PUBLIC KEY CRYPTOGRAPHY ALGORITHM Concept and Example 1IT352 | Network Security |Najwa AlGhamdi
RSA 1.It’s a block cipher algorithm. 2.Plain text and cipher text are integer between 0 to n-1 for some n. 3.RSA algorithm involve the following operations 1.Key Generation. 2.Encryption/Decryption IT352 | Network Security |Najwa AlGhamdi2
RSA - Key Generation Each user generates a public/private key pair by: 1.selecting two large primes at random: p, q & p<> q 2.computing their system modulus n=p.q 3.Calculate ø(n)=(p-1)(q-1) – ø(n) is Euler Totient : عدد الأرقام الموجبة التي اقل من n والقاسم المشترك بينها هو 1. 4.selecting at random the encryption key e – where 1<e<ø(n), gcd(e,ø(n))=1 5.solve following equation to find decryption key d – e.d mod ø(n) = 1 and 0≤d≤n 6.publish their public encryption key: PU={e,n} 7.keep secret private decryption key: PR={d,n} IT352 | Network Security |Najwa AlGhamdi3
RSA – Encryption/ Decryption to encrypt a message M the sender: – obtains public key of recipient PU={e,n} – computes: C = M e mod n, where 0≤M<n to decrypt the ciphertext C the owner: – uses their private key PR={d,n} – computes: M = C d mod n Both Sender and Receiver know the value of n, e. Only receiver knows d. IT352 | Network Security |Najwa AlGhamdi4
Example Plain Text =88; 5IT352 | Network Security |Najwa AlGhamdi ValuesSteps p=17, q = 111.Select two prime numbers N = 17 ×11 = Calculate n = pq ø(n)= 16 × 10 = Calculate ø(n)=(p-1)(q-1) e= 74. Select e such that e is relatively prime to ø(n)= 160 d = 23, because 27 ×7 = 161 = ( 1×160) Determine d such that de mod 160 = 1 {7, 187}Public key {23, 187}Private Key
Example Plain Text =88; sample RSA encryption/decryption is: given message M = 88 (nb. 88<187 ) encryption: C = 88 7 mod 187 = 11 decryption: M = mod 187 = 88 6IT352 | Network Security |Najwa AlGhamdi
1.Diffie-Hellman Key Exchange The purpose is to share a secrete key securely and use it in the encryption. Diffie- Hellman is using discrete logarithm 7IT352 | Network Security |Najwa AlGhamdi
1.Diffie-Hellman Key Exchange: Discrete Logarithm Primitive root of a prime number p is a number whose power generate all integers from 1 to p-1. – A mod p, a^2 mod p, a ^3 mod p.. Contain all numbers from 1 to p-1 Example : p = 7, then a = 3 IT352 | Network Security |Najwa AlGhamdi8 NumberPower 3^0 mod 7 = 10 3^ 1 mod 7 = 31 3^2 mod 7 = 22 3^3 mod 7 = 63 3^4 mod 7 = 44 3^5 mod 7 = 55 ……
2. Diffie Hellman Setup 1. all users agree on global parameters: – large prime integer q – a being a primitive root mod q 2. each user generates their key – User A chooses a secret key (number): x A < q compute their public key: y A = a x A mod q – User B chooses a secret key (number): x B < q compute their public key: y B = a x B mod q IT352 | Network Security |Najwa AlGhamdi9
2. Diffie Hellman Setup 3. Generation of Secret Key User A : K = ( y B ) x A mod q User B : K = ( y A ) x B mod q IT352 | Network Security |Najwa AlGhamdi10
2. Diffie Hellman Key Exchange shared session key for users A & B is K AB : K AB = y A x B mod q (which B can compute) = y B x A mod q (which A can compute) K AB is used as session key in private-key encryption scheme between Alice and Bob if Alice and Bob subsequently communicate, they will have the same key as before, unless they choose new public-keys IT352 | Network Security |Najwa AlGhamdi11 B B A A yAyA yByB
Man in the Middle Attack 1.Darth prepares by creating two private / public keys 2.Alice transmits her public key to Bob 3.Darth intercepts this and transmits his first public key to Bob. Darth also calculates a shared key with Alice 4.Bob receives the public key and calculates the shared key (with Darth instead of Alice) 5.Bob transmits his public key to Alice 6.Darth intercepts this and transmits his second public key to Alice. Darth calculates a shared key with Bob 7.Alice receives the key and calculates the shared key (with Darth instead of Bob) Darth can then intercept, decrypt, re-encrypt, forward all messages between Alice & Bob IT352 | Network Security |Najwa AlGhamdi12