Cryptography RSA Algorithm BY : Wesam Fadheel Computer science department - WMU CS-6800 Advanced Theory of Computation Instructor: Dr. Elise De Doncker Presented : Feb 3, 2016 [4] YouTube:

OUTLINE Introduction Definitions RSA algorithm RAS is effective References [4] YouTube:

Introduction  Cryptography or cryptology. From Greek kryptós, "hidden, secret"; and γράφειν graphein, "writing", or -λογία -logia, "study“.γράφειν-λογία-logia A Science to write a secret code.  Uses – messages Credit card information Corporate data [4] YouTube:

Definition  Cryptography: referred almost exclusively to encryption, which is the process of converting ordinary information (called plaintext) into unintelligible text (called ciphertext).plaintextciphertext  Decryption: is the reverse, in other words, moving from the unintelligible ciphertext back to plaintext. [4] YouTube:

continue A cipher (or cypher) is a pair of algorithms that create the encryption and the reversing decryption.cipheralgorithms The detailed operation of a cipher is controlled both by the algorithm and in each instance by a "key".key The key is a secret (ideally known only to the communicants). "cryptosystem" is the ordered list of elements ofcryptosystem finite possible plaintexts. finite possible cyphertexts. finite possible keys. and the encryption and decryption algorithms which correspond to each key. Keys are important both formally and in actual practice, as ciphers without variable keys can be trivially broken with only the knowledge of the cipher used and are therefore useless (or even counter-productive) for most purposes. Historically, ciphers were often used directly for encryption or decryption without additional procedures such as authentication or integrity checks.authentication [4] YouTube:

There are two kinds of cryptosystems: Symmetric and Asymmetric [4] YouTube:

Symmetric systems In symmetric systems : the same key (the secret key) is used to encrypt and decrypt a message. Data manipulation in symmetric systems is faster than asymmetric systems as they generally use shorter key lengths. [4] YouTube:

Symmetric systems Simplest cryptographic systems. Algorithms for both encryption and decryption are fixed and known to everyone. There are two inputs, the text to be encoded or decoded and a key. No message can be sent unless there has been some prior agreement on a key. Even if there is an agreement, if the same key is used over an extended period of time, an eavesdropper may be able to infer the key and break the code. [4] YouTube:

Symmetric systems Symmetric models include the commonly used AES (Advanced Encryption System) which replaced the older DES (Data Encryption Standard). [4] YouTube:

Asymmetric systems In Asymmetric systems: Use a public key to encrypt a message and a private key to decrypt it. Use of asymmetric systems enhances the security of communication. [4] YouTube:

Asymmetric systems Examples of asymmetric systems include:  RSA (Rivest-Shamir-Adleman).  ECC (Elliptic Curve Cryptography).Elliptic Curve Cryptography [4] YouTube:

RSA Algorithm [4] YouTube:

RSA Algorithm The most widely used public key system is the RSA algorithm. RSA algorithm [Rivest, Shamir and Adleman] in We assume that Bob and Alice wish to exchange secure messages and that Eve is attempting to eavesdrop. [4] YouTube:

How RSA algorithm work’s  Assume that Bob wants to send a message to Alice. Then 1. Alice chooses a private key known only to him. Alice runs her private key through function f to compute her public key. public = f(private). 2. Alice publishes public key. 3. Bob exploits Alice’s public key to compute ciphertext and he sends ciphertext to Alice. ciphertext = encrypt(plaintext, public) 4. Alice exploits her private key to compute plaintext= decrypt(ciphertext, private). In order for this last step to work, encrypt and decrypt must be designed so that one is the inverse of the other. [4] YouTube:

How RSA algorithm work’s [4] YouTube:

continue If there exist efficient algorithm for performing all four of the steps, then Bob and Alice will be able to exchange messages. If Eve knows the algorithm encrypt and decrypt. So she could easily eavesdrop, if she could infer Bob’s private key from his public one or if she could compute decrypt without knowing Bob’s private key. RSA algorithm uses the mathematical properties of modular arithmetic and the computational properties of prime numbers to ensure that Bob and Alice can perform their tasks efficiently but Eve cannot. [4] YouTube:

continue [4] YouTube:

key Exchange One Way Function (module arithmetic called clock arithmetic ) Discrete Logarithm 12 Easy Hard [4] YouTube:

key Length [4] YouTube:

Diffie Hellman key Exchange 1977 AliceBob Eve 3 mod [4] YouTube:

Preliminaries An integer p >1 is prime iff its only divisors are ±1 and ±p. List of prime number less than 200: [4] YouTube:

Preliminaries a,b are relatively prime if no common divisors except 1. E.g., 8 and 15 are relatively prime. Factors of 8 are 1,2,4,8 and of 15 are 1,3,5,15. Euler totient function Φ(n). Number of positive integers less than n and relatively prime to n. Example: Φ(10) = 4. 1, 3, 7, 9 are relatively prime to 10. For prime numbers p,q: Φ(p)=p-1; Φ(pq)=(p-1)(q-1). n Φ [4] YouTube:

Algorithm [4] YouTube:

