SlideShare a Scribd company logo

Public Key Algorithms

Download as PPTX, PDF
Bit Hacker
Bit Hacker

This document provides an overview of various topics in number theory and cryptography including: modular arithmetic, Euclid's algorithm, the Chinese remainder theorem, Euler's theorem, Fermat's theorem, RSA public key encryption, Diffie-Hellman key exchange, the Digital Signature Standard (DSS), elliptic curve cryptography, and zero-knowledge proof systems. It also provides examples of applying these concepts and discusses some attacks against cryptosystems like RSA.

EducationTechnology
1 of 32
Imran Raza
Overview  Number Theory  Public key encryption  Modular Arithmetic  Euclid’s Algorithm  Chinese Remainder Theorem  Euler's Theorem  Fermat's Theorem  RSA Public Key Encryption
Public Key Encryption  Invented in 1975 by Diffie and Hellman  Encrypted_Message = Encrypt(Key1, Message)  Message = Decrypt(Key2, Encrypted_Message)
Public Key Encryption Example  Rivest, Shamir, and Adleman  RSA: Encrypted_Message = m3 mod 187  Message = Encrypted_Message107 mod 187  Key1 = <3,187>, Key2 = <107,187>  Message = 5  Encrypted Message = 53 = 125  Message = 125107 mod 187 = 5 = 125(64+32+8+2+1) mod 187 = {(12564 mod 187)(12532 mod 187)...  (1252 mod 187)(125 mod 187)} mod 187
Modular Arithmetic  Modular Addition  Additive Inverse : additive inverse of x is a number that you’d have to add to x to get 0.  Example: 4’s inverse will be 6
Modular Multiplication  Multiplicative Inverse: multiplicative inverse of x is written as x-1, is the number by which you’d multiply x to get 1.  Example: 7 is the multiplicative inverse of 3. only {1,3,7,9} have multiplicative inverse.
Modular Arithmetic (Cont.)  xy mod m = (x mod m) (y mod m) mod m  x4 mod m = (x2 mod m)(x2 mod m) mod m  xij mod m = (xi mod m)j mod m  125 mod 187 = 125  1252 mod 187 = 15625 mod 187 = 104  1254 mod 187 = (1252 mod 187)2 mod 187 = 1042 mod 187 = 10816 mod 187 = 157  1258 mod 187 = 1572 mod 187 = 152  12516 mod 187 = 1522 mod 187 = 103  12532 mod 187 = 1032 mod 187 = 137  12564 mod 187 = 1372 mod 187 = 69  12564+32+8+2+1 mod 187 = 69×137×152×104×125 mod 187  = 18679128000 mod 187 = 5
Definitions  Co-Prime = Relatively Prime: x and y are relatively prime if gcd(x,y)=1  Example: 6, 11  Smooth Number = Product of small primes
Euclid's Algorithm  Used to find greatest common divisor  Example: gcd(10,25)=5 using long division  10) 25 (2 20 -- 5)10 (2 10 -- 00
Euclid's Algorithm: Tabular Method  ri = ui x + vi y  ui = ui-2 - qi ui-1  vi = vi-2 - qi vi-1  Finally, If ri = 0, gcd(x,y) = ri-1
Chinese Remainder Theorem  The solution to the following equations: x = a1 mod n1 x = a2 mod n2 x = ak mod nk where n1, n2, ... , nk are relatively prime is found as follows: N = n1 n2 ... nk Ni = N/ni Find si such that ri ni + si Ni = 1 Let ei = si Ni, then x = Σki ai ei mod N
Chinese Remainder Theorem (Cont)  Example: Solve the equations:  x = 3 mod 6  x = 6 mod 7  x = 10 mod 11  N= 6 × 7 × 11 = 462 gcd(6,77): 13 × 6 - 1 × 77=1 ⇒ e_1 = -77  gcd(7,66): 19 × 7-2 × 66=1 ⇒ e_2 = -132  gcd(11,42): -19 × 11+5 × 42 ⇒ e_3 = 210   x = 3 ×(-77) + 6 ×(-132) + 10 × 210 = -231 - 792 + 2100 = 1077 mod 462 = 153
Euler's Totient Function  Zn = Set of all numbers mod n = {0, 1, 2, ., n-1}  Zn* = Set of all numbers relatively primes to n  Φ(n) = Number of elements in Zn*  If n is prime, Φ(n)=n-1  Example: Z10={0, 1, 2, 3, ..., 9} Z10* = {1, 3, 7, 9} Φ(10)=4
Euler's Theorem  For all a ∈ Zn* aΦ(n) = 1 mod n  For all a ∈ Zn* a(kΦ(n)+1) = a mod n  Examples:  z10* = {1, 3, 7, 9}  Φ(10)=4  14 mod 10 = 1  34 mod 10 = 1  74 mod 10 = 1  94 mod 10 = 1
Fermat's Theorem  If p is prime and 0<a<p, ap-1 mod p = 1  Example:  26 mod 7 = 64 mod 7 = 1  34 mod 5 = 81 mod 5 = 1  ap-1 mod p = 1 for all a ≠> p is prime  Example: 561 = 3 × 11 × 17
Miller and Rabin Method Prime Test  Express n-1 as 2bc where c is odd.  Pick a random a.  an-1 = a2bc = (ac)2b  Compute ac mod n  Square it b times: a2c, a4c, a8c, ..., a{2b}c If the final result is not one ⇒ n is not a prime   If any of the intermediate results is 1, check if the previous number is ± 1.  If ± 1 then n is potentially prime.  Pick another a and try again.
RSA Public Key Encryption  Ron Rivest, Adi Shamir, and Len Adleman at MIT 1978  Both plain text M and cipher text C are integers between 0 and n-1.  Key 1 = {e, n}, Key 2 = {d, n}  C = Me mod n M = Cd mod n  How to construct keys: Select two large primes: p, q, p ≠ q  n = p×q  Calculate Euler’s Totient Fn Φ(n) = (p-1)(q-1)  Select e relatively prime to Φ⇒ gcd(Φ, e) = 1; 0 < e < Φ  Calculate d = inverse of e mod Φ⇒de mod Φ = 1  Euler.s Theorem: xed = xkΦ(n)+1 = x mod n 
