Applied Cryptography Lecture Notes PDF
Document Details
Uploaded by Deleted User
Shaqra University
Tags
Summary
These lecture notes cover public key cryptography, focusing on the RSA algorithm, the Euclidean algorithm, and Euler's totient function. The notes also discuss key generation, encryption, and decryption procedures.
Full Transcript
Applied Cryptography Lecture #7 Public Key Cryptography I College of Computing and IT 1 Remember (Lect.01) Symmetric Cryptosystems Shortcomings A problem of the symmetric cryptosystems is key distribution and key management. When Alice and Bob use a symmetric cryptosystem, they...
Applied Cryptography Lecture #7 Public Key Cryptography I College of Computing and IT 1 Remember (Lect.01) Symmetric Cryptosystems Shortcomings A problem of the symmetric cryptosystems is key distribution and key management. When Alice and Bob use a symmetric cryptosystem, they must exchange a secret key before they can secretly communicate. For the key exchange, they need a secure channel or a courier. Symmetric Cryptosystems Shortcomings If a communication network has n users and any two of them exchange a key, then n(n - 1)/2 secret key exchanges are necessary and all those keys have to be stored securely. Digital signature mechanisms arising from symmetric-key encryption typically require either large keys for the public verification function or the use of a trusted third party (TTP). Asymmetric Cryptography In order to overcome these drawbacks, Bob publishes a public encryption key which is known to everyone. Bob also has a matching secret key, which is used for decryption. Thus, Bob’s key k consists of two parts, a public part, kpub, and a private one, kpr. Asymmetric cryptosystems are also called public-key cryptosystems. Asymmetric Cryptography Public key Private key Asymmetric Cryptography Public-key encryption schemes are typically substantially slower than symmetric-key encryption algorithms such as DES. For this reason, public-key encryption is most commonly used in practice for the transport of keys subsequently used for bulk data encryption by symmetric algorithms and other applications including data integrity and authentication, and for encrypting small data items such as credit card numbers and PINs. Asymmetric Cryptography Basic protocol for public-key encryption looks as shown: Asymmetric Cryptography Public-key algorithms are all built from one common principle, the one-way function. Means that the computation of y = f (x) should be sufficiently fast in an application. The inverse computation x = f−1(y) should be so computationally intensive (not feasible to evaluate). Public-Key Algorithm Families Integer-Factorization Schemes: Based on the fact that it is difficult to factor large integers. The most known algorithm family is RSA. Discrete Logarithm Schemes: Based on what is known as the discrete logarithm problem in finite fields. Examples include the Diffie– Hellman key exchange, Elgamal encryption or the Digital Signature Algorithm (DSA). Elliptic Curve (EC) Schemes: A generalization of the discrete logarithm algorithm. Examples include Elliptic Curve Diffie–Hellman key exchange (ECDH) and the Elliptic Curve Digital Signature Algorithm (ECDSA). Key Lengths and Security Levels All of the established public-key algorithm families are based on number theoretic functions. They require arithmetic with very long operands and keys. The longer the operands and keys, the more secure the algorithms become. An algorithm is said to have a “security level of n bit” if the best known attack requires 2n steps. Key Lengths and Security Levels Bit lengths of public-key algorithms for different security levels. Key Lengths and Security Levels The table indicates that RSA-like schemes and discrete-logarithm schemes require very long operands and keys. The key length of elliptic curve (EC) schemes is significantly smaller, yet still twice as long as symmetric ciphers with the same cryptographic strength. To provide long-term security, i.e., security for a timespan of several decades, a security level of 128-bit should be chosen, which requires fairly long keys for all three algorithm families. The RSA Cryptosystem The RSA cryptosystem (1977), named after its inventors Ron Rivest, Adi Shamir, and Len Adleman, is the most widely used public-key cryptosystem. The RSA Cryptosystem There are many applications for RSA, but in practice it is most often used for: Encryption of small pieces of data, especially for key transport. Digital signatures for digital certificates on the Internet. Euclidean Algorithm We start with the problem of computing the greatest common divisor (gcd). The gcd of two positive integers r0 and r1 is denoted by and is the largest positive number that divides both r0 and r1. For the large numbers which occur in public- key schemes, factoring often is not possible. Euclidean Algorithm Euler’s Phi Function Euler’s Phi Function RSA Key Generation Key generation for RSA public-key encryption: Encryption and Decryption Encryption and Decryption In practice, x, y, n and d are very long numbers, usually 1024-bit long or more. The value e is sometimes referred to as encryption exponent or public exponent, and the private key d is sometimes called decryption exponent or private exponent. If Alice wants to send an encrypted message to Bob, Alice needs to have his public key (n, e), and Bob decrypts with his private key d. Encryption and Decryption Example 3: Alice wants to send an encrypted message x = 4 to Bob. Bob first computes his RSA parameters in Steps 1–5. He then sends Alice his public key (33, 3). Alice encrypts the message (x = 4) and sends the ciphertext y = 31 to Bob. Bob decrypts y using his private key d =7 and obtain the message x. Notes are in Python code. Encryption and Decryption Note1: gcd(e,Φ) = 1 RSA Encryption in Practice There are numerous ways of speeding up RSA encryption and decryption in software and hardware implementations. Some of these techniques including fast modular multiplication and fast modular exponentiation. Even with these improvements, RSA encryption/decryption is substantially slower than the commonly used symmetric-key encryption algorithms such as DES. Avoiding the Vulnerabilities of RSA Use a strong prime number generator to ensure that the prime numbers are unpredictable and cannot be easily guessed by an attacker. Use a minimum length of 2048-bits for the RSA key. Manage and secure the RSA keys properly using techniques like regular key rotation and different keys for different applications. Exercise Solve and send via https://lms.su.edu.sa Encrypt the two messages x1 and x2 by means of the RSA algorithm with the following system parameters: p = 47, q = 71, e=79, d = 1019, x1 = 688 , x2 = 232 Thank you Any questions? 28