Presentation is loading. Please wait.

Presentation is loading. Please wait.

NET 311 Information Security

Published byHillary Stokes Modified over 5 years ago

Similar presentations

Presentation on theme: "NET 311 Information Security"— Presentation transcript:

1 NET 311 Information Security
Networks and Communication Department Lecture 4: Asymmetric Ciphers

2 lecture contents: Public-Key Cryptography Why Public-Key Cryptography?
RSA Cryptography 4-Dec-18 Networks and Communication Department

3 Private-Key Cryptography
traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications are compromised also is symmetric, parties are equal hence does not protect sender from receiver forging a message & claiming is sent by sender 4-Dec-18 Networks and Communication Department

4 Public-Key Cryptography
probably most significant advance in the 3000 year history of cryptography uses two keys – a public & a private key asymmetric since parties are not equal uses clever application of number theoretic concepts to function 4-Dec-18 Networks and Communication Department

5 Why Public-Key Cryptography?
Developed to address two key issues: key distribution – how to have secure communications in general without having to trust a KDC with your key digital signatures – how to verify a message comes intact from the claimed sender The concept of public-key cryptography evolved from an attempt to attack two of the most difficult problems associated with symmetric encryption: key distribution and digital signatures. The first problem is that of key distribution, which under symmetric encryption requires either (1) that two communicants already share a key, which somehow has been distributed to them; or (2) the use of a key distribution center. This seemed to negated the very essence of cryptography: the ability to maintain total secrecy over your own communication. The second was that of "digital signatures." If the use of cryptography was to become widespread, not just in military situations but for commercial and private purposes, then electronic messages and documents would need the equivalent of signatures used in paper documents. The idea of public key schemes, and the first practical scheme, which was for key distribution only, was published in 1976 by Diffie & Hellman. The concept had been previously described in a classified report in 1970 by James Ellis (UK CESG) - and subsequently declassified [ELLI99]. Its interesting to note that they discovered RSA first, then Diffie-Hellman, opposite to the order of public discovery! There is also a claim that the NSA knew of the concept in the mid-60’s [SIMM93]. 4-Dec-18 Networks and Communication Department

6 Public-Key Cryptography
public-key/two-key/asymmetric cryptography involves the use of two keys: a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures a related private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures Is asymmetric because those who encrypt messages or verify signatures cannot decrypt messages or create signatures Asymmetric algorithms rely on one key for encryption and a different but related key for decryption. These algorithms have the following important characteristic: • It is computationally infeasible to determine the decryption key given only knowledge of the cryptographic algorithm and the encryption key. In addition, some algorithms, such as RSA, also exhibit the following characteristic: • Either of the two related keys can be used for encryption, with the other used for decryption. Anyone knowing the public key can encrypt messages or verify signatures, but cannot decrypt messages or create signatures, thanks to some clever use of number theory. 6

7 Public-Key Cryptography
Stallings Figure 9.1a “Public-Key Cryptography”, shows that a public-key encryption scheme has six ingredients: • Plaintext: the readable message /data fed into the algorithm as input. • Encryption algorithm: performs various transformations on the plaintext. • Public and private keys: a pair of keys selected so that if one is used for encryption, the other is used for decryption. The exact transformations performed by the algorithm depend on the public or private key that is provided as input. • Ciphertext: the scrambled message produced as output. It depends on the plaintext and the key. For a given message, two different keys will produce two different ciphertexts. • Decryption algorithm: accepts the ciphertext and matching key and produces the original plaintext. Consider the following analogy using padlocked boxes: traditional schemes involve the sender putting a message in a box and locking it, sending that to the receiver, and somehow securely also sending them the key to unlock the box. The radical advance in public key schemes was to turn this around, the receiver sends an unlocked box (their public key) to the sender, who puts the message in the box and locks it (easy - and having locked it cannot get at the message), and sends the locked box to the receiver who can unlock it (also easy), having the (private) key. An attacker would have to pick the lock on the box (hard). 7

8 Asymmetric-Key Cryptography
Asymmetric-key (public key cryptography) uses two keys: one private and one public. There are two algorithms: RSA ELGAMAL

9 Public-Key Applications
can classify uses into 3 categories: encryption/decryption (provide secrecy) digital signatures (provide authentication) key exchange (of session keys) some algorithms are suitable for all uses, others are specific to one Public-key systems are characterized by the use of a cryptographic type of algorithm with two keys. Depending on the application, the sender uses either the sender’s private key or the receiver’s public key, or both, to perform some type of cryptographic function. In broad terms, we can classify the use of public-key cryptosystems into the three categories: • Encryption/decryption: The sender encrypts a message with the recipient’s public key. • Digital signature: The sender “signs” a message with its private key, either to the whole message or to a small block of data that is a function of the message. • Key exchange: Two sides cooperate to exchange a session key. Several different approaches are possible, involving the private key(s) of one or both parties. Some algorithms are suitable for all three applications, whereas others can be used only for one or two of these applications. Stallings Table 9.3 (shown here) indicates the applications supported by the algorithms discussed in this book. 9

10 Modular arithmetic This example is modulo 7
The numbers allowed are 0 to 6 After 6, numbers “wrap around” 7 (mod 7) = 0 3+3 (mod 7)= (mod 7)= 1 5 6 1 2 3 4

11 RSA The most common public key algorithm is RSA, named for its inventors Rivest, Shamir, and Adelman. It uses two numbers: e  public key d private The two keys, e and d, have a special relationship to each other.

12 RSA

13 RSA – selecting keys Bob uses the following steps to select the private and public keys: Bob chooses two very large prime numbers p and q Bob multiplies p and q to find n  n=p x q Bob calculates another number ф = (p -1) X (q -1) Bob chooses a random encryption number e, where 1< e< ф and gcd(e, ф)=1 He then calculates d so that d X e mod ф = 1 Bob announces e and n to the public; he keeps ф and d secret. where φ(n) is the Euler totient function.

