is unit 3_public key cryptography
TRANSCRIPT
![Page 1: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/1.jpg)
Chapter 3:Chapter 3:Chapter 3:Chapter 3:----
Public Key Cryptography
By:- Sarthak Patel (www.sarthakpatel.in)
![Page 2: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/2.jpg)
Outline
� Principles Of Public-Key Cryptography
� RSA Algorithm
� Key Management
� Elliptic Curve CryptographyElliptic Curve Cryptography
� Diffie-Hellman Key Exchange
Sarthak Patel (www.sarthakpatel.in)
![Page 3: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/3.jpg)
Classical Cryptography:Secret-Key or Symmetric Cryptography
� Alice and Bob agree on an encryption method and a shared key.
� Alice uses the key and the encryption method to encrypt (or encipher) a message and sends it to Bob.
� Bob uses the same key and the related decryption method to � Bob uses the same key and the related decryption method to decrypt (or decipher) the message.
Sarthak Patel (www.sarthakpatel.in)
![Page 4: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/4.jpg)
Advantages of Classical Cryptography
� There are some very fast classical encryption (and decryption) algorithms
� Since the speed of a method varies with the length of the key, faster algorithms allow one to use longer key values.
� Larger key values make it harder to guess the key value -- and � Larger key values make it harder to guess the key value -- and break the code -- by brute force.
Sarthak Patel (www.sarthakpatel.in)
![Page 5: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/5.jpg)
Disadvantages of Classical Cryptography
� Requires secure transmission of key value
� Requires a separate key for each group of people that wishes to exchange encrypted messages (readable by any group member)� For example, to have a separate key for each pair of people, 100 � For example, to have a separate key for each pair of people, 100 people would need 4950 different keys.
Sarthak Patel (www.sarthakpatel.in)
![Page 6: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/6.jpg)
Public-Key Cryptography: Asymmetric
Cryptography
� Alice generates a key value (usually a number or pair of related numbers) which she makes public.
� Alice uses her public key (and some additional information) to determine a second key (her private key).
� Alice keeps her private key (and the additional information she used to construct it) secret.
Sarthak Patel (www.sarthakpatel.in)
![Page 7: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/7.jpg)
Public-Key Cryptography (continued)
� Bob can use Alice’s public key to encrypt a message for Alice.
� Alice can use her private key to decrypt this message.
� No-one without access to Alice’s private key (or the information used to construct it) can easily decrypt the message.message.
Sarthak Patel (www.sarthakpatel.in)
![Page 8: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/8.jpg)
Private-Key Cryptography� traditional private/secret/single key cryptography uses one key
� Key is shared by both sender and receiver
� if the key is disclosed communications are compromised
� also known as symmetric, both parties are equal � hence does not protect sender from receiver forging a message & claiming is sent by sender
Sarthak Patel (www.sarthakpatel.in)
![Page 9: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/9.jpg)
Public-Key Cryptography� probably most significant advance in the 3000 year history of cryptography
� uses two keys – a public key and a private key
� asymmetric since parties are not equal
� uses clever application of number theory concepts to function
� complements rather than replaces private key cryptography
Sarthak Patel (www.sarthakpatel.in)
![Page 10: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/10.jpg)
Public-Key Cryptography� public-key/two-key/asymmetric cryptography involves the use of two keys: � a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures
� a private-key, known only to the recipient, used to decrypt messages, and sign (create) signaturesmessages, and sign (create) signatures
� is asymmetric because� those who encrypt messages or verify signatures cannotdecrypt messages or create signatures
Sarthak Patel (www.sarthakpatel.in)
![Page 11: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/11.jpg)
Public-Key Cryptography
Sarthak Patel (www.sarthakpatel.in)
![Page 12: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/12.jpg)
Why Public-Key Cryptography?� developed to address two key issues:
� key distribution – how to have secure communications in general without having to trust a KDC with your key
� digital signatures – how to verify a message comes intact from the claimed sender
Sarthak Patel (www.sarthakpatel.in)
![Page 13: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/13.jpg)
Public-Key Characteristics� Public-Key algorithms rely on two keys with the characteristics that it is:� computationally infeasible to find decryption key knowing only algorithm & encryption key
� computationally easy to en/decrypt messages when the relevant (en/decrypt) key is known(en/decrypt) key is known
� either of the two related keys can be used for encryption, with the other used for decryption (in some schemes)
Sarthak Patel (www.sarthakpatel.in)
![Page 14: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/14.jpg)
Public-Key Applications� can classify uses into 3 categories:
� encryption/decryption (provide secrecy)
� digital signatures (provide authentication)
� key exchange (of session keys)
� some algorithms are suitable for all uses, others are specific � some algorithms are suitable for all uses, others are specific to one
Sarthak Patel (www.sarthakpatel.in)
![Page 15: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/15.jpg)
Security of Public Key Schemes� like private key schemes brute force exhaustive searchattack is always theoretically possible
� but keys used are too large (>512bits) � security relies on a large enough difference in difficulty between easy (en/decrypt) and hard (cryptanalyse) between easy (en/decrypt) and hard (cryptanalyse) problems
� more generally the hard problem is known, its just made too hard to do in practise
� requires the use of very large numbers� hence is slow compared to private key schemes
Sarthak Patel (www.sarthakpatel.in)
![Page 16: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/16.jpg)
Difference between Symm/Asymm
Symmetric (Private Key) Asymmetric (Public Key)
Same key for encry/ decry Asymmetric uses both a public and private
key
Very fast encry Slower encry
Key exchange is a big problem No problem at allKey exchange is a big problem No problem at all
Mainly for Encry/ Decry, cannot be used for
digital signature
Can be used for both
More number of keys required Less than Symmetric
Sarthak Patel (www.sarthakpatel.in)
![Page 17: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/17.jpg)
RSA Algorithm� by Rivest, Shamir & Adleman of MIT in 1977
� best known & widely used public-key scheme
� uses large integers (eg. 1024 bits)
� security due to cost of factoring large numbers
Sarthak Patel (www.sarthakpatel.in)
![Page 18: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/18.jpg)
Algorithm1. Choose two large prime number P and Q.2. Calculate N=P*Q3. Select the public key(i.e. encryption key) E such that it is not a
factor of (P-1) and (Q-1)4. Select the private key(i.e. decryption key) D such that
following equation is true:following equation is true:(D*E) mod (P-1) * (Q-1)= 1
5. For encryption calculate the cipher text CT from the PT as : CT= PTE mod N
6. Send CT as the cipher text to the receiver.7. For decryption calculate the cipher text PT from the CT as :
PT= CTD mod N
Sarthak Patel (www.sarthakpatel.in)
![Page 19: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/19.jpg)
RSA Example1. Select primes: p=17 & q=11
2. Compute n = pq =17×11=187
3. Compute ø(n)=(p–1)(q-1)=16×10=160
4. Select e : gcd(e,160)=1; choose e=7
5. Determine d: d*e mod 160=1 and d < 160Value is d=23 since 23×7=161
Sarthak Patel (www.sarthakpatel.in)
![Page 20: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/20.jpg)
RSA Example cont� sample RSA encryption/decryption is:
� given message M = 88 (nb. 88<187)
� encryption:C = 887 mod 187 = 11
� decryption:� decryption:M = 1123 mod 187 = 88
Sarthak Patel (www.sarthakpatel.in)
![Page 21: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/21.jpg)
Diffie-Hellman Key Exchange1. Select two prime numbers: n and g (public)
2. Alice (Sender) chooses another random number x, and calculates A such that: A= gx mod n
3. Alice Sends it to Bob(Receiver)
4. Bob chooses another random number y and calculates B 4. Bob chooses another random number y and calculates B such that: B=gy mod n
5. Bob sends it to Alice
6. K1 = Bx mod n
7. K2 = Ay mod n
Sarthak Patel (www.sarthakpatel.in)
![Page 22: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/22.jpg)
Example for Deffie-Hellman1. n= 11, g=7
2. Let x=3. Then A=73 mod 11= 343 mod 11= 2
3. Alice sends 2 to Bob
4. Let y=6. Then B=76 mod 11= 117649 mod 11=4
Bob sends 4 to Alice5. Bob sends 4 to Alice
6. K1= 43 mod 11= 64 mod 11= 9
7. K2= 26 mod 11= 64 mod 11= 9
Note: K1=K2
Sarthak Patel (www.sarthakpatel.in)
![Page 23: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/23.jpg)
Elliptic Curve Cryptography
� The Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields.fields.
Sarthak Patel (www.sarthakpatel.in)
![Page 24: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/24.jpg)
ECC� An elliptic curve is the set of solutions of an equation of the form
y2 = x3 + ax + b .
Where the co-efficeints a and b are elements of the field and
4a3 + 27b2 ≠ 0. Each value of the 'a' and 'b' gives a different elliptic
curve.
� An equation of this kind can be studied over various mathematical � An equation of this kind can be studied over various mathematical
structures, such as a ring or a field.
� One interesting property of set of solutions of elliptic curve is that it
forms a group which enables us to do Cryptography. The public key is
a point in the curve and the private key is a random number. The
public key is obtained by multiplying the private key with the
generator point G in the curve.
Sarthak Patel (www.sarthakpatel.in)
![Page 25: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/25.jpg)
ECC Diffie-Hellman Key ExchangeGlobal Public Elements
Eq(a,b) – Elliptic curve with parameter a,bG – Point on elliptic curve
User A Key GenerationSelect Private nA
Calculate Public PA PA = nA * G
User B Key Generation
Calculation of Secret Key by User AK = nA * PB
User B Key GenerationSelect Private nB
Calculate Public PB PB = nB * G
Calculation of Secret Key by User BK = nB * PA
Sarthak Patel (www.sarthakpatel.in)
![Page 26: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/26.jpg)
Applications of ECCApplications of ECCApplications of ECCApplications of ECC� Many devices are small and have limited storage and computational power
� Where can we apply ECC?� Wireless communication devices� Smart cards� Smart cards� Web servers that need to handle many encryption sessions� Any application where security is needed but lacks the power, storage and computational power that is necessary for our current cryptosystems
Sarthak Patel (www.sarthakpatel.in)
![Page 27: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/27.jpg)
Benefits of ECCBenefits of ECCBenefits of ECCBenefits of ECC�Same benefits of the other cryptosystems: confidentiality, integrity, authentication and non-repudiation but…
�Shorter key lengths� Encryption, Decryption and Signature Verification speed up
� Storage and bandwidth savings� Storage and bandwidth savings
Sarthak Patel (www.sarthakpatel.in)
![Page 28: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/28.jpg)
Key Management (Key Distribution)
Key Distribution Center (KDC)
IDA || IDB ||N1
InitiatorA
Responder B
E (Kb, [Ks || IDA])
E (Ks, N2)
E (Ks, f(N2))
Sarthak Patel (www.sarthakpatel.in)
![Page 29: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/29.jpg)
Public key Distribution� Public Announcement
� Public Available Directory
� Public Key Authority
� Public Key Certificates
Sarthak Patel (www.sarthakpatel.in)
![Page 30: IS Unit 3_Public Key Cryptography](https://reader031.vdocuments.us/reader031/viewer/2022020122/555ecd46d8b42af67f8b54e2/html5/thumbnails/30.jpg)
THE ENDTHE END
Sarthak Patel (www.sarthakpatel.in)