RSA Key Construction: Example  Select two large primes: p, q, p ≠ q p = 17, q = 11  n = p×q = 17×11 = 187  Calculate Φ = (p-1)(q-1) = 16x10 = 160  Select e, such that lcd(Φ, e) = 1; 0 < e < Φ say, e = 7  Calculate d such that de mod Φ = 1  160k+1 = 161, 321, 481, 641  Check which of these is divisible by 7  161 is divisible by 7 giving d = 161/7 = 23  Key 1 = {7, 187}, Key 2 = {23, 187}
RSA Issues  RSA is computationally intense.  Commonly used key lengths are 512 bits  The plain text should be smaller than the key length  The encrypted text is same size as the key length  Generally used to encrypt secret keys.  Basis: Factoring a big number is hard
Finding d and e  de = 1 mod Φ(n)  Select e first, e.g., e=21+1 or 216+1  Find inverse of e using Euler’s algorithm  The public key can be small.  The private key should be large. ⇒ Don’t select d=3.  Both d and n are 512 bit (150 digits) numbers.
Attacks on RSA  Smooth Number Attack:  If you sign m1 and m2  S1 = md mod n 1  S2 = m2 mod n d  Attacker can sign m1m2, m1/m2, m1 , m1jm2 2 k  Easy to do if mi’s are small (smooth) numbers.  Cube Root Problem of RSA  If public exponent e=3:  hde mod n = h  hd mod n = h1/3  Simply compute h1/3 mod n
Public-Key Cryptography Standards  RSA Inc developed standards on how to use public key cryptography  Specify encoding of keys, signatures, etc.  PKCS #1: Formatting a message for RSA encryption  First octet = 0  Second Octet = Format Type. 2 ⇒ Encryption  Random non-zero padding ⇒ cipher is different  Zero ends the padding
Million Message Attack on RSA  In SSL if padding is incorrect, some Servers send quot;Incorrect Paddingquot; error  Attacker sends random variations until server accepts (decrypted message begins with 02)  Would need 216 tries to get the correct 16 bits  PKCS#1 Rev 2 fixes this problem.  Not sending error message is easier fix.
Diffie-Hellman Key Agreement  Allows two party to agree on a secret key using a public channel  Eavesdropper can see T_A, g, p but cannot compute S_A  Computing S_A requires discrete logarithm – a difficult problem
Diffie-Hellman (Cont)  Example: g=5, p=19  A selects 6 and sends 56 mod 19 = 7  B selects 7 and sends 57 mod 19 = 16  A computes K = 166 mod 19 = 7  B computes K = 77 mod 19 = 7
Man-in-Middle Attack on Diffie- Hellman  Diffie-Hellman does not provide authentication  You can use RSA authentication and other alternatives
Digital Signature Standard  FIPS 186 in 1991, 186-1 in 1993, 186-2 in 2000.  A variation of ElGamal signature  Choose a hash. Default = SHA-1  Select a key size L: multiple of 64 between 512 to 1024.  186-2 requires 1024.  186-3 recommends 2048 or 3072 for lifetimes beyond 2010. 1. Algorithm Parameters:  Choose a prime q with the same number of bits as hash  Select a L-bit prime p such that p-1 is a multiple of q  Select a generator g such that gq = 1 mod p  This can be done by g=h(p-1)/q mod p for some arbitrary h  1<h<p-1.  Algorithm parameters (p, q, g) may be shared among users.
DSS (Cont) 2. User Keys: public and private key for a user  Choose S randomly 0 <S <p  T = gS mod p  Public key is (p, q, g, T). Private key is S. 3. Signing: Generate per message key Sm, 0<Sm<q  Tm = (gSm mod p) mod q  Compute Sm-1 mod q  Calculate message digest dm  Signature X = Sm-1 (dm + STm) mod q  Transmit message m, per message public number Tm, and signature X
DSS (Cont) 4. Verification:  Calculate inverse of signature X-1 mod q  Calculate message digest dm  Calculate x = dm X-1 mod q  y = Tm x-1 mod q  z = (gx . Tymod p)mod q  If z = Tm then signature is verified.
DSS Insecurity  <p, q, g> is shared.  Anyone who breaks <p, q, g> can break all the users sharing it.  Slower than RSA with e=3
Elliptic Curve Cryptography (ECC)  Based on algebraic structure of elliptic curves over finite fields  Elliptic curve is a plane curve  y2 +axy+by = x3 +cx2+d x +e  The set of points on the curve along with the point at infinity form a set over which operations similar to modular arithmetic can be defined.  ECC is still exponential difficulty and so key lengths can be shorter.
Zero-Knowledge Proof Systems  The verifier can verify that you possess the secret but gets no knowledge of the secret.  In graph theory, if you know Hamiltonian cycle of a large graph you can easily generate isomorphic graphs.

