SlideShare a Scribd company logo

RSA

Download as PPT, PDF
B
bansidhar11

RSA Algorithm

Engineering
1 of 21
CS 426 (Fall 2010) Public Key Encryption and Digital Signatures
Review of Secret Key (Symmetric) Cryptography • Confidentiality – stream ciphers (uses PRNG) – block ciphers with encryption modes • Integrity – Cryptographic hash functions – Message authentication code (keyed hash functions) • Limitation: sender and receiver must share the same key – Needs secure channel for key distribution – Impossible for two parties having no prior relationship – Needs many keys for n parties to communicate
Public Key Encryption Overview • Each party has a PAIR (K, K-1) of keys: – K is the public key, and used for encryption – K-1 is the private key, and used for decryption – Satisfies DK-1[EK[M]] = M • Knowing the public-key K, it is computationally infeasible to compute the private key K-1 – How to check (K,K-1) is a pair? – Offers only computational security. PK Encryption impossible when P=NP, as deriving K-1 from K is in NP. • The public-key K may be made publicly available, e.g., in a publicly available directory – Many can encrypt, only one can decrypt • Public-key systems aka asymmetric crypto systems
Public Key Cryptography Early History • The concept is proposed in Diffie and Hellman (1976) “New Directions in Cryptography” – public-key encryption schemes – public key distribution systems • Diffie-Hellman key agreement protocol – digital signature • Public-key encryption was proposed in 1970 by James Ellis – in a classified paper made public in 1997 by the British Governmental Communications Headquarters • Concept of digital signature is still originally due to Diffie & Hellman
Public Key Encryption Algorithms • Almost all public-key encryption algorithms use either number theory and modular arithmetic, or elliptic curves • RSA – based on the hardness of factoring large numbers • El Gamal – Based on the hardness of solving discrete logarithm – Basic idea: public key gx, private key x, to encrypt: [gy, gxy M].
RSA Algorithm • Invented in 1978 by Ron Rivest, Adi Shamir and Leonard Adleman – Published as R L Rivest, A Shamir, L Adleman, "On Digital Signatures and Public Key Cryptosystems", Communications of the ACM, vol 21 no 2, pp120-126, Feb 1978 • Security relies on the difficulty of factoring large composite numbers • Essentially the same algorithm was discovered in 1973 by Clifford Cocks, who works for the British intelligence
RSA Public Key Crypto System Key generation: 1. Select 2 large prime numbers of about the same size, p and q Typically each p, q has between 512 and 2048 bits 2. Compute n = pq, and (n) = (q-1)(p-1) 3. Select e, 1<e< (n), s.t. gcd(e, (n)) = 1 Typically e=3 or e=65537 4. Compute d, 1< d< (n) s.t. ed  1 mod (n) Knowing (n), d easy to compute. Public key: (e, n) Private key: d
RSA Description (cont.) Encryption Given a message M, 0 < M < n M  Zn {0} use public key (e, n) compute C = Me mod n C  Zn {0} Decryption Given a ciphertext C, use private key (d) Compute Cd mod n = (Me mod n)d mod n = Med mod n = M
Plaintext: M C = Me mod (n=pq) Ciphertext: C Cd mod n From n, difficult to figure out p,q From (n,e), difficult to figure d. From (n,e) and C, difficult to figure out M s.t. C = Me
RSA Example • p = 11, q = 7, n = 77, (n) = 60 • d = 13, e = 37 (ed = 481; ed mod 60 = 1) • Let M = 15. Then C  Me mod n – C  1537 (mod 77) = 71 • M  Cd mod n – M  7113 (mod 77) = 15
RSA Example 2 • Parameters: – p = 3, q = 5, q= pq = 15 – (n) = ? • Let e = 3, what is d? • Given M=2, what is C? • How to decrypt?
RSA Security • Security depends on the difficulty of factoring n – Factor n => (n) => compute d from (e, (n)) • The length of n=pq reflects the strength – 700-bit n factored in 2007 – 768 bit factored in 2009 • 1024 bit for minimal level of security today – likely to be breakable in near future • Minimal 2048 bits recommended for current usage • NIST suggests 15360-bit RSA keys are equivalent in strength to 256-bit • RSA speed is quadratic in key length
Real World Usage of Public Key Encryption • Often used to encrypt a symmetric key – To encrypt a message M under a public key (n,e), generate a new AES key K, compute [RSA(n,e,K), AES(K,M)] • Plain RSA does not satisfy IND requirement. – How to break it? • One often needs padding, e.g., Optimal Asymmetric Encryption Padding (OAEP) – Roughly, to encrypt M, chooses random r, encode M as M’ = [X = M  H1(r) , Y= r  H2(X) ] where H1 and H2 are cryptographic hash functions, then encrypt it as (M’) e mod n – Note that given M’=[X,Y], r = Y  H2(X), and M = X  H1(r)
Digital Signatures: The Problem • Consider the real-life example where a person pays by credit card and signs a bill; the seller verifies that the signature on the bill is the same with the signature on the card • Contracts, they are valid if they are signed. • Signatures provide non-repudiation. – ensuring that a party in a dispute cannot repudiate, or refute the validity of a statement or contract. • Can we have a similar service in the electronic world? – Does Message Authentication Code provide non-repudiation? Why?
Digital Signatures • MAC: One party generates MAC, one party verifies integrity. • Digital signatures: One party generates signature, many parties can verify. • Digital Signature: a data string which associates a message with some originating entity. • Digital Signature Scheme: – a signing algorithm: takes a message and a (private) signing key, outputs a signature – a verification algorithm: takes a (public) key verification key, a message, and a signature • Provides: – Authentication, Data integrity, Non-Repudiation
Digital Signatures and Hash • Very often digital signatures are used with hash functions, hash of a message is signed, instead of the message. • Hash function must be: – Pre-image resistant – Weak collision resistant – Strong collision resistant
RSA Signatures Key generation (as in RSA encryption): • Select 2 large prime numbers of about the same size, p and q • Compute n = pq, and  = (q - 1)(p - 1) • Select a random integer e, 1 < e < , s.t. gcd(e, ) = 1 • Compute d, 1 < d <  s.t. ed  1 mod  Public key: (e, n) used for verification Secret key: d, used for generation
RSA Signatures (cont.) Signing message M • Verify 0 < M < n • Compute S = Md mod n Verifying signature S • Use public key (e, n) • Compute Se mod n = (Md mod n)e mod n = M Note: in practice, a hash of the message is signed and not the message itself.
The Big Picture Secrecy / Confidentiality Stream ciphers Block ciphers + encryption modes Public key encryption: RSA, El Gamal, etc. Authenticity / Integrity Message Authentication Code Digital Signatures: RSA, DSA, etc. Secret Key Setting Public Key Setting
Readings for This Lecture • Differ & Hellman: – New Directions in Cryptography
Coming Attractions … • Key management and certificates

