This document discusses public key cryptography and the RSA algorithm. It begins by explaining the differences between symmetric and asymmetric cryptosystems. It then describes the key components of public key cryptography, including public/private key pairs, certificates, and algorithms. The document goes on to explain the mathematical foundations of public key cryptography using concepts like Euler's totient function and the discrete logarithm problem. It provides details on the RSA algorithm, including key generation, encryption, and decryption. It also includes an example of RSA encryption and decryption. Finally, it discusses some attacks on RSA like brute force and timing attacks, as well as countermeasures.
We experiment with Wiener's attack to break RSA when the secret exponent is short, meaning it is smaller than one quarter of the public modulus size. We discuss cryptanalysis details and present demos of the attack. Our very minor extension of Wiener's attack is also discussed.
If we have an RSA 2048 bits configuration, but our private exponent d is only about 512 bits, then the above attack breaks RSA in a few seconds.
This work uses Continued Fractions to derive the private keys from the given public keys. It turned out that one can derive the private exponent d by approximating it as a ratio of e/n, both are public values.
In a default settings of standard RSA libaries, this attack and my minor extension are not relevant (to the best of our knowledge). However, if we configure our library to choose a very large public encryption exponent e, then our private decryption exponent d could be short enough to mount an attack.
The Cryptography puzzle discussed here is part of an online challenge. I demonstrate how I broke RSA when random prime numbers were common among a set of keys. I discuss basic metrics as well as implementation/design of my exploit scripts, too.
The slides demonstrate how to break RSA when used incorrectly without integrity checks. The man-in-the-middle is allowed to edit the RSA public exponent e in such a way that the Extended Euclidean Algorithm can be employed to reconstruct the plaintexts from the given ciphertexts.
We study the behavior of the RSA trapdoor function by repeatedly encrypting the ciphertext sent over the public channel. We discuss the problem of finding a cycle in order to reverse the plaintext from the given ciphertext. Simple demos and algorithms/python programs are also presented. While the attack is not necessarily practical, it is educational to learn how the RSA trapdoor function behaves.
Slides demonstrate how to break RSA when no padding is applied. I replicated the meet-in-the-middle attack discussed in the existing Crypto literature.
The slides demonstrate how to reverse the plaintext from the RSA encrypted ciphertext using an oracle that answers the question: is the last bit of the message 0 or 1?
We experiment with Wiener's attack to break RSA when the secret exponent is short, meaning it is smaller than one quarter of the public modulus size. We discuss cryptanalysis details and present demos of the attack. Our very minor extension of Wiener's attack is also discussed.
If we have an RSA 2048 bits configuration, but our private exponent d is only about 512 bits, then the above attack breaks RSA in a few seconds.
This work uses Continued Fractions to derive the private keys from the given public keys. It turned out that one can derive the private exponent d by approximating it as a ratio of e/n, both are public values.
In a default settings of standard RSA libaries, this attack and my minor extension are not relevant (to the best of our knowledge). However, if we configure our library to choose a very large public encryption exponent e, then our private decryption exponent d could be short enough to mount an attack.
The Cryptography puzzle discussed here is part of an online challenge. I demonstrate how I broke RSA when random prime numbers were common among a set of keys. I discuss basic metrics as well as implementation/design of my exploit scripts, too.
The slides demonstrate how to break RSA when used incorrectly without integrity checks. The man-in-the-middle is allowed to edit the RSA public exponent e in such a way that the Extended Euclidean Algorithm can be employed to reconstruct the plaintexts from the given ciphertexts.
We study the behavior of the RSA trapdoor function by repeatedly encrypting the ciphertext sent over the public channel. We discuss the problem of finding a cycle in order to reverse the plaintext from the given ciphertext. Simple demos and algorithms/python programs are also presented. While the attack is not necessarily practical, it is educational to learn how the RSA trapdoor function behaves.
Slides demonstrate how to break RSA when no padding is applied. I replicated the meet-in-the-middle attack discussed in the existing Crypto literature.
The slides demonstrate how to reverse the plaintext from the RSA encrypted ciphertext using an oracle that answers the question: is the last bit of the message 0 or 1?
We study the internal structure of the SRP key exchange protocol and experiment with it. SRP establishes a shared encryption key between communicating parties using passwords that were shared out-of-band. We perform basic cryptanalysis of SRP using open-source implementations. We present a demo of how SRP was compromised due to an implementation bug, allowing the attacker to login without the password. The author of the Go-SRP library promptly fixed the issue on the very same day we reported the vulnerability.
