Presentation is loading. Please wait.

Presentation is loading. Please wait.

Asymmetric-Key Cryptography

Published byDwight Sherman Modified over 6 years ago

Similar presentations

Presentation on theme: "Asymmetric-Key Cryptography"— Presentation transcript:

1 Asymmetric-Key Cryptography
Chapter 10 Asymmetric-Key Cryptography Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 1.#

2 Objectives To distinguish between two cryptosystems: symmetric-key and asymmetric-key To introduce trapdoor one-way functions and their use in asymmetric-key cryptosystems To introduce the knapsack cryptosystem as one of the first ideas in asymmetric-key cryptography To discuss the RSA cryptosystem To discuss the Rabin cryptosystem To discuss the ElGamal cryptosystem To discuss the elliptic curve cryptosystem

3 Symmetric Key and Asymmetric Key Ciphers
Symmetric-key cryptosystems Key distribution is difficult Many keys are needed Fast and efficient Asymmetric-key cryptosystems Key distribution is easy Number of keys are less than symmetric-key cryptosystems Slower to encrypt and decrypt

4 Asymmetric Key Cryptosystem
General idea Asymmetric key cryptography uses two separate keys: one private and one public

5 C = f (Kpublic , P) P = g(Kprivate , C)
Asymmetric Key Cryptosystem General idea Public key should be distributed in a trusted way C = f (Kpublic , P) P = g(Kprivate , C)

6 Asymmetric Key Cryptosystem
Hybrid of symmetric and public-key approaches Public key cryptosystem is used to distribute a session key (key for conventional cryptosystem) among peers. Conventional cryptosystem is used to encrypt/decrypt messages

7 Applications for PK Crypto
Encryption/decryption: provides confidentiality The sender encrypts a message with the receiver’s public key. The receiver decrypts the ciphertext with his/her private key. Digital signature : provides authentication The sender signs a message with its private key. The receiver decrypts the ciphertext with the sender’s public key Key exchange Two parties cooperate to exchange a session key The sender generates a session key, and encrypts the session key with the receiver’s public key and sends to the receiver

8 Applications for PK Crypto
Authentication using public-key cryptosystem

9 Applications for PK Crypto
Confidentiality and authentication using public-key cryptosystem

10 Requirements of Asymmetric Key Cryptosystem
For a secure public-key crypto system between Alice and Bob: 1. It’s computationally easy for Bob to generate a key pair. 2. It’s computationally easy for Alice to encrypt a message M generating ciphertext C. 3. It’s computationally easy for Bob to decrypt C. 4. It’s computionally infeasible for an Attacker knowing Bob’s public key to recover the private key. 5. It’s computionally infeasible for an Attacker knowing Bob’s public key to recover the original message.

11 RSA Cryptosystem RSA Developed by Rivest, Shamir, and Adleman
Relies on the difficulty of factoring large numbers

12 RSA Cryptosystem Encryption and decryption in RSA

13 RSA Cryptosystem Relies on the difficulty of factoring large numbers
Choose two large prime numbers, p and q Compute n = pq and z = (p-1)(q-1) Choose a number, e, less than n, which has no common factors (other than 1) with z. (e and z are relatively prime) Find a number, d, such that ed  1 (mod z) Public key : (n, e), private key : (n, d)

14 RSA Cryptosystem Encryption of a plaintext Mi Ci = Mie (mod n)
Decryption of a ciphertext Ci Mi = Cid (mod n)

15 RSA Cryptosystem Proof: Cid (mod n)
= (Mie )d (mod n) ; Ci = Mie (mod n) = Mied (mod n) ; (a b) c = a bc = Mikz+1 (mod n) ; ed  1 (mod z) and ed = kz+1 = MiMikz (mod n) ; ab+1 = aab = MiMik(p-1)(q-1) (mod n) ; z = (p-1)(q-1) = Mi Euler theorem: when p and q are prime, Mik(p-1)(q-1) (mod n) = 1

16 RSA Example Choose two primes p=47 and q=71.
Then, n = pq = 3337, z = 46x70 = 3220 Choose e, relatively prime to z : (e.g.) e = 79 We need a d such that ed  1 (mod z), in other words, d = e-1 mod z : (e.g.) d = (mod 3220) = 1019 Public key: (3337,79), Private key: (3337,1019) Encrypt: 688 -> mod 3337 = 1570. Decrypt: > mod 3337 = 688

17 Optimal asymmetric encryption padding (OAEP)
Short message attack When attacker knows the set of possible plaintexts are small, he can encrypt all of the possible plaintexts until getting the ciphertext OAEP Uses random message padding to protect against short message attack

18 Optimal asymmetric encryption padding (OAEP)

19 RSA Example Example 10.8 Choose a 512-bit p and q (a 159-digit number)

20 RSA Example Example 10.8 n = p x q, Φ(n) = (p − 1)(q − 1) are 309 digit numbers

21 RSA Example Example 10.8 When e = 35535, the inverse of e mod Φ(n), d, is

22 RSA Example Example 10.8 Public key = (e, n), Private key = (d, n)
Encryption of “This is a test” C = Pe mod n

23 ElGamal Cryptosystem Depends on the difficulty of computing discrete logarithms Discrete logarithm problem q: prime number :  < q and a primitive root of q  {  mod q, 2 mod q, …, (q-1) mod q } generates all from 1 to (q-1) When YA = mod q, its difficult to find XA even if we know q, , and YA. XA

