1 / 17

Chapter 3 Encryption Algorithms & Systems (Part C)

Chapter 3 Encryption Algorithms & Systems (Part C). Outline. NP-completeness & Encryption Symmetric (secret key) vs Asymmetric (public key) Encryptions Popular Encryption Algorithms Merkle-Hellman Knapsacks RSA Encryption El Gamal Algorithms DES Hashing Algorithms Key Escrow & Clipper.

trixie
Download Presentation

Chapter 3 Encryption Algorithms & Systems (Part C)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 3Encryption Algorithms & Systems (Part C)

  2. Outline • NP-completeness & Encryption • Symmetric (secret key) vs Asymmetric (public key) Encryptions • Popular Encryption Algorithms • Merkle-Hellman Knapsacks • RSA Encryption • El Gamal Algorithms • DES • Hashing Algorithms • Key Escrow & Clipper csci5233 computer security & integrity (Chap. 3)

  3. RSA Encryption • 1978: Rivest, Shamir, Adelman • Public key encryption • Remains secure to date • Encryption key (e) and decryption key (d) are interchangeable. • The two keys, e and d, are carefully chosen such that C = Pe mod n (encryption) and P = Cd mod n (decryption). csci5233 computer security & integrity (Chap. 3)

  4. Euler Totient Function • (n): the number of positive integers less than n and are relatively prime to n. • If n is prime: (n) = n – 1 • When n = p * q, where both p and q are primes and p  q: (n) = (p) * (q) = (p – 1) * (q – 1) csci5233 computer security & integrity (Chap. 3)

  5. RSA Encryption • Public key = (e, n) • Private key = (d, n) • Step 1: Choose n, p, & q n = p * q, where both p and q are primes and p  q Example: n = 143 = p * q = 11 * 13 csci5233 computer security & integrity (Chap. 3)

  6. RSA Encryption • Step 2: Choose e. e is relatively prime to (n). That is, e is relatively prime to (p-1)*(q-1). Example: e = 17, which is relatively prime to 10*12. • Step 3: Compute d. d is the inverse of e mod (p-1)*(q-1). Use the algorithm on page 81 to compute inverses. Note: A Java implementation of the algorithm is available at the class page. Example: d = e-1 mod (p-1)*(q-1) = 17-1 mod 120= 113 csci5233 computer security & integrity (Chap. 3)

  7. RSA Encryption • An example (pp.94-95): P = 7 Let n = 143, p = 11, q = 13, and e = 11. Note: e is relprime to (p-1)*(q-1). Then d = 11 Note: d is the inverse of e mod (p-1)*(q-1). Encryption: C = Pe mod n = 711 mod 143 = 106 Decryption: P = Cd mod n = 5011 mod 143 = 7 csci5233 computer security & integrity (Chap. 3)

  8. RSA Encryption • Another example: P = 7 Let n = 143, p = 11, q = 13, and e = 17. Note: e is relprime to (p-1)*(q-1). Then d = 113 Note: d is the inverse of e mod (p-1)*(q-1). Encryption: C = Pe mod n = 717 mod 143 = 50 Decryption: P = Cd mod n = 50113 mod 143 = 7 csci5233 computer security & integrity (Chap. 3)

  9. RSA Encryption • Still another example: P = 55 Let n = 285, p = 19, q = 17, and e = 37. Note: e is relprime to (p-1)*(q-1), 288. d = 109 Note: d is the inverse of e mod (p-1)*(q-1). Encryption: C = Pe mod n = 5537 mod 288 = 55 Decryption: P = Cd mod n = 55109 mod 288 = 55 csci5233 computer security & integrity (Chap. 3)

  10. RSA Encryption • The cryptographer’s job: • Find three primes, p, q, and e, where p * q = n and e is relatively prime to (p-1)*(q-1). • Compute d based on e and n. The challenge: p, q, and e must be large enough primes. See discussions on p.95. csci5233 computer security & integrity (Chap. 3)

  11. RSA Encryption • The cryptanalyst’s job: P = Cd mod n • Available: (e, n). • Find two primes p and q, such that p * q = n and e is relatively prime to (p-1)*(q-1). • Compute d: d = inverse (e, (p-1)*(q-1)) Q: Where’s the secrecy? Q: Given n and a prime e, how hard is it to find two distinct primes, p and q, such that p*q = n and (p-1)*(q-1) is relprime to e? csci5233 computer security & integrity (Chap. 3)

  12. El Gamal Algorithm • A public key algorithm • 1984 • Important in the U.S. DSS (Digital Signature Standard) • Digital Signatures The sender computes the digital signature using his own private key. DS = E (Keypriv, P) The receiver verifies the signature using the sender’s public key. P = D (Keypub, DS) csci5233 computer security & integrity (Chap. 3)

  13. El Gamal Algorithm • To generate a key pair: • Choose a prime p and two integers, a and x, such that a < p and x < p. • The prime p should be chosen so that (p-1) has a large prime factor q. • Calculate the public key: y = ax mod p. • Private key: x • Public key: y csci5233 computer security & integrity (Chap. 3)

  14. El Gamal Algorithm • (The sender) To sign a message m: • Choose a new random integer k, 0 < k < p-1 and k is relprime to (p-1). • Compute r = ak mod p. • Compute s = k-1 ( m – xr ) mod (p-1) • The message signature: r and s. • Verification: A recipient use the public key (y) to compute ( y r r s ) mod p and determine if it is equivalent to am mod p. csci5233 computer security & integrity (Chap. 3)

  15. Hash Algorithm • A hash algorithm is a check function that protects data against modifications. • C.f., checksum in network transmission • Hash functions produce a reduced form of a body of data (called a digest or check value) such that most changes to the data will also change the reduced form. • A cryptographic hash function uses a cryptographic function as part of the hash function. • 1992: Secure Hash Algorithm (SHA) csci5233 computer security & integrity (Chap. 3)

  16. Secure Hash Algorithm (SHA) • 1992: NIST • Input data < 264 bits • 160-bit digest • Strength: diffusion, the avalanche effect • See Fig. 3-9, p.99 • C.f., MD4, MD5 Both MD5 and SHA are variants of the MD4 by Rivest. Strength: MD4 < MD5 < SHA csci5233 computer security & integrity (Chap. 3)

  17. Summary • Public key encryption algorithms: Merkle-Hellman, RSA, El Gamal • SHA • Next: DES, Key Escrow csci5233 computer security & integrity (Chap. 3)

More Related