Cryptography

1
Cryptography

• Public Key vs. Private Key
• Cryptosystems

2
by William M. Faucette

• Department of Mathematics
• State University of West Georgia

3
What is Cryptography?

• Cryptography is a scientific mix of mathematical
  theory and computational application which allows
  the confidential transfer of information.

4
What is Cryptography?

• Please allow me to introduce the main characters
  in our drama
• Alice and Bob wish to perform some form of
  communication while Eve is an eavesdropper who
  wishes to spy on or tamper with the
  communications between Alice and Bob.

5
What is Cryptography?

• Cryptography is concerned with four facets of
  data transfer
• Confidentiality
• Authenticity
• Integrity
• Non-repudiation

6
Confidentiality

• A message sent from Alice to Bob cannot be read
  by anyone else.

7
Authenticity

• Bob knows that only Alice could have sent the
  message he has just received.

8
Integrity

• Bob knows that the message from Alice has not
  been tampered with in transit.

9
Non-Repudiation

• It is impossible for Alice to turn around later
  and say she did not send the message.

10
Cryptography in Ancient Times
11
Cryptography in Ancient Times

• Perhaps one of the most ancient methods of
  cryptography, attributed to Julius Caesar,
  involves fixing an alphabet and choosing a shift
  index.

12
Cryptography in Ancient Times

• The shift index tells you how many letters down
  the alphabet to shift a letter in order to encode
  it.

13
Cryptography in Ancient Times

• For example, if we use the standard 26-letter
  English alphabet and choose a shift index of 4,
  then
• A is encoded to E,
• B is encoded to F,
• C is encoded to G,
• and so forth.

14
Cryptography in Ancient Times

• For letters at the end of the alphabet, we simply
  wrap around to the beginning of the alphabet
• V is encoded to Z,
• W is encoded to A,
• X is encoded to B,
• and so forth.

15
A Modern Descriptionof this Cryptosystem
16
A Modern Description of this Cryptosystem

• Take each letter, A through Z, and assign it a
  number in the ring Z/26Z by taking A to 1, B to
  2, C to 3, . . . , Y to 25, and Z to 0.
• This allows us to convert any string of text,
  called plaintext, into a string of numbers
  between 0 and 25.

17
A Modern Description of this Cryptosystem

• Once we have the message as a string of digits,
  to encode the message, we simply apply the
  function
• where n is the shift index.

18
A Modern Description of this Cryptosystem

• The encoding is completed by turning the
  resulting string of digits back into characters
  using the original correspondence.

19
Oops!
20
Oops!

• The only problem with this cryptosystem is that
  it is easily broken. That is, it is possible for
  an unauthorized person to convert the ciphertext
  back to plaintext.

21
Oops!

• In order to break this code, you need only
  perform a frequency analysis, counting the number
  of times each letter occurs in the ciphertext.

22
Oops!

• Knowing that the letter E is the most commonly
  occurring letter in English text, we can
  (probably) assume that the letter E maps to the
  most commonly occurring letter in the ciphertext.

23
Oops!

• Knowing the correspondence of one plaintext
  letter to one ciphertext letter gives you enough
  information to decode the intercepted ciphertext.

24
A Better Cryptosystem

• A Digraph Cipher

25
A Better Cryptosystem

• One problem with the preceding cryptosystem is
  that it takes one letter and encodes it to the
  same letter every time. This enables us to
  conduct a frequency analysis and break the
  cipher.

26
A Better Cryptosystem

• Rather than encode one letter at a time, we can
  encode blocks of letters at a time. For example,
  we can encode pairs of letters. Such a
  cryptosystem is known as a digraph cipher.

27
Digraph Cipher

• Use the same function taking the English alphabet
  into the ring Z/26Z. For a pair of plaintext
  letters, this gives us a pair of integers modulo
  26. We can consider this ordered pair as a
  vector in (Z/26Z)2.

