1 chapter 4 key topics asymmetric key cryptography –rsa –elgamal schnorr dss message digest...
TRANSCRIPT
![Page 1: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/1.jpg)
1Chapter 4
Key Topics
• Asymmetric Key Cryptography– RSA
– ElGamal• Schnorr
• DSS
• Message Digest– MD5
– SHA-1
• Message Authentication Code (MAC)
![Page 2: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/2.jpg)
2Chapter 4
Asymmetric Key Cryptography
Plain text
Encrypt with B’s public key
Plain text
Decrypt with B’s private key
Sender(A)
Netw
ork
Receiver(B)
Cipher text
Cipher text
![Page 3: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/3.jpg)
3Chapter 4
Asymmetric Key Encryption
• Each user has a key pair (public and private), each user’s public key is accessible, but his private key is kept in secrecy.
• Two mainly usage :(Digital signature and confidential communication)– In confidential communication (CC):
• Sender (Alice) encrypts M with recipient’s (Bob) public key
• Recipient (Bob) decrypts C with its private key
![Page 4: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/4.jpg)
4Chapter 4
– In digital signature (DS):• Provider: (Alice) signs M with his own private key
to produce the signature S.
• Prove: by each one, given text M and signature S , verify the signature S is indeed signed by Alice by using Alice’s public Key.
![Page 5: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/5.jpg)
5Chapter 4
Asymmetric Key Example (CC)
• Consider a bank and its customers
• Customers encrypt their messages with bank’s public key
• Bank decrypts messages with its private key
![Page 6: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/6.jpg)
6Chapter 4
Asymmetric Key Cryptography Example
Fig 4.3
Customer A
Customer B
Customer C
Bank’s public key
Bank’s public key
Bank’s public key
Bank’s private key
Bank
![Page 7: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/7.jpg)
7Chapter 4
RSA (Rivest, Shamir, Adleman)
• World’s most popular Asymmetric Key Encryption algorithm
• Use formula like: ME mod n (n = p * q)• Key length ( belongs to Zn ) (n must more than
512 bits)• Block size (M) must smaller than the key length.• The cipher block size (C) is the same length as key
length.• RSA is much slower than DES, IDEA, and AES.
(but fast in two keys system)
![Page 8: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/8.jpg)
8Chapter 4
RSA Algorithm
Fig 4.4
Alice send message to Bob (each one has a pair of key, call public and private key)
1. For user Bob, choose two large prime numbers PB and QB.
2. Calculate NB = PB x QB.
3. Select the public key (i.e. the encryption key) EB such that gcd (EB, (NB) )=1 , (NB)=
(PB – 1) x (QB – 1). public key is < EB , NB >4. Select the private key (i.e. the decryption key) DB such that the following equation is true: private key is < DB , NB >
EB x DB = 1 mod (NB)
5. For encryption, calculate the cipher text C from the plain text P as follows:C = PEB mod NB
6. Send C as the cipher text to the receiver.
7. For decryption, calculate the plain text P from the cipher text C as follows:P = CDB mod NB
![Page 9: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/9.jpg)
9Chapter 4
Example of RSA
Bob (each one has a pair of key, call public and private key)
1. For user Bob, choose two large prime numbers PB =7 and QB =17.
2. Calculate NB = PB x QB. NB = 7 x 17 =119
3. Select the public key (i.e. the encryption key) EB =5 such that gcd (EB, (NB) )=1 , (NB)= (PB – 1) x (QB – 1), (NB)=96 . public key is < 5 , 119 >
4. Select the private key (i.e. the decryption key) DB =77 such that the following equation is true: private key is < 77 ,119 >
EB x DB = 1 mod (NB)
![Page 10: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/10.jpg)
10Chapter 4
Alice send message to Bob. For simply, assume A = 1, B = 2 , and plain text is only character F.
AF F 6
65
Result modulo 119= 41
1 Alice find the Bob public key <5,119>
2. Compute 65 mod 119 , and send the result to Bob.
Encryption algorithm using the public key
B41 4177
Result modulo 1196 F
1. When got message from Alice that is cipher text, now 41.
2. Find one’s private key <77,119>, and compute 4177 mod
3. When get 6 means F.
Decryption algorithm using the private key
F
![Page 11: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/11.jpg)
11Chapter 4
Why RSA is security
• One can find each one's public key < EB , NB > . Can we find the private key < DB, NB > through < EB , NB >
– To find DB , we need to know (NB )
Since DB x EB =1 mod (NB )
– Is (NB ) easy to find?
