Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT 221: Introduction to Information Security Principles Lecture 4: Public-Key Cryptography For Educational Purposes Only Revised: September 15, 2002.

Published byMarian Dean Modified over 9 years ago

Similar presentations

Presentation on theme: "IT 221: Introduction to Information Security Principles Lecture 4: Public-Key Cryptography For Educational Purposes Only Revised: September 15, 2002."— Presentation transcript:

1 IT 221: Introduction to Information Security Principles Lecture 4: Public-Key Cryptography For Educational Purposes Only Revised: September 15, 2002

2 1 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Context and Questions Context: “Tokyo at Rush hour, circa 2012: your automated car whisks you off to Narita airport, steering itself through bustling traffic. You’re free to work. Push a button on your watch, and an image of your firm’s mining operation in Indonesia springs to life in 3-D. You ask the digital assistant in your watch how current fluctuations might affect the mining investment, and a female voice reads the results out load.…As you arrive Narita, your car announces that the flight is delayed. Care to rebook?” [3] Questions: What some of the security and privacy implications with the potential ubiquity of (and access to) personalized data?

3 2 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Chapter 6: Context and Overview History Misconceptions High-Level Principles Categories of Public-keys Encryption with Public-keys Authentication with Public-keys Ensuring Both Encryption and Authentication RSA History RSA Key Generation Algorithm RSA Key Generation Example RSA versus DES Diffie-Hellman History Diffie-Hellman Key Exchange Key Management Resources Chapter 6 Outline

4 3 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Context and Overview Context: The cryptographic systems and algorithms covered in Chapters 1-5 are fundamentally based on substitution and permutation. [2] Inherent key distribution problem with Secret Key systems: -Necessary to share the secret key between Sender and Receiver -Comm. with n different parties requires n different keys Public-key Cryptography Overview: Public-key cryptography represents a radical departure from substitution and permutation based methods. [2] Given a reliable transmission channel, Public-key systems solve the key distribution problem of using secret-key.

5 4 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only History History [4]: Concept conceived by Diffie and Hellman in 1976 Rivest, Shamir and Adleman (RSA) were first to describe a Public-key cryptosystem in 1978. Merkle and Hellman published an alternative solution in 1978. Serious contenders today available in the public domain: -RSA -El Gamal

6 5 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Misconceptions Misconceptions [2]: More secure from cryptanalysis than is conventional encryption. General purpose technique that has made conventional encryption obsolete. Key distribution is trivial compared to ‘handshaking’ involved with the Key Distribution of conventional encryption methods.

7 6 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only High-Level Principles High-Level Principles: Based on the infeasibility to determine the decryption key (i.e. the Receiver’s Private Key), given knowledge of the following: [2] -Receiver’s Public Key -Chosen Plaintext -Possibly chosen ciphertext Some algorithms, such as RSA, exhibit the following attribute: [2] - Either of the two related keys can be used for encryption, with the other used for decryption.

8 7 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Categories of Public-keys Three Categories: Encryption/Decryption: Sender encrypts a message with the recipient’s public key. Digital Signature: Sender ”signs” a message with its private key. Key Exchange: Two sides cooperate two exhange a session key.

9 8 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Encryption with Public-keys Encryption Process [2]: (1) Each end system in a network generates a pair of keys to be used for encryption and decryption of messages that it will receive. (2) Each system publishes its encryption key by placing it in a public register or file. This is the Public-key. The companion key is kept private. (3) If Bob wishes to send Alice, he encrypts the message using Alice’s Public-key. (4) When Alice receives the message, she decrypts it using her Private-key. No other receiver can decrypt the message.

10 9 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Authentication with Public-keys Authentication Process [2]: (1) Bob prepares a message to Alice and encrypts the message using his private key. (2) Alice decrypts Bob’s message by using his Public-key. (3) Since the message was encrypted using the sender’s private key, only the sender could have sent this message.

