Professional Documents
Culture Documents
Security
(3170720)
UNIT 4: PUBLIC KEY C R Y P TO S Y S T E M S WITH A P P L I C AT I O N S ,
R EQ U I R E M E N T S AND C R Y P TA N A LY S I S , RSA A LG O R I T H M , ITS
C O M P U TAT I O N A L ASPECTS AND S E C U R I T Y, DIFFIE-HILLMAN KEY
E XC H A N G E A LG O R I T H M , M A N - I N - M I D D L E AT TA C K
R E F E R E N C E B O O K - C R Y P TO G R A P H Y A N D N E T W O R K S E C U R I T Y, P R I N C I P L E S
A N D P R A C T I C E S I X T H E D I T I O N , W I L L I A M S TA L L I N G S , P E A R S O N
CHAPTER -9 AND CHAPTER -10
Road Map
Y = E (Z,X)
X E ( Z,X ) D ( Z,Y ) X
Message Channel Message
Z Z
Public-Key system
drops that part completely
Secret Key Channel
Secret Key = Z
Known lock
Public key Cryptosystems
Public Key Cryptography is a cryptographic technique that involves
‘two distinct keys’ for encryption and decryption.
That’s why it is also known as asymmetric-key cryptography.
It is not that symmetric key cryptosystem is less efficient than public
key or the public key cryptosystem is superior.
The security of any cryptosystem depends only the length of key and
computation required in cracking the encrypted cipher text.
These algorithms have the following important characteristic.
In addition, some algorithms, such as RSA, also exhibit the following characteristic
Either of the two related keys can be used for encryption, with the
other used for decryption.
Public key Cryptosystems
Each user generates a pair of keys to be used for the
encryption and decryption each user have two keys
Each user places one of the two keys in a public register or
other accessible file the public key
The other key is kept private, which is the private key
Either of the two related keys can be used for encryption, with
the other used for decryption.
Public key Cryptosystems
A public-key encryption scheme has six ingredients
Plaintext
Encryption algorithm
Public key
Private key
Cipher text
Decryption algorithm
Public key Cryptosystems (Encryption with public key)
Public key Cryptosystems
The essential steps are the following.
1. Each user generates a pair of keys to be used for the
encryption and decryption of messages.
2. Each user places one of the two keys in a public register or
other accessible file. This is the public key. The other key is
kept private. Each user maintains a collection of public keys
obtained from others.
3. If Bob wishes to send a confidential message to Alice, Bob
encrypts the message using Alice’s public key.
4. When Alice receives the message, she decrypts it using her
private key. No other recipient can decrypt the message
because only Alice knows Alice’s private key.
Public key Cryptosystems (Encryption with private key)
Encryption with public key: Secrecy
Encryption with public key: Secrecy
B generates a related pair of keys: a public key, PUb, and a private key, PRb.
PRb is known only to B, whereas PUb is publicly available and therefore
accessible by A.
With the message X and the encryption key PUb as input, A forms the
ciphertext Y , given by Y = E(PUb, X)
Receiver in possession of the matching private key PRb, is able to invert the
transformation X = D(PRb,Y)
An adversary, observing Y and having access to PUb, but not having access to
PRb or X, must attempt to recover X and/or PRb
It is assumed that the adversary does have knowledge of the encryption (E)
and decryption (D) algorithms.
If the adversary is interested only in this particular message, then the focus
of effort is to recover X by generating a plaintext estimate Xn .
Often, however, the adversary is interested in being able to read future
messages as well, in which case an attempt is made to recover PRb by
generating an estimate
Encryption with private key: Authentication
Encryption with private key: Authentication
A encrypts it using A’s private key before transmitting it.
Y = E(PRa,X)
B can decrypt the message using A’s public key.
X = D(PUa,Y)
Only A could have prepared the message, Therefore, the entire
encrypted message serves as a digital signature.
In addition, it is impossible to alter the message without access
to A’s private key
The message being sent is safe from alteration.
But not confidentiality because any observer can decrypt the
message by using the sender’s public key
Public-Key Cryptosystem: Authentication and Secrecy
It is important to emphasize that the encryption process using
private key does not provide confidentiality and the
encryption process using public key does not provide
authentication
It is, however, possible to provide both the authentication
function and confidentiality by a double use of the public-key
scheme
Z = E(PUb, E(PRa,X))
X = D(PUa, D(PRb, Z)
Public-Key Cryptosystem: Authentication and Secrecy
Public-Key Cryptosystem: Authentication and Secrecy
Public-Key Cryptosystem: Authentication and Secrecy
In this case, we begin as before by encrypting a message, using
the sender’s private key. provides the digital signature.
Next, we encrypt again, using the receiver’s public key.
