chapter 31 cryptography and network security copyright © the mcgraw-hill companies, inc. permission...
TRANSCRIPT
![Page 1: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/1.jpg)
Chapter 31
CryptographyAnd
Network Security
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
![Page 2: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/2.jpg)
Chapter 31: Outline
331.1 331.1 INTRODUCTIONINTRODUCTION
331.2 331.2 CONFIDENTIALITYCONFIDENTIALITY
331.3 331.3 OTHER ASPECTS OF SECURITYOTHER ASPECTS OF SECURITY
![Page 3: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/3.jpg)
Chapter 31: Objective
The first section introduces the subject. It first describes security
goals such as confidentiality, integrity, and availability. The section shows how confidentiality is threatened by attacks such as snooping and traffic analysis. The section then shows how integrity is threatened by attacks such as modification, masquerading, replaying, and repudiation. The section mentions one attack that threatens availability, denial of service. This section ends with describing the two techniques used in security: cryptography and steganography. The chapter concentrates on the first
![Page 4: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/4.jpg)
Chapter 31: Objective (continued)
The second section discusses confidentiality. It first describes symmetric-key ciphers and explains traditional symmetric-key ciphers such as substitution and transposition ciphers. It then moves to modern symmetric-key ciphers and explains modern block and stream ciphers. The section then shows that denial of service is an attack to availability.
The third section discusses other aspects of security: message integrity, message authentication, digital signature, entity authentication. These aspects today are part of the security system that complements confidentiality. The section also describes the topic of key management including the distribution of keys for both symmetric-key and asymmetric-key ciphers.
![Page 5: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/5.jpg)
31.5
31-1 INTRODUCTION31-1 INTRODUCTION
We are living in the information age. Information is an asset that has a value like any other asset. As an asset, information needs to be secured from attacks. To be secured, information needs to be hidden from unauthorized access (confidentiality), protected from unauthorized change (integrity), and available to an authorized entity when it is needed (availability).
![Page 6: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/6.jpg)
31.6
331.31.1 Security Goals331.31.1 Security Goals
Let us first discuss three security goals: confidentiality, integrity, and availability.
![Page 7: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/7.jpg)
31.7
331.31.2 Attacks331.31.2 Attacks
Our three goals of security, confidentiality, Our three goals of security, confidentiality, integrity, and availability, can be threatened by integrity, and availability, can be threatened by security attacks. Although the literature uses security attacks. Although the literature uses different approaches to categorizing the attacks, different approaches to categorizing the attacks, we divide them into three groups related to the we divide them into three groups related to the security goals. Figure 331.1 shows the taxonomy.security goals. Figure 331.1 shows the taxonomy.
![Page 8: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/8.jpg)
31.8
Figure 331.1: Taxonomy of attacks with relation to security goals
![Page 9: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/9.jpg)
31.9
331.31.3 Services and Techniques331.31.3 Services and Techniques
ITU-T defines some security services to achieve security goals and prevent attacks. Each of these services is designed to prevent one or more attacks while maintaining security goals. The actual implementation of security goals needs some techniques. Two techniques are prevalent today: one is very general (cryptography) and one is specific (steganography).
![Page 10: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/10.jpg)
31.10
31-2 CONFIDENTIALITY 31-2 CONFIDENTIALITY
We now look at the first goal of security, confidentiality. Confidentiality can be achieved using ciphers. Ciphers can be divided into two broad categories: symmetric-key and asymmetric-key.
![Page 11: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/11.jpg)
31.11
331.2.1 Symmetric-Key Ciphers331.2.1 Symmetric-Key Ciphers
A symmetric-key cipher uses the same key for both A symmetric-key cipher uses the same key for both encryption and decryption, and the key can be encryption and decryption, and the key can be used for bidirectional communication, which is used for bidirectional communication, which is why it is called symmetric. Figure 331.2 shows the why it is called symmetric. Figure 331.2 shows the general idea behind a symmetric-key cipher.general idea behind a symmetric-key cipher.
![Page 12: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/12.jpg)
31.12
Figure 331.2: General idea of a symmetric-key cipher
![Page 13: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/13.jpg)
31.13
Figure 331.3: Symmetric-key encipherment as locking and unlocking with the same key
![Page 14: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/14.jpg)
31.14
Figure 331.4: Representation of plaintext and ciphertext characters in modulo 26
![Page 15: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/15.jpg)
Use the additive cipher with key = 15 to encrypt the message “hello”.
