Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Cryptography Hyunsung Kim, PhD University of Malawi, Chancellor College Kyungil University February, 2016.

Published byBeverly Summers Modified over 8 years ago

Similar presentations

Presentation on theme: "Introduction to Cryptography Hyunsung Kim, PhD University of Malawi, Chancellor College Kyungil University February, 2016."— Presentation transcript:

1 Introduction to Cryptography Hyunsung Kim, PhD kim@kiu.ac.kr University of Malawi, Chancellor College Kyungil University February, 2016

2 2/38 Contents 4. Crash course in Number Theory 5. Running time of algorithms

3 Crash course in Number Theory Properties of |  Let ℤ denote the integers ….., -2, -1, 0, 1, 2, …..  If a, b  ℤ, we say a divides b if b=na for some n  ℤ and write a|b 3/38

4 Crash course in Number Theory Properties of |  If a, b, c  ℤ and a|b then a|bc  If a|b and b|c then a|c  If a|b and b|c then a|b  c  If a|b and b ∤ c (not divide) then a ∤ b  c 4/38

5 Crash course in Number Theory Prime numbers  A natural number greater than 1 that has no positive divisors other than 1 and itself  The primes are 2, 3, 5, 7, 11, 13, … 5/38 21  32  5121  32  51

6 Crash course in Number Theory Greatest Common Divisors (GCD) 6/38 6 1 We say that two numbers with GCD equal to 1 are relatively prime  ℤ ≥ 0 Given a, b  ℤ ≥ 0, not both 0, the greatest common divisor of a and b is the largest integer d dividing both a and b

7 Crash course in Number Theory The Euclidean Algorithm 7/38 The number above the 0 is the GCD. So GCD(329,119) = 7 GCD(a, b) = b if a mod b = 0, GCD(a, b) = b if a mod b = 0, and GCD(a, b) = GCD(b, a mod b) otherwise and GCD(a, b) = GCD(b, a mod b) otherwise The Euclidean algorithm for GCDing is very fast with large numbers GCD(329, 119), 329 = 2  119+91 GCD(119, 91), 119 = 1  91+28 GCD(91, 28), 91 = 3  28+7 GCD(28, 7), 28 = 4  7+0 7

8 Crash course in Number Theory 8/38 So we have 7 = 4  329 – 11  119 where n=4 and m=-11 At each step, replace the smaller colored number 7 = 91 – 3  28 replace smaller = 91 – 3(119 – 1  91) simplify = 4  91 – 3  119 replace smaller = 4  (329 – 2  119) – 3  119 simplify 7 = 4  329 – 11  119

9 Crash course in Number Theory 9/38 Number theorists a ≡ b (mod m) if m | a - b In words: a and b differ by a multiple of m In general working mod m breaks the integers into m subsets Each subset contains exactly one representative in the range [0, m – 1] ℤℤ ℤ m The set of subsets is denoted ℤ / m ℤ or ℤ m

10 Crash course in Number Theory 10/38 Computer scientists b (mod m) = r is the remainder you get 0 ≤ r < m So, 12 (mod 5) is 2 and 7 (mod 5) is 2 Clock arithmetic is mod 12 If it’s 7 hours after 11 then it’s 6 o’clock because 11 + 7 = 18 ≡ 6 (mod 12) Even numbers are those numbers that are ≡ 0 (mod 2) Odd numbers are those that are ≡ 1 (mod 2)

11 Crash course in Number Theory 11/38 1. 1. a ≡ a (mod m) 2. 2. If a ≡ b (mod m) then b ≡ a (mod m) 3. 3. If a ≡ b (mod m) and b ≡ c (mod m) then a ≡ c (mod m) 4. 4. If a ≡ b (mod m) and c ≡ d (mod m) then a  c ≡ b  d (mod m) and a  c ≡ b  d (mod m) 5. ℤℤ ℤℤ 5. An element x of ℤ / m ℤ has a multiplicative inverse 1/x or x -1 in ℤ / m ℤ when GCD(x, m)=1 ℤℤ ℤℤ * The elements of ℤ /m ℤ with inverses are denoted ℤ /m ℤ * Note 1/2 = 2 -1 ≡ 3 (mod 5) since 2  3 ≡ 1 (mod 5) ℤℤ Work in ℤ /9 ℤ = {0, 1, …, 8} we can use +, -,  ℤℤ * Work in ℤ /9 ℤ * ={1, 2, 4, 5, 7, 8} we can use , 

