1 / 29

Public Key Algorithms RSA, ElGamal, Elliptic Curve Cryptosystem Key Exchange

Public Key Algorithms RSA, ElGamal, Elliptic Curve Cryptosystem Key Exchange. Public Key Systems. Public Key systems are also known as asymmetric key ciphers They are usually based on number theory rather than substitution or permutation operations

tayten
Download Presentation

Public Key Algorithms RSA, ElGamal, Elliptic Curve Cryptosystem Key Exchange

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Public Key AlgorithmsRSA, ElGamal,Elliptic Curve CryptosystemKey Exchange

  2. Public Key Systems • Public Key systems are also known as asymmetric key ciphers • They are usually based on number theory rather than substitution or permutation operations • There are two different keys: one for encryption and one for decryption • Actually one for disclosure, one to keep secret • Public key, private key • Knowing one key can not compromise the other

  3. Public Key Process • One problem with a single key system involves the distribution of the key • Everyone who should have access to the plaintext needs to have a copy of the key • All it takes is for one person to expose the key and the security of all messages is lost • In a two key system, the encryption key can be made public while the decryption key remains secret

  4. Private key Public key PK Cipher PK Cipher plaintext plaintext Alice Bob Public Key Transaction • Say Alice wants to send a message to Bob using a public key algorithm Bob uses his private key Alice looks up Bob's public key

  5. Public Key Requirements • Easy to generate both public and private keys • Easy to encrypt and decrypt • Hard to compute the private key from the public key • Hard to compute the plaintext from the ciphertext and the public key • Useful if encryption and decryption can be applied in any order • Cypher text same size as plain text • So either key can encrypt • Why?

  6. Data spaces • Suppose plain text and cypher text are the same size • There are the same number of plain text messages as cypher text messages • Eg, if text were 8 bits long • 256 plain text messages • 256 cyper text messages (the same 256) • So every message is a cypher text for some other plain text message • And every message is a plain text for some other cypher text message • Just think of encryption as transforming one message into some other message • decryption with the other key transforms it back • Doesn't matter which key is used first

  7. RSA Cipher • Named after 3 researchers at MIT who developed the cipher: Rivest-Shamir-Adleman Cipher • PROCESS • Select two 100 digit (or more) prime numbers, p and q • Multiply them to obtain n = pq • publish n • select another number d which is relative prime to (p-1)(q-1) • calculate e so that • ed mod (p-1)(q-1) is 1 • publish e but keep p, q, and d secret

  8. RSA Operation • The encryption process for RSA involves • divide the message into blocks such that the bit string can be viewed as a 200 digit number - call this block m • compute and send c = m**e mod(n) • remember e and n are public keys (so anyone can do this) • The decryption process for RSA involves • compute c**d mod n • this works because ... • remember d is private and remains private because to find d you must discover p and q but the only way to do that is to factor n

  9. RSA Performance • Key Generation is slow • Ciphertext generation is about 1000 times slower than 3DES, or AES • Sometimes, RSA is used to protect session keys which are used with a symetric key algorithm

  10. Breaking RSA • There are a several attacks that can be made on RSA • The most obvious is to factor the public key • To decrypt RSA you must know the private key d • d was selected so that ed mod (p-1)(q-1) = 1where e is given as part of the public key • If p and q are known, then d can be calculated • p and q are known only if n can be factored

  11. RSA Challenge • In December 1977, the challenge was given to break RSA-129 where: n (RSA-129) = 1 1438 1625 7578 8886 7669 2357 7997 6146 6120 1021 8296 7212 4236 2562 5618 4293 5706 9352 4573 3897 8305 9712 3563 9587 0505 8989 0751 4759 9290 0268 7954 3541 e = 9007 The best known algorithm at the time would have required 40,000 trillion years if multiplications of 129 digit numbers could run as fast as 1 ns

  12. Challenge Met • It only took 17 years Derek Atkins (April 1994): We are happy to announce that RSA-129 = 3490 5295 1084 7650 9491 4784 9619 9038 9813 3417 7646 3849 3387 8439 9082 0577 * 3 2769 1329 9326 6709 5499 6198 8190 8344 6141 3177 6429 6799 2942 5397 9828 8533

  13. Process • When: August 1993 - 1 April 1994, 8 months • Who: D. Atkins, M. Graff, A. K. Lenstra, P. Leyland • + 600 volunteers from the entire world • How: 1600 computers • from Cray C90, through 16 MHz PC, to fax machines Now, RSA-155 has been broken as well, so the newstandard for keys is 231 digits

  14. ElGamal Public Key System • RSA depends on the difficulty of factoring large numbers for its security. • There are other public key systems that depend on the difficulty of other kinds of operations for their security. • Among these is the ElGamal cipher developed in 1985 by T. ElGamal. • It relies on the difficulty of solving the discrete logarithm problem.