The final ciphertext can be decrypted only by the intended
receiver, who alone has the matching private key. Thus,
confidentiality is provided.
The disadvantage of this approach is that the public-key
algorithm, which is complex, must be exercised four times
rather than two in each communication.
Application for Public-Key Cryptosystem
Public-Key Cryptanalysis
Vulnerable to a brute-force attack –
To prevent the brute force attack the key size must be kept large
enough so that it would be impractical for an adversary to calculate the
encryption and decryption.
But the key size should not be so large such that it would become
impractical to compute practical encryption and decryption.
Another type of attack adversary would try to compute private key
knowing the public key.
Probable message attack.
If an adversary knows that the encrypted message from a particular
sender is a 56-bit key.
Then he would simply encrypt all possible 56-bit keys using the sender’s
public key as the public key is known to all. And then match all the
encrypted messages with the cipher text.
This type of attack can be prevented by appending some random bits
to the original message.
Convention and Public-Key Encryption
RSA Algorithm
Invented by Rivest, Shamir & Adleman of MIT in 1977 and
published in 1978.
It is a best known & widely used public-key scheme.
It is a block cipher algorithm in which plaintext and ciphertext
integers between 0 to n-1 for some n.
A typical size for n is 1024 bits or 309 decimal digits i.e.
( n < 21024).
Each block would be represented by an integers
RSA Algorithm
RSA makes use of an expression with exponentials.
Each block having a binary value less than some number n. That is,
the block size must be less than or equal to log2(n) + 1; in practice,
the block size is i bits, where 2i < n ≤ 2i+1.
Plain
Text Core
Element
Step 1: Generate Public and Private Key
Select two large prime number p and q (pq)
Compute n= p*q (n is called the modulus and it is public Its
length denotes the key length)
Compute Euler’s totient function (n)= (p-1) * (q-1)
Choose e, such that 1 < e < (n) and gcd(e, (n)) = 1 i.e. e is
relatively prime to (n) (e is released as public exponent)
Compute d such that d*e 1 mod (n) d*e mod (n) = 1
(multiplicative inverse of mod)
Public key : PU = {e, n}
Private key : PR = {d,n}
Euler’s Totient function
Totient function (n)
Number of positive numbers less than n that are relatively
prime to n
• Two numbers are relatively prime when their greatest
common divisor is 1
Example: (10) = 4
1, 3, 7, 9
Example: (7) = 6
1, 2, 3, 4, 5, 6
q r1 r2 r t1 t2 t
26 11 0 1
How to calculate multiplicative inverse modulo
Method 1: using Extended Euclidian Algorithm
Take t1=0 and t2=1
And t= t1 –q*t2
Solve until r2 = 0 when r2=0 value of t1 will be multiplicative
inverse
11 *x mod 26 =1
q r1 r2 r t1 t2 t
2 26 11 4 0 1
How to calculate multiplicative inverse modulo
Method 1: using Extended Euclidian Algorithm
Take t1=0 and t2=1
And t= t1 –q*t2
Solve until r2 = 0 when r2=0 value of t1 will be multiplicative
inverse
11 *x mod 26 =1 T=t1-q*t2
= 0-2*1
=-2
q r1 r2 r t1 t2 t
2 26 11 4 0 1 -2
How to calculate multiplicative inverse modulo
Method 1: using Extended Euclidian Algorithm
Take t1=0 and t2=1
And t= t1 –q*t2
Solve until r2 = 0 when r2=0 value of t1 will be multiplicative
inverse
11 *x mod 26 =1
q r1 r2 r t1 t2 t
2 26 11 4 0 1 -2
11 4 1 -2
How to calculate multiplicative inverse modulo
Method 1: using Extended Euclidian Algorithm
Take t1=0 and t2=1
And t= t1 –q*t2
Solve until r2 = 0 when r2=0 value of t1 will be multiplicative