12 Crash course in Number Theory 12/38 Find the inverse of 7 mod 9 9 = 1  7 + 2 7 = 3  2 + 1 2 = 2  1 + 0 So 1 = 7 – 3  2 1 = 7 – 3 (9 – 7) 1 = 4  7 + 3  9 We have 1 = 4  7 - 3  9 ≡ 4  7 - 3  0 ≡ 4  7 (mod 9). So 1 ≡ 4  7 (mod 9). So 7 -1 ≡ 4 (mod 9) Can 6 have an inverse of (mod 9)?

13 Crash course in Number Theory 13/38 function inverse(a, m) { t = 0; t new = 1; r = m; r new = a; while r new ≠ 0 quotient = r div r new ; (t, t new ) = (t new, t - quotient * t new ); (r, r new ) = (r new, r - quotient * r new ); if r > 1 then return "a is not invertible"; if t < 0 then t = t + m; return t; }

14 Crash course in Number Theory 14/38 6. 6. If a ≡ b (mod m) and GCD(c, m) = 1 then ac -1 ≡ bc -1 (mod m) or a/c ≡ b/c (mod m) In other words, division works well as long as you divide by something relatively prime to the modulus m, i.e. invertible. It is like avoiding dividing by 0 7. 7. Solving ax ≡ b (mod m) with a, b, m given. If GCD(a, m) = 1 then the solutions are all numbers x ≡ a -1 b (mod m) If GCD(a, m) = g then there are solutions when g|b The equation is equivalent to a/xg ≡ b/g (mod m/g) Now GCD(a/g, m/g)=1 so x ≡ (a/g) -1 (b/g)(mod m/g) are the solutions g ∤ b If g ∤ b then there are no solutions

15 Crash course in Number Theory 15/38 Since GCD(7, 11) = 1 then we have solutions So x ≡ 7 -1  6 (mod 11) Find 7 -1 (mod 11) 11 = 1  7 + 4 7 = 1  4 + 3 4 = 1  3 + 1 So 1 = 4 – 1 (3) 1 = 4 – 1 (7 – 1  4) 1 = 2  4 - 1  7 1 = 2 (11 - 1  7) - 1  7 = 2  11 - 3  7 3

16 Crash course in Number Theory 16/38 Thus 1 ≡ -3  7 (mod 11) and 1 ≡ 8  7 (mod 11) So 7 -1 ≡ 8 (mod 11) So x ≡ 6  8 ≡ 4 (mod 11)

17 Crash course in Number Theory 17/38 Since GCD(6, 10) = 2 and 2|8 then we have solutions! So, this is the same as 3x ≡ 4 (mod 5). We get 3 -1 ≡ 2 (mod 5) So x ≡ 4  2 (mod 5) ≡ 3 (mod 5)  ℤ Another way to write that is x = 3 + 5n where n  ℤ Yet another is x ≡ 3 or 8 (mod 10)

18 Crash course in Number Theory 18/38 ∤ Can’t since GCD(6, 10) = 2 and 2 ∤ 7 (Has no solutions)

19 Crash course in Number Theory 19/38 The integers that are 1 mod 17 are those of the form 17n+1 The first few positive integers that are 17n+1 bigger than 1 are 18, 35, 52 Note 18=2  9; so 2  9 ≡ 1 (mod 17) and 2 -1 ≡ 9 (mod 17) and 9 -1 ≡ 2 (mod 17) We also have 18=3  6, so 3 and 6 are inverses mod 17 We have 35=5  7 so 5 and 7 are inverses Try going back 18=2  9 ≡ (-2)(-9)≡15  8 Furthermore, 18=3  6 ≡ (-3)(-6)≡14  11 Similarly, we have 35=5  7 ≡ (-5)(-7)≡12  10 Note that 16 ≡ -1 and 1=(-1)(-1)≡16  16 ℤ /17 ℤ * So now we have the inverse of all elements of ℤ /17 ℤ *

20 Crash course in Number Theory 20/38 ℤ >0, ℤ /n ℤ * = {a|1≤a≤n, GCD(a, n)=1}.  (n) ℤ /n ℤ * Let n  ℤ >0, Let ℤ /n ℤ * = {a|1≤a≤n, GCD(a, n)=1}. Then the Euler Phi function n denoted  (n) is | ℤ /n ℤ * | ℤ /12 ℤ * = {1, 5, 7, 11} So  (12) = 4 We have  (5) = 4 and  (6) = 2  (p) In general if p is prime then  (p) = p - 1

