IS Unit 3_Public Key Cryptography

Chapter 3:Chapter 3:Chapter 3:Chapter 3:----
Public Key Cryptography
By:- Sarthak Patel (www.sarthakpatel.in)

Outline
Principles Of Public-Key Cryptography
RSA Algorithm
Key Management
Elliptic Curve CryptographyElliptic Curve Cryptography
Diffie-Hellman Key Exchange
Sarthak Patel (www.sarthakpatel.in)

Classical Cryptography:
Secret-Key or Symmetric Cryptography
Alice and Bob agree on an encryption method and a shared
key.
Alice uses the key and the encryption method to encrypt (or
encipher) a message and sends it to Bob.
Bob uses the same key and the related decryption method toBob uses the same key and the related decryption method to
decrypt (or decipher) the message.

Advantages of Classical Cryptography
There are some very fast classical encryption (and
decryption) algorithms
Since the speed of a method varies with the length of the key,
faster algorithms allow one to use longer key values.
Larger key values make it harder to guess the key value -- andLarger key values make it harder to guess the key value -- and
break the code -- by brute force.

Disadvantages of Classical Cryptography
Requires secure transmission of key value
Requires a separate key for each group of people that wishes
to exchange encrypted messages (readable by any group
member)
For example, to have a separate key for each pair of people, 100For example, to have a separate key for each pair of people, 100
people would need 4950 different keys.

Public-Key Cryptography: Asymmetric
Cryptography
Alice generates a key value (usually a number or pair of
related numbers) which she makes public.
Alice uses her public key (and some additional information)
to determine a second key (her private key).
Alice keeps her private key (and the additional information
she used to construct it) secret.

Public-Key Cryptography (continued)
Bob can useAlice’s public key to encrypt a message for Alice.
Alice can use her private key to decrypt this message.
No-one without access to Alice’s private key (or the
information used to construct it) can easily decrypt the
message.message.

Private-Key Cryptography
traditional private/secret/single key cryptography
uses one key
Key is shared by both sender and receiver
if the key is disclosed communications are compromised
also known as symmetric, both parties are equal
hence does not protect sender from receiver forging a message
& claiming is sent by sender

Public-Key Cryptography
probably most significant advance in the 3000 year
history of cryptography
uses two keys – a public key and a private key
asymmetric since parties are not equal
uses clever application of number theory concepts to
function
complements rather than replaces private key
cryptography

public-key/two-key/asymmetric cryptography
involves the use of two keys:
a public-key, which may be known by anybody, and can be
used to encrypt messages, and verify signatures
a private-key, known only to the recipient, used to decrypt
messages, and sign (create) signaturesmessages, and sign (create) signatures
is asymmetric because
those who encrypt messages or verify signatures cannot
decrypt messages or create signatures

Why Public-Key Cryptography?
developed to address two key issues:
key distribution – how to have secure communications in
general without having to trust a KDC with your key
digital signatures – how to verify a message comes intact
from the claimed sender

Public-Key Characteristics
Public-Key algorithms rely on two keys with the
characteristics that it is:
computationally infeasible to find decryption key knowing only
algorithm & encryption key
computationally easy to en/decrypt messages when the relevant
(en/decrypt) key is known(en/decrypt) key is known
either of the two related keys can be used for encryption, with
the other used for decryption (in some schemes)

Public-Key Applications
can classify uses into 3 categories:
encryption/decryption (provide secrecy)
digital signatures (provide authentication)
key exchange (of session keys)
some algorithms are suitable for all uses, others are specificsome algorithms are suitable for all uses, others are specific
to one

Security of Public Key Schemes
like private key schemes brute force exhaustive search
attack is always theoretically possible
but keys used are too large (>512bits)
security relies on a large enough difference in difficulty
between easy (en/decrypt) and hard (cryptanalyse)between easy (en/decrypt) and hard (cryptanalyse)
problems
more generally the hard problem is known, its just made
too hard to do in practise
requires the use of very large numbers
hence is slow compared to private key schemes

Difference between Symm/Asymm
Symmetric (Private Key) Asymmetric (Public Key)
Same key for encry/ decry Asymmetric uses both a public and private
key
Very fast encry Slower encry
Key exchange is a big problem No problem at allKey exchange is a big problem No problem at all
Mainly for Encry/ Decry, cannot be used for
digital signature
Can be used for both
More number of keys required Less than Symmetric

RSA Algorithm
by Rivest, Shamir &Adleman of MIT in 1977
best known & widely used public-key scheme
uses large integers (eg. 1024 bits)
security due to cost of factoring large numbers