Recommended

rsa-1
rsa-1rsa-1
rsa-1aniruddh Tyagi
 
Rsa
RsaRsa
RsaNavneet Sharma
 
Rsa Crptosystem
Rsa CrptosystemRsa Crptosystem
Rsa CrptosystemAmlan Patel
 
Cryptography using rsa cryptosystem
Cryptography using rsa cryptosystemCryptography using rsa cryptosystem
Cryptography using rsa cryptosystemSamdish Arora
 
Digital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA AlgorithmDigital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA AlgorithmVinayak Raja
 
Computer Security Lecture 7: RSA
Computer Security Lecture 7: RSAComputer Security Lecture 7: RSA
Computer Security Lecture 7: RSAMohamed Loey
 
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmIndra97065
 
Rsa
RsaRsa
Rsaismaelhaider
 

Recommended

rsa-1
rsa-1rsa-1
rsa-1aniruddh Tyagi
 
Rsa
RsaRsa
RsaNavneet Sharma
 
Rsa Crptosystem
Rsa CrptosystemRsa Crptosystem
Rsa CrptosystemAmlan Patel
 
Cryptography using rsa cryptosystem
Cryptography using rsa cryptosystemCryptography using rsa cryptosystem
Cryptography using rsa cryptosystemSamdish Arora
 