21 Crash course in Number Theory 21/38 p  (p r )= p r – p r-1 = p r-1 (p-1) If r≥1, and p is prime, then  (p r )= p r – p r-1 = p r-1 (p-1)  (5 3 ) = 5 2 ( 5 - 1 ) = 100  (p) So if n = ∏p i α i then  (p) = p 1 α 1 -1 (p 1 – 1)… p r α r -1 (p r – 1)  (mn)=  (m)  (n) If GCD(m, n) = 1 then  (mn)=  (m)  (n)  (720) =  (2 4 )  (3 2 )  (5) = 2 3 (2 – 1)3 1 (3 – 1)(5 - 1) = 192

22 Crash course in Number Theory 22/38 p If p is prime and a  ℤ then a p ≡ a (mod p). If p does not divide a then a p-1 ≡ 1 (mod p) So it is guaranteed that 4 11 ≡ 4 (mod 11) since 11 is prime and 6 11 ≡ 6 (mod 11) and 2 10 ≡ 1 (mod 11). You can check that they are all true!  (m) = 1 (mod m) If GCD(a, m) = 1 then a  (m) = 1 (mod m)  (10) =  (5)  (2) = 4  1. ℤ /10 ℤ * ={1, 3, 7, 9} Consider  (10) =  (5)  (2) = 4  1. ℤ /10 ℤ * ={1, 3, 7, 9} So it is guaranteed that 1  (10) ≡ 1 4 ≡ 1 (mod 10), 3 4 ≡ 1 (mod 10), 7 4 ≡ 1 (mod 10) and 9 4 ≡ 1 (mod 10)

23 Crash course in Number Theory 23/38 a b  (m)  ℤ ≥ 0 a c b m If GCD(c, m)=1 and a ≡ b (mod  (m)) with a, b  ℤ ≥ 0 then c a ≡ c b (mod m)  (21) =  (7)  (3) = 6  2 = 12 5 Note  (21) =  (7)  (3) = 6  2 = 12 and 3005 ≡ 5 (mod 12) 2 3005 2 5 11 So 2 3005 ≡ 2 5 ≡ 32 ≡ 11 (mod 21)  (m) In other words, exponents work mod  (m) as long as the bases are relatively prime

24 Enciphering Transformation 24/38 P Let P be the set of possible plaintext messages For example it might be the set {A, B, … Z} of size 26 or the set {AA, AB, …, ZZ} of size 26 2 Let C be the set of possible ciphertext messages An enciphering transformation f is a map from P to C f shouldn’t send different plaintext messages to the same ciphertext message (so f should be one-to-one, or injective) f : P  C and f -1 : C  P; together forms a cryptosystem

25 Enciphering Transformation 25/38 P =0, =1, …, =25. P is plaintext letter/number A=0, B=1, …, Z=25. The Caesar cipher is an example and so… Encryption is given by C ≡ P + 3 (mod 26) Decryption is given by P ≡ C - 3 (mod 26) If you have an N letter alphabet, a shift enciphering transformation is C ≡ P + b (mod N) where b is the encrypting key and –b is the decrypting key

26 Enciphering Transformation  For cryptanalysis, Eve needs to know it’s a shift transformation and needs to find b  In general, one must assume that the nature of the cryptosystem is known (here a shift) 26/38 Say you intercept a lot of C and want to find b so you can decrypt future messages. Methods Try all 26 possible b’s. Probably only one will give sensible P Use frequency analysis. You know E = 4 is the most common letter in English. You have a lot of C and notice that J = 9 is the most common letter in the C so you try b = 5 Say you intercept a lot of C and want to find b so you can decrypt future messages. Methods Try all 26 possible b’s. Probably only one will give sensible P Use frequency analysis. You know E = 4 is the most common letter in English. You have a lot of C and notice that J = 9 is the most common letter in the C so you try b = 5

