SlideShare uma empresa Scribd logo

CNIT 141: 6. Introduction to Public-Key Cryptography

Sam Bowne
Sam Bowne

A lecture for a college course -- CNIT 140: Cryptography for Computer Networks at City College San Francisco Based on "Understanding Cryptography: A Textbook for Students and Practitioners" by Christof Paar, Jan Pelzl, and Bart Preneel, ISBN: 3642041000 Instructor: Sam Bowne More info: https://samsclass.info/141/141_F17.shtml

Educação
1 de 38
Baixar para ler offline
Understanding Cryptography – A Textbook for Students and Practitioners by Christof Paar and JanPelzl www.crypto-textbook.com Chapter 6 – Introduction to Public-Key Cryptography ver. November 18, 2010 These slides were prepared by Timo Kasper and Christof Paar and modified by Sam Bowne -- revised 10-16-17
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl2 Some legal stuff (sorry): Terms of Use • The slides can used free of charge. All copyrights for the slides remain with Christof Paar and Jan Pelzl. • The title of the accompanying book “Understanding Cryptography” by Springer and the author’s names must remain on each slide. • If the slides are modified, appropriate credits to the book authors and the book title must remain within the slides. • It is not permitted to reproduce parts or all of the slides in printed form whatsoever without written consent by the authors.
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl3 Topics • Symmetric Cryptography Revisited • Principles of Asymmetric Cryptography • Practical Aspects of Public-Key Cryptography • Important Public-Key Algorithms • Essential Number Theory for Public-Key Algorithms (SKIP)
Symmetric Cryptography Revisited
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl • The same secret key K is used for encryption and decryption • Encryption and Decryption are very similar (or even identical) functions Symmetric Cryptography Revisited eK(x) dK(y)x y x KK Alice Bob 5
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Symmetric Cryptography: Analogy K 6 K Safe with a lock, only Alice and Bob have a copy of the key • Alice encrypts -- locks message in the safe with her key • Bob decrypts -- uses his copy of the key to open the safe
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Symmetric Cryptography: Shortcomings • Symmetric algorithms, e.g., AES or 3DES, are very secure, fast & widespread but: • Key distribution problem: The secret key must be transported securely • Number of keys: In a network, each pair of users requires an individual key 7 A B CF DE
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl • Alice or Bob can cheat each other, because they have identical keys. • Alice can sign a contract, and later deny it • Bob could have faked the signature • Doesn't provide non-repudiation Symmetric Cryptography: Shortcomings 8
Principles of Asymmetric Cryptography
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl New Idea: Like a mailbox: Everyone can drop a letter But: Only the owner has the correct key to open the box Idea Behind Asymmetric Cryptography 10 1976: first publication of such an algorithm by Whitfield Diffie and Martin Hellman,and also by Ralph Merkle.
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Asymmetric Cryptography: Analogy Safe with public lock and private lock: 11 • Alice deposits (encrypts) a message with Bob's - not secret - public key Kpub • Only Bob has the - secret - private key Kpr to retrieve (decrypt) the message (Kpub) (Kpr)
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl • A message encrypted with a public key can be decrypted with the corresponding private key • The keys are related • Each user must generate an individual key pair • Publish public key where everyone can find it • Protect private key so no one else gets it Key Generation 12
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl • It must be easy to calculate the public key from the private key • So keys can be generated • But difficult to calculate the private key from the public key • So attacker's can't get the private key One-Way Functions 13
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl • Factorization • Finding prime factors of a large number • n is known; find p and q • Discrete logarithm • Find an integer x satisfying this equation • a, b, and p are known Commonly Used One-Way Functions 14
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl • Logarithms to base 10 • log(100) = 2, because 102 = 100 • log(1000) = 3, because 103 = 100 • log(2) = 0.301 • Discrete logarithm • Same thing, except on a ring and using only integers • Find an integer x satisfying this equation • a, b and p are known Logarithms 15
Practical Aspects of Public-Key Cryptography
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Basic Protocol for Public-Key Encryption Alice Bob (KpubB,KprB) = K KpubB x y=eKpubB (x) y 18 x=dKprB (y) Key Distribution Problem solved * *at least for now; public keys need to be authenticated
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl19 Uses of Public-Key Cryptography • Key Distribution • Diffie-Hellman key exchange (DHKE), RSA • Without a pre-shared secret (key) • Nonrepudiation • RSA, DSA or ECDSA (Elliptic Curve Digital Signature Algorithm) • Identification • Digital signatures • Encryption • RSA, ECC (Elliptic Curve Cryptography), or Elgamal
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl20 Disadvantage of Public-Key Cryptography • Computationally very intensive • 1000 times slower than symmetric algorithms!
AES Encryption in Python
RSA Encryption in Python RSA Decryption in Python
Testing Speed in Python
Testing Speed in Python
Testing Speed in Python
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl26 Basic Key Transport Protocol 1/2 In practice: Hybrid systems, incorporating asymmetric and symmetric algorithms 1. Key exchange (for symmetric schemes) and digital signatures are performed with (slow) asymmetric algorithms 2. Encryption of data is done using (fast) symmetric ciphers, e.g., block ciphers or stream ciphers
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Alice y1 = eKpubB(K) y1 K = dKprB(y1) Key Exchange (asymmetric) y2 = AESK (x) x = AES-1 K (y2) y2 Data Encryption (symmetric) Bob (KpubB,KprB) = K KpubB 27 Choose random symmetric key K message x Basic Key Transport Protocol 2/2 Example: Hybrid protocol with AES as the symmetric cipher
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl28 Remaining Problem: Key Authenticity • Alice wants to send a message to Bob • Attacker can publish a fake public key for Bob • Alice uses the fake key, so the attacker can read the message • The current solution is digital certificates and Certificate Authorities
Important Public-Key Algorithms
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Key Lengths and Security Levels Symmetric ECC RSA, DL Remark 64 Bit 128 Bit ≈ 700 Bit Only short term security (a few hours or days) 80 Bit 160 Bit ≈ 1024 Bit Medium security (except attacks from big governmental institutions etc.) 128 Bit 256 Bit ≈ 3072 Bit Long term security (without quantum computers) 31
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Quantum Computers 32 • The existence of quantum computers would probably be the end for ECC, RSA & DL • TEXTBOOK SAYS: • At least 2-3 decades away, and some people doubt that QC will ever exist
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl33 NIST Recommendations from 2016
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl34 NIST Recommendations from 2016
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl35 NIST Recommendations from 2016
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl36 NIST Recommendations from 2016
Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl37 ■ Lessons Learned • Public-key algorithms have capabilities that symmetric ciphers don’t have, in particular digital signature and key establishment functions. • Public-key algorithms are computationally intensive (a nice way of saying that they are slow), and hence are poorly suited for bulk data encryption. • Only three families of public-key schemes are widely used. This is considerably fewer than in the case of symmetric algorithms. • The extended Euclidean algorithm allows us to compute modular inverses quickly, which is important for almost all public-key schemes. • Euler’s phi function gives us the number of elements smaller than an integer n that are relatively prime to n. This is important for the RSA crypto scheme.
CNIT 141: 6. Introduction to Public-Key Cryptography

