Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptography and Public Policy Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Cryptography and Public Policy Montclair State University CMPT 109 J.W. Benham Spring, 1998."— Presentation transcript:

1 Cryptography and Public Policy Montclair State University CMPT 109 J.W. Benham Spring, 1998

2 Historical Background of Public- Key Cryptography 1976: W. Diffie and M.E. Hellman proposed the first public-key encryption algorithms -- actually an algorithm for public exchange of a secret key. 1978: L.M Adleman, R.L. Rivest and A. Shamir propose the RSA encryption method –Currently the most widely used –Basis for the spreadsheet used in the lab

3 The RSA Encryption Algorithm Use a random process to select two large prime numbers P and Q. Compute the product M = P*Q. This number is called the modulus, and is made publicly available. –RSA currently recommends a modulus that’s at least 768 bits long. Also compute the Euler totient T = (P-1)*(Q-1). Keep this number (as well as P and Q) secret.

4 RSA (continued) Randomly choose a public key E that has no factors in common with T = (P-1)*(Q-1). Compute a private key D so that E*D leaves a remainder of 1 when divided by T. –We say E*D is congruent to 1 modulo T Note that D is easy to compute only if one knows the value of T. This is essentially the same as knowing the values of P and Q.

5 RSA (continued) If N is any number that is not divisible by M, then dividing N E*D by M and taking the remainder yields the original value N. –This is a relatively deep mathematical theorem, which we can write as N E*D mod M = N.) If N is a numeric encoding of a block of plaintext, the cyphertext is C = N E mod M. Then C D mod M = (N E ) D mod M = N E*D mod M = N. Thus, we can recover the plaintext N with the private key D.

6 Why RSA Works Multiplying P by Q is easy: the number of operations depends on the number of bits (number of digits) in P and Q. For example, multiplying two 384-bit numbers takes approximately 384 2 = 147,456 bit operations

7 Why RSA Works (2) If one knows only M, finding P and Q is hard: in essence, the number of operations depends on the value of M. –The simplest method for factoring a 768-bit number takes about 2 384  3.94  10 115 trial divisions. –A more sophisticated methods takes about 2 85  3.87  10 25 trial divisions. –A still more sophisticated method takes about 2 41  219,000,000,000 trial divisions

8 Why RSA Works (3) No-one has found an really quick algorithm for factoring a large number M. No-one has proven that such a quick algorithm doesn’t exist (or even that one is unlikely to exist). Peter Shor has devised a very fast factoring algorithm for a quantum computer, if anyone manages to build one.

9 Public Policy I: Export Control No restrictions on printed descriptions of encryption methods. U.S. government regards computer implementations of strong encryption methods as munitions, covered by ITAR. Current regulations permit the export of relatively weak encryption systems (like 40-bit DES or 512-bit RSA).

10 The Export Policy Debate PRO: It is desirable to keep strong encryption out of the hands of international terrorists and unfriendly governments. CON: Since strong encryption is available and permitted in other countries, export restrictions reduce the ability of US companies to compete internationally.

11 Public Policy II: Key Escrow Each Clipper Chip has the following: Circuitry to implement SKIPJACK, an 80- bit private-key encryption algorithm developed by the NSA (classified as Secret) A 22-bit unique identification number (UID) An 80-bit family key (KF) common to all Clipper Chips. An 80-bit unique chip key (KU)

12 Key Escrow (2) For each chip, the manufacturer produces two additional keys KU1 and KU2 that can be combined to recover KU. Each additional key is combined with the chip’s UID and given to an escrowing agency -- currently the National Institute of Standards and the Treasury Department

13 Key Escrow (3) When two users wish to exchange encrypted messages, their chips establish an 80-bit shared session key (KS). The chip also generates a Law Enforcement Access Field (LEAF) that includes the UID, the session key encrypted using the chips unique key (KU) and a check sum, all encrypted using the family key (KF)

14 Key Escrow (4) With appropriate authorization (e.g., a court order), the escrowing agencies must relinquish KU1 and KU2 to the police. The police can then recover KU. From that and the LEAF, they can recover KS and “listen in” on the exchange (and any future exchanges that originate from the same chip).

15 Defeating Key Escrow Matthew Blaze showed that it was possible to generate a phony LEAF that one could substitute for the actual LEAF. He also suggested an easier way: encrypt a message using software before or after encryption using the clipper chip.

16 Debate on Key Escrow (PRO) Key escrow provides a reasonable balance between citizen’s needs for privacy and the needs of law enforcement. It gives the police no new power; it just ensures that they will retain their current powers to listen in on private conversations (with a warrant). It will be a voluntary standard, not mandatory.

17 Debate on Key Escrow (CON) Even if it’s voluntary, an escrowed encryption system could become the de facto standard, discouraging the use of other (possibly stronger) methods. An escrowed encryption standard is an unwarranted, and possibly unconstitutional, intrusion on individual privacy. Escrowed encryption would increase the power and effectiveness of governments hostile to human liberty.

18 Two Bills Before Congress Security and Freedom through Encryption (SAFE) Bill –Loosens export restrictions –Permits private key escrow Secure Public Networks Bill –Maintains strong export restrictions, subject to annual review by the President –Provides strong incentives for key escrow, but does not make it mandatory.

Download ppt "Cryptography and Public Policy Montclair State University CMPT 109 J.W. Benham Spring, 1998."

Similar presentations

Cryptography and Network Security Chapter 9

Cryptography and Network Security Chapter 9
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
hap8.html#chap8ex5.

hap8.html#chap8ex5.
Key Escrow System “like leaving your key with a neighbour in case of an emergency” 10-11-2009 SSIN – MIEIC Micael Fernando Fonseca Oliveira.

Key Escrow System “like leaving your key with a neighbour in case of an emergency” SSIN – MIEIC Micael Fernando Fonseca Oliveira.
Abdullah Sheneamer CS591-F2010 Project of semester Presentation University of Colorado, Colorado Springs Dr. Edward RSA Problem and Inside PK Cryptography.

Abdullah Sheneamer CS591-F2010 Project of semester Presentation University of Colorado, Colorado Springs Dr. Edward RSA Problem and Inside PK Cryptography.
Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.

Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.

Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.
1 Lecture #10 Public Key Algorithms HAIT Summer 2005 Shimrit Tzur-David.

1 Lecture #10 Public Key Algorithms HAIT Summer 2005 Shimrit Tzur-David.
Public Key Cryptography

Public Key Cryptography
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Public Key Cryptography and the RSA Algorithm

Public Key Cryptography and the RSA Algorithm
Cryptography & Number Theory

Cryptography & Number Theory
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.

Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.

Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
The RSA Algorithm JooSeok Song 2007. 11. 13. Tue.

The RSA Algorithm JooSeok Song Tue.
“RSA”. RSA  by Rivest, Shamir & Adleman of MIT in 1977  best known & widely used public-key scheme  RSA is a block cipher, plain & cipher text are.

“RSA”. RSA  by Rivest, Shamir & Adleman of MIT in 1977  best known & widely used public-key scheme  RSA is a block cipher, plain & cipher text are.

Similar presentations

Ads by Google