11 10 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Question: Given the two preceding processes, how are you able to ensure for both Encryption and Authentication? Solution: Encrypt first, followed by the signature. Signature first has the advantage that the signature can be verified by parties other than the Recipient. Ensuring Both Encryption and Authentication

12 11 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only RSA History RSA History [2]: Scheme developed by Rivest, Shamir, and Adleman Block cipher in which the Plaintext and Ciphertext are integers between 0 and n –1 for some n. Plaintext is encrypted in blocks, with each block having a binary value less than some number n, i.e. The block size must be less than or equal to log2(n).

13 12 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only RSA Key Generation Algorithm RSA Algorithm [2/4]: Chose 2 large prime numbers p,q Compute n = p x q Select integer e relatively prime to (p –1) * (q –1) Calculate d such that e*d = 1mod(p-1)*(q-1) Publish Public Key {e,n} Keep Private Key {d,n}

14 13 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only RSA Key Generation Example RSA Algorithm [4]: Chose 2 large prime numbers p,q p = 47, q = 71 Compute n = p x q n = p*q = 3337 Select integer e relatively prime to (p –1) * (q –1) (47-1) * (71-1) = 46*70 = 3220 Calculate d such that e*d = 1mod(p-1)*(q-1) 79^-1mod3220 = 1019 Publish Public Key {e,n} (3337, 79) Keep Private Key {d,n} (3337, 1019)

15 14 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only RSA versus DES RSA versus DES [4]: Speed of Implementation: - RSA: Encypts in kilobits/second -DES: Encypts in megabits/second Key Size: - RSA: Selected by user - DES: 64 bits (56 bits plus 8 parity bits) Often proposed that RSA be used for secure exchange of DES keys.

16 15 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Diffie-Hellman History RSA History [4]: Proposed in 1976, and is the first public key algorithm (predates RSA) Purpose of the algorithm is to enable two users to exchange a key securely over a potentially insecure channel. Limited to the exchange of keys, I.e. can not be used for en-/de-cryption.

17 16 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Diffie-Hellman Key Exchange Diffie-Hellman [4]: Alice and Bob want to agree upon a key They agree on 2 large integers n and g such that 1 < g < n Alice chooses random x, computes X = g^xmod n and sends it to Bob. Bob chooses random y, computes Y = g^y mod n, and sends it to Alice. Alice computes k = Y^x mod n Bob computes k’ = X^y mod n If someone is eavesdropping, the intrudder knows n, g, X and Y but not x and y.

18 17 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only Key Management Several Schemes for Distributing Keys [2]: Public Announcement of Public Keys Publicly Available Directory Public-Key Authority Public-Key Certificates

19 18 August 28, 2002 IT 221: Introduction to Information Security Priciples For Educational Purposes Only [1] Pfleeger, Charles. Security In Computing, Prentice Hall, 1997. Chapter 4. [2] Stallings, William. Cryptography and Network Security, Prentice Hall, 1999. Chapter 4-5 [3] Foroohar, Rana. “A New Way to Compute”. Time Magazine, September 16, 2002. Pp 34J-O. [4] Jajodia, Dr. Sushil. “Cryptography and Its Applications”. Lecture, 1999. Resources

Download ppt "IT 221: Introduction to Information Security Principles Lecture 4: Public-Key Cryptography For Educational Purposes Only Revised: September 15, 2002."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Public Key Cryptography & Message Authentication By Tahaei Fall 2012.

Public Key Cryptography & Message Authentication By Tahaei Fall 2012.
Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.

Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
95-712 OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.

OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.

Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Cryptography and Network Security Chapter 9. Chapter 9 – Public Key Cryptography and RSA Every Egyptian received two names, which were known respectively.

Cryptography and Network Security Chapter 9. Chapter 9 – Public Key Cryptography and RSA Every Egyptian received two names, which were known respectively.
Public Key Cryptography and the RSA Algorithm

Public Key Cryptography and the RSA Algorithm
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.

Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.
Chapter3 Public-Key Cryptography and Message Authentication.

Chapter3 Public-Key Cryptography and Message Authentication.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.

Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Similar presentations

Ads by Google