![Page 12: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/12.jpg)
12Chapter 4
Symmetric v/s AsymmetricCharacteristic Symmetric Key Cryptography Asymmetric Key Cryptography
Key used for encryption / decryption
Same key is used for encryption and decryption
One key used for encryption and another, different key is used for decryption
Speed of encryption / decryption Very fast Slower
Size of resulting encrypted text Usually same as or less than the original clear text size
More than the original clear text size
Key agreement / exchange A big problem No problem at all
Number of keys required as compared to the number of participants in the message exchange
Equals about the square of the number of participants, so scalability is an issue
Same as the number of participants, so scales up quite well
Usage Mainly for encryption and decryption (confidentiality), cannot be used for digital signatures (integrity and non-repudiation checks)
Can be used for encryption and decryption (confidentiality) as well as for digital signatures (integrity and non-repudiation checks)
![Page 13: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/13.jpg)
13Chapter 4
Digital Signature Concept
• Sender signs (encrypts )message M or its fingerprint with its private key to get the signature S.
• Verify:. Given M, and S, and signer’s public key, Guarantees that only the sender could have created this message
• Basis for Non-repudiation
![Page 14: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/14.jpg)
14Chapter 4
Basis for Digital Signatures
Plain text
Sign (Encrypt ) with A’s private key
Proved S = S’ ?
Verify (Decrypt) with A’s public key
Sender(A)
Netw
ork
Receiver(B)
Signature on
Plain text
S S
M M S’
![Page 15: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/15.jpg)
15Chapter 4
RSA for Digital SignatureAlice want to sign message M to everyone
(Assume user Alice has a key public key is < EA , NA > private key is < DA , NA >)
Sign: calculate the signature S from the plain text M as follows: S = MDA mod NA
Verify: when get signature S, message M , and Alice’s public key is < EA , NA > ,
calculate the plain text M from signature S as follows: (if plain text M is what they mean, correct)
M’ = SEA mod NA ( Check to see if M’=M)
![Page 16: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/16.jpg)
16Chapter 4
ElGamal Signatures
• Parameters:– System parameters: p, g (Big prime p, p2512
and primitive root g order of g is (p).• g (p)=g0 =1 mod p
– User private key: x, 1<x<p-1– User public key: y=gx mod p
• Sign:for m, 1<m<p-1, random number k and gcd(k,p-1)=1. generate (r,s) as the signature:
![Page 17: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/17.jpg)
17Chapter 4
r=gk mod p,
s=k-1(m-xr) mod p-1
(r,s) as the signature
• Verifying: (receive m,and its (r,s)) gm = yr rs mod p
![Page 18: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/18.jpg)
18Chapter 4
Schnorr Signatures
• Parameters:– System parameters:
1. Big prime p, p2512
2. generating number g (g’s order q, q is prime and q 2160,i.e.,gq=1 mod
– User private key: x, 1<x<q– User public key: y=gx mod p
• Signing:1. random number k and find r=gk mod p
![Page 19: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/19.jpg)
19Chapter 4
2. Find e=h(r,m)
3. Find s=(k-xe) mod q
(e,s) is the signature
• Verifying
1. Find r through gsye mod p
2. Verify h(r,m)=e?
![Page 20: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/20.jpg)
20Chapter 4
Digital Signature Standard (DSS)
• 1991 NIST (National Institute of Standard and Technology) proposed a DSA for signature.
• Parameters:– System parameters: (p ,q, g)
1. Big prime p, p2512
2. generating prime q (q 2160,i.e.,gq=1 mod 3. find g such as g=hp-1/q mod p, h[1,p-1]4. h one way hashing function (SHA-1)
– User private-public key pair: (x,y) • Find x, as a private key 1<x<q• y=gx mod p, as public key
![Page 21: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/21.jpg)
21Chapter 4
Sign: (r,s) plaintext m, 0<m<p, generate random number k, 0<k<q, find 1. r=(gk mod p) mod q2. s = k-1(h(m)+xr) mod q
Verify:t= s-1 mod q, r’=(gh(m)tyrt mod p) mod qVerify r’=r?
![Page 22: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/22.jpg)
22Chapter 4
Message Digest Concept
• Summarize the message M into fixed bit size called digest or hashed value.– In Mathematic notation, f(M), h(M)
• Also called as Hash
• The digest of a message can uniquely represent the message but use much less bit. The bit size of the hashed value is fixed usually of 128~256 bit.
• Similar to finger print of a human
![Page 23: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/23.jpg)
23Chapter 4
Message Digest Usage
• Mainly for Integrity– Others: MAC, Authentication
• For example: (The reason)– M: give me 100– C: hjwf nf 211 ( use m+1 mod 256)– Change cipher C to (modified): hjwf nf 21111– we decrypt changed C to M: give me 10000
![Page 24: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/24.jpg)
24Chapter 4
A simple Case of Digest use ADD
Original number is 7391743Two numbers as a block73 91 74 30Operation (mod 100) ResultGiven a initial value I 0add with the block 1 73add with the block 2 64Given a initial value 3 38add with the block 4 68
Message digest is 68
![Page 25: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/25.jpg)
25Chapter 4
Discuss ADD method
• Good sides:– Fixed length– Easy– One way (message digest, digest
message)
• Bad sides:– Easy to find the same digest with different
message.
