Presentation is loading. Please wait.

Presentation is loading. Please wait.

Problems with symmetric (private-key) encryption 1) secure distribution of keys 2) large number of keys Solution to both problems: Public-key (asymmetric)

Published byMildred Webster Modified over 9 years ago

Similar presentations

Presentation on theme: "Problems with symmetric (private-key) encryption 1) secure distribution of keys 2) large number of keys Solution to both problems: Public-key (asymmetric)"— Presentation transcript:

1 Problems with symmetric (private-key) encryption 1) secure distribution of keys 2) large number of keys Solution to both problems: Public-key (asymmetric) encryption plaintextciphertext encryption algorithmdecryption algorithm plaintext key pub key priv D( E(message, k pub ), k priv ) = message

2 Data transmission via public-key encryption Every user maintains a unique pair of keys: one private and one public. Public keys are available for anyone to use. For Lena to send a message to Ole, she first encrypts using Ole’s public key. This ensures that only Ole will be able to read the message. lena ole Note that this preserves data confidentiality, but does not ensure authenticity.

3 pub priv Public-key Encryption - the Concept Computationally easy to generate a pair of keys -- (K pub, K priv ) Computationally easy to encrypt -- E(plaintext, K pub )  ciphertext Proposed in 1976 by Witfield Diffie & Martin Hellman Necessary Properties Computationally easy to decrypt -- D(ciphertext, K priv )  plaintext Computationally infeasible to determine K priv, even knowing E, D, and K pub Computationally infeasible to decrypt without K priv, even knowing E, D, and K pub An Additional Useful Property Keys can be used in the opposite order for encryption/decryption -- D( E(plaintext, K priv ), K pub )  plaintext

4 Encryption Algorithm (apply to each part of the transmission) Begin with two large primes (p and q). n = p*q (Note that n should be more than 200 digits - roughly 512 bits.) Select e relatively prime to (p-1)*(q-1). E(message, e, n) = (message e ) mod n Select d so that (e*d) mod ((p-1)*(q-1)) = 1. public key: (e, n) private key: (d, n) Decryption Algorithm (apply to each part of the transmission) D(message, d, n) = (message d ) mod n Side note: (p-1)*(q-1) comes from Euler’s definition of totient  (n) = number of positive integers less than n that are relatively prime to n. Rivest-Shamir-Adelman (1978) is the best known of current public-key encryption methods. more theory: www. di-mgt.com.au/rsa_theory.html

5 Example (note that numbers are artificially small.) HI MOM SEND 3 2 32 28 24 28 32 18 30 21 277 8 26 12 14 12 26 18 4 13 3 p = 2q = 17 Therefore, n = p*q = 34 Select e = 3 Note that (p-1)*(q-1) = 16. (3 and 16 are relatively prime.) d = 11 because e*d = 3*11 = 33 and 33 mod 16 = 1 Treat alphabet as integers from zero, and include blank: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z  0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 23 25 26 H  7 7 e mod n = 7 3 mod 34 = 3 to encipher H I  8 8 e mod n = 8 3 mod 34 = 2 to encipher I 7  H7  H 3 d mod n = 3 11 mod 34 = 7 to decipher 3 8  I8  I 2 d mod n = 2 11 mod 34 = 8 to decipher 2 3 2 32 28 24 28 32 18 30 21 27

6 Issues 1) The values of p, q, and  (n) are not divulged. 2) Cryptanalysis of RSA accomplished by finding the prime factors of a large number. 3) Factoring is not known to be an NP problem, but the best known algorithms are exponential. 4) To date no serious security flaws have been discovered. Finding p and q Verifying that p and q are prime requires testing potential factors. A practical alternative (Solovay & Strassen algorithm) tests a number to any desired probability of being prime.RSA-10010033219917 Quadratic Sieve RSA-12912942819945000 RSA-13013043119961000 Generalized num field Sieve RSA-15515551219998000 dec. digits bitsYearMIPS-yrsAttack/factoring Method Key Size Effort Crack History

7 512102415362048 10 4 10 8 10 12 10 16 10 20 MIPS-years required for factoring Key Size (in bits) Another factoring method (Special Number Field Sieve) is faster. Key sizes of 1024 to 2048 appear to be safe for the near future. General number field sieve Special number field sieve

8 Generally, the strength of a public-key algorithm depends upon key size. Suppose Lena sends a very short message - say one byte E( LenasByte, K OlePub )  encipheredByte Suppose the man in the middle (Hagar) intercepts encipheredByte How can Hagar discover LenasByte ? Note: This particular vulnerability is unique to public-key cryptosystems. Solution: Append random bits to otherwise short messages, making them longer.

9 Other Public-key Cryptosystems Elliptic Curve Cryptography (ECC) several different ciphers based upon cubic equations of the form: y 2 +axy + by = x 3 + cx 2 + dx + e appears to have computational speed advantages over RSA “test of time”? Efficient? RSA can be as much as 10,00 times slower than symmetric algorithms (Multiplication used in place of bit manipulation and table lookup/indexing). to improve computation: (a * b) mod n = [(a mod n) * (b mod n)] mod n Diffie-Hellman Key Exchange not a full system, but a key-exchange technique built on public key concept Digital Signature Standard (DSS) not a full system, but a technique for implementing digital signatures built on public key concept

10 The additional property of RSA & elliptic curve ciphers: D(E(plaintext, k pub ), k priv ) = plaintext D(E(plaintext, k priv ), k pub ) = plaintext Confidential transmission 1) Lena encrypts the message using Ole’s public key. 2) The message from (1) is transmitted. 3) Ole decrypts message using his private key. lena ole Confidential & Authenticated transmission 1) Lena encrypts the message (or part of it) using her private key. 2) Lena uses Ole’s public key to encrypt the result of (1). 3) The message from (2) is transmitted. 4) Ole decrypts the message with his private key. 5) Ole decrypts the result of (4) (or appropriate part) with Lena’s public key.

Download ppt "Problems with symmetric (private-key) encryption 1) secure distribution of keys 2) large number of keys Solution to both problems: Public-key (asymmetric)"

Similar presentations

Public Key Cryptosystem

Public Key Cryptosystem
Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.

Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.
Asymmetric-Key Cryptography

Asymmetric-Key Cryptography
Session 4 Asymmetric ciphers.

Session 4 Asymmetric ciphers.
Public Key Algorithms …….. RAIT M. Chatterjee.

Public Key Algorithms …….. RAIT M. Chatterjee.
YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.

YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.
Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.

Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)

Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.

Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Chapter 9 – Public Key Cryptography and RSA Private-Key Cryptography  traditional private/secret/single key cryptography uses one key  shared by both.

Chapter 9 – Public Key Cryptography and RSA Private-Key Cryptography  traditional private/secret/single key cryptography uses one key  shared by both.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
CSCI 172/283 Fall 2010 Public Key Cryptography. New paradigm introduced by Diffie and Hellman The mailbox analogy: Bob has a locked mailbox Alice can.

CSCI 172/283 Fall 2010 Public Key Cryptography. New paradigm introduced by Diffie and Hellman The mailbox analogy: Bob has a locked mailbox Alice can.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
C HAPTER 13 Asymmetric Key Cryptography Slides adapted from Foundations of Security: What Every Programmer Needs To Know by Neil Daswani, Christoph Kern,

C HAPTER 13 Asymmetric Key Cryptography Slides adapted from "Foundations of Security: What Every Programmer Needs To Know" by Neil Daswani, Christoph Kern,

Similar presentations

Ads by Google