1. CSE 331: Introduction to Networks and Security Fall 2001 Instructor: Carl A. Gunter Encrypted Knock Knock

2. ElGamal l Similar to Diffie-Hellman, but provides for encryption of a message M. l Start as with Diffie-Hellman.  Select and share the public information  Select a prime number q and a primitive root  of this prime.  Compute the private and public keys.  Alice chooses XA < q at random and takes YA to be  **XA mod q.  Bob chooses XB < q at random and takes YB to be  **XB mod q.

3. ElGamal Encryption l Alice wishes to send the encryption of a message M to Bob. l Represent M as a number M < q. l Choose random r such that 1<=r<q. l Let R = YB**r mod q. l Let  =  **r mod q. l Let  = R*M mod q. l The encrypted message is ( ,  ).

4. ElGamal Decryption l To decrypt:   **XB = (  **r)**XB = (  **XB)**r = (YB)**r  R (mod q)   *R -1 = (R*M)*R -1  M (mod q)

5. EKK l Encrypted Knock! Knock! (EKK) uses ElGamal and DES. l It provides confidential channels without authentication. l Protocol notation:  Alice -> Bob: How are you?  Bob -> Alice: Ok, and you?  Alice -> Bob: Not bad, have a nice day!  Bob -> Alice: You too!

6. EKK Set Up l Advanced setup: prime q and primitive root  where q is more than 64 bits. l Client C (you) and server S select key pairs (XC, YC) and (XS, YS) as in ElGamal/Diffie-Hellman.

7. EKK Overview l Client initiates protocol with “Knock! Knock!” message and its public key YC. l Server responds with “Who’s there?”, its public key YS, and DES key K, encrypted using ElGamal. l Client responds with first part of joke encrypted using DES and key K. l Server plays along, using DES encryption with K.

8. EKK Example l C->S: Knock! Knock!YC. l S->C: Who’s there?YS, ( ,  ). l C->S: E(K, Boo!). l S->C: E(K, Boo! Who?). l C->S: E(K, Don’t cry, this will be easy!). l S->C: E(K, Don’t waste server time, connection closed.).