We look into the nitty-gritty details of the RSA key generation algorithm. We study how RSA can be exploited when the public exponent e is not chosen carefully. We examine why many digital certificates use e=65537. We also experiment with Hastad's broadcast attack for short RSA exponents in particular.
Results of some basic experiments with the Diffie-Hellman Key Exchange System. I analyse the key-exchange algorithm using brute-force as well using the Baby-step Giant-step algorithm.
Slides present a demo of exploiting the homomorphic properties of raw RSA (i.e., without any padding) to reverse an RSA ciphertext, without the private key. We have two roles: Adversary and Challenger. The challenger presents a ciphertext to the adversary to break it. The adversary is allowed to ask for encryption/decryption of any text, except the decryption of the challenge ciphertext. The goal of the adversary is to break the ciphertext.
Computing the Square Roots of Unity to break RSA using Quantum AlgorithmsDharmalingam Ganesan
We study the problem of finding the square roots of unity in a finite group in order to factor composite numbers used in RSA. We implemented Peter Shor’s algorithm to find the square root of unity. Experimental results showed that finding the square roots of unity in a finite group multiplicative group is “hard”.
This presentation is based on the paper :
"A Method for Obtaining Digital Signatures and Public-Key Cryptosystems" by R.L. Rivest, A. Shamir, and L. Adleman
An RSA private key is made of a few private variables. We analyze how these private variables are chained together. Further, we study if one of the private variables is leaked, can we derive the other private variables? Demos of the algorithms are also provided.
Implementation of RSA Algorithm for Speech Data Encryption and DecryptionMd. Ariful Hoque
An efficient implementation of RSA algorithm for speech data encryption and decryption. At first, five hundred Bangla speech words were recorded from six different speaker and stored as RIFF (.wav) file format. Then our developed program was used to extract data from these words and this data were stored in a text file as integer data. Finally, we used our implemented program to encrypt and decrypt speech data.
This was an invited talk at the Central Middle School, Maryland. Without going into a lot of math, I try to explain the fundamental key exchange problem. It was a blast. 8th graders enjoyed it as much as I enjoyed it.
Can we reveal the RSA private exponent d from its public key <e, n>? We study this question for two specific cases: e = 3 and e = 65537. Using demos, we verify that RSA reveals the most significant half of the private exponent d when the public exponent e is small. For example, for 2048-bit RSA, the most significant 1024 bits are revealed!
Public Key Cryptography and RSA algorithmIndra97065
Public Key Cryptography and RSA algorithm.Explanation and proof of RSA algorithm in details.it also describer the mathematics behind the RSA. Few mathematics theorem are given which are use in the RSA algorithm.
We study the internal structure of the SRP key exchange protocol and experiment with it. SRP establishes a shared encryption key between communicating parties using passwords that were shared out-of-band. We perform basic cryptanalysis of SRP using open-source implementations. We present a demo of how SRP was compromised due to an implementation bug, allowing the attacker to login without the password. The author of the Go-SRP library promptly fixed the issue on the very same day we reported the vulnerability.
We look into the nitty-gritty details of the RSA key generation algorithm. We study how RSA can be exploited when the public exponent e is not chosen carefully. We examine why many digital certificates use e=65537. We also experiment with Hastad's broadcast attack for short RSA exponents in particular.
Results of some basic experiments with the Diffie-Hellman Key Exchange System. I analyse the key-exchange algorithm using brute-force as well using the Baby-step Giant-step algorithm.
Slides present a demo of exploiting the homomorphic properties of raw RSA (i.e., without any padding) to reverse an RSA ciphertext, without the private key. We have two roles: Adversary and Challenger. The challenger presents a ciphertext to the adversary to break it. The adversary is allowed to ask for encryption/decryption of any text, except the decryption of the challenge ciphertext. The goal of the adversary is to break the ciphertext.
Computing the Square Roots of Unity to break RSA using Quantum AlgorithmsDharmalingam Ganesan
We study the problem of finding the square roots of unity in a finite group in order to factor composite numbers used in RSA. We implemented Peter Shor’s algorithm to find the square root of unity. Experimental results showed that finding the square roots of unity in a finite group multiplicative group is “hard”.
This presentation is based on the paper :
"A Method for Obtaining Digital Signatures and Public-Key Cryptosystems" by R.L. Rivest, A. Shamir, and L. Adleman
An RSA private key is made of a few private variables. We analyze how these private variables are chained together. Further, we study if one of the private variables is leaked, can we derive the other private variables? Demos of the algorithms are also provided.
