Introduction to Public key Cryptosystems with block diagrams
Reference : Cryptography and Network Security Principles and Practice , Sixth Edition , William Stalling
The presentation include:
-Diffie hellman key exchange algorithm
-Primitive roots
-Discrete logarithm and discrete logarithm problem
-Attacks on diffie hellman and their possible solution
-Key distribution center
In cryptography, a block cipher is a deterministic algorithm operating on ... Systems as a means to effectively improve security by combining simple operations such as .... Finally, the cipher should be easily cryptanalyzable, such that it can be ...
Introduction to Public key Cryptosystems with block diagrams
Reference : Cryptography and Network Security Principles and Practice , Sixth Edition , William Stalling
The presentation include:
-Diffie hellman key exchange algorithm
-Primitive roots
-Discrete logarithm and discrete logarithm problem
-Attacks on diffie hellman and their possible solution
-Key distribution center
In cryptography, a block cipher is a deterministic algorithm operating on ... Systems as a means to effectively improve security by combining simple operations such as .... Finally, the cipher should be easily cryptanalyzable, such that it can be ...
The Diffie-Hellman algorithm was developed by Whitfield Diffie and Martin Hellman in 1976.
This algorithm was devices not to encrypt the data but to generate same private cryptographic key at both ends so that there is no need to transfer this key from one communication end to another.
Diffie – Hellman algorithm is an algorithm that allows two parties to get the shared secret key using the communication channel, which is not protected from the interception but is protected from modification.
The presentation describes basics of cryptography and information security. It covers goals of cryptography, history of cipher symmetric and public key cryptography
Security Hash Algorithm (SHA) was developed in 1993 by the National Institute of Standards and Technology (NIST) and National Security Agency (NSA).
It was designed as the algorithm to be used for secure hashing in the US Digital Signature Standard.
• Hashing function is one of the most commonly used encryption methods. A hash is a special mathematical function that performs one-way encryption.
• SHA-l is a revised version of SHA designed by NIST and was published as a Federal Information Processing Standard (FIPS).
• Like MD5, SHA-l processes input data in 512-bit blocks.
• SHA-l generates a 160-bit message digest. Whereas MD5 generated message digest of 128 bits.
• The procedure is used to send a non secret but signed message from sender to receiver. In such a case following steps are followed:
1. Sender feeds a plaintext message into SHA-l algorithm and obtains a 160-bit SHA-l hash.
2. Sender then signs the hash with his RSA private key and sends both the plaintext message and the signed hash to the receiver.
3. After receiving the message, the receiver computes the SHA-l hash himself and also applies the sender's public key to the signed hash to obtain the original hash H.
Information and network security 33 rsa algorithmVaibhav Khanna
RSA algorithm is asymmetric cryptography algorithm. Asymmetric actually means that it works on two different keys i.e. Public Key and Private Key. As the name describes that the Public Key is given to everyone and Private key is kept private
Public-Key Cryptography.pdfWrite the result of the following operation with t...FahmiOlayah
Write the result of the following operation with the correct number of significant figure of 0.248?Write the result of the following operation with the correct number of signi
The Diffie-Hellman algorithm was developed by Whitfield Diffie and Martin Hellman in 1976.
This algorithm was devices not to encrypt the data but to generate same private cryptographic key at both ends so that there is no need to transfer this key from one communication end to another.
Diffie – Hellman algorithm is an algorithm that allows two parties to get the shared secret key using the communication channel, which is not protected from the interception but is protected from modification.
The presentation describes basics of cryptography and information security. It covers goals of cryptography, history of cipher symmetric and public key cryptography
Security Hash Algorithm (SHA) was developed in 1993 by the National Institute of Standards and Technology (NIST) and National Security Agency (NSA).
It was designed as the algorithm to be used for secure hashing in the US Digital Signature Standard.
• Hashing function is one of the most commonly used encryption methods. A hash is a special mathematical function that performs one-way encryption.
