Presentation is loading. Please wait.

Presentation is loading. Please wait.

Week 3 - Friday.  What did we talk about last time?  AES  Public key cryptography.

Published byMae Richards Modified over 9 years ago

Similar presentations

Presentation on theme: "Week 3 - Friday.  What did we talk about last time?  AES  Public key cryptography."— Presentation transcript:

1 Week 3 - Friday

2  What did we talk about last time?  AES  Public key cryptography

3

4

5

6 Matt Shank

7

8  RSA depends in large part on the difficulty of factoring large composite numbers (particularly those that are a product of only 2 primes)  Recall that an integer p is prime if  p > 1  p is not divisible by any positive integers other than 1 and itself  Trivia: The largest prime currently known is 2 57885161 – 1  It has 17,425,170 digits in base 10

9  Any integer greater than 1 can be factored into a unique series of prime factors:  Example: 52 = 2 2 ∙ 13  Two integers a and b (greater than 1) are relatively prime or coprime if and only if a shares no prime factors with b

10  We won't get into the number theory behind this (yet)  A Rabin-Miller primality test works as follows:  Let n be the number you want to prove if it's prime or not  n must be odd, thus n – 1 is even  (n – 1) = 2 s d where s and d are positive integers and d is odd  If n is prime, then for any integer 1 < a < n, exactly one of the two is true: ▪ a d  1 (mod n) or ▪ a 2 r d  -1 (mod n), 1 ≤ r < s  Pick several a values, see if either of the two cases hold  If it ever doesn't, you know you have a composite

11  What if we want to see if 221 is prime?  n – 1 = 220 = 2 2 ∙55  s = 2  d = 55  Attempt 1: Let a = 174  a 2 0 ·d mod n = 174 55 mod 221 = 47 ≠ 1, n − 1  a 2 1 ·d mod n = 174 110 mod 221 = 220 = n − 1 Check!  Attempt 2: Let a = 137  a 2 0 ·d mod n = 137 55 mod 221 = 188 ≠ 1, n − 1  a 2 1 ·d mod n = 137 110 mod 221 = 205 ≠ n − 1 Oh no!  Every successful attempt means there is only a 25% chance that the number is composite  So, after k attempts, there is a 4 -k chance that the number is composite

12  The greatest common divisor or GCD of two numbers gives the largest factor they have in common  Example:  GCD( 12, 18 ) =  GCD( 42, 56 ) =  For small numbers, we can determine GCD by doing a complete factorization

13  For large numbers, we can use Euclid's algorithm to determine the GCD of two numbers  Algorithm GCD( a, b) 1. If b = 0 ▪ Return a 2. Else ▪ temp = a mod b ▪ a = b ▪ b = temp 3. Goto Step 1  Example: GCD( 1970, 1066)

14  We can extend Euclid's algorithm to give us the multiplicative inverse for modular arithmetic  Example: Find the inverse of 120 mod 23  Let a be the number  Let b be the modular base  Find Inverse(a, b)  x = 0  lastx = 1  y = 1  lasty = 0  while b ≠ 0 ▪ quotient = a div b ▪ temp = b ▪ b = a mod b ▪ a = temp ▪ temp = x ▪ x = lastx-quotient*x ▪ lastx = temp ▪ temp = y ▪ y = lasty-quotient*y ▪ lasty = temp  Return lastx

15

16  If p is prime and a is a positive integer not divisible by p, then: a p –1  1 (mod p)

17  Assume a is positive and less than p  Consider the sequence a, 2a, 3a, …, (p – 1)a  If these are taken mod p, we will get:  1, 2, 3, …, p – 1  This bit is the least obvious part of the proof  However (because p is prime) if you add any non-zero element repeatedly, you will eventually get back to the starting point, covering all values (except 0) once  Multiplying this sequence together gives:  a ∙ 2a ∙ 3a ∙ … ∙ (p – 1)a  1 ∙ 2 ∙ 3 ∙ … ∙ (p – 1) (mod p)  a p – 1 (p – 1)!  (p – 1)! (mod p)  a p – 1  1 (mod p)

18  Euler’s totient function  (n)   (n) = the number of positive integers less than n and relatively prime to n (including 1)  If p is prime, then  (p) = p – 1  If we have two primes p and q (which are different), then:  (pq) =  (p)∙  (q) = (p – 1)(q – 1)

19  Euler’s Theorem: For every a and n that are relatively prime, a  (n)  1 (mod n)  This generalizes Fermat’s Theorem because  (p) = p – 1 if p is prime  Proof is messier

20

21  Named for Rivest, Shamir, and Adleman  Take a plaintext M converted to an integer  Create an ciphertext C as follows: C = M e mod n  Decrypt C back into M as follows: M = C d mod n = (M e ) d mod n = M ed mod n

22 TermDetailsSource MMessage to be encryptedSender CEncrypted messageComputed by sender nModulus, n = pqKnown by everyone pPrime numberKnown by receiver qPrime numberKnown by receiver eEncryption exponentKnown by everyone dDecryption exponentComputed by receiver (n)(n) Totient of nKnown by receiver