  15. Elliptic Curve Algorithm • In 1985 both Koblitz and Miller independently suggested the use of Elliptic Curves in the development of a new type of public key cipher. • An Elliptic Curve is a simple equation of the form: • Where p is a prime number and 4a3 + 27b2 <> 0. • The only points on the curve that are of interest as those with integer coordinates which can be combined in the form of an addition operation y2 = x3 + ax + b (mod p)

  16. Q P P+Q Elliptic Curve Addition • The addition operator on elliptic curves begins with two points, P and Q. • The line through those points intercepts the curve at a third point • the sum of P and Q is defined as the reflection of their intercept point across the x-axis.

  17. P+P = 2P P Multiples in Elliptic Curves • For cryptographers, the real interest in Elliptic Curve Addition is the process of adding a point to itself. • That is given a point P find the point P+P or 2P. • This is done by drawing a line tangent to P and reflecting the point at which it intercepts the curve • P can be added to itself k times resulting in a point W = kP.

  18. DSA • Digital Signature Algorithm • United States Federal Government standard • Adopted 1993 • Not proprietary • U.S. Patent 5,231,668, filed July 26, 1991 by David W. Kravitz, a NSA employee • Given to US gov't • NIST makes available royalty free

  19. DSA math • Choose a hash function • Decide on a key length L and N. • Choose an N-bit prime q <= digest length • Choose an L-bit prime modulus p so p-1 is multiple of q • Choose g, a number whose multiplicative order modulo p is q • A few more steps and we have generated a key

  20. Lamport MQV NTRUEncrypt NTRUSign Paillier Rabin RSA Schnorr SPEKE Public Key Algorithms • CEILIDH • Cramer-Shoup • DH • DSA • ECDH • ECDSA • EKE • ElGamal encryption • ElGamal signature scheme • GMR • IES • SRP • XTR

  21. Key Exchange

  22. Key Exchange • Since public key algorithms tend to be slow, they are often used to securely transmit keys for faster block ciphers • However, there are protocols other than public key systems for agreeing on a common block key. • One of the key exchange methods is called the Diffie-Hellman Key Exchange system

  23. Diffie-Hellman Key Exchange • Bob and Alice want to agree on a secure key without meeting in person so they decide to use the Diffie-Hellman protocol • First they agree on two numbers: • p - a large prime number • g - a random number less than p • Both p and g are public so they can select them over an insecure channel • Alice selects a secret random number, a and sends Bob the value g**a mod p • At the same time Bob selects a secret random number, b and sends the value g**b mod p to Alice

  24. Diffie-Hellman Key Exchange (g**b mod p)**a mod p = k • Alice uses her secret number and the value Bob sent her to calculate: • Bob uses his secret number and the value Alice sent him to calculate: • They both end up with the same number, k • This is their common key (g**a mod p)**b mod p = k

  25. Observations • Neither Bob nor Alice have any idea what the final key will be • Neither Bob nor Alice shares their secret number with each other • Eve can have access to g, p, and the values ga mod p and gb mod p • The only way she can find k is to solve for both a and b which is equivalent to the discrete logarithm problem

  26. Example • If Alice and Bob agree on the values: p=23, g=5 • then Alice selects the secret value a = 6 and sends Bob the value A = 5**6 mod 23 = 8 • While Bob selects the secret value b = 15 and sends Alice the value B = 5**15 mod 23 = 19 • They both calculate the common key: s = 19**6 mod 23 = 8**15 mod 23 = 2

  27. Attacking Diffie-Hellman • The Diffie-Hellman scheme is only secure if the public numbers are large. • Even when large numbers are selected, the scheme is subject to a Man-in-the-Middle attack. • The problem is that since Alice and Bob are only communicating across an insecure channel how do they know who is really on the other end? • How does Alice know that Bob is the one that sent her the value gb mod p? • If Eve is able to intercept the messages between Bob and Alice, she can set up two key exchanges, one with Alice and the other with Bob in a way that both Alice and Bob think they have a joint key

  28. MIM attack on DH Bob Diffie Hellman exchange produces key1 Encryption uses key1 Eve Bob and Alice don't know they are using different keys Alice Diffie Hellman Exchange produces key2 Encryption uses key2

  29. Next Week's Lab • SSL • Using the openssl crypto library to set up a CA and sign certificate requests

More Related