inverse
11 *x mod 26 =1 T=t1-q*t2
= 1-2*(-2)
=5
q r1 r2 r t1 t2 t
2 26 11 4 0 1 -2
2 11 4 3 1 -2 5
How to calculate multiplicative inverse modulo
Method 1: using Extended Euclidian Algorithm
Take t1=0 and t2=1
And t= t1 –q*t2
Solve until r2 = 0 when r2=0 value of t1 will be multiplicative
inverse
11 *x mod 26 =1
q r1 r2 r t1 t2 t
2 26 11 4 0 1 -2
2 11 4 3 1 -2 5
4 3 -2 5
How to calculate multiplicative inverse modulo
Method 1: using Extended Euclidian Algorithm
Take t1=0 and t2=1
And t= t1 –q*t2
Solve until r2 = 0 when r2=0 value of t1 will be multiplicative
inverse
11 *x mod 26 =1 T=t1-q*t2
= (-2)-1*(5)
=-7
q r1 r2 r t1 t2 t
2 26 11 4 0 1 -2
2 11 4 3 1 -2 5
1 4 3 1 -2 5 -7
How to calculate multiplicative inverse modulo
Method 1: using Extended Euclidian Algorithm
Take t1=0 and t2=1
And t= t1 –q*t2
Solve until r2 = 0 when r2=0 value of t1 will be multiplicative
inverse
11 *x mod 26 =1
q r1 r2 r t1 t2 t
2 26 11 4 0 1 -2
2 11 4 3 1 -2 5
1 4 3 1 -2 5 -7
3 1 5 -7
How to calculate multiplicative inverse modulo
Method 1: using Extended Euclidian Algorithm
Take t1=0 and t2=1
And t= t1 –q*t2
Solve until r2 = 0 when r2=0 value of t1 will be multiplicative
inverse
11 *x mod 26 =1 T=t1-q*t2
= (5)-3*(-7)
=26
q r1 r2 r t1 t2 t
2 26 11 4 0 1 -2
2 11 4 3 1 -2 5
1 4 3 1 -2 5 -7
3 3 1 0 5 -7 26
How to calculate multiplicative inverse modulo
Method 1: using Extended Euclidian Algorithm
Take t1=0 and t2=1
And t= t1 –q*t2
Solve until r2 = 0 when r2=0 value of t1 will be multiplicative
inverse
11 *x mod 26 =1
Multiplicative inverse modulo is 19 (t1 is negative hence add mod
value -7+26 = 19)
q r1 r2 r t1 t2 t
2 26 11 4 0 1 -2
2 11 4 3 1 -2 5
1 4 3 1 -2 5 -7
3 3 1 0 5 -7 26
1 5
0 -7
How to calculate multiplicative inverse modulo
Method 2: e*d mod (n) =1
d= (((n) *I ) +1)/e
11 *x mod 26 =1
1) Calculate N
N=p*q = 3*11=33
3) Select e such that e is relatively prime to (N) and 1 < e < (N)
We have a choice for e: 7, 11, 13, 17, 19, let’s take e=7
Method 2:
d= (20*1 +1)/7 = 3 hence d=3
RSA Example - 1
Consider p=3 and q= 11, demonstrate encryption and decryption
for M=14.
Method 2:
d= (20*1 +1)/7 = 3 hence d=3
RSA Example - 1
Consider p=3 and q= 11, demonstrate encryption and decryption
for M=14.
C= Me mod n
= (14)7 mod 33
= [141 mod 33 * 142 mod 33 * 144 mod 33 ] mod 33
= (14*31*4) mod 33
= 20
RSA Example - 1
Consider p=3 and q= 11, demonstrate encryption and decryption
for M=14.
P= Cd mod n
= (20)3 mod 33
= [201 mod 33 * 202 mod 33]mod 33
= (20*4) mod 33
= 14
RSA Example - 2
Consider p=7 and q= 19, demonstrate encryption and decryption for
M=6.
1) Calculate N
N=p*q = 7*19=133
3) Select e such that e is relatively prime to (N) and 1 < e < (N)
Method 2:
64 32 16 8 4 2 1
1 0 0 0 0 0 1
62
64 32 16 8 4 2 1
1 0 0 0 0 0 1
62 120
64 32 16 8 4 2 1
1 0 0 0 0 0 1
62 120 36
64 32 16 8 4 2 1
1 0 0 0 0 0 1
62 120 36 99
64 32 16 8 4 2 1
1 0 0 0 0 0 1
62 120 36 99 92
64 32 16 8 4 2 1
1 0 0 0 0 0 1
62 120 36 99 92 85
64 32 16 8 4 2 1
1 0 0 0 0 0 1
62 120 36 99 92 85 6
Bit =1 hence (X2 mod n) *M mod n
= ((852 mod 133)* 62) mod 133
= ((7225 mod 133)*62) mod 133
= (43*62) mod 133
= 2666 mod 133
=6
Decrypted Text: 6
GTU Summer 2019 – 4 Marks
1) Calculate N
N=p*q = 5*7=35
Method 2:
d= (24*1 +1)/11 = 2.27
d= (24*2 +1)/11 = 4.45
d= (24*3 +1)/11 = 6.63
d= (24*4 +1)/11 = 8.18
d= (24*5 +1)/11 = 11 hence d=11
GTU Question
Consider p=3 and q= 11, demonstrate encryption and decryption
for M=14.
C= Me mod n
= (2)11 mod 35
= [26 mod 35 * 25 mod 35] mod 35
= (29 * 32) mod 35
= 18
GTU Question
Consider p=3 and q= 11, demonstrate encryption and decryption
for M=14.
