Asymmetric Encryption

Chapter 04
 Principle of Asymmetric Encryption

1. The encryption key and the

decryption key are different.
2. Encrypt with one key then
decrypt with the other key and
vice versa.

2
 Applications of Asymmetric Cryptography

 Information Encryption
 Information Authentication
 Key Exchange in Symmetric
Cryptography

3
 Activities
 Each user generates a key pair (PU, PR).
 The user publishes the key PU to all other
users.
 User A sends information to User B by
encrypting the block of information with
public key of B (PUB)
 User B decrypts the information with its
own private key (PRB)

4
 Application about Information Confidentiality

5
 Application about Information Authentication

6
 RSA Cryptography Algorithm

 Developed by Rivest, Shamir and

Adleman (1977).
 As a block cipher, the block size is
variable.
 Based on number theory, especially
modulo operations.

7
 RSA Algorithm
RSA: block cipher, size 1024(2048), original information is
handled as integer => integer: 0-2^1024-1, equivalent to decimal
309 digits, this is extremely large => need to use new data
structure (operations on large integers)
Generate key pair:
 Choose two large enough primes p and q. Let N be the product of p
and q (N = pq).
 Choose an integer e such that e and (n) =(p-1)(q-1) are a pair of
co-prime.
 Choose an integer d such that ed = 1 mod (p-1)(q-1).
 PU is the combination (N, e), PR is the combination (N, d)
Encryption:
 C = Me mod N (M < N)
Decryption:
 M = Cd mod N
8
 Example

 Choose: p = 11, q = 3 => N = 33.

 (p-1)(q-1) = (11 – 1)(3 – 1) = 20
 Choose: e = 3 và d = 7
 PU (33, 3), PR = (33, 7)
 Encryption: M = 15 => C = 153 mod 33 = 9
 Decryption: M = 97 mod 33 = 15

9
 Mathematical foundations of RSA

 Fermat's theorem: if p is a prime number and a is a

positive number not divisible by p, then:
ap-1  1 (mod p)
 Other words:

ap  a (mod p)
Let prove?

10
 Euler function

 Euler function: Let n be a positive integer. The

function (n) determines the number of positive
integers less than n and co-prime to n.
Example: (9) = 6; (10) = 4
 Features: let p, q be two prime numbers and n = p.q,
then:
(n) = (p) . (q)

11
 Euler's theorem

 Let a and n be co-prime:

a(n)  1 (mod n)

 Other words:

a(n)+1  a (mod n)

12
 Improved speed of RSA

Powers on large numbers:

 [(a mod n) * (b mod n)] mod n = (a * b) mod n
 xy *xy = x2y và x*xy = xy+1
 Implement:
 Representing the exponent of a power as a binary number
 Split the binary exponent into multiple intermediate
exponents by adding bit by bit, starting from the first bit.
 Perform exponentiation modulo n with intermediate
exponents just created.

16
 Improved speed of RSA
 Example:
520 mod 35 = 95.367.431.640.625 mod 35 = 25

17
 Improved speed of RSA

 Choose public key e: the fewer number of

bit_1 e has, the fewer exponentiations, so to
speed up encryption, the commonly used e
values are 3, 17(24+1), 65537 (216+1),…
 Note: this can cause algorithmic
vulnerabilities, use the Chinese remainder
theorem (CRT)

18
 Improved speed of RSA
 The private key d needs to be large and highly
random. However, the larger d, the slower the
decryption. Use CRT to improve decryption speed
 Calculate the intermediate variables:
 Xp = q * (q-1 mod p) (Use the extended Euclid algorithm)
 Xq = p * (p-1 mod q)
 Having C, we then continue to calculate:
 Vp = Cd mod p (Use Fermat's theorem to calculate)
 Vq = Cd mod q
 Then, M = (VpXp + VqXq) mod N is the decrypting
result of C
19
 Improved speed of RSA
 Example: C=41, d=35, N=119, p=7, q=17
 Calculate the intermediate variables :
 X7 = 17 * (17-1 mod 7) = 17*5=85
 X17 = 7 * (7-1 mod 17) = 7*5 = 35
 Having C, we then continue to calculate:
 V7 = 4135 mod 7 = 4135 mod 6 mod 7 = 415 mod 7 = 6
 V17 = 4135 mod 17 = 4135 mod 16 mod 17= 413 mod 17 = 3
 Then, M = (V7X7 + V17X17) mod 119 =
(6*85+3*35) mod 119 = 20

