We've updated our privacy policy. Click here to review the details. Tap here to review the details.

Successfully reported this slideshow.

Your SlideShare is downloading.
×

Activate your 30 day free trial to unlock unlimited reading.

Activate your 30 day free trial to continue reading.

Top clipped slide

1 of 22
Ad

New paradigm introduced by Diffie and Hellman

New paradigm introduced by Diffie and Hellman

- 1. CSCI 172/283 Fall 2010 Public Key Cryptography
- 2. Public Key Cryptography New paradigm introduced by Diffie and Hellman The mailbox analogy: Bob has a locked mailbox Alice can insert a letter into the box, but can’t unlock it to take mail out Bob has the key and can take mail out Encrypt messages to Bob with Bob’s public key Can freely distribute Bob decrypts his messages with his private key Only Bob knows this
- 3. Requirements How should a public key scheme work? Three main conditions It must be computationally easy to encrypt or decrypt a message given the appropriate key It must be computationally infeasible to derive the private key from the public key It must be computationally infeasible to determine the private key from chosen plaintext attack Attacker can pick any message, have it encrypted, and obtain the ciphertext
- 4. Exchanging keys Alice and Bob want to communicate using a block cipher to encrypt their messages, but don’t have shared key How do Alice and Bob get a shared key?
- 5. Solution 1 Alice sends the key along with her encrypted message Eve sees encrypted message and key Uses key to decrypt message
- 6. Solution 2 Alice sends the key at some time prior to sending Bob the encrypted message Eve has to wait longer If she saw the key transmission, she has the key Uses key to decrypt message
- 7. Solution 3 – Use public key crypto Diffie Hellman Key Exchange All users share common modulus, p, and element g g ≠ 0, g ≠ 1, and g ≠ p-1 Alice chooses her private key, kA Computes KA = gkA mod p and sends it to Bob in the clear Bob chooses his private key, kB Computes KB = gkB mod p and sends it to Alice in the clear When Alice and Bob want to agree on a shared key, they compute a shared secret S SA,B = KB kA mod p S = K kB mod p
- 8. Why does DH work? SA,B = SB,A (gkA) kB mod p = (gkB) kA mod p Eve knows g and p KA and KB Why can’t Eve compute the secret? This was the first public key cryptography scheme SA,B = KB kA mod p SB,A = KA kB mod p
- 9. Hard problems Public key cryptosystems are based on hard problems DH is based on the Discrete Logarithm Problem (DLP) Given: Multiplicative group G Element a in G Output b Find: Unique solution to ax = b in G x is loga b No polynomial time algorithm exists to solve this* *On classical computers
- 10. Could it fail? Eve could fool Alice and Bob Man in the middle / bucket brigade Alice Bob Eve My key is KA My key is K’A My key is KB My key is K’B Alice has no guarantee that the person she’s establishing a key with is actually Bob
- 11. RSA Rivest-Shamir-Adleman Probably the most well-known public key scheme First, some background
- 12. Euler’s Totient Totient function (n) Number of positive numbers less than n that are relatively prime to n Two numbers are relatively prime when their greatest common divisor is 1 Example: (10) = 4 1, 3, 7, 9 Example: (7) = 6 1, 2, 3, 4, 5, 6 If n is prime, (n) = n-1
- 13. RSA keys Choose 2 large primes, p and q N = pq (N) = (p-1)(q-1) Choose e < N such that gcd(e, (N))=1 d such that ed = 1 mod (N) Public key: {N, e} Private key: {d} p and q must also be kept secret
- 14. RSA encryption/decryption Alice wants to send Bob message m She knows his public key, {N,e} Alice Bob c = me mod N c m = cd mod N
- 15. Toy example p=7, q=11 N=77 (N) = (6)(10) = 60 Bob chooses e=17 Uses extended Euclidean algorithm to find inverse of e mod 60 Finds d=53 Bob makes {N, e} public
- 16. Toy example (continued) Alice wants to send Bob “HELLO WORLD” Represent each letter as a number 00(A) to 25(Z) 26 is a space Calculates: 0717 mod 77 = 28, 0417 mod 77 = 16, …, 0317 mod 77 = 75 Sends Bob 28 16 44 44 42 38 22 42 19 44 75 He decrypts each number with his private key and gets “HELLO WORLD”
- 17. What could go wrong? What was wrong with the toy example? Eve can easily find the encryption of each letter and use that as a key to Alice’s message Even without knowing the public key, can use statistics to find likely messages Like cryptogram puzzles
- 18. How it should really happen p and q should be at least 512 bits each N at least 1024 bits The message “HELLO WORLD” would be converted into one very large integer That integer would be raised to the public/private exponent For short message, pad them with a random string
- 19. Is this key yours? How to bind a key to an identity?
- 20. PK Paradigm Genkey(some info) Creates Kpub and Kpriv Encrypt with Kpub Decrypt with Kpriv Certificate binds key to individual
- 21. IBE Identity-Based Encryption Kpub is well-known Known to be bound to owner Name, email, SSN, etc. Owner requests a private key from CA No certificates required
- 22. Conclusion by xkcd http://xkcd.com/538/

No public clipboards found for this slide

You just clipped your first slide!

Clipping is a handy way to collect important slides you want to go back to later. Now customize the name of a clipboard to store your clips.Hate ads?

Enjoy access to millions of presentations, documents, ebooks, audiobooks, magazines, and more **ad-free.**

The SlideShare family just got bigger. Enjoy access to millions of ebooks, audiobooks, magazines, and more from Scribd.

Cancel anytime.
Be the first to like this

Total views

3

On SlideShare

0

From Embeds

0

Number of Embeds

2

Unlimited Reading

Learn faster and smarter from top experts

Unlimited Downloading

Download to take your learnings offline and on the go

You also get free access to Scribd!

Instant access to millions of ebooks, audiobooks, magazines, podcasts and more.

Read and listen offline with any device.

Free access to premium services like Tuneln, Mubi and more.

We’ve updated our privacy policy so that we are compliant with changing global privacy regulations and to provide you with insight into the limited ways in which we use your data.

You can read the details below. By accepting, you agree to the updated privacy policy.

Thank you!

We've encountered a problem, please try again.