ONE WAY FUNCTIONS SECURITY PROTOCOLS CLASS PRESENTATION
INTRODUCTION A One - Way function is a function which is easy to compute but difficult to invert. Two conditions for function f - Easy to compute - Difficult to invert
INTRODUCTION A One - Way function is a function which is easy to compute but difficult to invert. Two conditions for function f - Easy to compute There exists a polynomial-time algorithm that on input x outputs f (x) - Difficult to invert Every probabilistic polynomial-time algorithm trying, on input y to find an inverse of y under f, may succeed only with negligible probability.
TYPES OF ONE - WAY FUNCTIONS Strong One - Way Functions: These are easy to compute and hard to invert functions. Any efficient algorithm has negligible success in inverting such functions. Weak One - Way Functions: These are easy to compute and slightly hard to invert functions. All efficient inverting algorithms fail to invert such functions with some non-negligible probability.
TYPES OF ONE - WAY FUNCTIONS Fixed Length One - Way functions Variable Length One - Way Functions
CANDIDATES OF ONE - WAY FUNCTIONS 1.Integer Factorization: The time required to factorize an integer N runs into a very high order dependent on the second biggest prime factor P of the given integer N. The function f mult = x. y which is the product of the integers x and y, can be computed in polynomial time. But assuming the intractability of factoring and the “density of primes “theorem it follows that f mult is at least weakly One - Way. Using more sophisticated arguments, it can be shown that f mult is strongly One - Way. 2.Decoding of Random Linear Codes
VARIATIONS OF ONE - WAY FUNCTIONS Universal One - Way Functions One - Way Functions as Collections –The RSA function –The Rabin function –Discrete Logarithms Trapdoor One - Way Functions Clawfree One - Way Functions
VARIATIONS OF ONE - WAY FUNCTIONS Universal One - Way Functions There exist One - Way functions if and only if there exists One - Way functions which can be evaluated by a quadratic time algorithm (the existence of such a specific time bound is important). Such One - Way functions are called Universal One - Way functions.
VARIATIONS OF ONE - WAY FUNCTIONS One - Way Functions as Collections Instead of viewing One - Way functions as functions operating on an infinite domain, infinite collections of functions each operating on a finite domain are considered. The functions in the collection share a single evaluating algorithm which when inputted a succinct representation of a function and an element in its domain return the value of the specified function at the given point. –The RSA function –The Rabin function –Discrete Logarithms
VARIATIONS OF ONE - WAY FUNCTIONS Trapdoor One - Way Functions These are collections of functions, {fi}, with the extra property that fi is efficiently inverted once given as auxiliary input a “trapdoor” for the index i. The trapdoor of index I, denoted by t(i), cannot be efficiently computed from i. e.g. the RSA trapdoor: The algorithm of the RSA collection is modified to output the index (N.e) and the trapdoor (N,d), where d = e -1 mod (P-1)*(Q-1). F RSA ((N,d), F RSA ((N,e),x)) = x ed mod N
VARIATIONS OF ONE - WAY FUNCTIONS Clawfree One - Way Functions A Clawfree collection of functions consists of a set of pairs of functions which are easy to evaluate, both have the same range, and yet it is infeasible to find a range element together with pre-images of it under each of these functions. E.g. the DLP Clawfree collection, the Factoring Clawfree collection
EXAMPLES OF ONE - WAY FUNCTIONS Hash Function A hash function H accepts a variable-size message M as input and outputs a fixed-size representation H(M) of M. RSA Function 1977 by Ron Rivest, Adi Shamir and L. Adleman
HASH FUNCTION - A Hash Value is generated by a function H of the form h = H(M), where M is the variable length message and h is the fixed length Hash Value. -This hash value is appended to the message at the source at a time when the message is assumed or known to be correct. -The receiver authenticates the message by recomputing the Hash value.
HASH FUNCTION… PROPERTIES -H can be applied to a block data of any size. -H produces a fixed-length output. -H(x) is relatively easy to compute for any given x. -For any given code h, it is computationally infeasible to find x such that H(x) = h -> ONE - WAY property. -For any given block x, it is computationally infeasible to find y≠x with H(y)=H(x) ->Weak Collision Resistance. -It is computationally infeasible to find any pair (x,y) such that H(x)=H(y)->Strong Collision Resistance.
RSA ENCRYPTION Steps: 1.The first task is to select n. n is normally very large (approx 200 digits) and is a product of two large primes p and q (typically 100 digits each). 2.Next a large integer e is chosen such that e is relatively prime to (p-1) * (q-1). e is usually picked as a prime larger than both (p-1) and (q-1). 3.Next d is selected such that: e * d = 1 mod (p-1) * (q-1) The message is then encrypted using the encryption formula mentioned above. e and d are called public and private exponents.
RSA ENCRYPTION… AN EXAMPLE 1.p = 11 and q = 13---both primes n = p*q = 143 and(p-1).(q-1) = Choose e such that it is relatively prime to (p-1).(q-1) Say e = d = e -1 mod (p-1) * (q-1) = 11. Let message to be encrypted be letter ‘H’ -> number 7 if we map A to Z from 0 to 25. Encryption:E(‘H’) = E(7) => 7 11 mod 143 = 106 Decryption:D(106)=> mod 143 = 7 => ‘H’
RSA ENCRYPTION… AN EXAMPLE C = M e mod nM = C d mod n Public key: (5,119)Private key: (77,119) 19 5 = = with remainder 119 of 66 Plain Text = = remainder of Plain Text 19 Cipher text