rsa and digital certificates lecture 6 · 2020-08-07 · rsa and digital certificates lecture 6...
TRANSCRIPT
![Page 1: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/1.jpg)
Slide title
In CAPITALS
50 pt
Slide subtitle
32 pt
Muhammad Rizwan Asghar
August 7, 2020
RSA AND DIGITAL CERTIFICATES
Lecture 6
COMPSCI 316
Cyber Security
![Page 2: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/2.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
2
FOCUS OF THIS LECTURE
Understand fundamental theory behind RSA
with examples
Learn RSA construction
Discuss RSA security
Elaborate digital signatures and certificates
Cover certificate validation
![Page 3: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/3.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
3
GREATEST COMMON DIVISOR (GCD)
Form: gcd(a, b), where a and b are integers
gcd is the largest positive integer that divides the
integers without a remainder
Examples
– gcd(4, 8) = 4
Divisors of 4 = 1, 2, 4
Divisors of 8 = 1, 2, 4, 8
– gcd(33, 15) = 3
Divisors of 33 = 1, 3, 11, 33
Divisors of 15 = 1, 3, 5, 15
![Page 4: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/4.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
4
EULER’S PHI FUNCTION
Form: ϕ(n), where n is an integer
An arithmetic function that counts the positive integers
less than or equal to n that are relatively prime to n
If n is a positive integer then ϕ(n) is the number of
integers in the range 1 ≤ k ≤ n for which gcd(k, n)=1
Examples
– ϕ(2) = 1
gcd(1, 2) = 1 (1)
gcd(2, 2) = 2
– ϕ(3) = 2
gcd(1, 3) = 1 (1)
gcd(2, 3) = 1 (2)
gcd(3, 3) = 3
![Page 5: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/5.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
5
MORE EXAMPLES
ϕ(4) = 2
– gcd(1, 4) = 1 (1)
– gcd(2, 4) = 2
– gcd(3, 4) = 1 (2)
– gcd(4, 4) = 4
ϕ(5) = 4
– gcd(1, 5) = 1 (1)
– gcd(2, 5) = 1 (2)
– gcd(3, 5) = 1 (3)
– gcd(4, 5) = 1 (4)
– gcd(5, 5) = 5
ϕ(11) = 10
– gcd(1, 11) = 1 (1)
– gcd(2, 11) = 1 (2)
– gcd(3, 11) = 1 (3)
– gcd(4, 11) = 1 (4)
– gcd(5, 11) = 1 (5)
– gcd(6, 11) = 1 (6)
– gcd(7, 11) = 1 (7)
– gcd(8, 11) = 1 (8)
– gcd(9, 11) = 1 (9)
– gcd(10, 11) = 1 (10)
– gcd(11, 11) = 11
![Page 6: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/6.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
6
EULER’S PHI FUNCTION: PROPERTIES
ϕ(p) = p - 1, where p is a prime number
– Example
ϕ(11) = 10
– Why?
ϕ(pq) = ϕ(p) . ϕ(q), where p and q are coprime
– Example
Let p = 5 and q = 11
ϕ(5 . 11) = ϕ(5) . ϕ(11) = 4 . 10 = 40
![Page 7: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/7.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
7
SAMPLE QUESTION
Compute ϕ(55). Hint: ϕ(55) = ϕ(5) ϕ(11)
a) 40
b) 5
c) 55
d) 6
e) 10
Answer: a
![Page 8: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/8.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
8
RECALL VIGNERE CIPHER
Code letters as numbers (A=0, B=1, …, Z=25)
A + B = 0 + 1 = 1 = B
A + Z = 0 + 25 = 25 = Z
B + Z = 1 + 25 = 26 = ?
![Page 9: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/9.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
9
RECALL VIGNERE CIPHER
Code letters as numbers (A=0, B=1, …, Z=25)
A + B = 0 + 1 = 1 = B
A + Z = 0 + 25 = 25 = Z
B + Z = 1 + 25 = 26 = A
– We know because it is circular
![Page 10: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/10.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
10
IS A=0 OR A=26?
