This document describes an introduction to public-key cryptography and the RSA algorithm. It begins by discussing some limitations of symmetric cryptography, such as key management issues. It then introduces the breakthrough idea of public-key cryptography proposed by Diffie and Hellman in 1976, where each user has a public key and a private key. The document goes on to explain the basic concepts and requirements of public-key cryptography. It also introduces number theory concepts needed like Euler's theorem that help enable the RSA algorithm. RSA is then described as generating key pairs using large prime numbers and exploiting the difficulty of factoring integers. An example is provided to illustrate the RSA encryption and decryption process.
1. The document discusses public-key cryptography and some of its key concepts like asymmetric encryption where each user has a public and private key.
2. It also covers applications like encryption, digital signatures, and key exchange. It notes that while public-key crypto has advantages, symmetric crypto is still important due to public-key crypto's lower speed.
3. The RSA algorithm is presented as one of the first implementations of public-key cryptography based on the difficulty of factoring large integers.
The document discusses principles of public-key cryptography and the Diffie-Hellman key exchange algorithm. It begins by explaining the problems with symmetric encryption that public-key cryptography aims to address. It then provides an overview of public-key cryptosystems and their requirements. The document goes on to describe the RSA algorithm in detail and provide an example of how it works. It also explains the Diffie-Hellman key exchange algorithm, how it allows two parties to securely exchange a key without transmitting it, and provides a numerical example.
Cryptography and Network Security discusses key management and other public key cryptosystems. It covers distributing public keys through public announcement, directories, authorities, and certificates. It also examines using public key encryption to distribute secret keys, including Diffie-Hellman key exchange and hybrid key distribution. Finally, it introduces elliptic curve cryptography as an alternative to systems using large integers that provides equivalent security with smaller key sizes.
1. Public key distribution methods include public announcement, publicly available directories, public key authorities, and public key certificates.
2. Diffie-Hellman key exchange allows two parties to jointly establish a shared secret key over an insecure channel without any prior secrets.
3. Elliptic curve cryptography provides the same level of security as other public key systems like RSA but with smaller key sizes, reducing computational overhead.
The document discusses principles of public-key cryptography and algorithms like RSA and Diffie-Hellman key exchange. It provides the following key points:
1. Public-key cryptography solves the key distribution problem of symmetric encryption by using different but mathematically-related public and private keys.
2. The RSA algorithm was one of the first practical public-key cryptosystems, using modular exponentiation with large prime numbers.
3. Diffie-Hellman key exchange allows two parties to jointly establish a shared secret over an insecure channel without any prior secrets. It is based on the difficulty of calculating discrete logarithms.
Public-key cryptography uses two keys, a public key that can be shared widely, and a private key that is kept secret. It allows for both encryption and digital signatures. The most widely used public-key cryptosystem is RSA, which relies on the difficulty of factoring large prime numbers. Diffie-Hellman key exchange allows two parties to securely exchange a secret key over an insecure channel without any prior secrets.
The document discusses various security threats and protection mechanisms. It covers basics of cryptography including symmetric and public key cryptography. It also discusses digital signatures, user authentication, and threats from intruders both internal and external to a system. Protection mechanisms aim to achieve goals of data confidentiality, integrity, and system availability despite security threats.
1. The document discusses public-key cryptography and some of its key concepts like asymmetric encryption where each user has a public and private key.
2. It also covers applications like encryption, digital signatures, and key exchange. It notes that while public-key crypto has advantages, symmetric crypto is still important due to public-key crypto's lower speed.
3. The RSA algorithm is presented as one of the first implementations of public-key cryptography based on the difficulty of factoring large integers.
The document discusses principles of public-key cryptography and the Diffie-Hellman key exchange algorithm. It begins by explaining the problems with symmetric encryption that public-key cryptography aims to address. It then provides an overview of public-key cryptosystems and their requirements. The document goes on to describe the RSA algorithm in detail and provide an example of how it works. It also explains the Diffie-Hellman key exchange algorithm, how it allows two parties to securely exchange a key without transmitting it, and provides a numerical example.
Cryptography and Network Security discusses key management and other public key cryptosystems. It covers distributing public keys through public announcement, directories, authorities, and certificates. It also examines using public key encryption to distribute secret keys, including Diffie-Hellman key exchange and hybrid key distribution. Finally, it introduces elliptic curve cryptography as an alternative to systems using large integers that provides equivalent security with smaller key sizes.
1. Public key distribution methods include public announcement, publicly available directories, public key authorities, and public key certificates.
2. Diffie-Hellman key exchange allows two parties to jointly establish a shared secret key over an insecure channel without any prior secrets.
3. Elliptic curve cryptography provides the same level of security as other public key systems like RSA but with smaller key sizes, reducing computational overhead.
The document discusses principles of public-key cryptography and algorithms like RSA and Diffie-Hellman key exchange. It provides the following key points:
1. Public-key cryptography solves the key distribution problem of symmetric encryption by using different but mathematically-related public and private keys.
2. The RSA algorithm was one of the first practical public-key cryptosystems, using modular exponentiation with large prime numbers.
3. Diffie-Hellman key exchange allows two parties to jointly establish a shared secret over an insecure channel without any prior secrets. It is based on the difficulty of calculating discrete logarithms.
Public-key cryptography uses two keys, a public key that can be shared widely, and a private key that is kept secret. It allows for both encryption and digital signatures. The most widely used public-key cryptosystem is RSA, which relies on the difficulty of factoring large prime numbers. Diffie-Hellman key exchange allows two parties to securely exchange a secret key over an insecure channel without any prior secrets.
The document discusses various security threats and protection mechanisms. It covers basics of cryptography including symmetric and public key cryptography. It also discusses digital signatures, user authentication, and threats from intruders both internal and external to a system. Protection mechanisms aim to achieve goals of data confidentiality, integrity, and system availability despite security threats.
This document discusses key management and distribution in public-key cryptography. It covers several methods for distributing public keys including public announcement, directories, certificates. It also discusses using public keys to distribute secret keys, including Diffie-Hellman key exchange and hybrid encryption. Finally, it introduces elliptic curve cryptography as an alternative to systems like RSA that allows equivalent security with smaller key sizes.
Security Issues related with cloud computingIJERA Editor
The term CLOUD means Common Location Independent Online Utility on Demand. It‟s an emerging technology in IT industries. Cloud technologies are improving day by day and now it become a need for all small and large scale industries. Companies like Google, Amazon, Microsoft etc. is providing virtualized environment for user by which it omits the need for physical storage and others. But as the advantage of cloud computing is increasing day by day the issues are also threatening the IT industries. These issues related with the security of the data. The basic idea of this review paper is to elaborate the security issues related with cloud computing and what methods are implemented to improve these security. Certain algorithms like RSA, DES, and Ceaser Cipher etc. implemented to improve the security issues. In this paper we have implemented Identity based mRSA algorithm in this paper for improving security of data.
This document provides information about public-key cryptography and the RSA algorithm. It begins with terminology related to asymmetric encryption like public/private key pairs and certificates. It then discusses the principles of public-key cryptosystems including their applications, requirements, and analysis. The document specifically describes the RSA algorithm, including how it works, its computational aspects, and analysis of its security. It also briefly discusses other public-key cryptosystems like Diffie-Hellman key exchange.
The document discusses key management and the Diffie-Hellman key exchange protocol. It begins by explaining public-key encryption helps address key distribution problems. It then describes different methods for distributing public keys including public announcement, publicly available directories, public-key authorities, and public-key certificates. It also explains how public-key encryption can be used to distribute secret keys, including Diffie-Hellman key exchange and hybrid key distribution. The document concludes by discussing elliptic curve cryptography as an alternative to methods using large integer arithmetic.
