Discrete Logarithm Problem - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

Discrete Logarithm Problem

Description:

3. Public Notary or Certification Authority. have an off-line server trusted by all clients ... CA not know the private keys of users. ... – PowerPoint PPT presentation

Number of Views:55
Avg rating:3.0/5.0
Slides: 20
Provided by: xuka
Category:

less

Transcript and Presenter's Notes

Title: Discrete Logarithm Problem


1
Discrete Logarithm Problem ElGamal Cryptosystem
  • Discrete logarithm problem
  • Problem 6.1, page 227
  • ElGamal cryptosystem
  • Cryptosystem 6.1, page 227
  • Example 6.1, page 228

2
Authentication and digital signature
  • Conventional (hand) signature
  • A part of document physically
  • Verification comparing it with other authentic
    signature by people, easily forgery
  • Copy of signed document is easily distinguished
    from original
  • Digital signature
  • Not attached in the document physically,
    therefore must somehow bind signature to the
    message
  • Publicly known verification algorithm, anybody
    can verify it, not easy to forgery
  • Easy copy of signed digital message, thus need to
    prevent reuse of the copy such as timestamp.

3
Digital signature
  • Two components
  • A (private) signing algorithm sigK
  • A public verifying algorithm verK
  • For message x, signature is ysigK(x).
  • Pair (x,y) called signed message and transmitted
  • Verification
  • verK(x,y) true if ysigK(x), false othersiae.

4
Requirements for digital signature
  • Both sigK and verK are easily computed (i.e., in
    polynomial time)
  • Given any message x, it is computationally
    infeasible for anyone other than Alice to compute
    a signature y such that verK(x,y) true

5
RSA signature
  • Cryptosystem 7.1, page 276

6
Encryption along with signature
  • Suppose Alice has (PA, SA) and Bob has (PB, SB)
  • Alice wants to send a both signed and encrypted
    message x to Bob.

One method encrypt first and then sign the
encrypted message i.e., y xPB mod n
, z ySA mod n and transmit (y,z)
Any problem with the above method?
Secure method sign first and then encrypt the
signed message i.e., z xSA mod n , y
zPB mod n and transmit y.
7
Long message and signature
  • (fast) public cryptographic hash function
  • h 0,1 ? Zn
  • For a message x of any length, compute mdh(x)
  • md is also called message digest.
  • Then sign md z sigK(md)
  • Send (x, z)
  • Verification compute md, then verK(md,z)
  • A hash function must satisfy certain properties.

8
Key distribution
  • Key distribution is a big problem with secret-key
    system (and group communication)
  • Use public-key system to distribute key (called
    session key) and then use session key for fast
    data transmission.
  • (for secure group communication), a center key
    server generates a key and distributes the key to
    group members.

9
Key exchange (agreement)
  • Diffie-Hellman key exchange (agreement)
  • Based on DLP problem
  • Suppose a prime p and generator g of Zp are
    public.
  • Alice select a number a, compute yga and send y
    to Bob
  • Bob select a number b, compute zgb and send z to
    Alice
  • then Alice compute k za ( gab)
  • And Bob compute k yb (gab).
  • Therefore Alice and Bob achieve the same key
    securely without meeting together. How beautiful
    it is!!!

Could you think any problem with the protocol?
10
Key management public key certificate
  • Key management
  • how to securely and reliably distribute the keys
    used (not only secret key, but also public key).
  • not to breaking algorithms used, but to breaking
    the key distribution scheme
  • have a range of possible key distribution
    techniques
  • one of the most critical areas in security
    systems
  • absolutely critical to get this right
  • http//www.cs.adfa.edu.au/teaching/studinfo/ccs3/l
    ectures/less20.html

11
Key management schemes
  • Physical Delivery
  • by secure courier
  • registration name and password for computers
  • Authentication Key Server
  • have an on-line server trusted by all clients
  • server has a unique secret key shared with each
    client
  • server negotiates keys on behalf of clients
  • use private key encryption
  • e.g. Kerberos (later)

12
Key management schemes
  • 3. Public Notary or Certification Authority
  • have an off-line server trusted by all clients
  • server has a well known public key
  • server signs public key certificates for each
    client
  • uses public key encryption
  • will consider this next

13
Public Key Certificates
  • public key management generally involves the use
    of public key certificates
  • There is a public, well-known, trusted
    Certification Authority (CA), users know CAs
    public key.
  • bind an identity (i.e. a user) to a public key
  • usually with other info such as period of
    validity, rights of use etc.
  • with all contents signed by the CA, called public
    key certificate (PKC)
  • Any other user can use CAs public key to verify
    the certificate, thus make sure that the public
    key is an authentic public key for the user.
  • CA not know the private keys of users. However it
    is possible for CA (or government) to generate
    private and public keys for users.

14
X.509 - Directory Authentication Service
  • Widely accepted and used international standard
  • defines framework for authentication services
  • directory may store public-key certificates
  • also defines authentication protocols using these
    certificates
  • uses public-key cryptography and digital
    signatures
  • RSA is the recommended algorithm.

15
X.509 Certificates
  • issued by a Certification Authority (CA)
  • each certificate contains
  • version (1, 2, or 3)
  • serial number (unique within CA) identifying
    certificate
  • Signature algorithm identifier
  • issuer X.500 name (CA)
  • period of validity (from - to dates)
  • subject X.500 name (name of owner)
  • subject public-key info (algorithm, parameters,
    key)
  • issuer unique identifier (v2)
  • subject unique identifier (v2)
  • extension fields (v3)
  • signature (of hash of all fields in certificate)

16
Certificate Properties
  • any user with access to CA can get any
    certificate from it
  • only the CA can modify a certificate
  • because they cannot be forged, certificates can
    be placed in a public directory

17
CA Hierarchy
  • if both users share a common CA then are assumed
    to know its public key
  • otherwise CA's must form a hierarchy
  • use certificates linking members of hierarchy to
    validate other CA's
  • each CA has certificates for clients (forward)
    and parent (backward)
  • each client trusts parents certificates
  • enable verification of any certificate from one
    CA by use of all other CAs in hierarchy

18
CA Hierarchy --example
  • A acquires B certificate following chain
  • XltltWgtgtWltltVgtgtVltltYgtgtYltltZgtgtZltltBgtgt
  • B acquires A certificate following chain
  • ZltltYgtgtYltltVgtgtVltltWgtgtWltltXgtgtXltltAgtgt
  • Notation CAltltUsergtgt means CA has signed
    certificate details for User

19
Hash function and Message Digest
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Discrete Logarithm Problem" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!