comm ppt(1)

Key Exchange and Encryption SchemesBased on commutative rings

N.ChandramowliswaranProfessor

Indian Institute of ManagementIndore - India.

Jan 23, 2014

Indore IIM

Cryptography 1

Secret Key Sharing using Finite Groups

Step 1 Let P = 2pr + 1 and Q = 2qs + 1,where P,Q, p and q are very large odd primes(which is kept secret)

Indore IIM

Cryptography 2


Step 2 Let N = PQ

Indore IIM

Cryptography 2


Step 3 Define G = {1 ≤ x ≤ N ∣ (x,N) = 1}

Indore IIM

Cryptography 2


Step 4 Let ×N be the multiplication modulo N.Clearely (G,×N) forms a finite group withO(G) = �(N) = 4prqs

Indore IIM

Cryptography 2


Step 5 Let s (given secret) be the element of G

Indore IIM

Cryptography 2


Step 6 From finite group theory, any mapΨ, g 7−→ gm is always an automorphism of G,if (m,O(G)) = 1

Indore IIM

Cryptography 2


Step 7 Let m = ℓ1 + ℓ2 + ⋅ ⋅ ⋅+ ℓt.Consider s = xm

s = xℓ1+ℓ2+⋅⋅⋅+ℓt

s = xℓ1xℓ2 . . . xℓt

s = y1y2 . . . yt

where yi = xℓi(mod N), 1 ≤ i ≤ t be the individualshare holders.

Indore IIM

Cryptography 2

Let N ≥ 2 be the positive integer

Indore IIM

Cryptography 3

Let R = {(a1, a2, . . . , aN−1, 0) ∣ 0 ≤ ai ≤ N − i, 1 ≤ i ≤ N − 1}

Indore IIM

Cryptography 3

For any x, y ∈ R, x = (x1, x2, . . . , xN−1, 0), y = (y1, y2, . . . , yN−1, 0)then definex ⊕ y =((x1 + y1) mod N, (x2 + y2) mod N − 1, . . . , (xN−1 + yN−1) mod 2, 0)x ⊗ y = ((x1y1) mod N, (x2y2) mod N − 1, . . . , (xN−1yN−1) mod 2, 0)

Indore IIM

Cryptography 3

Theorem 1 R forms a commutative ring with unity with respectto the addition and multiplication defined above, having N!elements.

Indore IIM

Cryptography 4

In this Ring R the unique unity element is (1, 1, 1, . . . , 1, 0). Here1 appears exactly N − 1 times.

Indore IIM

Cryptography 4

The Group of all invertible elements of R = The Unit Group of R= U(R).

Indore IIM

Cryptography 4

Let U(R) = {(a(1,N), a(2,N−1), a(3,N−2), . . . , a(N−1,2) = 1, 0)},Where G.C.D (a(i,N−i+1),N − i + 1) = 1 for alli, i = {1, 2, 3, . . . ,N − 1}. Also 1 ≤ a(i,N−i+1) ≤ N − i, then(R) ∣= �(N)�(N − 1)�(N − 2) . . . �(2).

Indore IIM

Cryptography 4

Definition: Indicator of an element with respect to a subgroupH of a finite group GIf H is a subgroup of a finite group G, then for any element a inG there is an integer n such that an ∈ H. If a is already in H wesimply take n = 1. If a /∈ H we can take n to be the order of a,since an = e ∈ H. However, there may be a smaller positivepower of a which lies in H. By the well ordering principle thereis a smallest positive integer n such that an ∈ H. We can callthis integer the indicator of a in H.

Indore IIM

Cryptography 5

Theorem 2 Let H be a subgroup of a finite abelian group G,where H ∕= G. Choose an element a in G, a /∈ H, and let h bethe indicator of a in H. Then the set of products,K = {xak : x ∈ H and k = 0, 1, 2, . . . , h − 1} is a subgroup of Gwhich contains H. Moreover, the order of K is h times that of H,i.e., ∣ K ∣= h ∣ H ∣ .

Indore IIM

Cryptography 6

Application of this Theorem in Cryptography

Let G be a given finite abelian group such that ∣ G ∣ is known tothe public

Indore IIM

Cryptography 7


Let H be the non-trivial proper (secret) subgroup of G with ∣ H ∣kept secret

Indore IIM

Cryptography 7


Represent the given message m ∕= 1 ∈ G with m /∈ H

Indore IIM

Cryptography 7


Compute the Indicator of m with respect to H = h, kept secret.

Indore IIM

Cryptography 7


Define a subgroup K of G (K is also kept secret)K = {xmk : x ∈ H and k = 0, 1, 2, . . . , h − 1}Then clearly K is a subgroup of G which contains H.∣ K ∣= h ∣ H ∣, ∣ K ∣ is kept secret.m ∈ K

Indore IIM

Cryptography 7


Select an integer � such that G.C.D (� , h ∣ H ∣) = 1

Indore IIM

Cryptography 7


� is given to the public

Indore IIM

Cryptography 7


Now the encryption of the message m is m� ∈ K

Indore IIM

Cryptography 7


Since (�, h ∣ H ∣) = 1, there is a unique � such that�� ≡ 1 (mod h ∣ H ∣)

Indore IIM

Cryptography 7


The decrypted message is m�� ≡ m (mod K)

Indore IIM

Cryptography 7

It is important to note that the map f (g) = g� is anautomorphism of K.

Indore IIM

Cryptography 8

Let G = U(R) be the abelian group

Indore IIM

Cryptography 9

LetH = {(a(1,N), a(2,N−1), a(3,N−2), . . . , a(r,N−r+1) = 1, . . . , a(s,N−s+1) =1,. . . , a(N−1,2) = 1, 0)},

Indore IIM

Cryptography 9

Let K = {x ⊗ mk : x ∈ H and k = 0, 1, 2, . . . , h − 1}

Indore IIM

Cryptography 9

Select a secret message ℓ and choose N such that ℓ ≤ N!− 1

Indore IIM

Cryptography 9

Clearly, ℓ = (p1, p2, . . . , pN−1, 0) where 0 ≤ pi ≤ N − i

Indore IIM

Cryptography 9

Choose a new n-tuple vector v = (q1, q2, . . . , qN−1, 0)

Indore IIM

Cryptography 9

Let m = ℓ⊕ v (m /∈ H)m = ℓ⊕ v = (p1, p2, . . . , pN−1, 0)⊕ (q1, q2, . . . , qN−1, 0)

i.e., ℓ⊕ v = (p1 + q1, p2 + q2, . . . , pN−1 + qN−1, 0) ∈ K

Indore IIM

Cryptography 9

The encryption of the message m is m� ∈ K

Indore IIM

Cryptography 9

Since (�, h ∣ H ∣) = 1, there is a unique � such that�� ≡ 1 (mod h ∣ H ∣)

Indore IIM

Cryptography 9

The decrypted message is m�� ≡ m (mod K)

Indore IIM

Cryptography 9

Proposition 2.1 Let G be any given finite group and let G.C.D(r, ∣ G ∣) = 1. Then the map sending g to gr is always apermutation on G.

Indore IIM

Cryptography 10

Proposition 2.2 If N is a Normal subgroup of finite index in agroup G, and H is subgroup of finite order in G with G.C.D(∣ (G : N) ∣, ∣ H ∣) = 1, then H lies in N ( H is a Subgroup of N).

Indore IIM

Cryptography 10

G,N is given to public key

Indore IIM

Cryptography 11

H and ∣ H ∣ kept Secret

Indore IIM

Cryptography 11

Select a positive integer r (public) with G.C.D (r, ∣ H ∣) = 1

Indore IIM

Cryptography 11

Represent a message m lies in H

Indore IIM

Cryptography 11

Encrypt m as mr (mod H)

Indore IIM

Cryptography 11

REFERENCES

Adi Shamir, (1979), How to share a secret,Communications of the ACM 22 (11) 612-613.

Asmuth, C., Bloom, J.: A modular approach to keysafeguarding. IEEE Trans. inform. Theory, 29 (1983)208U210.

S. Barnard, J.M. Child, Higher Algebra, The Macmillan andCo., 1952.

R. Balakrishnan and K. Ranganathan, A textbook of GraphTheory, Springer, Berlin, 2000.

Indore IIM

Cryptography 12

REFERENCES

Beimel. A, Secret-sharing schemes: a survey, Proceedingsof the Third international conference on Coding andcryptology, Berlin, Heidelberg, 2011, Springer-Verlag,IWCC’11, pages 11-46.

E.R.Berlekamp, Algebraic Coding Theory, NY, McGraw-Hill,1968.

Blakley, G. R. (1979), Safeguarding cryptographic keys,Proceedings of the National Computer Conference 48,313-317.

Indore IIM

Cryptography 13

REFERENCES

I. N. Herstein, Topics in Algebra, 2nd Edition, Wiley, 1975.

Mignotte, M.: How to share a secret. Advances inCryptology U EurocryptŠ82, LNCS, Springer-Verlag, 149(1983) 371-375.

Muralikrishna. P, Srinivasan. S , Chandramowliswaran. N,Secure Schemes for Secret Sharing and Key Distributionusing Pell’s equation, International Journal of Pure andApplied Mathematics, 85 No 5 (2013) 933-937.

Indore IIM

Cryptography 14

REFERENCES

Srinivasan. S, Muralikrishna. P, Chandramowliswaran. N,Authenticated Multiple Key Distribution using SimpleContinued Fraction, International Journal of Pure andApplied Mathematics, 87 No 2 (2013) 349-354.

Ivan Niven, Herbert S. Zuckerman and Hugh L.Montgomery, An Introduction to the Theory of Numbers,John Wiley.

Tom M. Apostol, Introduction to Analytic Number Theory,Springer.

Indore IIM

Cryptography 15

comm ppt(1)

Documents