Digital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA AlgorithmDigital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA AlgorithmVinayak Raja
 
Computer Security Lecture 7: RSA
Computer Security Lecture 7: RSAComputer Security Lecture 7: RSA
Computer Security Lecture 7: RSAMohamed Loey
 
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmIndra97065
 
Rsa
RsaRsa
Rsaismaelhaider
 
RSA algorithm
RSA algorithmRSA algorithm
RSA algorithmArpana shree
 
Information and data security public key cryptography and rsa
Information and data security public key cryptography and rsaInformation and data security public key cryptography and rsa
Information and data security public key cryptography and rsaMazin Alwaaly
 
Presentation about RSA
Presentation about RSAPresentation about RSA
Presentation about RSASrilal Buddika
 
Asymmetric Cryptography.pptx
Asymmetric Cryptography.pptxAsymmetric Cryptography.pptx
Asymmetric Cryptography.pptxdiaa46
 
RSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyRSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyMd. Shafiul Alam Sagor
 
Rsa algorithm key generation
Rsa algorithm key generation Rsa algorithm key generation
Rsa algorithm key generation swarnapatil
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve CryptographyJorgeVillamarin5
 
ElGamal Encryption Algoritham.pptx
ElGamal Encryption Algoritham.pptxElGamal Encryption Algoritham.pptx
ElGamal Encryption Algoritham.pptxIndian Institute of information technology Una
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography FundamentalsDuy Do Phan
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
Cryptography
CryptographyCryptography
CryptographyKARNAN L S
 
The rsa algorithm
The rsa algorithmThe rsa algorithm
The rsa algorithmKomal Singh
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHMSathish Kumar
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101n|u - The Open Security Community
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA AlgorithmSrinadh Muvva
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHMShashank Shetty
 
Cryptography
CryptographyCryptography
CryptographyDarshini Parikh
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Ahmed Mohamed Mahmoud
 
New ppt.ppt
New ppt.pptNew ppt.ppt
New ppt.pptssuser4030a8
 
3 pkc+rsa
3 pkc+rsa3 pkc+rsa
3 pkc+rsaShashank Mishra
 

More Related Content

What's hot

Information and data security public key cryptography and rsa
Information and data security public key cryptography and rsaInformation and data security public key cryptography and rsa
Information and data security public key cryptography and rsaMazin Alwaaly
 
Presentation about RSA
Presentation about RSAPresentation about RSA
Presentation about RSASrilal Buddika
 
Asymmetric Cryptography.pptx
Asymmetric Cryptography.pptxAsymmetric Cryptography.pptx
Asymmetric Cryptography.pptxdiaa46
 
RSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyRSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyMd. Shafiul Alam Sagor
 
Rsa algorithm key generation
Rsa algorithm key generation Rsa algorithm key generation
Rsa algorithm key generation swarnapatil
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve CryptographyJorgeVillamarin5
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography FundamentalsDuy Do Phan
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
The rsa algorithm
The rsa algorithmThe rsa algorithm
The rsa algorithmKomal Singh
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Ahmed Mohamed Mahmoud
 

What's hot (20)

RSA algorithm
RSA algorithmRSA algorithm
RSA algorithm
 
Information and data security public key cryptography and rsa
Information and data security public key cryptography and rsaInformation and data security public key cryptography and rsa
Information and data security public key cryptography and rsa
 
Presentation about RSA
Presentation about RSAPresentation about RSA
Presentation about RSA
 
Asymmetric Cryptography.pptx
Asymmetric Cryptography.pptxAsymmetric Cryptography.pptx
Asymmetric Cryptography.pptx
 
RSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyRSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key Cryptography
 
Rsa algorithm key generation
Rsa algorithm key generation Rsa algorithm key generation
Rsa algorithm key generation
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve Cryptography
 