• SHA-l is a revised version of SHA designed by NIST and was published as a Federal Information Processing Standard (FIPS).
• Like MD5, SHA-l processes input data in 512-bit blocks.
• SHA-l generates a 160-bit message digest. Whereas MD5 generated message digest of 128 bits.
• The procedure is used to send a non secret but signed message from sender to receiver. In such a case following steps are followed:
1. Sender feeds a plaintext message into SHA-l algorithm and obtains a 160-bit SHA-l hash.
2. Sender then signs the hash with his RSA private key and sends both the plaintext message and the signed hash to the receiver.
3. After receiving the message, the receiver computes the SHA-l hash himself and also applies the sender's public key to the signed hash to obtain the original hash H.
Information and network security 33 rsa algorithmVaibhav Khanna
RSA algorithm is asymmetric cryptography algorithm. Asymmetric actually means that it works on two different keys i.e. Public Key and Private Key. As the name describes that the Public Key is given to everyone and Private key is kept private
Public-Key Cryptography.pdfWrite the result of the following operation with t...FahmiOlayah
Write the result of the following operation with the correct number of significant figure of 0.248?Write the result of the following operation with the correct number of signi
Cryptography is the practice and study of techniques for conveying information security.
The goal of Cryptography is to allow the intended recipients of the message to receive the message securely.
The most famous algorithm used today is RSA algorithm
Simple Overview Caesar and RSA Encryption_by_Tarek_GaberTarek Gaber
Lecture Objectives
1- To learn Caesar encryption as an example of symmetric encryption techniques
2- To learn RSA encryption as an example of asymmetric encryption techniques
RSA always uses two big prime numbers to deal with the encryption process. The public key is obtained from the multiplication of both figures. However, we can break it by doing factorization to split the public key into two individual numbers. Cryptanalysis can perform the public key crack by knowing its value. The private key will be soon constructed after the two numbers retrieved. The public key is noted as “N”, while "N = P . Q". This technique is unclassified anymore to solve the RSA public and private key. If it is successfully factored into p and q then ɸ (N) = (P - 1) . (Q - 1) can be further calculated. By having the public key e, the private key d will be solved. Factorization method is the best way to do the demolition. This study concerns to numbers factorization. GCD calculation will produce the encryption "E" and decryption "D" keys, but it depends on the computer speed.
HW 5-RSA/ascii2str.m
function str = ascii2str(ascii)
% Convert to string
str = char(ascii);
HW 5-RSA/bigmod.m
function remainder = bigmod (number, power, modulo)
% modulo function for large numbers, -> number^power(mod modulo)
% by bennyboss / 2005-06-24 / Matlab 7
% I used algorithm from this webpage:
% http://www.disappearing-inc.com/ciphers/rsa.html
% binary decomposition
binary(1,1) = 1;
col = 2;
while ( binary(1, col-1) <= power-binary(1, col-1) )
binary(1, col) = 2*binary(1, col-1);
col = col + 1;
end
% flip matrix
binary = fliplr(binary);
% extract binary decomposition from number
result = power;
cols = length(binary);
extracted_binary = zeros(1, cols);
index = zeros(1, cols);
for ( col=1 : cols )
if( result-binary(1, col) > 0 )
result = result - binary(1, col);
extracted_binary(1, col) = binary(1, col);
index(1, col) = col;
elseif ( result-binary(1, col) == 0 )
extracted_binary(1, col) = binary(1, col);
index(1, col) = col;
break;
end
end
% flip matrix
binary = fliplr(binary);
% doubling the powers by squaring the numbers
cols2 = length(extracted_binary);
rem_sqr = zeros(1, cols);
rem_sqr(1, 1) = mod(number^1, modulo);
if ( cols2 > 1 )
for ( col=2 : cols)
rem_sqr(1, col) = mod(rem_sqr(1, col-1)^2, modulo);
end
end
% flip matrix
rem_sqr = fliplr(rem_sqr);
% compute reminder
index = find(index);
remainder = rem_sqr(1, index(1, 1));
cols = length(index);
for (col=2 : cols)
remainder = mod(remainder*rem_sqr(1, index(1, col)), modulo);
end
HW 5-RSA/EGCP447-Lecture No 10.pdf
RSA Encryption
RSA = Rivest, Shamir, and Adelman (MIT), 1978
Underlying hard problem
– Number theory – determining prime factors of a given
(large) number
e.g., factoring of small #: 5 -) 5, 6 -) 2 *3
– Arithmetic modulo n
How secure is RSA?