23  To encrypt: C = M e mod n  e is often 3, but is always publically known  To decrypt: M = C d mod n = M ed mod n  We get d by finding the multiplicative inverse of e mod  (n)  So, ed  1 (mod  (n))

24  We know that ed  1 (mod  (n))  This means that ed = k  (n) + 1 for some nonnegative integer k  M ed = M k  (n) + 1  M∙(M  (n) ) k (mod n)  By Euler’s Theorem M  (n)  1 (mod n)  So, M∙(M  (n) ) k  M (mod n)

25  M = 26  p = 17, q = 11, n = 187, e = 3  C = M 3 mod 187 = 185   (n) = (p – 1)(q – 1) = 160  d = e -1 mod 160 = 107  C d = 185 107 mod 187 = 26  If you can trust my modular arithmetic

26  You can’t compute the multiplicative inverse of e mod  (n) unless you know what  (n) is  If you know p and q, finding  (n) is easy  Finding  (n) is equivalent to finding p and q by factoring n  No one knows an efficient way to factor a large composite number

27

28  Key management issues  Cryptographic hash functions  Yuki Gage presents

29  Finish reading Section 2.7 and 12.3  Start reading Section 2.8  Finish Assignment 1  Due tonight by midnight

Download ppt "Week 3 - Friday.  What did we talk about last time?  AES  Public key cryptography."

Similar presentations

Number Theory Algorithms and Cryptography Algorithms Prepared by John Reif, Ph.D. Analysis of Algorithms.

Number Theory Algorithms and Cryptography Algorithms Prepared by John Reif, Ph.D. Analysis of Algorithms.
1 Lect. 12: Number Theory. Contents Prime and Relative Prime Numbers Modular Arithmetic Fermat’s and Euler’s Theorem Extended Euclid’s Algorithm.

1 Lect. 12: Number Theory. Contents Prime and Relative Prime Numbers Modular Arithmetic Fermat’s and Euler’s Theorem Extended Euclid’s Algorithm.
Week 3 - Wednesday.  What did we talk about last time?  DES  Started AES.

Week 3 - Wednesday.  What did we talk about last time?  DES  Started AES.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.
Chapter 8 – Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other.

Chapter 8 – Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other.
Section 4.1: Primes, Factorization, and the Euclidean Algorithm Practice HW (not to hand in) From Barr Text p. 160 # 6, 7, 8, 11, 12, 13.

Section 4.1: Primes, Factorization, and the Euclidean Algorithm Practice HW (not to hand in) From Barr Text p. 160 # 6, 7, 8, 11, 12, 13.
5.1 Number Theory. The study of numbers and their properties. The numbers we use to count are called the Natural Numbers or Counting Numbers.

5.1 Number Theory. The study of numbers and their properties. The numbers we use to count are called the Natural Numbers or Counting Numbers.
Public Key Cryptosystems - RSA Receiver Sender Eavesdroppe r 175753411947 p q p q p q p and q prime.

Public Key Cryptosystems - RSA Receiver Sender Eavesdroppe r p q p q p q p and q prime.
22C:19 Discrete Structures Integers and Modular Arithmetic

22C:19 Discrete Structures Integers and Modular Arithmetic
BY : Darshana Chaturvedi.  INTRODUCTION  RSA ALGORITHM  EXAMPLES  RSA IS EFFECTIVE  FERMAT’S LITTLE THEOREM  EUCLID’S ALGORITHM  REFERENCES.

BY : Darshana Chaturvedi.  INTRODUCTION  RSA ALGORITHM  EXAMPLES  RSA IS EFFECTIVE  FERMAT’S LITTLE THEOREM  EUCLID’S ALGORITHM  REFERENCES.
Public Key Encryption Algorithm

Public Key Encryption Algorithm
Primality Testing By Ho, Ching Hei Cheung, Wai Kwok.

Primality Testing By Ho, Ching Hei Cheung, Wai Kwok.
22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.

22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.
15-251 Great Theoretical Ideas in Computer Science.

Great Theoretical Ideas in Computer Science.
Elementary Number Theory and Methods of Proof. Basic Definitions An integer n is an even number if there exists an integer k such that n = 2k. An integer.

Elementary Number Theory and Methods of Proof. Basic Definitions An integer n is an even number if there exists an integer k such that n = 2k. An integer.
UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2002 Tuesday, 26 November Number-Theoretic Algorithms Chapter 31.

UMass Lowell Computer Science Analysis of Algorithms Prof. Karen Daniels Fall, 2002 Tuesday, 26 November Number-Theoretic Algorithms Chapter 31.
The Algebra of Encryption CS 6910 Semester Research and Project University of Colorado at Colorado Springs By Cliff McCullough 20 July 2011.

The Algebra of Encryption CS 6910 Semester Research and Project University of Colorado at Colorado Springs By Cliff McCullough 20 July 2011.
6/20/2015 5:05 AMNumerical Algorithms1 x0123456789 x1x1 1739.

6/20/2015 5:05 AMNumerical Algorithms1 x x1x
1 Lecture #10 Public Key Algorithms HAIT Summer 2005 Shimrit Tzur-David.

1 Lecture #10 Public Key Algorithms HAIT Summer 2005 Shimrit Tzur-David.

Similar presentations

Ads by Google