Presentation is loading. Please wait.

Presentation is loading. Please wait.

Implementation Issues for Public Key Algorithms

Published byAlexander Harrison Modified over 9 years ago

Similar presentations

Presentation on theme: "Implementation Issues for Public Key Algorithms"— Presentation transcript:

1 Implementation Issues for Public Key Algorithms
CSCI 5857: Encoding and Encryption

2 Outline Representing plaintext
Fast modular exponentiation for very large numbers Determining modular multiplicative inverses for very large numbers The extended Euclidean algorithm for GCD Finding very large prime numbers The Miller-Rabin test

3 Representing Plaintext
Constraint: P < modulus n  1024 bits in RSA  128 bytes Block cipher: Plaintext broken into 128 byte blocks Small blocks vulnerable to cryptanalysis Represented as equivalent large number Each number encrypted and transmitted in ECB mode Could theoretically use CBC mode, but won’t really use for long messages anyway

4 Fast Modular Exponentiation
Must compute C = P E mod n and P = C D mod n for very large n, E, D, P, and C Example: Problem: P E is a really big number! Too large for fast computation or even storage on most systems Note: Final result P E mod n ≤ n

5 Fast Modular Exponentiation
Solution: Keep value smaller by taking mod n throughout computation (instead of at end) Useful property of modular arithmetic: a  b mod n = ((a mod n)  (b mod n)) mod n Example: mod 17 = (37  58) mod = (37 mod 17)(58 mod 17) mod = 3  7 mod 17 = 4

6 Square and Multiply Method
Break exponent E into product of powers of 2 Example: P22 = P16  P4  P2 Can be represented as “bits”: 22  10110 Use squaring to compute powers of 2 quickly P  P 2  P 4  P 8  P 16 Multiply by running total if corresponding bit = 1

7 Fast Modular Exponentiation
Algorithm to compute PE mod n: result = 1 for (i = 0 to number of bits in E - 1) { if (ith bit == 1) result = (result * P) mod n P = P2 mod n }

8 Fast Modular Exponentiation
Example: 1722 mod 21 i ith bit P result (unchanged) mod 21 = * 16 mod 21 = 16 mod 21 = * 4 mod 21 = mod 21 = 4 mod 21 = (unchanged) mod 21 = 16 mod 21 = * 4 mod 21 = mod 21 = 4

9 Extended Euclidean Algorithm
Goal: Find D = E -1 mod Φ(n) quickly Extended Euclidean algorithm: Finds s and t such that (s  n + t  E ) mod n = GCD(n, E) Based on recursive Euclidean relationship: GCD(n, E) = GCD(E, n mod E)

10 Extended Euclidean Algorithm
What this gives us: E and Φ(n) relatively prime  GCD(E, Φ(n) ) = 1 Extended Euclidean algorithm would then find s and D such that (s  Φ(n) + D  E ) mod Φ(n) = 1 D = E-1 mod Φ(n) Since s  Φ(n) divisible by Φ(n)

11 Extended Euclidean Algorithm
D = 0; s = 1; while (E > 0) { q = (int)(n/E); r = n – qE; n = E; E = r; t = D - qs; D = s; s = t; } D = E-1 mod n compute n = qE + r recursive GCD(a, b) = GCD(b, a mod b) relationship change D and s to maintain (s  n + t  E ) mod n = GCD(n, E) relationship

12 Extended Euclidean Algorithm
Example: Inverse of 11 mod 26 11-1 mod 26 = -7 mod 26 = 19 n E q r D s t /11 = mod 11 = – 2*1 = -2 /4 = mod 4 = – 2*-2 = 5 /3 = mod 3 = – 1*5 = -7 /1 = mod 1 = – 3*-7 = 26

13 Finding Large Primes No simple way to generate an arbitrarily large prime number Usual method: generate and test Generate a sufficiently large odd number Test it for primality Usually probabilistic: Can’t be 100% sure generated number is prime Can be sure with some desired probability

14 Finding Large Primes How many might we need to test before finding a prime? Primes of size s are spaced about every ln(s) ln(s) = natural logarithm = loge(s) Example: Finding prime of size 2200 would require testing on average ln(2200)  138 numbers

