Public Key Cryptology LFTSP 1998 COMMS 2'15

1
Public Key CryptologyLFTSP 1998 COMMS 2.15

• Major Greg Phillips
• Royal Military College of Canada
• Electrical and Computer Engineering
• greg.phillips_at_rmc.ca
• 01-613-541-6000 ext. 6190

2
Government Interest?

• The Federal Government is currently implementing
  a Public Key Infrastructure (PKI) designed to
  facilitate the use of public key cryptography in
  both public and private sectors.
• The PKI is being delivered by Entrust
  Technologies, an Ottawa spin-off of NORTEL.
• We (DND) currently use public key cryptography in
  e.g., the STU-III telephone system

Government of Canada PKI homepage http//www.cse-c
st.gc.ca/cse/english/gov.html
3
Commercial Interest?
4
The Secret Key Weakness
Alice
Bob
5
Public Key Cryptosystems
Private Key Cryptosystems
plaintext
plaintext
Pu
Pu encipher
DES encipher
DES key
ciphertext
ciphertext
Pr
DES decipher
Pr decipher
plaintext
plaintext
6
Public Key Cryptosystems
PrAlice
PrBob
Alice
Bob
Public Key Directory Alice PuAlice Bob
Pubob Carol PuCarol
PrCarol
7
A Comparison
It is possible to combine public key and private
key cryptosystems in a hybrid approach that has
the benefits of both.
8
System Requirements
plaintext
Public key

• Given all the information in the green area,
  computing either the plaintext or the private key
  must be prohibitively difficult.
• At the same time, it must be reasonably efficient
  to
• generate key pairs,
• encipher, and
• decipher.

Pu encipher
ciphertext
Private key
Pr decipher
plaintext
9
Trap-door one-way functions

• A one-way function f derives from a hard
  mathematical problem whose inverse is easy
• i.e., f X Y is hard, f -1 Y X is easy
• Example factoring large numbers
• find the factors of 29,083 relatively hard
• multiply 127 by 229 relatively easy
• A trap-door one-way function t is derived from a
  one way function f such that t(f, e) and t-1(f
  -1, n) are both easy, but t-1(f -1) is as hard as
  f-1 and finding n from e is also as hard as f-1

10
RSA

• Developed by Rivest, Shamir and Adelman in 1978
  following Diffie, Hellman and Merkles invention
  of public-key cryptography in 1976
• relies on the difficulty of factoring large
  numbers makes extensive use of modulo
  arithmetic to produce the required one-way
  trap-door functions for both key generation and
  encipher/decipher

11
Modulo Arithmetic

• Also known as clock arithmetic
• x mod y is the remainder of the integer division
  of x by y
• formally x mod y x - y int(x/y)
• e.g.,
• 5 mod 10 5
• 11 mod 10 1
• 156 mod 10 6

12
RSA Key Generation

• choose two large primes, p and q, and another
  number E
• calculate n pq
• public key is (n, E)
• private key is D, the multiplicative inverse of E
  taken mod (p-1)(q-1) , i.e., ED mod (p-1)(q-1)1
• example
• choose p 5, q 11, E 3
• calculate n 55, public key is (55, 3)
• D is 27 since (3)(27)mod(40)1
• there is an efficient algorithm for calculating D
  given any p, q and E, but finding p and q from n
  is the mathematically hard problem

13
RSA Encryption

• Public key is (n, E)
• Break the plaintext into binary numbers mi, such
  that each mi lt n
• Calculate the ciphertext ci corresponding to mi
• ci miE mod n
• Example mi 4, public key is (55, 3)
• ci 43 mod 55
• ci 64 mod 55
• ci 9

14
RSA Decryption

• Public key is (n, E), private key is D
• Calculate the plaintext mi corresponding to each
  ci
• mi ciD mod n
• Example ci 9, public key is (55, 3), private
  key is 27
• mi 927 mod 55
• mi 58149737003040059690390169 mod 55
• mi 4

15
Diminutive Munitions
These are three real implementations of the RSA
algorithm in the Perl and Python programming
languages. The first is believed to be the
smallest implementation ever of a public key
algorithm.
print pack"C",split/\D/,echo
"16iIIo\U_at_/z(pop,pop,unpack"H",ltgt )\EsMs
KsN0lN1lKd2Sa2/d0ltXdlMLalN0dsXxlMlN/ds
M0ltJdsJxp"dc
from sys importfrom string importaargvs,p,q
filter(lambda xx1! '-',a)d'-d'in
ae,natol(p,16),atol(q,16)l(len(q)1)/2o,inbl
-d,l-1d while ssstdin.read(inb)s and
map(stdout.write,map(lambda i,bpow(reduce( lambda
x,y(xltlt8L)y,map(ord,s)),e,n)chr(bgtgt8i255),ra
nge(o-1,-1,-1)))
Why bother? See http//dcs.ex.ac.uk/aba/rsa/ to
find out.
16
Other Algorithms

• one-way reversible knapsack (Hellman and Merkle)
  based on the difficulty of finding which of a
  given set of numbers add up to a given sum
• El Gamal (El Gamal) based on the difficulty of
  solving the discrete logarithm problem
• elliptic curve cryptography (Certicom) based on
  the difficulty of solving the discrete logarithm
  problem over elliptic curve groups

17
Reversibility

• Most public-key cryptosystems have a reversible
  form, that is
• information encrypted with the public key can be
  decrypted with the private key, and
• information encrypted with the private key can be
  decrypted with the public key
• Usually the two directions require slight
  variations of the base algorithm

18
Digital Signatures
verify message (public key)
sign message (private key)
Original Message
Signed Message
Valid or Invalid?
19
Message Digest
digest (no key)
undigest
Original Message
Message Digest
Original Message
20
Digital Signatures
Original Message
Signed Message
merge
merge
compute message digest (no key)
signed digest
digest
sign message digest (private key)
21
Digital Envelopes
encrypt using DES-style crypto
Original Message
Encrypted Message
Enveloped Message
DES-style Key
Encrypted Key
encrypt using public key
22
Public Key CryptologyLFTSP 1998 COMMS 2.15

• Major Greg Phillips
• Royal Military College of Canada
• Electrical and Computer Engineering
• greg.phillips_at_rmc.ca
• 01-613-541-6000 ext. 6190