Download presentation
Presentation is loading. Please wait.
Published byBrooke White Modified over 9 years ago
1
Chapter 3 Encryption Algorithms & Systems (Part C)
2
csci5233 computer security & integrity (Chap. 3) 2 Outline
3
csci5233 computer security & integrity (Chap. 3) 3 RSA Encryption 1978: Rivest, Shamir, Adelman Public key encryption Remains secure to date Encryption key (e) and decryption key (d) are interchangeable. The two keys, e and d, are carefully chosen such that C = P e mod n (encryption) and P = C d mod n (decryption).
4
csci5233 computer security & integrity (Chap. 3) 4 Euler Totient Function (n): the number of positive integers less than n and are relatively prime to n. If n is prime: (n) = n – 1 When n = p * q, where both p and q are primes and p q: (n) = (p) * (q) = (p – 1) * (q – 1)
5
csci5233 computer security & integrity (Chap. 3) 5 RSA Encryption Public key = (e, n) Private key = (d, n) Step 1: Choose n, p, & q n = p * q, where both p and q are primes and p q Example: n = 143 = p * q = 11 * 13
6
csci5233 computer security & integrity (Chap. 3) 6 RSA Encryption Step 2: Choose e. e is relatively prime to (n). That is, e is relatively prime to (p-1)*(q-1). Example: e = 17, which is relatively prime to 10*12. Step 3: Compute d. d is the inverse of e mod (p-1)*(q-1). Use the algorithm on page 81 to compute inverses. Note: A Java implementation of the algorithm is available at the class page. Example: d = e -1 mod (p-1)*(q-1) = 17 -1 mod 120= 113
7
csci5233 computer security & integrity (Chap. 3) 7 RSA Encryption An example (pp.94-95): P = 7 Let n = 143, p = 11, q = 13, and e = 11. Note: e is relprime to (p-1)*(q-1). Then d = 11 Note: d is the inverse of e mod (p-1)*(q-1). Encryption: C = P e mod n = 7 11 mod 143 = 106 Decryption: P = C d mod n = 50 11 mod 143 = 7
8
csci5233 computer security & integrity (Chap. 3) 8 RSA Encryption Another example: P = 7 Let n = 143, p = 11, q = 13, and e = 17. Note: e is relprime to (p-1)*(q-1). Then d = 113 Note: d is the inverse of e mod (p-1)*(q-1). Encryption: C = P e mod n = 7 17 mod 143 = 50 Decryption: P = C d mod n = 50 113 mod 143 = 7
9
csci5233 computer security & integrity (Chap. 3) 9 RSA Encryption Still another example: P = 55 Let n = 285, p = 19, q = 17, and e = 37. Note: e is relprime to (p-1)*(q-1), 288. d = 109 Note: d is the inverse of e mod (p-1)*(q-1). Encryption: C = P e mod n = 55 37 mod 288 = 55 Decryption: P = C d mod n = 55 109 mod 288 = 55
10
csci5233 computer security & integrity (Chap. 3) 10 RSA Encryption The cryptographer’s job: –Find three primes, p, q, and e, where p * q = n and e is relatively prime to (p-1)*(q-1). –Compute d based on e and n. The challenge: p, q, and e must be large enough primes. See discussions on p.95.
11
csci5233 computer security & integrity (Chap. 3) 11 RSA Encryption The cryptanalyst’s job: P = C d mod n –Available: (e, n). –Find two primes p and q, such that p * q = n and e is relatively prime to (p-1)*(q-1). –Compute d: d = inverse (e, (p-1)*(q-1)) Q: Where’s the secrecy? Q: Given n and a prime e, how hard is it to find two distinct primes, p and q, such that p*q = n and (p- 1)*(q-1) is relprime to e?
12
csci5233 computer security & integrity (Chap. 3) 12 El Gamal Algorithm A public key algorithm 1984 Important in the U.S. DSS (Digital Signature Standard) Digital Signatures The sender computes the digital signature using his own private key. DS = E (Key priv, P) The receiver verifies the signature using the sender’s public key. P = D (Key pub, DS)
13
csci5233 computer security & integrity (Chap. 3) 13 El Gamal Algorithm To generate a key pair: –Choose a prime p and two integers, a and x, such that a < p and x < p. –The prime p should be chosen so that (p-1) has a large prime factor q. –Calculate the public key: y = a x mod p. –Private key: x –Public key: y
14
csci5233 computer security & integrity (Chap. 3) 14 El Gamal Algorithm (The sender) To sign a message m: –Choose a new random integer k, 0 < k < p-1 and k is relprime to (p-1). –Compute r = a k mod p. –Compute s = k -1 ( m – xr ) mod (p-1) –The message signature: r and s. Verification: A recipient use the public key (y) to compute ( y r r s ) mod p and determine if it is equivalent to a m mod p.
15
csci5233 computer security & integrity (Chap. 3) 15 Hash Algorithm A hash algorithm is a check function that protects data against modifications. C.f., checksum in network transmission Hash functions produce a reduced form of a body of data (called a digest or check value) such that most changes to the data will also change the reduced form. A cryptographic hash function uses a cryptographic function as part of the hash function. 1992: Secure Hash Algorithm (SHA)
16
csci5233 computer security & integrity (Chap. 3) 16 Secure Hash Algorithm (SHA) 1992: NIST Input data < 2 64 bits 160-bit digest Strength: diffusion, the avalanche effect See Fig. 3-9, p.99 C.f., MD4, MD5 Both MD5 and SHA are variants of the MD4 by Rivest. Strength: MD4 < MD5 < SHA
17
csci5233 computer security & integrity (Chap. 3) 17 Summary Public key encryption algorithms: Merkle-Hellman, RSA, El Gamal SHA Next: DES, Key Escrow
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.