CS/COE 1501 Recitation RSA Encryption/Decryption Extended Euclidean Algorithm Digital Signatures

Say Alice wants to send a message to Bob 1.Looks up Bob’s public key 2.Convert the message into an integer: m 3.Compute the ciphertext c as: c = m e (mod n) 4.Send c to Bob RSA Encryption

Bob can simply: 1.Compute m as: 2.m = c d (mod n) 3.Convert m into Alice’s message RSA Decryption

What are public/private keys? How messages encrypted? How are messages decrypted? How are keys generated? Why is it secure? RSA Cryptosystem

What are public/private keys? Public Key = (e, n) Private Key = (d, n) How messages encrypted? c = m e (mod n) How are messages decrypted? m = c d (mod n) How are keys generated? RSA Cryptosystem

How are keys generated?

1. Choose two prime number p and q p=3, q=11 2. Compute n = p * q n=3*11=33 3. Compute φ(n) φ(n) = φ(p) * φ(q) = (p - 1) * (q - 1) φ(n)=(3-1)*(11-1)=20 4. Choose e such that 1 < e < φ(n), GCD(e, φ(n)) = 1 i.e., e and φ(n) are co-prime We can choose e=3, verify that 1<3< φ(n) =20, 3 and 20 are co- prime An Example

Encryption: c = m e (mod n) Decryption: m = c d (mod n) Public Key=(e,n)=(3,33) Private Key=(d,n)=(7,33) Alice said “hello” 7, 4, 11, 11, 14 Encrypt msg: 7 3 mod 33, 4 3 mod 33, 11 3 mod 33, 11 3 mod 33, 14 3 mod 33 Encrypted msg: 13, 31, 11, 11, 5 An Example

Encryption: c = m e (mod n) Decryption: m = c d (mod n) Public Key=(e,n)=(3,33) Private Key=(d,n)=(7,33) Bob receive 13, 31, 11, 11, 5 Decrypt msg: 13 7 mod 33, 31 7 mod 33, 11 7 mod 33, 11 7 mod 33, 5 7 mod 33 Decrypt msg: 7, 4, 11, 11, 14 -> ‘hello’ An Example

Challenges

d = e -1 mod(φ(n)) Means that d = 1/e mod(φ(n)) Means that e * d = 1 (mod φ(n)) Now, this can be equivalently stated as e * d = z * φ(n) + 1 For some z Can further restate this as: e * d - z * φ(n) = 1 Or similarly: 1 = φ(n) * (-z) + e * d How can we solve this? Hint: recall that we know GCD(φ(n), e) = 1 Determine d

GCD(a, b) = i = as + bt Let: a = φ(n) b = e s = -z t = d i = 1 GCD(φ(n), e) = 1 = φ(n) * (-z) + e * d We can compute d in linear time! Determine d

Extended Euclidean Algorithm

We know GCD(a,b)=GCD(b, a%b) Suppose we are computing the GCD(a,b) a*x + b*y = gcd Suppose we already know the GCD(b, a %b), and we find x 1 and y 1 b*x 1 +(a%b)*y 1 =gcd Associate the two formular a%b=a-(a/b)*b gcd= b*x 1 +(a-(a/b)*b)*y 1 = b*x 1 +a*y 1 -(a/b)*b*y 1 = a*y 1 +b*(x 1 -a/b*y 1 ) x=y 1 y=x 1 -a/b*y 1 Extended Euclidean Algorithm

public static int[] ExtendedEuclid(int a, int b) { int[] ans = new int[3]; int q; if (b == 0) { /* If b = 0, then we're done... */ ans[0] = a; ans[1] = 1; ans[2] = 0; } else { /* Otherwise, make a recursive function call */ q = a/b; ans = ExtendedEuclid (b, a % b); int temp = ans[1] - ans[2]*q; ans[1] = ans[2]; ans[2] = temp; } return ans; } Extended Euclidean Algorithm

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN

Extended Euclidean Algorithm

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Find the Bézout numbers and GCD of 99 and 78 Rowaba/ba%bdst NaN 310

Exercise

Hash Functions

For Crypto Hash Functions, Output Should Appear Random

Digital Signatures – Public Key Cryptography

Creating a Digital Signature

Digital Signatures Often Use Commutative Operations

Plaintext sent by sender

Digital Signatures Often Use Commutative Operations Plaintext sent by sender Cryptotext sent by sender using sender’s private key

Digital Signatures Often Use Commutative Operations Plaintext sent by sender Cryptotext sent by sender using sender’s private key Sender’s public key

Digital Signatures Often Use Commutative Operations Plaintext sent by sender Cryptotext sent by sender using sender’s private key Sender’s public key =

Digital Signatures Often Use Commutative Operations Plaintext sent by sender Cryptotext sent by sender using sender’s private key Sender’s public key = Plaintext recovered matches

Because Public-Key crypto can be computationally expensive, often the crypto operations are performed on the securely hashed version of the message rather than the original: Digital Signatures and Hashes

Because Public-Key crypto can be computationally expensive, often the crypto operations are performed on the securely hashed version of the message rather than the original: Digital Signatures and Hashes Received: HASH ALGORITHM

Because Public-Key crypto can be computationally expensive, often the crypto operations are performed on the securely hashed version of the message rather than the original: Digital Signatures and Hashes Received: HASH ALGORITHM

Because Public-Key crypto can be computationally expensive, often the crypto operations are performed on the securely hashed version of the message rather than the original: Digital Signatures and Hashes Received: HASH ALGORITHM Compute

Because Public-Key crypto can be computationally expensive, often the crypto operations are performed on the securely hashed version of the message rather than the original: Digital Signatures and Hashes Received: HASH ALGORITHM Compute =

Because Public-Key crypto can be computationally expensive, often the crypto operations are performed on the securely hashed version of the message rather than the original: Digital Signatures and Hashes Received: HASH ALGORITHM Compute = Match. Signature Verified.

Adam J. Lee’s slides from CS Acknowledgements