Full Transcript

1 University of Science and Technology Faculty of Computer Science and Information Technology Department of Information and Communication Technology Lecture (10) ASymmetric Encryption Instructor: Mashair Omer Principles of...

1 University of Science and Technology Faculty of Computer Science and Information Technology Department of Information and Communication Technology Lecture (10) ASymmetric Encryption Instructor: Mashair Omer Principles of Public Key Cryptosystems 2 The concept of public-key cryptography evolved from an attempt to find solution to two of the most difficult problems associated with symmetric encryption.  The first problem is that of key distribution, key distribution under symmetric encryption requires either:  that two communicants already share a key, which somehow has been distributed to them; or  the use of a key distribution center.  The second problem is digital signatures. If the use of cryptography was to become widespread, then electronic messages and documents would need the equivalent of signatures used in paper documents Whitfield Diffie, and Martin Hellman, both at Stanford University at the time, achieved an astounding breakthrough in 1976 by coming up with a method that addressed both problems and was radically different from all previous approaches to cryptography. That is Public-Key Cryptography. Public-Key Cryptosystems 3 Asymmetric algorithms rely on one key for encryption and a different but related key for decryption. These algorithms have the following important characteristic.  It is computationally infeasible to determine the decryption key given only knowledge of the cryptographic algorithm and the encryption key.  Either of the two related keys can be used for encryption, with the other used for decryption. Figure 11.1a shows public key encryption with public key, and Figure 11.1 b shows encryption with private key. Encryption with public key: 4 Encryption with Private key: 5 A public-key encryption scheme has 5 Elements: 6  Plaintext: This is the readable message or data that is fed into the algorithm as input.  Encryption algorithm: The encryption algorithm performs various transformations on the plaintext.  Public and private keys: This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption.  Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the key. For a given message, two different keys will produce two different ciphertexts.  Decryption algorithm: This algorithm accepts the ciphertext and the matching key and produces the original plaintext. The essential steps to use public key cryptosystem : 7  1. Each user generates a pair of keys to be used for the encryption and decryption of messages.  2. Each user places one of the two keys in a public register or other accessible file. This is the public key. The companion key is kept private. As Figure 9.1a suggests, each user maintains a collection of public keys obtained from others.  3. If Bob wishes to send a confidential message to Alice, Bob encrypts the message using Alice’s public key.  4. When Alice receives the message, she decrypts it using her private key. No other recipient can decrypt the message because only Alice knows Alice’s private key. Cont: 8  Let us take a closer look at the essential elements of a public-key encryption scheme, using Figure 11.2. There is some source A that produces a message in plaintext The M elements of X are letters in some finite alphabet. The message is intended for destination B. B generates a related pair of keys: a public key, PUb , and a private key, PR b is known only to B, whereas PU b is publicly available and therefore accessible by A.  With the message X and the encryption key PUb as input, A forms the ciphertext  The intended receiver, in possession of the matching private key, is able to invert the transformation: Confidentiality: 9 Authentication 10  Figures 11.1b and 11.3 show the use of public-key encryption to provide authentication, where herefore, the entire encrypted message serves as a digital signature. Authentication and Confidentiality 11  It is important to emphasize that the encryption process depicted in Figures 9.1b and 9.3 does not provide confidentiality. That is, the message being sent is safe from alteration but not from eavesdropping.  It is, however, possible to provide both the authentication function and confidentiality by a double use of the public-key scheme (Figure 9.4), where: Cont: 12 Applications for Public-Key Cryptosystems 13 In broad terms, we can classify the use of public- key cryptosystems into three categories:  Encryption /decryption: The sender encrypts a message with the recipient’s public key.  Digital signature: The sender “signs” a message with its private key. Signing is achieved by a cryptographic algorithm applied to the message or to a small block of data that is a function of the message.  Key exchange: Two sides cooperate to exchange a session key. some algorithms are suitable for all uses, others are specific to one. Applications for Public-Key cryptosystems: 14 algorithm Encryption/Decryption Digital signature Key exchange RSA Yes Yes Yes Elliptic Curve Yes Yes Yes Diffie-Hellman No No Yes DSS No Yes No 15 RSA: Rivest, Shamir, Adleman algorithm The algorithm’s developers. The RSA algorithm was the first public key encryption algorithm developed (in 1977) and published for commercial use. It is very popular and has been embedded in both Microsoft and Netscape Web browsers to enable them to provide security for e-commerce applications. RSA: Choosing keys 16 1. Choose two large prime numbers p, q. (e.g., 1024 bits each) 2. Compute n = pq, z = (p-1)(q-1) 3. Choose e (with e (7, 33) Private key is (d, n) => (3, 33) The encryption of m = 2 is c = 27 % 33 = 29 The decryption of c = 29 is m = 293 % 33 = 2

Use Quizgecko on...
Browser
Browser