ElGamal Encryption Algoritham.pptx
ElGamal Encryption Algoritham.pptxElGamal Encryption Algoritham.pptx
ElGamal Encryption Algoritham.pptx
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography Fundamentals
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
The rsa algorithm
The rsa algorithmThe rsa algorithm
The rsa algorithm
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA Algorithm
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
 
Cryptography
CryptographyCryptography
Cryptography
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)
 

Similar to RSA

PUBLIC KEY & RSA.ppt
PUBLIC KEY & RSA.pptPUBLIC KEY & RSA.ppt
PUBLIC KEY & RSA.pptRizwanBasha12
 
Unit-III_3R-CRYPTO_2021-22_VSM.pptx
Unit-III_3R-CRYPTO_2021-22_VSM.pptxUnit-III_3R-CRYPTO_2021-22_VSM.pptx
Unit-III_3R-CRYPTO_2021-22_VSM.pptxVishwanathMahalle
 
OS ppt Modified.pptx
OS ppt Modified.pptxOS ppt Modified.pptx
OS ppt Modified.pptxStudyvAbhi
 
RSA Algorithm.ppt
RSA Algorithm.pptRSA Algorithm.ppt
RSA Algorithm.pptArchanaT30
 
Information and network security 33 rsa algorithm
Information and network security 33 rsa algorithmInformation and network security 33 rsa algorithm
Information and network security 33 rsa algorithmVaibhav Khanna
 
Simple Overview of PKI and Digital signature by Tarek_Gaber
Simple Overview of PKI and Digital signature by Tarek_GaberSimple Overview of PKI and Digital signature by Tarek_Gaber
Simple Overview of PKI and Digital signature by Tarek_GaberTarek Gaber
 
Rivest Shamir Adleman Algorithm and its variant : DRSA.pptx
Rivest Shamir Adleman Algorithm and its variant : DRSA.pptxRivest Shamir Adleman Algorithm and its variant : DRSA.pptx
Rivest Shamir Adleman Algorithm and its variant : DRSA.pptxwerip98386
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securityNagendra Um
 
RSA & MD5 algorithm
RSA & MD5 algorithmRSA & MD5 algorithm
RSA & MD5 algorithmSiva Rushi
 

Similar to RSA (20)

New ppt.ppt
New ppt.pptNew ppt.ppt
New ppt.ppt
 
3 pkc+rsa
3 pkc+rsa3 pkc+rsa
3 pkc+rsa
 
Introduction to cryptography
Introduction to cryptographyIntroduction to cryptography
Introduction to cryptography
 
Common Crypto Pitfalls
Common Crypto PitfallsCommon Crypto Pitfalls
Common Crypto Pitfalls
 
Ch9
Ch9Ch9
Ch9
 
PUBLIC KEY & RSA.ppt
PUBLIC KEY & RSA.pptPUBLIC KEY & RSA.ppt
PUBLIC KEY & RSA.ppt
 
Unit-III_3R-CRYPTO_2021-22_VSM.pptx
Unit-III_3R-CRYPTO_2021-22_VSM.pptxUnit-III_3R-CRYPTO_2021-22_VSM.pptx
Unit-III_3R-CRYPTO_2021-22_VSM.pptx
 
OS ppt Modified.pptx
OS ppt Modified.pptxOS ppt Modified.pptx
OS ppt Modified.pptx
 
Rsa
RsaRsa
Rsa
 
RSA Algorithm.ppt
RSA Algorithm.pptRSA Algorithm.ppt
RSA Algorithm.ppt
 
Information and network security 33 rsa algorithm
Information and network security 33 rsa algorithmInformation and network security 33 rsa algorithm
Information and network security 33 rsa algorithm
 
RSA
RSARSA
RSA
 
PKC&RSA
PKC&RSAPKC&RSA
PKC&RSA
 
Simple Overview of PKI and Digital signature by Tarek_Gaber
Simple Overview of PKI and Digital signature by Tarek_GaberSimple Overview of PKI and Digital signature by Tarek_Gaber
Simple Overview of PKI and Digital signature by Tarek_Gaber
 
