview. Public Key Algorithms I

Lecture 2 Applied Cryptography (Part 2)

Public Key Algorithms

Chapter 3. Principles of Public-Key Cryptosystems

1. Diffie-Hellman Key Exchange

CS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES

Number Theory and RSA Public-Key Encryption

Lecture 6: Overview of Public-Key Cryptography and RSA

Chapter 9. Public Key Cryptography, RSA And Key Management

ASYMMETRIC CRYPTOGRAPHY

CSC 474/574 Information Systems Security

Chapter 9 Public Key Cryptography. WANG YANG

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Applied Cryptography and Computer Security CSE 664 Spring 2018

CPSC 467b: Cryptography and Computer Security

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 6 Introduction to Public-Key Cryptography

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Side-Channel Attacks on RSA with CRT. Weakness of RSA Alexander Kozak Jared Vanderbeck

Public Key Cryptography

Applied Cryptography and Network Security

Public Key Algorithms

CS Network Security. Nasir Memon Polytechnic University Module 7 Public Key Cryptography. RSA.

Keywords Security, Cryptanalysis, RSA algorithm, Timing Attack

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

RSA (algorithm) History

Cryptography and Network Security

10.1 Introduction 10.2 Asymmetric-Key Cryptography Asymmetric-Key Cryptography 10.3 RSA Cryptosystem

RSA (material drawn from Avi Kak Lecture 12, Lecture Notes on "Computer and Network Security" Used in asymmetric crypto.

Channel Coding and Cryptography Part II: Introduction to Cryptography

Public-key encipherment concept

ECE 646 Fall 2009 Final Exam December 15, Multiple-choice test

What did we talk about last time? Public key cryptography A little number theory

Chapter 7 Public Key Cryptography and Digital Signatures

Computer Security: Principles and Practice

A SIGNATURE ALGORITHM BASED ON DLP AND COMPUTING SQUARE ROOTS

An overview and Cryptographic Challenges of RSA Bhawana

Key Management and Distribution

Computer Security 3/23/18

Cryptography and Network Security Chapter 10. Fourth Edition by William Stallings

Crypto Basics. Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

RSA (Rivest Shamir Adleman) public key cryptosystem: Key generation: Pick two large prime Ô Õ ¾ numbers È.

Study Guide to Mideterm Exam

Kurose & Ross, Chapters (5 th ed.)

RSA (Rivest Shamir Adleman) public key cryptosystem: Key generation: Pick two large prime Ô Õ ¾ numbers È.

Introduction to Cryptography and Security Mechanisms: Unit 5. Public-Key Encryption

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

Key Exchange. Secure Software Systems

RSA. Public Key CryptoSystem

Some Stuff About Crypto

UNIT III 3.1DISCRETE LOGARITHMS

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

Cryptography and Network Security

STUDY AND IMPLEMENTATION OF CRYPTOGRAPHIC ALGORITHMS

Network Security. Chapter 4 Public Key Cryptography. Public Key Cryptography (4) Public Key Cryptography

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

4 PKI Public Key Infrastructure

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

Algorithms (III) Yu Yu. Shanghai Jiaotong University

Public Key Cryptography and the RSA Cryptosystem

Algorithms (III) Yijia Chen Shanghai Jiaotong University

Public Key Encryption

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Davenport University ITS Lunch and Learn February 2, 2012 Sneden Center Meeting Hall Presented by: Scott Radtke

Cryptographic Techniques. Information Technologies for IPR Protections 2003/11/12 R107, CSIE Building

Lecture Notes, CSE 232, Fall 2014 Semester

Introduction to Cryptography and Security Mechanisms. Abdul Hameed

Algorithms (III) Yijia Chen Shanghai Jiaotong University

Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Other Systems Using Timing Attacks. Paul C. Kocher? EXTENDED ABSTRACT (7 December 1995)

(a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography

Algorithmic number theory Cryptographic hardness assumptions. Table of contents

Encryption. INST 346, Section 0201 April 3, 2018

Part VI. Public-key cryptography

PUBLIC KEY CRYPTO. Anwitaman DATTA SCSE, NTU Singapore CX4024. CRYPTOGRAPHY & NETWORK SECURITY 2018, Anwitaman DATTA