27 Affine Enciphering Transformation 27/38 An Affine enciphering transformation is of the form C ≡ aP + b (mod N) where the pair (a, b) is the encrypting key. You need GCD(a, N)=1 or else different P’s will encrypt as the same C (as there are N/GCD(a, N) possible aP’s). C ≡ 4P + 5 (mod 26). Note B = 1 and O = 14 go to 9 = J C ≡ 3P + 5 (mod 26) is OK since GCD(3, 26) = 1

28 Affine Enciphering Transformation 28/38 P = U = 20 C≡ 3  20 + 4 (mod 26) ≡ 64 ≡ 12 (mod 26) AliceBob message U C ≡ aP + b (mod N)a=3, b=4 C=12 Inverse of 3 over (mod 26)? C - 4 ≡ 3P (mod 26) 3 -1 (C – 4) ≡ P (mod 26) 3 -1 ≡ 9 (mod 26) So P ≡ 9(12 – 4) (mod 26) ≡ 9  8 ≡ 20 (mod 26)

29 Affine Enciphering Transformation 29/38 In general Encryption : C ≡ aP + b (mod N) and Decryption : P ≡ a -1 (C – b) (mod N) The decryption key is (a -1, -a -1 b) In general Encryption : C ≡ aP + b (mod N) and Decryption : P ≡ a -1 (C – b) (mod N) The decryption key is (a -1, -a -1 b)

30 Affine Enciphering Transformation Cryptanalysis  How to cryptanalyze Affine system?  We have N=26  You could try all  (26)  26 = 312 possible key pairs (a, b) or do frequency analysis 30/38 Have two unknown keys. So, you need two equations. Assume you are the enemy and you have a lot of C. You find Y=24 is the most common and H=7 is the second m ost common. In English, E=4 is the most common and T=19 is the second most common. Let’s say that decryption is by P ≡ a C + b (mod 26), where a=a -1 and b =-a -1 b.

31 Affine Enciphering Transformation Cryptanalysis 31/38 First, we find (a, b ) by using P ≡ a C + b (mod 26). We assume 4≡a 24+b (mod 26) and 19≡a 7+b (mod 26). By subtracting, we get 17a ≡ 4-19 ≡ 4+7 ≡ 11 (mod 26). So, a ≡ 17 -1 11 (mod 26). We can use the Euclidean algorithm to find 17 -1 ≡23(mod 26). So a ≡ 23  11 ≡ 19 (mod 26). Plugging this into an earlier equation, we see 19≡a 7+b (mo d 26) ≡ 19  7+b (mod 26) and so b ≡ 16 (mod 26). Thus, P ≡ a C + b (mod 26) ≡ 19C + 16 (mod 26).

32 Cryptanalysis 32/38 Cryptanalysis is the breaking of codes or the study of breaking codes Cryptosystems come in 3 kinds Those that have been broken (most) Those that have not yet been analyzed (because they are new and not yet widely used) Those that have been analyzed but not broken (RSA, Discrete log cryptosystems, triple DES, AES)

33 Cryptanalysis 33/38 3 most common ways for the enemy to turn ciphertext into plaintext Steal / purchase / bribe to get key Exploit sloppy implementation / protocol problems (hacking) Cryptanalysis 3 most common ways for the enemy to turn ciphertext into plaintext Steal / purchase / bribe to get key Exploit sloppy implementation / protocol problems (hacking) Cryptanalysis

34 Stream Ciphers 34/38 Modern stream ciphers are symmetric key cryptosystems So, Alice and Bob must agree on a key beforehand The plaintext is turned into ASCII So, Alice and Bob must agree on a key beforehand The plaintext is turned into ASCII The plaintext Go would be encoded as 01000111 01101111 They both generate the same random bit stream like 01111101 10001101, which we call the keystream Alice gets the ciphertext by bit-by-bit XORing

35 Stream Ciphers 35/38

36 Stream Ciphers 36/38 Plaintext (Go) Key XOR Ciphertext 01000111 01101111 01111101 10001101 00111010 11100010  Ciphertext Key XOR Plaintext (Go) 00111010 11100010 01111101 10001101 01000111 01101111 

37 Stream Ciphers 37/38 Let p i be the ith bit of plaintxt, k i be the ith bit of keystream and c i be the ith bit of ciphertext. Then here c i = p i  k i and p i = c i  k i

38 Finite Fields 38/38 ℤℤ = p If p is a prime, we rename ℤ /p ℤ = p, the field with p elements {0, 1, … p-1} All elements α other than 0 have GCD(α, p)=1 so we can find α -1 (mod p) So it’s like other fields like the rationals, reals and complex numbers  p * Denote {0, 1, … p-1} by  p * here we do +,   p * The group  p * is a cyclic group  p * The group  p * has generators g (also called primitive roots of p) 12 p-1 The sets {g, g 1, g 2, …, g p-1 } and {1, … p-1} are the same (though the elements will be in different orders)

Download ppt "Introduction to Cryptography Hyunsung Kim, PhD University of Malawi, Chancellor College Kyungil University February, 2016."

