Presentation is loading. Please wait.

Presentation is loading. Please wait.

Encryption, continued Public Key encryption and Digital Signatures.

Published byFelix Small Modified over 8 years ago

Similar presentations

Presentation on theme: "Encryption, continued Public Key encryption and Digital Signatures."— Presentation transcript:

1 Encryption, continued Public Key encryption and Digital Signatures

2 Public Key encryption Eliminates the need to deliver a key Two keys: one for encoding, one for decoding Known algorithm –security based on security of the decoding key Essential element: –knowing the encoding key will not reveal the decoding key

3 Effective Public Key Encryption Encoding method E and decoding method D are inverse functions on message M: –D(E(M)) = M Computational cost of E, D reasonable D cannot be determined from E, the algorithm, or any amount of plaintext attack with any computationally feasible techniqueplaintext attack E cannot be broken without D (only D will accomplish the decoding) Any method that meets these criteria is a valid Public Key Encryption technique

4 It all comes down to this: key used for decoding is dependent upon the key used for encoding, but the relationship cannot be determined in any feasible computation or observation of transmitted data

5 Rivest, Shamir, Adelman (RSA) Choose 2 large prime numbers, p and q, each more than 100 digits Compute n=p*q and z=(p-1)*(q-1) Choose d, relatively prime to zrelatively prime Find e, such that e*d=1 mod (z)e*d=1 mod (z) –or e*d mod z = 1, if you prefer. This produces e and d, the two keys that define the E and D methods.

6 Public Key encoding Convert M into a bit stringM into a bit string Break the bit string into blocks, P, of size k –k is the largest integer such that 2 k <n –P corresponds to a binary value: 0<P<n Encoding method –E = Compute C=P e (mod n) Decoding method –D = Compute P=C d (mod n) e and n are published (public key) d is closely guarded and never needs to be disclosed

7 An example: Given p=7; q=11 Compute n, z, d, e, k n=77; z=60 d=13; e=37; k=6 Test message = CAT Using A=1, etc and 5-bit representation : – 00011 00001 10100 Since k=6, regroup the bits (arrange right to left so that any padding needed will put 0's on the left and not change the value): –000000 110000 110100 (three leading zeros added to fill the block) decimal equivalent: 0 48 52 Each of those raised to the power 37 (e) mod n: 0 27 24 Each of those values raised to the power 13 (d) mod n (convert back to the original): 0 48 52

8 On a practical note: PGP You can create your own real public and private keys using PGP (Pretty Good Privacy) See the following Web sites for full information. (MIT site - obsolete) http://www.pgpi.org/products/pgp/versions/freeware/ http://www.freedownloadscenter.com/Utilities/Required_Files/ PGP.htmlhttp://www.freedownloadscenter.com/Utilities/Required_Files/ PGP.html

9 Issues Intruder vulnerability –If an intruder intercepts a request from A for B’s public key, the intruder can masquerade as B and receive messages from B intended for A. The intruder can send those same or different messages to B, pretending to be A. –Prevention requires authentication of the public key to be used. Computational expense –One approach is to use Public Key Encryption to send the Key for use in DES, then use the faster DES to transmit messages

10 Digital Signatures Some messages do not need to be encrypted, but they do need to be authenticated: reliably associated with the real sender –Protect an individual against unauthorized access to resources or misrepresentation of the individual’s intentions –Protect the receiver against repudiation of a commitment by the originator

11 Digital Signature basic technique Sender A Receiver B Intention to send E(Random Number) where E is A’s public key Message and D(E(Random Number)) = Random Number, decoded as only A could do

12 Public key encryption with implied signature Add the requirement that E(D(M)) = M Sender A has encoding key E A (private), decoding key D A (public), Intended receiver has encoding (public) key E B. A produces E B (D A (M)) Receiver calculates E A (D B (E B (D A (M)))) –Result is M, but also establishes that only A could have encoded M

13 Digital Signature Standard (DSS) Verifies that the message came from the specified source and also that the message has not been modified More complexity than simple encoding of a random number, but less than encrypting the entire message Message is not encoded. An authentication code is appended to it.

14 Digital Signature - SHA FIPS Pub 186 - Digital Signature Standard http://www.itl.nist.gov/fipspubs/fip186.htm http://www.itl.nist.gov/fipspubs/fip186.htm

15 Encryption summary Problems –intruders can obtain sensitive information –intruder can interfere with correct information exchange Solution –disguise messages so an intruder will not be able to obtain the contents or replace legitimate messages with others

16 Important methods DES –fast, reasonably good encryption –key distribution problem Public Key Encryption –more secure based on the difficulty of factoring very large numbers –no key distribution problem –computationally intense

17 Digital signatures Authenticate messages so the sender cannot repudiate the message later Protect messages from changes during transmission or at the receiver’s site Useful when the contents do not need encryption, but the contents must be accurate and correctly associated with the sender

18 Legal and ethical issues People who work in these fields face problems with allowable exports, and are not always allowed to talk about their work. Is it desirable to have government able to crack all codes? What is the tradeoff between privacy of law abiding citizens vs. the ability of terrorists and drug traffickers to communicate in secret? –Brief discussion now –During the coming week, continue the discussion online. Use the WebCT discussion list. See assignment there.

Download ppt "Encryption, continued Public Key encryption and Digital Signatures."

Similar presentations

Access Control and Rights Management. Legal and Technical Issues Legal: When is a resource available to digitize and make available. What requirements.

Access Control and Rights Management. Legal and Technical Issues Legal: When is a resource available to digitize and make available. What requirements.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptographic Technologies

Cryptographic Technologies
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.

Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Topic 5 Essential Public Key Crypto Methods.

The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Topic 5 Essential Public Key Crypto Methods.
Chapter 3 Encryption Algorithms & Systems (Part C)

Chapter 3 Encryption Algorithms & Systems (Part C)
Public Key Algorithms 4/17/2017 M. Chatterjee.

Public Key Algorithms 4/17/2017 M. Chatterjee.
Security 2 Distributed Systems Lecture# 15. Overview Cryptography Symmetric Assymeteric Digital Signature Secure Digest Functions Authentication.

Security 2 Distributed Systems Lecture# 15. Overview Cryptography Symmetric Assymeteric Digital Signature Secure Digest Functions Authentication.
Computer Science Lecture 22, page 1 Security in Distributed Systems Introduction Cryptography Authentication Key exchange Readings: Tannenbaum, chapter.

Computer Science Lecture 22, page 1 Security in Distributed Systems Introduction Cryptography Authentication Key exchange Readings: Tannenbaum, chapter.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Introduction to Public Key Cryptography

Introduction to Public Key Cryptography
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.

Similar presentations

Ads by Google