28
Digraph Cipher

• To encipher this vector, v, we need an
  enciphering matrix, M. That is, a 2x2 matrix
  with entries in Z/26Z which is invertible in
  Z/26Z.
• Such a matrix is invertible if and only if its
  determinant is relatively prime to 26.

29
Digraph Cipher

• The enciphering is then accomplished by
  multiplying the vector v by the enciphering
  matrix M, and then converting the resulting
  vector back into letters.

30
Example
31
Example

• Start with the plaintext
• West Georgia
• This message has an odd number of letters, so we
  add a random letter x and break the message
  into digraphs
• WE ST GE OR GI AX

32
Example

• Next, we convert the digraphs to vectors in
  Z/26Z
• WE (23, 5)
• ST (19, 20)
• GE (7, 5)
• OR (15, 18)
• GI (7, 9)
• AX (1, 24)

33
Example

• For our enciphering matrix, well use the matrix

34
Example

• We encipher all the vectors at once using matrix
  multiplication

35
Example

• The product of these two matrices is
• remembering that we are working in Z/26Z.

36
Example

• Converting these vectors back into digraphs, we
  get the ciphertext
• IKTGCOFMOEVU

37
Example

• Comparing the ciphertext
• IKTGCOFMOEVU
• with the plaintext
• WESTGEORGIAX
• we see that the two Es go to two different
  letters, K and O, making breaking this cipher
  more difficult.

38
Variations on a Theme
39
Other Variations

• Of course, theres nothing special about
  digraphs We can divide the plaintext into
  blocks of k letters and use a kxk enciphering
  matrix.

40
Other Variations

• We can also add a fixed vector b after
  multiplying by the enciphering matrix M.
• If P is the plaintext message, the ciphertext
  message is given by
• MPb mod 26

41
Private Key Cryptography
42
Private Key Cryptography

• The cryptosystems we have described so far are
  all private key cryptosystems.

43
Private Key Cryptography

• The enciphering keys in the last variation are
  the matrices M and the vector b.
• These keys must be kept private because knowing
  the enciphering keys allows one to compute the
  deciphering keys.

44
Private Key Cryptography

• For example, if the cryptosystem uses the
  enciphering function
• CMPb
• Then we can solve this matrix equation for P to
  get
• PM-1(C-b)M-1C-M-1b

45
Private Key Cryptography

• So, we see that if the data (M, b) are the
  enciphering keys, the deciphering keys are
  (M-1???M-1b).
• From this we see that anyone who knows the
  enciphering keys can compute the deciphering keys.

46
Public Key Cryptography
47
Public Key Cryptography

• In contrast, with public key cryptography,
  knowledge of the enciphering key does not allow
  one to compute the deciphering key.

48
Public Key Cryptography

• Similarly, knowledge of the deciphering key does
  not allow one to compute the enciphering key.

49
Why Would Someone Use Public Key Cryptography?
50
Why Would Someone Use Public Key Cryptography?

• If knowledge of an enciphering key allows one to
  compute the corresponding deciphering key, it is
  possible for this party to intercept and read a
  ciphertext message intended for another party.
  This defeats confidentiality.

51
Why Would Someone Use Public Key Cryptography?

• If knowledge of a deciphering key allows one to
  compute the corresponding enciphering key, it is
  possible for this party to code and send a
  ciphertext message to a third party. This
  defeats authenticity.

52
When Would Someone Use Public Key Cryptography?
53
When Would Someone Use Public Key Cryptography?

• Public key cryptography tends to be slower than
  private key cryptography, so why would anyone use
  it?

54
When Would Someone Use Public Key Cryptography?

• Public key cryptography is used in an auxiliary
  capacity, say to agree upon keys for a
  traditional private key cryptosystem.

55
When Would Someone Use Public Key Cryptography?

• It is possible for two parties to initiate secret
  communications without ever having had any prior
  contact, without having established any prior
  trust, without exchanging any preliminary
  information.