– So far remains secure (after all these years...)
– Will somebody propose a quick algorithm to factor
large numbers?
– Will quantum computing break it? -) TBD
RSA Encryption
In RSA:
– P = E (D(P)) = D(E(P)) (order of D/E does not matter)
– More precisely: P = E(kE, D(kD, P)) = D(kD, E(kE, P))
Encryption: C = Pe mod n KE = e
– n is the key length
– Note, P is turned into an integer using a padding
scheme
– Given C, it is very difficult to find P without knowing
KD
Decryption: P = Cd mod n KD = d
We will look at this algorithm in detail next time
RSA Algorithm
1. Key Generation
– A key generation algorithm
2. RSA Function Evaluation
– A function F, that takes as an input a point x and a
key k and produces either an encrypted result or
plaintext, depending on the input and the key
Key Generation
The key generation algorithm is the most
complex part of RSA
The aim of the key generation algorithm is to
generate both th ...
Implementation of RSA Algorithm with Chinese Remainder Theorem for Modulus N ...CSCJournals
Cryptography has several important aspects in supporting the security of the data, which
guarantees confidentiality, integrity and the guarantee of validity (authenticity) data. One of the
public-key cryptography is the RSA cryptography. The greater the size of the modulus n, it will be
increasingly difficult to factor the value of n. But the flaws in the RSA algorithm is the time
required in the decryption process is very long. Theorem used in this research is the Chinese
Remainder Theorem (CRT). The goal is to find out how much time it takes RSA-CRT on the size
of modulus n 1024 bits and 4096 bits to perform encryption and decryption process and its
implementation in Java programming. This implementation is intended as a means of proof of
tests performed and generate a cryptographic system with the name "RSA and RSA-CRT Text
Security". The results of the testing algorithm is RSA-CRT 1024 bits has a speed of
approximately 3 times faster in performing the decryption. In testing the algorithm RSA-CRT 4096
bits, the conclusion that the decryption process is also effective undertaken more rapidly.
However, the flaws in the key generation process and the RSA 4096 bits RSA-CRT is that the
time needed is longer to generate the keys.
Signyourd digital signature certificate providerKishankant Yadav
a digital code (generated and authenticated by public key encryption) which is attached to an electronically transmitted document to verify its contents and the sender's identity.
This definition explains how digital signatures work and what they are used for. Learn about the mathematical underpinnings of digital signature technology
A digital signature is basically a way to ensure that an electronic document (e-mail, spreadsheet, text file, etc.) is authentic. Authentic means that you know who created the document and you know that it has not been altered in any way since that person created it.
https://signyourdoc.com/
Key Topics are ....
Number Theory
Public key encryption
Modular Arithmetic
Euclid’s Algorithm
Chinese Remainder Theorem
Euler's Theorem
Fermat's Theorem
RSA Public Key Encryption
Can we reveal the RSA private exponent d from its public key <e, n>? We study this question for two specific cases: e = 3 and e = 65537. Using demos, we verify that RSA reveals the most significant half of the private exponent d when the public exponent e is small. For example, for 2048-bit RSA, the most significant 1024 bits are revealed!
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
2. INTRODUCTION
By Rivest, Shamir & Adleman of MIT in 1977.