Recommended

Rsa algorithm key generation
Rsa algorithm key generation Rsa algorithm key generation
Rsa algorithm key generation swarnapatil
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHMSathish Kumar
 
1524 elliptic curve cryptography
1524 elliptic curve cryptography1524 elliptic curve cryptography
1524 elliptic curve cryptographyDr Fereidoun Dejahang
 
RSA
RSARSA
RSAbansidhar11
 
Cryptography using rsa cryptosystem
Cryptography using rsa cryptosystemCryptography using rsa cryptosystem
Cryptography using rsa cryptosystemSamdish Arora
 
ECDSA/EdDSA
ECDSA/EdDSAECDSA/EdDSA
ECDSA/EdDSAJacobBrazeal
 
Presentation about RSA
Presentation about RSAPresentation about RSA
Presentation about RSASrilal Buddika
 
Elliptic Curves in Cryptography
Elliptic Curves in CryptographyElliptic Curves in Cryptography
Elliptic Curves in CryptographyCSNP
 

Recommended

Rsa algorithm key generation
Rsa algorithm key generation Rsa algorithm key generation
Rsa algorithm key generation swarnapatil
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHMSathish Kumar
 
1524 elliptic curve cryptography
1524 elliptic curve cryptography1524 elliptic curve cryptography
1524 elliptic curve cryptographyDr Fereidoun Dejahang
 
RSA
RSARSA
RSAbansidhar11
 
Cryptography using rsa cryptosystem
Cryptography using rsa cryptosystemCryptography using rsa cryptosystem
Cryptography using rsa cryptosystemSamdish Arora
 
ECDSA/EdDSA
ECDSA/EdDSAECDSA/EdDSA
ECDSA/EdDSAJacobBrazeal
 
Presentation about RSA
Presentation about RSAPresentation about RSA
Presentation about RSASrilal Buddika
 
Elliptic Curves in Cryptography
Elliptic Curves in CryptographyElliptic Curves in Cryptography
Elliptic Curves in CryptographyCSNP
 
Broadcasting and low exponent rsa attack
Broadcasting and low exponent rsa attackBroadcasting and low exponent rsa attack
Broadcasting and low exponent rsa attackAnkita Kapratwar
 
Number Theory In Cryptography
Number Theory In CryptographyNumber Theory In Cryptography
Number Theory In CryptographyAadya Vatsa
 
The rsa algorithm
The rsa algorithmThe rsa algorithm
The rsa algorithmKomal Singh
 
Demystifying Zero Knowledge Proofs [FINAL].pptx
Demystifying Zero Knowledge Proofs [FINAL].pptxDemystifying Zero Knowledge Proofs [FINAL].pptx
Demystifying Zero Knowledge Proofs [FINAL].pptxRedWhite12
 
Elliptic Curve Cryptography Message Exchange
Elliptic Curve Cryptography Message ExchangeElliptic Curve Cryptography Message Exchange
Elliptic Curve Cryptography Message ExchangeJacopoMariaValtorta
 
RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE
RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE
RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE Qualcomm
 
RSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyRSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyMd. Shafiul Alam Sagor
 
The rsa algorithm JooSeok Song
The rsa algorithm JooSeok SongThe rsa algorithm JooSeok Song
The rsa algorithm JooSeok SongInformation Security Awareness Group
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithmSunita Kharayat
 
RSA algorithm
RSA algorithmRSA algorithm
RSA algorithmArpana shree
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric CryptographyUTD Computer Security Group
 