Generate an Encryption Key by using Biometric Cryptosystems to secure transfe...IOSR Journals
The document describes a proposed method for generating an encryption key from biometric cryptosystems to securely transfer data over a network. It involves extracting minutiae points from a fingerprint scan, generating a cryptographic key from the biometric template, and using an RSA encryption algorithm with the biometric-derived private key. A public key is also calculated based on ridge and furrow patterns in the fingerprint scan. The goal is to uniquely generate encryption keys for each individual using their biometric fingerprint information to add an extra layer of security beyond traditional encryption techniques.
Lightweight Cryptography for Distributed PKI Based MANETSIJCNCJournal
This document proposes a lightweight cryptography solution for secure communication in mobile ad hoc networks (MANETs). It describes creating a distributed public key infrastructure (PKI) using Shamir's secret sharing to decentralize the certificate authority role among MANET nodes. Each node holds a share of the private key. It then proposes using Tiny Encryption Algorithm (TEA), an efficient symmetric-key cipher, along with elliptic curve Diffie-Hellman key exchange to establish secure communication between nodes with limited resources. The system initializes by having founding MANET nodes act as dealers to distribute secret shares. Nodes then use Diffie-Hellman to independently derive a secret key to encrypt communications.
DATA SECURITY ANALYSIS AND SECURITY EXTENSION FOR SMART CARDS USING JAVA CARDijait
This document discusses and compares two public key cryptosystems - RSA and Elliptic Curve Cryptography (ECC) - for use in smart cards. It finds that ECC provides equivalent security to RSA but with significantly smaller key sizes, making it more efficient and suitable for smart cards with limited storage and processing capabilities. The document outlines the principles, key generation algorithms, and encryption/signature schemes for both RSA and ECC, including specific algorithms like Menezes-Vanstone and Nyberg-Rueppel. It analyzes the security level, efficiency, and space requirements of RSA and ECC, finding that ECC requires keys 10 times smaller than RSA for the same security level and its operations are an order of magnitude faster.
A Novel Key Distribution Scheme f or a Visual Crypto SystemIRJET Journal
This document proposes a novel key distribution scheme for visual cryptography. It begins with an introduction to cryptography and visual cryptography. It then describes the existing Diffie-Hellman key exchange algorithm. The proposed method generates a shared secret key through a multi-step process using asymmetric key cryptography and modulus operation on private keys and a public image. Both parties are able to derive the same symmetric key for encrypting future communications without directly transmitting their private keys. The methodology and implementation details are provided, along with experimental results demonstrating the generation of matching keys within 0.11 seconds on average.
Turing100@Persistent | Life and Work of Ronald L. Rivest, Adi Shamir & Leonar...Pratyush Rao
Dr. Pandurang Kamat, Ph.D., Principal Architect, Persistent Systems talks about the Life and work of 2002 Turing Award Recipients Ronald Rivest, Adi Shamir and Leonard Adelman (RSA).
The document discusses various topics related to network security and symmetric key encryption. It introduces symmetric key encryption where the same key is used to encrypt and decrypt. It describes how symmetric key encryption can provide confidentiality but key sharing and management is an issue when many clients share the same key. It also discusses issues regarding link-level versus end-to-end encryption and various techniques for key distribution between communicating entities.
The document discusses the Diffie-Hellman key exchange algorithm and its encryption process. It involves two clients, X and Y, agreeing on a large prime number p and integer g. They each choose a secret number and compute a public key using the prime numbers. They exchange public keys and can then use the information to derive a shared secret key to encrypt messages securely over an insecure channel. The encryption process involves encrypting random numbers with the shared key and hashing various values to derive the final encryption key. Decryption reverses these steps to obtain the plaintext.
This document provides an introduction to a cryptography and network security course being taught in the spring of 2012. It discusses the need for cryptography due to privacy and security issues when transmitting digital information. Various attacks are described that cryptography aims to prevent, such as encrypting data so it is unintelligible during transmission but can be decrypted by the intended recipient. The document outlines the basic goals and challenges of cryptography including confidentiality, authentication, integrity, and types of cryptographic systems and cryptanalysis techniques. It provides an overview of the course topics to be covered.
This document provides an introduction to a cryptography and network security course being taught in the spring of 2012. It discusses the need for cryptography due to privacy and security issues when transmitting digital information. Various attacks are described that cryptography aims to prevent, such as encrypting data so it is unintelligible during transmission but can be decrypted by the intended recipient. The document outlines the basic goals and challenges of cryptography including confidentiality, authentication, integrity, and types of cryptographic systems and cryptanalysis techniques. It provides an overview of the course topics to be covered.
This document provides an introduction to a cryptography and network security course being taught in the spring of 2012. It discusses the need for cryptography due to privacy and security issues when transmitting digital information. Various attacks are described that cryptography aims to prevent, such as encrypting data so it is unintelligible during transmission but can be decrypted by the intended recipient. The document outlines the basic goals and challenges of cryptography including confidentiality, authentication, integrity, and types of cryptographic systems and cryptanalysis techniques. It provides an overview of the course topics to be covered.
This document provides an introduction to a cryptography and network security course being taught in the spring of 2012. It discusses the need for cryptography due to privacy and security issues when transmitting digital information. Various attacks are described, such as passive attacks where an adversary monitors traffic and active attacks where traffic is altered. Different types of cryptographic systems and cryptanalysis techniques are also introduced. The course will cover topics such as secret key cryptography, public key cryptography, authentication, network security issues, and other related topics.
This document provides an introduction to a lecture on cryptography and network security. It discusses why cryptography is needed in today's digital world to ensure privacy, security, and authentication of electronic communications and transactions. Some key challenges addressed by cryptography include keeping information secret from unauthorized parties, detecting any tampering of messages, and verifying the identity of communication partners. The document outlines common security threats and possible adversaries, as well as different types of cryptographic systems and cryptanalysis attacks. It also discusses how to evaluate the security of encryption schemes and protocols.
Public key cryptography uses key pairs - a public key and a private key - to encrypt and decrypt messages. The public key can be shared widely, while the private key is kept secret. This allows users to securely share encrypted messages without having to first share secret keys. Common applications of public key cryptography include public key encryption and digital signatures.
This document provides a summary of a lecture on classical encryption techniques. It discusses the Caesar cipher and its weaknesses, including how it can be broken with frequency analysis even with just the ciphertext. It then explains how monoalphabetic substitution ciphers are stronger but still vulnerable to frequency analysis with enough ciphertext. The document introduces the Playfair cipher as an example of a technique that encrypts digrams to strengthen security by hiding letter frequencies. It provides examples of how classical ciphers work and can be broken through cryptanalysis.
This document discusses public-key cryptography and the RSA algorithm. It begins by describing some limitations of symmetric cryptography, such as key management issues. It then introduces the breakthrough idea of public-key cryptography proposed by Diffie and Hellman in 1976. Each user has a public key to encrypt messages and a private key to decrypt them. The document provides examples of how public-key encryption works. It explains the requirements and essential steps to implement a public-key cryptosystem. Finally, it describes how the RSA algorithm satisfies these requirements by using the difficulty of integer factorization as the basis for its security.
This document discusses key management and distribution in public-key cryptography. It covers several methods for distributing public keys including public announcement, directories, certificates. It also discusses using public keys to distribute secret keys, including Diffie-Hellman key exchange and hybrid encryption. Finally, it introduces elliptic curve cryptography as an alternative to systems like RSA that allows equivalent security with smaller key sizes.
Security Issues related with cloud computingIJERA Editor
The term CLOUD means Common Location Independent Online Utility on Demand. It‟s an emerging technology in IT industries. Cloud technologies are improving day by day and now it become a need for all small and large scale industries. Companies like Google, Amazon, Microsoft etc. is providing virtualized environment for user by which it omits the need for physical storage and others. But as the advantage of cloud computing is increasing day by day the issues are also threatening the IT industries. These issues related with the security of the data. The basic idea of this review paper is to elaborate the security issues related with cloud computing and what methods are implemented to improve these security. Certain algorithms like RSA, DES, and Ceaser Cipher etc. implemented to improve the security issues. In this paper we have implemented Identity based mRSA algorithm in this paper for improving security of data.