Secure Multiparty Computation

- 0 - CryptoLib: Cryptography in Software John B. Lacy 1 Donald P. Mitchell 2 William M. Schell 3 AT&T Bell Laboratories ABSTRACT

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security

CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK

Tuesday, January 17, 17. Crypto - mini lecture 1

KALASALINGAM UNIVERSITY

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

Great Theoretical Ideas in Computer Science. Lecture 27: Cryptography

Digests Requirements MAC Hash function Security of Hash and MAC Birthday Attack MD5 SHA RIPEMD Digital Signature Standard Proof of DSS

LECTURE 4: Cryptography

CS 161 Computer Security

Public-Key Cryptography

ENHANCEMENT ON IMPLEMENTATION OF MULTI-PRIME AND MULTI-POWER RSA ALGORITHM

The most important development from the work on public-key cryptography is the digital signature. Message authentication protects two parties who

Transcription:

UNIT II PUBLIC KEY ENCRYPTION Uniqueness Number Theory concepts Primality Modular Arithmetic Fermet & Euler Theorem Euclid Algorithm RSA Elliptic Curve Cryptography Diffie Hellman Key Exchange Uniqueness TBD Number Theory concepts Divisibility and The Division Algorithm Divisibility We say that a nonzero b divides a if a = mb for some m, where a, b and m are integers. That is, b divides a, if there is no remainder on division. The notation b a is commonly used to mean b divides a. If b a, we say that b is a divisor of a. Properties of divisibility for integers The Division Algorithm Given any positive integer n and any nonnegative integer a, if we divide a by n, we get an integer quotient q and an integer remainder r that obey the following relationship: The remainder r is often referred to as a residue MTech CSE (PT, 2011-14) SRM, Ramapuram 1 hcr:innovationcse@gg

Primality Prime Numbers An integer p > 1 is prime number, if its divisors are +/- 1 and +/1 p Any non negative integer a > 1 can be factored in the form as where p1 < p2 <... < pt are prime numbers and where each a is a positive integer. This is known as the fundamental theorem of arithmetic Examples: 91 = 7 x 13, 3600 = 24 x 32 x 52 Miller-Rabin Algorithm also known as Rabin-Miller algorithm, or the Rabin-Miller test, or the Miller-Rabin test typically used to test a large number for primality Two Properties of Prime Numbers If p is prime and a is a positive integer less than p, then a 2 mod p = 1, if and only if either a mod p = 1 or a mod p = -1 mod p = p 1 Let p be a prime number greater than 2. We can then write p - 1 = 2 k q with k > 0, q odd Algorithm Chinese Remainder Theorem the CRT says it is possible to reconstruct integers in a certain range from their residues modulo a set of pairwise relatively prime moduli Formula Relatively Prime Two integers are relatively prime, if their only common positive integer factor is 1 Example: 8, 15 are relatively prime because positive divisors of 8 are 1, 2, 4, 8. Positive divisors of 15 are 1, 3, 5, 15. Common positive factor = 1 MTech CSE (PT, 2011-14) SRM, Ramapuram 2 hcr:innovationcse@gg

Modular Arithmetic The Modulus Properties of Congruences Modular Arithmetic Operations Examples MTech CSE (PT, 2011-14) SRM, Ramapuram 3 hcr:innovationcse@gg

Properties of Modular Arithmetic reducing k modulo n. Finding the smallest nonnegative integer to which k is congruent modulo n Properties of Modular Arithmetic for Integers in Zn MTech CSE (PT, 2011-14) SRM, Ramapuram 4 hcr:innovationcse@gg

