Chapter 9 Public-Key Cryptography and RSA - PowerPoint PPT Presentation

About This Presentation
Title:

Chapter 9 Public-Key Cryptography and RSA

Description:

Chapter 9 Public-Key Cryptography and RSA Contents Principles of Public-Key Cryptosystems Public-Key Cryptosystems Applications for Public-Key Cryptosystems ... – PowerPoint PPT presentation

Number of Views:464
Avg rating:3.0/5.0
Slides: 35
Provided by: WinX1265
Category:

less

Transcript and Presenter's Notes

Title: Chapter 9 Public-Key Cryptography and RSA


1
Chapter 9Public-Key Cryptography and RSA
2
Contents
  • Principles of Public-Key Cryptosystems
  • Public-Key Cryptosystems
  • Applications for Public-Key Cryptosystems
  • Requirements for Public-Key Cryptography
  • Public-Key Cryptanalysis
  • The RSA Algorithm
  • Description of the Algorithm
  • The Security of RSA

3
Principles of public-key cryptosystems
  • Symmetric encryption has two difficult problems.
  • Key distribution problem
  • Symmetric encryption requires either
  • that two communicants already share a key or
  • the use of key distribution center (KDC).
  • If the KDC is compromised,
  • Hard to be used for digital signatures

4
Public-Key Cryptosystems
  • Public-key algorithms use two separate key.
  • Public key and private key
  • It is computationally infeasible to determine the
    private key given only knowledge of the
    cryptographic algorithm and the public key.
  • Normally, public key is used for encryption and
    private key is used for decryption.
  • In some algorithms such as RSA, either of the two
    keys can be used for encryption, with the other
    used for decryption.

5
Public-Key Cryptosystems
  • A public-key encryption scheme has six
    ingredients.
  • Plaintext
  • Encryption algorithm
  • Ciphertext
  • Decryption algorithm
  • Public and private key
  • One is for encryption and the other is for
    decryption.

6
Public-Key Cryptosystems
  • The use of public-key encryption
  • Each user generate his/her public and private
    keys.
  • Each user places the public key in a public
    register and keeps the private key secret.
  • If Bob wants to send a message to Alice, Bog
    encrypts the message using Alices public key.
  • Alice decrypts the ciphertext using her private
    key.

7
Public-Key Cryptosystems
  • The use of public-key encryption. (Bob sends a
    message to Alice.)

8
Public-Key Cryptosystems
  • A public-key encryption scheme Secrecy

9
Public-Key Cryptosystems
  • The use of public-key encryption to provide
    authentication.

10
Public-Key Cryptosystems
  • A public-key encryption scheme Authentication

11
Public-Key Cryptosystems
  • A public-key encryption scheme Secrecy and
    authentication

12
Applications for Public-Key Cryptosystems
  • The use of public-key cryptosystems
  • Encryption/decryption (provide secrecy)
  • Digital signatures (provide authentication)
  • Key exchange (of session keys)
  • Some algorithms are suitable for all
    applications, others can be used only for one or
    two.

13
Requirements for Public-Key Cryptography
  • Diffie and Hellman did lay out the conditions
    that such algorithms must fulfill when A sends a
    message to B.
  • It is easy for B to generate his/her public and
    private key.
  • It is easy for A to encrypt a message M using Bs
    public key.
  • It is easy for B to decrypt the ciphertext using
    Bs private key.

14
Requirements for Public-Key Cryptography
  • It is infeasible for an opponent, knowing the
    public key, KUb , to determine the private key,
    KRb .
  • It is infeasible for an opponent, knowing the
    public key, KUb , and a ciphertext, C, to recover
    the original message, M.
  • (Optional) The encryption and decryption
    functions can be applied in either order.

15
Requirements for Public-Key Cryptography
  • These requirements are hard to achieve so only
    two algorithms (RSA, elliptic curve cryptography)
    have received widespread acceptance.
  • Why the requirements are so formidable?
  • The requirements needs a trap-door one-way
    function.

16
Requirements for Public-Key Cryptography
  • One-way function
  • A one-to-one function such that
  • The calculation of the function is easy
  • but the calculation of the inverse is infeasible.
  • Easy
  • A problem can be solved in polynomial time.
  • Infeasible
  • It is hard to invert a function for virtually all
    inputs, not for the worst case or even average
    case.

Y f(X) easy
X f-1(Y) infeasible
17
Requirements for Public-Key Cryptography
  • Trap-door one-way function
  • Easy to calculate in one direction and infeasible
    to calculate in the other direction unless
    certain additional information is known.
  • Thus, the development of a practical public-key
    scheme depends on discovery of a suitable
    trap-door one-way function.

Y fk(X) easy, if k and X are known
X fk-1(Y) easy, if k and Y are known
X fk-1(Y) infeasible, if Y is known but k is not known
18
Public-Key Cryptanalysis
  • Brute-force attacks for private keys
  • Countermeasure use large keys
  • The key size must be large enough to make
    brute-force attack impractical but small enough
    for practical encryption and decryption.
  • Computing the private key given the public key
  • No algorithms are proven safe from this attack.