Example 331.1
31.15
![Page 16: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/16.jpg)
Use the additive cipher with key = 15 to decrypt the message “WTAAD”.
Example 331.2
31.16
![Page 17: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/17.jpg)
31.17
Figure 331.5: An example key for a monoalphabetic substitution cipher
![Page 18: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/18.jpg)
We can use the key in Figure 10.5 to encrypt the message
Example 331.3
31.18
![Page 19: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/19.jpg)
Assume that Alice and Bob agreed to use an autokey cipher with initial key value k1 = 12. Now Alice wants to send Bob the message “Attack is today”. The three occurrences of “t” are encrypted differently.
Example 331.4
31.19
![Page 20: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/20.jpg)
31.20
Figure 331.6: Transposition cipher
![Page 21: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/21.jpg)
31.21
Figure 331.7: A modern block cipher
![Page 22: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/22.jpg)
31.22
Figure 331.8: Components of a modern block cipher
![Page 23: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/23.jpg)
31.23
Figure 331.9: General structure of DES
![Page 24: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/24.jpg)
31.24
Figure 331.10: DES function
![Page 25: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/25.jpg)
31.25
Figure 331.11: Key generation
![Page 26: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/26.jpg)
We choose a random plaintext block and a random key, and determine (using a program) what the ciphertext block would be (all in hexadecimal) as shown below.
Example 331.5
31.26
![Page 27: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/27.jpg)
To check the effectiveness of DES when a single bit is changed in the input, we use two different plaintexts with only a single bit difference (in a program). The two ciphertexts are completely different without even changing the key. Although the two plaintext blocks differ only in the rightmost bit, the ciphertext blocks differ in 29 bits.
Example 331.6
31.27
![Page 28: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/28.jpg)
31.28
Figure 331.12: One-time pad
![Page 29: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/29.jpg)
31.29
331.2.2 Asymmetric-Key Ciphers331.2.2 Asymmetric-Key Ciphers
In previous sections we discussed symmetric-key In previous sections we discussed symmetric-key ciphers. In this section, we start the discussion of ciphers. In this section, we start the discussion of asymmetric-key ciphers. Symmetric- and asymmetric-key ciphers. Symmetric- and asymmetric-key ciphers will exist in parallel and asymmetric-key ciphers will exist in parallel and continue to serve the community. We actually continue to serve the community. We actually believe that they are complements of each other; believe that they are complements of each other; the advantages of one can compensate for the the advantages of one can compensate for the disadvantages of the other.disadvantages of the other.
![Page 30: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/30.jpg)
31.30
Figure 331.13: Locking and unlocking in asymmetric-key cryptosystem
![Page 31: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/31.jpg)
31.31
Figure 331.14: General idea of asymmetric-key cryptosystem
![Page 32: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/32.jpg)
31.32
Figure 331.15: Encryption, decryption, and key generation in RSA
![Page 33: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/33.jpg)
For the sake of demonstration, let Bob choose 7 and 11 as p and q and calculate n = 7 × 11 = 77, φ(n) = (7 − 1)(11 − 1), or 60. If he chooses e to be 13, then d is 37. Note that e × d mod 60 = 31. Now imagine that Alice wants to send the plaintext 5 to Bob. She uses the public exponent 13 to encrypt 5. This system is not safe because p and q are small.
Example 331.7
31.33
![Page 34: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/34.jpg)
Here is a more realistic example calculated using a computer program in Java. We choose a 512-bit p and q, calculate n and φ(n). We then choose e and calculate d. Finally, we show the results of encryption and decryption. The integer p is a 159-digit number.
Example 331.8
31.34
![Page 35: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/35.jpg)
Example 331.8 (continued)
31.35
![Page 36: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/36.jpg)
Example 331.8 (continued)
31.36
![Page 37: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/37.jpg)
Example 331.8 (continued)
31.37
![Page 38: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/38.jpg)
31.38
31-3 OTHER ASPECTS OF SECURITY31-3 OTHER ASPECTS OF SECURITY
The cryptography systems that we have studied so far provide confidentiality. However, in modern communication, we need to take care of other aspects of security, such as integrity, message and entity authentication, nonrepudiation, and key management. We briefly discuss these issues in this section.
