Upcoming SlideShare
×
Like this document? Why not share!

Like this? Share it with your network

Share

# Public Key Cryptography

• 791 views

Public key cryptographic protocols

Public key cryptographic protocols

More in: Technology , Education
• Comment goes here.
Are you sure you want to
Be the first to comment
Be the first to like this

Total Views
791
On Slideshare
788
From Embeds
3
Number of Embeds
1

Shares
15
0
Likes
0

### Report content

No notes for slide

### Transcript

• 1. Public Key Cryptosystems By: Abhijit MondalThe Knapsack Cryptosystem:The Knapsack Problem: Given a pile of items, each with different weights, is it possible to put someof those items into a knapsack so that the knapsack weighs a given amount? i.e.Given : m1 , m2 , ......, mn and the sum S.Find : b1 , b2 ,....., bn such that S = b1m1 + b2 m2 + ....+ bn mn where bi ∈{0,1}The above problem is a NP-complete problem i.e. The time taken for solution grows exponentiallywith number of weights, since the only possible ways to find a solution is to consider all thepossible combinations of weights.Superincreasing Knapsack : A superincreasing knapsack is a sequence in which every term isgreater than the sum of its previous terms, e.g. {1,2,4,8,16,32} is a superincreasing knapsack.Given the weights and the required total weight , it is easy to find a solution to the knapsackproblem. Suppose if S = 25, then in the knapsack {1,3,6,13,27,52} , we compare 25 with 52, since25<52 hence 52 will not be in the solution, next compare 25 with 27, since 25<27, hence 27 is alsonot in the solution, next since 25>13, hence 13 has to be in the knapsack because the sum of allweights less than 13 is less than that 13 so if 13 is not present in the solution then the all the lesserweights will never make up 25. So {13} is one weight. Next subtract 25-13 = 12, and compare 12with 6, since 12>6 so 6 is present in the solution {13,6}, subtract 12-6 = 6, compare 6 with 3, since6>3, so 3 will be present in the solution, {13,6,3}, next 6-3=3>1, so 1 is present {13,6,3,1}, but 3-1=2 and no more weights are left hence we do not have a solution if the the result of last subtractionis not 0.For S= 34, 27 will be present, 34-27=7<13, 13 will not be present, 7>6, so 6 is present, 7-6=1>3, so3 is not present but 1=1 so 1 is present and we have a solution {27,6,1};For the Knapsack {1,2,4,8,...2k} we will have solutions for all 1<=S<=2k+1-1. Since all integersbetween 0 and 2k+1-1 has a binary representation involving k bits.Private Keys : A superincreasing Knapsack of length k, { a0 , a1 , .... , ak-1 }, an integer n>1, and aprime integer p > 2ak-1 , are the private keys of the receiver.Public Key : The normal NP-complete knapsack { b0 , b1, .... , bk-1 } where bi = nai ( mod p )computed by the receiver is published on a public key server.Encryption : Assuming that the plaintext of length m is in binary, the sender divides the plaintextmessage into blocks of size k, and in each block if ith bit is 1, then calculates the sum sj = ∑ bi forthe blocks 1<=j<=m/k.e.g. If for block 3 and k=6, {1,3,6,13,27,52}, and the bits of the block are 101101, then s3 = 1 + 6 +13 + 52 = 72. The ciphertext is the set {sj}.Decryption : The receiver calculates the blocks of bits using the superincreasing knapsack and theciphertext and recovers the plaintext.C++ code for Knapsack Cryptosystem encryption : knapsack-encrypt.cC++ code for Knapsack Cryptosystem decryption : knapsack-decrypt.c
• 2. The RSA Cryptosystem:The receiver generates two large prime integers(100 digits) p and q, computes n = pq, and φ(n) =(p-1)(q-1), then generates an encryption key e , such that gcd(e,φ(n)) = 1. The receiver publishes thekeys n and e on a public key server.Suppose the plaintext message the sender wants to send is m (mod n), m and n are of the order of200 digits, then he computes the ciphertext c = me (mod n) and sends c to the receiver.The receiver then computes the decryption key d = e-1 (mod φ(n)), then computes cd (mod n) whichis equal to med (mod n) = m (mod n), thus recovering the plaintext message.This is because ed = 1 mod(φ(n)), and so ed = 1 + kφ(n). • If m is divisible by p but not divisible by q, then (med – m)(mod n) = m(mk(p-1)(q-1) – 1)(mod n) By Fermats Little Theorem since m and q are coprime thus mq-1 = 1 (mod q), or mq-1 - 1 = 0 (mod q). Thus (mk(p-1)(q-1) – 1) = 0 (mod q) and hence (mk(p-1)(q-1) – 1) = 0 (mod n). Thus med (mod n) = m (mod n). • Similarly if m is divisible by q and not by p. • If m is coprime to both p and q, then m is coprime to n, thus by Eulers Theorem mkφ(n) = 1 (mod n) and thus med (mod n) = m*mkφ(n) (mod n) = m (mod n).Public Keys : n=pq and encryption key e.Private Keys : Primes p and q , and decryption key d=e-1 (mod φ(n)).Encryption : Plaintext message m, ciphertext c = me (mod n).Decryption : d = e-1 (mod φ(n)), m = cd (mod n) = med (mod n) = m (mod n).Software implementation of RSA encryption : • Generate 2 large integers p and q and test if they are primes by any primality testing routine. • Compute n = pq; • Compute 7-bit ASCII values for each character in the message • Concatenate all the 7-bit binary values together. • Calculate b = floor(log2(n)), b will be length of each plaintext block. • Pad with zeroes to the right to make the total length of the concatenated bits a multiple of b. • Consider all b-bit blocks from the concatenated bits, • Compute the decimal equivalent of each b-bit blocks, this is mi . • Now compute ci = mie (mod n) and then convert each ci into (b+1)-bit blocks and concatenate all the (b+1)-bit blocks. • Send this concatenated (b+1)-bit blocks to the receiver.Software implementation of RSA decryption : • Consider each (b+1)-bit block and compute its decimal equivalent ci. • Compute mi = cid (mod n) and compute its b-bit binary equivalent. • Concatenate all the b-bit obtained values together. • Consider 7-bit blocks from the concatenated bits and compute its corresponding ASCII value and then find its corresponding ASCII character.C code for RSA encryption : rsa-encrypt.cC code for RSA decryption : rsa-decrypt.c