Implementation of RSA Algorithm for Speech Data Encryption and DecryptionMd. Ariful Hoque
An efficient implementation of RSA algorithm for speech data encryption and decryption. At first, five hundred Bangla speech words were recorded from six different speaker and stored as RIFF (.wav) file format. Then our developed program was used to extract data from these words and this data were stored in a text file as integer data. Finally, we used our implemented program to encrypt and decrypt speech data.
This was an invited talk at the Central Middle School, Maryland. Without going into a lot of math, I try to explain the fundamental key exchange problem. It was a blast. 8th graders enjoyed it as much as I enjoyed it.
Can we reveal the RSA private exponent d from its public key <e, n>? We study this question for two specific cases: e = 3 and e = 65537. Using demos, we verify that RSA reveals the most significant half of the private exponent d when the public exponent e is small. For example, for 2048-bit RSA, the most significant 1024 bits are revealed!
Public Key Cryptography and RSA algorithmIndra97065
Public Key Cryptography and RSA algorithm.Explanation and proof of RSA algorithm in details.it also describer the mathematics behind the RSA. Few mathematics theorem are given which are use in the RSA algorithm.
Information and network security 33 rsa algorithmVaibhav Khanna
RSA algorithm is asymmetric cryptography algorithm. Asymmetric actually means that it works on two different keys i.e. Public Key and Private Key. As the name describes that the Public Key is given to everyone and Private key is kept private
Public-Key Cryptography.pdfWrite the result of the following operation with t...FahmiOlayah
Write the result of the following operation with the correct number of significant figure of 0.248?Write the result of the following operation with the correct number of signi
This is Cryptography presentation. This explains fundamental concepts of cryptography.This starts from very basic topics and then moving to the important concepts used in today's cryptosystems. This can be used by college students as their project ppts.
COLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdfKamal Acharya
The College Bus Management system is completely developed by Visual Basic .NET Version. The application is connect with most secured database language MS SQL Server. The application is develop by using best combination of front-end and back-end languages. The application is totally design like flat user interface. This flat user interface is more attractive user interface in 2017. The application is gives more important to the system functionality. The application is to manage the student’s details, driver’s details, bus details, bus route details, bus fees details and more. The application has only one unit for admin. The admin can manage the entire application. The admin can login into the application by using username and password of the admin. The application is develop for big and small colleges. It is more user friendly for non-computer person. Even they can easily learn how to manage the application within hours. The application is more secure by the admin. The system will give an effective output for the VB.Net and SQL Server given as input to the system. The compiled java program given as input to the system, after scanning the program will generate different reports. The application generates the report for users. The admin can view and download the report of the data. The application deliver the excel format reports. Because, excel formatted reports is very easy to understand the income and expense of the college bus. This application is mainly develop for windows operating system users. In 2017, 73% of people enterprises are using windows operating system. So the application will easily install for all the windows operating system users. The application-developed size is very low. The application consumes very low space in disk. Therefore, the user can allocate very minimum local disk space for this application.
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdffxintegritypublishin
Advancements in technology unveil a myriad of electrical and electronic breakthroughs geared towards efficiently harnessing limited resources to meet human energy demands. The optimization of hybrid solar PV panels and pumped hydro energy supply systems plays a pivotal role in utilizing natural resources effectively. This initiative not only benefits humanity but also fosters environmental sustainability. The study investigated the design optimization of these hybrid systems, focusing on understanding solar radiation patterns, identifying geographical influences on solar radiation, formulating a mathematical model for system optimization, and determining the optimal configuration of PV panels and pumped hydro storage. Through a comparative analysis approach and eight weeks of data collection, the study addressed key research questions related to solar radiation patterns and optimal system design. The findings highlighted regions with heightened solar radiation levels, showcasing substantial potential for power generation and emphasizing the system's efficiency. Optimizing system design significantly boosted power generation, promoted renewable energy utilization, and enhanced energy storage capacity. The study underscored the benefits of optimizing hybrid solar PV panels and pumped hydro energy supply systems for sustainable energy usage. Optimizing the design of solar PV panels and pumped hydro energy supply systems as examined across diverse climatic conditions in a developing country, not only enhances power generation but also improves the integration of renewable energy sources and boosts energy storage capacities, particularly beneficial for less economically prosperous regions. Additionally, the study provides valuable insights for advancing energy research in economically viable areas. Recommendations included conducting site-specific assessments, utilizing advanced modeling tools, implementing regular maintenance protocols, and enhancing communication among system components.