![Page 26: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/26.jpg)
26Chapter 4
More good hashing
Original number is 7391743
Operation ResultMultiply 7 by 3 21Discard first digit 1Multiply 1 by 9 9Multiply 9 by 1 9Multiply 9 by 7 63Discard first digit 3Multiply 3 by 4 12Discard first digit 2Multiply 2 by 3 6
Message digest is 6
Taiwan I.D. is p121282112
Final digital is the hashed value of all the preceding character.
Operation ResultHomework to find?
Message digest is 2
![Page 27: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/27.jpg)
27Chapter 4
Message Digest Concept
Original data
101010101010101010
….
011101011011
Message Digest
Message digest algorithm
![Page 28: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/28.jpg)
28Chapter 4
Message Digest Demands - 1
Original data
Message digest
algorithm
Message digest
Message digest for the same original data should be the same
![Page 29: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/29.jpg)
29Chapter 4
Message Digest Demands - 2
Original data
Reverse Message digest
algorithm
Message digest
Must not be possible
![Page 30: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/30.jpg)
30Chapter 4
Message Digest Demands - 3
Fig 4.22
Original data 1
Message digest
algorithm
Message digest 1
Original data 2
Message digest
algorithm
Message digest 2
These two message digests must be different
![Page 31: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/31.jpg)
31Chapter 4
Message Digest Differences
• Even if the original messages differ minutely, message digests differ dramatically
• Basis for the guarantee of uniqueness
![Page 32: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/32.jpg)
32Chapter 4
Message Digest Example
Please pay the newspaper bill today
Please pay the newspaper bill tomorrow
306706092A864886F70D010705A05A3058020100300906052B0E03021A0500303206092A864886F70D010701A0250423506C656173652070617920746865206E65777370617065722062696C6C20746F646179041479630AC8041BA
A1C40747F2FC29D881AEF92299B
Message
Message digest
Message
Message digest 306A06092A864886F70D010705A05D305B020100300906052B0E03021A0500303506092A864886F70D010701A0280426506C656173652070617920746865206E65777370617065722062696C6C20746F6D6F72726F7704146EE
C2E0DB9570A5AF6CEB631CE057AE830A87C5B
![Page 33: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/33.jpg)
33Chapter 4
Message Digest Algorithms
• Basic principle: Take the original message, and reduce it to a smaller fingerprint
• Examples: MD5, SHA-1
• SHA-1 is considered stronger
![Page 34: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/34.jpg)
34Chapter 4
MD5
• MD serial developed by Ron Rivest.MD, MD2, MD3, MD4, MD5, MD6,…
• Processed in 512-bit blocks (divided into 16 32-bit sub-blocks
• Output is a set of four 32-bit blocks, amount is 128-bit message digest.
![Page 35: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/35.jpg)
35Chapter 4
How MD5 works?
• Padding– Filling message m into multiple of 512-bit
blocks
• Append length (in padding)
• Divide the input into 512-bit blocks
• Initialize chaining variables
• Process blocks
![Page 36: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/36.jpg)
36Chapter 4
• Padding the original message into multiple of 512-bit
• Append Length in the final 64-bit of the padding block.
original message 1000…000 original length in bits
1~512 bits 64 bits
Multiple of 512 bits
![Page 37: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/37.jpg)
37Chapter 4
• Divide the input into 512-bit blocks
Original message + padding block
block1 blocknblock2
512 bits 512 bits 512 bits
![Page 38: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/38.jpg)
38Chapter 4
• Initial A, B, C,D value– A 0123456716 B 89ABCDEF16
– C FEDCBA8916 D 7654321016
block1 blocknblock2
512 bits 512 bits 512 bits
MD5 MD5 MD5MD5
A
B
C
D
A
B
C
D
![Page 39: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/39.jpg)
39Chapter 4
Process inside MD5
• Operated at 32-bit based.
• Four rounds, And each round take up 16 steps. All 4*16 steps.
• There are another 64 constants called t[1],…t[64]
![Page 40: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/40.jpg)
40Chapter 4
Conceptual view within one round
Constants t[1~64]
Register a b c d
Block into sub blocks
MD5 round 1 to round 4
• Round 1 to round 4 only differ in – 1)function, on process P– 2) input sequences of subblocks, M[0],..M[15]– 3) shift number of bits
![Page 41: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/41.jpg)
41Chapter 4
• Input data: – 512-bit block M is divided into 16 sub block called M[0], M[1],…M[15],
another constants t[1],..t[64], and register a,b,c,d• Operation: (Perform round 1~4 step 1~16)
– Mainly operated on register a, b, c, d; after each step, registers are rotate-one-position-right exchanged (a, b,c, d) (d, a,b,c)
– Main processes: (for each step)• p1: process p on register b,c,d• p2: register a is added into p1’s result.• p3: sub block M[i] is added into p2’s result• p4: constant t[k] is added into p3’s result.• p5: the p4’s result is circular-left shifted by s bits• p6: register b is added into p5’s result• p7: p6’s result write into register a.
