Upload
avijeet-banerjee
View
226
Download
0
Embed Size (px)
Citation preview
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 1/14
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 2/14
Cryptography Terms
Cryptography – The practice and study of encryptionand decryption – encoding data so that it can onlybe encoded by specific individuals.
Cryptosystem – system for encrypting anddecrypting data. Security of cryptosystem dependson secrecy of the keys rather than the secrecy of thealgorithm. It is important to have a large range of possible keys, so that it is not possible to do a ―brute
force‖ approach in cracking the algorithm. Plaintext – Unencrypted data.
Ciphertext – Encrypted data. ―unreadable jibberish‖1
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 3/14
How Cryptography Works
Uses cryptographic algorithms called―ciphers‖ and ―deciphers.‖ Mathematicalfunctions that work with cryptographic
keys to encrypt and decrypt plaintext. The larger the ―key,‖ the more secure the
ciphertext.
The same plaintext encrypts to differentciphertexts using different keys.
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 4/14
Public Key Cryptography
Traditionally, cryptography was done with just a secret key,which would have to be known to everyone, and this wasinsecure.
The challenge would be that parties would have to agree on asecret key without anyone else finding out.
The secret key method is generally faster, but less secure.
The public key cryptosystem was introduced in 1976 byWhitfield Diffie and Martin Hellman.
Uses public key for encryption, as well as a private key for decryption.
Each user gets two keys: one public and one private. The public
key is published; the private key is secret. This eliminates theneed to share the private key.
Private key is always linked mathematically to the public key. If the system, is hacked, then the secret key can be found.
The solution is to make it so that the hacker has to factor a verylarge number to get the private key, so that it would become
―computationally infeasible‖ to perform the derivation.
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 5/14
Advantages and Disadvantages
of Public Key Cryptography Advantages:
Increased security and convenience.
Provides digital signatures that cannot be
repudiated.
Disadvantages:
Slower than secret key method, but can be
used in conjunction with the secret key tomake it more efficient.
Can be vulnerable to impersonation if hacked.
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 6/14
RSA Public-Key Cryptography
Named after the inventors, Ron Rivest, Adi
Shamir, and Len Adleman in 1977.
One of the interesting things about RSA is thatyou can tell anyone about how the encryption
works; however, this knowledge is not sufficient
to be able to decrypt the ciphertext. Only the
chosen few who have extra information can
decrypt the message.
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 7/14
Computing the RSA Public Key
RSA public key: Modulus (also called n): The product of two
large, odd, prime numbers p and q, of about
the same size. Therefore, n = pq.
Exponent (e): 3 < e < n
and e and ( p – 1)(q – 1) have not
common factors except 1 (ie. e is relatively
prime to (p –
1)(q –
1) ).
RSA Private key d :
Number d such that (ed – 1) is divisible
by (p –
1)(q –
1).
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 8/14
Meet Alice & Bob
Bob wants to send Alice the test answers
without Professor Eve knowing. Bob decides to
use RSA cryptography to send Alice his
message. Bob encrypts his message byperforming the following formula:
c = me mod n
where c = ciphertext, m = message, e =
exponent, n = modulus (ie. pq)
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 9/14
Alice receives the ciphertext c , and
needs to decrypt it using the followingformula:
m = c d mod n
where m = the test answers Bob sent to Alice
c = the ciphertext of the message, d = Alice’s
private key, n = pq (the modulus).
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 10/14
Bob Alice
Test Answers (M) Test Answers (M)
Me % n Alice’s
Public Key
(e, n)
Ciphertext (c) Ciphertext (c)
Cd % n Alice’s
Private Key
(d)
transmission
n = p * q
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 11/14
Mathematical Example2
Let’s say that. . .
p = 61 — first prime number (to be kept secret or deleted securely)
q = 53 — second prime number (to be kept secret or deleted securely)
n = pq = 3233 — modulus (to be made public)
e = 17 — public exponent (to be made public)
d = 2753 — private exponent (to be kept secret)
The encryption function is:
encrypt(m) = me mod n = m17 mod 3233
where m is the plaintext.
The decryption function is:
decrypt(c ) = c d mod n = c 2753 mod 3233
where c is the ciphertext.
To encrypt the plaintext value 123, we calculate
encrypt(123) = 12317 mod 3233 = 855
To decrypt the ciphertext value 855, we calculate
decrypt(855) = 8552753 mod 3233 = 123
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 12/14
Digital Signature
Hash (M)
Alice’s
Public Key
(e, n)
Ciphertext (c) Ciphertext (c)
decrypt
Alice’s
Private Key
(d)
n = p * q
Digital Signature
+
Test Answers (M)
Bob’s
Private
Key (d)
M + Digital
Signature
Decrypt with Bob’s
public keyHash (M) ==
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 13/14
Padding
RSA is usually combined with a padding scheme inorder to make sure the message m never has aninsecure ciphertext.
RSA implementations typically embed some form of structured, randomized padding into the message m
before encrypting it. This will ensure that it does notfall into the range of insecure plaintexts.
The padded encryption can have a large number of possible ciphertexts, thus decreasing the risk of anattacker building a dictionary by encrypting likelyplaintexts under the public key and storing theresulting ciphertexts. When matching ciphertexts areobserved on a communication channel, the attacker can use this dictionary in order to learn the content of the message.2
7/28/2019 RSA Cryptography KC LG
http://slidepdf.com/reader/full/rsa-cryptography-kc-lg 14/14
References
1 http://www.codeproject.com/dotnet/RSACryptoPad.asp
2 http://en.wikipedia.org/wiki/Rsa
Cormen, Leiserson, Rivest, Stein. Introduction to
Algorithms. McGraw-Hill.