Recomendados

CNIT 124: Ch 6: Finding Vulnerabilities and Exploiting Domains
CNIT 124: Ch 6: Finding Vulnerabilities and Exploiting DomainsCNIT 124: Ch 6: Finding Vulnerabilities and Exploiting Domains
CNIT 124: Ch 6: Finding Vulnerabilities and Exploiting DomainsSam Bowne
 
CNIT 124 Ch10-12: Local Exploits through Bypassing AV
CNIT 124 Ch10-12: Local Exploits through Bypassing AVCNIT 124 Ch10-12: Local Exploits through Bypassing AV
CNIT 124 Ch10-12: Local Exploits through Bypassing AVSam Bowne
 
Cyberwar
CyberwarCyberwar
CyberwarSam Bowne
 
3: DNS vulnerabilities
3: DNS vulnerabilities 3: DNS vulnerabilities
3: DNS vulnerabilities Sam Bowne
 
8. Software Development Security
8. Software Development Security8. Software Development Security
8. Software Development SecuritySam Bowne
 
4 Mapping the Application
4 Mapping the Application4 Mapping the Application
4 Mapping the ApplicationSam Bowne
 
3. Attacking iOS Applications (Part 2)
3. Attacking iOS Applications (Part 2) 3. Attacking iOS Applications (Part 2)
3. Attacking iOS Applications (Part 2)Sam Bowne
 
12 Elliptic Curves
12 Elliptic Curves12 Elliptic Curves
12 Elliptic CurvesSam Bowne
 

Recomendados

CNIT 124: Ch 6: Finding Vulnerabilities and Exploiting Domains
CNIT 124: Ch 6: Finding Vulnerabilities and Exploiting DomainsCNIT 124: Ch 6: Finding Vulnerabilities and Exploiting Domains
CNIT 124: Ch 6: Finding Vulnerabilities and Exploiting DomainsSam Bowne
 
CNIT 124 Ch10-12: Local Exploits through Bypassing AV
CNIT 124 Ch10-12: Local Exploits through Bypassing AVCNIT 124 Ch10-12: Local Exploits through Bypassing AV
CNIT 124 Ch10-12: Local Exploits through Bypassing AVSam Bowne
 
Cyberwar
CyberwarCyberwar
CyberwarSam Bowne
 
3: DNS vulnerabilities
3: DNS vulnerabilities 3: DNS vulnerabilities
3: DNS vulnerabilities Sam Bowne
 
8. Software Development Security
8. Software Development Security8. Software Development Security
8. Software Development SecuritySam Bowne
 
4 Mapping the Application
4 Mapping the Application4 Mapping the Application
4 Mapping the ApplicationSam Bowne
 
3. Attacking iOS Applications (Part 2)
3. Attacking iOS Applications (Part 2) 3. Attacking iOS Applications (Part 2)
3. Attacking iOS Applications (Part 2)Sam Bowne
 
12 Elliptic Curves
12 Elliptic Curves12 Elliptic Curves
12 Elliptic CurvesSam Bowne
 
11. Diffie-Hellman
11. Diffie-Hellman11. Diffie-Hellman
11. Diffie-HellmanSam Bowne
 
2a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 12a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 1Sam Bowne
 
9 Writing Secure Android Applications
9 Writing Secure Android Applications9 Writing Secure Android Applications
9 Writing Secure Android ApplicationsSam Bowne
 
12 Investigating Windows Systems (Part 2 of 3)
12 Investigating Windows Systems (Part 2 of 3)12 Investigating Windows Systems (Part 2 of 3)
12 Investigating Windows Systems (Part 2 of 3)Sam Bowne
 
10 RSA
10 RSA10 RSA
10 RSASam Bowne
 
12 Investigating Windows Systems (Part 1 of 3
12 Investigating Windows Systems (Part 1 of 312 Investigating Windows Systems (Part 1 of 3
12 Investigating Windows Systems (Part 1 of 3Sam Bowne
 
9. Hard Problems
9. Hard Problems9. Hard Problems
9. Hard ProblemsSam Bowne
 
8 Android Implementation Issues (Part 1)
8 Android Implementation Issues (Part 1)8 Android Implementation Issues (Part 1)
8 Android Implementation Issues (Part 1)Sam Bowne
 
11 Analysis Methodology
11 Analysis Methodology11 Analysis Methodology
11 Analysis MethodologySam Bowne
 
8. Authenticated Encryption
8. Authenticated Encryption8. Authenticated Encryption
8. Authenticated EncryptionSam Bowne
 
7. Attacking Android Applications (Part 2)
7. Attacking Android Applications (Part 2)7. Attacking Android Applications (Part 2)
7. Attacking Android Applications (Part 2)Sam Bowne
 
7. Attacking Android Applications (Part 1)
7. Attacking Android Applications (Part 1)7. Attacking Android Applications (Part 1)
7. Attacking Android Applications (Part 1)Sam Bowne
 
5. Stream Ciphers
5. Stream Ciphers5. Stream Ciphers
5. Stream CiphersSam Bowne
 
6 Scope & 7 Live Data Collection
6 Scope & 7 Live Data Collection6 Scope & 7 Live Data Collection
6 Scope & 7 Live Data CollectionSam Bowne
 
4. Block Ciphers
4. Block Ciphers 4. Block Ciphers
4. Block Ciphers Sam Bowne
 
6 Analyzing Android Applications (Part 2)
6 Analyzing Android Applications (Part 2)6 Analyzing Android Applications (Part 2)
6 Analyzing Android Applications (Part 2)Sam Bowne
 
4 Getting Started & 5 Leads
4 Getting Started & 5 Leads4 Getting Started & 5 Leads
4 Getting Started & 5 LeadsSam Bowne
 
3. Cryptographic Security
3. Cryptographic Security3. Cryptographic Security
3. Cryptographic SecuritySam Bowne
 
Bitcoin and Blockchains
Bitcoin and BlockchainsBitcoin and Blockchains
Bitcoin and BlockchainsSam Bowne
 
