This action might not be possible to undo. Are you sure you want to continue?

# Public Key Cryptography

Inside PKCS

Rajaram Pejaver

Press the <Page Down> key to advance Press the <Back space> key to replay a slide

Outline This is not a talk about PKI. Background: Shared Secret Keys Public Key Cryptography – Key Exchange explained Key Exchange using Diffie-Hellman Key Exchange using RSA Signatures using RSA Applications of PKC Problems/issues with PKC (c) Rajaram Pejaver 2 . This is a prerequisite for PKI.

KAD KBD Nkeys will be ~500. Bob.Background: Shared Secret Keys It takes two to share a secret Say. Nkeys KAC KBC will be ~5000 ! KAD KBD For 1000 communicants. – But when Alice. Carol & Dave want to communicate Carol KAC Total of 6 Keys needed. KBC KCD Nkeys = n * (n – 1) / 2 KAB KAB For 100 communicants. using the same key KAB KAB Only 1 Key is needed. Alice & Bob communicate using shared secret keys – Alice encrypts text and Bob decrypts it.000 !! KCD Dave (c) Rajaram Pejaver 3 .

– Cannot encrypt messages with PKC. Private component: KA. Never shared or exposed. Much easier to secure private component. – – . PC. – – KA KD KB Problem: Encryption is slow & compute intensive. Scales linearly: 4 keys for 4 subjects. ever. This is called Key Exchange. Public Key Cryptography keys come in pairs: – – PA. KC Each person needs only one key pair.Public Key Cryptography No sharing of private information. PB. Shared with everyone. (c) Rajaram Pejaver 4 Solution: Use PKC to establish a shared secret session key. PD Public component: PA. Alice & Bob agree to use KAB without anyone else finding out.

(c) Rajaram Pejaver . g ^ K ) Alice and Bob exchange their public keys. No direct encryption. No signatures. PA: gK (i. PA PB Each person exponentiates other‟s public key with their own private key. A A Private Alice Bob Public Key Exponentiation KA PA = g ^ K A PA ^ KB = (g ^ KA) ^ KB = g ^ (KA* KB) KB PB = g ^ K B PB ^ KA = (g ^ KB) ^ KA = g ^ (KA* KB) Ta da… Both parties have computed the same value: – g ^ (KA* KB) 5 They can use this value to compute a shared secret key .e.Diffie-Hellman Algorithm (1) Key Exchange Only. everyone agrees on a number for „generator value‟: g Each person picks a random number as Private Key: KA Each person computes their Public Key. First.

PA = gKA = 86 = 262 144. everyone agrees on a number for „generator value‟: Each person picks a random number as Private Key: – g = 8 KA = 6. First. PA and PB: – Each person exponentiates other‟s public key with their own private key. KB = 4 PB = gKB = 84 = 4 096 Each person computes their Public Key. Private Alice Bob Public Key Exponentiation 6 4 262 144 4 096 262 144^4 = 4 722 366 482 869 645 213 696 4 096^6 = 4 722 366 482 869 645 213 696 They can use this value to compute a shared secret key. (c) Rajaram Pejaver 6 .Diffie-Hellman Algorithm (2) Example: using regular math and small numbers.

– The result was 22 digits long! Given the value of g and Alice‟s public key. It is much harder to calculate log functions in modulo fields. Note how big the result got. – That helps a bit. but not anywhere near enough. p>g (c) Rajaram Pejaver 7 In addition to g. . even though we used single digit keys. Alice‟s private key can be easily hacked. – One solution. we need to pick a system wide prime modulus p. – – Discrete logarithm problem in modular fields is NP complete.Diffie-Hellman Algorithm (3) Some analysis. calculate the log function: KA = logg(PA) Yet. Next solution: Use a different number system: Modulo arithmetic field. we could use much larger numbers for keys and for g.

(c) Rajaram Pejaver 8 . agree on „prime modulus‟ p: g = 8.Diffie-Hellman Algorithm (4) Using modular arithmetic and small numbers. p = 17 Each person picks a random number as Private Key: – KA = 6. KB = 4 Each person computes their Public Key. 6 4 4 16 4 ^ 4 % 17 = 256 % 17 = 1 16 ^ 6 % 17 = 16 777 216 % 17 = 1 Foundation: Given g. Besides g. PA and PB: – – PA = gKA % 17 = 86 % 17 = 262 144 % 17 = 4 PB = gKB % 17 = 84 % 17 = 4 096 % 17 = 16 Private Alice Bob Public Key Exponentiation Each person exponentiates other‟s public key with their own private key. p and PA (g^KA % p) it is not easy to calculate KA.

Adding two points M3 = M1 + M2 = -P Doubling a point M4 = M 2 + M 2 Multiply two points M5 = M1 * M2 = M1 + M1 + M1 … (M2 times) Can‟t easily find the multiplicative inverse Alice and Bob have both calculated: Public Key g * KA * KB Foundation: Given M5 and M1.Diffie-Hellman Algorithm (5) Elliptic Curve math. it is not easy to get M2 – Multiply other‟s public key with own private key – Multiplication Alice Bob KA KB PA = g * K A PB = g * K B PA * KB = g * KA * KB PB * KA = g * K B * KA (c) Rajaram Pejaver 9 M4 . Given a polynomial of the form: – – – – The points on the curve form a closed set of numbers constituting a field.

