Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Lecture 9 Public Key Cryptography Public Key Algorithms CIS 4362 - CIS 5357 Network Security.

Published byGervase Lamb Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Lecture 9 Public Key Cryptography Public Key Algorithms CIS 4362 - CIS 5357 Network Security."— Presentation transcript:

1 1 Lecture 9 Public Key Cryptography Public Key Algorithms CIS 4362 - CIS 5357 Network Security

2 2 Euler’s Totient function  (n) - again  ( n ) is the number of positive integers less than n and relatively prime to n. Let p be a prime. Then  ( p ) = p – 1 Let n = pq for p and q prime. Then  ( n ) =  ( pq ) =  ( p )  ( q ) Proof outline: look at numbers relatively prime to pq. Must take all the numbers less than pq but eliminate multiples of p and multiples of q. (pq – 1)–(q – 1)–(p – 1) = (p – 1)(q – 1) Example: let n = 15, Then  (15) =  (5)  (3) = 8 Z 15 * = {1,2,4,7,8,11,13,14}

3 3 Euler’s Theorem - extension Euler’s theorem: for every a and n that are relatively prime, a  (n) ≡ 1 mod n Corollary: for every a and n that are relatively prime, a k  (n)+1 ≡ a mod n For n a product of two primes p and q, then for all a and k non-negative, a k  (n)+1 ≡ a mod n Proof outline: consider case where a is a multiple of p, a = cp. Then gcd(a,q) = 1.

4 4 Discrete Logarithms Let y = g x mod p x is said to be the (discrete) logarithm of y, with base g. It is easy to compute y, given g,x, and p. It is hard to find x, given g,p, and y. It is believed to be as hard as factoring large primes.

5 xyxy 0123456789101112 0000000000000 11111111111111 21248624862486 31397139713971 41464646464646 51555555555555 61666666666666 71793179317931 81842684268426 91919191919191 Table for exponentiation mod 10

6 6 Looking at the mod 10 table Note that  (10) = 4. Also, 10 is the product of distinct primes so Euler’s theorem applies (for any x ) –that is x 1 + k  ( n ) = x mod n where n = 10, for all x –thus  (10) = 4 means that every 4 th column will be the same (except starting at x 0 ) Note however that although exponentiating by 1, 3, and 4, are a permutation of the set 1-9, exponentiating by 2 does not result in a permutation. –this is because 2 is not a coprime of 4 =  (10) –for all coprimes of 4, for example e = 3 we can find a d such that ed = 1 mod 4. –Thus, using mod 10 arithmetic, x ed = x 1+  (10) = x and thus x 3 has an exponentiative inverse in the sense that for all x, ( x 3 ) d = x, for some d.

7 7 RSA Rivest, Shamir, Adleman, 1978, MIT Variable key size, common to use 1024 bits Generating RSA keys is based on finding multiplicative inverses of large numbers (modulo), which is not hard Generating RSA ciphertext is based on modulo exponentiation, which is not hard RSA's strength is based on difficulty of factoring large numbers and computing discrete logarithms, which is believed to be hard. There may be other trap doors in RSA, but none have been found yet.

8 8 The RSA Algorithm Choosing public and private keys Let k be the key length then choose two large prime numbers p and q of bit lengths k /2, for example 512 bits each. Let n = pq. Choose e Find multiplicative inverse d of e mod  ( n ). The private key is

9 9 RSA operations encryption / decryption Encryption – for a message m < n, c = m e mod n ( c is the ciphertext) Decryption – given the ciphertext c, compute c d mod n Note that c d mod n = m ed mod n = m since d was chosen so that ed = 1 + k  (n) and we are simply using Euler’s (extension) theorem

10 10 RSA operations signature / verification Signature – for a message m < n, s = m d mod n ( s is the signature) Signature verification – given the signature s, compute s e mod n Note that s e mod n = m ed mod n = m. Also anyone can verify the signature using the public key.

11 11 RSA Example 1.Select two large primes, 2357 and 2551. 2.Multiply them to get n = 6012707 3.Select e = 3674911, relatively prime to  ( n )= 600780 4.d = 422191 is the multiplicative inverse of e mod  ( n ) 5.Encrypt m = 5234673 < n as c = m e mod n = 5234673 3674911 mod 6012707 = 3650502 6.Decrypt c as, m = c d mod n = 3650502 422191 mod 6012707 = 5234673

12 12 Back to one way functions: an example of encryption / decryption Let n be a large number Let the plaintext be viewed as M < n To get the ciphertext, we do the following: C = M e mod n Example Let ( e,n ) be (7, 187) and M be 88 Then C = 88 7 mod 187 = 11 (d,n)=(23,187)and 187 = 17  11 Then M = 11 23 mod 187 = 88