This document provides information about public-key cryptography and the RSA algorithm. It begins with terminology related to asymmetric encryption like public/private key pairs and certificates. It then discusses the principles of public-key cryptosystems including their applications, requirements, and analysis. The document specifically describes the RSA algorithm, including how it works, its computational aspects, and analysis of its security. It also briefly discusses other public-key cryptosystems like Diffie-Hellman key exchange.
The document discusses key management and the Diffie-Hellman key exchange protocol. It begins by explaining public-key encryption helps address key distribution problems. It then describes different methods for distributing public keys including public announcement, publicly available directories, public-key authorities, and public-key certificates. It also explains how public-key encryption can be used to distribute secret keys, including Diffie-Hellman key exchange and hybrid key distribution. The document concludes by discussing elliptic curve cryptography as an alternative to methods using large integer arithmetic.
Generate an Encryption Key by using Biometric Cryptosystems to secure transfe...IOSR Journals
The document describes a proposed method for generating an encryption key from biometric cryptosystems to securely transfer data over a network. It involves extracting minutiae points from a fingerprint scan, generating a cryptographic key from the biometric template, and using an RSA encryption algorithm with the biometric-derived private key. A public key is also calculated based on ridge and furrow patterns in the fingerprint scan. The goal is to uniquely generate encryption keys for each individual using their biometric fingerprint information to add an extra layer of security beyond traditional encryption techniques.
Lightweight Cryptography for Distributed PKI Based MANETSIJCNCJournal
This document proposes a lightweight cryptography solution for secure communication in mobile ad hoc networks (MANETs). It describes creating a distributed public key infrastructure (PKI) using Shamir's secret sharing to decentralize the certificate authority role among MANET nodes. Each node holds a share of the private key. It then proposes using Tiny Encryption Algorithm (TEA), an efficient symmetric-key cipher, along with elliptic curve Diffie-Hellman key exchange to establish secure communication between nodes with limited resources. The system initializes by having founding MANET nodes act as dealers to distribute secret shares. Nodes then use Diffie-Hellman to independently derive a secret key to encrypt communications.
DATA SECURITY ANALYSIS AND SECURITY EXTENSION FOR SMART CARDS USING JAVA CARDijait
This document discusses and compares two public key cryptosystems - RSA and Elliptic Curve Cryptography (ECC) - for use in smart cards. It finds that ECC provides equivalent security to RSA but with significantly smaller key sizes, making it more efficient and suitable for smart cards with limited storage and processing capabilities. The document outlines the principles, key generation algorithms, and encryption/signature schemes for both RSA and ECC, including specific algorithms like Menezes-Vanstone and Nyberg-Rueppel. It analyzes the security level, efficiency, and space requirements of RSA and ECC, finding that ECC requires keys 10 times smaller than RSA for the same security level and its operations are an order of magnitude faster.
A Novel Key Distribution Scheme f or a Visual Crypto SystemIRJET Journal
This document proposes a novel key distribution scheme for visual cryptography. It begins with an introduction to cryptography and visual cryptography. It then describes the existing Diffie-Hellman key exchange algorithm. The proposed method generates a shared secret key through a multi-step process using asymmetric key cryptography and modulus operation on private keys and a public image. Both parties are able to derive the same symmetric key for encrypting future communications without directly transmitting their private keys. The methodology and implementation details are provided, along with experimental results demonstrating the generation of matching keys within 0.11 seconds on average.
Turing100@Persistent | Life and Work of Ronald L. Rivest, Adi Shamir & Leonar...Pratyush Rao
Dr. Pandurang Kamat, Ph.D., Principal Architect, Persistent Systems talks about the Life and work of 2002 Turing Award Recipients Ronald Rivest, Adi Shamir and Leonard Adelman (RSA).
The document discusses various topics related to network security and symmetric key encryption. It introduces symmetric key encryption where the same key is used to encrypt and decrypt. It describes how symmetric key encryption can provide confidentiality but key sharing and management is an issue when many clients share the same key. It also discusses issues regarding link-level versus end-to-end encryption and various techniques for key distribution between communicating entities.
The document discusses the Diffie-Hellman key exchange algorithm and its encryption process. It involves two clients, X and Y, agreeing on a large prime number p and integer g. They each choose a secret number and compute a public key using the prime numbers. They exchange public keys and can then use the information to derive a shared secret key to encrypt messages securely over an insecure channel. The encryption process involves encrypting random numbers with the shared key and hashing various values to derive the final encryption key. Decryption reverses these steps to obtain the plaintext.
This document provides an introduction to a cryptography and network security course being taught in the spring of 2012. It discusses the need for cryptography due to privacy and security issues when transmitting digital information. Various attacks are described that cryptography aims to prevent, such as encrypting data so it is unintelligible during transmission but can be decrypted by the intended recipient. The document outlines the basic goals and challenges of cryptography including confidentiality, authentication, integrity, and types of cryptographic systems and cryptanalysis techniques. It provides an overview of the course topics to be covered.
This document provides an introduction to a cryptography and network security course being taught in the spring of 2012. It discusses the need for cryptography due to privacy and security issues when transmitting digital information. Various attacks are described that cryptography aims to prevent, such as encrypting data so it is unintelligible during transmission but can be decrypted by the intended recipient. The document outlines the basic goals and challenges of cryptography including confidentiality, authentication, integrity, and types of cryptographic systems and cryptanalysis techniques. It provides an overview of the course topics to be covered.
This document provides an introduction to a cryptography and network security course being taught in the spring of 2012. It discusses the need for cryptography due to privacy and security issues when transmitting digital information. Various attacks are described that cryptography aims to prevent, such as encrypting data so it is unintelligible during transmission but can be decrypted by the intended recipient. The document outlines the basic goals and challenges of cryptography including confidentiality, authentication, integrity, and types of cryptographic systems and cryptanalysis techniques. It provides an overview of the course topics to be covered.
This document provides an introduction to a cryptography and network security course being taught in the spring of 2012. It discusses the need for cryptography due to privacy and security issues when transmitting digital information. Various attacks are described, such as passive attacks where an adversary monitors traffic and active attacks where traffic is altered. Different types of cryptographic systems and cryptanalysis techniques are also introduced. The course will cover topics such as secret key cryptography, public key cryptography, authentication, network security issues, and other related topics.
This document provides an introduction to a lecture on cryptography and network security. It discusses why cryptography is needed in today's digital world to ensure privacy, security, and authentication of electronic communications and transactions. Some key challenges addressed by cryptography include keeping information secret from unauthorized parties, detecting any tampering of messages, and verifying the identity of communication partners. The document outlines common security threats and possible adversaries, as well as different types of cryptographic systems and cryptanalysis attacks. It also discusses how to evaluate the security of encryption schemes and protocols.
Public key cryptography uses key pairs - a public key and a private key - to encrypt and decrypt messages. The public key can be shared widely, while the private key is kept secret. This allows users to securely share encrypted messages without having to first share secret keys. Common applications of public key cryptography include public key encryption and digital signatures.
This document provides a summary of a lecture on classical encryption techniques. It discusses the Caesar cipher and its weaknesses, including how it can be broken with frequency analysis even with just the ciphertext. It then explains how monoalphabetic substitution ciphers are stronger but still vulnerable to frequency analysis with enough ciphertext. The document introduces the Playfair cipher as an example of a technique that encrypts digrams to strengthen security by hiding letter frequencies. It provides examples of how classical ciphers work and can be broken through cryptanalysis.
