1 / 52

Public key cryptography

Public key cryptography. RSA Algorithm Diffie-Hellman key exchange. Public-Key Cryptography. traditional private/secret/single key cryptography uses one key Key is shared by both sender and receiver if the key is disclosed communications are compromised

herman-collier
Download Presentation

Public key cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Public key cryptography RSA Algorithm Diffie-Hellman key exchange

  2. Public-Key Cryptography • traditional private/secret/single key cryptography uses one key • Key is shared by both sender and receiver • if the key is disclosed communications are compromised • also known as symmetric, both parties are equal • hence does not protect sender from receiver forging a message & claiming is sent by sender

  3. Disadvantages of Classical Cryptography • Requires secure transmission of key value • Requires a separate key for each group of people that wishes to exchange encrypted messages (readable by any group member) • For example, to have a separate key for each pair of people, 100 people would need 4950 different keys. • Cumbersome Handshaking involved in KDC

  4. Public-Key Cryptography • probably most significant advance in the 3000 year history of cryptography • uses two keys – a public key and a private key • asymmetric since parties are not equal • uses clever application of number theory concepts to function • complements rather than replaces private key cryptography

  5. Why Public-Key Cryptography? • developed to address two key issues: • key distribution – how to have secure communications in general without having to trust a KDC with your key • digital signatures – how to verify a message comes intact from the claimed sender • public invention due to Whitfield Diffie & Martin Hellman at Stanford U. in 1976

  6. Key Distribution requires that • Two communicants already share a key,which somehow has been distributed to them • Use of a key distribution center • Electronic messages and documents would need the equivalent of signatures used in paper documents.

  7. Public-Key Cryptography • public-key/two-key/asymmetric cryptography involves the use of two keys: • a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures • a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures • is asymmetric because • those who encrypt messages or verify signatures cannot decrypt messages or create signatures

  8. Public-Key CryptographyEncryption

  9. Alice generates a key value (usually a number or pair of related numbers) which she makes public. • Alice uses her public key (and some additional information) to determine a second key (her private key). • Alice keeps her private key (and the additional information she used to construct it) secret.

  10. Bob (or Carol, or anyone else) can use Alice’s public key to encrypt a message for Alice. • Alice can use her private key to decrypt this message. • No-one without access to Alice’s private key (or the information used to construct it) can easily decrypt the message

  11. An Example: Internet Commerce • Bob wants to use his credit card to buy some books from Alice over the Internet. • Alice sends her public key to Bob. • Bob uses this key to encrypt his credit-card number and sends the encrypted number to Alice. • Alice uses her private key to decrypt this message (and get Bob’s credit-card number).

  12. Authentication

  13. Public-Key Cryptosystems

  14. Public-Key Applications • can classify uses into 3 categories: • encryption/decryption (provide secrecy) • digital signatures (provide authentication) • key exchange (of session keys) • some algorithms are suitable for all uses, others are specific to one

  15. THE RSA ALGORITHM • Public key algorithm invented in 1977 by Ron Rivest, Adi Shamir & Leonard Adleman of MIT • Best known & widely used public-key scheme • Supports Encryption & Digital signatures • Gets its security from integer factorization problem

  16. Key Generation • Generate two large random primes, p and q, of approximately equal size such that their product n = pq is of the required bit length, e.g. 1024 bits. • Compute n = pq and phi φ(n) = (p-1)(q-1). • Choose an integer e, 1 < e < φ(n), such that gcd(e, φ) = 1. • Compute the secret exponent d, 1 < d < φ(n), such that ed≡ 1 mod φ(n). • The public key is (n, e) and the private key is (n, d). Keep all the values d, p, q and φ(n) secret. • n is known as the modulus. • e is known as the public exponent or encryption exponent or just the exponent. • d is known as the secret exponent or decryption exponent.

  17. Key Generation -detail • Use a random process to select two large prime numbers p and q. Compute the product n = p*q. This number is called the modulus, and is made publicly available. • RSA currently recommends a modulus that’s at least 768 bits long. • Also compute the Euler totient φ(n) = φ(pq)= (p-1)*(q-1). Keep this number (as well as p and q) secret.