Fermet & Euler Theorem play important roles in public-key cryptography Fermat s Theorem If p is prime and a is a positive integer not divisible by p, then Proof: Consider the set of positive integers less than p: {1, 2, 3,, p-1} Multiply each element by a, modulo p to get the set o X = {a mod p, 2a mod p,... (p - 1)a mod p} None of the elements of X is equal to zero because p does not divide a Therefore, we know that the (p - 1) elements of X are all positive integers with no two elements equal We can conclude the X consists of the set of integers {1, 2,..., p - 1} in some order Multiplying the numbers in both sets (p and X) and taking the result mod p yields We can cancel the (p -1)! term because it is relatively prime to p, which prooves the theorem Example: An alternative form of Fermat s theorem If p is prime and a is a positive integer, then Euler s Theorem Euler s totient function (ɸ (n)) the number of positive integers less than n and relatively prime to n. ɸ (1) = 1 for a prime number p, ɸ (p) = p - 1 for two prime numbers where p # q, MTech CSE (PT, 2011-14) SRM, Ramapuram 5 hcr:innovationcse@gg

Euler s Theorem for every a and n that are relatively prime alternative form Proof: Consider the set of positive integers less thann that are relatively prime to n, labeled as MTech CSE (PT, 2011-14) SRM, Ramapuram 6 hcr:innovationcse@gg

The Euclidean Algorithm Simple procedure for determining the greatest common divisor of two positive integers. Two integers are relatively prime if their only common positive integer factor is 1 Greatest Common Divisor largest integer that divides both a and b gcd(0, 0) = 0. the positive integer c is said to be the greatest common divisor of a and b if 1. c is a divisor of a and of b 2. Any divisor of a and b is a divisor of c a and b are relatively prime if gcd(a, b) = 1 Example: 8 and 15 are relatively prime because the positive divisors of 8 are 1, 2, 4, and 8, and the positive divisors of 15 are 1, 3, 5, and 15. So 1 is the only integer on both lists. Steps Example MTech CSE (PT, 2011-14) SRM, Ramapuram 7 hcr:innovationcse@gg

Euclidean Algorithm Revisited For any nonnegative integer a and any positive integer b, gcd(a, b) = gcd (b, a mod b) o Example: gcd(55, 22) = gcd(22, 55 mod 22) = gcd(22, 11) = 11 Recursive function. Euclid(a,b) if (b=0) then return a; else return Euclid(b, a mod b); The Extended Euclidean Algorithm calculate the greatest common divisor but also two additional integers and that satisfy the following equation x and y will have opposite signs we can rearrange terms to write MTech CSE (PT, 2011-14) SRM, Ramapuram 8 hcr:innovationcse@gg

Public Key Cryptography Principles of Public-Key Cryptosystems Public-Key Cryptosystems Applications for Public-Key Cryptosystems Requirements for Public-Key Cryptography Public-Key Cryptanalysis Public-Key Cryptosystems Introduction The concept evolved from an attempt to attack two of the most difficult problems associated with symmetric encryption o Key Distribution o The Digital Signatures Called as Asymmetric Cryptography Asymmetric algorithms make use of one key for encryption, another for decryption Characteristics of Asymmetric algorithms It is computationally infeasible to determine the decryption key given only knowledge of the cryptographic algorithm and the encryption key Either of the two related keys can be used for encryption, with the other used for decryption Public-Key Cryptography Six Ingredients Plaintext: This is the readable message or data that is fed into the algorithm as input. Encryption algorithm: The encryption algorithm performs various transformations on the plaintext. Public and private keys: This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption. The exact transformations performed by the algorithm depend on the public or private key that is provided as input. Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the key. For a given message, two different keys will produce two different ciphertexts. Decryption algorithm: This algorithm accepts the ciphertext and the matching key and produces the original plaintext. Encryption MTech CSE (PT, 2011-14) SRM, Ramapuram 9 hcr:innovationcse@gg

Authentication Comparison with Symmetric Key Encryption Conventional Encryption Needed to Work 1. The same algorithm with the same key is used for encryption and decryption. 2. The sender and receiver must share the algorithm and the key. Needed for Security: 1. The key must be kept secret. 2. It must be impossible or at least impractical to decipher a message if no other information is available. 3. Knowledge of the algorithm plus samples of ciphertext must be insufficient to determine the key. Public-Key Encryption Needed to Work 1. One algorithm is used for encryption and decryption with a pair of keys, one for encryption and one for decryption. 2. The sender and receiver must each have one of the matched pair of keys (not the same one). Needed for Security: 1. One of the two keys must be kept secret. 2. It must be impossible or at least impractical to decipher a message if no other information is available. 3. Knowledge of the algorithm plus one of the keys plus samples of ciphertext must be insufficient to determine the other key. Public-Key Cryptosystem: Secrecy MTech CSE (PT, 2011-14) SRM, Ramapuram 10 hcr:innovationcse@gg

