IS Unit 3_Public Key Cryptography


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

IS Unit 3_Public Key Cryptography

  1. 1. Chapter 3:Chapter 3:Chapter 3:Chapter 3:----Public Key CryptographyBy:- Sarthak Patel (
  2. 2. OutlinePrinciples Of Public-Key CryptographyRSA AlgorithmKey ManagementElliptic Curve CryptographyElliptic Curve CryptographyDiffie-Hellman Key ExchangeSarthak Patel (
  3. 3. Classical Cryptography:Secret-Key or Symmetric CryptographyAlice and Bob agree on an encryption method and a sharedkey.Alice uses the key and the encryption method to encrypt (orencipher) a message and sends it to Bob.Bob uses the same key and the related decryption method toBob uses the same key and the related decryption method todecrypt (or decipher) the message.Sarthak Patel (
  4. 4. Advantages of Classical CryptographyThere are some very fast classical encryption (anddecryption) algorithmsSince the speed of a method varies with the length of the key,faster algorithms allow one to use longer key values.Larger key values make it harder to guess the key value -- andLarger key values make it harder to guess the key value -- andbreak the code -- by brute force.Sarthak Patel (
  5. 5. Disadvantages of Classical CryptographyRequires secure transmission of key valueRequires a separate key for each group of people that wishesto exchange encrypted messages (readable by any groupmember)For example, to have a separate key for each pair of people, 100For example, to have a separate key for each pair of people, 100people would need 4950 different keys.Sarthak Patel (
  6. 6. Public-Key Cryptography: AsymmetricCryptographyAlice generates a key value (usually a number or pair ofrelated numbers) which she makes public.Alice uses her public key (and some additional information)to determine a second key (her private key).Alice keeps her private key (and the additional informationshe used to construct it) secret.Sarthak Patel (
  7. 7. Public-Key Cryptography (continued)Bob can useAlice’s public key to encrypt a message for Alice.Alice can use her private key to decrypt this message.No-one without access to Alice’s private key (or theinformation used to construct it) can easily decrypt themessage.message.Sarthak Patel (
  8. 8. Private-Key Cryptographytraditional private/secret/single key cryptographyuses one keyKey is shared by both sender and receiverif the key is disclosed communications are compromisedalso known as symmetric, both parties are equalhence does not protect sender from receiver forging a message& claiming is sent by senderSarthak Patel (
  9. 9. Public-Key Cryptographyprobably most significant advance in the 3000 yearhistory of cryptographyuses two keys – a public key and a private keyasymmetric since parties are not equaluses clever application of number theory concepts tofunctioncomplements rather than replaces private keycryptographySarthak Patel (
  10. 10. Public-Key Cryptographypublic-key/two-key/asymmetric cryptographyinvolves the use of two keys:a public-key, which may be known by anybody, and can beused to encrypt messages, and verify signaturesa private-key, known only to the recipient, used to decryptmessages, and sign (create) signaturesmessages, and sign (create) signaturesis asymmetric becausethose who encrypt messages or verify signatures cannotdecrypt messages or create signaturesSarthak Patel (
  11. 11. Public-Key CryptographySarthak Patel (
  12. 12. Why Public-Key Cryptography?developed to address two key issues:key distribution – how to have secure communications ingeneral without having to trust a KDC with your keydigital signatures – how to verify a message comes intactfrom the claimed senderSarthak Patel (
  13. 13. Public-Key CharacteristicsPublic-Key algorithms rely on two keys with thecharacteristics that it is:computationally infeasible to find decryption key knowing onlyalgorithm & encryption keycomputationally easy to en/decrypt messages when the relevant(en/decrypt) key is known(en/decrypt) key is knowneither of the two related keys can be used for encryption, withthe other used for decryption (in some schemes)Sarthak Patel (
  14. 14. Public-Key Applicationscan classify uses into 3 categories:encryption/decryption (provide secrecy)digital signatures (provide authentication)key exchange (of session keys)some algorithms are suitable for all uses, others are specificsome algorithms are suitable for all uses, others are specificto oneSarthak Patel (
  15. 15. Security of Public Key Schemeslike private key schemes brute force exhaustive searchattack is always theoretically possiblebut keys used are too large (>512bits)security relies on a large enough difference in difficultybetween easy (en/decrypt) and hard (cryptanalyse)between easy (en/decrypt) and hard (cryptanalyse)problemsmore generally the hard problem is known, its just madetoo hard to do in practiserequires the use of very large numbershence is slow compared to private key schemesSarthak Patel (
  16. 16. Difference between Symm/AsymmSymmetric (Private Key) Asymmetric (Public Key)Same key for encry/ decry Asymmetric uses both a public and privatekeyVery fast encry Slower encryKey exchange is a big problem No problem at allKey exchange is a big problem No problem at allMainly for Encry/ Decry, cannot be used fordigital signatureCan be used for bothMore number of keys required Less than SymmetricSarthak Patel (
  17. 17. RSA Algorithmby Rivest, Shamir &Adleman of MIT in 1977best known & widely used public-key schemeuses large integers (eg. 1024 bits)security due to cost of factoring large numbersSarthak Patel (
  18. 18. Algorithm1. Choose two large prime number P and Q.2. Calculate N=P*Q3. Select the public key(i.e. encryption key) E such that it is not afactor of (P-1) and (Q-1)4. Select the private key(i.e. decryption key) D such thatfollowing equation is true:following equation is true:(D*E) mod (P-1) * (Q-1)= 15. For encryption calculate the cipher text CT from the PT as :CT= PTE mod N6. Send CT as the cipher text to the receiver.7. For decryption calculate the cipher text PT from the CT as :PT= CTD mod NSarthak Patel (
  19. 19. RSA Example1. Select primes: p=17 & q=112. Compute n = pq =17×11=1873. Compute ø(n)=(p–1)(q-1)=16×10=1604. Select e :gcd(e,160)=1; choose e=75. Determine d:d*e mod 160=1 and d < 160Value is d=23 since 23×7=161Sarthak Patel (
  20. 20. RSA Example contsample RSA encryption/decryption is:given message M = 88 (nb. 88<187)encryption:C = 887 mod 187 = 11decryption:decryption:M = 1123 mod 187 = 88Sarthak Patel (
  21. 21. Diffie-Hellman Key Exchange1. Select two prime numbers: n and g (public)2. Alice (Sender) chooses another random number x, andcalculatesA such that: A= gx mod n3. Alice Sends it to Bob(Receiver)4. Bob chooses another random number y and calculates B4. Bob chooses another random number y and calculates Bsuch that: B=gy mod n5. Bob sends it to Alice6. K1 = Bx mod n7. K2 = Ay mod nSarthak Patel (
  22. 22. Example for Deffie-Hellman1. n= 11, g=72. Let x=3.ThenA=73 mod 11= 343 mod 11= 23. Alice sends 2 to Bob4. Let y=6.Then B=76 mod 11= 117649 mod 11=4Bob sends 4 to Alice5. Bob sends 4 to Alice6. K1= 43 mod 11= 64 mod 11= 97. K2= 26 mod 11= 64 mod 11= 9Note: K1=K2Sarthak Patel (
  23. 23. Elliptic Curve CryptographyThe Elliptic curve cryptography (ECC) is anapproach to public-key cryptography based on thealgebraic structure of elliptic curves over finitefields.fields.Sarthak Patel (
  24. 24. ECCAn elliptic curve is the set of solutions of an equation of the formy2 = x3 + ax + b .Where the co-efficeints a and b are elements of the field and4a3 + 27b2 ≠ 0. Each value of the a and b gives a different ellipticcurve.An equation of this kind can be studied over various mathematicalAn equation of this kind can be studied over various mathematicalstructures, such as a ring or a field.One interesting property of set of solutions of elliptic curve is that itforms a group which enables us to do Cryptography. The public key isa point in the curve and the private key is a random number. Thepublic key is obtained by multiplying the private key with thegenerator point G in the curve.Sarthak Patel (
  25. 25. ECC Diffie-Hellman Key ExchangeGlobal Public ElementsEq(a,b) – Elliptic curve with parameter a,bG – Point on elliptic curveUser A Key GenerationSelect Private nACalculate Public PA PA = nA * GUser B Key GenerationCalculation of Secret Key by User AK = nA * PBUser B Key GenerationSelect Private nBCalculate Public PB PB = nB * GCalculation of Secret Key by User BK = nB * PASarthak Patel (
  26. 26. Applications of ECCApplications of ECCApplications of ECCApplications of ECCMany devices are small and have limited storage andcomputational powerWhere can we apply ECC?Wireless communication devicesSmart cardsSmart cardsWeb servers that need to handle many encryption sessionsAny application where security is needed but lacksthe power, storage and computational power that isnecessary for our current cryptosystemsSarthak Patel (
  27. 27. Benefits of ECCBenefits of ECCBenefits of ECCBenefits of ECCSame benefits of the other cryptosystems: confidentiality,integrity, authentication and non-repudiation but…Shorter key lengthsEncryption, Decryption and SignatureVerification speed upStorage and bandwidth savingsStorage and bandwidth savingsSarthak Patel (
  28. 28. Key Management (Key Distribution)KeyDistributionCenter (KDC)IDA || IDB ||N1InitiatorAResponderBE (Kb, [Ks || IDA])E (Ks, N2)E (Ks, f(N2))Sarthak Patel (
  29. 29. Public key DistributionPublicAnnouncementPublicAvailable DirectoryPublic KeyAuthorityPublic Key CertificatesSarthak Patel (
  30. 30. THE ENDTHE ENDSarthak Patel (