Rsa Crptosystem
Rsa CrptosystemRsa Crptosystem
Rsa CrptosystemAmlan Patel
 
Computer Security Lecture 7: RSA
Computer Security Lecture 7: RSAComputer Security Lecture 7: RSA
Computer Security Lecture 7: RSAMohamed Loey
 
One-Time Pad Encryption
One-Time Pad EncryptionOne-Time Pad Encryption
One-Time Pad EncryptionCharles Southerland
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA AlgorithmSrinadh Muvva
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHMShashank Shetty
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationsarhadisoftengg
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesJanani S
 
hill cipher
hill cipherhill cipher
hill ciphervishnukp34
 
Prime
PrimePrime
Primeprerna115
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key CryptographyGopal Sakarkar
 

More Related Content

What's hot

Broadcasting and low exponent rsa attack
Broadcasting and low exponent rsa attackBroadcasting and low exponent rsa attack
Broadcasting and low exponent rsa attackAnkita Kapratwar
 
Number Theory In Cryptography
Number Theory In CryptographyNumber Theory In Cryptography
Number Theory In CryptographyAadya Vatsa
 
The rsa algorithm
The rsa algorithmThe rsa algorithm
The rsa algorithmKomal Singh
 
Demystifying Zero Knowledge Proofs [FINAL].pptx
Demystifying Zero Knowledge Proofs [FINAL].pptxDemystifying Zero Knowledge Proofs [FINAL].pptx
Demystifying Zero Knowledge Proofs [FINAL].pptxRedWhite12
 
Elliptic Curve Cryptography Message Exchange
Elliptic Curve Cryptography Message ExchangeElliptic Curve Cryptography Message Exchange
Elliptic Curve Cryptography Message ExchangeJacopoMariaValtorta
 
RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE
RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE
RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE Qualcomm
 
RSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyRSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyMd. Shafiul Alam Sagor
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithmSunita Kharayat
 
Computer Security Lecture 7: RSA
Computer Security Lecture 7: RSAComputer Security Lecture 7: RSA
Computer Security Lecture 7: RSAMohamed Loey
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationsarhadisoftengg
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesJanani S
 

What's hot (20)

Broadcasting and low exponent rsa attack
Broadcasting and low exponent rsa attackBroadcasting and low exponent rsa attack
Broadcasting and low exponent rsa attack
 
Number Theory In Cryptography
Number Theory In CryptographyNumber Theory In Cryptography
Number Theory In Cryptography
 
The rsa algorithm
The rsa algorithmThe rsa algorithm
The rsa algorithm
 
Demystifying Zero Knowledge Proofs [FINAL].pptx
Demystifying Zero Knowledge Proofs [FINAL].pptxDemystifying Zero Knowledge Proofs [FINAL].pptx
Demystifying Zero Knowledge Proofs [FINAL].pptx
 
Elliptic Curve Cryptography Message Exchange
Elliptic Curve Cryptography Message ExchangeElliptic Curve Cryptography Message Exchange
Elliptic Curve Cryptography Message Exchange
 
RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE
RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE
RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE
 
RSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyRSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key Cryptography
 
The rsa algorithm JooSeok Song
The rsa algorithm JooSeok SongThe rsa algorithm JooSeok Song
The rsa algorithm JooSeok Song
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithm
 
RSA algorithm
RSA algorithmRSA algorithm
RSA algorithm
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric Cryptography
 
Rsa Crptosystem
Rsa CrptosystemRsa Crptosystem
Rsa Crptosystem
 
Computer Security Lecture 7: RSA
Computer Security Lecture 7: RSAComputer Security Lecture 7: RSA
Computer Security Lecture 7: RSA
 
One-Time Pad Encryption
One-Time Pad EncryptionOne-Time Pad Encryption
One-Time Pad Encryption
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA Algorithm
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentation
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
hill cipher
hill cipherhill cipher
hill cipher
 

Viewers also liked

Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key CryptographyGopal Sakarkar
 
Hashing Technique In Data Structures
Hashing Technique In Data StructuresHashing Technique In Data Structures
Hashing Technique In Data StructuresSHAKOOR AB
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and CryptographyAdam Reagan
 
Linear cong slide 2
Linear cong slide 2Linear cong slide 2
Linear cong slide 2Vi Aspe
 
Complex numbers, neeton's method and fractals
Complex numbers, neeton's method and fractalsComplex numbers, neeton's method and fractals
Complex numbers, neeton's method and fractalsannalf
 
1. Evidencia CONCEPTOS GENERALES DE DIVERSIDAD CULTURAL E INTERCULTURALIDAD
1. Evidencia CONCEPTOS GENERALES DE DIVERSIDAD CULTURAL E INTERCULTURALIDAD1. Evidencia CONCEPTOS GENERALES DE DIVERSIDAD CULTURAL E INTERCULTURALIDAD
1. Evidencia CONCEPTOS GENERALES DE DIVERSIDAD CULTURAL E INTERCULTURALIDADJAQUI NARVAEZ
 
