Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Paillier-ElGamal cryptosystem presentation
1. IMPLEMENTATION OF PAILLIER
ELGAMAL CRYPTOSYSTEM
GAUTHAM SK Dr. ANJAN K KOUNDINYA
MTech S3 Associate Professor
Dept. of CSE, BMSIT&M Dept. of CSE, BMSIT&M
USN:1BY19SCS02 Information and Network Security
(Assignment)
07-01-2021 Information and Network Security
2. 07-01-2021 Information and Network Security
Agenda
• Introduction
• Literature Survey for implementation
• Paillier Cryptosystem
• Application: Paillier Cryptosystem
• ElGamal Cryptosystem
• DEMO
3. Introduction
• Our life relies so much on technology and several online services such as e-
banking, e-commerce, e-voting and so on.
• So there is a necessity to protect valuable information that is transmitted on
the internet from any unauthorized disclosure and modifications.
• To protect information, transmit it in encrypted form.
• Decryption which sometimes can result in problems like privacy violation or
insider threat.
• These problems can be avoided if data custodians were to operate on users’
encrypted data without knowing the original information or the plaintext.
07-01-2021 Information and Network Security
4. • In 2017, “A Java Implementation Of Paillier Homomorphic Encryption
Scheme”, Fifth International Conference on Information and Communication
Technology (ICoICT), talks about the implementation of paillier
cryptosystem.
• In 2002, “ElGamal Cryptosystem for enciphering Messages”, IEEE Transaction
on Knowledge and Data Engineering, VOL-14, NO.2, talks about the
implementation of Elgamal cryptosystem.
• Analysis and Implementation of Combined Approach of RSA and ECC
Algorithm for Enhanced Data Security, International Journal of Computer
Applications (0975 – 8887) Volume 129 – No.15, November2015, give the
idea and way to combine two cryptosystem.
07-01-2021 Information and Network Security
Literature Survey for Implementation
5. 07-01-2021 Information and Network Security
Paillier Cryptosystem
• Pascal Paillier (1999)
• Asymmetric Public-key scheme
• Homomorphic Encryption (HE)
P(2+3)C(20+21)C(41)P(5)
• Probabilistic
• Additive HE scheme
• Given the ciphertext C1=Enc(M1) and C2=Enc (M2).
• Can compute C3=C1×C2
• Decrypt the plaintext as M3=M1 +M2 without knowing what is the
value of M1 and M2.
6. Algorithm
It consists of three steps: Key generation, Encryption, and Decryption:
Key generation:
1. Choose two random primes p and q where p and q should be different from each
other and have equal length.
2. Compute n=p*q and = lcm(p-1, q-1).
3. Select a random integer g, where g є Z*n
2 .
4. Ensure n divides the order of g by checking µ = (L(gλ mod n2 ))-1 mod n, where the
function L is defined as L(x) = x-1/n .
5. Set the public key as (n, g).
6. Set the private key as (, µ).
07-01-2021 Information and Network Security
7. 07-01-2021 Information and Network Security
Algorithm
Encryption:
1. Let m be the message that we want to encrypt, where m є Zn .
2. Select a random r where r є Zn
*.
3. Compute the ciphertext as c = gm . rn mod n2.
Decryption:
1. Let c be the ciphertext to decrypt, where c є Z*
n
2
2. Compute the message: m = L(c mod n2) . µ mod n.
8. Application: Electronic voting
• Consider a simple binary ("for“ (1) or "against“ (0)) vote.
• Each voter encrypts their choice before casting their vote.
• The election official takes the product of the m encrypted votes and then decrypts
the result and obtains the value n, which is the sum of all the votes.
• The election official then knows that n people voted for and m-n people
voted against.
• The role of the random r ensures that two equivalent votes will encrypt to the
same value only with negligible likelihood, hence ensuring voter privacy.
07-01-2021 Information and Network Security
9. 07-01-2021 Information and Network Security
Semantic security
• Negligible information about the plaintext.
• The ability to successfully distinguish ciphertext depends on the ability to
decide decisional composite residuosity assumption (DCRA) which is
believed to be intractable.
Z yn (mod n2)
10. ElGamal algorithm
07-01-2021 Information and Network Security
• Taher ElGamal in 1984
• Asymmetric Public-key cryptosystem
• Based on the difficulty of finding discrete logarithm in a cyclic group that is
even if we know ga and gk, it is extremely difficult to compute gak
• Used in the free GNU Privacy Guard software, recent versions of PGP and
other cryptosystems.
• Practical use: Hybrid cryptosystem
11. Algorithm
It consists of three steps: Key generation, Encryption, and Decryption:
1. Bob generates public and private key (Key generation):
a) Bob chooses a very large number q and a cyclic group Fq.
b) From the cyclic group Fq, he choose any element g and an element a such that
gcd(a, q) = 1.
c) Then he computes h = ga.
d) Bob publishes F, h = ga, q and g as his public key and retains a as private key.
2. Alice encrypts data using Bob’s public key (Encryption) :
a) Alice selects an element k from cyclic group F such that gcd(k, q) = 1.
b) Then she computes p = gk and s = hk = gak.
c) She multiples s with M.
d) Then she sends (p, M*s) = (gk, M*s).
07-01-2021 Information and Network Security
12. 07-01-2021 Information and Network Security
3. Bob decrypts the message (Decryption) :
a) Bob calculates s′ = pa = gak.
b) He divides M*s by s′ to obtain M.
Algorithm
15. 07-01-2021 Information and Network Security
Summary
• Implemented a two-layer cryptosystem, Paillier ElGamal Cryptosystem.
• Performed Analysis on the algorithm.
16. REFERENCES
07-01-2021
[1] T. Elgamal, "A public key cryptosystem and a signature scheme based on discrete logarithms," in IEEE
Transactions on Information Theory, vol. 31, no. 4, pp. 469-472, July 1985, doi:
10.1109/TIT.1985.1057074.
[2] Paillier P. (1999) Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In:
Stern J. (eds) Advances in Cryptology — EUROCRYPT ’99. EUROCRYPT 1999. Lecture Notes in
Computer Science, vol 1592. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48910-X_16.
[3] Alwar. “Analysis and Implementation of Combined Approach of RSA and ECC Algorithm for Enhanced
Data Security.” (2015).
[4] M. Nassar, A. Erradi and Q. M. Malluhi, "Paillier's encryption: Implementation and cloud applications,"
2015 International Conference on Applied Research in Computer Science and Engineering (ICAR), Beirut,
2015, pp. 1-5, doi: 10.1109/ARCSE.2015.7338149.
[5] C. Cai, H. Awano and M. Ikeda, "High-Speed ASIC Implementation of Paillier Cryptosystem with
Homomorphism," 2019 IEEE 13th International Conference on ASIC (ASICON), Chongqing, China, 2019,
pp. 1-4, doi: 10.1109/ASICON47005.2019.8983588.
Information and Network Security