19
Public-Key Cryptanalysis
  • A probable-message attack
  • Suppose that a message were a 56-bit DES key.
  • An opponent could encrypt all possible keys using
    the public key.
  • He could decipher any message by matching the
    transmitted ciphertext.
  • Countermeasure
  • Large key size (?)
  • Append some random bits to messages.

20
The RSA Algorithm
  • Developed in 1977 by Rivest, Shamir, and Adleman
    at MIT.
  • The RSA scheme is a block cipher in which the
    plaintext / ciphertext are integers between 0 and
    n 1 for some n.
  • A typical size for n is 1024 bits, or 309 decimal
    digits.
  • n pq

21
Description of the RSA Algorithm
  • Plaintext is encrypted in blocks.
  • Each block have a binary value less than some
    number n.
  • That is, the block size must be less than or
    equal to log2(n).
  • The block size is k bits, where 2k lt n 2k1.

22
Description of the RSA Algorithm
  • Encryption/Decryption
  • M plaintext block
  • C ciphertext block
  • public key e, n
  • private key d, n.

23
Requirements for Public-Key Cryptography
  • Diffie and Hellmans requirements
  • It is easy for B to generate his/her public and
    private key.
  • It should be easy for B to find values of e, d,
    and n.
  • It is easy for A to encrypt a message M using Bs
    public key.
  • It should be easy to calculate Me.
  • It is easy for B to decrypt the ciphertext using
    Bs private key.
  • It should be easy to calculate Cd.
  • It is infeasible for an opponent, knowing the
    public key, KUb , to determine the private key,
    KRb .
  • It is infeasible to determine d given e and n.
  • It is infeasible for an opponent, knowing the
    public key, KUb , and a ciphertext, C, to recover
    the original message, M.
  • (Optional) The encryption and decryption
    functions can be applied in either order.

24
Description of the RSA Algorithm
  • First requirement
  • It should be easy to find values of e, d, n such
    that
  • for all M lt n.

25
Description of the RSA Algorithm
  • A corollary to Eulers theorem
  • Given two prime numbers, p and q, and two
    integer, n and m, such that n pq and 0 lt m lt n,
    and arbitrary integer k,

where F(n) is the Euler totient function, which
is the number of positive integers less than n
and relatively prime to n.
26
Description of the RSA Algorithm
  • If we select e and d such that
  • they satisfy .
  • is equivalent to saying
  • According to the rules of modular arithmetic,
    this is true only if e (and therefore d) is
    relatively prime to F(n).

27
Description of the RSA Algorithm
  • RSAs ingredient.
  • Public key consist of e, n and a private key
    consist of d, n

p, q, two prime numbers (private, chosen)
n pq (public, calculated)
e, with gcd(F(n), e) 1 1 lt e lt F(n) (public, chosen)
(private, calculated)
28
Description of the RSA Algorithm
  • RSAs scheme
  • Suppose user B wishes to send the message M to A.
  • User A has published its public key, KUe, n.
  • B calculates C Me (mod n) and transmits C.
  • Then, user A decrypts by calculating M Cd (mod
    n). (use KRd, n)

29
Description of the RSA Algorithm
  • RSA algorithm (example) the keys generating
  • Select two prime number, p 17 and q 11.
  • Calculate n pq 17 X 11 187.
  • Calculate F(n) (p 1)(q 1) 16 X 10 160.
  • Select e 7 (e is relatively prime to F(n)).
  • Determine d, de 1 mod 160 (Using extended
    Euclids algorithm).
  • d 23

30
Description of the RSA Algorithm
  • Encryption
  • Decryption

31
The Security of RSA
  • Three possible approaches to attacking the RSA.
  • Brute force
  • Mathematical attacks
  • Timing attacks
  • Brute force
  • trying all possible private keys
  • Countermeasures Use a large key space.

32
The Security of RSA
  • Mathematical attacks
  • Factor n into its two prime factors. This enables
    calculation of F(n) and determination of d.
  • Determine F(n) directly, without first
    determining p and q. This enable determination of
    d.
  • This is equivalent to factoring n.
  • Determine d directly, without first determining
    F(n).
  • With presently known algorithms, this appears to
    be at least as time-consuming as the factoring
    problem.

33
The Security of RSA
  • Focused on the task of factoring n into its two
    prime factors.

34
The Security of RSA
  • To avoid values of n that may be factored more
    easily, the algorithms inventors suggest
    constraints on p and q.
  • p and q should differ in length by only a few
    digits.
  • Both (p 1) and (q 1) should contain a large
    prime factor.
  • gcd (p 1, q 1) should be small.
  • In addition, it has been demonstrated that if e lt
    n and d lt n1/4, then d can be easily determined.
Write a Comment
User Comments (0)
About PowerShow.com