Similar presentations

RSA COSC 201 ST. MARY’S COLLEGE OF MARYLAND FALL 2012 RSA.

RSA COSC 201 ST. MARY’S COLLEGE OF MARYLAND FALL 2012 RSA.
Cryptography and Network Security

Cryptography and Network Security
Fubswrjudskb Frxuvh qxpehu:4003-482 / 4005-705 Lqvwuxfwru:Lyrqd Ehcdnryd Wrgdb’v Wrslfv: 1.Orjlvwlfv: -Fodvv olvw -Vboodexv 2. Wkh Pdwk 3. Zkdw lv Fubswrjudskb.

Fubswrjudskb Frxuvh qxpehu: / Lqvwuxfwru:Lyrqd Ehcdnryd Wrgdb’v Wrslfv: 1.Orjlvwlfv: -Fodvv olvw -Vboodexv 2. Wkh Pdwk 3. Zkdw lv Fubswrjudskb.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
The Integers and Division. Outline Division: Factors, multiples Exercise 2.3 Primes: The Fundamental Theorem of Arithmetic. The Division Algorithm Greatest.

The Integers and Division. Outline Division: Factors, multiples Exercise 2.3 Primes: The Fundamental Theorem of Arithmetic. The Division Algorithm Greatest.
22C:19 Discrete Structures Integers and Modular Arithmetic

22C:19 Discrete Structures Integers and Modular Arithmetic
BY : Darshana Chaturvedi.  INTRODUCTION  RSA ALGORITHM  EXAMPLES  RSA IS EFFECTIVE  FERMAT’S LITTLE THEOREM  EUCLID’S ALGORITHM  REFERENCES.

BY : Darshana Chaturvedi.  INTRODUCTION  RSA ALGORITHM  EXAMPLES  RSA IS EFFECTIVE  FERMAT’S LITTLE THEOREM  EUCLID’S ALGORITHM  REFERENCES.
22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.

22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.
Notation Intro. Number Theory Online Cryptography Course Dan Boneh

Notation Intro. Number Theory Online Cryptography Course Dan Boneh
15-251 Great Theoretical Ideas in Computer Science.

Great Theoretical Ideas in Computer Science.
Session 4 Asymmetric ciphers.

Session 4 Asymmetric ciphers.
CNS2010handout 8 :: introduction to number theory1 computer and network security matt barrie.

CNS2010handout 8 :: introduction to number theory1 computer and network security matt barrie.
Windows Core Security1© 2006 Microsoft Corp Cryptography: Helping Number Theorists Bring Home the Bacon Since 1977 Dan Shumow SDE Windows Core Security.

Windows Core Security1© 2006 Microsoft Corp Cryptography: Helping Number Theorists Bring Home the Bacon Since 1977 Dan Shumow SDE Windows Core Security.
Chapter 4 – Finite Fields Introduction  will now introduce finite fields  of increasing importance in cryptography AES, Elliptic Curve, IDEA, Public.

Chapter 4 – Finite Fields Introduction  will now introduce finite fields  of increasing importance in cryptography AES, Elliptic Curve, IDEA, Public.
CSE 321 Discrete Structures Winter 2008 Lecture 8 Number Theory: Modular Arithmetic.

CSE 321 Discrete Structures Winter 2008 Lecture 8 Number Theory: Modular Arithmetic.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013.

L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013.
Codes, Ciphers, and Cryptography-RSA Encryption

Codes, Ciphers, and Cryptography-RSA Encryption
1 CIS 5371 Cryptography 8. Asymmetric encryption-.

1 CIS 5371 Cryptography 8. Asymmetric encryption-.
1 Introduction to Codes, Ciphers, and Cryptography Michael A. Karls Ball State University.

1 Introduction to Codes, Ciphers, and Cryptography Michael A. Karls Ball State University.

Similar presentations

Ads by Google