Best known & widely used public-key scheme.
uses large integers (eg. 1024 bits)
Based on exponentiation in a finite field over integers
modulo a prime
Plaintext is encrypted in blocks, with each block
having the binary value less than some number n.
Security due to cost of factoring large numbers.
4. 1) Generate two large prime numbers, p and q
To make the example easy to follow I am going to use small numbers, but
this is not secure. To find random primes, we start at a random number and
go up ascending odd numbers until we find a prime. Lets have:
p=7
q = 19
2) Let n = pq
n = 7 * 19
= 133
3) Let m = (p - 1)(q - 1)
m = (7 - 1)(19 - 1)
= 6 * 18
= 108
5. 4) Choose a small number, e coprime to m (
e coprime to m, means that the largest number that can exactly
divide both e and m (their greatest common divisor, or gcd) is 1.
Euclid's algorithm is used to find the GCD of two numbers.
e = 2 => GCD(108,e) = 2 (no)
e = 3 => GCD(108,e) = 3 (no)
e = 4 => GCD(108,e) = 4 (no)
e = 5 => GCD(108,e) = 1 (yes!)
6. 5) Find d, such that {de mod ɸ(n) = 1}
This is equivalent to finding d which satisfies de = 1 + km where k is
any integer. We can rewrite this as d = (1 + km) / e. Now we work
through values of k until an integer solution for e is found:
k = 0 => d = 1 / 5 (no)
k = 1 => d = 109 / 5 (no)
k = 2 => d = 217 / 5 (no)
k = 3 => d = 325 / 5
= 65 (yes!)
To do this with big numbers, a more sophisticated algorithm called
extended Euclid must be used.
7. Public Key
Secret Key
n = 133
e=5
m =108
d = 65
Communication
6) Encryption
The message must be a number less than the smaller of p and q. However, at
this point we don't know p or q, so in practice a lower bound on p and q must
be published. This can be somewhat below their true value and so isn't a major
security concern. For this example, lets use the message "6".
Cipher = (message)e mod n
= 65 mod 133
= 7776 mod 133
= 62
8. 7) Decryption
This works very much like encryption, but involves a larger
exponentiation, which is broken down into several steps.
message = (cipher)d mod n
= 6265 mod 133
= 62 * 6264 mod 133
= 62 * (622)32 mod133
= 62 * 384432 mod 133
= 62 * (3844 mod133)32 mod 133
= 62 * 12032 mod 133
We now repeat the sequence of operations that reduced 6265 to 12032 to
reduce the exponent down to 1.
= 62 * 3616 mod 133
= 62 * 998 mod 133
= 62 * 924 mod 133
= 62 * 852 mod 133
= 62 * 43 mod 133
= 2666 mod 133 = 6
9. Fermat's Theorem
ap-1 mod p = 1
where p is prime and gcd(a,p)=1
also known as Fermat’s Little Theorem
useful in public key and primality testing
10. EULER’S THEOREM & TOTIENT FUNCTION Ø(n)
•
Euler’s totient function (ɸ(n)), defined as the number of
positive integers less than n and relatively prime to n.
– for p (p prime)
– for p.q (p,q prime)
ø(p) = p-1
ø(p.q) = (p-1)(q-1)
• For Example: DETERMINE ɸ (37) and ɸ(35).
• Because 37 is prime, all of the positive integers from 1
through 36 are relatively prime to 37.Thus ɸ (37)=36.
• To determine ɸ(35), we list all of the positive integers less
than 35 that are relatively prime to it:
1, 2, 3, 4, 6, 8, 9, 11, 12, 13, 16, 17, 18
19, 22, 23, 24, 26, 27, 29, 31, 32, 33, 34
• There are 24 numbers on the list, so ɸ(35) = 24.
11. EULER’S THEOREM & TOTIENT FUNCTION Ø(n) (cont…)
(Generalization of Fermat’s Little Theorem)
In a more general sense what is (p-1)? Ø(p).
