1 Public-Key Cryptography and Message Authentication

2 Public-Key Cryptography Principles The scheme has six ingredients –Plaintext –Encryption algorithm –Public and private key –Ciphertext –Decryption algorithm

3 Encryption using Public-Key system

4 Requirements for Public- Key Cryptography 1.Computationally easy for a party B to generate a pair (public key KUb, private key KR b ) 2.Easy for sender to generate ciphertext: 3.Easy for the receiver to decrypt ciphertext using private key:

5 Requirements for Public- Key Cryptography 4.Computationally infeasible to determine private key (KR b ) knowing public key (KU b ) 5.Computationally infeasible to recover message M, knowing KU b and ciphertext C 6.Either of the two keys can be used for encryption, with the other used for decryption:

6 Public-Key Cryptographic Algorithms RSA and Diffie-Hellman - Stanford RSA - Ron Rivest, Adi Shamir and Len Adleman at MIT, in –RSA is a block cipher –The most widely implemented Diffie-Hellman –Echange a secret key securely –Compute discrete logarithms

7 Private-Key Cryptography Traditional private/secret/single-key cryptography uses one key Shared by both sender and receiver If this key is disclosed communications are compromised Also is symmetric, parties are equal

8 Public-Key Cryptography Public-key/two-key/asymmetric cryptography involves the use of two keys: –A public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures –A private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures Is asymmetric because –Those who encrypt messages or verify signatures cannot decrypt messages or create signatures

9 Why Public-Key Cryptography? Developed to address two key issues: –Key distribution – how to have secure communications in general without having to trust a KDC with your key –Digital signatures – how to verify a message comes intact from the claimed sender

10 Public-Key Characteristics Public-key algorithms rely on two keys with the characteristics that it is: –Computationally infeasible to find decryption key knowing only algorithm & encryption key –Computationally easy to en/decrypt messages when the relevant (en/decrypt) key is known –Either of the two related keys can be used for encryption, with the other used for decryption (in some schemes)

11 Public-Key Cryptosystems

12 Security of Public Key Schemes Like private key schemes brute force exhaustive search attack is always theoretically possible But keys used are too large (>512bits) Security relies on a large enough difference in difficulty between easy (en/decrypt) and hard (cryptanalyse) problems Requires the use of very large numbers Hence is slow compared to private key schemes

13

14 RSA By rivest, shamir & adleman of MIT in 1977 Best known & widely used public-key scheme Based on exponentiation in a finite field over integers modulo a prime –Exponentiation takes o((log n) 3 ) operations (easy) Uses large integers (eg bits) Security due to cost of factoring large numbers

RSA Encryption/Decryption public key (e,n) Encryption convert message to number compute C = Me mod n convert C back to text 15

RSA Encryption/Decryption private key (d,n) Decryption onvert ciphertext to number compute M = Cd mod n convert M back to text require M < n 16

17 RSA Key Setup pick two large prime numbers p and q let n = pq pick another number e such that e is relatively prime to (p-1)(q-1) known as ø(n) compute d such that ed mod (p-1)(q-1) = 1 the pair (e,n) is the public key the pair (d,n) is the private key

18 RSA Use To encrypt a message M the sender: –Obtains public key of recipient ku={e,n} –Computes: c=m e mod N, where 0≤M<N To decrypt the ciphertext C the owner: – Uses their private key kr={d,p,q} –Computes: m=c d mod N Note that the message M must be smaller than the modulus N (block if needed)

19 RSA Example 1.Select primes: p=17 & q=11 2.Compute n = pq =17×11=187 3.Compute ø(n)=(p–1)(q-1)=16×10=160 4.Select e : choose e=7 5.Determine d : 1 = de mod 160 and d < 160 value is d=23 since 23×7=161= 1× Publish public key KU={7,187} 7.Keep secret private key KR={23,17,11}

20 RSA Example cont Sample RSA encryption/decryption is: Given message M = 88 Encryption: C = 88 7 mod 187 = 11 Decryption: M = mod 187 = 88