CNS.ppt
CNS.pptCNS.ppt
CNS.ppt
 
Rivest Shamir Adleman Algorithm and its variant : DRSA.pptx
Rivest Shamir Adleman Algorithm and its variant : DRSA.pptxRivest Shamir Adleman Algorithm and its variant : DRSA.pptx
Rivest Shamir Adleman Algorithm and its variant : DRSA.pptx
 
Ch09
Ch09Ch09
Ch09
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
RSA & MD5 algorithm
RSA & MD5 algorithmRSA & MD5 algorithm
RSA & MD5 algorithm
 
Public key cryptography and RSA
Public key cryptography and RSAPublic key cryptography and RSA
Public key cryptography and RSA
 

Recently uploaded

Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.eptoze12
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxvipinkmenon1
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxbritheesh05
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...asadnawaz62
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 

Recently uploaded (20)

Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptx
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptx
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...
 
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 

RSA

  • 1. CS 426 (Fall 2010) Public Key Encryption and Digital Signatures
  • 2. Review of Secret Key (Symmetric) Cryptography • Confidentiality – stream ciphers (uses PRNG) – block ciphers with encryption modes • Integrity – Cryptographic hash functions – Message authentication code (keyed hash functions) • Limitation: sender and receiver must share the same key – Needs secure channel for key distribution – Impossible for two parties having no prior relationship – Needs many keys for n parties to communicate
  • 3. Public Key Encryption Overview • Each party has a PAIR (K, K-1) of keys: – K is the public key, and used for encryption – K-1 is the private key, and used for decryption – Satisfies DK-1[EK[M]] = M • Knowing the public-key K, it is computationally infeasible to compute the private key K-1 – How to check (K,K-1) is a pair? – Offers only computational security. PK Encryption impossible when P=NP, as deriving K-1 from K is in NP. • The public-key K may be made publicly available, e.g., in a publicly available directory – Many can encrypt, only one can decrypt • Public-key systems aka asymmetric crypto systems
  • 4. Public Key Cryptography Early History • The concept is proposed in Diffie and Hellman (1976) “New Directions in Cryptography” – public-key encryption schemes – public key distribution systems • Diffie-Hellman key agreement protocol – digital signature • Public-key encryption was proposed in 1970 by James Ellis – in a classified paper made public in 1997 by the British Governmental Communications Headquarters • Concept of digital signature is still originally due to Diffie & Hellman
  • 5. Public Key Encryption Algorithms • Almost all public-key encryption algorithms use either number theory and modular arithmetic, or elliptic curves • RSA – based on the hardness of factoring large numbers • El Gamal – Based on the hardness of solving discrete logarithm – Basic idea: public key gx, private key x, to encrypt: [gy, gxy M].
  • 6. RSA Algorithm • Invented in 1978 by Ron Rivest, Adi Shamir and Leonard Adleman – Published as R L Rivest, A Shamir, L Adleman, "On Digital Signatures and Public Key Cryptosystems", Communications of the ACM, vol 21 no 2, pp120-126, Feb 1978 • Security relies on the difficulty of factoring large composite numbers • Essentially the same algorithm was discovered in 1973 by Clifford Cocks, who works for the British intelligence
  • 7. RSA Public Key Crypto System Key generation: 1. Select 2 large prime numbers of about the same size, p and q Typically each p, q has between 512 and 2048 bits 2. Compute n = pq, and (n) = (q-1)(p-1) 3. Select e, 1<e< (n), s.t. gcd(e, (n)) = 1 Typically e=3 or e=65537 4. Compute d, 1< d< (n) s.t. ed  1 mod (n) Knowing (n), d easy to compute. Public key: (e, n) Private key: d
