Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 3 Public Key Cryptography and Message authentication.

Similar presentations

Presentation on theme: "Chapter 3 Public Key Cryptography and Message authentication."— Presentation transcript:

1 Chapter 3 Public Key Cryptography and Message authentication.

2 Approaches to message authentication Public key cryptography principles Public key cryptography algorithms Digital signatures Introduction

3 Block vs Stream Ciphers block ciphers process messages in into blocks, each of which is then en/decrypted like a substitution on very big characters 64-bits or more stream ciphers process messages a bit or byte at a time when en/decrypting many current ciphers are block ciphers hence are focus of course Block ciphers work a on block / word at a time, which is some number of bits. All of these bits have to be available before the block can be processed. Stream ciphers work on a bit or byte of the message at a time, hence process it as a stream.

4 Authentication Requirements - must be able to verify that: 1. Message came from apparent source or author, 2. Contents have not been altered, 3. Sometimes, it was sent at a certain time or sequence. Protection against active attack (falsification of data and transactions)

5 Approaches to Message Authentication Authentication Using Conventional Encryption Only the sender and receiver should share a key Message Authentication without Message Encryption An authentication tag is generated and appended to each message Message Authentication Code Calculate the MAC as a function of the message and the key. MAC = F(K, M)


7 One way HASH function

8 One-way HASH function Secret value is added before the hash and removed before transmission.

9 Secure HASH functions Purpose of the HASH function is to produce a fingerprint. Properties of a HASH function H : 1. H can be applied to a block of data at any size 2. H produces a fixed length output 3. H(x) is easy to compute for any given x. 4. For any given block x, it is computationally infeasible to find x such that H(x) = h 5. For any given block x, it is computationally infeasible to find with H(y) = H(x). 6. It is computationally infeasible to find any pair (x, y) such that H(x) = H(y)

10 Simple HASH function One-bit circular shift on the hash value after each block is processed would improve


12 Public-key cryptography principles A public-key encryption scheme has 6 ingredients Plaintext: This is readable message or data that is fed into the algorithm as input Encryption algorithm: The encryption algorithm performs various transformation on the plain text Public and private key: pair of keys that have been selected where one is used for encryption and other is decryption. Ciphertext: scrambled message produced as output Decryption algorithm: accepts ciphertext and matching key and produces the original plain text

13 Public key Cryptography

14 Applications for Public-Key Cryptosystems Three categories: Encryption/decryption: The sender encrypts a message with the recipients public key. Digital signature: The sender signs a message with its private key. Key echange: Two sides cooperate two exhange a session key.

15 Requirements for Public-Key Cryptography 1. Computationally easy for a party B to generate a pair (public key KU b, private key KR b ) 2. Easy for sender to generate ciphertext: 3. Easy for the receiver to decrypt ciphertect using private key:

16 Requirements for Public-Key Cryptography 4. Computationally infeasible to determine private key (KR b ) knowing public key (KU b ) 5. Computationally infeasible to recover message M, knowing KU b and ciphertext C 6. Either of the two keys can be used for encryption, with the other used for decryption:

17 Public-Key Cryptographic Algorithms RSA and Diffie-Hellman RSA - Ron Rives, Adi Shamir and Len Adleman at MIT, in RSA is a block cipher The most widely implemented Diffie-Hellman Echange a secret key securely Compute discrete logarithms

18 The RSA Algorithm – Key Generation 1. Select p,q p and q both prime 2. Calculate n = p x q 3. Calculate 4. Select integer e 5. Calculate d 6. Public KeyKU = {e,n} 7. Private keyKR = {d,n}

19 Example of RSA Algorithm

20 The RSA Algorithm - Encryption Plaintext:M

21 The RSA Algorithm - Decryption Ciphertext:C Plaintext:M = C d (mod n)

22 Other Public-Key Cryptographic Algorithms Digital Signature Standard (DSS) Makes use of the SHA-1 Not for encryption or key echange Elliptic-Curve Cryptography (ECC) Good for smaller bit size Low confidence level, compared with RSA Very complex

23 Digital signatures Bob wants to send a message to alice and wants to maintain secret. Bob has private key and no one could have created a cipher text that could be decrypted bobs public key. This is not possible to alter the message without access. This emphasis that the encryption process just described does not provide confidentiality. Even in this case of complete encryption, there is no protection of confidentiality because any observer can decrypt the message by using the senders public key.

24 Key management Public key certificates: A certificate consists of a public key + a user id of the key owner, with the whole block singed by a trusted third party. The third party should be a government agency or financial institution Public key distribution of secret keys Sharing a secret key between 2 parties is the conventional method to share the information

25 Key Management Public-Key Certificate Uses

Download ppt "Chapter 3 Public Key Cryptography and Message authentication."

Similar presentations

Ads by Google