Professional Documents
Culture Documents
InfSec-4-Public Key Encryption
InfSec-4-Public Key Encryption
Chapter 04
Principle of Asymmetric Encryption
2
Applications of Asymmetric Cryptography
Information Encryption
Information Authentication
Key Exchange in Symmetric
Cryptography
3
Activities
Each user generates a key pair (PU, PR).
The user publishes the key PU to all other
users.
User A sends information to User B by
encrypting the block of information with
public key of B (PUB)
User B decrypts the information with its
own private key (PRB)
4
Application about Information Confidentiality
5
Application about Information Authentication
6
RSA Cryptography Algorithm
7
RSA Algorithm
RSA: block cipher, size 1024(2048), original information is
handled as integer => integer: 0-2^1024-1, equivalent to decimal
309 digits, this is extremely large => need to use new data
structure (operations on large integers)
Generate key pair:
Choose two large enough primes p and q. Let N be the product of p
and q (N = pq).
Choose an integer e such that e and (n) =(p-1)(q-1) are a pair of
co-prime.
Choose an integer d such that ed = 1 mod (p-1)(q-1).
PU is the combination (N, e), PR is the combination (N, d)
Encryption:
C = Me mod N (M < N)
Decryption:
M = Cd mod N
8
Example
9
Mathematical foundations of RSA
ap a (mod p)
Let prove?
10
Euler function
11
Euler's theorem
a(n) 1 (mod n)
Other words:
a(n)+1 a (mod n)
12
Improved speed of RSA
16
Improved speed of RSA
Example:
520 mod 35 = 95.367.431.640.625 mod 35 = 25
17
Improved speed of RSA
18
Improved speed of RSA
The private key d needs to be large and highly
random. However, the larger d, the slower the
decryption. Use CRT to improve decryption speed
Calculate the intermediate variables:
Xp = q * (q-1 mod p) (Use the extended Euclid algorithm)
Xq = p * (p-1 mod q)
Having C, we then continue to calculate:
Vp = Cd mod p (Use Fermat's theorem to calculate)
Vq = Cd mod q
Then, M = (VpXp + VqXq) mod N is the decrypting
result of C
19
Improved speed of RSA
Example: C=41, d=35, N=119, p=7, q=17
Calculate the intermediate variables :
X7 = 17 * (17-1 mod 7) = 17*5=85
X17 = 7 * (7-1 mod 17) = 7*5 = 35
Having C, we then continue to calculate:
V7 = 4135 mod 7 = 4135 mod 6 mod 7 = 415 mod 7 = 6
V17 = 4135 mod 17 = 4135 mod 16 mod 17= 413 mod 17 = 3
Then, M = (V7X7 + V17X17) mod 119 =
(6*85+3*35) mod 119 = 20
20
Improved speed of RSA
Finding large and random primes: generate a
random number, check if the number is prime. If it
is prime, use it, if not, choose another random
number.
Approximate method: choose an odd number n,
check if n is likely to be prime, if sure not then
drop n choose another number, otherwise, n can be
prime. Repeat this operation many times, then the
probability that n is prime can be up to 100%.
Miller-Rabin algorithm
21
Security of RSA
Theoretically, the RSA system can be attacked by the
following methods:
Brute-force attack: tìm lần lượt khoá riêng PR d => Số lần thử ~ N>21000 không khả
thi, quá lớn
Mathematical attack: xác định p và q bằng cách phân tích N thành tích của các thừa
số nguyên tố rồi từ đó xác định e và d. Bài toán phân tích thừa số, độ phúc tạp lớn =>
Không khả thi
Timing attack: dựa trên thời gian thực thi của thuật toán giải mã.
Chosen ciphertext attack: sử dụng các đọan thông tin mật (ciphertext) đặc biệt để
khôi phục thông tin gốc.
24
Diffie-Hellman algorithm
25
Operations of Diffie-Hellman
27
Operations of Diffie-Hellman
-Given p = 353, g = 3
-A choose Xa = 97, B choose Xb = 233
-A calculate Ya = 397 mod 353 = 40, send to B
-B calculate Yb = 3233 mod 353 = 248, send to A
-A confirm Ka = 24897mod 353 = 160
-B confirm Kb = 40233 mod 353 = 160
Ka = K b
28
The security of the Diffie-Hellman
key exchange algorithm
29
The security of the Diffie-Hellman
key exchange algorithm
Man-In-The-Middle (MITM):
30
Comments on Asymmetric Cryptography