13 13 An Attack on RSA 1.An intruder, X intercepts a message (m) intended for Alice encrypted under Alice's public key (e): (m) e mod n 2.The intruder generates a value x, computes: x e m e mod n = (xm) e mod n and sends it to Alice 3.Alice decrypts the message to attain the value: xm mod n, which appears to be garbage 4.If Alice disposes of the "garbage" carelessly, the intruder can recover it and compute: (xmx -1 ) mod n = m

14 14 Some aspects of RSA 1.It's strength is based on the difficulty of factoring large numbers and the difficulty of computing discrete logarithms 2.It is much more computationally intensive than DES, IDEA, AES, etc. 3.It has avoidable weaknesses If there are a limited number of plaintext messages used in practice, can compute all the corresponding ciphertext messages and compare Encrypting small messages (say the value of e used is 3. Then can recover using cube root Smooth number threat – product of small primes Need to pad properly

15 15 Diffie Hellman Oldest public key system in use Allows Alice and Bob to agree on a shared key even though all messages are exchanged in the open Limited functionality – the shared secret can subsequently be used for encrypting / decrypting using other systems Weakness – no authentication as a basic element of DH

16 16 Diffie Hellman Key Exchange Choose a large prime p and g < p. These are publicly known to all. ( some restrictions on g and p for additional security) 1.Alice and Bob “randomly” choose a and b respectively - these are their individual private keys. 2.Alice computes T A = g a mod p, Bob computes T B = g b mod p 3.Alice and Bob exchange the values T A and T B 4.Alice computes T B a mod p and Bob computes T A b mod p 5.They have both computed the same number, the shared secret key

17 17 Intro to El Gamal 1.Alice and Bob agree on a large (512 bits) prime p and a generator g < p with some restrictions on g. (Operations are all mod p) 2.Alice chooses a random number a (her private key) and computes and publishes her public key T A = g a 3.To transmit a message M, Bob selects a random number r (private), and computes and sends to Alice: C =(g r,Mg ar ) 4.Alice computes g ar, then g -ar, and finally M = M(g ar )(g -ar )

18 18 El Gamal Example g a mod p = 3 g r mod p = 3 g ar mod p = 9 Mg ar mod p = 10 g -ar mod p = 5 g = 5 p = 11 a = 2 r = 7 M = 6 Mg ar * g -ar mod p = 6

Download ppt "1 Lecture 9 Public Key Cryptography Public Key Algorithms CIS 4362 - CIS 5357 Network Security."

Similar presentations

Public Key Encryptions CS461/ECE422 Fall 2011. Reading Material Text Chapters 2 and 20 Handbook of Applied Cryptography, Chapter 8 –

Public Key Encryptions CS461/ECE422 Fall Reading Material Text Chapters 2 and 20 Handbook of Applied Cryptography, Chapter 8 –
Asymmetric-Key Cryptography

Asymmetric-Key Cryptography
CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.
Public Key Encryption Algorithm

Public Key Encryption Algorithm
7. Asymmetric encryption-

7. Asymmetric encryption-
15-251 Great Theoretical Ideas in Computer Science.

Great Theoretical Ideas in Computer Science.
Public Key Algorithms …….. RAIT M. Chatterjee.

Public Key Algorithms …….. RAIT M. Chatterjee.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.

Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.
1 Lecture #10 Public Key Algorithms HAIT Summer 2005 Shimrit Tzur-David.

1 Lecture #10 Public Key Algorithms HAIT Summer 2005 Shimrit Tzur-David.
Public Key Cryptography

Public Key Cryptography
Public Encryption: RSA

Public Encryption: RSA
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Cryptography & Number Theory

Cryptography & Number Theory
Introduction to Modern Cryptography Lecture 7 1.RSA Public Key CryptoSystem 2.One way Trapdoor Functions.

Introduction to Modern Cryptography Lecture 7 1.RSA Public Key CryptoSystem 2.One way Trapdoor Functions.
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Topic 5 Essential Public Key Crypto Methods.

The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Topic 5 Essential Public Key Crypto Methods.
Chapter 3 Encryption Algorithms & Systems (Part C)

Chapter 3 Encryption Algorithms & Systems (Part C)
Public Key Algorithms 4/17/2017 M. Chatterjee.

Public Key Algorithms 4/17/2017 M. Chatterjee.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.
Codes, Ciphers, and Cryptography-RSA Encryption

Codes, Ciphers, and Cryptography-RSA Encryption

Similar presentations

Ads by Google