Presentation is loading. Please wait.

Presentation is loading. Please wait.

Public key ciphers 2 Session 6.

Published byTamsin Davis Modified over 8 years ago

Similar presentations

Presentation on theme: "Public key ciphers 2 Session 6."— Presentation transcript:

1 Public key ciphers 2 Session 6

2 Contents The discrete logarithm problem
The Diffie-Hellman key exchange

3 The discrete logarithm problem
Over the real numbers, exponentiation (finding y=bx ) is not significantly easier than the inverse operation (finding x=logb(y)) Over GF(pn) the algorithm for modular exponentiation or repeated squaring makes exponentiation easy But finding logb(y) is considered to be a difficult problem

4 The discrete logarithm problem
Definition (Discrete logarithm) If G is a finite group, b is an element of G and y is an element of G such that y=bx, then the discrete logarithm of y for the base b is any integer x such that bx = y

5 The discrete logarithm problem
Example (1) Let f(x)=x2-x-1 be an irreducible polynomial over GF(32) The elements of the multiplicative group of the field are the powers of a primitive element  (1) 0=101 1=10 2=2 mod (2--1)=+111 3=2=(+1)=2+=+1+=2+121

6 The discrete logarithm problem
Example (2) The elements of the multiplicative group of the field (2) 4=3=(2+1)=22+=2(+1)+=2+2+=202 5=4=220 6=5=2=22=2(+1)=2+222 7=6=(2+2)=22+2=2(+1)+2=2+2+2= = +212 00 is also an element of the field

7 The discrete logarithm problem
Example (3) The logarithm log(02)=log(4)=4 We do not know a polynomial algorithm for determining the discrete log in a general case (i.e. in any group)

8 The discrete logarithm problem
Known algorithms for solving DLP (1) Algorithms that work in arbitrary groups Exhaustive search Baby-step giant-step algorithm Etc. Algorithms that work in arbitrary groups, but are especially efficient if the order of the group has only small prime factors Example: the Pohlig-Hellman algorithm

9 The discrete logarithm problem
Known algorithms for solving DLP (2) The index calculus algorithms, which are efficient only in certain groups

10 The discrete logarithm problem
Exhaustive search Requires generating of the whole multiplicative group of the field That requires O(q) operations, where q=pn is the order of the multiplicative group of the field GF(pn)

11 The discrete logarithm problem
The Baby step – giant step algorithm (1) Input A generator  of a cyclic group G of order n, and an element G Output The discrete logarithm x = log

12 The discrete logarithm problem
The Baby step – giant step algorithm (2) Set m=  Construct a table with entries (j,j), 0j<m Sort the table by its second component Compute -m mod n and set =

13 The discrete logarithm problem
The Baby step – giant step algorithm (3) For 0im-1 do Check if  is the second component of some entry in the table If =j then return x=im+j Set  -m The algorithm requires O( ) storage and O( ) group multiplications

14 The discrete logarithm problem
Example: n=113, =3, =57 (1) Set m= =11 Construct the table Sort the table by the second component j 1 2 3 4 5 6 7 8 9 10 3j mod 113 27 81 17 51 40 21 63 j 1 8 2 5 9 3 7 6 10 4 3j mod 113 17 21 27 40 51 63 81

15 The discrete logarithm problem
Example: n=113, =3, =57 (2) Compute -11 mod 113 = (11)-1 (1) We use the extended Euclidean algorithm (1) 11 mod 113=311 mod 113=76 We compute (113,76) 113=176+37 76=237+2 37=182+1 Then 1=37-182=37-18(76-237)=37-1876+3637= =3737-1876=37(113-76)-1876=37113-3776-1876= =37113-5576

16 The discrete logarithm problem
Example: n=113, =3, =57 (3) Compute -11 mod 113 = (11)-1 (2) We use the extended Euclidean algorithm (2) If we take both sides mod 113 we get 1-55 76 (mod 113) Since -5558 (mod 113), (11)-1=58 We also set ==57

17 The discrete logarithm problem
Example: n=113, =3, =57 (4) For i=0 to 10 we try -m until we get a value from the second row in the table We conclude that log357=911+1=100 i 1 2 3 4 5 6 7 8 9 57 29 100 37 112 55 26 39