Public-Key Cryptosystem: Authentication Public-Key Cryptosystem: Authentication and Secrecy Applications for Public-Key Cryptosystems Encryption/decryption The sender encrypts a message with the recipient's public key. Digital signature The sender "signs" a message with its private key. Signing is achieved by a cryptographic algorithm applied to the message or to a small block of data that is a function of the message. Key exchange Two sides cooperate to exchange a session key. Several different approaches are possible, involving the private key(s) of one or both parties. MTech CSE (PT, 2011-14) SRM, Ramapuram 11 hcr:innovationcse@gg

Applications for Public-Key Cryptosystems Algorithm Encryption/Decryption Digital Signature Key Exchange RSA Yes Yes Yes Elliptic Curve Yes Yes Yes Diffie-Hellman No No Yes DSS No Yes No Requirements for Public-Key Cryptography 1. It is computationally easy for a party B to generate a pair (public key PUb, private key PRb). 2. It is computationally easy for a sender A, knowing the public key and the message to be encrypted, M, to generate the corresponding ciphertext C = E(PUb, M) 3. It is computationally easy for the receiver B to decrypt the resulting ciphertext using the private key to recover the original message M = D(PRb, C) = D[PRb, E(PUb, M)] 4. It is computationally infeasible for an adversary, knowing the public key, PUb, to determine the private key, PRb. 5. It is computationally infeasible for an adversary, knowing the public key, PUb, and a ciphertext, C, to recover the original message, M. 6. The two keys can be applied in either order: M = D[PUb, E(PRb, M)] = D[PRb, E(PUb, M)] Public-Key Cryptanalysis Three types of attacks Brute force Deducing the private key Probale message attack Brute force public-key encryption scheme is vulnerable to a brute-force attack countermeasure is to use large keys Public-key systems depend on the use of some sort of invertible mathematical function the key size must be large enough to make brute-force attack impractical but small enough for practical encryption and decryption Deducing the private key find some way to compute the private key given the public key So far, not been mathematically proven that this is infeasible for a particular public-key algorithm Not been successful till date Probale message attack peculiar to public-key systems Suppose, for example, that a message were to be sent that consisted solely of a 56-bit DES key. An adversary could encrypt all possible 56-bit DES keys using the public key and could discover the encrypted key by matching the transmitted ciphertext. Thus, no matter how large the key size of the public-key scheme, the attack is reduced to a brute-force attack on a 56-bit key. This attack can be thwarted by appending some random bits to such simple messages MTech CSE (PT, 2011-14) SRM, Ramapuram 12 hcr:innovationcse@gg

Rivest-Shamir-Adleman (RSA) Algorithm block cipher in which the plaintext and ciphertext are integers between 0 and n - 1 for some n. A typical size for n is 1024 bits, or 309 decimal digits public-key encryption algorithm with a public key of PU = {e, n} and a private key of PR = {d, n}. Key Generation Encryption Decryption Example of RSA Algorithm MTech CSE (PT, 2011-14) SRM, Ramapuram 13 hcr:innovationcse@gg

Encryption Decryption The Security of RSA Four possible approaches to attacking the RSA algorithm are as follows: Brute force This involves trying all possible private keys. The defense is to use a large key space the larger the number of bits in e and d, the better the larger the size of the key, the slower the system will run Mathematical attacks There are several approaches, all equivalent in effort to factoring the product of two primes. Timing attacks These depend on the running time of the decryption algorithm. Chosen ciphertext attacks This type of attack exploits properties of the RSA algorithm. Mathematical Attacks Three approaches to attacking RSA mathematically: MTech CSE (PT, 2011-14) SRM, Ramapuram 14 hcr:innovationcse@gg