  18. GCD & Relatively prime • Two numbers a and b which have no common factors other than one are said to be coprime or relatively prime. For example, 4 and 9 are coprime but 15 and 25 are not. • The greatest common divisor of two integers a and b is the largest integer that divides both numbers and is denoted by ‘gcd(a, b)’. For example, gcd(25, 15) = 5 and gcd(4, 9) = 1. • a and b are coprime if and only if gcd(a, b) = 1.

  19. Euler Totient φ(n) is the no. of positive integers less than n and relatively prime to n. e.g. φ(12)=4 as the four integers {1,5,7,11} are coprime to 12. φ(7)=6 as the 6 integers {1,2,3,4,5,6} are coprime to 7. i.e. for any prime p, φ(p) = p-1

  20. Key Generation -detail • Randomly choose a public key e that has no factors in common with φ(n)= (p-1)*(q-1). so that gcd(e, φ(n)) = 1, 1 < e < φ(n);[Euclid’s algorithm: gcd(a,b)=gcd(b,r) where r=a mod b e.g. gcd(18,12)=gcd(12,6)=gcd(6,0)=6 i.e. a = qb + r] • Solve following equation to find decryption key d ,e.d ≡ 1 mod φ(n)and d < n; where d is the multiplicative inverse of e in mod φ(n);d ≡ e-1mod φ(n)

  21. ‘mod’ as a congruence relation: The notation ‘a ≡ b (mod n)’ means a and b have the same remainder when divided by n, or, equivalently, • (a) n|a − b, or • (b) a − b = nk for some integer k . • We say that a is congruent to b modulo n, where n is the modulus of the congruence. The two ways of using ‘mod’ are related: • a ≡ b (mod n) <==> a mod n = b mod n.

  22. Compute a private key d so that e*d leaves a remainder of 1 when divided by φ(n) . Find a value for d such that φ(n) divides (ed-1).Note that d is easy to compute only if one knows the value of φ(n). This is essentially the same as knowing the values of p and q.

  23. Using RSA • publish their public encryption key: KU={e,n} • keep secret private decryption key: KR={d,p,q} • to encrypt a message M the sender: • obtains public key of recipient KU={e,n} • computes: C=Me mod n, where 0≤M<n • to decrypt the ciphertext C the owner: • uses their private key KR={d,p,q} • computes: M=Cd mod n

  24. RSA Example • Select primes: p =17 &q =11 • Compute n = pq =17×11=187 • Compute ø(n)=(p–1)(q-1)=16×10=160 • Select e : gcd(e,160)=1; choose e =7 • Determine d: de=1 mod 160 and d < 160 Value is d=23 since 23×7=161= 1×160+1 • Publish public key KU={7,187} • Keep secret private key KR={23,17,11}

  25. Use a property of modular arithmetic: (a x b) mod n = [ (a mod n) x (b mod n) ] mod n • modulo of a product = modulo of the product of its multipliers’ modulos • Strategy - reduce xy into xaxbxc where y=abc using powers of 2 for a, b, c . Then apply above property

  26. given message M = 88 (nb. 88<187) • Encryption: • C = 887 mod 187 = [(884 mod 187)( 882 mod 187)( 881 mod 187)] mod 187 881 mod 187 =88 882 mod 187 = 7744 mod 187 = 77 884 mod 187 = 59,969,536 mod 187=132 = (88 x 77 x 132) mod 187 = 894,432 mod 187 = 11

  27. Decryption: • M = 1123 mod(187) = [(111 mod 187)( 112 mod 187)( 114 mod 187)( 118 mod 187)( 118 mod 187)] mod (187) = (11 x 121 x 55 x 33 x 33) mod(187) = 88

  28. Q. p=11,q=3 M=7

  29. Comparison

  30. Diffie-Hellman Key Exchange • Whittfield Diffie and Martin Hellman are called the inventors of Public Key Cryptography. • Diffie-Hellman Key Exchange is the first Public Key Algorithm published in 1976.