This document discusses public-key cryptography and the RSA algorithm. It begins by describing some limitations of symmetric cryptography, such as key management issues. It then introduces the breakthrough idea of public-key cryptography proposed by Diffie and Hellman in 1976. Each user has a public key to encrypt messages and a private key to decrypt them. The document provides examples of how public-key encryption works. It explains the requirements and essential steps to implement a public-key cryptosystem. Finally, it describes how the RSA algorithm satisfies these requirements by using the difficulty of integer factorization as the basis for its security.
This document provides an overview of the Advanced Encryption Standard (AES). It discusses the origins and requirements for AES, the evaluation criteria used in selecting Rijndael as the cipher, and the structure and key components of the Rijndael cipher. The Rijndael cipher operates on data in rounds that include byte substitution, shifting rows, mixing columns, and adding a round key. The cipher text is produced after 9 to 13 rounds depending on the key size.
This document summarizes key concepts from a lecture on finite fields and their use in cryptography. It introduces finite fields and explains why they are important for cryptography. It discusses the structure of finite fields, including that every finite field has pn elements, where p is a prime number. It also provides examples of computing in finite fields through modular arithmetic.
This document summarizes a lecture on block cipher operation, RC5, and RC4. It examines important symmetric ciphers currently in use like Triple DES and describes the block cipher operation and modes of operation like ECB, CBC, CFB, OFB, and counter mode. It then discusses the RC5 block cipher algorithm, its parameters and encryption/decryption scheme using operations like addition, XOR, and circular shifts. It also briefly mentions the RC4 stream cipher.
This document provides an overview of the Data Encryption Standard (DES) block cipher. It describes how DES uses a Feistel network structure with 16 rounds to encrypt 64-bit blocks. Each round uses a 48-bit subkey generated from the original 56-bit key. The round function includes expansion, XOR with the subkey, substitution via S-boxes, and permutation. DES decryption is identical to encryption except the subkeys are used in reverse order. The document also discusses properties like avalanche effect and how small changes in plaintext/key result in large changes in ciphertext.
This document provides a summary of a lecture on classical encryption techniques. It discusses the Caesar cipher and its weaknesses, including how it can be broken with frequency analysis even with just the ciphertext. It then explains how monoalphabetic substitution ciphers are stronger but still vulnerable to frequency analysis with enough ciphertext. The document introduces the Playfair cipher as an example of a technique that encrypts digrams to strengthen security by hiding letter frequencies. It provides examples of how classical ciphers work and can be broken through cryptanalysis.
This document provides an overview of public-key cryptography and the RSA algorithm. It begins by discussing some limitations of symmetric cryptography, such as key management issues. It then introduces the breakthrough idea of public-key cryptography proposed by Diffie and Hellman in 1976. Each user has two keys - a private key and a public key. The public key can be used for encryption and the private key for decryption. The document outlines the basic steps of public-key encryption and discusses requirements for public-key cryptosystems. It then introduces the RSA algorithm, which is based on the difficulty of factoring large integers, as one of the first implementations of public-key cryptography. Number theory concepts needed to understand RSA are also briefly discussed
The document summarizes a lecture on the Advanced Encryption Standard (AES). It describes the origins and requirements for AES as the successor to the Data Encryption Standard (DES). The Rijndael cipher was selected as AES in 2000. Rijndael has four stages in each round: Substitute Bytes, Shift Rows, Mix Columns, and Add Round Key. Substitute Bytes uses a lookup table, Shift Rows shifts bytes within rows, Mix Columns mixes bytes mathematically, and Add Round Key XORs the state with the round key. The cipher has 10 rounds for 128-bit keys and security.
This document provides an overview of finite fields and their importance in cryptography. It discusses how finite fields allow for efficient storage and arithmetic operations on integers for encryption algorithms. The document outlines the basic properties of groups, rings, and fields. It also covers modular arithmetic, greatest common divisors, and Euclid's algorithm for computing gcd. The goal is to introduce concepts needed to understand the arithmetic of the AES encryption algorithm, which uses operations in the finite field GF(28).
This document summarizes a lecture on block cipher operation and the symmetric ciphers RC5 and RC4. It discusses replacing DES with Triple DES to increase security. It examines block cipher modes of operation like ECB, CBC, CFB, OFB and counter mode. It analyzes the security of double DES and the meet-in-the-middle attack. It also reviews RC5 and how block ciphers can be turned into stream ciphers.
This document provides an overview of the Data Encryption Standard (DES) block cipher. It discusses how DES uses a Feistel network structure with 16 rounds to encrypt 64-bit blocks. Each round uses a 48-bit subkey generated from the original 56-bit key. The document also summarizes analyses of DES's security, noting that while it remains uncompromised, dedicated hardware has broken it in days and differential cryptanalysis provides a theoretical attack in 247 steps.
This document summarizes a lecture on classical encryption techniques. It begins with an overview of the cryptography course, which covers secret key cryptography, public key cryptography, key management, authentication techniques, network security issues, and other topics. It then discusses classical encryption techniques starting with the Caesar cipher and how it can be strengthened with monoalphabetic substitution ciphers. However, these are vulnerable to frequency analysis. The document introduces the Playfair cipher as an improvement and also describes the Hill cipher.
This document provides an overview of the Data Encryption Standard (DES) block cipher. It discusses how DES uses a Feistel network structure with 16 rounds to encrypt 64-bit blocks. Each round uses a 48-bit subkey generated from the original 56-bit key. The document also summarizes analyses of DES's security, noting that while it remains uncompromised, dedicated hardware has broken it in days and differential cryptanalysis provides a theoretical attack in 247 steps. Overall, the document gives a high-level technical introduction to the DES standard and analyses of its security.
The document summarizes a lecture on the Advanced Encryption Standard (AES). It describes the origins and requirements for AES as the successor to the Data Encryption Standard (DES). The Rijndael cipher was selected as AES in 2000. Rijndael has four stages in each round: Substitute Bytes, Shift Rows, Mix Columns, and Add Round Key. Substitute Bytes uses a lookup table, Shift Rows shifts bytes cyclically within rows, Mix Columns mixes bytes within columns using matrix multiplication over GF(28), and Add Round Key XORs the state with the round key. The key is expanded using Rijndael's key schedule.
This document summarizes key concepts from a lecture on finite fields and their use in cryptography. It introduces finite fields and explains why they are important for cryptography. It discusses the structure of finite fields, including that every finite field has pn elements, where p is a prime number. It also provides examples of computing in finite fields through modular arithmetic.
This document summarizes a lecture on block cipher operation, RC5, and RC4. It examines important symmetric ciphers currently in use like Triple DES and describes the block cipher operation and modes of operation like ECB, CBC, CFB, OFB, and counter mode. It then discusses the RC5 block cipher which uses variable parameters for word size, number of rounds, and key length. Operations include data-dependent rotations and modular addition. RC5 encryption involves key expansion, input manipulation, and multiple rounds of processing. Finally, it briefly mentions the RC4 stream cipher.
This document summarizes a lecture on block cipher operation, RC5, and RC4. It examines important symmetric ciphers currently in use like Triple DES and describes the block cipher operation and modes of operation like ECB, CBC, CFB, OFB, and counter mode. It then discusses the RC5 block cipher algorithm, its parameters and encryption/decryption scheme using operations like addition, XOR, and circular shifts. It also briefly mentions the RC4 stream cipher.
This document provides an overview of the Data Encryption Standard (DES) block cipher. It discusses how DES uses a Feistel network structure with 16 rounds to encrypt 64-bit blocks. Each round uses a 48-bit subkey generated from the original 56-bit key. The document also summarizes analyses of DES's security, noting that while it remains uncompromised, dedicated hardware has broken it in days and differential cryptanalysis provides a theoretical attack in 247 steps. Overall, the document gives a high-level technical introduction to the DES standard and analyses of its security.
