Public Key Algorithms

Similar documents
CSC 474/574 Information Systems Security

Overview. Public Key Algorithms I

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Public Key Algorithms

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Chapter 9. Public Key Cryptography, RSA And Key Management

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

Chapter 9 Public Key Cryptography. WANG YANG

Lecture 2 Applied Cryptography (Part 2)

Public Key Cryptography

Public Key Algorithms

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Encryption. INST 346, Section 0201 April 3, 2018

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Public-key encipherment concept

Kurose & Ross, Chapters (5 th ed.)

Module: Cryptographic Protocols. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security

The most important development from the work on public-key cryptography is the digital signature. Message authentication protects two parties who

CS 332 Computer Networks Security

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Lecture 6: Overview of Public-Key Cryptography and RSA

Network Security. Chapter 4 Public Key Cryptography. Public Key Cryptography (4) Public Key Cryptography

Public Key Cryptography

CS669 Network Security

LECTURE NOTES ON PUBLIC- KEY CRYPTOGRAPHY. (One-Way Functions and ElGamal System)

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

Number Theory and RSA Public-Key Encryption

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Lecture 6 - Cryptography

Public Key Cryptography and RSA

Chapter 3 Public Key Cryptography

Cryptography and Network Security. Sixth Edition by William Stallings

Public Key Cryptography and the RSA Cryptosystem

Public Key (asymmetric) Cryptography

CSC 8560 Computer Networks: Network Security

Introduction to Cryptography and Security Mechanisms: Unit 5. Public-Key Encryption

Introduction to Cryptography and Security Mechanisms. Abdul Hameed

Public Key Encryption. Modified by: Dr. Ramzi Saifan

CSC/ECE 774 Advanced Network Security

Channel Coding and Cryptography Part II: Introduction to Cryptography

Key Exchange. Secure Software Systems

Digital Signatures. Luke Anderson. 7 th April University Of Sydney.

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

CSE 127: Computer Security Cryptography. Kirill Levchenko

CS 6324: Information Security More Info on Key Establishment: RSA, DH & QKD

ASYMMETRIC CRYPTOGRAPHY

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

PUBLIC KEY CRYPTO. Anwitaman DATTA SCSE, NTU Singapore CX4024. CRYPTOGRAPHY & NETWORK SECURITY 2018, Anwitaman DATTA

CS 161 Computer Security

Part VI. Public-key cryptography

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security

CS Computer Networks 1: Authentication

Great Theoretical Ideas in Computer Science. Lecture 27: Cryptography

The Application of Elliptic Curves Cryptography in Embedded Systems

Cryptography Intro and RSA

Public-Key Cryptography

Side-Channel Attacks on RSA with CRT. Weakness of RSA Alexander Kozak Jared Vanderbeck

CSC 774 Network Security

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Ref:

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Lecture 20 Public key Crypto. Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides from Miller and Bailey s ECE 422

Topics. Number Theory Review. Public Key Cryptography

CS Network Security. Nasir Memon Polytechnic University Module 7 Public Key Cryptography. RSA.

Computer Security: Principles and Practice

LECTURE 4: Cryptography

Cryptographic Systems

Introduction to Cryptography Lecture 7

Cryptography V: Digital Signatures

Enhanced Asymmetric Public Key Cryptography based on Diffie-Hellman and RSA Algorithm

Uzzah and the Ark of the Covenant

Digital Signature. Raj Jain

What did we talk about last time? Public key cryptography A little number theory

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest

Chapter 7 Public Key Cryptography and Digital Signatures

Introduction to Cryptography Lecture 7

Other Topics in Cryptography. Truong Tuan Anh

Applied Cryptography and Computer Security CSE 664 Spring 2018

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security

Public-Key Cryptography

Computer Security 3/23/18

SECURITY IN NETWORKS

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Cryptography (Overview)

Lecture IV : Cryptography, Fundamentals

An overview and Cryptographic Challenges of RSA Bhawana

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Public-key Cryptography: Theory and Practice

Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1

RSA. Public Key CryptoSystem

CS408 Cryptography & Internet Security

Chapter 3. Principles of Public-Key Cryptosystems

Cryptography V: Digital Signatures

SECURITY IN NETWORKS 1

Security in Distributed Systems. Network Security

Transcription:

Public Key Algorithms 1

Public Key Algorithms It is necessary to know some number theory to really understand how and why public key algorithms work Most of the public key algorithms are based on modular arithmetic 2

Use of Public Key Cryptosystems Encryption/decryption Sender encrypts a message with the receiver s public key Only the receiver can decrypt the message Digital signature The sender signs a message with its private key Authentication and non-repudiation Key exchange Two sides cooperate to exchange a session key Secret key cryptosystems are often used with the session key 3

Modular Arithmetic Modular Addition Addition modulo (mod) n x mod n: the remainder of x when divided by n mod 10 addition 5+5 = 0 2+2 = 4 An additive inverse of x is the number that adds to x to get 0 4 s inverse (mod 10) is 6 Decrypt by adding inverse 4

Addition Modulo 10 5

Modular Multiplication Mod 10 multiplication table Multiplication by 1, 3, 7, 9 works as cipher Multiplicative inverse x -1 : y * x = 1 Use Euclid s Algorithm to find inverse 6

Totient Function x, m relative prime (rp) = no other common factor than 1 relatively prime prime (9 rp 10) totient function Φ(n): number of numbers less than n rp to n if n prime: {1, 2,, n-1}. Φ(n) = n-1 if n=p * q, p, q distinct prime => Φ(n) = (p-1)(q-1) 7

