PublicKey Cryptosystems - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

PublicKey Cryptosystems

Description:

Proof (by induction on Eulen(a,b)): If Eulen(a,b)=1 then a=ub, and a (1-u)b=b=gcd(a,b) ... By the induction hypothesis, there exist x,y, such that. bx ry=gcd(b, ... – PowerPoint PPT presentation

Number of Views:39
Avg rating:3.0/5.0
Slides: 15
Provided by: jeff454
Category:

less

Transcript and Presenter's Notes

Title: PublicKey Cryptosystems


1
Public-Key Cryptosystems
2
Public-Key Cryptosystems
  • M message (treated as a number)
  • E Encryption procedure
  • D Decryption procedure
  • Required properties
  • 1. D(E(M))M
  • 2. E and D are easy to compute
  • 3. Revealing E does not reveal easy way to
    compute D
  • 4. E(D(M))M

3
Public-Key Cryptosystems
  • Two users A(lice) and B(ob)
  • A and B publicly announce EA,EB respectively.
  • B sends a private message M to A, EA(M)
  • A decipher the message by computing
  • DA(EA(M))
  • Signature by B on message M to be sent to A
  • B computes SDB(M) (can add its name for
    example to M)
  • B sends EA(S) to A

4
Public-Key Cryptosystems
  • Given the signed message S, A can find the
    original message M by computing EB(S)
  • B can not deny sending the message M to A,
    because no one else could generate S.
  • A can not change M to M and claim it has been
    sent, since it will have for that to generate a
    corresponding signature SDB(M)

5
RSA
  • The public key is a pair (e,n) of positive
    integers.
  • A message M is treated as an integer between 0
  • and n-1.
  • CE(M)Me (mod n)
  • D(C)Cd (mod n)
  • We need to get an appropriate decryption key.
  • 1. Choose npq, where p and q are very large
    random primes.
  • 2. Pick an integer d that is relatively prime to
  • (p-1)(q-1), I.e. satisfy gcd(d,(p-1)(q-1))1_
  • 3. Pick e, such that ed1(mod (p-1)(q-1))

6
RSA- some mathematics
  • Euler and Fermat for any integer M that is
    relatively prime to n, we have that
  • M?(n) 1 (mod n), where ?(n) gives the
    number of positive integers less than n that are
    relatively prime to n.
  • For prime number p, ?(p)p-1
  • For npq, ?(n) ?(p) ?(q) (p-1)(q-1)

7
RSA- some mathematics
  • Since d is relatively prime to ?(n), it has a
    multiplicative inverse e in the ring of integers
    modulo ?(n),
  • ed1(mod ?(n))
  • D(E(M))(E(M))d(Me)d (mod n)Med (mod n)
  • E(D(M))(D(M))e(Md)e (mod n)Med (mod n)
  • Med Mk ?(n)1(mod n) (for some integer k)
  • Mp-1 1 (mod p) for all M such that p does
    not divide M.
  • Since p-1 divides ?(n) we have Mk ?(n)1
    M(mod p)
  • This trivially holds for M0, and hence for
    every M.

8
RSA- some mathematics
  • Similarly for q we get
  • Mk ?(n)1 M(mod q)
  • Together, we get Med Mk ?(n)1M(mod n)
  • as desired, I.e. D(E(M))E(D(M))M (mod
    n)

9
Choosing large primes
  • Choose randomly 100 digit number. Test whether it
    is prime, and if not choose again,etc.
  • (about 115 guesses needed, given the density
    of primes).
  • The Solovay-Strassen idea for primality testing
  • To test whether b is prime choose a random a
    uniformly from 1,..b and test that gcd(a,b)1
    and J(a,b)a(b-1)/2(mod b)
  • The above is true for b prime, and with
    probability at most half for composite b, so we
    try many as.

10
Choosing large primes
  • Computing the Jacobi Symbol J(a,b)
  • J(a,b) If a1 then 1 else
  • If a is even then
    J(a/2b)(-1)(b2-1)/8
  • Else J(b (mod a),a)
    (-1)(a-1)(b-1)/4

11
Euclids algorithm
  • gcd(a,b) (where b lt a are non-negative
    integers)
  • 1. If ba then gcd(a,b)b
  • 2. If abtr, then gcd(a,b)gcd(b,r)
  • Example a2322, b654
  • 23226543360 gcd(2322,654)gcd(654,360)
  • 6543601294 gcd(654,360)gcd(360,294)
  • 360294166 gcd(360,294)gcd(294,66)
  • 29466430 gcd(294,66)gcd(66,30)
  • 663026 gcd(66,30)gcd(30,6)
  • 3065 gcd(30,6)6
  • gcd(2322,654)6

12
Euclids algorithm
  • Denote Eulen(a,b) the length (number of steps
  • required in the Euclid algorithm).
  • Eulen(2322,654)6
  • Corollary there exist integers such that
    asbtgcd(a,b)
  • Proof (by induction on Eulen(a,b))
  • If Eulen(a,b)1 then aub, and
    a(1-u)bbgcd(a,b)
  • If Eulen(a,b)n, then apply one step of the
    algorithm, and let abur, Eulen(b,r)n-1.
  • By the induction hypothesis, there exist x,y,
    such that
  • bxrygcd(b,r)gcd(a,b)

13
Euclids algorithm
  • We can write ra-bu
  • ryay-buy
  • bx(ay-buy)gcd(a,b)
  • b(x-uy)aygcd(a,b)
  • Take sx-uy and ty to get the desired result

14
How to compute e from d and ?(n)
  • Compute gcd of d and ?(n).
  • This creates a series x0,x1,x2,.,
  • where x0 ?(n), x1d,
  • and Xi1 Xi-1 (mod xi)
  • when xk 0 is found, then gcd(x0,x1)xk-1
  • We can write xi ai x0 bi x1
  • and bk-1 is the multiplicative inverse of
    x1
  • modulo x0
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "PublicKey Cryptosystems" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!