This document provides a summary of a lecture on classical encryption techniques. It discusses the Caesar cipher and its weaknesses, as well as strengthened ciphers like the monoalphabetic cipher. The document explains how frequency analysis can be used to break monoalphabetic ciphers by examining letter frequencies in the ciphertext. It then introduces the Playfair cipher as an improvement and discusses how it encrypts plaintext in pairs of letters. Finally, it briefly introduces the Hill cipher, which uses linear algebra and matrix multiplication to encrypt plaintext blocks.
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELgerogepatton
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEMHODECEDSIET
Time Division Multiplexing (TDM) is a method of transmitting multiple signals over a single communication channel by dividing the signal into many segments, each having a very short duration of time. These time slots are then allocated to different data streams, allowing multiple signals to share the same transmission medium efficiently. TDM is widely used in telecommunications and data communication systems.
### How TDM Works
1. **Time Slots Allocation**: The core principle of TDM is to assign distinct time slots to each signal. During each time slot, the respective signal is transmitted, and then the process repeats cyclically. For example, if there are four signals to be transmitted, the TDM cycle will divide time into four slots, each assigned to one signal.
2. **Synchronization**: Synchronization is crucial in TDM systems to ensure that the signals are correctly aligned with their respective time slots. Both the transmitter and receiver must be synchronized to avoid any overlap or loss of data. This synchronization is typically maintained by a clock signal that ensures time slots are accurately aligned.
3. **Frame Structure**: TDM data is organized into frames, where each frame consists of a set of time slots. Each frame is repeated at regular intervals, ensuring continuous transmission of data streams. The frame structure helps in managing the data streams and maintaining the synchronization between the transmitter and receiver.
4. **Multiplexer and Demultiplexer**: At the transmitting end, a multiplexer combines multiple input signals into a single composite signal by assigning each signal to a specific time slot. At the receiving end, a demultiplexer separates the composite signal back into individual signals based on their respective time slots.
### Types of TDM
1. **Synchronous TDM**: In synchronous TDM, time slots are pre-assigned to each signal, regardless of whether the signal has data to transmit or not. This can lead to inefficiencies if some time slots remain empty due to the absence of data.
2. **Asynchronous TDM (or Statistical TDM)**: Asynchronous TDM addresses the inefficiencies of synchronous TDM by allocating time slots dynamically based on the presence of data. Time slots are assigned only when there is data to transmit, which optimizes the use of the communication channel.
### Applications of TDM
- **Telecommunications**: TDM is extensively used in telecommunication systems, such as in T1 and E1 lines, where multiple telephone calls are transmitted over a single line by assigning each call to a specific time slot.
- **Digital Audio and Video Broadcasting**: TDM is used in broadcasting systems to transmit multiple audio or video streams over a single channel, ensuring efficient use of bandwidth.
- **Computer Networks**: TDM is used in network protocols and systems to manage the transmission of data from multiple sources over a single network medium.
### Advantages of TDM
- **Efficient Use of Bandwidth**: TDM all
Introduction- e - waste – definition - sources of e-waste– hazardous substances in e-waste - effects of e-waste on environment and human health- need for e-waste management– e-waste handling rules - waste minimization techniques for managing e-waste – recycling of e-waste - disposal treatment methods of e- waste – mechanism of extraction of precious metal from leaching solution-global Scenario of E-waste – E-waste in India- case studies.
Comparative analysis between traditional aquaponics and reconstructed aquapon...bijceesjournal
The aquaponic system of planting is a method that does not require soil usage. It is a method that only needs water, fish, lava rocks (a substitute for soil), and plants. Aquaponic systems are sustainable and environmentally friendly. Its use not only helps to plant in small spaces but also helps reduce artificial chemical use and minimizes excess water use, as aquaponics consumes 90% less water than soil-based gardening. The study applied a descriptive and experimental design to assess and compare conventional and reconstructed aquaponic methods for reproducing tomatoes. The researchers created an observation checklist to determine the significant factors of the study. The study aims to determine the significant difference between traditional aquaponics and reconstructed aquaponics systems propagating tomatoes in terms of height, weight, girth, and number of fruits. The reconstructed aquaponics system’s higher growth yield results in a much more nourished crop than the traditional aquaponics system. It is superior in its number of fruits, height, weight, and girth measurement. Moreover, the reconstructed aquaponics system is proven to eliminate all the hindrances present in the traditional aquaponics system, which are overcrowding of fish, algae growth, pest problems, contaminated water, and dead fish.
Literature Review Basics and Understanding Reference Management.pptxDr Ramhari Poudyal
Three-day training on academic research focuses on analytical tools at United Technical College, supported by the University Grant Commission, Nepal. 24-26 May 2024
Batteries -Introduction – Types of Batteries – discharging and charging of battery - characteristics of battery –battery rating- various tests on battery- – Primary battery: silver button cell- Secondary battery :Ni-Cd battery-modern battery: lithium ion battery-maintenance of batteries-choices of batteries for electric vehicle applications.
Fuel Cells: Introduction- importance and classification of fuel cells - description, principle, components, applications of fuel cells: H2-O2 fuel cell, alkaline fuel cell, molten carbonate fuel cell and direct methanol fuel cells.
Using recycled concrete aggregates (RCA) for pavements is crucial to achieving sustainability. Implementing RCA for new pavement can minimize carbon footprint, conserve natural resources, reduce harmful emissions, and lower life cycle costs. Compared to natural aggregate (NA), RCA pavement has fewer comprehensive studies and sustainability assessments.
Recycled Concrete Aggregate in Construction Part II
sheet1.pdf
1. January 31, 2012 1
Cryptography and Network Security
Lecture 7: Public-key cryptography and RSA
Ion Petre
Department of IT, Åbo Akademi University
Spring 2012
http://users.abo.fi/ipetre/crypto/
http://users.abo.fi/ipetre/crypto/
2. January 31, 2012 2
Some unanswered questions on symmetric
cryptosystems
Key management: changing the secret key or establishing one is
nontrivial
Change the keys two users share (should be done reasonably often)
Establish a secret key with somebody you do not know and cannot meet
in person: (e.g., visiting secure websites such as e-shops)
This could be done via a trusted Key Distribution Center (details in a
future lecture)
Can (or should) we really trust the KDC?
“What good would it do after all to develop impenetrable cryptosystems, if
their users were forced to share their keys with a KDC that could be
compromised by either burglary or subpoena?” – Diffie, 1988
Digital signatures
http://users.abo.fi/ipetre/crypto/
3. January 31, 2012 3
A breakthrough idea
Rather than having a secret key that the two users must share, each
users has two keys
One key is secret and he is the only one who knows it
The other key is public and anyone who wishes to send him a
message uses that key to encrypt the message
Diffie and Hellman first (publicly) introduced the idea in 1976 – this was
radically different than all previous efforts
NSA claims to have known it since mid-1960s!