15 Miller-Rabin Test Basic idea: many primes are of form p = 2kq + 1 for some k, q Miller-Rabin test: If p is prime then for all a < p – 1 either: a q mod p = 1 One of a q, a 2q, a 4q, … a 2k-1q mod p = -1

16 Miller-Rabin Test Even if this test passed for some a, p might still be non-prime No way to test all possible values of a Idea: Try enough values of a to be as sure as necessary that p is prime Odds that non-prime passes t tests: (1/4)t 15 tests  odds are 1 in a billion

17 Finding Large Primes Possible algorithm:
Generate sufficiently large p = 2kq + 1 for some k, q Test for divisibility by small primes (3, 5, 7, 11, 13, 17) Quick elimination of most failed candidates Choose a set of test a’s for Miller-Rabin test Enough to be as sure as necessary Example: 15 for % certainty If pass test for all a’s, p can be used as prime

Download ppt "Implementation Issues for Public Key Algorithms"

Similar presentations

RSA COSC 201 ST. MARY’S COLLEGE OF MARYLAND FALL 2012 RSA.

RSA COSC 201 ST. MARY’S COLLEGE OF MARYLAND FALL 2012 RSA.
Public Key Cryptosystems - RSA Receiver Sender Eavesdroppe r 175753411947 p q p q p q p and q prime.

Public Key Cryptosystems - RSA Receiver Sender Eavesdroppe r p q p q p q p and q prime.
Public Key Encryption Algorithm

Public Key Encryption Algorithm
Lecture 8: Primality Testing and Factoring Piotr Faliszewski

Lecture 8: Primality Testing and Factoring Piotr Faliszewski
Lecture 3.3: Public Key Cryptography III CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 3.3: Public Key Cryptography III CS 436/636/736 Spring 2012 Nitesh Saxena.
15-251 Great Theoretical Ideas in Computer Science.

Great Theoretical Ideas in Computer Science.
Session 4 Asymmetric ciphers.

Session 4 Asymmetric ciphers.
and Factoring Integers (I)

and Factoring Integers (I)
Factoring 1 Factoring Factoring 2 Factoring  Security of RSA algorithm depends on (presumed) difficulty of factoring o Given N = pq, find p or q and.

Factoring 1 Factoring Factoring 2 Factoring  Security of RSA algorithm depends on (presumed) difficulty of factoring o Given N = pq, find p or q and.
Cryptography and Network Security Chapter 9. Chapter 9 – Public Key Cryptography and RSA Every Egyptian received two names, which were known respectively.

Cryptography and Network Security Chapter 9. Chapter 9 – Public Key Cryptography and RSA Every Egyptian received two names, which were known respectively.
CSE 321 Discrete Structures Winter 2008 Lecture 8 Number Theory: Modular Arithmetic.

CSE 321 Discrete Structures Winter 2008 Lecture 8 Number Theory: Modular Arithmetic.
Lecture 3.2: Public Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 3.2: Public Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.
Public Key Algorithms 4/17/2017 M. Chatterjee.

Public Key Algorithms 4/17/2017 M. Chatterjee.
Chapter 8 – Introduction to Number Theory Prime Numbers

Chapter 8 – Introduction to Number Theory Prime Numbers
RSA Question 2 Bob thinks that p and q are primes but p isn’t. Then, Bob thinks ©Bob:=(p-1)(q-1) = Á(n). Is this true ? Bob chooses a random e (1 < e

RSA Question 2 Bob thinks that p and q are primes but p isn’t. Then, Bob thinks ©Bob:=(p-1)(q-1) = Á(n). Is this true ? Bob chooses a random e (1 < e
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.

Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
Topic 18: RSA Implementation and Security

Topic 18: RSA Implementation and Security
Foundations of Network and Computer Security J J ohn Black Lecture #14 Oct 1 st 2007 CSCI 6268/TLEN 5831, Fall 2007.

Foundations of Network and Computer Security J J ohn Black Lecture #14 Oct 1 st 2007 CSCI 6268/TLEN 5831, Fall 2007.
The RSA Algorithm Rocky K. C. Chang, March 2014 1.

The RSA Algorithm Rocky K. C. Chang, March
Elgamal Public Key Encryption CSCI 5857: Encoding and Encryption.

Elgamal Public Key Encryption CSCI 5857: Encoding and Encryption.

Similar presentations

Ads by Google