Page : 1 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Lecture-9 Public-Key Cryptography.

Slides:



Advertisements
Similar presentations
Public Key Algorithms …….. RAIT M. Chatterjee.
Advertisements

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Chapter 9 – Public Key Cryptography and RSA Private-Key Cryptography  traditional private/secret/single key cryptography uses one key  shared by both.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
Public Key Model 8. Cryptography part 2.
Andreas Steffen, , 4-PublicKey.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.
Prime Numbers Prime numbers only have divisors of 1 and self
Network and Communications Network Security Department of Computer Science Virginia Commonwealth University.
Midterm Review Cryptography & Network Security
Cryptography and Network Security (CS435) Part Eight (Key Management)
Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
1 Public-Key Cryptography and Message Authentication.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
Public key ciphers 2 Session 6.
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
Key Management Network Systems Security Mort Anvari.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
Information Security and Management 10. Other Public-key Cryptosystems Chih-Hung Wang Fall
Lecture 5 Asymmetric Cryptography. Private-Key Cryptography Traditional private/secret/single key cryptography uses one key Shared by both sender and.
Information Security Lab. Dept. of Computer Engineering 251/ 278 PART II Asymmetric Ciphers Key Management; Other CHAPTER 10 Key Management; Other Public.
Page : 1 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Lecture-5 Mathematical Background:
Page : 1 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Lecture-12 Public-Key Cryptography.
Page : 1 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Lecture-1 Overview and Introduction.
Page : 1 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Lecture-6 Ciphering and the.
Page : 1 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Tutorial-5 Theory of Secret-Key.
Page : 1 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Lecture-7 Secret-Key Ciphers.
Public-Key Cryptography ElGamal Public-Key Crypto-System
Cryptographic Protocols Secret sharing, Threshold Security
Rabin Lock and Public-Key Systems
Network Security Design Fundamentals Lecture-13
Public-Key Cryptography RSA Rivest-Shamir-Adelmann Public-Key System
DH Public-Key Exchange
Public Key Encryption and Digital Signatures
Design Problems (Open book)
Mobile Communications Mobile Security Fundamentals-3
Private-Key Cryptography
ElGamal Public-Key Systems over GF(p) & GF(2m)
ICS 353: Design and Analysis of Algorithms
Key Management Network Systems Security
CSCE 715: Network Systems Security
Cryptology Design Fundamentals
Cryptology Design Fundamentals
Cryptology Design Fundamentals
Cryptology Design Fundamentals
Cryptology Design Fundamentals
Cryptology Design Fundamentals
Cryptology Design Fundamentals
Cryptology Design Fundamentals
Cryptology Design Fundamentals
Introduction to Cryptography
Cryptology Design Fundamentals
Cryptology System Design Fundamentals
Cryptographic Protocols Secret Sharing, Threshold Security
Network Security Design Fundamentals Lecture-13
Network Security Tutorial-16 Design Fundamentals PGP ET-IDA-082
Network Security Tutorial-16 Design Fundamentals PGP ET-IDA-082
Diffie-Hellman Algorithm
Cryptology Design Fundamentals
Public-Key Cryptography Quadratic Residues and „Rabin Lock“
Presentation transcript:

Page : 1 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Lecture-9 Public-Key Cryptography Diffie-Hellman Public-Key Exchange System Network Security Design Fundamentals ET-IDA , v25 Prof. W. Adi

Page : 2 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Historical Overview Historical Overview Public Key Principle Public Key Principle DH Public Key Exchange DH Public Key Exchange Lecture Outlines

Page : 3 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Historical Public-Key Breakthrough in Cryptography Breakthrouh in Comunication 1949 Shannon (AT&T) 1948 'A Mathematical Theory of Communication‚ Shannon (AT&T) 1949 'Communication Theory of Secrecy Systems‘ Shannon’s Breakthrough in Communication: Error-free transmission is possible on noisy channels! C= B log 2 (1 + S/N) One unbreakable System is known !! (Vernam) Breakthrough to Modern Cryptology 1976 Diffie and Hellman 1976 Public key Cryptography (Stanford University) Diffie Hellman ‘s Breakthrough in Cryptography: Secured transmission is possible on unsecured channels without any secret agreement ! (No unbrakable system is known!!!! Any new Breakthrough expected or example a non-breakable public key system? !