To avoid values of n that may be factored more easily, the algorithm s inventors suggest the following constraints on p and q. if e < n and d < n 1/4, then d can be easily determined Timing Attack This attack is alarming for two reasons: o It comes from a completely unexpected direction o it is a ciphertext-only attack A timing attack is somewhat analogous to a burglar guessing the combination of a safe by observing how long it takes for someone to turn the dial from number to number. We can explain the attack using the modular exponentiation algorithm modular exponentiation is accomplished bit by bit, with one modular multiplication performed at each iteration and an additional modular multiplication performed for each 1 bit Working of this attack The attack proceeds bit-by-bit starting with the leftmost bit, b k Suppose that the first j bits are known For a given ciphertext, the attacker can complete the first j iterations of the for loop. The operation of the subsequent step depends on the unknown exponent bit. if the observed time to execute the decryption algorithm is always slow when this particular iteration is slow with a 1 bit, then this bit is assumed to be 1. If a number of observed execution times for the entire algorithm are fast, then this bit is assumed to be 0 Methods to overcome timing attacks Constant exponentiation time Ensure that all exponentiations take the same amount of time before returning a result. This is a simple fix but does degrade performance Random delay Better performance could be achieved by adding a random delay to the exponentiation algorithm to confuse the timing attack. Blinding Multiply the ciphertext by a random number before performing exponentiation. This process prevents the attacker from knowing what ciphertext bits are being processed inside the computer and therefore prevents the bit-by-bit analysis essential to the timing attack MTech CSE (PT, 2011-14) SRM, Ramapuram 15 hcr:innovationcse@gg

Elliptic Curve Cryptography (Skip) Abelian Groups {G,.} An elliptic curve is defined by an equation in two variables with coefficients. Elliptic Curves over Real Numbers equations for elliptic curves take the form, known as a Weierstrass equation single element denoted O and called the point at infinity or the zero point To plot such a curve, we need to compute MTech CSE (PT, 2011-14) SRM, Ramapuram 16 hcr:innovationcse@gg

Diffie Hellman Key Exchange The purpose of the algorithm is to enable two users to securely exchange a key that can then be used for subsequent encryption of messages The Algorithm Suppose the users A and B wish to exchange a key. User A selects a random integer Xa < q and computes Ya = Similarly, user B independently selects a random integer Xb < q and computes Yb = Each side keeps the X value private and makes the Y value available publicly to the other side. User A computes the key as User B computes the key as These two calculations produce identical results Proof by the rules of modular arithmetic The result is that the two sides have exchanged a secret value The Diffie-Hellman Key Exchange Algorithm Global Public Elements User A Key Generation User B Key Generation Calculation of Secret Key by User A Calculation of Secret Key by User B MTech CSE (PT, 2011-14) SRM, Ramapuram 17 hcr:innovationcse@gg

Diffie-Hellman Key Exchange Example Key exchange is based on the use of the prime number q = 353 and a primitive root of 353, alpha = 3 A and B select secret keys X A = 97 and X B = 233, respectively. Each computes its public key: A computes Y A = 3 97 mod 353 = 40; B computes Y B = 3 233 mod 353 = 248 After they exchange public keys, each can compute the common secret key: A computes K = (Y B ) XA mod 353 = 24897 mod 353 =160. B computes K = (Y A ) XB mod 353 = 40233 mod 353 = 160. Man-in-the-Middle Attack Suppose Alice and Bob wish to exchange keys, and Darth is the adversary. The attack proceeds as follows: At this point, Bob and Alice think that they share a secret key, but instead Bob and Darth share secret key K1 and Alice and Darth share secret key K2. All future communication between Bob and Alice is compromised in the following way. Disclaimer Intended for educational purposes only. Not intended for any sort of commercial use Purely created to help students with limited preparation time Text and picture used were taken from the reference items Reference Cryptography and Network Security, Fourth Edition William Stallings Credits Thanks to my family members who supported me, while I spent considerable amount of time to prepare these notes. Feedback is always welcome at GHCRajan@gmail.com MTech CSE (PT, 2011-14) SRM, Ramapuram 18 hcr:innovationcse@gg

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback