Rachana Y. Patil

1

10.2

Symmetric and asymmetric-key cryptography will exist Symmetric and asymmetric-key cryptography will exist in parallel and continue to serve the community. We in parallel and continue to serve the community. We actually believe that they are complements of each actually believe that they are complements of each other; the advantages of one can compensate for the other; the advantages of one can compensate for the disadvantages of the other.disadvantages of the other.

Symmetric-key cryptography is based on sharing secrecy;asymmetric-key cryptography is based on personal

secrecy.

10.3

Asymmetric key cryptography uses two separate keys: one private and one public.

Locking and unlocking in asymmetric-key cryptosystem

10.4

General idea of asymmetric-key cryptosystem

10.5

Plaintext/CiphertextUnlike in symmetric-key cryptography, plaintext and ciphertext are treated as integers in asymmetric-key cryptography.

C = f (Kpublic , P) P = g(Kprivate , C)

Encryption/Decryption

07/20/10

The most common public-key algorithm is the The most common public-key algorithm is the RSA cryptosystem, named for its inventors RSA cryptosystem, named for its inventors (Rivest, Shamir, and Adleman).(Rivest, Shamir, and Adleman).

10.7

10.8

Encryption, decryption, and key generation in RSA

10.9

10.10

Encryption

10.11

Decryption

10.12

Example

Bob chooses 7 and 11 as p and q and calculates n = 77. The value of (n) = (7 − 1)(11 − 1) or 60. Now he chooses two exponents, e and d, from Z60 . If he chooses ∗ e to be 13, then d is 37. Note that e × d mod 60 = 1 (they are inverses of each Now imagine that Alice wants to send the plaintext 5 to Bob. She uses the public exponent 13 to encrypt 5.

Bob receives the ciphertext 26 and uses the private key 37 to decipher the ciphertext:

10.13

Bob receives the ciphertext 28 and uses his private key 37 to decipher the ciphertext:

Now assume that another person, John, wants to send a message to Bob. John can use the same public key announced by Bob (probably on his website), 13; John’s plaintext is 63. John calculates the following:

Example

07/20/10

Example

1.n=221 e=5 find d

2. p=19 q=23 e=3 find Ø(n) and d

3. e=17 n=187 find d

4. n=19519 e=17 find d

10.15

Attacks on RSA

10.17

Key Generation

10.18

Encryption

Decryption

10.20

Bob chooses p = 11 and e1 = 2. and d = 3 e2 = e1

d = 8. So the public keys are (2, 8, 11) and the private key is 3. Alice chooses r = 4 and calculates C1 and C2 for the plaintext 7.

Bob receives the ciphertexts (5 and 6) and calculates the plaintext.

07/20/10

Example

In ElGamal,given the prime p=311.Choose an appropriate e1 and d,then calculate e22.Encrypt the plaintext message 5 3.Decrypt the ciphertext to obtain the plaintext

SYMMETRIC-KEY AGREEMENTSYMMETRIC-KEY AGREEMENT

Alice and Bob can create a session key between Alice and Bob can create a session key between themselves. This method of session-key creation is themselves. This method of session-key creation is referred to as the symmetric-key agreement. referred to as the symmetric-key agreement.

Diffie-Hellman Key Agreement

The symmetric (shared) key in the Diffie-Hellman method is K = gxy mod p.

Note

Assume that g = 7 and p = 23. The steps are as follows:

Example

1. Alice chooses x = 3 and calculates R1 = 73 mod 23 = 21.2. Bob chooses y = 6 and calculates R2 = 76 mod 23 = 4.3. Alice sends the number 21 to Bob.4. Bob sends the number 4 to Alice.5. Alice calculates the symmetric key K = 43 mod 23 = 18.6. Bob calculates the symmetric key K = 216 mod 23 = 18.7. The value of K is the same for both Alice and Bob;

gxy mod p = 718 mod 35 = 18.

Alice and Bob decide to use diffie hellman key exchangeprotocol To agree upon a common key, they choose p=13 andg=2.Each chooses his own secret number and exchange thenumbers 6 and 11.

1. What will be the common secret key they derived?2. What are their secret numbers?3. Can intruder M gain any knowledge from the protocol

run if he sees P,g and the two public key 6 and 11? If yes show how

Example

Digital SignatureDigital Signature

• The sender uses a signing algorithm to sign the message.The sender uses a signing algorithm to sign the message.

• The message and the signature are sent to the receiver. The message and the signature are sent to the receiver.

• The receiver receives the message and the signature andThe receiver receives the message and the signature and

applies the verifying algorithm to the combination.applies the verifying algorithm to the combination.

• If the result is true, the message is accepted; otherwise, it is If the result is true, the message is accepted; otherwise, it is

rejected.rejected.

The digital signature process.The digital signature process.

The digital signature process.The digital signature process.

13.29

Need for Keys

A digital signature needs a public-key system.The signer signs with her private key; the verifier

verifies with the signer’s public key.

Note

13.30

A cryptosystem uses the private and public keys of the receiver: a digital signature uses

the private and public keys of the sender.

Note

13.31

DIGITAL SIGNATURE SCHEMES

Several digital signature schemes have evolved during Several digital signature schemes have evolved during the last few decades. Some of them have been the last few decades. Some of them have been implemented. implemented.

13.32

RSA Digital Signature Scheme

13.33

Key GenerationKey generation in the RSA digital signature scheme is exactly the same as key generation in the RSA

In the RSA digital signature scheme, d is private; e and n are public.

Note

13.34

Signing and Verifying

RSA digital signature scheme

07/20/10

Example

Alice selects n=221 and e=15.Find Private key of Alice. If Alice wants to send message M=11 to Bob. CalculateThe Signature and show Bob canVerify the message.

13.36

ElGamal Digital Signature Scheme

General idea behind the ElGamal digital signature scheme

13.37

Key GenerationThe key generation procedure here is exactly the same as the one used in the cryptosystem.

In ElGamal digital signature scheme, (e1, e2, p) is Alice’s public key; d is her private key.

Note

13.38

Verifying and Signing

ElGamal digital signature scheme

Example

• Bob chooses p=11,e1=2,r=9,d=8 and sign message M=5 using Elgamal digital signature scheme. Calculate s1 and s2 and show how Alice can verify the signature

• Alice chooses p=23,e1=5,d=3 a random number 9 and sign message M=7 before sending it to bob. Calculate s1 and s2 and show how bob can verify the signature.

07/20/10