  • 8. RSA Description (cont.) Encryption Given a message M, 0 < M < n M  Zn {0} use public key (e, n) compute C = Me mod n C  Zn {0} Decryption Given a ciphertext C, use private key (d) Compute Cd mod n = (Me mod n)d mod n = Med mod n = M
  • 9. Plaintext: M C = Me mod (n=pq) Ciphertext: C Cd mod n From n, difficult to figure out p,q From (n,e), difficult to figure d. From (n,e) and C, difficult to figure out M s.t. C = Me
  • 10. RSA Example • p = 11, q = 7, n = 77, (n) = 60 • d = 13, e = 37 (ed = 481; ed mod 60 = 1) • Let M = 15. Then C  Me mod n – C  1537 (mod 77) = 71 • M  Cd mod n – M  7113 (mod 77) = 15
  • 11. RSA Example 2 • Parameters: – p = 3, q = 5, q= pq = 15 – (n) = ? • Let e = 3, what is d? • Given M=2, what is C? • How to decrypt?
  • 12. RSA Security • Security depends on the difficulty of factoring n – Factor n => (n) => compute d from (e, (n)) • The length of n=pq reflects the strength – 700-bit n factored in 2007 – 768 bit factored in 2009 • 1024 bit for minimal level of security today – likely to be breakable in near future • Minimal 2048 bits recommended for current usage • NIST suggests 15360-bit RSA keys are equivalent in strength to 256-bit • RSA speed is quadratic in key length
  • 13. Real World Usage of Public Key Encryption • Often used to encrypt a symmetric key – To encrypt a message M under a public key (n,e), generate a new AES key K, compute [RSA(n,e,K), AES(K,M)] • Plain RSA does not satisfy IND requirement. – How to break it? • One often needs padding, e.g., Optimal Asymmetric Encryption Padding (OAEP) – Roughly, to encrypt M, chooses random r, encode M as M’ = [X = M  H1(r) , Y= r  H2(X) ] where H1 and H2 are cryptographic hash functions, then encrypt it as (M’) e mod n – Note that given M’=[X,Y], r = Y  H2(X), and M = X  H1(r)
  • 14. Digital Signatures: The Problem • Consider the real-life example where a person pays by credit card and signs a bill; the seller verifies that the signature on the bill is the same with the signature on the card • Contracts, they are valid if they are signed. • Signatures provide non-repudiation. – ensuring that a party in a dispute cannot repudiate, or refute the validity of a statement or contract. • Can we have a similar service in the electronic world? – Does Message Authentication Code provide non-repudiation? Why?
  • 15. Digital Signatures • MAC: One party generates MAC, one party verifies integrity. • Digital signatures: One party generates signature, many parties can verify. • Digital Signature: a data string which associates a message with some originating entity. • Digital Signature Scheme: – a signing algorithm: takes a message and a (private) signing key, outputs a signature – a verification algorithm: takes a (public) key verification key, a message, and a signature • Provides: – Authentication, Data integrity, Non-Repudiation
  • 16. Digital Signatures and Hash • Very often digital signatures are used with hash functions, hash of a message is signed, instead of the message. • Hash function must be: – Pre-image resistant – Weak collision resistant – Strong collision resistant
  • 17. RSA Signatures Key generation (as in RSA encryption): • Select 2 large prime numbers of about the same size, p and q • Compute n = pq, and  = (q - 1)(p - 1) • Select a random integer e, 1 < e < , s.t. gcd(e, ) = 1 • Compute d, 1 < d <  s.t. ed  1 mod  Public key: (e, n) used for verification Secret key: d, used for generation
  • 18. RSA Signatures (cont.) Signing message M • Verify 0 < M < n • Compute S = Md mod n Verifying signature S • Use public key (e, n) • Compute Se mod n = (Md mod n)e mod n = M Note: in practice, a hash of the message is signed and not the message itself.
  • 19. The Big Picture Secrecy / Confidentiality Stream ciphers Block ciphers + encryption modes Public key encryption: RSA, El Gamal, etc. Authenticity / Integrity Message Authentication Code Digital Signatures: RSA, DSA, etc. Secret Key Setting Public Key Setting
  • 20. Readings for This Lecture • Differ & Hellman: – New Directions in Cryptography
  • 21. Coming Attractions … • Key management and certificates