Modular Exponentiation (Exponentiation Modulo 10) 8

Modular Exponentiation Encryption: x 3 works, x 2 does not Exponential inverse y of x: (a x ) y = a Columns: 1=5, 2=6, 3=7 x y mod n = x( y mod Φ(n) ) mod n: the i th column is the same as the i+4 th column rp to 10 are {1, 3, 7, 9} Totient function Φ(n): number of numbers less than n relatively prime to n 9

RSA (Rivest, Shamir, Adleman) A very popular public key cryptographic algorithm Support public key encryption and digital signature Variable key length 512 bits, 1024 bits Variable plaintext block size Plaintext block must be smaller than the key length Ciphertext block size is the length of the key Ciphertext length = key length Much slower to compute than DES/IDEA Assumption/theoretical basis: Factoring a large number is practically impossible 10

RSA Algorithm To generate a public key and a corresponding private key Pick large primes p and q (around 256 bits) Let n=p*q (512 bits), factors p and q remain secret Public key: choose e that is relatively prime to ø(n) =(p- 1)(q-1), let pub = <e,n> Private key: find the number d that is the multiplicative inverse of e mod ø(n), i.e., e*d = 1 mod ø(n), let priv = <d,n> Encryption: of m < n, c = m e mod n Decryption: m = c d mod n Verification Sign: s = m d mod n Verify: m = s e mod n 11

RSA Example Bob chooses p=7, q=11. Then n=77, z= ø(n) =60. e=7 (so e, z relatively prime). d=43 (so ed-1 exactly divisible by z). encrypt: decrypt: m m e c = m e mod n 9 9 7 37 c c d m = c d mod n 37 37 43 9 12

Why Does RSA Work? Will decrypting an encrypted message get the original message back? Useful number theory result: If p,q prime and n = pq, then: y ymod (p-1)(q-1) x mod n = x mod n e (m mod n) d mod n = m ed mod n ed mod (p-1)(q-1) = m mod n (using number theory result above) 1 = m mod n (since we chose ed to be divisible by (p-1)(q-1) with remainder 1 ) = m 13

Why Does RSA Work? That is: will decrypting an encrypted message get the original message back? Given pub = <e, n> and priv = <d, n> n =p*q, ø(n) =(p-1)(q-1) de = 1 mod ø(n) For any x, x de = x mod n encryption: c = m e mod n decryption: m = c d mod n = m e d mod n = m mod n = m (since m < n) digital signature (similar) 14

Why is RSA Secure? Based on the Fundamental Tenet of Cryptography Factoring 512-bit number is very hard! If you can factor quickly, you can break RSA! But if you can factor big number n then given public key <e,n>, you can find d, hence the private key by: Knowing factors p, q, such that, n = p*q Then ø(n) =(p-1)(q-1) Then d such that e*d = 1 mod ø(n) 15

Diffie-Hellman Allows two individuals to agree on a shared key, public communication No authentication of partners Alice might be establishing a secret key with a bad guy What is involved? A large prime p, and g < p p and g are publicly known Alice and Bob choose random S A and S B, kept secret next slide.. 16

Diffie-Hellman Key Exchange Procedure Alice pick secret SA randomly compute TA=g S A mod p send TA to Bob compute TB S A mod p Bob pick secret SB randomly compute TB=g S B mod p send TB to Alice compute TA S B mod p Alice and Bob reached the same secret g S AS B mod p, which is then used as the shared key. not secure against bucket-brigade/man-in-the-middle attacks. 17

DH Security Discrete Logarithm is Hard T = g s mod p Given T, g, and p, it is computationally infeasible to compute the value of s (discrete logarithm) 18

The Bucket Brigade/Man-in-the-Middle Attack Mr. X plays Alice to Bob and Bob to Alice 19

Defense against Man-in-the-Middle Attack Diffie-Hellman in Phone Book Mode Have a somewhat permanent public and secret number Everyone has to agree on a common p and g Everyone generates the public key components and publish them through other reliable means, e.g., <Tb> for Bob Essential Requirement: authenticity of public key Authenticated Diffie-Hellman Alice and Bob know some sort of secret Use this secret to prove they generate their DH value Following DH exchange, transmit a hash of the agreed-upon shared DH value, name, and the pre-shared secret Following DH exchange, transmit a hash of the pre-shared secret and the DH value 20

Encryption with Diffie-Hellman To avoid the active exchange Everyone computes and publishes a public key <p, g, T> for the private key s T=g S mod p Alice communicates with Bob: Bob has published <p b, g b, T b > Alice Picks a random secret S a Computes g b Sa mod p b Use K ab = T b Sa mod p b (the encryption key) to encrypt message Send encrypted message along with g b Sa mod p b Bob (g b Sa ) Sb mod p b = (g b Sb ) Sa mod p b = T b Sa mod p b = K ab Use K ab to decrypt Essentially key distribution + encryption 21

Digital Signature Standard (DSS) By NIST Based on ElGamal Speeded up for signer rather than verifier: smart cards Use SHA-1 to generate the hash value and Digital Signature Algorithm (DSA) to generate the digital signature 22

DSS Algorithm 23

DSS Algorithm Calculate X -1 and d m 24

Why is DSA Secure? No revealing of the private key S Nobody should be able to generate a signature for a given message without knowing S Nobody should be able to generate a message that matches a given signature Nobody should be able to modify a signed message in a way that keeps the same signature valid Need a per-message secret number S m If S m is known, the private key S can be computed (X m S m d m )T m -1 mod q = S mod q (refer to step 6): the attacker can forge DSS signature If two messages share the same S m, the private key S can be revealed (X m X m ) -1 (d m -d m ) mod q = S m mod q (refer to step 6 ) => S m 25

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback