# Data Security 1 El_Gamal Cryptography. Data Security2 Introduction El_Gamal is a public-key cryptosystem technique El_Gamal is a public-key cryptosystem.

## Presentation on theme: "Data Security 1 El_Gamal Cryptography. Data Security2 Introduction El_Gamal is a public-key cryptosystem technique El_Gamal is a public-key cryptosystem."— Presentation transcript:

Data Security 1 El_Gamal Cryptography

Data Security2 Introduction El_Gamal is a public-key cryptosystem technique El_Gamal is a public-key cryptosystem technique was designed by Dr. Taher Elgamal. was designed by Dr. Taher Elgamal. El_Gamal depends on the one way function, means that the encryption and decryption are done in separate functions. El_Gamal depends on the one way function, means that the encryption and decryption are done in separate functions.

Data Security3 Introduction The encryption process requires two modular exponentiations (extra time). The encryption process requires two modular exponentiations (extra time). A disadvantage of El_Gamal encryption is that there is message expansion by a factor of 2. That is, the ciphertext is twice as long as the corresponding plaintext. A disadvantage of El_Gamal encryption is that there is message expansion by a factor of 2. That is, the ciphertext is twice as long as the corresponding plaintext.

Data Security4 Key generation  Receiver A must do the following: 1- Generate a large random prime number (p) 2- Choose a generator number (a) {show in slide 7 } 3- Choose an integer (x) less than (p-2),as secret number. number.

Data Security5 Key generation 4- Compute (d) where d= a x mod p d= a x mod p 5- Determine the public key (p, a, d) and the private key (x) and the private key (x)

Data Security6 Key generation  Example : let p = 11 and a = 2 and x = 5 let p = 11 and a = 2 and x = 5 calculate d = 2 5 mod 11 = 10 calculate d = 2 5 mod 11 = 10 public key = (11,2,10) public key = (11,2,10) private key = (5) private key = (5)

Data Security7 Generator number  How to test (a) generator or not : 1- (a) must be between 1 and p-1 2- Find Ø = p-1 3- Find the all factors of Ø {f1,f2,….,fn} – { 1 }

Data Security8 Generator number 4- Find {q1,q2,…..,qn} where qi = fi qi = fi for the redundant factors for the redundant factors qi = fi freq qi = fi freq 5- (a) generator number if and only if wi= a Ø/qi mode p <> 1, for all qi wi= a Ø/qi mode p <> 1, for all qi

Data Security9 Generator number  Example 1 : let p= 11, a=2,test a is generator number or not ? let p= 11, a=2,test a is generator number or not ? sol: sol: Ø= p-1 = 10, factors of 10 = {2, 5} Ø= p-1 = 10, factors of 10 = {2, 5} q1 = 2,q2 = 5 q1 = 2,q2 = 5 w1 = 2 10/2 mod 11 = 10 <> 1 w1 = 2 10/2 mod 11 = 10 <> 1 w2 = 2 10/5 mod 11 = 4 <> 1 w2 = 2 10/5 mod 11 = 4 <> 1 i.e a generator number. i.e a generator number.

Data Security10 Generator number  Example 2 : let p= 11, a=3,test a is generator number or not ? let p= 11, a=3,test a is generator number or not ? sol: sol: Ø= p-1 = 10, factors of 10 = {2, 5} Ø= p-1 = 10, factors of 10 = {2, 5} q1 = 2,q2 = 5 q1 = 2,q2 = 5 w1 = 3 10/2 mod 11 = 1== 1 w1 = 3 10/2 mod 11 = 1== 1 w2 = 3 10/5 mod 11 = 9 <> 1 w2 = 3 10/5 mod 11 = 9 <> 1 i.e a not generator number. i.e a not generator number.