Communications-Electronic Security Group (the British counterpart of
NSA) documented the idea in a classified report in 1970
http://users.abo.fi/ipetre/crypto/
4. January 31, 2012 4
A word of warning
Public-key cryptography complements rather than replaces
symmetric cryptography
There is nothing in principle to make public-key crypto more secure than
symmetric crypto
Public-key crypto does not make symmetric crypto obsolete: it has its
advantages but also its (major) drawbacks such as speed
Due to its low speed, it is mostly confined to key management and
digital signatures
http://users.abo.fi/ipetre/crypto/
5. January 31, 2012 5
The idea of public-key cryptography
The concept was proposed in 1976 by Diffie and Hellman although
no practical way to design such a system was suggested
Each user has two keys: one encryption key that he makes public
and one decryption key that he keeps secret
Clearly, it should be computationally infeasible to determine the
decryption key given only the encryption key and the cryptographic
algorithm
Some algorithms (such as RSA) satisfy also the following useful
characteristic:
Either one of the two keys can be used for encryption – the other one
should then be used to decrypt the message
First we will investigate the concept with no reference yet to practical
design of a public-key system
http://users.abo.fi/ipetre/crypto/
6. January 31, 2012 6
Essential steps in public-key encryption
Each user generates a pair of keys to be used for encryption and
decryption
Each user places one of the two keys in a public register and the
other key is kept private
If B wants to send a confidential message to A, B encrypts the
message using A’s public key
When A receives the message, she decrypts it using her private key
Nobody else can decrypt the message because that can only be done
using A’s private key
Deducing a private key should be infeasible
If a user wishes to change his keys – generate another pair of keys
and publish the public one: no interaction with other users is needed
http://users.abo.fi/ipetre/crypto/
7. January 31, 2012 7
Bob sends an encrypted message to Alice
http://users.abo.fi/ipetre/crypto/
8. January 31, 2012 8
Some notation
The public key of user A will be denoted KUA
The private key of user A will be denoted KRA
Encryption method will be a function E
Decryption method will be a function D
If B wishes to send a plain message X to A, then he sends the
cryptotext Y=E(KUA,X)
The intended receiver A will decrypt the message: D(KRA,Y)=X
http://users.abo.fi/ipetre/crypto/
9. January 31, 2012 9
A first attack on the public-key scheme –
authenticity
Immediate attack on this scheme:
An attacker may impersonate user B: he sends a message E(KUA,X)
and claims in the message to be B – A has no guarantee this is so
This was guaranteed in classical cryptosystems simply through knowing
the key (only A and B are supposed to know the symmetric key)
The authenticity of user B can be established as follows:
B will encrypt the message using his private key: Y=E(KRB,X)
This shows the authenticity of the sender because (supposedly) he is the
only one who knows the private key
The entire encrypted message serves as a digital signature
Note: this may not be the best possible solution: ideally, digital signatures
should be rather small so that one can preserve many of them over a
long period of time
Better schemes will be presented a couple of lectures on
http://users.abo.fi/ipetre/crypto/
10. January 31, 2012 10
A scheme to authenticate the sender of the message
http://users.abo.fi/ipetre/crypto/
11. January 31, 2012 11
Encryption and authenticity
Still a drawback: the scheme on the previous slide authenticate but
does not ensure security: anybody can decrypt the message using
B’s public key
One can provide both authentication and confidentiality using the
public-key scheme twice:
B encrypts X with his private key: Y=E(KRB,X)
B encrypts Y with A’s public key: Z=E(KUA,Y)
A will decrypt Z (and she is the only one capable of doing it):
Y=D(KRA,Z)
A can now get the plaintext and ensure that it comes from B (he is the
only one who knows his private key): decrypt Y using B’s public key:
X=E(KUB,Y)
http://users.abo.fi/ipetre/crypto/
12. January 31, 2012 12
Secrecy and authentication using public-key schemes
http://users.abo.fi/ipetre/crypto/
13. January 31, 2012 13
Applications for public-key cryptosystems
1. Encryption/decryption: sender encrypts the message with the
receiver’s public key
2. Digital signature: sender “signs” the message (or a representative
part of the message) using his private key
3. Key exchange: two sides cooperate to exchange a secret key for
later use in a secret-key cryptosystem
http://users.abo.fi/ipetre/crypto/
14. January 31, 2012 14
Requirements for public-key cryptosystems
Generating a key pair (public key, private key) is computationally
easy
Encrypting a message using a known key (his own private or
somebody else’s public) is computationally easy
Decrypting a message using a known key (his own private or
somebody else’s public) is computationally easy
Knowing the public key, it is computationally infeasible for an
opponent to deduce the private key
Knowing the public key and a ciphertext, it is computationally
infeasible for an opponent to deduce the private key
Useful extra feature: encryption and decryption can be applied in
any order:
E( KUA, D(KRA,X) ) =D(KRA, E( KUA, X) )
http://users.abo.fi/ipetre/crypto/
15. January 31, 2012 15
Designing a public-key cryptosystem
Computationally easy usually means polynomial-time algorithm
Computationally infeasible more difficult to define
Usually means super-polynomial-time algorithms, e.g., exponential-time algorithms
Classical complexity analysis (worst-case complexity or average-case complexity) are
worthless in cryptography – one should make sure a problem is difficult for virtually all
inputs and not just in the worse or in the average case
Public-key cryptosystems usually rely on difficult math functions rather than S-P
networks as classical cryptosystems
One-way function: easy to calculate in one direction, infeasible to calculate in the
other direction (i.e., the inverse is infeasible to compute)
Trap-door function: difficult function that becomes easy if some extra information is
known
Aim: find a trap-door one-way function for encryption – decryption will be the inverse
http://users.abo.fi/ipetre/crypto/
16. January 31, 2012 16
RSA
One of the first proposals on implementing the concept of public-key
cryptography was that of Rivest, Shamir, Adleman – 1977: RSA
The RSA scheme is a block cipher in which the plaintext and the ciphertext
are integers between 0 and n-1 for some fixed n
Typical size for n is 1024 bits (or 309 decimal digits)
To be secure with today’s technology size should between 1024 and 2048 bits
Idea of RSA: it is a difficult math problem to factorize (large) integers
Choose p and q odd primes, n=pq
Choose integers d,e such that Med=M mod n, for all M<n
Plaintext: block of k bits, where 2k<n≤2k+1 – can be considered a number M with
M<n
Encryption: C=Me mod n
Decryption: Cd mod n = Mde mod n = M
Public key: KU={e,n}
Private key: KR={d,n}
Questions: How do we find d,e? How do we find large primes?
Answer: Number Theory!
http://users.abo.fi/ipetre/crypto/
17. January 31, 2012 17
Motto for our introduction to Number Theory
The Devil said to Daniel Webster: "Set me a task I can't carry out, and I'll give you anything
in the world you ask for."
Daniel Webster: "Fair enough. Prove that for n greater than 2, the equation an + bn = cn has
no non-trivial solution in the integers."
They agreed on a three-day period for the labour, and the Devil disappeared.
At the end of three days, the Devil presented himself, haggard, jumpy, biting his lip. Daniel
Webster said to him, "Well, how did you do at my task? Did you prove the theorem?'
"Eh? No . . . no, I haven't proved it."
"Then I can have whatever I ask for? Money? The Presidency?'
"What? Oh, that—of course. But listen! If we could just prove the following two lemmas—"
—The Mathematical Magpie, Clifton Fadiman
http://users.abo.fi/ipetre/crypto/
18. January 31, 2012 18
Notions of number theory
Fermat’s little theorem: if p is prime and a is positive integer not divisible
by p, then ap-1 ≡ 1 mod p
Corollary: For any positive integer a and prime p, ap ≡ a mod p
Comments:
This is a first step in our quest to find Med=M mod n – not quite enough though
Fermat’s little theorem provides a necessary condition for an integer p to be
prime – the condition is not sufficient
We will turn this theorem into a (probabilistic) test for primality
Example:
p=5, a=3, 35=243=3 mod 5
p=5, a=10, 105=100000=10 mod 5 = 0 mod 5
Fermat’s theorem, as useful as it will turn out to be, it does not provide us
with integers d,e we are looking for – Euler’s theorem (a refinement of
Fermat’s) does
http://users.abo.fi/ipetre/crypto/
19. January 31, 2012 19
Euler’s totient function
Euler’s function associates to any positive integer n a number φ(n): the
number of positive integers smaller than n and relatively prime to n
Example:
φ(37)=36
φ(p)=p-1, for any prime p
φ(35)=24: {1,2,3,4,6,8,9,11,12,13,16,17,18,19,22,23,24,26,27,29,31,32,33,34}
Easy to see that for any two distinct primes p,q, φ(pq)=(p-1)(q-1)
All numbers smaller than pq are relatively primes with pq except for multiples of
p (q-1 of them) and multiples of q (p-1 of them): pq-(q-1)-(p-1)=(p-1)(q-1)
Euler’s theorem: for any relatively prime integers a,n we have
aφ(n)≡1 mod n
Corollary: For any integers a,n we have aφ(n)+1≡ a mod n
Corollary: Let p,q be two odd primes and n=pq. Then:
φ(n)=(p-1)(q-1)
For any integer m with 0<m<n, m(p-1)(q-1)+1≡m mod n
For any integers k,m with 0<m<n, mk(p-1)(q-1)+1≡m mod n
http://users.abo.fi/ipetre/crypto/
20. January 31, 2012 20
Back to RSA
Euler’s theorem provides us the numbers d,e such that Med=M mod n
We have to choose d,e such that ed=kφ(n)+1 for some k
Equivalently, d≡e-1 mod φ(n)
To calculate the modular inverse of an interger: the extended Euclid’s algorithm!