Birthday Paradox explained
Birthday Paradox explainedBirthday Paradox explained
Birthday Paradox explainedSajith Ekanayaka
 
Sigma Protocols and Zero Knowledge
Sigma Protocols and Zero KnowledgeSigma Protocols and Zero Knowledge
Sigma Protocols and Zero KnowledgeAlex Chepurnoy
 
Fractal Geometry Course
Fractal Geometry CourseFractal Geometry Course
Fractal Geometry CourseMartin Turner
 
Artificial intelligence- Logic Agents
Artificial intelligence- Logic AgentsArtificial intelligence- Logic Agents
Artificial intelligence- Logic AgentsNuruzzaman Milon
 
Cryptography and Voting
Cryptography and VotingCryptography and Voting
Cryptography and VotingBen Adida
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve CryptographyKelly Bresnahan
 
Multimedia networking
Multimedia networkingMultimedia networking
Multimedia networkingKikima Jimmy
 

Viewers also liked (20)

Prime
PrimePrime
Prime
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key Cryptography
 
Public key cryptography and RSA
Public key cryptography and RSAPublic key cryptography and RSA
Public key cryptography and RSA
 
Hashing Technique In Data Structures
Hashing Technique In Data StructuresHashing Technique In Data Structures
Hashing Technique In Data Structures
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
 
Crt
CrtCrt
Crt
 
Linear cong slide 2
Linear cong slide 2Linear cong slide 2
Linear cong slide 2
 
Complex numbers, neeton's method and fractals
Complex numbers, neeton's method and fractalsComplex numbers, neeton's method and fractals
Complex numbers, neeton's method and fractals
 
1. Evidencia CONCEPTOS GENERALES DE DIVERSIDAD CULTURAL E INTERCULTURALIDAD
1. Evidencia CONCEPTOS GENERALES DE DIVERSIDAD CULTURAL E INTERCULTURALIDAD1. Evidencia CONCEPTOS GENERALES DE DIVERSIDAD CULTURAL E INTERCULTURALIDAD
1. Evidencia CONCEPTOS GENERALES DE DIVERSIDAD CULTURAL E INTERCULTURALIDAD
 
Birthday Paradox explained
Birthday Paradox explainedBirthday Paradox explained
Birthday Paradox explained
 
3
33
3
 
Bitcoin
BitcoinBitcoin
Bitcoin
 
fractals
fractalsfractals
fractals
 
Sigma Protocols and Zero Knowledge
Sigma Protocols and Zero KnowledgeSigma Protocols and Zero Knowledge
Sigma Protocols and Zero Knowledge
 
Fractal Geometry Course
Fractal Geometry CourseFractal Geometry Course
Fractal Geometry Course
 
Artificial intelligence- Logic Agents
Artificial intelligence- Logic AgentsArtificial intelligence- Logic Agents
Artificial intelligence- Logic Agents
 
Cryptography and Voting
Cryptography and VotingCryptography and Voting
Cryptography and Voting
 
Ch06
Ch06Ch06
Ch06
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve Cryptography
 
Multimedia networking
Multimedia networkingMultimedia networking
Multimedia networking
 

Similar to Public Key Algorithms

RSA Algorithm.ppt
RSA Algorithm.pptRSA Algorithm.ppt
RSA Algorithm.pptArchanaT30
 
Public-Key Cryptography.pdfWrite the result of the following operation with t...
Public-Key Cryptography.pdfWrite the result of the following operation with t...Public-Key Cryptography.pdfWrite the result of the following operation with t...
Public-Key Cryptography.pdfWrite the result of the following operation with t...FahmiOlayah
 
Microsoft Word Hw#3
Microsoft Word Hw#3Microsoft Word Hw#3
Microsoft Word Hw#3kkkseld
 
RSA & MD5 algorithm
RSA & MD5 algorithmRSA & MD5 algorithm
RSA & MD5 algorithmSiva Rushi
 
14-applications-of-number-theory.ppt
14-applications-of-number-theory.ppt14-applications-of-number-theory.ppt
14-applications-of-number-theory.pptIdcIdk1
 
Information and network security 33 rsa algorithm
Information and network security 33 rsa algorithmInformation and network security 33 rsa algorithm
Information and network security 33 rsa algorithmVaibhav Khanna
 
Simple Overview Caesar and RSA Encryption_by_Tarek_Gaber
Simple Overview Caesar and RSA Encryption_by_Tarek_GaberSimple Overview Caesar and RSA Encryption_by_Tarek_Gaber
Simple Overview Caesar and RSA Encryption_by_Tarek_GaberTarek Gaber
 
Signyourd digital signature certificate provider
Signyourd digital signature certificate providerSignyourd digital signature certificate provider
Signyourd digital signature certificate providerKishankant Yadav
 
