Lecture 3.1: Public Key Cryptography I CS 436/636/736 Spring 2012 Nitesh Saxena

Course Administration HW1 posted – due at 11am on Feb 06 – Any questions? Regarding programming portion of the homework – Submit the whole modified code that you used to measure timings – Comment the portions in the code where you modified the code Include a small “readme” for us to understand this 2

Course Administration No class this Thursday (Jan 26) – Giving an invited colloquium seminar in the Computer Science Department at Brown University – However, this will not affect our overall course schedule and topic coverage No office hour on Thursday – Moved to Tuesday 4-5pm 3

Outline of Today’s Lecture Public Key Crypto Overview Some Number Theory 4

Recall: Private Key/Public Key Cryptography Private Key: Sender and receiver share a common (private) key – Encryption and Decryption is done using the private key – Also called conventional/shared-key/single-key/ symmetric-key cryptography Public Key: Every user has a private key and a public key – Encryption is done using the public key and Decryption using private key – Also called two-key/asymmetric-key cryptography 5

Private key cryptography revisited. Good: Quite efficient (as you’ll see from the HW#2 programming exercise on AES) Bad: Key distribution and management is a serious problem – for N users O(N 2 ) keys are needed 6

Public key cryptography model Good: Key management problem potentially simpler Bad: Much slower than private key crypto (we’ll see later!) 7

Public Key Encryption Two keys: – public encryption key e – private decryption key d Encryption easy when e is known Decryption easy when d is known Decryption hard when d is not known We’ll study such public key encryption schemes; first we need some number theory. 8

Public Key Encryption: Security Notions Very similar to what we studied for private key encryption – What’s the difference? 9

Group: Definition (G,.) (where G is a set and. : GxG  G) is said to be a group if following properties are satisfied: 1.Closure : for any a, b G, a.b G 2.Associativity : for any a, b, c G, a.(b.c)=(a.b).c 3.Identity : there is an identity element such that a.e = e.a = a, for any a G 4.Inverse : there exists an element a -1 for every a in G, such that a.a -1 = a -1.a = e Abelian Group: Group which also satisfies commutativity, i.e., a.b = b.a 10

Groups: Examples Set of all integers with respect to addition -- (Z,+) Set of all integers with respect to multiplication (Z,*) – not a group Set of all real numbers with respect to multiplication (R,*) Set of all integers modulo m with respect to modulo addition (Z m, “modular addition”) 11

Divisors x divides y (written x | y) if the remainder is 0 when y is divided by x – 1|8, 2|8, 4|8, 8|8 The divisors of y are the numbers that divide y – divisors of 8: {1,2,4,8} For every number y – 1|y – y|y 12

Prime numbers A number is prime if its only divisors are 1 and itself: – 2,3,5,7,11,13,17,19, … Fundamental theorem of arithmetic: – For every number x, there is a unique set of primes {p 1, …,p n } and a unique set of positive exponents {e 1, …,e n } such that 13

Common divisors The common divisors of two numbers x,y are the numbers z such that z|x and z|y – common divisors of 8 and 12: intersection of {1,2,4,8} and {1,2,3,4,6,12} = {1,2,4} greatest common divisor: gcd(x,y) is the number z such that – z is a common divisor of x and y – no common divisor of x and y is larger than z gcd(8,12) = 4 14

Euclidean Algorithm: gcd(r 0,r 1 ) 15 Main idea: If y = ax + b then gcd(x,y) = gcd(x,b)

Example – gcd(15,37) 37 = 2 * = 2 * = 7 *  gcd(15,37) = 1 16

Relative primes x and y are relatively prime if they have no common divisors, other than 1 Equivalently, x and y are relatively prime if gcd(x,y) = 1 – 9 and 14 are relatively prime – 9 and 15 are not relatively prime 17

Further Reading Chapter 4 of Stallings Chapter 2.4 of HAC 18