see Lecture 5
The RSA scheme
Key generation
Choose two odd primes p,q – keep private. Compute n=pq – make public
Choose e, 1<e<φ(n) with gcd(φ(n),e)=1 – make public
Compute d≡e-1 mod φ(n) – keep private
Private key is {d,n}
Public key is {e,n}
Encryption
Plaintext: block of k bits, where 2k<n≤2k+1 – can be considered a number M with M<n
Ciphertext: C=Me mod n
Decryption:
Ciphertext: C
Plaintext: Cd mod n = Mde mod n = M
http://users.abo.fi/ipetre/crypto/
21. January 31, 2012 21
Example
Key generation
Select primes p=17, q=11
Compute n=pq=187
Compute φ(n)=(p-1)(q-1)=160
Select e=7
Compute d: d=23 (use the extended
Euclid’s algorithm)
KU={7,187}
KR={23,187}
Encrypt M=88: 887 mod 187
887 mod 187 = [ (884 mod 187)(882 mod
187) (88 mod 187) ] = 11
Decrypt C=11: 1123 mod 187
M=1123 mod 187= [ (1116 mod 187)(114
mod 187) (112 mod 187)(11 mod 187)]
112 mod 187 =121
114 mod 187= 1212 mod 187=55
118 mod 187=552 mod 187= 33
1116 mod 187=332 mod 187=154
M=154 x 55 x 121 x 11 mod 187 = 88
RSA scheme
–Key generation
•Choose primes p,q
•Compute n=pq
•Choose e, 1<e<φ(n) with gcd(φ(n),e)=1
•Compute d≡e-1 mod φ(n)
•Private key is {d,n}
•Public key is {e,n}
–Encryption
•C=Me mod n
–Decryption:
•Cd mod n = Mde mod n = M
http://users.abo.fi/ipetre/crypto/
22. January 31, 2012 22
Computational aspects – RSA implementation
Fast modular exponentiation
Take each step in turn and discuss how
can it be implemented efficiently
For encryption and decryption we must be
able to do quick modular exponentiations
– two ideas are useful:
(ab mod n) = [(a mod n)(b mod n)] (mod n)
To compute x16 mod n we do not have to
do 15 multiplication but only 4: compute x2
mod n, x4 mod n, x8 mod n, x16 mod n
Apply this to compute quickly any
exponent, not just powers of 2
RSA scheme
–Key generation
•Choose primes p,q
•Compute n=pq
•Choose e, 1<e<φ(n) with gcd(φ(n),e)=1
•Compute d≡e-1 mod φ(n)
•Private key is {d,n}
•Public key is {e,n}
–Encryption
•C=Me mod n
–Decryption:
•Cd mod n = Mde mod n = M
http://users.abo.fi/ipetre/crypto/
23. January 31, 2012 23
Fast modular exponentiation
Square-and-multiply algorithm
Input: n,x,b (b is in base 2 (bk-1,…,b1,b0), b≠0
Output: xb mod n
1. z=1
2. for i=k-1 downto 0
3. z=z2 mod n
4. if bi=1 then z=zx mod n
Complexity O(r3), where r=[log2n]
Example: encrypt 9726 with
KU={3533,11413}: 97263533mod 11413
3533=(1,1,0,1,1,1,0,0,1,1,0,1)
Ciphertext: 5761
RSA scheme
–Key generation
•Choose primes p,q
•Compute n=pq
•Choose e, 1<e<φ(n) with gcd(φ(n),e)=1
•Compute d≡e-1 mod φ(n)
•Private key is {d,n}
•Public key is {e,n}
–Encryption
•C=Me mod n
–Decryption:
•Cd mod n = Mde mod n = M
i bi z
11 1 9726
10 1 97262x9726=2659
9 0 26592=5634
8 1 56342x9726=9167
7 1 91672x9726=4958
6 1 49582x9726=7783
i bi z
5 0 77832=6298
4 0 62982=4629
3 1 46292x9726=10185
2 1 101852x9726=105
1 0 1052=11025
0 1 110252x9726=5761
http://users.abo.fi/ipetre/crypto/
24. January 31, 2012 24
Computational aspects – RSA implementation
Key generation
The highlighted part in the algorithm is
easy to implement
Generate a series of random numbers
and test each against φ(n) for relative
primality
Testing whether or not two integers
are relatively prime and finding a
modular inverse can be done with the
extended Euclid’s algorithm
Very few tests are needed before a
usable e is found: the probability that
two random numbers are relatively
prime is 0.6
RSA scheme
–Key generation
•Choose primes p,q
•Compute n=pq
•Choose e, 1<e<φ(n) with gcd(φ(n),e)=1
•Compute d≡e-1 mod φ(n)
•Private key is {d,n}
•Public key is {e,n}
–Encryption
•C=Me mod n
–Decryption:
•Cd mod n = Mde mod n = M
http://users.abo.fi/ipetre/crypto/
25. January 31, 2012 25
Computational aspects – RSA implementation
Key generation
No practical techniques to yield large
prime numbers
Procedure: generate random odd
numbers and test whether that integer is
prime
Testing whether or not an integer n is a
prime is a difficult problem (“primality is
difficult”)
There has been a long standing question
in math whether or not primality can be
tested in polynomial deterministic time
Answer (2002): YES!
Manindra Agrawal, Neeraj Kayal and Nitin
Saxena, “PRIMES is in P”, Ann. of Math.
(2), 160:2 (2004) 781--793.
Drawback: high complexity – O(log12n
f(log log n)), where f is a polynomial
RSA scheme
–Key generation
•Choose primes p,q
•Compute n=pq
•Choose e, 1<e<φ(n) with gcd(φ(n),e)=1
•Compute d≡e-1 mod φ(n)
•Private key is {d,n}
•Public key is {e,n}
–Encryption
•C=Me mod n
–Decryption:
•Cd mod n = Mde mod n = M
http://users.abo.fi/ipetre/crypto/
26. January 31, 2012 26
Miller-Rabin primality test
Faster methods of testing primality exist – they are all probabilistic
Such an algorithm can give two answers to the question “Is n prime?”
