The document discusses public key cryptography, including: - Public key cryptography uses two keys - a public key which can encrypt messages, and a private key which can decrypt messages. - The RSA algorithm is an example of an asymmetric public key encryption algorithm that uses a public and private key pair. It involves choosing two prime numbers to generate the keys. - RSA encryption involves using the public key to encrypt a message, while decryption requires the private key. Properly implemented, it is very difficult to derive the private key from the public key and encrypted message.

1. 12/16/2019 1 1
1
Part 2  Access Control 1Security+ Guide to Network Security Fundamentals, Third Edition 1
11
1 1 tohttps://github.com/syaifulahdan/
INFORMATION SECURITY
Criptography - Public Encryption
 Private Key Criptography
 Public-Key Crytpgraphy
 Public Key Cryptography
 Public Key Caractheristics
 Public Key Cryptosystem
 Public Key Applications
 Security of Publics Key Scheme
 Public Key Encription Algorithms
 RSA : Choosing Keys
 RSA : Encryption Decryption
 RSA Example

2. 12/16/2019 2 2
2
Part 2  Access Control 2Security+ Guide to Network Security Fundamentals, Third Edition 2
22
2 2 tohttps://github.com/syaifulahdan/
Cryptography

3. 12/16/2019 3 3
3
Part 2  Access Control 3Security+ Guide to Network Security Fundamentals, Third Edition 3
33
3 3 tohttps://github.com/syaifulahdan/
Summary
• Symmetric encryption
• Public encryption
• Digital Signature
• Key distribution

4. 12/16/2019 4 4
4
Part 2  Access Control 4Security+ Guide to Network Security Fundamentals, Third Edition 4
44
4 4 tohttps://github.com/syaifulahdan/
Private-Key Cryptography
• traditional private/secret/single key
cryptography uses one key
• shared by both sender and receiver
• if this key is disclosed communications are
compromised
• also is symmetric, parties are equal
• hence does not protect sender from
receiver forging a message & claiming is
sent by sender

5. 12/16/2019 5 5
5
Part 2  Access Control 5Security+ Guide to Network Security Fundamentals, Third Edition 5
55
5 5 tohttps://github.com/syaifulahdan/
Public-Key Cryptography
• probably most significant advance in the
3000 year history of cryptography
• uses two keys – a public & a private key
• asymmetric since parties are not equal
• uses clever application of number
theoretic concepts to function
• complements rather than replaces private
key crypto

6. 12/16/2019 6 6
6
Part 2  Access Control 6Security+ Guide to Network Security Fundamentals, Third Edition 6
66
6 6 tohttps://github.com/syaifulahdan/
Public-Key Cryptography
• public-key/two-key/asymmetric cryptography
involves the use of two keys:
– a public-key, which may be known by anybody, and
can be used to encrypt messages, and verify
signatures
– a private-key, known only to the recipient, used to
decrypt messages, and sign (create) signatures
• is asymmetric because
– those who encrypt messages or verify signatures
cannot decrypt messages or create signatures

7. 12/16/2019 7 7
7
Part 2  Access Control 7Security+ Guide to Network Security Fundamentals, Third Edition 7
77
7 7 tohttps://github.com/syaifulahdan/
Public-Key Cryptography

8. 12/16/2019 8 8
8
Part 2  Access Control 8Security+ Guide to Network Security Fundamentals, Third Edition 8
88
8 8 tohttps://github.com/syaifulahdan/
Public-Key Characteristics
• Public-Key algorithms rely on two keys
with the characteristics that it is:
– computationally infeasible to find decryption
key knowing only algorithm & encryption key
– computationally easy to en/decrypt messages
when the relevant (en/decrypt) key is known
– either of the two related keys can be used for
encryption, with the other used for decryption
(in some schemes)

9. 12/16/2019 9 9
9
Part 2  Access Control 9Security+ Guide to Network Security Fundamentals, Third Edition 9
99
9 9 tohttps://github.com/syaifulahdan/
Public-Key Cryptosystems

10. 12/16/2019 10 10
10
Part 2  Access Control 10Security+ Guide to Network Security Fundamentals, Third Edition 10
1010
10 10 tohttps://github.com/syaifulahdan/
Public-Key Applications
• can classify uses into 3 categories:
– encryption/decryption (provide secrecy)
– digital signatures (provide authentication)
– key exchange (of session keys)
• some algorithms are suitable for all uses,
others are specific to one