Page : 4 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Key Idea of Public Key Systems: Using two different keys! K-secret K-public Two major schemes in Public Key Cryptography: Diffie-Hellman key exchange scheme RSA public key secrecy system - Open and close with different keys!! - No Secret Key Agreement required Conventional Secret Key Systems K-open = K-close (Symmetric System) -Open and close with the same key which has to be agreed secretly !! K-open  K-close (Asymmetric System)

Page : 5 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Y = E (Z,X) Channel Message Sender Receiver Message X E ( Z,X ) D ( Z,Y ) X Conventional Cryptographic Systems till 1976 Ciphering De-Ciphering Secret Key = Z Z Secret Key Channel Z Public-Key system drops out that secret key- agreement completely Is secret key exchange a big problem? Secret Key exchange technique is not defined in such systems:

Page : 6 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Why Public-Key Cryptography ? Question: How many secret-keys needed to be exchanged in order to set up a system of n-users? key-exchanges for 5 users n... n (n-1) keys for n users 2 For users we need 50 million key-exchanges !

Page : 7 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 The Solution was Public-Key Cryptography Breakthrough in 1976 by Diffie and Hellman Cryptogram = Y Message Sender Receiver Message X E( Z e, X ) D( Z d, Y ) X Ciphering De-Ciphering Public Directory Public Open Agreement No Prior Secret Communication ! Replace secret agreement by A public register

Page : 8 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 SENDER RECEIVER Secret Key Crypto-System : mechanical Simulation Message Z Lock Z Key = Z Secret key agreement Key = Z Message Essential Initialization Process

Page : 9 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Public-Key Cryptography First introduced by Diffie and Hellman 1976 (Stanford University) Key Revolutionary Idea: no need for any prior secret agreement In order to communicate securely 2. Any two users start open negotiations resulting with a shared secret ! K-public K-secret 1. Every user generates two keys: Could that work securely ? The answer is yes under some assumptions! Diffie and Hellmann showed 1976 for the first time that it is possible to share secrets without prior secret agreement (as we conventionally do in sharing secret keys) HOW ?

Page : 10 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Public-Key Cryptography Breakthrough 1976 Diffie-Hellman proposed mechanism Shared Secret without exchange of secrets “Mechanical simulation” AB ! Same thing ! Shared Secret SHIELD (open agreement) Secret key-A Secret key-B K-public-B Open Register K-public-A injection

Page : 11 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Key idea: by using the so called One-way Functions (OWF) SHIELD = One Way Function 6 How: 2 6 mod 11 = 9 How to “ publicly ” hide (shield) a secret ? Log 2 [ 2 6 mod 11 = 9 ] 6 = log 2 9 (mod 11) Discrete logarithm cmputation is still not known! (claim: no proof! : No efficient algorithm is known to compute the secret “6” as log 2 9 modulo 11 ! Secretshielded secret Diffie-Hellmann used a One-Way function: All computations in Z p = GF(p) a finite Ring Z p = GF(p) 9

Page : 12 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Open Agreement and Register Shielding function is : y = (5 x ) mod 7 Example for Diffie-Hellman key exchange scheme 1976 Widely use in internet and banking... AB ! same thing ! Z = 6 Shield Secret key-A= 3 Secret key-B= K-open-A= = 6 K-open-B= = ( )

Page : 13 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Conventional Diffie-Hellman Public Key Distribution System User A User B x a = secret key of A xbxb [ y a ]  primitive element in GF(p) y a =  Xa public key of A y b =  Xb public key of B x b = secret key of B in Z p B, Open Directory Shared Secret: Z AB =  x a x b  in Z p yaya ybyb xaxa [ y b ] A, Z AB = x a x b  Z AB =

Page : 14 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Example: A public key exchange system is setup according to Diffie-Hellman key exchange scheme with y = 7 X mod 23 1.Compute the public keys Y A, Y B of users A and B if their secret keys are X A =5 and X B =4 respectively. 2.Compute the common shared secret Z AB between users A and B according to Diffie- Hellman key exchange scheme Solution two-way exchange : Secret Key X A = 5 Secret Key X B = 4 Public key for user A is : Y A = 7 5 mod 23 = 17 Z AB = 9 5 mod 23 = 8 Public key for user B is : Y B = 7 4 mod 23 = 9 Z AB = 17 4 mod 23 = 8 Common Secret is = 8

Page : 15 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Examples of “still claimed” as One-way Functions (OWF) Other One-Way Functions (Locks) from Number Theory a x mod p a x Y=a x ? Y a x=log a Y p.q p q m=p.q ? m p q X 2 mod m X m=p.q Y=X 2  Y=? mod m Y X m Discrete log Problem (DH Lock) Factorization Problem (RSA Lock) Factorization Problem (Rabin Lock) All are unproved claims! Locking Un-Locking

Page : 16 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Practical Use Cases of “Diffie-Hellman-Lock” In Public-Key Systems 1- SEEK: Key exchange System 2- Authenticated Public Key Distribution System 3- Two-Way Authenticated Public Key Distribution System Three application scenarios: - Many other scenarios ….

