You are on page 1of 23

Public key Encryption : A modern approach

By : Chavda Vijay N.

Need for Encryption

The message may get leaked in the pathway. Someone might get access to the data stored on computer. In large networks, if A is supposed to send message to B, there is a threat of following types of security attacks :

A C

(a) Normal flow

(b) Interruption

(c) Interception

(d) Modification

(e) Fabrication

Symmetric Key Encryption

Disadvantages of Symmetric Key Encryption

The key must remain secret at both ends. In a large network, there are many key pairs to be managed. Sound cryptographic practice demands that the key be changed frequently and perhaps for each communication session. Need of unconditionally secure channel for key distribution.

Do we have a solution?
Yes, PUBLIC KEY ENCRYPTION. Salient features of this encryption are: It is computationally infeasible to determine the decryption key given only knowledge of the cryptographic algorithm and the encryption key. Either of the two related keys can be used for encryption, with the other used for decryption.

Confidentiality

The message is encrypted using Bs public key.

B decrypts the message using Bs private key.

Authentication

A encrypts the message using As private key.

The message is decrypted using As public key.

Confidentiality and Authentication

A encrypts the message using As private key. (authentication) The messages is again encrypted using Bs public key. B decrypts the message first using Bs private key. (confidentiality) The message is again decrypted using As public key.

This scheme is shown in the fig below:


Message source Encryption Algorithm
Encryption Algorithm Decryption Algorithm

Decryption algorithm

Message
destination

As private key

Bs public key

Bs private key
Key Pair Source

As public key

Key Pair source

Ingredients of RSA Scheme


p, q two prime numbers (private, chosen) n = pq (public, calculated) e, with hcf ((n),e) = 1; 1<e<(n) where Euler Totient function (n) = (p-1)(q-1) = no. of integers relatively prime to n. (public, chosen) d e-1 mod (n) (private, calculated)

The RSA Algorithm


For some plaintext block M and ciphertext block C Encryption: C = Me mod n Decryption: M = Cd mod n = (Me)d mod n = Med mod n

Public Key KU = {e,n} Private Key KR = {d,n}

One of the requirements of the RSA algorithm is : Med M mod n = M By Euler Totient Theorem, Mk(n)+1 = Mk(p-1)(q-1)+1 M mod n Thus, ed = k(n) + 1 According to rules of modular arithmetic , this is true only if d and e is relatively prime to (n), i.e. hcf((n),d) = 1

Key Generation

Select p,q p and q both prime Calculate n = p x q Calculate (n) = (p-1)(q-1) Select integer e hcf ((n), e) = 1 ; 1 < e <(n) Calculate d d = e-1 mod (n) Public key KU = {e,n} Private key KR = {d,n}

Encryption

Plaintext: Ciphertext:

M<n C = Me (mod n)

Decryption

Plaintext: Ciphertext:

C M = Cd (mod n)

Example

Select two prime numbers, p = 7 and q = 17. Calculate n = pq = 7 x 17 = 119. Calculate (n) = (p-1)(q-1) = 96. Select e such that e is relatively prime to (n) = 96 and less than (n); in this case, e = 5. Determine d such that de = 1 mod 96 and d < 96. The correct value is d = 77, because 77 x 5 = 385 = 4 x 96 + 1.( since ed = k (n) + 1 ) The resulting keys are public key KU = {5,119} and private key KR = {77,119}.

Encryption

Plaintext: Ciphertext:

M = 19 < n = 119 C = Me (mod n) = 195 (mod 119) = 66 (mod 119) = 66

Decryption

Ciphertext: Plaintext:

C = 66 M = Cd (mod n) = 6677mod 119 = 19 mod 119 = 19

Advantages

Only the private key must be kept secret. A private key / public key pair may remain unchanged for a considerable periods of time, e.g. many sessions In a large network, the number of keys necessary may be considerably smaller than in the symmetric-key scenario.

Can RSA be attacked ?


Yes, RSA also, like all other cryptographic algorithms is prone to mathematical as well as brute force attacks. One of the many possible attacks can be as described below: Let M1 and M2 be two plaintext messages and C1 and C2 be their corresponding RSA encryptions. Then, (M1M2)e M1eM2e C1C2 (mod n) Suppose, the adversary wants to decrypt ciphertext C = Me(mod n) intended for A.

He sends C! = CXe (mod n) to A. Thus A computes M! = (C!)d mod n.


Since M! (C!)d Cd(Xe)d MX ( mod n) , i.e. MX = M! ( mod n) => M = M!X-1 (mod n) This attack is known as chosen ciphertext attack. Solution: In practice some structural constraints are imposed on plaintext messages. If a ciphertext C is decrypted to a message not possessing this structure, then C is rejected by the decryptor as being fraudulent.

Other possible attacks on RSA

Factoring attack Attack on small exponent e by Gausss algorithm and using chinese remainder theorem. Forward search attack Common modulus attack Cycling attack Unconcealed message attack

Conclusion

First of all cryptography never finishes. Some breakthroughs are always made, either in encryption or in cryptanalysis. As it stands today, RSA is yet unbreakable. Public key Cryptography has replaced conventional Symmetric key Cryptosystems at most places is considered sufficiently secure for modern communications.

Thank You