We use modular arithmetic
Mod operator in programming: %
A ≡ 0 (mod 26)
26 ≡ 0 (mod 26)
27 ≡ 1 (mod 26)
![Page 11: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/11.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
11
EULER’S THEOREM
aϕ(p) ≡ 1 (mod p)
where gcd(a, p) = 1
Example
– Let a = 2 and p = 5, where gcd(2, 5) is 1
– ϕ(5) = 4
– 24 (mod 5) ≡ 16 (mod 5) ≡ 1
![Page 12: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/12.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
12
RSA
Invented by Rivest, Shamir, and Adleman in
1978
A public key cryptosystem
Most popular
Patent expired in September 2000
Large keys (1024+ bits)
![Page 13: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/13.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
13
RSA: CRYPTOSYSTEM
Generate two large prime numbers p and q
Public parameter: n = p . q
Calculate: ϕ(n) = ϕ(p) . ϕ(q) = (p - 1) (q - 1)
Choose e and d such that: e . d ≡ 1 (mod ϕ(n))
Public key: e
Private key: d
Message: m
Enc(e, m): c ≡ me (mod n)
Dec (d, c): cd (mod n)
≡ (me)d (mod n) ≡ med (mod ϕ(n)) (mod n) ≡ m1
![Page 14: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/14.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
14
RSA: EXAMPLE
Let p = 3 and q = 11
Public parameter: n = p . q = 3 . 11 = 33
Calculate: ϕ(n) = ϕ(3) . ϕ(11) = 2 . 10 = 20
Choose e and d such that: 3 . 7 ≡ 1 (mod 20)
Public key: e = 3
Private key: d = 7
Message: m = 2
Enc(e, m): c ≡ 23 (mod 33) ≡ 8 (mod 33)
Dec(d, c) : m ≡ 87 (mod 33) ≡ (23)7 (mod 33)
≡ 221 (mod 33) ≡ 220 . 2 (mod 33) ≡ 1 . 2 ≡ 2
![Page 15: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/15.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
15
SAMPLE QUESTION
Consider RSA with n=55, e=3, and d=27. If m=4,
compute c.
a) 9
b) 26
c) 12
d) 56
e) 4
Answer: a
![Page 16: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/16.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
16
RSA SECURITY
Security of RSA is based on integer factorisation
Integer factorisation is same as brute-forcing
What does it mean by x bits RSA key?
– Public parameter n is of x bits: each of p and q is of x/2 bits
The RSA cryptosystem with a key length of 768 bits
can be broken
– Kleinjung, Thorsten, Kazumaro Aoki, Jens Franke, Arjen Lenstra,
Emmanuel Thomé, Joppe Bos, Pierrick Gaudry et al. "Factorization of a
768-bit RSA modulus." In CRYPTO 2010, vol. 6223, pp. 333-350. Springer
Verlag, 2010. Link: http://eprint.iacr.org/2010/006.pdf
A key of size more than 1024 bits is considered secure
![Page 17: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/17.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
17
DIGITAL SIGNATURES
Public key algorithms can be used for digital
signatures
Signature is a hash of message encrypted with
a signing key
– Only signing key holder can create it
– Anyone can check it using verification key
![Page 18: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/18.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
18
RSA: DIGITAL SIGNATURE
Generate two large prime numbers p and q
Public parameter: n = p . q
Calculate: ϕ(n) = ϕ(p) . ϕ(q) = (p - 1) (q - 1)
Choose e and d such that: e . d ≡ 1 (mod ϕ(n))
Verification key: e
Signing key: d
Sign(d, m): S ≡ H(m)d (mod n)
Verify(e, m, S): Check if H(m) ≡ Se (mod n)
or H(m) ≡ (H(m)d)e (mod n)
?
?
![Page 19: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/19.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
19
SIGN VS. ENCRYPT
A cryptosystem (such as RSA) can be used for
signing or encrypting messages
Always use separate keypairs for signing and
encryption
– Otherwise decrypting (hash of) a message is
equivalent to signing that message
![Page 20: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/20.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
20
TO BE CONTINUED
See the next lecture
![Page 21: RSA AND DIGITAL CERTIFICATES Lecture 6 · 2020-08-07 · RSA AND DIGITAL CERTIFICATES Lecture 6 COMPSCI 316 Cyber Security. Top right corner for field customer or partner logotypes](https://reader034.vdocuments.us/reader034/viewer/2022050608/5faf0a9e1979a324157ec254/html5/thumbnails/21.jpg)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
21
Questions?
Thanks for your attention!