Ch 18: Source Code Auditing
Ch 18: Source Code AuditingCh 18: Source Code Auditing
Ch 18: Source Code AuditingSam Bowne
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxConquiztadors- the Quiz Society of Sri Venkateswara College
 

Mais conteúdo relacionado

Mais de Sam Bowne

11. Diffie-Hellman
11. Diffie-Hellman11. Diffie-Hellman
11. Diffie-HellmanSam Bowne
 
2a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 12a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 1Sam Bowne
 
9 Writing Secure Android Applications
9 Writing Secure Android Applications9 Writing Secure Android Applications
9 Writing Secure Android ApplicationsSam Bowne
 
12 Investigating Windows Systems (Part 2 of 3)
12 Investigating Windows Systems (Part 2 of 3)12 Investigating Windows Systems (Part 2 of 3)
12 Investigating Windows Systems (Part 2 of 3)Sam Bowne
 
12 Investigating Windows Systems (Part 1 of 3
12 Investigating Windows Systems (Part 1 of 312 Investigating Windows Systems (Part 1 of 3
12 Investigating Windows Systems (Part 1 of 3Sam Bowne
 
9. Hard Problems
9. Hard Problems9. Hard Problems
9. Hard ProblemsSam Bowne
 
8 Android Implementation Issues (Part 1)
8 Android Implementation Issues (Part 1)8 Android Implementation Issues (Part 1)
8 Android Implementation Issues (Part 1)Sam Bowne
 
11 Analysis Methodology
11 Analysis Methodology11 Analysis Methodology
11 Analysis MethodologySam Bowne
 
8. Authenticated Encryption
8. Authenticated Encryption8. Authenticated Encryption
8. Authenticated EncryptionSam Bowne
 
7. Attacking Android Applications (Part 2)
7. Attacking Android Applications (Part 2)7. Attacking Android Applications (Part 2)
7. Attacking Android Applications (Part 2)Sam Bowne
 
7. Attacking Android Applications (Part 1)
7. Attacking Android Applications (Part 1)7. Attacking Android Applications (Part 1)
7. Attacking Android Applications (Part 1)Sam Bowne
 
5. Stream Ciphers
5. Stream Ciphers5. Stream Ciphers
5. Stream CiphersSam Bowne
 
6 Scope & 7 Live Data Collection
6 Scope & 7 Live Data Collection6 Scope & 7 Live Data Collection
6 Scope & 7 Live Data CollectionSam Bowne
 
4. Block Ciphers
4. Block Ciphers 4. Block Ciphers
4. Block Ciphers Sam Bowne
 
6 Analyzing Android Applications (Part 2)
6 Analyzing Android Applications (Part 2)6 Analyzing Android Applications (Part 2)
6 Analyzing Android Applications (Part 2)Sam Bowne
 
4 Getting Started & 5 Leads
4 Getting Started & 5 Leads4 Getting Started & 5 Leads
4 Getting Started & 5 LeadsSam Bowne
 
3. Cryptographic Security
3. Cryptographic Security3. Cryptographic Security
3. Cryptographic SecuritySam Bowne
 
Bitcoin and Blockchains
Bitcoin and BlockchainsBitcoin and Blockchains
Bitcoin and BlockchainsSam Bowne
 
Ch 18: Source Code Auditing
Ch 18: Source Code AuditingCh 18: Source Code Auditing
Ch 18: Source Code AuditingSam Bowne
 

Mais de Sam Bowne (20)

11. Diffie-Hellman
11. Diffie-Hellman11. Diffie-Hellman
11. Diffie-Hellman
 
2a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 12a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 1
 
9 Writing Secure Android Applications
9 Writing Secure Android Applications9 Writing Secure Android Applications
9 Writing Secure Android Applications
 
12 Investigating Windows Systems (Part 2 of 3)
12 Investigating Windows Systems (Part 2 of 3)12 Investigating Windows Systems (Part 2 of 3)
12 Investigating Windows Systems (Part 2 of 3)
 
10 RSA
10 RSA10 RSA
10 RSA
 
12 Investigating Windows Systems (Part 1 of 3
12 Investigating Windows Systems (Part 1 of 312 Investigating Windows Systems (Part 1 of 3
12 Investigating Windows Systems (Part 1 of 3
 
9. Hard Problems
9. Hard Problems9. Hard Problems
9. Hard Problems
 
8 Android Implementation Issues (Part 1)
8 Android Implementation Issues (Part 1)8 Android Implementation Issues (Part 1)
8 Android Implementation Issues (Part 1)
 