HW 5-RSAascii2str.mfunction str = ascii2str(ascii) .docx
HW 5-RSAascii2str.mfunction str = ascii2str(ascii) .docxHW 5-RSAascii2str.mfunction str = ascii2str(ascii) .docx
HW 5-RSAascii2str.mfunction str = ascii2str(ascii) .docxwellesleyterresa
 
On the Secrecy of RSA Private Keys
On the Secrecy of RSA Private KeysOn the Secrecy of RSA Private Keys
On the Secrecy of RSA Private KeysDharmalingam Ganesan
 

Similar to Public Key Algorithms (20)

RSA Algorithm.ppt
RSA Algorithm.pptRSA Algorithm.ppt
RSA Algorithm.ppt
 
Public-Key Cryptography.pdfWrite the result of the following operation with t...
Public-Key Cryptography.pdfWrite the result of the following operation with t...Public-Key Cryptography.pdfWrite the result of the following operation with t...
Public-Key Cryptography.pdfWrite the result of the following operation with t...
 
Microsoft Word Hw#3
Microsoft Word Hw#3Microsoft Word Hw#3
Microsoft Word Hw#3
 
RSA & MD5 algorithm
RSA & MD5 algorithmRSA & MD5 algorithm
RSA & MD5 algorithm
 
MFCS-17.ppt
MFCS-17.pptMFCS-17.ppt
MFCS-17.ppt
 
14-applications-of-number-theory.ppt
14-applications-of-number-theory.ppt14-applications-of-number-theory.ppt
14-applications-of-number-theory.ppt
 
Ntewrok secuirty cs7
Ntewrok secuirty cs7Ntewrok secuirty cs7
Ntewrok secuirty cs7
 
Information and network security 33 rsa algorithm
Information and network security 33 rsa algorithmInformation and network security 33 rsa algorithm
Information and network security 33 rsa algorithm
 
Rsa cryptosystem
Rsa cryptosystemRsa cryptosystem
Rsa cryptosystem
 
Simple Overview Caesar and RSA Encryption_by_Tarek_Gaber
Simple Overview Caesar and RSA Encryption_by_Tarek_GaberSimple Overview Caesar and RSA Encryption_by_Tarek_Gaber
Simple Overview Caesar and RSA Encryption_by_Tarek_Gaber
 
Lecture6 rsa
Lecture6 rsaLecture6 rsa
Lecture6 rsa
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
RSA
RSARSA
RSA
 
Signyourd digital signature certificate provider
Signyourd digital signature certificate providerSignyourd digital signature certificate provider
Signyourd digital signature certificate provider
 
The rsa algorithm
The rsa algorithmThe rsa algorithm
The rsa algorithm
 
The rsa algorithm
The rsa algorithmThe rsa algorithm
The rsa algorithm
 
HW 5-RSAascii2str.mfunction str = ascii2str(ascii) .docx
HW 5-RSAascii2str.mfunction str = ascii2str(ascii) .docxHW 5-RSAascii2str.mfunction str = ascii2str(ascii) .docx
HW 5-RSAascii2str.mfunction str = ascii2str(ascii) .docx
 
Rsa documentation
Rsa documentationRsa documentation
Rsa documentation
 
On the Secrecy of RSA Private Keys
On the Secrecy of RSA Private KeysOn the Secrecy of RSA Private Keys
On the Secrecy of RSA Private Keys
 

Recently uploaded

APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfChris Hunter
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfSanaAli374401
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxVishalSingh1417
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxAreebaZafar22
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxPoojaSen20
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesCeline George
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 

Recently uploaded (20)

APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 

Public Key Algorithms

  • 2. Overview  Number Theory  Public key encryption  Modular Arithmetic  Euclid’s Algorithm  Chinese Remainder Theorem  Euler's Theorem  Fermat's Theorem  RSA Public Key Encryption
  • 3. Public Key Encryption  Invented in 1975 by Diffie and Hellman  Encrypted_Message = Encrypt(Key1, Message)  Message = Decrypt(Key2, Encrypted_Message)
  • 4. Public Key Encryption Example  Rivest, Shamir, and Adleman  RSA: Encrypted_Message = m3 mod 187  Message = Encrypted_Message107 mod 187  Key1 = <3,187>, Key2 = <107,187>  Message = 5  Encrypted Message = 53 = 125  Message = 125107 mod 187 = 5 = 125(64+32+8+2+1) mod 187 = {(12564 mod 187)(12532 mod 187)...  (1252 mod 187)(125 mod 187)} mod 187
  • 5. Modular Arithmetic  Modular Addition  Additive Inverse : additive inverse of x is a number that you’d have to add to x to get 0.  Example: 4’s inverse will be 6
  • 6. Modular Multiplication  Multiplicative Inverse: multiplicative inverse of x is written as x-1, is the number by which you’d multiply x to get 1.  Example: 7 is the multiplicative inverse of 3. only {1,3,7,9} have multiplicative inverse.
  • 7. Modular Arithmetic (Cont.)  xy mod m = (x mod m) (y mod m) mod m  x4 mod m = (x2 mod m)(x2 mod m) mod m  xij mod m = (xi mod m)j mod m  125 mod 187 = 125  1252 mod 187 = 15625 mod 187 = 104  1254 mod 187 = (1252 mod 187)2 mod 187 = 1042 mod 187 = 10816 mod 187 = 157  1258 mod 187 = 1572 mod 187 = 152  12516 mod 187 = 1522 mod 187 = 103  12532 mod 187 = 1032 mod 187 = 137  12564 mod 187 = 1372 mod 187 = 69  12564+32+8+2+1 mod 187 = 69×137×152×104×125 mod 187  = 18679128000 mod 187 = 5
  • 8. Definitions  Co-Prime = Relatively Prime: x and y are relatively prime if gcd(x,y)=1  Example: 6, 11  Smooth Number = Product of small primes
  • 9. Euclid's Algorithm  Used to find greatest common divisor  Example: gcd(10,25)=5 using long division  10) 25 (2 20 -- 5)10 (2 10 -- 00
  • 10. Euclid's Algorithm: Tabular Method  ri = ui x + vi y  ui = ui-2 - qi ui-1  vi = vi-2 - qi vi-1  Finally, If ri = 0, gcd(x,y) = ri-1
  • 11. Chinese Remainder Theorem  The solution to the following equations: x = a1 mod n1 x = a2 mod n2 x = ak mod nk where n1, n2, ... , nk are relatively prime is found as follows: N = n1 n2 ... nk Ni = N/ni Find si such that ri ni + si Ni = 1 Let ei = si Ni, then x = Σki ai ei mod N
  • 12. Chinese Remainder Theorem (Cont)  Example: Solve the equations:  x = 3 mod 6  x = 6 mod 7  x = 10 mod 11  N= 6 × 7 × 11 = 462 gcd(6,77): 13 × 6 - 1 × 77=1 ⇒ e_1 = -77  gcd(7,66): 19 × 7-2 × 66=1 ⇒ e_2 = -132  gcd(11,42): -19 × 11+5 × 42 ⇒ e_3 = 210   x = 3 ×(-77) + 6 ×(-132) + 10 × 210 = -231 - 792 + 2100 = 1077 mod 462 = 153
  • 13. Euler's Totient Function  Zn = Set of all numbers mod n = {0, 1, 2, ., n-1}  Zn* = Set of all numbers relatively primes to n  Φ(n) = Number of elements in Zn*  If n is prime, Φ(n)=n-1  Example: Z10={0, 1, 2, 3, ..., 9} Z10* = {1, 3, 7, 9} Φ(10)=4
  • 14. Euler's Theorem  For all a ∈ Zn* aΦ(n) = 1 mod n  For all a ∈ Zn* a(kΦ(n)+1) = a mod n  Examples:  z10* = {1, 3, 7, 9}  Φ(10)=4  14 mod 10 = 1  34 mod 10 = 1  74 mod 10 = 1  94 mod 10 = 1
  • 15. Fermat's Theorem  If p is prime and 0<a<p, ap-1 mod p = 1  Example:  26 mod 7 = 64 mod 7 = 1  34 mod 5 = 81 mod 5 = 1  ap-1 mod p = 1 for all a ≠> p is prime  Example: 561 = 3 × 11 × 17
  • 16. Miller and Rabin Method Prime Test  Express n-1 as 2bc where c is odd.  Pick a random a.  an-1 = a2bc = (ac)2b  Compute ac mod n  Square it b times: a2c, a4c, a8c, ..., a{2b}c If the final result is not one ⇒ n is not a prime   If any of the intermediate results is 1, check if the previous number is ± 1.  If ± 1 then n is potentially prime.  Pick another a and try again.
  • 17. RSA Public Key Encryption  Ron Rivest, Adi Shamir, and Len Adleman at MIT 1978  Both plain text M and cipher text C are integers between 0 and n-1.  Key 1 = {e, n}, Key 2 = {d, n}  C = Me mod n M = Cd mod n  How to construct keys: Select two large primes: p, q, p ≠ q  n = p×q  Calculate Euler’s Totient Fn Φ(n) = (p-1)(q-1)  Select e relatively prime to Φ⇒ gcd(Φ, e) = 1; 0 < e < Φ  Calculate d = inverse of e mod Φ⇒de mod Φ = 1  Euler.s Theorem: xed = xkΦ(n)+1 = x mod n 