Ø(p) = Number of integers a < p such that (a, p) = 1.
This is obviously (p-1) because p is prime.
So we can say
akø(p)+1 ≡ a (mod p)
More generally, let n = p • q p prime, q prime.
akø(n)+1 ≡ a (mod n)
p = 3, q = 5, n = 15, Ø(n) = (3-1) • (5-1) = 8
a = 7:
78+1 = 7 (mod 15)
78k+1 = 7 (mod 15)
a = 5:
58+1 = 5 (mod 15)
58k+1 = 5 (mod 15)
12. CARMICHAEL’S THEOREM
( A Refinement of Euler’s Theorem)
Is also called as reduced totient function.
Ø(n) = (p-1) • (q-1)
λ(n) = LCM{(p-1), (q-1)}
akλ(n)+1 ≡ a (mod n)
p = 3, q = 5, n = 15, Ø(n) = (3-1) • (5-1) = 8
λ(n) = LCM{(p-1), (q-1)} = LCM{2, 4} = 4
a = 7:
74+1 = 7 (mod 15)
74k+1 = 7 (mod 15)
a = 5:
54+1 = 5 (mod 15)
54k+1 = 5 (mod 15)
13. RSA EXAMPLE 2
Choose p = 19, q = 37, n = 703
Ø(n) = 648,
λ(n) = 36,
GCD{(p-1),(q-1)} = 18
Choose e = 5
CARMICHAEL d = 29
EULER d = 389
Both d’s will work, but Carmichael gives a much simpler d; in
this case security is reduced.
14. Factoring Problem
Mathematical approach takes 3 forms:
– factor N=p.q, hence find ø(N) and then .
– determine ø(N) directly and find d
– find d directly
15. FERMAT FACTORIZATION
Fermat factorization attempts to factor a number by
representing it as the difference of two squares.
• Proposition: Let n be an odd integer. There is a one-to-one
correspondence .
• Proof: If n=ab, n is odd so a and b are odd. Then a+b and a-b
are even, so (a+b)/2 and (a-b)/2 are integers. Now
expresses n as a difference of two squares. Conversely,
suppose n is written as as difference of squares:
Then n=(s+t) (s-t) is a factorization of n.
16.
17. QUADRATIC SIEVE FACTORIZATION
Our goal is to find a nontrivial factorization of n:
• Consider the value n=1649, a composite number but not
divisible by any prime up to its logarithm.
and so on, with no squares in immediate sight.
• Note that while neither 32 nor 200 is a square, their
product is a square: 6400 = 802. Thus, since
•
we have
that is,
18. QUADRATIC SIEVE FACTORIZATION (cont…)
We have found a solution,
So, GCD (a+b, n) and GCD (a-b, n) must find the non
trivial factors of n.
Hence the,
GCD( 114+80,1649)
GCD (194,1649)
GCD (194, 97)
GCD(97,0)
=97
and
and
and
and
and
GCD(114-80, 1649 )
GCD(34,1649)
GCD(34,17)
GCD(17,0)
=17
So, 17 and 97 are the non trivial factor of 1649.
19. RSA Challenges:
•
•
•
•
•
RSA - 640 November 2, 2005
RSA $200,000 Challenge
RSA - DES Challenge
RSA - 576 Challenge
Cracking RSA
Ref: On the Cost of Factoring RSA-1024
Adi Shamir and Eran Tromer
20. What are RSA factoring Challenges???
The RSA Factoring Challenge was a challenge put
forward by RSA Laboratories on March 18, 1991.