11 Analysis Methodology
11 Analysis Methodology11 Analysis Methodology
11 Analysis Methodology
 
8. Authenticated Encryption
8. Authenticated Encryption8. Authenticated Encryption
8. Authenticated Encryption
 
7. Attacking Android Applications (Part 2)
7. Attacking Android Applications (Part 2)7. Attacking Android Applications (Part 2)
7. Attacking Android Applications (Part 2)
 
7. Attacking Android Applications (Part 1)
7. Attacking Android Applications (Part 1)7. Attacking Android Applications (Part 1)
7. Attacking Android Applications (Part 1)
 
5. Stream Ciphers
5. Stream Ciphers5. Stream Ciphers
5. Stream Ciphers
 
6 Scope & 7 Live Data Collection
6 Scope & 7 Live Data Collection6 Scope & 7 Live Data Collection
6 Scope & 7 Live Data Collection
 
4. Block Ciphers
4. Block Ciphers 4. Block Ciphers
4. Block Ciphers
 
6 Analyzing Android Applications (Part 2)
6 Analyzing Android Applications (Part 2)6 Analyzing Android Applications (Part 2)
6 Analyzing Android Applications (Part 2)
 
4 Getting Started & 5 Leads
4 Getting Started & 5 Leads4 Getting Started & 5 Leads
4 Getting Started & 5 Leads
 
3. Cryptographic Security
3. Cryptographic Security3. Cryptographic Security
3. Cryptographic Security
 
Bitcoin and Blockchains
Bitcoin and BlockchainsBitcoin and Blockchains
Bitcoin and Blockchains
 
Ch 18: Source Code Auditing
Ch 18: Source Code AuditingCh 18: Source Code Auditing
Ch 18: Source Code Auditing
 

Último

Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxCarlos105
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxSherlyMaeNeri
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxChelloAnnAsuncion2
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxnelietumpap1
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 

Último (20)

Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptx
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxFINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptx
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 