![Page 39: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/39.jpg)
31.39
331.3.1 Message Integrity331.3.1 Message Integrity
There are occasions where we may not even need secrecy but instead must have integrity: the message should remain unchanged. For example, Alice may write a will to distribute her estate upon her death. The will does not need to be encrypted. After her death, anyone can examine the will. The integrity of the will, however, needs to be preserved. Alice does not want the contents of the will to be changed.
![Page 40: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/40.jpg)
31.40
Figure 331.16: Message and digest
Insecure channel
Channel immune to change
![Page 41: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/41.jpg)
31.41
331.3.2 Message Authentication331.3.2 Message Authentication
A digest can be used to check the integrity of a message—that the message has not been changed. To ensure the integrity of the message and the data origin authentication—that Alice, not somebody else, is the originator of the message—we need to include a secret shared by Alice and Bob (that Eve does not possess) in the process; we need to create a message authentication code (MAC). Figure 331.17 shows the idea.
![Page 42: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/42.jpg)
Figure 10.17: Message authentication code
M + MAC
Insecure channel
31.42
![Page 43: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/43.jpg)
31.43
331.3.3 Digital Signature331.3.3 Digital Signature
Another way to provide message integrity and message authentication (and some more security services, as we will see shortly) is a digital signature. A MAC uses a secret key to protect the digest; a digital signature uses a pair of private-public keys.
![Page 44: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/44.jpg)
31.44
Figure 331.18: Digital signature process
(M, S)
![Page 45: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/45.jpg)
31.45
Figure 331.19: Signing the digest
![Page 46: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/46.jpg)
31.46
Figure 331.20: Using a trusted center for non-repudiation
(M, SA) (M, ST)
![Page 47: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/47.jpg)
31.47
Figure 331.21: The RSA signature on the message digest
![Page 48: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/48.jpg)
31.48
331.3.4 Entity Authentication331.3.4 Entity Authentication
Entity authentication is a technique designed to let one party verify the identity of another party. An entity can be a person, a process, a client, or a server. The entity whose identity needs to be proven is called the claimant; the party that tries to verify the identity of the claimant is called the verifier.
![Page 49: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/49.jpg)
31.49
Figure 331.22: Unidirectional, symmetric-key authentication
![Page 50: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/50.jpg)
31.50
Figure 331.23: Unidirectional, asymmetric-key authentication
![Page 51: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/51.jpg)
31.51
Figure 331.24: Digital signature, unidirectional authentication
![Page 52: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/52.jpg)
31.52
331.3.5 Key Management331.3.5 Key Management
We discussed symmetric-key and asymmetric-key cryptography in the previous sections. However, we have not yet discussed how secret keys in symmetric-key cryptography, and public keys in asymmetric-key cryptography, are distributed and maintained. This section touches on these two issues.
![Page 53: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/53.jpg)
31.53
Figure 331.25: Multiple KDCs
![Page 54: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/54.jpg)
31.54
Figure 331.26: Creating a session key using KDC
![Page 55: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/55.jpg)
31.55
Figure 331.27: Diffie-Hellman method
![Page 56: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/56.jpg)
Example 331.9
Let us give a trivial example to make the procedure clear. Our example uses small numbers, but note that in a real situation, the numbers are very large. Assume that g = 7 and p = 23. The steps are as follows:
31. Alice chooses x = 3 and calculates R1 = 73 mod 23 = 231.
Bob chooses y = 6 and calculates R2 = 76 mod 23 = 4.
2. Alice sends the number 21 to Bob.
31.56
![Page 57: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/57.jpg)
Example 331.9 (continued)
3. Bob sends the number 4 to Alice.
4. Alice calculates the symmetric key K = 43 mod 23 = 18. Bob calculates the symmetric key K = 216 mod 23 = 18.
Conclusion:The value of K is the same for both Alice and Bob; gxy mod p = 718 mod 23 = 18.
31.57
![Page 58: Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display](https://reader033.vdocuments.us/reader033/viewer/2022061416/56649ed25503460f94be2616/html5/thumbnails/58.jpg)
31.58
Figure 331.28: Certification authority