to encourage research into computational number theory
and the practical difficulty of factoring large integers
and cracking RSA keys used in cryptography
They published a list of semiprimes (numbers with
exactly two prime factors) known as the RSA numbers,
with a cash prize for the successful factorization of some
of them
21. RSA - 640 November 2, 2005
The factoring research team of F. Bahr, M. Boehm, J. Franke, T. Kleinjung
continued its productivity with a successful factorization of the challenge
number RSA-640, reported on November 2, 2005. The factors [verified by
RSA Laboratories] are:
16347336458092538484431338838650908598417836700330
92312181110852389333100104508151212118167511579
And
1900871281664822113126851573935413975471896789968
515493666638539088027103802104498957191261465571
The effort took approximately 30 2.2GHz-Opteron-CPU years according to
the submitters, over five months of calendar time. (This is about half the
effort for RSA-200, the 663-bit number that the team factored in 2004.)
Ref: RSA Laboratories - RSA-640 is factored!
22. RSA $200,000 Challenge
RSA Security is running a factoring challenge that offers would-be code breakers a
prize of up to $200,000 for finding the two numbers of the kind used to create ultrasecure 2048-bit encryption key.
RSA-2048
Status: Not Factored
Decimal Digits: 617
25195908475657893494027183240048398571429282126204
03202777713783604366202070759555626401852588078440
69182906412495150821892985591491761845028084891200
72844992687392807287776735971418347270261896375014
97182469116507761337985909570009733045974880842840
17974291006424586918171951187461215151726546322822
16869987549182422433637259085141865462043576798423
38718477444792073993423658482382428119816381501067
48104516603773060562016196762561338441436038339044
14952634432190114657544454178424020924616515723350
77870774981712577246796292638635637328991215483143
81678998850404453640235273819513786365643912120103
97122822120720357
Decimal Digit Sum: 2738
23. RSA - DES Challenge
Identifier: DES-Challenge-III
Cipher: DES
Start: January 18, 1999 9:00 AM PST
Prize: $10,000
Plaintext: See you in Rome (second AES Conference, March 22-23, 1999)
Ciphertext:
bd 0d de 91 99 60 b8 8a 47 9c b1 5c 23 7b 81 18 99 05
45 bc de 82 01 ab 53 4d 6f 1c b4 30 63 3c ee cd 96 2e
07 c6 e6 95 99 9c 96 46 5a 95 70 02 02 70 98 bd 41 c2
88 a9 f0 2f 8b e5 48 20 d2 a8 a0 6b bf 93 de 89 f6 e2
52 fd 8a 25 eb d0 7d 96 83 ee a4 2d c8 8d 1b 71
REF: RSA Laboratories - DES Challenge III
24. RSA - 576 Challenge
On December 3, 2003, a team of researchers in Germany and
several other countries reported a successful factorization of
the challenge number RSA-576. According to the
announcement by J. Franke:
The factors [verified by RSA Laboratories] are
3980750864240649373971255005503864911990643623425267
08406385189575946388957261768583317
and
4727721461074353025362230719730482246329146953020971
16459852171130520711256363590397527
Lattice sieving was done by J. Franke and T. Kleinjung
using Hardware of the Scientific Computing Institute and
the Pure Mathematics
REF: RSA Laboratories - RSA-576 is factored!
26. RSA Security
Three approaches to attacking RSA:
brute force key search (infeasible given size
of numbers)
mathematical attacks (based on difficulty of
computing ø(N), by factoring modulus N)
timing attacks (on running of decryption)
27. Timing Attacks
• developed in mid-1990’s
• exploit timing variations in operations
– eg. multiplying by small vs large number
– or IF's varying which instructions executed
• infer operand size based on time taken
• RSA exploits time taken in exponentiation
• countermeasures
– use constant exponentiation time
– add random delays
– blind values used in calculations
28. References
[1] William Stallings, “The cryptography and network
security”.
[2] RSA Laboratories, http://www.emc.com/emcplus/rsa-labs/historical/the-rsa-factoring-challengefaq.htm.
[3] Dr. Herong Yang, “Cryptography Tutorials - Herong's
Tutorial Example”,
http://www.herongyang.com/Cryptography/.