– Further.Diffie-Hellman Algorithm (6) EC Cryptography: Final thoughts. EC performance scales better. EC Math is more complex & slower. hence smaller keys are adequate. No signatures. (c) Rajaram Pejaver 10 . Cost factor compares EC to PKC Symmetric Keys 80 112 128 192 256 PKC Keys 1024 2048 3072 7680 15360 EC Keys 160 224 256 384 521 Cost Factor 3 6 10 32 64 Key sizes (in bits) for comparable strengths in different systems – Remember: Diffie Hellman supports – – – ONLY Key Exchange. No direct encryption.

Key Exchange using RSA (1) Basic Concepts. q . Key generation: – – Select modulus n.1. e*d = 1 (kind of ) (c) Rajaram Pejaver 11 . such that d * e = 1 modulo LCM(p . A good choice is F4 (65537).1) d is the multiplicative inverse of e – Select private exponent d Encryption consists of modular exponentiation of plaintext m with e – me % n c (where m < n) Decryption consists of modular exponentiation of encrypted text c with d – – cd % n (me) d % n med % n m Because in the exponent. product of two primes: n = p * q Select public exponent e.

q = 719. Key generation by Alice: – – p = 971. Encryption by Bob with Public Key e: Plain text m = 123 – Decryption by Alice with Private Key d: Crypto text = 464569 – Plaintext chosen by Bob would be the proposed secret session key KAB – Calculator: http://people.edu/styere/Encrypt/RSAdemo. d = 464307 123^3 % 698149 = 464569 464569^464307 % 698149 = 123 !!! Only Alice has private key d and can decrypt the message to retrieve KAB.eku.Key Exchange using RSA (2) Example: using modulo math and small numbers. n = 698149 (p*q) e = 3.html (c) Rajaram Pejaver 12 .

Signing consists of modular exponentiation of plaintext m with d – s = md % n se % n (md) e % n med % n m 123^464307 % 698149 = 91655 Verification consists of modular exponentiation of signature s with e – As an example. Use the same keys as before. – Bob validates the signature using Alice‟s Public Key e – 91655^3 % 698149 = 123 EC math can be used with RSA – NSA has defined a “Suite B” that includes EC-RSA (c) Rajaram Pejaver 13 . but backwards. Alice signs with Private Key d the value m = 123.Signatures using RSA Similar to encryption.

The X. DNS isn‟t good enough.PKC Issues & Problems The need for certificates. revocation. … Only one public key is needed per person – – X. You can have many names and many associations and many certificates Protect the private key in hardware A trusted Certificate Authority vouches for the association CRLs. Associating Public Keys with actual subjects. CAs.500 names with public keys – Certificate revocation is messy – (c) Rajaram Pejaver 14 . chaining. how do you know that you have the correct public key for Alice? Are you sending a message securely to the wrong person? We need a secure directory. OCSP. – – – – When you encrypt.500 directory service happened to be under development at the time.509 certificates securely associate X.

SecurID fobs do not use RSA. even though it is labeled as such. Examples of PKC usage: Public Key based Encryption: – – – – Conditional Access in SA PowerKey. SSL. STB firmware. Difference between Identity and Authorization certificates (PACs) Signatures to establish identity. etc. Authorization. for connection encryption.PKC Applications Encryption. cable modem firmware. EMMs are encrypted with PKC. IPSEC. Signatures. ssh. – (c) Rajaram Pejaver 15 . – Authorization certificates. PGP for file encryption.

com (c) Rajaram Pejaver 16 .Thank you for listening!! Questions? Send feedback to rajaram@pejaver.

89070.

759.3.

..2!0. #.07 .#$/02492 .7.

9.8/0130/.3-0:80/9#$ $..$3.75943 -:9-..7.70543039..900/ 90. $:90 9.2!0.9089083.:02 ) 4-.9:708:83#$ $2..250 .:/08 #$ .4388984124/:. #./..0 8!:-.30..70543039.9434183.79403..7/8 &80908..390929 / 8 2/ 3 '071..9:70:83.4388984124/:.943415.00 ) 2.8-01470 $33.943.2008.93.9:7089 0 80 3 2/ 0 3 20/ 3 2 8.07 .08389!7.

7/..20895:-...0147.07 .:709490743507843 0300/.2!0.!88:08 !74-028 %0300/147.7.9003..943 0791.90880.33.908 !7490.759 4/44:349.93!:-.94382088 #8 $! ..884....3/2.08300/0/507507843 4:..947807.0791.94:.884.943 884.4..4.70 .4:.3/2.99057.090..:70/70.089. #.02.0.3.947$83 944/034: %0 /70.95:-..3.0814790...908 8 .9:..80.208.080..0791.9438.2088.0 704:803/3.884.98 034:03.0452039.4770.90 3.990920 34305:-.90:9479.:70.0791...8:-0.08 97:890/0791.55030/94-0:3/07/0.3..33 70..9070.

7003.0-09003/0399.943.3/:947.94303.147. #.7590/9! $$ 88 !$ 09.88:.9:708 :947.75943 $3.75943 $0.0791.-8/0399 $%172.0 !:-.-00/... $3.75943 !!1471003.07 .75943 43/943.943 .0-.70 .9:70894089.908 !8 .7.908 110703.0394:98..250841!:8.0791.2!0.70 :947.!55..4330..943..-024/02172.80/3.0883$!40708..9438 3..:714-8/4349:80#$ 0.

34:14789033 ":089438 $03/100/-..07... #.7.250..42 .%.7.2!0.07 .94 7..