![Page 42: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/42.jpg)
42Chapter 4
a = b+(( a + process p (b,c,d) + M[i] + t[k] )<<<s)
Fig 4.33
a b c d
Process P
Add
Addt[k]
Shift
Add
a b c d
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
AddM[i]
Step 7
![Page 43: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/43.jpg)
43Chapter 4
![Page 44: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/44.jpg)
44Chapter 4
Secure Hash Algorithm (SHA)
• NIST and NSA, developed in 1993. also called SHA-1
• Modified from MD serial hash function.– Five register a, b, c, d,e (four register in MD5)– 5 constants (64 constants 64 in MD5 )– Function changed
• Output is: 160 bits
![Page 45: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/45.jpg)
45Chapter 4
Single SHA-1 Iteration
Fig 4.39
a b c d e
Process P
Add
s5 Add
Add W[t]
Add K[t]
a b c d e
![Page 46: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/46.jpg)
46Chapter 4
Comparison of MD5 and SHA-1
Fig 4.42
Point of discussion MD5 SHA
Message digest length in bits
128 160
Attack to try and find the original message given a message digest
Requires 2128 operations to break in
Requires 2160 operations to break in, therefore more secure
Attack to try and find two messages producing the same message digest
Requires 264 operations to break in
Requires 280 operations to break in
Successful attacks so far There have been reported attempts to some extent (as we discussed earlier)
No such claims so far
Speed Faster (64 iterations, and 128-bit buffer)
Slower (80 iterations, and 160-bit buffer)
Software implementation Simple, does not need any large programs or complex tables
Simple, does not need any large programs or complex tables
![Page 47: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/47.jpg)
47Chapter 4
Message Authentication Code (MAC)
• Make sure the message digest is sent by the sender (need to include the Secret between sender and receiver )
• MAC can ensure the message integrity and authentication, lack of confidentiality and non-repudiation
![Page 48: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/48.jpg)
48Chapter 4
Message Authentication Code (MAC)
Fig 4.43
SENDER
(A)
M
H1
MAC
M
H1
Send
M
H2
MAC
R E C E I V E R
(B)
Compare
Step 1 Step 2 Step 3
Step 4
K K
![Page 49: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/49.jpg)
49Chapter 4
Hash-based Message Authentication Code (HMAC)
• Basically use Hash function (MD5, SHA-1)
• Shared Secret key join with message M to form the a package to be hashed.
![Page 50: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/50.jpg)
50Chapter 4
HMAC Concept
Key K
message digest algorithms such as MD5 or SHA-1
Original message
Message Digest
Hash fun-ction (MD5,
SHA-1)MAC
Final output
Key K
+
+
Key K
![Page 51: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/51.jpg)
51Chapter 4
Complete HMAC OperationTransformed key (K)Key (K) ipad
XOR
S1 M
Message Digest algorithm
H
Transformed key (K) opad
XOR
S2 H
HMAC
Message Digest algorithm
120 bits512 bits
512 bits 00110110…
512 bits 01011010…
![Page 52: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/52.jpg)
52Chapter 4
Appendix 1. Prime testing
• Miller-Rabin probability testing– Input n, and assume n=2st+1, t is odd number,
and s 1≧– Choose positive integer a:
• at ≠ 1mod n, and a2jt ≠ -1 mod n 0 j s-1≦ ≦• If a satisfy condition above n is not a prime
– Choose different a for k round.(if n pass k round than the probability of n is not a
prime is below 1-(1/4)k )
![Page 53: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/53.jpg)
53Chapter 4
• prime determinate testing– Input n, – If n satisfy bn-1 =1 mod n and b(n-1/pi) ≠ 1 mod n
• b is positive integer, and pi is the prime factor of n
– then, n is prime
![Page 54: 1 Chapter 4 Key Topics Asymmetric Key Cryptography –RSA –ElGamal Schnorr DSS Message Digest –MD5 –SHA-1 Message Authentication Code (MAC)](https://reader036.vdocuments.us/reader036/viewer/2022062518/56649ede5503460f94beead4/html5/thumbnails/54.jpg)
54Chapter 4
Determinate Prime number generation
• Demytko (prime number determinate generation)– Assume, pi+1=hipi+1 and satisfy the following:
• pi is an odd prime
• hi<4(pi+1), hi is even
• 2hipi =1 mod pi+1
• 2hi ≠ 1 mod pi+1
– Then, pi+1 is a prime