Public-Key Cryptography CS110 Fall 2002
Conventional Encryption
Public Key Cryptography Instead of a single key, there is a key pair. One of the keys is kept secret (private key). The other key is made available to anyone (public key). If one key encrypts, then the other decrypts. If one key decrypts, then the other encrypts. “Computationally infeasible” to derive the private key from the public key.
How Does It Work? Each user generates a pair of keys to be used for the encryption and decryption of messages. KU b KR b KU a KR a
How Does It Work? Each user then places their public key in a public register or other available location. KU b KR b KU a KR a Public information
How Does It Work? If Bob wishes to send a secret message to Alice, he encrypts the message with Alice’s public key. KU b KR b KU a KR a Public information How are you? Encrypt KU a Shy3!ks8sk&0
How Does It Work? When Alice receives a message, she decrypts it with her private key. No one else can decrypt the message except Alice because only she knows the private key! KU b KR b KU a KR a Public information How are you? Encrypt KU a Shy3!ks8sk&0 KU a Decrypt KR a How are you?
Some Things to Notice Everyone has access to everyone else’s public keys! As long as a user protects his or her private key, communication is secure. What if a user wants to change his or her key? KU b KR b KR a Public information How are you? Encrypt KU a Shy3!ks8sk&0 KU a Decrypt KR a How are you?
Applications for Public-Key Crypto The first is obvious -- confidentiality! KU b KR b KR a Public information How are you? Encrypt KU a Shy3!ks8sk&0 KU a Decrypt KR a How are you? Only Alice can decrypt
Applications for Public-Key Crypto What happens if Bob encrypts his message with his private key and sends it to Alice? KU b KR b KR a Public information How are you? Encrypt KU a Jly3^ks6sk%9 KR b Decrypt How are you? Anyone can Decrypt. Why? KU b
Applications for Public-Key Crypto This application is called a digital signature because Bob signs his message with his private key. How can Alice be assured that it really came from Bob? KU b KR b KR a Public information How are you? Encrypt KU a Jly3^ks6sk%9 KR b Decrypt How are you? Anyone can Decrypt. Why? KU b
Requirements for Public-Key Cryptography It is computationally easy to generate the key pairs. It is computationally easy for a sender to encrypt a message, knowing the recipient’s public key. It is computationally easy for a receiver to decrypt a message using their own private key.
Requirements for Public-Key Cryptography (cont) It is computationally infeasible for an opponent, knowing the public key to determine the private key. It is computationally infeasible for an opponent, knowing the public key and ciphertext, to recover the original message. The keys should be inverses of one another.
An Example – RSA (Generate Keys) 1 – Generate 2 very large (random)primes, p and q 2 – Calculate n = p x q 3 – Calculate Φ(n) = (p-1)(q-1) 4 – Select integer e, such that gcd(Φ(n), e)=1 5 – Calculate d, where d·e=1 mod Φ(n) 6 – The public key, KU = {e, n} 7 – The private key, KR = {d, n}
An Example – RSA Encryption Plaintext: M < n Ciphertext: C=M e mod n Decryption Ciphertext: C Plaintext: M=C d mod n
RSA – Simple Example Find the Keys Assume we pick the random primes: p = 3, q = 11 Generate a public/private key pair. n = p x q = 3 * 11 = 33 Φ(n) = (p-1)(q-1) = 20 Select e, such that gcd(Φ(n), e)= 1 = 7 Calculate d, where d·7=1 mod 20
RSA – Simple Example How do we calculate d, where d·7=1 mod 20 One way is to try numbers: d = 1 1 * 7 = 7 mod 20 d = 2 2 * 7 = 14 mod 20 d = 3 3 * 7 = 21 mod 20 = 1 mod 20 So, d = 3.
RSA – Simple Example The public key, KU = {e, n} = {7, 33} The private key, KR = {d, n} = {3, 33} Now, suppose we want to encrypt the message M = 24. Ciphertext: C=M e mod n = 24 7 mod 33 = 18
RSA – Simple Example How does one decrypt a message? Use the previous example. Suppose you receive the ciphertext C = 18. Plaintext: M=C d mod n = 18 3 mod 33 = 24