24 ElGamal Cryptosystem Encryption and decryption in ElGamal
p must be at least 300 digits and r must be new for each encryption 2

25 ElGamal Cryptosystem Example 10.10
Bob chooses p = 11 and e1 = 2, and d = 3 e2 = e1d = 8 Public key is (2, 8, 11) and the private key is 3 Encryption: Alice chooses r = 4 and calculates C1 and C2 for the plaintext 7 Decryption: Bob receives the ciphertexts (5 and 6) and calculates the plaintext Plaintext:

26 Elliptic Curve Cryptosystem
ECC gives the same level of security with smaller key sizes than RSA or ElGamal General elliptic curve Cryptographic elliptic curves y2 mod p = (x3 + ax + b) mod p p is a prime number a and b : non-negative integers less than p and satisfy (4a3 + 27b2) mod p  0

27 Elliptic Curve Cryptosystem
Example elliptic curves y2 = x3 − 1 y2 = x3 − 4x

28 Elliptic Curve Cryptosystem
Elliptic group Ep(a,b) consists of the non-negative integers in the quadrant from (0,0) to (p,p) on the curve Example: E13(1, 1)

29 Elliptic Curve Cryptosystem
Point at infinity O The sum of three points which are on the EC and lies on a straight line O is the additive identity O + O = O (x1, y1) + O = (x1, y1) (x1, y1) + (x1, -y1) = O

30 Elliptic Curve Cryptosystem
Adding points: P(x1,y1), Q(x2,y2), R(x3,y3)  Ep(a,b) When x1  x2 , (x1, y1) + (x2, y2) = (x3, y3), where x3 = (2 - x1 - x2 ) mod p, y3 = ( (x1 – x3 ) - y1) mod p, and  = (y2 - y1) / (x2 - x1) mod p 2(x1, y1) = (x1, y1) + (x1, y1) = (x3, y3), where x3 = (2 - 2x1) mod p, y3 = ( (x1 – x3 ) - y1) mod p, and  = (3x12 + a) / (2y1) mod p d(x1, y1) = (x1, y1) + (x1, y1) + … + (x1, y1) ; repeat the sum d times

31 Elliptic Curve Cryptosystem
Addition of two points on an elliptic curve

32 Elliptic Curve Cryptosystem
Example 10.15 Let us add two points, R = P + Q, where P = (4, 2) and Q = (10, 6) λ = (6 − 2) × (10 − 4)−1 mod 13 = 4 × 6−1 mod 13 = 5 mod 13 x = (52 − 4 −10) mod 13 = 11 mod 13 y = [5 (4 −11) − 2] mod 13 = 2 mod 13 R = (11, 2)

33 Elliptic Curve Cryptosystem
Cryptography using ECC Find an EC (find a modulus p and parameters a and b) and a point on that curve, say P Take a random scalar d and find G = dP Keep d secret and make public P and G We can find G from d and P easily, but it is difficult to find d from P and G  elliptic curve logarithm problem

34 Elliptic Curve Cryptosystem
Encryption/decryption using ECC –(1) Find an elliptic group Ep(a,b) and G on them; A and B share Ep(a,b) and G Encode message m to a point Pm on Ep(a,b)  now we encrypt Pm User A selects a private key nA and generates a public key PA = nA  G

35 Elliptic Curve Cryptosystem
Encryption/decryption using ECC -(2) Encryption: A chooses a random positive integer k and produces the ciphertext Cm Decryption : B multiplies the first point in the pair by B’s secret key and subtracts the result from the second point: To recover the message, the attacker must compute k from the given G and kG  it is very hard Cm = { kG, Pm + kPB } Pm + kPB – nB(kG) = Pm + k(nBG) – nB(kG) = Pm

36 Elliptic Curve Cryptosystem
Key-exchange using ECC Find an elliptic group Ep(a,b) and G on them and share Ep(a,b) and G among all participants Key-exchange between A and B A selects an integer nA (A’s private key) A generates a public key PA = nA  G B selects a private key nB and a public key PB = nB  G A generates the session key K = nA  PB B generates the session key K = nB  PA K = nB  PA = nB  (nA  G) = nA  (nB  G) = nA  PB

Download ppt "Asymmetric-Key Cryptography"

Similar presentations

Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.

Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.
Asymmetric-Key Cryptography

Asymmetric-Key Cryptography
YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.

YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.
Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.

Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.

Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.
Public Encryption: RSA

Public Encryption: RSA
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.

Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 6 Epayment Security II.

ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.
Introduction to Public Key Cryptography

Introduction to Public Key Cryptography
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.

Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
10.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 10 Symmetric-Key Cryptography.

10.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 10 Symmetric-Key Cryptography.
Public-Key Cryptography CS110 Fall 2002. Conventional Encryption.

Public-Key Cryptography CS110 Fall Conventional Encryption.
BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.

BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.

Similar presentations

Ads by Google