1 / 28

Public Key Cryptography

Public Key Cryptography. Alice and Bob agree on a key, without meeting!. News Story of the Day. News Story of the Day. Bob. Alice. encrypt. decrypt. plaintext message. plaintext message. ciphertext. key. key. SENDER. RECEIVER. retreat at dawn. retreat at dawn. sb%6x*cmf.

siegfried
Download Presentation

Public Key Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Public Key Cryptography Alice and Bob agree on a key, without meeting! Harvard Bits

  2. News Story of the Day Harvard Bits

  3. News Story of the Day Harvard Bits

  4. Bob Alice encrypt decrypt plaintext message plaintext message ciphertext key key SENDER RECEIVER retreat at dawn retreat at dawn sb%6x*cmf ciphertext ATTACKER Cryptosystems Eve Harvard Bits

  5. DES: The Data Encryption Standard • A 1976 public standard • 56 bit key • Long enough in 1976 • With today’s more powerful computers a brute force search through possible keys takes only a day • Superceded by Advanced Encryption Standard or “AES”: 128, 192, or 256 bit key • AES not cracked as far as we know Harvard Bits

  6. Harvard Bits

  7. Alice (You) Sf&*&3vv*+@@Q 1324-5465-2255-9988 1324-5465-2255-9988 SENDER AES ciphertext key key RECEIVER Bob (An on-line store) ATTACKER (Identity thief) Eve The Problem Remains: How to Get the Key from Alice to Bob? The Internet (Alice’s Credit Card #) (Alice’s Credit Card #) Harvard Bits

  8. Clifford Cocks and Malcolm Williamson, secret work in the British GCHQ, 1973-74, revealed only in 1997 Public-Key Cryptography • Whit Diffie and Marty Hellman, New Directions in Cryptography, 1976 Harvard Bits

  9. Harvard Bits

  10. A Way for Alice and Bob to agree on a secret key Harvard Bits

  11. A Way for Alice and Bob to agree on a secret key through messages that are completely public Harvard Bits

  12. The basic idea of Diffie-Hellman key agreement • Arrange things so that • Alice has a secret number that only Alice knows • Bob has a secret number that only Bob knows • Alice and Bob then communicate something publicly • They somehow compute the same number • Only they know the shared number -- that’s the key! • No one else can compute this number without knowing Alice’s secret or Bob’s secret • But Alice’s secret number is still hers alone, and Bob’s is Bob’s alone • Sounds impossible … Harvard Bits

  13. One-Way Computation • Easy to compute, hard to “uncompute” • What is 28487532223✕72342452989? • Not hard -- easy on a computer -- about 100 digit-by-digit multiplications • What are the factors of 206085796112139733547? • Seems to require vast numbers of trial divisions Harvard Bits

  14. 0 7 1 6 2 5 3 4 Modular arithmetic 6 + 5 (mod 8) = 3 (mod 8) Harvard Bits

  15. Math Quiz 1 5 1 1 = (23)100 = 1100 = 1 Harvard Bits

  16. (mod p) notation • Think of the (mod p) at the end of the line as referring to everything in the equation • (23)100 = 1100 = 1 (mod 7) means “(23)100 , 1100 , and 1 are all equivalent if you divide by 7 and keep just the remainder” • “(mod 100)” means “just keep the last two digits” Harvard Bits

  17. There’s a shortcut for computing powers • Problem: Given q and p and n,find qn(mod p) • Method 1: multiply q by itself n-1 times • Requires n-1 multiplications • Method 2: use repeated squaring • Requires about lg n multiplications Harvard Bits

  18. Example How many multiplications do you need to find x^6? Method 1: x^6 = x*x*x*x*x*x => 5 multiplications Method 2: x^6 = (x^2) *(x^2) *(x^2) => 3 multiplications If n is a 500-digit number, we can compute qn (mod p) in about 1700 (= lg 10500) steps. Harvard Bits

  19. Example – Compute 1235 mod 7 What is the minimum number of multiplications needed to compute 1235 mod 7 ? 1235 mod 7 = (12 mod 7)35 mod 7 Let X = 12 mod 7 = 5 We can write 35 in binary as 100011. So we have X35 mod 7, which we can simplify to: = X^2^5 * X^2^1 * X^2^0 = X32 * X2 * X = ((((X2)2)2)2)2) * X2 * X = 7 multiplications Harvard Bits

  20. Example – Compute 1235 mod 7 X35 = ((((X2)2)2)2)2) * X2 * X 12 mod 7 = 5 5^2 mod 7 = 4 4^2 mod 7 = 2 2^2 mod 7 = 4 4^2 mod 7 = 2 2^2 mod 7 = 4 (4*25) mod 7 = 2 (2*5) mod 7 = 3 Take the modulo operation at each step! Harvard Bits

  21. There’s no shortcut for computing logarithms mod p • Problem: Given q and p and y,find n such that qn =y (mod p) • As far as anyone knows, there are no shortcuts. • The only way to do this is essentially by brute-force search among all possibilities for n. • Example: If p is a 500-digit number, finding n so that qn =y (mod p) requires about 10500 steps. Harvard Bits

  22. “Discrete logarithm” problem • It is easy to compute modular powers but seems to be hard to reverse that operation • For what value of n does 54321n=18789 mod 70707? • Try n=1, 2, 3, 4, … • Get54321n= 54321, 26517, 57660, 40881 … mod 70707 • n=43210 works, but no known quick way to discover that Harvard Bits

  23. The math behind Diffie-Hellman key agreement • Given q and p,and an equation of the form qn =y (mod p) • Then it is exponentially harder to compute n given y, than it is to compute y given n. • For 500-digit numbers, we’re talking about a computing effort of 1700 steps vs. 10500 steps. Harvard Bits

  24. Discrete logarithm seems to be a one-way function • Fix numbers q and p (big numbers, q<p) • Let f(a) = qa (mod p) • Given a, computing f(a)=A is easy • But it is impossibly hard, given A, to find an a such that f(a)=A. Harvard Bits

  25. Another useful fact • For any two numbers a, b, (qb)a = (qa)b • Likewise (qb)a mod p = (qa)b mod p Harvard Bits

  26. Bob A B Alice To generate a public key, they both use two numbers that are publically available – a public prime number ‘p’ and a public base ‘q’ (base means the base of the exponent here) Harvard Bits

  27. Bob A B Alice Eve (qb mod p) a mod p = (qa mod p) b mod p This is because (qb)a = (qa)b Alice and Bob now both have an encryption key that they both know that Eve doesn’t! Harvard Bits

  28. Bob A B Alice Eve Let the public key p = 23 (prime number), the public base q = 5. Find Alice and Bob’s shared key given a = 6, b = 15 Harvard Bits

More Related