11. 12/16/2019 11 11
11
Part 2  Access Control 11Security+ Guide to Network Security Fundamentals, Third Edition 11
1111
11 11 tohttps://github.com/syaifulahdan/
Security of Public Key Schemes
• like private key schemes brute force exhaustive
search attack is always theoretically possible
• but keys used are too large (>512bits)
• security relies on a large enough difference in
difficulty between easy (en/decrypt) and hard
(cryptanalysis) problems
• more generally the hard problem is known, its
just made too hard to do in practise
• requires the use of very large numbers
• hence is slow compared to secret key schemes

12. 12/16/2019 12 12
12
Part 2  Access Control 12Security+ Guide to Network Security Fundamentals, Third Edition 12
1212
12 12 tohttps://github.com/syaifulahdan/
Public key encryption algorithms
need K ( ) and K ( ) such thatB B
. .
given public key K , it should
be impossible to compute
private key KB
B
Requirements:
1
2
RSA: Rivest, Shamir, Adelson algorithm
+ -
K (K (m)) = m
BB
- +
+
-

13. 12/16/2019 13 13
13
Part 2  Access Control 13Security+ Guide to Network Security Fundamentals, Third Edition 13
1313
13 13 tohttps://github.com/syaifulahdan/
RSA: Choosing keys
1. Choose two large prime numbers p, q.
(e.g., 1024 bits each)
2. Compute n = pq, z = (p-1)(q-1)
3. Choose e (with e<n) that has no common factors
with z. (e, z are “relatively prime”).
4. Choose d such that ed-1 is exactly divisible by z.
(in other words: ed mod z = 1 ).
5. Public key is (n,e). Private key is (n,d).
KB
+
KB
-

14. 12/16/2019 14 14
14
Part 2  Access Control 14Security+ Guide to Network Security Fundamentals, Third Edition 14
1414
14 14 tohttps://github.com/syaifulahdan/
RSA: Encryption, decryption
0. Given (n,e) and (n,d) as computed above
1. To encrypt bit pattern, m, compute
c = m mod ne (i.e., remainder when m is divided by n)
e
2. To decrypt received bit pattern, c, compute
m = c mod nd (i.e., remainder when c is divided by n)d
m = (m mod n)e mod n
dMagic
happens!
c

15. 12/16/2019 15 15
15
Part 2  Access Control 15Security+ Guide to Network Security Fundamentals, Third Edition 15
1515
15 15 tohttps://github.com/syaifulahdan/
RSA example:
Bob chooses p=5, q=7. Then n=35, z=24.
e=5 (so e, z relatively prime).
d=29 (so ed-1 exactly divisible by z.
letter m me c = m mod ne
l 12 1524832 17
c m = c mod nd
17 481968572106750915091411825223071697 12
c
d
letter
l
encrypt:
decrypt:

16. 12/16/2019 16 16
16
Part 2  Access Control 16Security+ Guide to Network Security Fundamentals, Third Edition 16
1616
16 16 tohttps://github.com/syaifulahdan/
RSA: Why is that m = (m mod n)e mod n
d
(m mod n)
e
mod n = m mod n
d ed
Useful number theory result: If p,q prime and
n = pq, then:
x mod n = x mod n
y y mod (p-1)(q-1)
= m mod n
ed mod (p-1)(q-1)
= m mod n
1
= m
(using number theory result above)
(since we chose ed to be divisible by
(p-1)(q-1) with remainder 1 )

17. 12/16/2019 17 17
17
Part 2  Access Control 17Security+ Guide to Network Security Fundamentals, Third Edition 17
1717
17 17 tohttps://github.com/syaifulahdan/
RSA: another important property
The following property will be very useful later:
K (K (m)) = m
BB
- +
K (K (m))BB
+ -
=
use public key
first, followed
by private key
use private key
first, followed
by public key
Result is the same!

18. 12/16/2019 18 18
18
Part 2  Access Control 18Security+ Guide to Network Security Fundamentals, Third Edition 18
1818
18 18 tohttps://github.com/syaifulahdan/
Summary
• Symmetric encryption
• Public encryption
• Digital Signature
• Key distribution