Event Management System Vb Net Project Report.pdfKamal Acharya
In present era, the scopes of information technology growing with a very fast .We do not see any are untouched from this industry. The scope of information technology has become wider includes: Business and industry. Household Business, Communication, Education, Entertainment, Science, Medicine, Engineering, Distance Learning, Weather Forecasting. Carrier Searching and so on.
My project named “Event Management System” is software that store and maintained all events coordinated in college. It also helpful to print related reports. My project will help to record the events coordinated by faculties with their Name, Event subject, date & details in an efficient & effective ways.
In my system we have to make a system by which a user can record all events coordinated by a particular faculty. In our proposed system some more featured are added which differs it from the existing system such as security.
Courier management system project report.pdfKamal Acharya
It is now-a-days very important for the people to send or receive articles like imported furniture, electronic items, gifts, business goods and the like. People depend vastly on different transport systems which mostly use the manual way of receiving and delivering the articles. There is no way to track the articles till they are received and there is no way to let the customer know what happened in transit, once he booked some articles. In such a situation, we need a system which completely computerizes the cargo activities including time to time tracking of the articles sent. This need is fulfilled by Courier Management System software which is online software for the cargo management people that enables them to receive the goods from a source and send them to a required destination and track their status from time to time.
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Quality defects in TMT Bars, Possible causes and Potential Solutions.PrashantGoswami42
Maintaining high-quality standards in the production of TMT bars is crucial for ensuring structural integrity in construction. Addressing common defects through careful monitoring, standardized processes, and advanced technology can significantly improve the quality of TMT bars. Continuous training and adherence to quality control measures will also play a pivotal role in minimizing these defects.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSEDuvanRamosGarzon1
AIRCRAFT GENERAL
The Single Aisle is the most advanced family aircraft in service today, with fly-by-wire flight controls.
The A318, A319, A320 and A321 are twin-engine subsonic medium range aircraft.
The family offers a choice of engines
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
1. IT402 Cryptography and Cyber
Security
S8 B. Tech
Information Technology
ANVER. S. R
Associate Professor, CSE
LBS College of Engineering,
Kasaragod.
Module 5
Public key CryptoSystem
2. TYPES OF CRYPTOGRAPHY
● SYMMETRIC CRYPTOSYSTEM
− There is a secret(key), which is shared between
two persons.
− Encryption and Decryption are done using the
same key.
− If there are n participating entities, the number
of keys will be ??
− n(n-1)/2
− Based on substitution and permutation of
symbols.
− Made secure by providing confusion and
diffusion.
3. TYPES OF CRYPTOGRAPHY
● ASYMMETRIC CRYPTOSYSTEM
− There is a personal secret(private key),
which is not shared.
− Encryption and Decryption are done
using the different keys.
− For every private key, there is a
corresponding public key belonging to
each person.
− If there are n participating entities, the
number of keys will be ??
− 2n, n private keys and n public keys
4. Asymmetric Cryptosystem
● Based on applying
mathematical functions to
numbers.
● Its made secure by providing
mathematically hard problems.
● More secure from cryptanalysis
than symmetric cryptosystem.
● computationally infeasible to
find private key knowing only
algorithm & public key
● computationally easy to
en/decrypt messages when the
relevant (private/public) key
is known.
5. Public Key
Cryptosystem-Components
● Asymetric Keys
− Two related keys,
− a public key and a private key,
− used to perform complementary
operations,
− encryption and decryption or
− signature generation and
signature verification
● Public Key Certificate
− A digital document issued and
digitally signed by the private key of
a Certification authority that binds
the name of a subscriber to a public
key.
− The certificate indicates that the
subscriber identified in the
certificate has sole control and
− access to the corresponding private
key.
6. Public key Cryptography –
components.
● Public key cryptographic
algorithm:
− A cryptographic algorithm
that uses two related keys,
− a public key and a private
key
● Public key infrastructure (PKI)
− A set of policies, processes,
server platform, software and
workstations used for the
purpose of administrating
certificates and public-private
key pairs, including the ability to
issue, maintain, and revoke
public certificate.
7. Public key cryptosystem –
Ingrediants.
● Plaintext
− This is a readable message or
data that is fed into the
algorithm as the input
● Encryption algorithm
− The encryption algorithm
performs various
transformations on the plaintext
● Public and private keys
− this is a pair of keys that have been
selected so that if one is used for
encryption, the other is used for
decryption.
