Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding

RSA algorithm The most famous algorithm to handle public key encryption is the RSA algorithm. Named after its founders (Ron Rivest, Adi Shamir and Leonard Adelman). There are two interrelated components in RSA: Choice of the public key and the private key. The encryption and decryption algorithm. 2

RSA algorithm RSA algorithm is based on mathematical exponentiations, which are very time consuming. In comparison to DES, RSA is more than 100 times slower in software and between 1,000 to 10,000 times slower in hardware than DES. Because of this disadvantage in RSA, it is usually used in combination with DES. (i.e. RSA will be used first to encrypt and send the DES secret key. later, the messages between the sender and the receiver will be encrypted using the shared secret key). A similar technique is used in SSL protocol. 3

Signature Handwritten signature is used to authenticate the identity of the sender, to guarantee that the message have not been changed. It is also used as an evidence against sender repudiation. Digital Signature is the electronic equivalent of the written signature.

Digital signature and message integrity Encryption and decryption essentially used to achieve confidentiality. But they are computationally expensive and in many cases confidentiality is not needed. For example, two routers exchanging routing tables doesn’t need secrecy, instead they need to authenticate the sender and to ensure that the message has not been changed en route (message integrity). This is why digital signature is used. 5

Digital signature In the case of symmetric key, there is a single shared secret key. The fact that the sender knows the secret key implicitly identifies the sender to the receiver. In the case of public key cryptography, however, this is no longer true since anyone can claim to be Ali, encrypt and send a message to Bacil using Bacil’s public key. To solve this problem, Digital Signature was developed. 6

Digital signature We can carryout digital signature by encrypting data with the private key of the sender. ( and If we want to achieve confidentiality too, we have also to encrypt the result with the public key of the receiver). This is not a good idea. Why ?

Digital signature A more efficient approach is to use the “Message Digest” technique. Message Digest (sometimes called Hash Value) is a somehow like a checksum, used to ensure that the message was not changed en route. Message Algorithm (sometimes called Hash Function) is an algorithm that takes a message m and compute a fixed length fingerprint of data from it, known as “message digest”, H(m).

Digital signature The idea here is that the message digest H(m) of the message m is an indicator of whether the message has been changed during transmission or not. - If m is changed to m`, we will find that H(m) ≠ H(m`) - In fact, any change in m will result in completely different H(m) - The chance that two different messages may have the same H(m) is almost imposible, and it is unfeasible to compute m from its H(m).

Digital signature Lets suppose that Ali wants to sign a message to ensure that Bacil will receive it unchanged. - If the H(m) computed at the receiver and the H(m) received are equal this confirms that the message was not changed during transmission. (message integrity). - Since the H(m) was encrypted using the private key of the sender, this authenticate the sender. * This is basicly the digital signature. Retrieve m and H(m), then calculate H(m) for m. Compare the computed H(m) with the received H(m) If they are equal, the message was not changed. Calculate H(m) of the message m. Then encrypt H(m) using Ali’s private key Ali Bacil m plain or encrypted with B’s public key + H(m) encryped with A’s private key Insecure Channel

Standards for hash functions: The Secure Hash Algorithm (SHA-1): this algorithm produces a message digest of 160 bit from message. The MD5: produces 128 bit message digest. The Digital Signature Algorithm (DSA): adopted by the government of the United States. * Many countries put laws making digital signature as legally binding as normal handwritten signature.

Key distribution and certification The main disadvantage in symmetric key cryptography is the need for the two communicating parties to agree upon the secret key before they begin to communicate. In public key cryptography there is no need to agree on a secret key on advance. But one of the problems in public key cryptography is about obtaining securely the public key. (In other words, how can you be sure that the public key of Ali is really belongs to Ali, not to someone else claiming that he is Ali). These problems can be solved using a trusted intermediary.

Key distribution and certification The trusted intermediary for the symmetric key cryptography is called a Key Distribution Center (KDC). It is a server that is used to establish a symmetric key by one party and then send it securely to the other party. For example, Kerberos. The trusted intermediary for the asymmetric key cryptography is called Certification Authority (CA). The Certification Authority certifies that a public key really belongs to a particular entity. CA’s job is to validate identities and to issue certificates. The certificate binds a public key to its owner. (The certificate is also digitally signed by the CA).

Certification The most famous format for certificates today is called X.509 With the recent boom in E-commerce, there has been increased interest in certification authorities. Among the companies providing CA services are Cybertrust, Netscape, Thawte and VeriSign.

Certificates