1. Chap 6: Security and Protection
2018/11/8

2. Protection methods
2018/11/8

3. 6.1 Secure communications
2018/11/8

4. Cryptology
2018/11/8

5. Basic tools
Encryption algorithms
One-way functions H( )
2018/11/8

6. One-way function exampleB B’
16 bytes each
32 bytes
2018/11/8

7. Secret key encryption %crypt K <plaintxt>ciphertxt
Decryption
C=E K
(P)
Plaintext P
Ciphertext P
EK(.)
DK(.)
64 bits
64 bits
Key K
Key K
DES: uses 56 bit keys
%crypt K <plaintxt>ciphertxt
% crypt K <ciphertxt>plaintxt
IDEA: uses 128 bit keys
2018/11/8

8. Brute-force key search
Key size (bits)
Key space size
Mean time required
at 1 key test/msec 32
232 = 4.3 x 109
35.8 minutes
56 (DES)
256 = 7.2 x 1016
1,142 years
128
2128 = 3.4 x 1038
5.4 x 1024 = 300 billion big bangs
168
2168 = 3.7 x 1050
5.9 x 1036 big bangs
Don’t get impressed easily:
DES can now be cracked in hours!
2018/11/8

9. Public key encryption scheme
Decryption
Plaintext P
Ciphertext C P
DK-(.)
E K+ (.)
Public key K+
Private key K-
2018/11/8

10. Public key encryption RSA: Rivest, Shamir and Adleman; Reversible
Encryption: C = Pe mod n
Decryption: P = Cd mod n
K+ = (e,n), K- = (d,n)
Reversible
Encryption
Decryption
Plaintext P
Ciphertext C P
DK-(.)
EK+(.)
Private key K-
Public key K+
2018/11/8

11. Example N=55, e = 7, d = 23 “RSA” = “18, 19, 1” C1 =187 mod 55 = 17
P1 =1723 mod 55 = 18
P2 =2423 mod 55 = 19
P3 =123 mod 55 = 1
2018/11/8

12. Complexity of mod arithmetic
1723 mod 55 = mod 55 = (1716 mod 55) (174 mod 55) (172 mod 55) (17 mod 55)
172 mod 55 = 14; 174 mod 55 = (172 mod 55) (172 mod 55) = 142 mod 55 = 31; 178 mod 55 = 312 mod 55 = 26; 1716 mod 55 = 262 mod 55 = 16;
1723 mod 55 = (16*31*14*17) mod 55 = 18
(M100 digits) can be computed using only 2log ~660 multiplications
2018/11/8

13. RSA detail e x d = 1 mod ((p – 1) x (q – 1))
n = p x q (p = 5, q = 11 in previous example)
Choose the encryption key e
e and (p –1) x (q – 1) are relatively prime
Compute decryption key d such that
e x d = 1 mod ((p – 1) x (q – 1))
2018/11/8

14. Notes on RSA
2018/11/8

15. Application of public key encryption to digital signature
Let K+{m} = EK+ (m) and K-{m} = DK- (m) for short
Assume K-{ K+{m} } = K+{ K-{m} } = m
K+: public key
K-: private key
RSA has this property
2018/11/8

16. Message Digest (for message integrity)
Received msg:
m MD5(m)
Compare
MD5(m)
2018/11/8

17. Message Digest Make it tamper proof using K+ and K− Received msg:
m 　　　　K− { MD5(m) }
K+ K− { MD5(m)}
Compare
MD5(m)
2018/11/8

18. Message Integrity Protocol
MD5 with RSA signature
Sender Alice (msg m)
Encrypt msg MD5(m) by A’s private key, and send
m + K-A{ MD5(m) }
Receiver Bob
Compute MD5(m) using m.
Decrypt signature with A’s public key, i.e., apply K+A( ) to K-A{ MD5(m) } to extract MD5(m)
Compare the two
2018/11/8

19. PGP (Pretty Good Privacy) for singed messages
Pick random key k, encrypt whole message,
m + K-A{MD5(m)}
and append encrypted k:
k{ m + K-A{MD5(m)} } + K+B{k}
Receiver B decrypts K+B{k} first, retrieving k, with which m + K-A{MD5(m)} can be recovered
2018/11/8

20. More on PGP http://www.pdpi.com man pgp (Unix man page)
mkdir $HOME/.pgp /*to create keyring
pgp –kg /*create public/private keys
Will prompt for pass phrase and random number
pgp –e text her_userid /*recipient public key used, text.pgp generated
2018/11/8