− The exact transformations
performed by the algorithm
depend on the public key and the
private key that is provided as
input.
8. PKC - Ingredients
● Cipher text
− this is the scrambled
message produced as
output.
● Decryption algorithm
− The algorithm that accepts the
cipher text and matching key
and produces the original plain
text.
9. PKC-The essential steps.
● Each user generates a pair of keys to be used for the encryption and decryption of
messages
● Each user places one of the two keys in public register or other accessible file. This is
public key. The other key is kept private. Each user maintains a collection of public keys
obtained from others
● If Bob wishes to send a confidential message to Alice, Bob encrypts the message using
Alice’s public key.
● When Alice receives the message, she decrypts it using her private key
● No other recipient can decrypt the message because only Alice knows her private key
10. Public key cryptography
● Public key cryptography –
authentication.
●
●
●
● Public key cryptography –
secrecy
12. PKC-Applications
● Applications are divided in three broad categories:
− Encryption/decryption – The sender encrypts the message with the
recipient’s public key.
− Digital Signature – The sender “signs” a message with its private key
− Key exchange – two sides cooperate toexchange a session key
13. Mathematics for public key
cryptosystem
● Euler’s Phi(Totient) function:
− Euler's totient function counts the
positive integers up to a given integer n
that are relatively prime to n. It is
denoted as ϕ(n)
− Zn* denoted the reduced residue mod n
system.
− ϕ(n) is the cardinality of Zn*
− Example n = 9
− Φ(1)=0, ϕ(p)=p-1.
● Fermat’s little Theorem.
− if p is a prime number, then for
any integer a,which is not
divisible by p,
● ap − 1
≡ 1 ( mod p )
● ap
≡ a ( mod p )
− Example:
● a = 2
● p = 7
14. Mathematics for Public key
cryptosystem.
● Euler’s Theorem
− Generalization of fermat’s
little theorem.
− In Fermat’s theorem, modulus
p, a prime number
− Here, n is an integer.
− aφ ( n )
≡ 1 ( mod n )
− ak*φ ( n )+1
≡ a ( mod n )
15. Asymmetric Cryptosystem – hard
problems
● Discrete logarithm problem
− Defined with regard to multiplicative
cyclic groups.
− h=gx
in G, then x is the discrete log of
h to the base g.
− Not always hard, hardness depends
on the groups.
− Zp
*
, p should be a safe prime, a
prime number which equals 2q+1
where q is a large prime number.
● Prime factorization problem
− Prime factorization is a way of
writing a composite number as
a product of prime numbers.
− Is easy if n is the product of
small primes.
− Is hard, if n is the product of
very large primes.
16. Asymmetric crypto system
● Function:
− A rule that associates (maps)
one element in set A to one
element in set B.
● Invertible function:
− A function that associates each
element in the range with
exactly one element in the
domain.
● One way function(OWF)
− Is a function that satisfies
● f is easy to compute,ie.If x is given, can
compute y = f(x)
● f-1
is difficult to compute, if y is given,
computationally infeasible to calculate
x.
− Example:
● Given p, q, n = p * q
● If given n, very difficult to compute p
and q
17. Asymmetric Cryprosystem
● Trapdoor function:
− Is a one way function with an
additional property.
− Given y and a trapdoor
(secret), x can be computed
easily.
● Example:
− Given x, k and n
− Easy to calculate
● y = xk
(mod n)
− Given y, k and n, difficult
− Given y, n and k’ such that
k*k’=1 (mod ϕ(n)), then
● x = yk’
(mod n)
18. RSA Algorithm
● Asymmetric key cryptographic algorithm
● The name RSA is given by taking the firstname of its inventors
Rivest-Shamir-Adleman.
● It uses prime numbers
− This algorithm is based on the fact that it is easy to find and multiply large prime numbers
together, but it is extremely difficult to factor their product
− The private and public keys in RSA are based on very large prime numbers
● The real challenge in RSA is the selection and generation of the public key and
private key
19. RSA Algorithm
1) Choose two prime numbers p and q
2) Calculate n = p * q
3) Calculate ϕ(n) as (p-1) * (q-1)
4) Select the public key e (i.e. Encryption key) such that it is relatively prime to ϕ(n)
5) Calculate the private key d (i.e. Decryption key) such that d is the multiplicative
inverse of e (mod ϕ(n))
6) Publish (n, e) as public key
7) Keep (p, q, d) as private key
20. RSA algorithm
● RSA Encryption(Sender Side)
● Alice
− Sender chooses the Plaintext P
− Public Key of recipient = (n, e)
− Ciphertext C = Pe
(mod n)
● RSA Decryption (Receiver
Side)
● Bob
− Receiver reciever the ciphertext
C encrypted using the public key
of recipient.