  • 18. RSA Key Construction: Example  Select two large primes: p, q, p ≠ q p = 17, q = 11  n = p×q = 17×11 = 187  Calculate Φ = (p-1)(q-1) = 16x10 = 160  Select e, such that lcd(Φ, e) = 1; 0 < e < Φ say, e = 7  Calculate d such that de mod Φ = 1  160k+1 = 161, 321, 481, 641  Check which of these is divisible by 7  161 is divisible by 7 giving d = 161/7 = 23  Key 1 = {7, 187}, Key 2 = {23, 187}
  • 19. RSA Issues  RSA is computationally intense.  Commonly used key lengths are 512 bits  The plain text should be smaller than the key length  The encrypted text is same size as the key length  Generally used to encrypt secret keys.  Basis: Factoring a big number is hard
  • 20. Finding d and e  de = 1 mod Φ(n)  Select e first, e.g., e=21+1 or 216+1  Find inverse of e using Euler’s algorithm  The public key can be small.  The private key should be large. ⇒ Don’t select d=3.  Both d and n are 512 bit (150 digits) numbers.
  • 21. Attacks on RSA  Smooth Number Attack:  If you sign m1 and m2  S1 = md mod n 1  S2 = m2 mod n d  Attacker can sign m1m2, m1/m2, m1 , m1jm2 2 k  Easy to do if mi’s are small (smooth) numbers.  Cube Root Problem of RSA  If public exponent e=3:  hde mod n = h  hd mod n = h1/3  Simply compute h1/3 mod n
  • 22. Public-Key Cryptography Standards  RSA Inc developed standards on how to use public key cryptography  Specify encoding of keys, signatures, etc.  PKCS #1: Formatting a message for RSA encryption  First octet = 0  Second Octet = Format Type. 2 ⇒ Encryption  Random non-zero padding ⇒ cipher is different  Zero ends the padding
  • 23. Million Message Attack on RSA  In SSL if padding is incorrect, some Servers send quot;Incorrect Paddingquot; error  Attacker sends random variations until server accepts (decrypted message begins with 02)  Would need 216 tries to get the correct 16 bits  PKCS#1 Rev 2 fixes this problem.  Not sending error message is easier fix.
  • 24. Diffie-Hellman Key Agreement  Allows two party to agree on a secret key using a public channel  Eavesdropper can see T_A, g, p but cannot compute S_A  Computing S_A requires discrete logarithm – a difficult problem
  • 25. Diffie-Hellman (Cont)  Example: g=5, p=19  A selects 6 and sends 56 mod 19 = 7  B selects 7 and sends 57 mod 19 = 16  A computes K = 166 mod 19 = 7  B computes K = 77 mod 19 = 7
  • 26. Man-in-Middle Attack on Diffie- Hellman  Diffie-Hellman does not provide authentication  You can use RSA authentication and other alternatives
  • 27. Digital Signature Standard  FIPS 186 in 1991, 186-1 in 1993, 186-2 in 2000.  A variation of ElGamal signature  Choose a hash. Default = SHA-1  Select a key size L: multiple of 64 between 512 to 1024.  186-2 requires 1024.  186-3 recommends 2048 or 3072 for lifetimes beyond 2010. 1. Algorithm Parameters:  Choose a prime q with the same number of bits as hash  Select a L-bit prime p such that p-1 is a multiple of q  Select a generator g such that gq = 1 mod p  This can be done by g=h(p-1)/q mod p for some arbitrary h  1<h<p-1.  Algorithm parameters (p, q, g) may be shared among users.
  • 28. DSS (Cont) 2. User Keys: public and private key for a user  Choose S randomly 0 <S <p  T = gS mod p  Public key is (p, q, g, T). Private key is S. 3. Signing: Generate per message key Sm, 0<Sm<q  Tm = (gSm mod p) mod q  Compute Sm-1 mod q  Calculate message digest dm  Signature X = Sm-1 (dm + STm) mod q  Transmit message m, per message public number Tm, and signature X
  • 29. DSS (Cont) 4. Verification:  Calculate inverse of signature X-1 mod q  Calculate message digest dm  Calculate x = dm X-1 mod q  y = Tm x-1 mod q  z = (gx . Tymod p)mod q  If z = Tm then signature is verified.
  • 30. DSS Insecurity  <p, q, g> is shared.  Anyone who breaks <p, q, g> can break all the users sharing it.  Slower than RSA with e=3
  • 31. Elliptic Curve Cryptography (ECC)  Based on algebraic structure of elliptic curves over finite fields  Elliptic curve is a plane curve  y2 +axy+by = x3 +cx2+d x +e  The set of points on the curve along with the point at infinity form a set over which operations similar to modular arithmetic can be defined.  ECC is still exponential difficulty and so key lengths can be shorter.
  • 32. Zero-Knowledge Proof Systems  The verifier can verify that you possess the secret but gets no knowledge of the secret.  In graph theory, if you know Hamiltonian cycle of a large graph you can easily generate isomorphic graphs.