Example [4] YouTube:

The RSA algorithm is effective The functions encrypt and decrypt are invers of each other. The proof follows form Euler’s generalization of Fermat’s little theorem. Euler's totient theorem: denoted as φ(n) is an arithmetic function that counts the positive integers less than or equal to n that are relatively prime to n. If n is a positive integer, then φ(n) is the number of integers k in the range 1 ≤ k ≤ n for which the greatest common deviser gcd(n, k) = 1. For example, there are eight totatives of 24 (1, 5, 7, 11, 13, 17, 19, and 23), so φ =(24)=8.totatives [4] YouTube:

continue [4] YouTube:

continue Example a p -a is divisible by p. P is prime. Let p = is divisible by is divisible by is divisible by is divisible by is divisible by 5. Example Is 341 prime? =… is divisible by 341. Fermat liar =… is not divisible by 341. Fermat witness. [4] YouTube:

continue If P is composite number and yet it passes the Fermat test at a, we will say that a is a Fermat liar that p is prime. When ever p fail the Fermat test at a, we’ll say that a is a Fermat witness that p is composite. Algorithm :  Input : A value to be tested and the possible witnesses to be checked.  Output : Composite or Probably Prime number.  simpleFermat (p:integer, k:integer) = 1. Do k times Randomly select a value a in the range [2: p-1] If it is not true that a p-1 ≡ p 1, then return Composite. If all tests passed then return Probably Prime. [4] YouTube:

Question? [4] YouTube:

Choosing Efficient Prime [4] YouTube:

New and Faster Method to check Primality AKS (2002) present an unconditional deterministic polynomial-time algorithm that determines whether an input number is prime or composite. Formula: (x-1) p -(x p -1) If all coefficients are divisible b/p then p is prime. Example: (x-1) 3 = (x -1)(x-1)(x-1). (x-1) 3 – (x 3 -1). (x-1) 3 = x 3 -3 x 2 +3x x 3 + 3x Coefficients dividable by 3 then 3 is prime. (x-1) 3 – (x 3 -1) (x-1) 3 = x 3 -3 x 2 +3x-1 -3 x 3 + 3x [4] YouTube: [5] AkS (2002)

Continue Example: (x-1) 4 = (x -1)(x-1)(x-1). (x-1) 4 – (x 4 -1). (x-1) 4 = x 4 – 4 x 3 + 6x 2 – 4x The Coefficients is not dividable by 4 then 3 is not prime. [4] YouTube:

Euclid’s algorithm  Successive division of 2 numbers followed by the resulting remainder divided into the divisor of each division until the remainder is equal to zero. Then the remainder of the previous division is the gcd.  Example :  Divident = Quotient * Divisor + Remainder  If a = 1071 and b = 462, gcd (1071,462) is : Then, 1071 = 2 * = 3 * = 7 * Stop, as remainder is 0. gcd (1071,462) = 21 [4] YouTube:

References 1.Automata, Computability, and Complexity| Theory and Applications by Elaine Rich, (Appendix J) Applications: Security, chapter 30: Practical Solutions for hard problems and chapter 27: introduction to the analysis of complexity. 2.wikipedia.org: Carmichael numbers. 3.Presentation from the previous class (CS5950 secure coding by Dr. Carr Steve, CS WMU, fall 2015) 4.YouTube: 5.AkS (2002) 6.Student: Darshana Chaturvedi at CS – WMU presentation [4] YouTube:

THANK YOU [4] YouTube:

Questions Q1 Defined Fermat Liar and Fermat Witness, and write down SimpleFermat algorithm test. Answer: If P is composite number and yet it passes the Fermat test at a, we will say that a is a Fermat liar that p is prime. When ever p fail the Fermat test at a, we’ll say that a is a Fermat witness that p is composite. Algorithm :  Input : A value to be tested and the possible witnesses to be checked.  Output : Composite or Probably Prime number.  simpleFermat (p:integer, k:integer) = 1. Do k times Randomly select a value a in the range [2: p-1] If it is not true that a p-1 ≡ p 1, then return Composite. If all tests passed then return Probably Prime. [4] YouTube:

Questions [4] YouTube:

Questions Q3 Assume that Bob wants to send a message to Alice. What is the process? Answer 1. Alice chooses a private key known only to him. Alice runs her private key through function f to compute her public key. public = f(private). 2. Alice publishes public key. 3. Bob exploits Alice’s public key to compute ciphertext and he sends ciphertext to Alice. ciphertext = encrypt(plaintext, public) 4. Alice exploits her private key to compute plaintext= decrypt(ciphertext, private) Q4. what are the relative prime numbers for 12 and 18? List relatively prime for each numbers. Answer Φ(12) = 4 and relatively prime are : 1, 5, 7, 11 Φ(18) = 6 and relatively prime are : 1, 5, 11, 13, 15, Q5 What are the steps to choose two primes efficiently? 1.Randomly choose two large numbers as a candidates. 2.Check the candidate to see if they are prime using Fermat Little Theorem and. 3.Repeat step 1 and 2 until two primes have been chosen. [4] YouTube: