Title: PRESENTATION ON
1PRESENTATION ON PUBLIC KEY CRYPTOGRAPHY
by TANSEL ZENGINLER 24.03.2005
CmpE 526 Operating System and Network, Security
2005
2Contents
- Introduction
- Public-Key Cryptosystem
- Number Theory
- Modular Arithmetic
- The Euclidean Algorithm
- Chinese Remainder Theorem
- RSA Cryptosystem
- Implementation
- Proof
- RSA Encryption in Practice
- Attacks on RSA
- Conclusion
3Introduction
- Cryptography is the art or science of
mathematical techniques related to such aspects
of data security as - confidentiality, or keeping secret the content of
information from unauthorized parties - data integrity, or detecting the unauthorized
alteration of data - authentication, or identifying either entities or
data origins - non-repudiation, or preventing an entity from
denying previous commitments or actions.
4Introduction
- Cryptanalysis is the study of mathematical
methods which are used in attempting to defeat
cryptographic techniques. - Cryptology means the study of cryptography and
cryptanalysis.
5Terminology
- Plaintext or Cleartext The message
- Ciphertext The encrypted message
6Terminology
- Encryption Encoding the contents of the message
in such a way that hides its contents from
outsiders - Decryption The process of retrieving the
plaintext from the ciphertext - Encryption and decryption usually make use of a
key, and the coding method is such that
decryption can be performed only by knowing the
proper key.
7Cryptographic Algorithms
- There are two classes of key-based encryption
algorithms - Symmetric (or secret-key) algorithms
-
- Asymmetric (or public-key) algorithms
-
8Symmetric Algorithms
- Same key for encryption and decryption
- OR
- the decryption key is easily derived from the
encryption key
- Problem How to distribute the key to Alice Bob
securely
9Examples of Symmetric Alg.
- DES, 3DES
- AES
- BlowFish
- Enigma, Purple
- Vigenere
10Asymmetric Algorithms
- Different keys for encryption and decryption
- a public-key, which may be known by anybody, and
can be used to encrypt messages, and verify
signatures - a private-key, known only to the recipient, used
to decrypt messages, and sign (create) signatures
- The decryption key cannot be derived from the
encryption key
11Why a pair of keys?
- The owner of the private key can give the public
key to everyone without fearing they could
discover the private key - A message sent to the owner, encrypted with the
owner's public key can be decrypted only by the
owner with the private key
12Why a pair of keys?
- A message sent from the owner encrypted with the
private key can be decrypted by everyone with the
public key, but only the owner could have sent it - A message encrypted with the sender's private key
and the recipient's public key could have come
only from the sender (authenticity) and can be
decrypted only by the recipient (secrecy)
13How it works??
- Everybody selects its own public key P and
private key S, and publicizes P - Therefore Alice has (Pa , Sa), and Bob has (Pb ,
Sb) - Everybody knows Pa, Pb,
14How it works??
- Suppose Alice wants to send a message to Bob.
- Alice encrypts the message with Bobs public key
Pb and sends out. - (only) Bob can decrypt the message using his
private key Sb. Nobody else can.
15Asymmetric Algorithms
16Properties of Public Key Cryptosystem
- D(E(M)) M
- Both E() and D() are easy to compute
- Publicly revealing E() does not make it easy to
determine D()
17More Properties of Public Key Cryptosystem
- E(D(M)) M - needed for signatures
- The collection of E()s are made publicly
available. D()s are incomputable by knowing
E()s. Called a one-way trap-door function (hard
to invert, but easy if you have the secret
information)
18Message Blocking
- Most of the PK systems require that the input
plaintext is of a fixed size. - Messages longer than this are broken into blocks.
- Smaller messages are padded.
19Examples of Asymmetric Alg.
- RSA
- ElGamal
- Elliptic Curve Cipher
20History of Public-Key Cryptosystem
- 1970 The public-key cryptography was proposed
by James Ellis, The possibility of non-secret
encryption. This paper was not published - 1973 Clifford Cocks paper a note on
non- secret encryption, same as RSA - 1976 The idea of Public Key Cryptography was
put by Diffie and Hellman - 1977 Rivest, Shamir and Adleman invented RSA
Cryptosystem
21Number Theory
- Number theory is a division of mathematics that
studies the properties of integers and all
numbers in general. - Leads to more exotic notions of number.
- Cryptography is heavily based on number theory.
22Number Theory
- Overview of Modular Arithmetic
- The Euclidean Algorithm
- The Chinese Remainder Theorem
23Overview of Modular Arithmetic
- Definition a ? b (mod n) ? n (b - a)
- Alternatively, a qn b
- Properties (equivalence relation)
- a ? a (mod n)
Reflexive - a ? b (mod n) ? b ? a (mod n) Symmetric
- a ? b (mod n) and b ? c (mod n) ? a ? c (mod n)
Transitive
24Overview of Modular Arithmetic
- Definition An equivalence class mod n
- a x x ? a (mod n) a qn q ?
Z - It is possible to perform arithmetic with
equivalence classes mod n - a b ab
- a b ab
25Modular Inverses
- Definition x is the inverse of a mod n, if ax ?
1 (mod n) - The equation ax ? 1 (mod n) has a solution iff
gcd(a,n) 1
26The Euclidean Algorithm
- Used to compute the greatest common divisor of
two positive integers, a and b. - Algorithm
- Let r0a and r1b (suppose a ? b)
- r0 q1 r1 r2 0 ? r2? r1
- r1 q2 r2 r3 0 ? r3? r2
- rm-2 qm-1 rm-1 rm 0 ? rm? rm-1
- rm-1 qm rm
- Then gcd(a,b)gcd(r0, r1)gcd(r1, r2)
- gcd(rm-1, rm) rm
27Extended Euclidean Algorithm
- Definition There exist x and y such that ax
ny gcd(a,n). - When gcd(a,n) 1, we get ax ny 1.
- Taking this equation mod n, we see that
ax ? 1 (mod n)
28The Chinese Remainder Thm
- Theorem
- If gcd(m,n) 1, then given a and b there exist
an integer solution to the system - x ? a (mod m) and x b (mod n).
-
29The Chinese Remainder Theorem
- Proof
- Consider the map x ? (x mod m, x mod n).
- This map is a 1-1 map from Zmn to Zm ? Zn, since
if x and y map to the same pair, then x ? y (mod
m) and x ? y (mod n). Since gcd(m,n) 1, this
implies that x ? y (mod mn). - Since there are mn elements in both Zmn and Zm ?
Zn, the map is also onto. This means that for
every pair (a,b) we can find the desired x.
30Fermats Little Theorem
- Theorem ap ? a (mod p)
- Explanation If a prime divides the product of
numbers, than it must divide one of the original
numbers. - Example Let a2, p5 25 32 2 mod 5
-
31Fermats Theorem
- Proof
- Assume that a ? 0 ? Zp. Then
- a 2a (p-1)a (p-1)! ap-1
- Also, since ai ? aj (mod p) ? i ? j (mod p),
the numbers a, 2a, , (p-1)a are distinct
elements of Zp. Therefore they are equal to
1,2,,(p-1) and their product is equal to (p-1)!
mod p. This implies that - (p-1)! ap-1 ? (p-1)! (mod p) ? ap-1 ? 1 (mod
p).
32Euler's Totient Function
- Definition The Totient function, represented by
f(n), is defined as the number of positive
integers less than n which are relatively prime
to n. - Example Take the number 14 f(14) would then
start with 1,2,3,4,5,6,7,8,9,10,11,12,13.
Cancel the multiples of 2, and 7. Now we have
1,3,5,9,11,13 6 relatively prime numbers
33RSA Cryptosystem
- Based on the idea that it is hard to factor large
numbers.
34Implementation of RSA
- Select the public key and private key, key
generation period - Publicize the public key
- Keep the secret key
35Implementation of RSA
- Encryption Use public key
- Decryption Use private key
- Signing Use private key
- Verifying Use public key
- Of course, from public key it is very difficult
to get the private key
36Key Generation
- Each entity creates an RSA public key and a
corresponding private key through the following
steps - Generate two large random (and distinct) primes p
and q, each roughly the same size - Compute n pq and F (p-1)(q-1)
- Select a random integer e, 1lt e lt F, such that
gcd(F, e) 1.
37Key Generation
- Use the extended Euclidean Algorithm to compute
integer d such that ed 1 mod (f) - As public key is (n, e) As private key is d
- (e, d) are called the encryption exponent and
decryption exponent respectively. n is called the
modulus
38Encryption/Decryption
- B encrypts a message m for A, which A decrypts
- Encryption B does the following
- Obtain As authentic public key (n, e)
- Represent the message as an integer m in the
interval 0, n - 1 - Compute c me mod n
- Send the ciphertext to A
- Decryption A does the following
- m cd mod n
39Proof of RSA
- x is the plain text and y is the ciphertext
- If x0 ?Zn , then it is correct.
- If x ?Zn , then
- ab1 mod ?(n), abt?(n)1 (for some t).
- ya(xb)a ? x t?(n)1 ? (x?(n))t x ? 1t x ? x
(mod n)
40RSA Example
- Select two primes p 7, q 17
- Calculate n pq 7 x 17 119
- Calculate ?(n) (p-1)(q-1) 6 x 16 96
- Select e relatively prime to less than ?(n)
- In this example e 5
- Find d such that de 1 mod ?(n) 77
- Public Key 5, 119
- Private Key 77, 119
41RSA Encryption in Practice
- Recommended size of modulus gt 1024
- Selecting primes
- Roughly same size p and q to prevent elliptic
curve factoring - p q should be large enough (attacking numbers
near sqrt(n)) - Selecting e
- In general 3 or 2161 65537
42Attacks
- Brute Force
- Finding ?(n)
- Finding a directly
43Conclusion
- The RSA algorithm is part of many official
standards worldwide. - Technology using the RSA algorithm is licensed by
over 700 companies. - RSA is by far the most widely used public-key
algorithm in the world.
44References
- Rivest, R. L., Shamir, A., and Adleman, L., A
Method for Obtaining Digital Signatures and
Public Key Cryptosystems, JACM, Vol. 21, No. 2,
1978, pp. 120-126 - www.rsasecurity.com
- Douglas R. Stinson, Cryptography, A CRC Press
Company, 2002
45COMMENTS QUESTIONS??
46THANK YOU