CNIT 141: 6. Introduction to Public-Key Cryptography

  • 1. Understanding Cryptography – A Textbook for Students and Practitioners by Christof Paar and JanPelzl www.crypto-textbook.com Chapter 6 – Introduction to Public-Key Cryptography ver. November 18, 2010 These slides were prepared by Timo Kasper and Christof Paar and modified by Sam Bowne -- revised 10-16-17
  • 2. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl2 Some legal stuff (sorry): Terms of Use • The slides can used free of charge. All copyrights for the slides remain with Christof Paar and Jan Pelzl. • The title of the accompanying book “Understanding Cryptography” by Springer and the author’s names must remain on each slide. • If the slides are modified, appropriate credits to the book authors and the book title must remain within the slides. • It is not permitted to reproduce parts or all of the slides in printed form whatsoever without written consent by the authors.
  • 3. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl3 Topics • Symmetric Cryptography Revisited • Principles of Asymmetric Cryptography • Practical Aspects of Public-Key Cryptography • Important Public-Key Algorithms • Essential Number Theory for Public-Key Algorithms (SKIP)
  • 5. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl • The same secret key K is used for encryption and decryption • Encryption and Decryption are very similar (or even identical) functions Symmetric Cryptography Revisited eK(x) dK(y)x y x KK Alice Bob 5
  • 6. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Symmetric Cryptography: Analogy K 6 K Safe with a lock, only Alice and Bob have a copy of the key • Alice encrypts -- locks message in the safe with her key • Bob decrypts -- uses his copy of the key to open the safe
  • 7. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Symmetric Cryptography: Shortcomings • Symmetric algorithms, e.g., AES or 3DES, are very secure, fast & widespread but: • Key distribution problem: The secret key must be transported securely • Number of keys: In a network, each pair of users requires an individual key 7 A B CF DE
  • 8. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl • Alice or Bob can cheat each other, because they have identical keys. • Alice can sign a contract, and later deny it • Bob could have faked the signature • Doesn't provide non-repudiation Symmetric Cryptography: Shortcomings 8
  • 10. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl New Idea: Like a mailbox: Everyone can drop a letter But: Only the owner has the correct key to open the box Idea Behind Asymmetric Cryptography 10 1976: first publication of such an algorithm by Whitfield Diffie and Martin Hellman,and also by Ralph Merkle.
  • 11. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Asymmetric Cryptography: Analogy Safe with public lock and private lock: 11 • Alice deposits (encrypts) a message with Bob's - not secret - public key Kpub • Only Bob has the - secret - private key Kpr to retrieve (decrypt) the message (Kpub) (Kpr)
  • 12. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl • A message encrypted with a public key can be decrypted with the corresponding private key • The keys are related • Each user must generate an individual key pair • Publish public key where everyone can find it • Protect private key so no one else gets it Key Generation 12
  • 13. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl • It must be easy to calculate the public key from the private key • So keys can be generated • But difficult to calculate the private key from the public key • So attacker's can't get the private key One-Way Functions 13
  • 14. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl • Factorization • Finding prime factors of a large number • n is known; find p and q • Discrete logarithm • Find an integer x satisfying this equation • a, b, and p are known Commonly Used One-Way Functions 14
  • 15. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl • Logarithms to base 10 • log(100) = 2, because 102 = 100 • log(1000) = 3, because 103 = 100 • log(2) = 0.301 • Discrete logarithm • Same thing, except on a ring and using only integers • Find an integer x satisfying this equation • a, b and p are known Logarithms 15
  • 16.
  • 17. Practical Aspects of Public-Key Cryptography
  • 18. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Basic Protocol for Public-Key Encryption Alice Bob (KpubB,KprB) = K KpubB x y=eKpubB (x) y 18 x=dKprB (y) Key Distribution Problem solved * *at least for now; public keys need to be authenticated
  • 19. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl19 Uses of Public-Key Cryptography • Key Distribution • Diffie-Hellman key exchange (DHKE), RSA • Without a pre-shared secret (key) • Nonrepudiation • RSA, DSA or ECDSA (Elliptic Curve Digital Signature Algorithm) • Identification • Digital signatures • Encryption • RSA, ECC (Elliptic Curve Cryptography), or Elgamal
  • 20. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl20 Disadvantage of Public-Key Cryptography • Computationally very intensive • 1000 times slower than symmetric algorithms!
  • 22. RSA Encryption in Python RSA Decryption in Python
  • 26. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl26 Basic Key Transport Protocol 1/2 In practice: Hybrid systems, incorporating asymmetric and symmetric algorithms 1. Key exchange (for symmetric schemes) and digital signatures are performed with (slow) asymmetric algorithms 2. Encryption of data is done using (fast) symmetric ciphers, e.g., block ciphers or stream ciphers
  • 27. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Alice y1 = eKpubB(K) y1 K = dKprB(y1) Key Exchange (asymmetric) y2 = AESK (x) x = AES-1 K (y2) y2 Data Encryption (symmetric) Bob (KpubB,KprB) = K KpubB 27 Choose random symmetric key K message x Basic Key Transport Protocol 2/2 Example: Hybrid protocol with AES as the symmetric cipher
  • 28. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl28 Remaining Problem: Key Authenticity • Alice wants to send a message to Bob • Attacker can publish a fake public key for Bob • Alice uses the fake key, so the attacker can read the message • The current solution is digital certificates and Certificate Authorities
  • 30.
  • 31. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Key Lengths and Security Levels Symmetric ECC RSA, DL Remark 64 Bit 128 Bit ≈ 700 Bit Only short term security (a few hours or days) 80 Bit 160 Bit ≈ 1024 Bit Medium security (except attacks from big governmental institutions etc.) 128 Bit 256 Bit ≈ 3072 Bit Long term security (without quantum computers) 31
  • 32. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl Quantum Computers 32 • The existence of quantum computers would probably be the end for ECC, RSA & DL • TEXTBOOK SAYS: • At least 2-3 decades away, and some people doubt that QC will ever exist
  • 33. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl33 NIST Recommendations from 2016
  • 34. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl34 NIST Recommendations from 2016
  • 35. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl35 NIST Recommendations from 2016
  • 36. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl36 NIST Recommendations from 2016
  • 37. Chapter 6 of Understanding Cryptography by Christof Paar and Jan Pelzl37 ■ Lessons Learned • Public-key algorithms have capabilities that symmetric ciphers don’t have, in particular digital signature and key establishment functions. • Public-key algorithms are computationally intensive (a nice way of saying that they are slow), and hence are poorly suited for bulk data encryption. • Only three families of public-key schemes are widely used. This is considerably fewer than in the case of symmetric algorithms. • The extended Euclidean algorithm allows us to compute modular inverses quickly, which is important for almost all public-key schemes. • Euler’s phi function gives us the number of elements smaller than an integer n that are relatively prime to n. This is important for the RSA crypto scheme.