56
How Does Public Key Cryptography Work?
57
How does Public Key Cryptography Work?

• In order to implement public key cryptography,
  each person, Alice and Bob, has a public
  enciphering key, KE, and a private deciphering
  key, KD.

58
How does Public Key Cryptography Work?

• The public keys are published and made available
  to the public, while the private keys are kept
  confidential.

59
How does Public Key Cryptography Work?

• Since the enciphering keys are made public, in
  order to ensure the security of the cryptosystem,
  it must be computationally infeasible to find the
  private keys from the public keys.

60
How does Public Key Cryptography Work?

• Computationally infeasible does not mean that the
  computation is impossible. Rather, it means that
  the amount of computer time necessary to perform
  the computation is prohibitively long.

61
How does Public Key Cryptography Work?

• So, in order to implement public key
  cryptography, we must have some function that is
  easy to compute, but whose inverse function
  cannot be computed in any reasonable sense.

62
How does Public Key Cryptography Work?

• That is, in order to implement public key
  cryptography, we must have a trapdoor function.

63
Trapdoor Functions
64
Trapdoor Functions

• A trapdoor function is a function f which is easy
  to compute, but whose inverse function f-1 is
  impossible to compute without performing a
  prohibitively lengthy computation.

65
Trapdoor Functions

• Two types of trapdoor functions that are used in
  the RSA cryptosystem and Elliptic Curve
  cryptosystems are these
• The prime factorization problem
• The discrete logarithm problem

66
The Prime Factorization Problem
67
The Prime Factorization Problem

• The Fundamental Theorem of Arithmetic states that
  every natural number can be factored
  (essentially) uniquely into a product of prime
  numbers.

68
The Prime Factorization Problem

• However, given a very large number n, say on the
  order of 10100, it is computationally infeasible
  to factor n.

69
A Little Computation

• In order to factor n, one systematic way which is
  easily implemented on a computer is to divide n
  by
• 2, 3, 4, . . . , n1/2
• to test for a divisor.

70
A Little Computation

• If we try this approach with a natural number of
  the order of 10100, this technique would take
  1050 operations to complete.

71
A Little Computation

• In 1997, the Department of Energy announced the
  worlds fastest computer performed one trillion
  floating point operations per second, a teraflop.

72
A Little Computation

• This computer would take more than 3x1033 years
  to factor a 100 digit number by this systematic
  method.

73
The Discrete Logarithm Problem
74
The Discrete Logarithm Problem

• To describe the discrete logarithm problem, we
  start with a finite abelian group G of very large
  order.

75
The Discrete Logarithm Problem

• Typically, G is a group such as (Z/nZ), the
  group of invertible elements in the ring Z/nZ, or
  Fq, the group of nonzero elements in the finite
  field with q elements.

76
The Discrete Logarithm Problem

• For a fixed element b in G consider the map from
  the natural numbers into G given by n maps to bn.

77
The Discrete Logarithm Problem

• For any element y in G, the discrete logarithm of
  y base b is the smallest natural number n so that
  bny.

78
The Discrete Logarithm Problem

• Like the prime factorization problem, the
  discrete logarithm problem is believed to be
  difficult and also to be the hard direction of a
  trapdoor function.

79
The Discrete Logarithm Problem

• The discrete logarithm problem has received much
  attention in recent years. The best discrete
  logarithm problems have expected running times
  similar to those of the best factoring
  algorithms.

80
The Discrete Logarithm Problem

• Rivest has analyzed the expected time to solve
  the discrete logarithm problem both in terms of
  computing power and cost.
• See R.L. Rivest. Response to NIST's proposal.
  Communications of the ACM, 35 41-47, July 1992.

81
The Discrete Logarithm Problem

• The discrete logarithm problem appears to be much
  harder over arbitrary groups than over finite
  fields this is the motivation for cryptosystems
  based on elliptic curves.

82
Next Time

• In the next two lectures, we will systematically
  look at two public key cryptosystems The RSA
  cryptosystem and elliptic curve cryptosystems.

83
Thanks for Attending