Presentation is loading. Please wait.

Presentation is loading. Please wait.

Public Key Algorithms …….. RAIT M. Chatterjee.

Similar presentations

Presentation on theme: "Public Key Algorithms …….. RAIT M. Chatterjee."— Presentation transcript:

1 Public Key Algorithms …….. RAIT M. Chatterjee

2 Public Key Cryptography
Two keys Private key known only to individual Public key available to anyone Idea Confidentiality: encipher using public key, decipher using private key Integrity/authentication: encipher using private key, decipher using public one RAIT M. Chatterjee

3 Requirements Given the appropriate key, it must be computationally easy to encipher or decipher a message It must be computationally infeasible to derive the private key from the public key It must be computationally infeasible to determine the private key from a chosen plaintext attack RAIT M. Chatterjee

4 Public-Key Cryptography
public-key/two-key/asymmetric cryptography involves the use of two keys: a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures RAIT M. Chatterjee

5 Public-Key Cryptography
is asymmetric because those who encrypt messages or verify signatures cannot decrypt messages or create signatures RAIT M. Chatterjee

6 Public-Key Cryptography
RAIT M. Chatterjee

7 Why Public-Key Cryptography?
developed to address two key issues: key distribution – how to have secure communications in general without having to trust a KDC with your key digital signatures – how to verify a message comes intact from the claimed sender public invention due to Whitfield Diffie & Martin Hellman at Stanford in 1976 known earlier in classified community RAIT M. Chatterjee

8 Public-Key Applications
can classify uses into 3 categories: key exchange (of session keys) encryption/decryption (provide secrecy) digital signatures (provide authentication) some algorithms are suitable for all uses, others are specific to one RAIT M. Chatterjee

9 Security of Public Key Schemes
like private key schemes brute force exhaustive search attack is always theoretically possible but keys used are too large (>512 bits) not comparable to symmetric key sizes security relies on a large enough difference in difficulty between easy (en/decrypt) and hard (to cryptanalyze) problems requires the use of very large numbers hence is slow compared to secret key schemes RAIT M. Chatterjee

10 Diffie-Hellman Compute a common, shared key
Called a symmetric key exchange protocol Based on discrete logarithm problem Given integers n and g and prime number p, compute k such that n = gk mod p Solutions known for small p Solutions computationally infeasible as p grows large – hence, choose large p RAIT M. Chatterjee

11 Diffie-Hellman Key Exchange
a public-key distribution scheme cannot be used to exchange arbitrary messages rather it can establish a common key known only to the two participants value of key depends on the participants (and their private and public key information) based on exponentiation in a finite (Galois) field (modulo a prime or a polynomial) - easy security relies on the difficulty of computing discrete logarithms (similar to factoring) – hard RAIT M. Chatterjee

12 Generating the Diffie-Hellman public key
Diffie-Hellman Setup Generating the Diffie-Hellman public key The Diffie-Hellman system allows Alice and Bob to agree on a key even when Eve is listening to everything they say to each other. Alice and Bob need to agree on a prime number p, which they can do by simply sending it to each other. Eve is allowed to learn this number p. In practice the number p is often simply advertised somewhere public. RAIT M. Chatterjee

13 Generators & Public Key
Given a prime number p, it is possible to come up with a number g (the so-called generator) with a very interesting property. Every number between 1 and p-1 can be written as a power of g when calculating modulo p. For example, using p = 5 the generator is 2, because 20 = 1 21 = 2 22 = 4 23 = 3 (because 8 = 3 mod 5) Alice and Bob agree in the same way on a generator g for the numbers between 1 and p-1. The numbers p and g serve as the public key. RAIT M. Chatterjee

14 Diffie-Hellman Key Exchange
Shared key, public communication No authentication of partners What’s involved? P is a prime (about 512 bits), and g < p P and g are publicly known RAIT M. Chatterjee

15 Diffie-Hellman Key Exchange
Procedure Alice Bob pick secret Sa randomly pick secret Sb randomly compute TA=gSa mod p compute TB=gSb mod p send TA to Bob send TB to Alice compute TBSa mod p compute TASb mod p RAIT M. Chatterjee

16 Alice and Bob reached the same secret gSaSb mod p, which is then used as the shared key.
RAIT M. Chatterjee

17 DH Security - Discrete Logarithm Is Hard
T = gs mod p Conjecture: given T, g, p, it is extremely hard to compute the value of s (discrete logarithm) RAIT M. Chatterjee

18 Diffie-Hellman Scheme
Security factors Discrete logarithm very difficult. Shared key (the secret) itself never transmitted. RAIT M. Chatterjee

19 Disadvantages: Expensive exponential operation
DoS possible. The scheme itself cannot be used to encrypt anything – it is for secret key establishment. No authentication, so you can not sign anything … RAIT M. Chatterjee

20 Bucket Brigade Attack...Man In The Middle
Alice Trudy Bob gSa=123 gSx =654 gSb =255 123 --> > < <--255 654Sa=123Sx Sx=654Sb Trudy plays Bob to Alice and Alice to Bob RAIT M. Chatterjee

21 Encryption With Diffie-Hellman
Everyone computes and publishes <p, g, T> T=gS mod p Alice communicates with Bob: Alice Picks a random secret Sa Computes gbSa mod pb Use Kab = TbSa mod pb to encrypt message Send encrypted message along with gbSa mod pb RAIT M. Chatterjee

22 Diffie-Hellman Bob (gbSa)Sb mod pb = (gbSb)Sa mod pb = TbSa mod pb = Kab Use Kab to decrypt RAIT M. Chatterjee

23 Example of an attack N=11 g=7 Alice chooses x=3 Bob chooses y=9
Trudy chooses x=8 and y=6 RAIT M. Chatterjee

24 Alice sends 2 to Bob….Trudy intercepts and sends 9
Alice computes 73 mod 11 =2 Bob computes 79 mod 11 =8 Trudy computes 78 mod 11 =9 and 76 mod 11 = 4 Alice sends 2 to Bob….Trudy intercepts and sends 9 Bob sends 8 to Alice….Trudy intercepts and sends 4 RAIT M. Chatterjee

25 Thus Trudy is man-in-the-middle……..
Alice computes K1= 43 mod 11 =9 Bob computes K2= 99 mod 11 =5 Trudy computes K1 = 88 mod 11 =5 And K2= 26 mod 11 = 9 Thus Trudy is man-in-the-middle…….. RAIT M. Chatterjee

Download ppt "Public Key Algorithms …….. RAIT M. Chatterjee."

Similar presentations

Ads by Google