  31. Discrete Logarithms • What is a logarithm? • log10100 = 2 because 102 = 100 • In general if logmb = a then ma = b • Where m is called the base of the logarithm • A discrete logarithm can be defined for integers only • In fact we can define discrete logarithmsmod p also where p is any prime number

  32. Primitive Roots • If x n = a then a is called the n-th root of x • For any prime number p, if we have a number a such that powers of a mod p generate all the numbers between 1 to p-1 then a is called a Primitive Root of p. • Then for any integer b and a primitive root a of prime number p we can find a unique exponent i such that b = a i mod p • The exponent i is referred to as the discrete logarithm or index, of b for the base a.

  33. 2 as primitive root

  34. Diffie-Hellman Algorithm • Five Parts • Global Public Elements • User A Key Generation • User B Key Generation • Generation of Secret Key by User A • Generation of Secret Key by User B

  35. Global Public Elements • p Prime number • g g < p and g is a primitive root of p • The global public elements are also sometimes called the domain parameters

  36. User A Key Generation • Select private XA XA< p • Calculate public YA YA = g XA mod p

  37. User B Key Generation • Select private XB XB< p • Calculate public YB YB = g XB mod p

  38. Generation of Secret Key by User A • K = (YB)XA mod p

  39. Generation of Secret Key by User B • K = (YA)XB mod p

  40. Diffie-Hellman Key Exchange • Alice and Bob agree upon and make public two • numbers g and p, where p is a prime and g is a primitive root mod p. Note: Anyone has access to these numbers. • The Exchange: 1. Alice chooses a random number a (secret)and computes u =g a (mod p), and sends u to Bob. 2. Bob chooses a random number b (secret)and computes v= g b (mod p), and sends v to Alice. 3. Bob computes the key kbusing secret b= u b mod p 4. Alice computes the key kausing secret a=v a mod p Now, both Alice and Bob have the same key, namely ka = kb = gab (mod p).

  41. kb = u b mod p =(g a mod p)b mod p =(g a)b mod p by modular arithmetic = g ab mod p =(g b)a mod p =(g b mod p)a mod p = v a mod p = ka

  42. Example • Suppose Alice and Bob agree to • use p = 47 and g = 5. • Alice chooses a number between 0 and 46, • say a = 18. • Bob chooses a number between 0 and 46, • say b = 22.

  43. Example • Alice publishes ga (mod p), i.e. • u = 518 (mod 47) = 2. • Bob publishes gb (mod p), i.e. • v = 522 (mod 47) = 28. • If Alice wants to know the secret key k, she takes Bob’s public number,v =28 and raises it to her private number, a = 18 (taking the result mod 47). • This gives her: 2818 (mod 47) = 24.

  44. Example • If Bob wants to know the secret key, he takes Alice’s public number, u = 2, and raises it to his private number, b = 22 (taking the result mod 47). • This gives him: 222 (mod 47) = 24. • Thus, Alice and Bob have agreed upon a secret key, k = 24.

  45. Security of DH exchange • Opponent Eve has the following ingredients p,g,u,v to work with • If Eve wants to compute k, then she would need either a or b. • Otherwise, Eve would need to solve a Discrete Logarithm Problem. • There is no known algorithm to accomplish this in a reasonable amount of time. • E.g. for attacking user B’s secret key,the opponent must compute b=indg,p(v)

  46. Man in the middle attack • Susceptibility: If Eve can intercept u and v, it is possible for her to substitute her own u’ and v’. • If she can intercept all communication • between Alice and Bob, then she can substitute her own messages. • In 1992, the exchange was modified to prevent the man-in-the-middle attack described above.

  47. Example for m-i-t-m-a • Alice wants to talk to Bob, sends her public key to Bob. • But Eve intercepts it, and replaces Alice’s public key with hers. She sends this to Bob. • Bob thinks Alice wants to talk to him. He sends his public key to her. • But Eve intercepts and replaces! • Then Eve sets up shared keys with both!

More Related