20
 Improved speed of RSA
 Finding large and random primes: generate a
random number, check if the number is prime. If it
is prime, use it, if not, choose another random
number.
 Approximate method: choose an odd number n,
check if n is likely to be prime, if sure not then
drop n choose another number, otherwise, n can be
prime. Repeat this operation many times, then the
probability that n is prime can be up to 100%.
Miller-Rabin algorithm

21
 Security of RSA
 Theoretically, the RSA system can be attacked by the
following methods:
 Brute-force attack: tìm lần lượt khoá riêng PR d => Số lần thử ~ N>21000 không khả
thi, quá lớn
 Mathematical attack: xác định p và q bằng cách phân tích N thành tích của các thừa
số nguyên tố rồi từ đó xác định e và d. Bài toán phân tích thừa số, độ phúc tạp lớn =>
Không khả thi
 Timing attack: dựa trên thời gian thực thi của thuật toán giải mã.
 Chosen ciphertext attack: sử dụng các đọan thông tin mật (ciphertext) đặc biệt để
khôi phục thông tin gốc.

 However, in practice, the risk of attacking RSA

cryptosystems is very low, because RSA is a flexible
algorithm, the original data block size and key length can
be easily changed without affecting the encryption
22
algorithm.
 Comments on Public Key Cryptography
 Advantages over symmetric cryptography:
 Suitable in environments where many people are involved
 Key pair (PU, PR) can be used for a long time.
 The PU key has an owner, so it can be passed through it to
authenticate the owner => The public key cryptography is
used for authentication and digital signature creation.
 Disadvantages:
 PU, PR keys are usually large => slow speed => Public key
cryptography is usually suitable for encrypting small data
 Practical: Combination of Symmetric Cryptography and
Asymmetric Cryptography (e.g. PGP)
23
 Exercise RSA
 Exercise 1: p=7,q=17,e=11
Calculate public and private key pairs.
Encrypt the message M=20 and then decrypt?
 Exercise 2: p=17,q=31,e=7, M=12
 Exercise 3: p=5,q=11,e=7, M=26

24
 Diffie-Hellman algorithm

 It is a key exchange algorithm, used for key

distribution in symmetric cryptography algorithms.
 Based on discrete logarithm:
Given g and x = gk, => k = logg(x)
Given g, p and x = gk mod p, incalculable k!!!

25
 Operations of Diffie-Hellman

 Let p be a prime number and g be the generator that

satisfies all x  [1, 2, .., p-1], always finding n
satisfies x = gn mod p.
 p and g are publicly available
 User A generates the secret number Xa < p, calculate
Ya = (gXa mod p) and send to B. B also generate Xb
and Yb = (gXb mod p).
 Private key: KB=(Ya)Xbmod p and KA=(Yb)Xamod p
are both equal to (gXaXb mod p). So, A and B are
26
exchanged key successful
 Operations of Diffie-Hellman

27
 Operations of Diffie-Hellman

-Given p = 353, g = 3
-A choose Xa = 97, B choose Xb = 233
-A calculate Ya = 397 mod 353 = 40, send to B
-B calculate Yb = 3233 mod 353 = 248, send to A
-A confirm Ka = 24897mod 353 = 160
-B confirm Kb = 40233 mod 353 = 160
Ka = K b

28
 The security of the Diffie-Hellman
key exchange algorithm

 Diffie-Hellman's security is based on the

complexity of the discrete logarithm operation.
In general, determining the values Xa, Xb from
the values of p, g, Ya and Yb is not possible on
large enough integers.
 This algorithm does not prevent Man-In-The-
Middle (MITM) attacks because there is no
authentication mechanism between key
exchange entities.

29
 The security of the Diffie-Hellman
key exchange algorithm

 Man-In-The-Middle (MITM):

30
 Comments on Asymmetric Cryptography

 RSA can be attacked by brute-force attack,

mathematical attack, timing attack or a chosen
ciphertext attack.
 Diffie-Hellman can be attacked by the MITM (Man-
In-The-Middle)
 Asymmetric cryptography solved the key exchange
problem.
 Slow processing speed, suitable for short blocks of
information.
31