Scribd Logo
Upload

Welcome to Scribd!

  • 10 views

    TTDT - 05 EPayment Security II

    Uploaded by

    Phương Trần Thị Anh
    The document discusses public-key cryptography and the RSA algorithm. It explains how RSA uses the fact that multiplying two large prime numbers is easy but factoring their product is computationally infeasible. The document also warns that cryptosystems can be insecure if protocols are not carefully followed, such as by reusing a message encrypted under different public keys with a common modulus.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    TTDT - 05 EPayment Security II

    Uploaded by

    Phương Trần Thị Anh
    10 views13 pages
    The document discusses public-key cryptography and the RSA algorithm. It explains how RSA uses the fact that multiplying two large prime numbers is easy but factoring their product is computationally infeasible. The document also warns that cryptosystems can be insecure if protocols are not carefully followed, such as by reusing a message encrypted under different public keys with a common modulus.

    Original Description:

    Original Title

    TTDT_05 EPayment Security II

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses public-key cryptography and the RSA algorithm. It explains how RSA uses the fact that multiplying two large prime numbers is easy but factoring their product is computationally infeasible. The document also warns that cryptosystems can be insecure if protocols are not carefully followed, such as by reusing a message encrypted under different public keys with a common modulus.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    10 views13 pages

    TTDT - 05 EPayment Security II

    Uploaded by

    Phương Trần Thị Anh
    The document discusses public-key cryptography and the RSA algorithm. It explains how RSA uses the fact that multiplying two large prime numbers is easy but factoring their product is computationally infeasible. The document also warns that cryptosystems can be insecure if protocols are not carefully followed, such as by reusing a message encrypted under different public keys with a common modulus.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    of 13

    Chương 5: ePayment Security II

    Outline
     Mã hóa khóa công cộng (Public-key
    Cryptography).
     One-way trapdoor functions
     RSA
     Protocol Failure
    Public Key Encryption
    Clear-text Input Cipher-text Clear-text Output
    “The quick “The quick
    brown fox “Py75c%bn&*)9| brown fox
    jumps over fDe^bDFaq#xzjFr@g jumps over
    the lazy 5=&nmdFg$5knvMd’r the lazy
    dog” kvegMs” dog”

    Encryption Decryption

    public privat
    Different but e
    Recipient’s mathematically Recipient’s
    public key linked keys private key

    SOURCE: ALBERTO PACE


    One-Way Trapdoor Function
     A function that is easy to compute
     Computationally difficult to invert without knowing the
    secret (the “trapdoor”)
     Easy to invert with the secret
     Example: f x (y) = x • y
     Given f x (y), it is difficult to find either x or y
     Given f x (y) and x (the secret), it is easy to find y:
    y = x•y / x
     ANY one-way trapdoor function can be used in
    public-key cryptography.
    Trapdoor Functions for Cryptogrpahy
     Alice wants to send message m to Bob
     Bob’s public key e is a parameter to the trapdoor function
    fe(x)
     The inverse fe -1(y) is easy to compute knowing Bob’s private
    key d but difficult without d
     Alice computes fe(m), sends it to Bob
     Bob computes fe -1(fe(m)) = m (easy if d is known)
     Eavesdropper Eve can’t compute m = fe -1(fe(m)) without the
    trapdoor d to find the inverse fe -1
     Symmetric encryption satisfies the trapdoor criteria except
    that e and d are the same, so neither can be made public
    Rivest-Shamir-Adelman (RSA)
     It is easy to multiply two numbers but apparently hard
    to factor a number into a product of two others.
     Given p, q, it is easy to compute n = p • q
     Example: p = 5453089; q = 3918067
     Easy to find n = 21365568058963
     Given n, hard to find two numbers p, q with p • q = n
     Now suppose n = 7859112349338149
    What are p and q such that p • q = n ?
     Multiplication is a one-way function
     RSA exploits this fact in public-key encryption
    RSA Encryption
     Select two large prime numbers p, q (e.g. 1024 bits)
     Let n = p • q
     Choose a small odd integer e that does not divide
    m = (p - 1)(q - 1). Then find x with x(p-1)(q-1) = 1 (mod n)
     Compute d = e-1(mod m)
     That is, d • e gives remainder 1 when divided by m
     Then xe •d = x (mod n) (by Fermat’s “Little” Theorem)
     Public key is the pair (e, n)
     Private key is the pair (d, n)
     d cannot be calculated quickly from (e, n)
    Still need p and q, which involves factoring n
    RSA Encryption
     Message M is a number

     To encrypt message M using key (e, n):


     Compute E(M) = M e (mod n)

     To decrypt message E(M) using key (d, n):


     Compute D(E(M)) = E(M) d (mod n)

     Note that D(E(M)) = E(D(M)) = (M e)d (mod n)


    = M e•d (mod n) = M
    because e • d = 1 (mod m) and m = (p-1)(q-1)
    Protocol Failure
     A “secure” cryptosystem is not secure if used carelessly
     Protocols must be followed carefully or a “protocol failure”
    occurs
     Example: “common modulus” failure
     Bob and Carol have the same public-key modulus n with
    encryption exponents eBOB and eCAROL having no common factor
     Alice sends the same plaintext M to both Bob and Carol
     Bob gets yBOB = MeBOB mod n
     Carol gets yCAROL = MeCAROL mod n
     If Eve intercepts both, she can read the message
     WARNING: NEVER SEND THE SAME MESSAGE TWICE!
    Protocol Failure
    KNOWN QUANTITIES:
    n
    eBOB
     Eve computes:
    eCAROL
    c1 = eBOB
    -1
    (mod eCAROL ) yBOB
    yCAROL
    c2 = ((c1 eBOB) - 1 )/ eCAROL
    M = yBOBc1 ( yCAROLc2 )-1 (mod n)
    = (MeBOB)c1 ((MeCAROL)c2)-1 (mod n)
    = (MeBOB)c1 ((MeCAROL)(c1(eBOB)-1)/eCAROL)-1 (mod n)
    = (MeBOB)c1 (M(c1eBOB-1))-1 (mod n)
    = M (Mc1(eBOB)-1)) (M( c1(eBOB)-1))-1 (mod n)
    = M mod n
     So Eve recovers the original message!
    Major Ideas
     Any one-way trapdoor function can be used as
    the basis of a public-key cryptosystem
     Public-key encryption is slow because of the
    need to work with huge numbers (~2000 bits)
     Cryptosystems can be insecure if not used
    properly
     Elliptic curve cryptography allows high security
    with small key sizes
    Câu hỏi:
     Chữ ký số có thể dùng trong phương pháp
    bảo mật nào để đảm bảo an toàn trong thanh
    toán điện tử? Nêu từng phương pháp và giải
    thích cụ thể?
     Hiện nay có bao nhiêu nhà cung cấp dịch vụ
    chữ ký số tại Việt Nam và chữ ký số của nhà
    cung cấp nào là tốt?
    Q&A

    You might also like