chapter 3 encryption algorithms & systems (part c)
TRANSCRIPT
Chapter 3
Encryption Algorithms & Systems (Part C)
csci5233 computer security & integrity (Chap. 3)
2
Outline
NP-completeness & EncryptionNP-completeness & Encryption Symmetric (secret key) vs Asymmetric (public key) Symmetric (secret key) vs Asymmetric (public key)
EncryptionsEncryptions Popular Encryption AlgorithmsPopular Encryption Algorithms
– Merkle-Hellman KnapsacksMerkle-Hellman Knapsacks– RSA Encryption– El Gamal Algorithms– DES
Hashing Algorithms Key Escrow & Clipper
csci5233 computer security & integrity (Chap. 3)
3
RSA Encryption 1978: Rivest, Shamir, Adelman Public key encryption Remains secure to date Encryption key (e) and decryption key (d) are
interchangeable. The two keys, e and d, are carefully chosen such that
C = Pe mod n (encryption) and P = Cd mod n (decryption).
csci5233 computer security & integrity (Chap. 3)
4
Euler Totient Function (n): the number of positive integers less than n and
are relatively prime to n.
If n is prime:
(n) = n – 1
When n = p * q, where both p and q are primes and p q:
(n) = (p) * (q) = (p – 1) * (q – 1)
csci5233 computer security & integrity (Chap. 3)
5
RSA Encryption Public key = (e, n) Private key = (d, n)
Step 1: Choose n, p, & q
n = p * q, where both p and q are primes and p q
Example: n = 143 = p * q = 11 * 13
csci5233 computer security & integrity (Chap. 3)
6
RSA Encryption Step 2: Choose e.
e is relatively prime to (n). That is, e is relatively prime to (p-1)*(q-1).
Example: e = 17, which is relatively prime to 10*12.
Step 3: Compute d.
d is the inverse of e mod (p-1)*(q-1).
Use the algorithm on page 81 to compute inverses.
Note: A Java implementation of the algorithm is available at the class page.
Example: d = e-1 mod (p-1)*(q-1) = 17-1 mod 120= 113
csci5233 computer security & integrity (Chap. 3)
7
RSA Encryption An example (pp.94-95): P = 7
Let n = 143, p = 11, q = 13, and e = 11.
Note: e is relprime to (p-1)*(q-1).
Then d = 11
Note: d is the inverse of e mod (p-1)*(q-1).
Encryption:
C = Pe mod n = 711 mod 143 = 106
Decryption:
P = Cd mod n = 5011 mod 143 = 7
csci5233 computer security & integrity (Chap. 3)
8
RSA Encryption Another example: P = 7
Let n = 143, p = 11, q = 13, and e = 17.
Note: e is relprime to (p-1)*(q-1).
Then d = 113
Note: d is the inverse of e mod (p-1)*(q-1).
Encryption:
C = Pe mod n = 717 mod 143 = 50
Decryption:
P = Cd mod n = 50113 mod 143 = 7
csci5233 computer security & integrity (Chap. 3)
9
RSA Encryption Still another example: P = 55
Let n = 285, p = 19, q = 17, and e = 37.
Note: e is relprime to (p-1)*(q-1), 288.
d = 109
Note: d is the inverse of e mod (p-1)*(q-1).
Encryption:
C = Pe mod n = 5537 mod 288 = 55
Decryption:
P = Cd mod n = 55109 mod 288 = 55
csci5233 computer security & integrity (Chap. 3)
10
RSA Encryption The cryptographer’s job:
– Find three primes, p, q, and e, where
p * q = n and
e is relatively prime to (p-1)*(q-1).
– Compute d based on e and n.
The challenge: p, q, and e must be large enough primes.
See discussions on p.95.
csci5233 computer security & integrity (Chap. 3)
11
RSA Encryption The cryptanalyst’s job:
P = Cd mod n
– Available: (e, n).
– Find two primes p and q, such that p * q = n and e is relatively prime to (p-1)*(q-1).
– Compute d: d = inverse (e, (p-1)*(q-1))
Q: Where’s the secrecy?
Q: Given n and a prime e, how hard is it to find two distinct primes, p and q, such that p*q = n and (p-1)*(q-1) is relprime to e?
csci5233 computer security & integrity (Chap. 3)
12
El Gamal Algorithm A public key algorithm 1984 Important in the U.S. DSS (Digital Signature Standard) Digital Signatures
The sender computes the digital signature using his own private key.
DS = E (Keypriv, P)
The receiver verifies the signature using the sender’s public key.
P = D (Keypub, DS)
csci5233 computer security & integrity (Chap. 3)
13
El Gamal Algorithm To generate a key pair:
– Choose a prime p and two integers, a and x,
such that a < p and x < p.
– The prime p should be chosen so that (p-1) has
a large prime factor q.
– Calculate the public key: y = ax mod p.
– Private key: x
– Public key: y
csci5233 computer security & integrity (Chap. 3)
14
El Gamal Algorithm (The sender) To sign a message m:
– Choose a new random integer k, 0 < k < p-1 and
k is relprime to (p-1).
– Compute r = ak mod p.
– Compute s = k-1 ( m – xr ) mod (p-1)
– The message signature: r and s.
Verification: A recipient use the public key (y) to compute ( y r r s ) mod p and determine if it is equivalent to am mod p.
csci5233 computer security & integrity (Chap. 3)
15
Hash Algorithm A hash algorithm is a check function that protects
data against modifications. C.f., checksum in network transmission Hash functions produce a reduced form of a body of
data (called a digest or check value) such that most changes to the data will also change the reduced form.
A cryptographic hash function uses a cryptographic function as part of the hash function.
1992: Secure Hash Algorithm (SHA)
csci5233 computer security & integrity (Chap. 3)
16
Secure Hash Algorithm (SHA) 1992: NIST Input data < 264 bits 160-bit digest Strength: diffusion, the avalanche effect See Fig. 3-9, p.99
C.f., MD4, MD5
Both MD5 and SHA are variants of the MD4 by Rivest.
Strength: MD4 < MD5 < SHA
csci5233 computer security & integrity (Chap. 3)
17
Summary Public key encryption algorithms: Merkle-Hellman,
RSA, El Gamal SHA
Next: DES, Key Escrow