Professional Documents
Culture Documents
ELGAMAL CRYPTOSYSTEM
Besides RSA, another public-key cryptosystem is
ElGamal. ElGamal is based on the discrete logarithm
problem.
for every integer a coprime to p, there is an integer k such that gk ≡ a (mod p).
Such k is called the discrete logarithm of a to the base g modulo p. g is the
primitive root.
12/25/2023 2
• We will rely on the formula below being an
easy problem one direction and hard in
reverse.
• a = gk mod p
– Easy: given g, k, & p, solve for a
– Hard: given a, g, & p, solve for k
Pick g < p
• g must be a primitive root of p. (g <p)
• A primitive root generates the finite field p.
• Every n in {1, 2, …, p-1} can be written as gk mod p
• Example: 2 is a primitive root of 5
20 = 1 21 = 2 22 = 4 23 = 3 (mod 5)
Definition : A field is a nonempty set F of elements with two operations
“+” and “‧” satisfying the following axioms.
– (i) F is closed under + and ‧; i.e., a+b and a‧b are in F.
– (ii) Commutative laws: a+b=b+a, a‧b=b‧a
– (iii) Associative laws: (a+b)+c=a+(b+c) , (a‧b)‧c=a‧(b‧c)
– (iv) Distributive law: a‧(b+c) = a‧b + a‧c
– (v) (vi) Identity: a+0 = a , a‧1 = a for all a F. 0 ‧a = 0.
– (vii) Additive inverse (viii) Multiplicative inverse
12/25/2023 4
Setting up ElGamal
• Let p be a large prime
– By “large” we mean here a prime rather typical in length to that of
an RSA modulus
• Select a special number g
– The number g must be a primitive element modulo p.
• Choose a private key x
– This can be any number bigger than 1 and smaller than p-1
• Compute public key y from x, p and g
– The public key y is g raised to the power of the private key x
modulo p. In other words:
y = gx mod p
12/25/2023 5
ElGamal encryption
1. Generate a random number k
2. Compute two values C1 and C2, where
C1 = gk mod p and C2 = Myk mod p
3. Send the ciphertext C, which consists of the two separate values
C1 and C2.
12/25/2023 6
ElGamal decryption
C1 = gk mod p C2 = Myk mod p
12/25/2023 7
Setting up ElGamal: example
Step 1: Let p = 23
Public key is 9
Private key is 6
12/25/2023 8
ElGamal encryption: example
3 - Ciphertext C = (20 , 22 )
12/25/2023 9
Example
12/25/2023 10
Exercise
1. Suppose Host A and Host B are using a platform to setup
secure session between them, and they apply the Diffie-
Hellman key exchange protocol with the following parameters:
Public parameters: modulus p = 19, base g = 10 (primitive root
modulo p) Private key of A: 3, Private key of B: 7 Generate the
shared secret key between Host A and Host B.
12/25/2023 11
Exercise
12/25/2023 12
Diffie-Hellman Key Exchange
Color Mixing Example
Security of ElGamal
Recall the two different strategies for trying
to “break” RSA:
12/25/2023 14
The Problem of Key Exchange
• One of the main problems of symmetric key
encryption is it requires a secure & reliable
channel for the shared key exchange.