Data Security11 Generator number  Example 3 : let p= 41, a=2,test a is generator number or not ? let p= 41, a=2,test a is generator number or not ? sol: sol: Ø= p-1 = 40, factors of 40 = {2, 2, 2, 5} Ø= p-1 = 40, factors of 40 = {2, 2, 2, 5} q1 = 2 1 = 2,q2 = 2 2 = 4,q3 = 2 3 = 8 q1 = 2 1 = 2,q2 = 2 2 = 4,q3 = 2 3 = 8 q4 = 5 q4 = 5 w1 = 2 40/2 mod 41 = 0.98 <> 1 w1 = 2 40/2 mod 41 = 0.98 <> 1 w2 = 2 40/4 mod 41 = 40 <> 1 w2 = 2 40/4 mod 41 = 40 <> 1

Data Security12 Generator number w2 = 2 40/8 mod 41 = 32 <> 1 w2 = 2 40/5 mod 41 = 10 <> 1 i.e a generator number

Data Security13 Encryption  Sender B must do the following : 1- Obtain the public key (p, a, d ) from 1- Obtain the public key (p, a, d ) from the receiver A. the receiver A. 2- Choose an integer k such that : 2- Choose an integer k such that : 1 < k < p-2 1 < k < p-2

Data Security14 Encryption 3- Represent the plaintext as an integer m where 0 < m < p-1 4- compute (y) as follows : y = a k mod p y = a k mod p 5- compute (z) as follows : z = (d k * m ) mod p z = (d k * m ) mod p

Data Security15 Encryption 6- Find the ciphertext (C) as follows : C= ( y, z ) C= ( y, z ) 7- The sender B send C to The receiver A.

Data Security16 Decryption  Receiver A must do the following : 1- Obtain the ciphertext (C) from B. 2- compute (r) as follows : r = y p-1-x mod p r = y p-1-x mod p 3- Recover the plaintext as follows: m = ( r * z ) mod p m = ( r * z ) mod p

Data Security17 Example Let p = 11 and a generator number = 2 and select integer number x = 5 calculate d = 2 5 mod 11 = 10 calculate d = 2 5 mod 11 = 10Then public key = ( 11, 2, 10) public key = ( 11, 2, 10) private key = (5) private key = (5)

Data Security18 Example Plaintext = Age Represent the plaintext as integer value as follows: The new plaintext = ( 1 7 5 )

Data Security19 Example Encryption (sender): y = a k mod p, z = (d k * m ) mod p y = a k mod p, z = (d k * m ) mod p Choose an random integer value k = 6 Choose an random integer value k = 6 y A = 2 6 mod 11 = 9 y A = 2 6 mod 11 = 9 z A = (10 6 *1) mod 11 = 1 z A = (10 6 *1) mod 11 = 1

Data Security20 Example Choose an random integer value k = 4 y g = 2 4 mod 11 = 5 y g = 2 4 mod 11 = 5 z g = (10 4 *7) mod 11 = 7 z g = (10 4 *7) mod 11 = 7 Choose an random integer value k = 7 y e = 2 7 mod 11 = 7 y e = 2 7 mod 11 = 7 z e = (10 7 *5) mod 11 = 6 z e = (10 7 *5) mod 11 = 6 Ciphertext = (9,1) (5,7) (7,6) The sender B send the ciphertext to the receiver A.

Data Security21 Example The receiver decrypt the ciphertext as follows : Compute (r) and (m) where Compute (r) and (m) where r = y p-1-x mod p, m = ( r * z ) mod p r = y p-1-x mod p, m = ( r * z ) mod p r1= 9 11-1-5 mod 11 = 1 r1= 9 11-1-5 mod 11 = 1 m1= (1*1) mod 11= 1 m1= (1*1) mod 11= 1

Data Security22 Example r1= 5 11-1-5 mod 11 = 1 m2 = ( 1 * 7 ) mod 11 = 7 r1= 7 11-1-5 mod 11 = 10 m3 = ( 10 * 6 ) mod 11 = 5

Data Security23 Example The receiver find the plaintext ( 1 7 5 ) Convert the plaintext to letters = Age