Lecture 5 Overview - PowerPoint PPT Presentation

1 / 28
About This Presentation
Title:

Lecture 5 Overview

Description:

... Algorithm Background Lecture 6 RSA CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Hesham El-Rewini RSA Invented by Cocks ... – PowerPoint PPT presentation

Number of Views:101
Avg rating:3.0/5.0
Slides: 29
Provided by: admin2
Learn more at: https://www.cse.unr.edu
Category:

less

Transcript and Presenter's Notes

Title: Lecture 5 Overview


1
Lecture 5 Overview
2
Does DES Work?
  • Differential Cryptanalysis Idea
  • Use two plaintext that barely differ
  • Study the difference in the corresponding cipher
    text
  • Collect the keys that could accomplish the change
  • Repeat

3
Cracking DES
  • Diffie and Hellman then outlined a "brute force"
    attack on DES
  • By "brute force" is meant that you try as many of
    the 256 possible keys as you have to before
    decrypting the ciphertext into a sensible
    plaintext message
  • They proposed a special purpose "parallel
    computer using one million chips to try one
    million keys each" per second

4
Cracking DES (cont.)
  • In 1998, Electronic Frontier Foundation spent
    220K and built a machine that could go through
    the entire 56-bit DES key space in an average of
    4.5 days
  • On July 17, 1998, they announced they had cracked
    a 56-bit key in 56 hours
  • The computer, called Deep Crack
  • used 27 boards each containing 64 chips
  • was capable of testing 90 billion keys a second

5
Cracking DES (cont.)
  • In early 1999, Distributed. Net used the DES
    Cracker and a worldwide network of nearly 100K
    PCs to break DES in 22 hours
  • combined they were testing 245 billion keys per
    second
  • This just serves to illustrate that any
    organization with moderate resources can break
    through DES with very little effort these days

6
Double DES
  • E(k1, E(k2, M) )
  • As strong as 57-bit key !
  • Given message M and ciphertext c
  • Encrypt M with all possible keys
  • 256 steps
  • Decrypt c with all possible keys and match Ms
  • 256 steps

7
Triple DES Two keys
  • E(k1, D(k2, E(k1, M) ) )
  • The first key is used to DES-encrypt the message
  • The second key is used to DES-decrypt the
    encrypted message
  • Since the second key is not the right key, this
    decryption just scrambles the data further
  • The twice-scrambled message is then encrypted
    again with the first key to yield the final
    ciphertext
  • As strong as 80-bit key !

8
Triple DES Three keys
  • E(k3, D(k2, E(k1, M) ) )
  • The first key is used to DES-encrypt the message
  • The second key is used to DES-decrypt the
    encrypted message
  • Since the second key is not the right key, this
    decryption just scrambles the data further
  • The twice-scrambled message is then encrypted
    with the third key to yield the final ciphertext
  • As strong as 112-bit key !

9
Analysis of Algorithms
  • Algorithms
  • Time Complexity
  • Space Complexity
  • An algorithm whose time complexity is bounded by
    a polynomial is called a polynomial-time
    algorithm
  • An algorithm is considered to be efficient if it
    runs in polynomial time.

10
Growth Rate
  • T(n) O(f(n)) T is bounded above by f
  • The growth rate of T(n) lt growth rate of f(n)
  • T(n) W (g(n)) T is bounded below by g
  • The growth rate of T(n) gt growth rate of g(n)
  • T(n) Q(h(n)) T is bounded both above and below
    by h
  • The growth rate of T(n) growth rate of h(n)
  • T(n) o(p(n)) T is dominated by p
  • The growth rate of T(n) lt growth rate of p(n)

11
Time Complexity
  • C
  • O(n)
  • O(log n)
  • O(nlogn)
  • O(n2)
  • O(nk)
  • O(2n)
  • O(kn)
  • O(nn)

Polynomial
Exponential
12
P, NP, NP-hard, NP-complete
  • A problem belongs to the class P if the problem
    can be solved by a polynomial-time algorithm
  • A problem belongs to the class NP if the
    correctness of the problems solution can be
    verified by a polynomial-time algorithm
  • A problem is NP-hard if it is as hard as any
    problem in NP
  • Existence of a polynomial-time algorithm for an
    NP-hard problem implies the existence of
    polynomial solutions for every problem in NP
  • NP-complete problems are the NP-hard problems
    that are also in NP

13
Relationships between different classes
NP-hard
NP
P
NP-complete
14
Partitioning Problem
  • Given a set of n integers, partition the integers
    into two subsets such that the difference between
    the sum of the elements in the two subsets is
    minimum
  • NP-complete
  • 13, 37, 42, 59, 86, 100