− Private key = d
− Plaintext P = Cd
(mod n)
21. RSA algorithm - Example
1) Choose two large prime numbers p and q,
1) let p = 7 and q = 17
2) Calculate n = p * q, n = 7 * 17 = 119
3) Calculate ϕ(n) as (p-1) * (q-1), ϕ(n) = 6 * 16 = 96.
4) Select the public key e (i.e. Encryption key) such that it is relatively prime to ϕ(n)=96
1) The factors of 96 are 2,2,2,2,2 and 3 ( because 96 = 2*2*2*2*2*3)
2) Thus we have to choose E such that none of the factors of E is 2 and 3
3) Lets choose E as 5
22. RSA Algorithm - Example
1. Calculate the private key d (i.e. Decryption key) such that d is the
multiplicative inverse of e (mod ϕ(n))
ie, (d * e) mod ϕ(n) = 1 We have (D * 5) mod (7-1) * (17-1) = 1
i.e. (d * 5) mod 96 = 1
We can use Extended Euclid algorithm to find the multiplicative inverse of 5 mod 96.
d=77, So that (77 * 5) mod (96) = 385 mod 96 = 1
2. Public key = ( 119, 5)
3. Private key is 77
23. RSA Algorithm - Example
● Encryption – Sender Side -
Alice
− P = 10
− Public key = (119, 5)
− C = 105
mod 119
− = 100000 mod 119
− = 40.
− Send C=40 to the receiver.
● Decryption – Receiver Side
− Cipher Text Received = 40
− Private key d = 77
− Plaintext P is calculated as
● P = 4077
mod 119
● = 10.
24. Proof of RSA
● The private key d is unique and d must be co-prime to ɸ (n)
● Proof :
− We have taken e such that e and ɸ (n) are co-prime.
− Therefore, there exists only one unique integer d, such that ed mod ɸ (n) = 1 .
− We have to prove d is unique
● Assume that d is not co-prime so t is the greatest common divisor of d and ɸ (n)
● Let d = c1* t and ɸ (n) = c2* t.
● From ed mod ɸ(n) = 1. We know ed = c3 * ɸ (n) + 1 for some integer c3 .
● Hence: e * c1* t = c3 *c2 * t + 1
● t(e * c1- c3 * c2)=1
− Therefore t=1.
● Hence it is proved that the private key d is unique and co-prime with ɸ (n) .
25. Proof of RSA
● Let C be the ciphertext recieved by Bob.
● Bob Computes the plaintext as P1.
● We have to prove that P1 = P
− Bob Computes P1 as P1 = Cd
(mod n)
− i.e. P1 = (Pe
)d
(mod n)
− = Ped
(mod n)
− ed = k * ɸ(n) + 1 (Since, ed (mod ɸ(n) = 1)
− P1 = Pk * ɸ(n) + 1
(mod n)
− = P mod n = P
− Hence Proved.
26. Attacking RSA
● Brute force attacks: try all possible private keys
− As in the other cases defend using large keys: nowadays integers between 1024 and
2048 bits
● Mathematical attacks
− Factor n into its two primes p,q: this is a hard problem for large n
− Determine φ(n) directly without first determining p,q: this math problem is
equivalent to factoring
− Determine d directly, without first determining φ(n): this is believed to be at least as
difficult as factoring
27. Attacking RSA
● Timing attacks:
− determine a private key by keeping track of how long a computer
takes to decipher a message (ciphertext-only attack) –this is
essentially an attack on the fast exponentiation algorithm but can be
adapted for any other algorithm
− Whenever a bit is 1 the algorithm has more computations to do and
takes more time
28. Timing Attack - Countermeasures
● Countermeasures:
− Ensure that all exponentiations take the same time before returning a result: degrade
performance of the algorithm
− Add some random delay: if there is not enough noise the attack succeeds
− Blinding: multiply the ciphertext by a randomnumber before performing exponentiation
–in this way the attacker does not know the input to the exponentiation algorithm.
● Choose r between 1 to n-1.
● C1 = C * re
mod n
● P1 = C1d
mod n
● P = P1 * r-1
mod n