18 The Diffie-Hellman key exchange
Diffie and Hellman gave the first detailed proposal for the process of agreeing on a key for a classical cryptosystem using a public key system The key exchange protocol is based on the assumption that it is computationally infeasible to compute gab knowing only ga and gb when g is some fixed element in GF(pn)

19 The Diffie-Hellman key exchange
The Diffie-Hellman assumption is a priori at least as strong as the assumption that discrete logarithms cannot be feasibly computed in a group Let p be a prime and let  be a generator

20 The Diffie-Hellman key exchange
Example, p=53, n=1, =2

21 The Diffie-Hellman key exchange
The Diffie-Hellman key exchange algorithm gives protection against passive adversaries, but not against active adversaries capable of intercepting, modifying, or injecting messages Neither party has assurance of the source identity of the incoming message or the identity of the party which may know the resulting key

Download ppt "Public key ciphers 2 Session 6."

Similar presentations

Diffie-Hellman Diffie-Hellman is a public key distribution scheme First public-key type scheme, proposed in 1976.

Diffie-Hellman Diffie-Hellman is a public key distribution scheme First public-key type scheme, proposed in 1976.
ONE WAY FUNCTIONS SECURITY PROTOCOLS CLASS PRESENTATION.

ONE WAY FUNCTIONS SECURITY PROTOCOLS CLASS PRESENTATION.
Finite Fields Rong-Jaye Chen. p2. Finite fields 1. Irreducible polynomial f(x)  K[x], f(x) has no proper divisors in K[x] Eg. f(x)=1+x+x 2 is irreducible.

Finite Fields Rong-Jaye Chen. p2. Finite fields 1. Irreducible polynomial f(x)  K[x], f(x) has no proper divisors in K[x] Eg. f(x)=1+x+x 2 is irreducible.
Cryptography and Network Security

Cryptography and Network Security
Chapter 4 – Finite Fields. Introduction will now introduce finite fields of increasing importance in cryptography –AES, Elliptic Curve, IDEA, Public Key.

Chapter 4 – Finite Fields. Introduction will now introduce finite fields of increasing importance in cryptography –AES, Elliptic Curve, IDEA, Public Key.
7. Asymmetric encryption-

7. Asymmetric encryption-
15-251 Great Theoretical Ideas in Computer Science.

Great Theoretical Ideas in Computer Science.
Session 4 Asymmetric ciphers.

Session 4 Asymmetric ciphers.
Public Key Algorithms …….. RAIT M. Chatterjee.

Public Key Algorithms …….. RAIT M. Chatterjee.
CNS2010handout 8 :: introduction to number theory1 computer and network security matt barrie.

CNS2010handout 8 :: introduction to number theory1 computer and network security matt barrie.
1 Cryptosystems Based on Discrete Logarithms. 2 Outline [1] Discrete Logarithm Problem [2] Algorithms for Discrete Logarithm –A trivial algorithm –Shanks’

1 Cryptosystems Based on Discrete Logarithms. 2 Outline [1] Discrete Logarithm Problem [2] Algorithms for Discrete Logarithm –A trivial algorithm –Shanks’
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Introduction to Modern Cryptography Lecture 5 Number Theory: 1. Quadratic residues. 2. The discrete log problem. Intro to Public Key Cryptography Diffie.

Introduction to Modern Cryptography Lecture 5 Number Theory: 1. Quadratic residues. 2. The discrete log problem. Intro to Public Key Cryptography Diffie.
Discrete Log 1 Discrete Log. Discrete Log 2 Discrete Logarithm  Discrete log problem:  Given p, g and g a (mod p), determine a o This would break Diffie-Hellman.

Discrete Log 1 Discrete Log. Discrete Log 2 Discrete Logarithm  Discrete log problem:  Given p, g and g a (mod p), determine a o This would break Diffie-Hellman.
Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.

Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
CSCI 172/283 Fall 2010 Public Key Cryptography. New paradigm introduced by Diffie and Hellman The mailbox analogy: Bob has a locked mailbox Alice can.

CSCI 172/283 Fall 2010 Public Key Cryptography. New paradigm introduced by Diffie and Hellman The mailbox analogy: Bob has a locked mailbox Alice can.

Similar presentations

Ads by Google