# IS 302: Information Security and Trust Week 4: Asymmetric Encryption

## Presentation on theme: "IS 302: Information Security and Trust Week 4: Asymmetric Encryption"— Presentation transcript:

IS 302: Information Security and Trust Week 4: Asymmetric Encryption
2012

Review Symmetric block ciphers DES 3-DES AES ECB, CBC

key distribution and key management

Asymmetric Cryptosystem
private key d public key e Encryption: C=E(e, P) Decryption: P=D(d, C) Alice e Bob d private public Plaintext Encryption Algorithm E Ciphertext Decryption Algorithm D Plaintext P C P Computationally infeasible © Yingjiu Li 2007

Asymmetric Encryption
Plaintext Public key e Encrypt Private key d Decrypt Plaintext © Yingjiu Li 2007

RSA RSA cryptosystem Rivest-Shamir-Adelman in 1978
Turing award in 2002 © Yingjiu Li 2007

RSA Keys Public keys (n,e), private keys d
n: a composite. n=pq, where p and q are large primes d: an integer, 2<d<n e: an integer, 2<e<n, s.t. for any number x, x=(xe mod n) d mod n © Yingjiu Li 2007

RSA Encryption/Decryption
Encryption of P: C=Pe mod n Decryption of C: P=Cd mod n PKCS: P =plaintext+ random padding < n Why need random padding? C=Pe mod n d n,e n,e Bob insecure channel Alice d: Bob’s private key n,e: Bob’s public key © Yingjiu Li 2007

How to Choose Keys in RSA
Choose 2 large prime numbers p, q Compute n=pq and φ=(p-1)(q-1) Choose e relatively prime to φ Compute d from φ and e such that e*d mod φ =1 Public: n, e Private: p, q, φ, d A Toy Example: Let p = 47, q = 71, then n = pq = 3337, φ=(p-1)(q-1) = 3220 Let e =79, Note φ = 3220 = 22  5  7  23 Solve d from d*79 mod 3220 =1, which gives d = 1019 (using extended Euclidean algorithm) Let P = 688, then C =Pe mod n = 688^79 mod 3337 = 1570 P = Cd mod n = 1570^1019 mod 3337 © Yingjiu Li 2007

RSA Demo Cryptool  indiv. Procedures  RSA
Generate prime numbers Factorization of a number Cryptool  Encrypt/decrypt  RSA encryption (in blocks) RSA decryption © Yingjiu Li 2007

RSA Key Size and Security
key size  size of n n: 1024 bits (309 digits); bits (618 digits); 4096 bits Security  difficulty of Factorizing n=p*q p, q, φ, d A 512 bits (154 digits) n could be factored in several months © Yingjiu Li 2007

RSA Key Size and Security
By the year 2009, a machine that could break a 1024-bit RSA key in about a day would cost at least \$250 million For data that needs to be protected no later than the year 2015, the table indicates that the RSA key size should be at least 1024 bits. For data that needs to be protected longer, the key size should be at least 2048 bits. © Yingjiu Li 2007

Asymmetric vs Symmetric
Key exchange over public channel Scalable for multi-party communication Long keys (e.g., 1024 bits) Slow implementation RSA software can encrypt 7.4~21.6 Kb/sec Fastest RSA hardware can encrypt 1 Mb/sec Symmetric Key exchange must be done over secure channel Non-scalable for multi-party communication Relative short keys (e.g., 128 bits) Fast implementation In software, DES is generally 100 times faster than RSA In hardware, DES is between 1000 to 10,000 times faster © Yingjiu Li 2007

Scenario RSA is too slow, not suitable for large P © Yingjiu Li 2007

Question Can we have a fast (as AES) and scalable crypto-system without secure channel (as RSA)? Envelop encryption: combine AES and RSA Es: AES encryption Ds: AES decryption k: AES key Ea: RSA encryption Da: RSA decryption (e,n): RSA public key; d: RSA private key © Yingjiu Li 2007

Envelop Encryption (1) Alice selects a random session key (AES key) k, and gets C1=Es(k,P) (using AES) Mallory C1= Es(k,P) Bob Alice © Yingjiu Li 2007

Envelop Encryption (2) Alice uses Bob’s public key e,n to encrypt k (using RSA), and gets C2=Ea(e,n,k) Mallory C2=Ea(e,n,k) C1= Es(k,P) Bob Alice © Yingjiu Li 2007

Communication Alice sends C1 and C2 together to Bob Mallory Bob Alice
C2=Ea(e,n,k) C1= Es(k,P) Bob Alice © Yingjiu Li 2007

Envelop Decryption (1) Bob uses his private key d to decrypt C2 (using RSA) and gets k = Da(d,C2) Mallory C2=Ea(e,n,k) C1= Es(k,P) Bob Alice k=Da(d,C2) © Yingjiu Li 2007

Envelop Decryption (2) Bob uses k to decrypt C1 (using AES) and gets P=Ds(k,C1) Mallory C2=Ea(e,n,k) C1= Es(k,P) Bob Alice k=Da(d,C2) P=Ds(k,C1) © Yingjiu Li 2007

Demo Cryptool  Encrypt/Decrypt  Hybrid  RSA-AES encryption
RSA-AES decryption © Yingjiu Li 2007

Generate RSA key pairs of 1024 and 2048 bits Instruction 2.1 RSA encryption and decryption for small file and large file Instruction 2.2 © Yingjiu Li 2007

Review When we say the key length of RSA is 1024 bits, we mean
n ) p,q ) e,d Alice encrypts her message for Bob in RSA, which key should she use in encryption? Alice’s private key Alice’s public key Bob’s public key Alice encrypts her message for Bob in envelop encryption, which of the following is true? Alice uses her private key to encrypt a session key, and uses the session key to encrypt her message Alice uses her public key to encrypt a session key, and uses the session key to encrypt her message Alice uses Bob’s public key to encrypt a session key, and uses the session key to encrypt her message © Yingjiu Li 2007

Assignment 1 Submit hardcopy today © Yingjiu Li 2007

Download ppt "IS 302: Information Security and Trust Week 4: Asymmetric Encryption"

Similar presentations