Page : 17 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 “SEEK” Secure Electronic Exchange of Keys A Public-Key Secrecy System Based on Diffie Hellman Key exchange Scheme [SEEK (Omura) cryptosystem 1985] User A User B If gcd(Z, q-1) = 1 then Z is adopted as a suitable key [ the inverse of Z is D = Z -1 (mod q -1) ] Z M Z M D Z M ( ) = M Step 1: Key agreement Step 2: Data Encryption and Decryption by Exponentiation in GF(q) shared secret key =Z 1 E a = secret key EaEa   EaEa EaEa  Z = ( ) = EbEb E a E b   2 EbEb E b = secret key  EbEb EbEb  Z = ( ) = EaEa E b E a  Arithmetic in GF(q)  = primitive element in GF(q) Open Directory

Page : 18 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Two-Way Authenticated Public Key Distribution System Based on Diffie-Hellman Scheme (Alexandris, Burmester, Chrissikopoulos, Desmedt,1993) User A User B x a = secret key of A r 1 = random in Z p-1 E a = ( r 1 - x a ) in Z p-1 A,  Ea EaEa [ y a.  ] r 1 r 2  primitive element in GF(p) y a =  Xa public key of A y b =  Xb public key of B x b = secret key of B r 2 = random in Z p-1 E b = (r 2 - x b ) in Z p-1 r2r2 EbEb [ y b.  ] r1r1 [ .  ] =  r 1 - x a r2r2 xaxa r 1 r 2 [ .  ] =  r 2 -x b r1r1 xbxb in Z p B,  Eb Open Directory Shared Secret: Z AB

Page : 19 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Two-Way Authenticated Public Key Distribution System Based on Diffie-Hellman-Hughs Scheme User A User B x a = secret key of A Z =  Xa  : as primitive element in GF(p) r = random in Z p-1 such that: gcd( p-1, r ) = 1 Compute r -1 in Z p-1 [Y 2 ] = [  r. Xa ] =  Xa = Z Y 2 =[ Y 1 ] Xa =  r. Xa Y 1 =  r Y2Y2 r -1 User A can enforce a certain key value Z ! Open Directory

Page : 20 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Security of Diffie-Hellman (DH) Public Key Exchange System Security considerations and few known facts: 1.Based on the claim that the discrete logarithm is not efficiently computable 2.A primitive element  from GF(p) or GF(2 m ) is used to make exhaustive search algorithms infeasible. If y =  I, only y and  are known. To break the system we need to find i. To find i, the powers  t are computed in the given GF until y =  t, then i=t. A maximum of p-1 or 2 m -1 cycles are required to find t [the order of  (as a primitive element) is p-1 in GF(p) or 2 m -1.in GF(2 m )]. Therefore p is selected as 1000 to 4000 bit prime or m> 1000 to attain a good security level. 3.Caution: There is no evidence that no efficient algorithms can be found to break the system. 4.(p-1) should have large prime factor to make the discrete logarithm computation infeasible (p is called then a strong prime ).

Page : 21 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Design Summary for Diffie-Hellman (DH) Public Key Exchange System Diffie-Hellman (DH) Public Key Exchange System A possible design procedure for GF(p) is: 1.Select a strong prime number p such that p-1 = 2 q where q is a prime. A possible procedure is to use Pocklington’s Theorem to find such a prime: - Select N = 2q + 1 where q is a large prime Check if the resulting N is prime according to Pocklington’s theorem - If N is prime, take p=N and generate GF(p) 2.Find a primitive element  in GF(p) by selecting any non-zero random value and checking if its order is p-1. The order of any element in GF(p) is a divisor of p-1=2q. That is the order can be either 1, 2, q or 2q. If  2  1 and  q  1 then the order of  is 2q and  is a primitive element. Repeat 3 until you get a primitive element. 3. Publish GF(p) and  in a public directory. The system is ready for use.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.