1 / 17

ONE WAY FUNCTIONS

ONE WAY FUNCTIONS. SECURITY PROTOCOLS CLASS PRESENTATION. INTRODUCTION. A One - Way function is a function which is easy to compute but difficult to invert. Two conditions for function f - Easy to compute - Difficult to invert. INTRODUCTION.

sott
Download Presentation

ONE WAY FUNCTIONS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. ONE WAY FUNCTIONS SECURITY PROTOCOLS CLASS PRESENTATION

  2. INTRODUCTION • A One - Way function is a function which is easy to compute but difficult to invert. • Two conditions for function f - Easy to compute - Difficult to invert

  3. INTRODUCTION • A One - Way function is a function which is easy to compute but difficult to invert. • Two conditions for function f - Easy to compute There exists a polynomial-time algorithm that on input x outputs f (x) - Difficult to invert Every probabilistic polynomial-time algorithm trying, on input y to find an inverse of y under f , may succeed only with negligible probability.

  4. TYPES OF ONE - WAY FUNCTIONS • Strong One - Way Functions: These are easy to compute and hard to invert functions. Any efficient algorithm has negligible success in inverting such functions. • Weak One - Way Functions: These are easy to compute and slightly hard to invert functions. All efficient inverting algorithms fail to invert such functions with some non-negligible probability.

  5. TYPES OF ONE - WAY FUNCTIONS • Fixed Length One - Way functions • Variable Length One - Way Functions

  6. CANDIDATES OF ONE - WAY FUNCTIONS • Integer Factorization: The time required to factorize an integer N runs into a very high order dependent on the second biggest prime factor P of the given integer N. The function f mult = x. y which is the product of the integers x and y, can be computed in polynomial time. But assuming the intractability of factoring and the “density of primes “theorem it follows that f mult is at least weakly One - Way. Using more sophisticated arguments, it can be shown that f mult is strongly One - Way. • Decoding of Random Linear Codes

  7. VARIATIONS OF ONE - WAY FUNCTIONS • Universal One - Way Functions • One - Way Functions as Collections • The RSA function • The Rabin function • Discrete Logarithms • Trapdoor One - Way Functions • Clawfree One - Way Functions

  8. VARIATIONS OF ONE - WAY FUNCTIONS • Universal One - Way Functions There exist One - Way functions if and only if there exists One - Way functions which can be evaluated by a quadratic time algorithm (the existence of such a specific time bound is important). Such One - Way functions are called Universal One - Way functions.

  9. VARIATIONS OF ONE - WAY FUNCTIONS • One - Way Functions as Collections Instead of viewing One - Way functions as functions operating on an infinite domain, infinite collections of functions each operating on a finite domain are considered. The functions in the collection share a single evaluating algorithm which when inputted a succinct representation of a function and an element in its domain return the value of the specified function at the given point. • The RSA function • The Rabin function • Discrete Logarithms

  10. VARIATIONS OF ONE - WAY FUNCTIONS • Trapdoor One - Way Functions These are collections of functions, {fi}, with the extra property that fi is efficiently inverted once given as auxiliary input a “trapdoor” for the index i. The trapdoor of index I, denoted by t(i), cannot be efficiently computed from i. e.g. the RSA trapdoor: The algorithm of the RSA collection is modified to output the index (N.e) and the trapdoor (N,d), where d = e-1mod (P-1)*(Q-1). FRSA ((N,d), FRSA ((N,e),x)) = xed mod N

  11. VARIATIONS OF ONE - WAY FUNCTIONS • Clawfree One - Way Functions A Clawfree collection of functions consists of a set of pairs of functions which are easy to evaluate, both have the same range, and yet it is infeasible to find a range element together with pre-images of it under each of these functions. E.g. the DLP Clawfree collection, the Factoring Clawfree collection

  12. EXAMPLES OF ONE - WAY FUNCTIONS • Hash Function A hash function H accepts a variable-size message M as input and outputs a fixed-size representation H(M) of M. • RSA Function 1977 by Ron Rivest, Adi Shamir and L. Adleman

  13. HASH FUNCTION - A Hash Value is generated by a function H of the form h = H(M), where M is the variable length message and h is the fixed length Hash Value. • This hash value is appended to the message at the source at a time when the message is assumed or known to be correct. • The receiver authenticates the message by recomputing the Hash value.

  14. HASH FUNCTION… PROPERTIES • H can be applied to a block data of any size. • H produces a fixed-length output. • H(x) is relatively easy to compute for any given x. • For any given code h, it is computationally infeasible to find x such that H(x) = h -> ONE - WAY property. • For any given block x, it is computationally infeasible to find y≠x with H(y)=H(x) ->Weak Collision Resistance. • It is computationally infeasible to find any pair (x,y) such that H(x)=H(y) ->Strong Collision Resistance.

  15. RSA ENCRYPTION Steps: • The first task is to select n. n is normally very large (approx 200 digits) and is a product of two large primes p and q (typically 100 digits each). • Next a large integer e is chosen such that e is relatively prime to (p-1) * (q-1). e is usually picked as a prime larger than both (p-1) and (q-1). 3. Next d is selected such that: e * d = 1 mod (p-1) * (q-1) The message is then encrypted using the encryption formula mentioned above.   e and d are called public and private exponents.

  16. RSA ENCRYPTION… AN EXAMPLE 1. p = 11 and q = 13 ---both primes n = p*q = 143 and (p-1).(q-1) = 120 • Choose e such that it is relatively prime to (p-1).(q-1) Say e = 11. • d = e-1mod (p-1) * (q-1) = 11. Let message to be encrypted be letter ‘H’ -> number 7 if we map A to Z from 0 to 25.   Encryption: E(‘H’) = E(7) => 711 mod 143 = 106 Decryption: D(106) => 10611 mod 143 = 7 => ‘H’

  17. RSA ENCRYPTION… AN EXAMPLE C = Me mod n M = Cd mod n Public key: (5,119) Private key: (77,119) 195 = 2476099 = 20807 with -------------- remainder 119 of 66 Plain Text 19 Cipher text 6677 = 6677 = remainder -------- of 19 119 Plain Text 19

More Related