Upload
melaney-ganas
View
20
Download
1
Embed Size (px)
DESCRIPTION
Rachana Y. Patil. 1. Symmetric and asymmetric-key cryptography will exist in parallel and continue to serve the community. We actually believe that they are complements of each other; the advantages of one can compensate for the disadvantages of the other. - PowerPoint PPT Presentation
Citation preview
Rachana Y. Patil
1
10.2
Symmetric and asymmetric-key cryptography will exist Symmetric and asymmetric-key cryptography will exist in parallel and continue to serve the community. We in parallel and continue to serve the community. We actually believe that they are complements of each actually believe that they are complements of each other; the advantages of one can compensate for the other; the advantages of one can compensate for the disadvantages of the other.disadvantages of the other.
Symmetric-key cryptography is based on sharing secrecy;asymmetric-key cryptography is based on personal
secrecy.
10.3
Asymmetric key cryptography uses two separate keys: one private and one public.
Locking and unlocking in asymmetric-key cryptosystem
10.4
General idea of asymmetric-key cryptosystem
10.5
Plaintext/CiphertextUnlike in symmetric-key cryptography, plaintext and ciphertext are treated as integers in asymmetric-key cryptography.
C = f (Kpublic , P) P = g(Kprivate , C)
Encryption/Decryption
07/20/10
The most common public-key algorithm is the The most common public-key algorithm is the RSA cryptosystem, named for its inventors RSA cryptosystem, named for its inventors (Rivest, Shamir, and Adleman).(Rivest, Shamir, and Adleman).
10.7
10.8
Encryption, decryption, and key generation in RSA
10.9
10.10
Encryption
10.11
Decryption
10.12
Example
Bob chooses 7 and 11 as p and q and calculates n = 77. The value of (n) = (7 − 1)(11 − 1) or 60. Now he chooses two exponents, e and d, from Z60 . If he chooses ∗ e to be 13, then d is 37. Note that e × d mod 60 = 1 (they are inverses of each Now imagine that Alice wants to send the plaintext 5 to Bob. She uses the public exponent 13 to encrypt 5.
Bob receives the ciphertext 26 and uses the private key 37 to decipher the ciphertext:
10.13
Bob receives the ciphertext 28 and uses his private key 37 to decipher the ciphertext:
Now assume that another person, John, wants to send a message to Bob. John can use the same public key announced by Bob (probably on his website), 13; John’s plaintext is 63. John calculates the following:
Example
07/20/10
Example
1.n=221 e=5 find d
2. p=19 q=23 e=3 find Ø(n) and d
3. e=17 n=187 find d
4. n=19519 e=17 find d
10.15
Attacks on RSA
10.17
Key Generation
10.18
Encryption
Decryption
10.20
Bob chooses p = 11 and e1 = 2. and d = 3 e2 = e1
d = 8. So the public keys are (2, 8, 11) and the private key is 3. Alice chooses r = 4 and calculates C1 and C2 for the plaintext 7.
Bob receives the ciphertexts (5 and 6) and calculates the plaintext.
07/20/10
Example
In ElGamal,given the prime p=311.Choose an appropriate e1 and d,then calculate e22.Encrypt the plaintext message 5 3.Decrypt the ciphertext to obtain the plaintext
SYMMETRIC-KEY AGREEMENTSYMMETRIC-KEY AGREEMENT
Alice and Bob can create a session key between Alice and Bob can create a session key between themselves. This method of session-key creation is themselves. This method of session-key creation is referred to as the symmetric-key agreement. referred to as the symmetric-key agreement.
Diffie-Hellman Key Agreement
The symmetric (shared) key in the Diffie-Hellman method is K = gxy mod p.
Note
Assume that g = 7 and p = 23. The steps are as follows:
Example
1. Alice chooses x = 3 and calculates R1 = 73 mod 23 = 21.2. Bob chooses y = 6 and calculates R2 = 76 mod 23 = 4.3. Alice sends the number 21 to Bob.4. Bob sends the number 4 to Alice.5. Alice calculates the symmetric key K = 43 mod 23 = 18.6. Bob calculates the symmetric key K = 216 mod 23 = 18.7. The value of K is the same for both Alice and Bob;
gxy mod p = 718 mod 35 = 18.
Alice and Bob decide to use diffie hellman key exchangeprotocol To agree upon a common key, they choose p=13 andg=2.Each chooses his own secret number and exchange thenumbers 6 and 11.
1. What will be the common secret key they derived?2. What are their secret numbers?3. Can intruder M gain any knowledge from the protocol
run if he sees P,g and the two public key 6 and 11? If yes show how
Example
Digital SignatureDigital Signature
• The sender uses a signing algorithm to sign the message.The sender uses a signing algorithm to sign the message.
• The message and the signature are sent to the receiver. The message and the signature are sent to the receiver.
• The receiver receives the message and the signature andThe receiver receives the message and the signature and
applies the verifying algorithm to the combination.applies the verifying algorithm to the combination.
• If the result is true, the message is accepted; otherwise, it is If the result is true, the message is accepted; otherwise, it is
rejected.rejected.
The digital signature process.The digital signature process.
The digital signature process.The digital signature process.
13.29
Need for Keys
A digital signature needs a public-key system.The signer signs with her private key; the verifier
verifies with the signer’s public key.
Note
13.30
A cryptosystem uses the private and public keys of the receiver: a digital signature uses
the private and public keys of the sender.
Note
13.31
DIGITAL SIGNATURE SCHEMES
Several digital signature schemes have evolved during Several digital signature schemes have evolved during the last few decades. Some of them have been the last few decades. Some of them have been implemented. implemented.
13.32
RSA Digital Signature Scheme
13.33
Key GenerationKey generation in the RSA digital signature scheme is exactly the same as key generation in the RSA
In the RSA digital signature scheme, d is private; e and n are public.
Note
13.34
Signing and Verifying
RSA digital signature scheme
07/20/10
Example
Alice selects n=221 and e=15.Find Private key of Alice. If Alice wants to send message M=11 to Bob. CalculateThe Signature and show Bob canVerify the message.
13.36
ElGamal Digital Signature Scheme
General idea behind the ElGamal digital signature scheme
13.37
Key GenerationThe key generation procedure here is exactly the same as the one used in the cryptosystem.
In ElGamal digital signature scheme, (e1, e2, p) is Alice’s public key; d is her private key.
Note
13.38
Verifying and Signing
ElGamal digital signature scheme
Example
• Bob chooses p=11,e1=2,r=9,d=8 and sign message M=5 using Elgamal digital signature scheme. Calculate s1 and s2 and show how Alice can verify the signature
• Alice chooses p=23,e1=5,d=3 a random number 9 and sign message M=7 before sending it to bob. Calculate s1 and s2 and show how bob can verify the signature.
07/20/10