14 RSA – Encryption and Decryption
Restriction P < n , if not, the plaintext needs to be divided into blocks to make P less than n.

15 RSA Exercise Encrypt the following message “NO” By Using RSA algorithm. Assume that p=17, q =11, and e= 7 Hint, each character will be encoded according to this algorithm (A - Z)  (00 – 25) Find d , then encrypt each character individually .

16 The solution Step1: calculate n, where n= p x q = 17 x 11 = 187
Step2: calculate ɸ where ɸ = (p-1) x (q-1) = 16 X 10 =160 Step3: calculate d, where e is given e . d mod ɸ=1 7d mod 160 =1  d=23 This is because 23 X 7 = 161 = ( 1 X 160) + 1

17 The solution Step5: encode the plaintext. P=“NO”= 13 14
Step6: C= pe mod n C(N)= (13 ) 7 mod 187 = 106 C(O)=(14) 7 mod 187= 108 Step7: P= Cd mod n P(106)= (106) 23 mod 187 =13 P(108)= (108) 23 mod 187 =14

18 Example 2 Using e=13 ,d=37, n=77 in the RSA algorithm encrypt the message "IF" using the value of 00 to 25 for letters A to Z, do the encryption character by character. I = 8  C=p^e  8^13 mod 77= 50 F=5  5^13 mod77 = 26 4-Dec-18 Networks and Communication Department

19 Example 3 Using e=7 ,d=23, n=187 in the RSA algorithm encrypt the message M = 88. C= 88 7  88 7 mod 187 = [(88 4 mod 187) × (88 2mod 187) × (881 mod 187)] mod 187 881 mod 187 = 88 882 mod 187 = 7744 mod 187 = 77 884 mod 187 = 59,969,536 mod 187 = 132 88 7 mod 187 = (88 × 77 × 132) mod 187 = 894,432 mod 187 = 11 OR 88 7 mod 187 = [(88 2mod 187) x (88 2mod 187) × (88 2mod 187) × (881 mod 187)] mod 187 88 7 = (88*77*77*77) mod 187 =11 4-Dec-18 Networks and Communication Department

20 RSA- Application RSA is useful for short messages but not for long messages. RSA is used in digital signature , and authentication algorithms.

21 Diffie-Hellman Procedure
Step 1: Alice chooses a large random number a and calculates R1 = ga mod p Step 2: Bob chooses another large random number b and calculates R2 = gb mod p Step 3: Alice sends R1 to Bob Step 4: Bob sends R2 to Alice Step 5: Alice calculates K = (R2) a mod p Step 6: Bob also calculates K = (R1) b mod p

22 Diffie-Hellman Example
By giving g and p the following values g = 7 and p = 23, calculate the key. The steps are as follows: Alice chooses a = 3 and calculates R1 = 73 mod 23 = 21. 2. Bob chooses b = 6 and calculates R2 = 76 mod 23 = 4. 3. Alice sends the number 21 to Bob. 4. Bob sends the number 4 to Alice. 5. Alice calculates the symmetric key K = 43 mod 23 = 18. 6. Bob calculates the symmetric key K = 216 mod 23 = 18.

23 Diffie-Hellman Example
The value of K is the same for both Alice and Bob; gab mod p = 718 mod 23 = 18. Therefore, we can say that symmetric (shared) key in the Diffie-Hellman protocol is K = gab mod p.

24 Diffie-Hellman characteristics
In the Diffie-Hellman cryptosystem, two parties create a symmetric session key to exchange data without having to remember or store the key for future use. They do not have to meet to agree on the key; it can be done through the Internet. The two parties need to choose two numbers p and g, both number announced to the public. P large prime number g random number

25 Diffie-Hellman Cont. Diffie-Hellman is a very sophisticated symmetric-key creation algorithm. If a and b are very large numbers, it is extremely difficult for Eve to find the key, knowing only p and g. An intruder needs to determine a and b if R1 and R2 are intercepted. The key will be changed each time the two parities need to communicate.

26 Diffie-Hellman

Download ppt "NET 311 Information Security"

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Public Key Cryptography Nick Feamster CS 6262 Spring 2009.

Public Key Cryptography Nick Feamster CS 6262 Spring 2009.
Cryptography and Network Security Chapter 9

Cryptography and Network Security Chapter 9
Public Key Algorithms …….. RAIT M. Chatterjee.

Public Key Algorithms …….. RAIT M. Chatterjee.
Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.

Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
Cryptography and Network Security Chapter 9. Chapter 9 – Public Key Cryptography and RSA Every Egyptian received two names, which were known respectively.

Cryptography and Network Security Chapter 9. Chapter 9 – Public Key Cryptography and RSA Every Egyptian received two names, which were known respectively.
Public Key Cryptography and the RSA Algorithm

Public Key Cryptography and the RSA Algorithm
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.

Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.

Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Chapter 9 – Public Key Cryptography and RSA Private-Key Cryptography  traditional private/secret/single key cryptography uses one key  shared by both.

Chapter 9 – Public Key Cryptography and RSA Private-Key Cryptography  traditional private/secret/single key cryptography uses one key  shared by both.
The RSA Algorithm JooSeok Song 2007. 11. 13. Tue.

The RSA Algorithm JooSeok Song Tue.
Introduction to Public Key Cryptography

Introduction to Public Key Cryptography
 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.

 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.
Rachana Y. Patil 1 1.

Rachana Y. Patil 1 1.
Prime Numbers Prime numbers only have divisors of 1 and self

Prime Numbers Prime numbers only have divisors of 1 and self
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.

10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Similar presentations

Ads by Google