1. No, it is not
2. n is probably prime
The probability can be made arbitrarily large
Other algorithms may give precise answer but with low probability they
may take a long time to finish
Most popular primality test: Miller- Rabin, based on Fermat’s little
theorem
http://users.abo.fi/ipetre/crypto/
27. January 31, 2012 27
Miller-Rabin primality test
Fermat’s little theorem: if p is prime and a is positive integer not divisible by p, then ap-1 ≡ 1 mod p
Idea of the Miller-Rabin test:
We need to test if the odd integer n is prime: test the equality in Fermat’s little theorem
for n and a random a
A speedup may be done so that we do not have to compute all powers of a – details bellow
n-1 is even, i.e., of the form n-1=2kq, with k>0, q odd: k and q easy to find
Choose an integer a such that 1<a<n-1
Compute modulo n the values a2jq, 0≤j≤q: aq, a2q,…, a2k-1q, a2kq
By Fermat’s theorem, if n is prime, then the last value in the sequence is 1 – the
sequence may have some other 1s, consider the first 1 in the sequence
Case 1: the first number in the sequence is 1 – then all other powers are also 1
Case 2: some number a2jq in the sequence is 1 – in this case a2j-1q = n-1 mod n
0 = (a2jq -1) mod n = (a2j-1q – 1) (a2j-1q + 1) mod n, i.e., n divides (a2j-1q – 1) or (a2j-1q + 1)
Since we took the first 1 in the sequence, it follows that n divides (a2j-1q + 1): a2j-1q = n-1 mod n
The test: if either the first element in the sequence is 1, or some other element is n-1,
then n could be prime. Otherwise n is certainly not prime
http://users.abo.fi/ipetre/crypto/
28. January 31, 2012 28
Miller-Rabin primality test
TEST(n)
1. n-1=2kq: compute k and q
2. Select a random integer a,
1<a<n-1
3. If aqmod n=1 then return
“probably prime”
4. For j=0 to k-1 do
5. If a2jq mod n = n-1, then return
“probably prime”
6. Return “not a prime”
•Question: for how many integers a does the test fail?
•Failure: n is not prime but the algorithm return
“probably prime”
•Answer: for at most (n-1)/4 integers a with 1≤a≤n-1
•Thus, the probability of failure is at most ¼
•Practical implementation:
•Repeatedly invoke TEST(n) using random
choices for a
•If TEST(n) return at least once “not a prime”,
then n is not a prime
•If t executions of TEST(n) return “probably
prime”, then the probability that n is indeed a
prime is larger than 1-4-t
•t=10 gives probability larger than 0.999999
http://users.abo.fi/ipetre/crypto/
29. January 31, 2012 29
Computational aspects – RSA implementation
Key generation
To choose primes p,q we generate random
numbers p,q on the desired scale of magnitude
and test the primality with Miller-Rabin
Question: How many trials should we expect to
do before we find a prime?
Distribution of primes
Prime number theorem: for any integer x, the
primes near x are spaced in average one every
log(x) integers
On average we have to test log(x) integers before
we find a prime – reject immediately even integers
and integers ending in 5
Correct rate: we need to test in average 0.4 log(x)
integers before we find a prime of the order of x
Example: if we look for a prime on the order of
magnitude 2200 we need to do in average 55 trials,
order of magnitude 21024: in average 284 trials
RSA scheme
–Key generation
•Choose primes p,q
•Compute n=pq
•Choose e, 1<e<φ(n) with
gcd(φ(n),e)=1
•Compute d≡e-1 mod φ(n)
•Private key is {d,n}
•Public key is {e,n}
–Encryption
•C=Me mod n
–Decryption:
•Cd mod n = Mde mod n = M
http://users.abo.fi/ipetre/crypto/
30. January 31, 2012 30
Attacking RSA
Brute force attacks: try all possible private keys
As in the other cases defend using large keys:
nowadays integers between 1024 and 2048 bits
Mathematical attacks
Factor n into its two primes p,q: this is a hard problem
for large n
Challenges by RSA Labs to factorize large integers
Last solved challenge: 768 bits (2009)
Determine φ(n) directly without first determining p,q:
this math problem is equivalent to factoring
Determine d directly, without first determining φ(n): this
is believed to be at least as difficult as factoring
Suggestions for design
The larger the keys, the better but also the slower the
algorithm
Choosing p,q badly may weaken the algorithm
p,q should differ in length by only a few bits: for a 1024-bit
key, p,q should be on the order of magnitude 1075 to 10100
p-1 and q-1 should both contain a large prime factor
gcd(p-1,q-1) should be small
d should be larger than n1/4
RSA scheme
–Key generation
•Choose primes p,q
•Compute n=pq
•Choose e with gcd(φ(n),e)=1
•Compute d≡e-1 mod φ(n)
•Private key is {d,n}
•Public key is {e,n}
–Encryption
•C=Me mod n
–Decryption:
•Cd mod n = Mde mod n = M
http://users.abo.fi/ipetre/crypto/
31. January 31, 2012 31
Attacks on RSA
Timing attacks: determine a private key by keeping track
of how long a computer takes to decipher a message
(ciphertext-only attack) – this is essentially an attack on the
fast exponentiation algorithm but can be adapted for any
other algorithm
Whenever a bit is 1 the algorithm has more computations to
do and takes more time
Countermeasures:
Ensure that all exponentiations take the same time before
returning a result: degrade performance of the algorithm
Add some random delay: if there is not enough noise the
attack succeeds
Blinding: multiply the ciphertext by a random number before
performing exponentiation – in this way the attacker does not
know the input to the exponentiation algorithm. (implemented
in the commercial products from RSA Data Security Inc.)
Decryption M=Cd mod n is modified as follows:
Generate a secret random number r between 0 and n-1
Compute C’=C(re) mod n where e is the public exponent
Compute M’=(C’d) mod n with the ordinary exponentiation
Compute M=M’r-1 mod n
Reported performance penalty: 2 to 10%
Square-and-multiply algorithm
– Input: n,x,b
(b is in base 2 (bk-1 ,…,b1,b0)
– Output: xb mod n
1. z=1
2. for i=k-1 downto 0
3. z=z2 mod n
4. if bi=1 then z=zx mod n
http://users.abo.fi/ipetre/crypto/
32. January 31, 2012 32
Pseudo-random number generators
Essential in RSA (and elsewhere) to be able to generate pseudo-
random numbers
A sequence of numbers is random if they have uniform distribution and
are independent (no value can be deduced from the others)
We generally use algorithmic techniques to generate such numbers –
they will not be independent and thus not random
The whole point is to make them “look” random, i.e., make them pass many
test of randomness
Three tests to be used in evaluating a pseudo-random number
generator
The function should be full-period generating function: generate all numbers
in its range before repeating
The generated sequence should appear random: pass many statistical tests
The function should implement efficiently with 32-bit arithmetic
http://users.abo.fi/ipetre/crypto/
33. January 31, 2012 33
Pseudo-random number generators
The most widely used technique is the linear congruential method (Lehmer
1951)
Xn+1=(aXn+c) mod m
One should be very careful in choosing constants a, c, m: a=c=1 is bad
choice!
Value of m should be as large as possible: usually close to 231, very often
chosen to be the prime number 231-1; in this case one can take c=0
There are very few good choices for a: for m= 231-1 only a handful of choices
are advisable – very often used is a=75=16807
Xn+1=16807 Xn mod (231-1)
Using this in cryptography needs extra care:
If the attacker finds one single value, then he will be able to compute all
subsequent values
Idea: restart the sequence often, using the clock as seed (initial value)
http://users.abo.fi/ipetre/crypto/
34. January 31, 2012 34
Cryptographically generated pseudo-random numbers
Idea: use cryptographic primitives to generate
pseudo-random numbers
One possibility: Use a counter and encrypt each
value for the counter, e.g., with DES – the
cryptotext will be the key
Stronger version: instead of a counter use a
PRNG (pseudo-random number generator)
Technique can be made stronger using a more
sophisticated scheme and 3DES, see ANSI
X9.17 PRNG
http://users.abo.fi/ipetre/crypto/
35. January 31, 2012 35
Another speed-up in RSA implementation
Operations modulo big integers become more time-consuming as
the integers grows bigger
Efficient implementation: use Chinese Remainder Theorem (CRT)
In its simplest formulation, CRT essentially says that if n=pq, then
instead of addition/difference/multiplication modulo n one can perform
the same modulo p and modulo q and then compute the result mod n
Big advantage because the modules are much smaller
http://users.abo.fi/ipetre/crypto/