Sum 165 172
86 100
42 59
37 13
15
Bin Packing Problem
  • Suppose you are given n items of sizes
  • s1, s2,..., sn
  • All sizes satisfy 0 ? si ? 1
  • The problem is to pack these items in the fewest
    number of bins,
  • given that each bin has unit capacity
  • NP-hard

16
Lecture 6 RSA
  • CS 450/650
  • Fundamentals of
  • Integrated Computer Security

Slides are modified from Hesham El-Rewini
17
RSA
  • Invented by Cocks (GCHQ), independently, by
    Rivest, Shamir and Adleman (MIT)
  • Two keys e and d used for Encryption and
    Decryption
  • The keys are interchangeable
  • M D(d, E(e, M) ) D(e, E(d, M) )
  • Public key encryption
  • Based on problem of factoring large numbers
  • Not in NP-complete
  • Best known algorithm is exponential

18
RSA
  • To encrypt message M compute
  • c Me mod N
  • To decrypt ciphertext c compute
  • M cd mod N

19
Key Choice
  • Let p and q be two large prime numbers
  • Let N pq
  • Choose e relatively prime to (p?1)(q?1)
  • a prime number larger than p-1 and q-1
  • Find d such that ed mod (p?1)(q?1) 1

20
RSA
  • Recall that e and N are public
  • If attacker can factor N, he can use e to easily
    find d
  • since ed mod (p?1)(q?1) 1
  • Factoring the modulus breaks RSA
  • It is not known whether factoring is the only way
    to break RSA

21
Does RSA Really Work?
  • Given c Me mod N we must show
  • M cd mod N Med mod N
  • Well use Eulers Theorem
  • If x is relatively prime to N then x?(N) mod N 1
  • ?(n) number of positive integers less than n
    that are relatively prime to n.
  • If p is prime then, ?(p) p-1

22
Does RSA Really Work?
  • Facts
  • ed mod (p ? 1)(q ? 1) 1
  • ed k(p ? 1)(q ? 1) 1 by definition of mod
  • ?(N) (p ? 1)(q ? 1)
  • Then ed ? 1 k(p ? 1)(q ? 1) k?(N)
  • Med M(ed-1)1 M?Med-1 M?Mk?(N)
  • M?(M?(N)) k mod N M?1 k mod N
  • M mod N

23
Example
  • Select primes p11, q3.
  • N p q 113 33
  • Choose e 3
  • check gcd(e, p-1) gcd(3, 10) 1
  • i.e. 3 and 10 have no common factors except 1
  • check gcd(e, q-1) gcd(3, 2) 1
  • therefore gcd(e, (p-1)(q-1)) gcd(3, 20) 1

24
Example (cont.)
  • p-1 q-1 10 2 20
  • Compute d such that
  • e d mod (p-1)(q-1) 1
  • 3 d mod 20 1
  • d 7
  • Public key (N, e) (33, 3)
  • Private key (N, d) (33, 7)

25
Example (cont.)
  • Now say we want to encrypt message m 7
  • c Me mod N 73 mod 33 343 mod 33 13
  • Hence the ciphertext c 13
  • To check decryption, we compute
  • M' cd mod N 137 mod 33 7

26
More Efficient RSA
  • Modular exponentiation example
  • 520 95367431640625 25 mod 35
  • A better way repeated squaring
  • Note that 20 2 ? 10, 10 2 ? 5, 5 2 ? 2 1,
    2 1? 2
  • 51 5 mod 35
  • 52 (51) 2 52 25 mod 35
  • 55 (52) 2 ? 51 252 ? 5 3125 10 mod 35
  • 510 (55) 2 102 100 30 mod 35
  • 520 (510) 2 302 900 25 mod 35
  • No huge numbers and its efficient!

27
RSA key-length strength
  • RSA has challenges for different key-lengths
  • RSA-140
  • Factored in 1 month using 200 machines in 1999
  • RSA-155 (512-bit)
  • Factored in 3.7 months using 300 machines in 1999
  • RSA-160
  • Factored in 20 days in 2003
  • RSA-200
  • Factored in 18 month in 2005
  • RSA-210, RSA-220, RSA-232, RSA-2048

28
Group Work
  • Find keys d and e for the RSA cryptosystem with p
    7 and q 11
  • Solution
  • pq 77
  • (p-1) (q-1) 60
  • e 37
  • d 13
  • n 13 37 481 1 mod 60
Write a Comment
User Comments (0)
About PowerShow.com