# Department of Software

The University of Babylon

LECTURE NOTES ON PUBLIC- KEY CRYPTOGRAPHY (One-Way Functions and ElGamal System)
By Dr. Samaher Hussein Ali
College of Information Technology, University of Babylon, Iraq Samaher_hussein@yahoo.com

6 November 2012

One-Way Functions (OWF)
 A one-way function is a function that is “easy” to compute and “difficult” to reverse  Examples of OWF that we’ll use in this lecture to explain public-key systems:  Multiplication of two primes  Modular exponentiation  Multiplication of two prime numbers is believed to be a one-way function.  We say believed because nobody has been able to prove that it is hard to factorise.  Given two primes numbers p and q  It’s easy to find n=p.q  However, starting from n, it’s difficult to find p and q  Is it prime factorization?
6 November 2012

OWF: Multiplying two Primes

Dr. Samaher Hussein Ali

Notes of Lecture 9

OWF: Modular Exponentaition
 The process of exponentiation just means raising numbers to a power.  Raising a to the power b, normally denoted ab just means multiplying a by itself b times. In other words: ab = a x a x a x … x a  Modular exponentiation means computing ab modulo some other number n. We tend to write this as ab mod n.  Modular exponentiation is “easy”.

6 November 2012

Dr. Samaher Hussein Ali

Notes of Lecture 9

El-Gamal
 ElGamal is another public-key encryption  We will also take a look at the ElGamal public key cipher system for a number of reasons:  To show that RSA is not the only public key system  To exhibit a public key system based on a different one way function  ElGamal is the basis for several well-known cryptosystems

6 November 2012

Dr. Samaher Hussein Ali

Notes of Lecture 9

El-Gamal
 ElGamal is another public-key encryption  We will also take a look at the ElGamal public key cipher system for a number of reasons:  To show that RSA is not the only public key system  To exhibit a public key system based on a different one way function  ElGamal is the basis for several well-known cryptosystems

6 November 2012

Dr. Samaher Hussein Ali

Notes of Lecture 9

El-Gamal algorithm (key generation)  Key generation for ElGamal public-key encryption  Each entity A creates a public key and a corresponding private keys  Generate a large prime number p (1024 bits)  Generate a generator g of the multiplicative group Zp* of the integers modulo p  Select a random integer x, 1 ≤ x ≤ p-2  Compute y = gx mod p  A’s public key is (p, g, y)  To be published  A’s private key is x  To be kept secret by A

6 November 2012

Dr. Samaher Hussein Ali

Notes of Lecture 9

El-Gamal algorithm (key generation) Example Step 1: Let p = 2357 Step 2: Select a generator g = 2 of Z2357* Step 3: Choose a private key x = 1751 Step 4: Compute y = 21751 (mod 2357) = 1185 Public key is (2357,2,1185) Private key is 1751

6 November 2012

Dr. Samaher Hussein Ali

Notes of Lecture 9

ElGamal algorithm (Encryption/decryption)
 Summary: Samaher encrypts a message m for Eman, which eman decrypts  Encryption: samaher should de the following  Obtain Eman’s authentic public key (p, g, y).  Represent the message as an integer in the interval [0,p-1]  Select an integer k, 1 ≤ k ≤ p-2  Compute w=g k mod p and v=m  Decryption  A uses the private key x to compute z=  A computes M= z.v mod p

.(y) k mod p

 Send the ciphertext c = (w, v) to Eman

w p -1-x mod p

6 November 2012

Dr. Samaher Hussein Ali

Notes of Lecture 9

ElGamal algorithm (Encryption/decryption)  Encryption    To encrypt m = 2035 using Public key (2357,2,1185) Generate a random number k = 1520 Compute w = 21520 mod 2357 = 1430 v = 2035 x 11851520 mod 2357 =697  Cipher Text: c = (1430 , 697)  Decryption  z= w p-1-x mod p = 1430605 mod 2357 =872  872x697 mod 2357 = 2035

6 November 2012

Dr. Samaher Hussein Ali

Notes of Lecture 9

ElGamal Properties  There is a message expansion by a factor of 2 i.e., the cipher text is twice as long as the corresponding plaintext  Requires a random number generator (k)  Relies on discrete algorithm problem, i.e., having y= gx mod p it’s hard to find x (the private key)  ElGamal encryption is randomized (coming from the random number k), RSA encryption is deterministic.  ElGamal is the basis of many other algorithms (e.g., DSA)

6 November 2012

Dr. Samaher Hussein Ali

Notes of Lecture 9

Summary
 RSA is a public key encryption algorithm whose security is believed to be based on the problem of factoring large numbers  ElGamal is a public key encryption algorithm whose security is believed to be based on the discrete logarithm problem  RSA is generally favoured over ElGamal for practical rather than security reasons  RSA and ElGamal are less efficient and fast to operate than most symmetric encryption algorithms because they involve modular exponentiation

6 November 2012

Dr. Samaher Hussein Ali

Notes of Lecture 9