1) Calculate N
N=7*17 = 7*17=119
Method 2:
d= (96*1 +1)/7 = 13.86
d= (96*2 +1)/7 = 27.57
d= (96*3 +1)/7 = 41.28
d= (96*4 +1)/7 = 55 hence d= 55
GTU Question
Consider p=3 and q= 11, demonstrate encryption and decryption
for M=14.
C= Me mod n
= (2)7 mod 119
= 128 mod 119
= 9
GTU Question
Consider p=3 and q= 11, demonstrate encryption and decryption
for M=14.
1) Calculate N
N=7*17 = 7*17=119
Method 2:
d= (96*1 +1)/5 = 19.4
d= (96*2 +1)/5 = 38.6
d= (96*3 +1)/5 = 57.8
d= (96*4 +1)/5 = 77 hence d= 77
GTU Question
Consider p=3 and q= 11, demonstrate encryption and decryption
for M=14.
C= Me mod n
= (6)5 mod 119
= 7776 mod 119
= 41
RSA Example
p=7, q=11
• N=77
• (N) = (6)(10) = 60
Bob chooses e=17
Calculates:
0717 mod 77 = 28, 0417 mod 77 = 16, …, 0317 mod 77 = 75
Sends Bob 28 16 44 44 42 38 22 42 19 44 75
He decrypts each number with his private key and gets “HELLO
WORLD”
Computational Aspects of RSA
There are actually two issues to consider:
1. Encryption/Decryption Process
2. key generation.
1. Brute force attack: This involves trying all possible private keys.
• Not feasible for large key
• Actually no body attack RSA in this way
2. Mathematical attacks:
• There are several approaches, all equivalent in effort to
factoring the product of two primes.
3. Timing attacks:
• These depend on the running time of the decryption
algorithm.
4. Hardware fault-based attack: This involves inducing hardware
faults in the processor that is generating digital signatures.
5. Chosen ciphertext attacks: This type of attack exploits
properties of the RSA algorithm.
Security of RSA – Mathematical Attacks
There are three approached to attacking RSA mathematically
Disadvantage
RSA has too much computation.
Diffie-Hellman Key Exchange
Diffie-Hellman Key Exchange
The purpose of the algorithm is to enable two users to securely
exchange a secret key that can then be used for subsequent
symmetric encryption of messages.
It is not used for encryption or decryption.
A public-key distribution scheme
cannot be used to exchange an arbitrary message
rather it can establish a common key
known only to the two participants
Value of key depends on the participants (and their private and
public key information)
Diffie-Hellman Key Exchange
All users agree on global parameters
Large prime number (q)
Primitive root of selected large prime number (α < q)
primitive root of a prime number q is one whose powers
modulo q generate all the integers from 1 to q - 1.
That is, if α is a primitive root of the prime number q,
then the numbers
α mod q, α2 mod q, ……, αq-1 mod q
Let q= 7 then primitive root of 7 is 3 and 5. choose any
one of them
Diffie-Hellman Key Exchange setup
Global Public Elements
q prime number
α α < q and α is primitive root of q
K = (YB) X mod q
A
K = (YA) X mod q
B
Diffie-Hellman Key Exchange
User A: User B:
K= (YB)XA mod q K= (YA)XB mod q
=(XB)XA mod q =(XA)XB mod q
= (XB)XA mod q
Secret Key Generated by User A and User B are same (By equation)
Diffie-Hellman Key Exchange illustration
Diffie-Hellman Key Exchange Example
How to find primitive root of a prime number
“I am Bob” “I am Alice”
Man in middle attack
Man in middle attack
Public-key cryptography is also known as ?
A. asymmetric cryptography
B. symmetric cryptography
C. Both A and B
D. None of the above
In RSA, we select a value ‘e’ such that it lies between 0 and Ф(n) and it is relatively prime to
Ф(n).
a) True
b) False
For p = 11 and q = 19 and choose e=17. Apply RSA algorithm where message=5 and find
the cipher text.
a) C=80
b) C=92
c) C=56
d) C=23
Richard would like to digitally sign a message he’s sending to Sue so that Sue can be sure
the message came from him without modification while in transit. Which key should he
use to encrypt the message digest?
A. Richard's public key
B. Richard's private key
C. Sue's public key
D. Sue's private key
In the RSA public key cryptosystem, which one of the following numbers will
always be largest?
A. e
B. n
C. p
D. q
Richard received an encrypted message sent to him from Sue. Which key should
he use to decrypt the message?
A. Richard's public key
B. Richard's private key
C. Sue's public key
D. Sue's private key
__________ refers more to asymmetric key cryptography.
a. Timing attack.
b. Meet in middle attack.
c. Virus attack.
d. Worms attack.