Algorithm
1. Choose two large prime number P and Q.
2. Calculate N=P*Q
3. Select the public key(i.e. encryption key) E such that it is not a
factor of (P-1) and (Q-1)
4. Select the private key(i.e. decryption key) D such that
following equation is true:following equation is true:
(D*E) mod (P-1) * (Q-1)= 1
5. For encryption calculate the cipher text CT from the PT as :
CT= PTE mod N
6. Send CT as the cipher text to the receiver.
7. For decryption calculate the cipher text PT from the CT as :
PT= CTD mod N

RSA Example
1. Select primes: p=17 & q=11
2. Compute n = pq =17×11=187
3. Compute ø(n)=(p–1)(q-1)=16×10=160
4. Select e :gcd(e,160)=1; choose e=7
5. Determine d:d*e mod 160=1 and d < 160
Value is d=23 since 23×7=161

RSA Example cont
sample RSA encryption/decryption is:
given message M = 88 (nb. 88<187)
encryption:
C = 887 mod 187 = 11
decryption:decryption:
M = 1123 mod 187 = 88

Diffie-Hellman Key Exchange
1. Select two prime numbers: n and g (public)
2. Alice (Sender) chooses another random number x, and
calculatesA such that: A= gx mod n
3. Alice Sends it to Bob(Receiver)
4. Bob chooses another random number y and calculates B4. Bob chooses another random number y and calculates B
such that: B=gy mod n
5. Bob sends it to Alice
6. K1 = Bx mod n
7. K2 = Ay mod n

Example for Deffie-Hellman
1. n= 11, g=7
2. Let x=3.ThenA=73 mod 11= 343 mod 11= 2
3. Alice sends 2 to Bob
4. Let y=6.Then B=76 mod 11= 117649 mod 11=4
Bob sends 4 to Alice5. Bob sends 4 to Alice
6. K1= 43 mod 11= 64 mod 11= 9
7. K2= 26 mod 11= 64 mod 11= 9
Note: K1=K2

Elliptic Curve Cryptography
The Elliptic curve cryptography (ECC) is an
approach to public-key cryptography based on the
algebraic structure of elliptic curves over finite
fields.fields.

ECC
An elliptic curve is the set of solutions of an equation of the form
y2 = x3 + ax + b .
Where the co-efficeints a and b are elements of the field and
4a3 + 27b2 ≠ 0. Each value of the 'a' and 'b' gives a different elliptic
curve.
An equation of this kind can be studied over various mathematicalAn equation of this kind can be studied over various mathematical
structures, such as a ring or a field.
One interesting property of set of solutions of elliptic curve is that it
forms a group which enables us to do Cryptography. The public key is
a point in the curve and the private key is a random number. The
public key is obtained by multiplying the private key with the
generator point G in the curve.

ECC Diffie-Hellman Key Exchange
Global Public Elements
Eq(a,b) – Elliptic curve with parameter a,b
G – Point on elliptic curve
User A Key Generation
Select Private nA
Calculate Public PA PA = nA * G
User B Key Generation
Calculation of Secret Key by User A
K = nA * PB
User B Key Generation
Select Private nB
Calculate Public PB PB = nB * G
Calculation of Secret Key by User B
K = nB * PA

Applications of ECCApplications of ECCApplications of ECCApplications of ECC
Many devices are small and have limited storage and
computational power
Where can we apply ECC?
Wireless communication devices
Smart cardsSmart cards
Web servers that need to handle many encryption sessions
Any application where security is needed but lacks
the power, storage and computational power that is
necessary for our current cryptosystems

Benefits of ECCBenefits of ECCBenefits of ECCBenefits of ECC
Same benefits of the other cryptosystems: confidentiality,
integrity, authentication and non-repudiation but…
Shorter key lengths
Encryption, Decryption and SignatureVerification speed up
Storage and bandwidth savingsStorage and bandwidth savings

Key Management (Key Distribution)
Key
Distribution
Center (KDC)
IDA || IDB ||N1
Initiator
A
Responder
B
E (Kb, [Ks || IDA])
E (Ks, N2)
E (Ks, f(N2))

Public key Distribution
PublicAnnouncement
PublicAvailable Directory
Public KeyAuthority
Public Key Certificates

THE ENDTHE END

IS Unit 3_Public Key Cryptography

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Destaque

Destaque (20)

Semelhante a IS Unit 3_Public Key Cryptography

Semelhante a IS Unit 3_Public Key Cryptography (20)

Mais de Sarthak Patel

Mais de Sarthak Patel (7)

IS Unit 3_Public Key Cryptography