Applied Cryptography Lecture 7

Questions and Answers

What does the value e in RSA represent?

Decryption exponent or private exponent

Encryption exponent or public exponent (correct)

Symmetric key length

Message length

What is the role of the private key d in RSA?

Decrypts messages for the recipient (correct)

Encrypts messages for the sender

Generates the public key

Manages key rotation

Which of the following is NOT a recommended practice for securing RSA?

Using a strong prime number generator

Using short prime numbers to speed up encryption (correct)

Having key lengths of at least 2048 bits

Performing regular key rotation

In the given example, what was the public key that Bob sent to Alice?

(33, 3)

Which of the following techniques helps to speed up RSA encryption and decryption?

Applying fast modular multiplication

What is a significant drawback of symmetric cryptosystems?

Key distribution and management are complicated.

Why are public-key encryption schemes not typically used for bulk data encryption?

They are substantially slower than symmetric-key encryption.

What does Bob publish in an asymmetric cryptography system?

A public encryption key.

In asymmetric cryptography, what is the purpose of the private key?

To decrypt messages encrypted with the public key.

What is a key characteristic of public-key algorithms?

They utilize one-way functions.

Which of the following is a well-known algorithm family based on integer-factorization schemes?

RSA

What is the main computational challenge involved in one-way functions used in public-key cryptography?

Making the forward function infeasible to evaluate inversely.

What problem does discrete logarithm schemes aim to address?

Calculating logarithms in finite fields.

Which of the following algorithms is an example of an elliptic curve scheme?

Elliptic Curve Digital Signature Algorithm (ECDSA)

What does a security level of n bits imply about the algorithm's resistance to attacks?

The best known attack requires $2n$ steps.

In the RSA cryptosystem, what is the common application of RSA besides encryption?

Digital signatures for certificates

What is a significant advantage of elliptic curve schemes compared to RSA and discrete logarithm schemes?

They require shorter key lengths for equal strength.

Which statement about the Euclidean algorithm is accurate?

It determines the greatest common divisor (gcd) of two integers.

To achieve long-term security, which key length should be chosen for public-key algorithms?

128-bit

Which of the following statements about key lengths in public-key algorithms is true?

Higher key lengths result in slower algorithms but increased security.

What does RSA stand for in the RSA cryptosystem?

Ron, Shamir, Adleman

Study Notes

Applied Cryptography - Lecture #7

• Topic: Public Key Cryptography I
• Symmetric Cryptosystems Shortcomings
  • A key problem is key distribution and key management
  • Alice and Bob need a secret key for secure communication
  • Key exchange requires a secure channel or courier.
  • With n users, n(n-1)/2 secret key exchanges are necessary, all needing secure storage.
  • Digital signatures from symmetric-key encryption require large keys or a trusted third party (TTP).
• Asymmetric Cryptography
  • Bob publishes a public encryption key, known by everyone
  • Bob has a matching secret key for decryption
  • Bob's key has public (k_pub) and private (k_pr) parts
  • Asymmetric systems are also called public-key cryptosystems
• Asymmetric Cryptography - Basic Concepts
  • Public-key encryption schemes are substantially slower than symmetric-key algorithms like DES.
  • Public-key encryption is used for key transport, bulk data encryption, data integrity and authentication, and encrypting small data items (e.g., credit card numbers, PINs).
• Asymmetric Cryptography - Protocol
  • Sender uses recipient's public key to encrypt
  • Recipient uses their private key to decrypt
  • Different keys are used for encryption and decryption

One-Way Function

• Public-key algorithms rely on one-way functions.
• Function f(x) where y = f(x) is computationally easy and x = f^-1(y) is computationally infeasible.
• Computation of y = f(x) needs to be fast, but the inverse computation has to be computationally intensive.

Public-Key Algorithm Families

• Integer-Factorization Schemes: Difficult to factor large integers (e.g., RSA)
• Discrete Logarithm Schemes: Based on the discrete logarithm problem in finite fields (e.g., Diffie-Hellman, Elgamal, DSA).
• Elliptic Curve (EC) Schemes: Generalization of the discrete logarithm algorithm (e.g., ECDH, ECDSA).

Key Lengths and Security Levels

• Public-key algorithm families rely on number theoretic functions needing long operands and keys
• Longer operands/keys lead to greater security.
• Security level (n-bit): the best attack requires 2ⁿ steps.
• RSA-like and discrete-logarithm schemes typically require very long operands and keys.
• EC schemes have significantly smaller key lengths while maintaining sufficient strength when compared to symmetric ciphers.
• 128-bit security level usually required for long-term security.

RSA Cryptosystem

• RSA (1977), invented by Rivest, Shamir, and Adleman, is the most widely used public-key cryptosystem.
• Applications include:
  • Encryption of small pieces of data, especially for key transport
  • Digital signatures for digital certificates on the Internet.

Euclidean Algorithm

• Used for calculating the greatest common divisor (gcd) of two positive integers (r₀ and r₁).
• gcd(r₀, r₁) is the largest positive integer dividing both r₀ and r₁.

Euler's Phi Function

• φ(m) is the number of integers in Z_m that are relatively prime to m
• Useful for public-key schemes (especially RSA). This is often used in modular arithmetic when dealing with RSA.

RSA Key Generation

• Each entity creates an RSA public and private key.
  • Generate two large prime numbers p and q
  • Compute n = pq and φ(n) = (p-1)(q-1)
  • Select a random integer e (1 < e < φ(n)) such that gcd(e,φ(n)) = 1.
  • Find the unique integer d (1 < d < φ(n)) such that ed = 1 (mod φ(n)).
• Public key (n, e)
• Private key d

RSA Encryption and Decryption

• Encryption: y = x^e mod n (x is plaintext, y is ciphertext, e and n are from the public key)

• Decryption: x = y^d mod n (y is ciphertext, x is plaintext, d is the private key)

• In practice, x, y, n, and d are very large numbers (often 1024-bit or more)

• For Bob to send Alice an encrypted message, Alice must know Bob's public key. Bob decrypts with his private key

• e is the encryption exponent, d is the decryption exponent.

RSA Encryption in Practice

• Techniques to speed up RSA operations include fast modular multiplication and fast modular exponentiation, but, RSA encryption/decryption is nevertheless substantially slower than symmetric algorithms.

Avoiding RSA Vulnerabilities

• Use a strong prime number generator to make prime numbers unpredictable and difficult to guess.
• Use a minimum length of 2048 bits for the RSA key.
• Securely manage and rotate RSA keys properly, using different keys for different applications if appropriate.

Exercise

• Encrypt two messages (x₁ and x₂) using RSA with given parameters (p, q, e, d, x₁, x₂). Use the supplied values.

Description

Explore the principles of Public Key Cryptography in this quiz. Understand the shortcomings of symmetric cryptosystems and the basics of asymmetric cryptography. Test your knowledge on key distribution, digital signatures, and public-key systems.