1 / 169

1.69k likes | 1.7k Views

This book covers the practical aspects of modern cryptography including public-key history, one-way functions, Diffie-Hellman key exchange, RSA encryption system, and RSA digital signature mechanism.

Download Presentation
## Practical Aspects of Modern Cryptography

**An Image/Link below is provided (as is) to download presentation**
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.
Content is provided to you AS IS for your information and personal use only.
Download presentation by click this link.
While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

**Practical Aspects of Modern Cryptography**Josh Benaloh Brian LaMacchia John Manferdelli**Public-Key History**• 1976 New Directions in Cryptography Whit Diffie and Marty Hellman • One-Way functions • Diffie-Hellman Key Exchange • 1978 RSA paper Ron Rivest, Adi Shamir, and Len Adleman • RSA Encryption System • RSA Digital Signature Mechanism Practical Aspects of Modern Cryptography**The Fundamental Equation**Z=YXmod N Practical Aspects of Modern Cryptography**Diffie-Hellman**Z=YXmod N When X is unknown, the problem is known as the discrete logarithm and is generally believed to be hard to solve. Practical Aspects of Modern Cryptography**Alice**Randomly select a large integer aand send A = Ya mod N. Compute the key K =Bamod N. Bob Randomly select a large integer band send B = Yb mod N. Compute the key K =Ab mod N. Diffie-Hellman Key Exchange Ba = Yba = Yab = Ab Practical Aspects of Modern Cryptography**One-Way Trap-Door Functions**Z=YXmod N Recall that this equation is solvable for Y if the factorization of N is known, but is believed to be hard otherwise. Practical Aspects of Modern Cryptography**Alice**Select two large random primes P & Q. Publish the product N=PQ. Use knowledge of P & Q to compute Y. Anyone To send message Y to Alice, compute Z=YX mod N. Send Z and X to Alice. RSA Public-Key Cryptosystem Practical Aspects of Modern Cryptography**Some RSA Details**When N=PQ is the product of distinct primes, YX mod N = Y whenever X mod (P-1)(Q-1) = 1 and 0 YN. Alice can easily select integers E and D such that E•D mod (P-1)(Q-1) = 1. Practical Aspects of Modern Cryptography**Remaining RSA Basics**• Why is YX mod PQ = Ywhenever X mod (P-1)(Q-1) = 1, 0 YPQ, and P and Q are distinct primes? • How can Alice can select integers E and D such that E•D mod (P-1)(Q-1) = 1? Practical Aspects of Modern Cryptography**Fermat’s Little Theorem**If p is prime, then x p-1 mod p = 1 for all 0 < x < p. Equivalently … If p is prime, then x p mod p = xmod p for all integers x. Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**The Binomial Theorem (x + y) p = x p + ( )x p-1y + … + ( )xy p-1 + y p where ( )= p 1 p p–1 p i p! i!(p – i)! Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**The Binomial Theorem (x + y) p = x p + ( )x p-1y + … + ( )xy p-1 + y p where ( )= If p is prime, then ( )mod p = 0 for 0 < i < p. p 1 p p–1 p i p! i!(p – i)! p i Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**The Binomial Theorem (x + y) p = x p + ( )x p-1y + … + ( )xy p-1 + y p where ( )= If p is prime, then ( )mod p = 0 for 0 < i < p. Thus, (x + y) p mod p = (x p + y p) mod p. p 1 p p–1 p i p! i!(p – i)! p i Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**By induction on x… Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**By induction on x… Basis Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**By induction on x… Basis If x = 0, then x p mod p = 0 = x mod p. Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**By induction on x… Basis If x = 0, then x p mod p = 0 = x mod p. If x = 1, then x p mod p = 1 = x mod p. Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**Inductive Step Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**Inductive Step Assume that x p mod p = x mod p. Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**Inductive Step Assume that x p mod p = x mod p. Then (x + 1) p mod p = (x p + 1p) mod p Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**Inductive Step Assume that x p mod p = x mod p. Then (x + 1) p mod p = (x p + 1p) mod p = (x + 1) mod p. Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**Inductive Step Assume that x p mod p = x mod p. Then (x + 1) p mod p = (x p + 1p) mod p = (x + 1) mod p. Hence, x p mod p = x mod p for integers x ≥ 0. Practical Aspects of Modern Cryptography**Proof of Fermat’s Little Theorem**Inductive Step Assume that x p mod p = x mod p. Then (x + 1) p mod p = (x p + 1p) mod p = (x + 1) mod p. Hence, x p mod p = x mod p for integers x ≥ 0. Also true for negative x, since (-x) p = (-1) px p. Practical Aspects of Modern Cryptography**Proof of RSA**Practical Aspects of Modern Cryptography**Proof of RSA**We have shown … Practical Aspects of Modern Cryptography**Proof of RSA**We have shown … YP mod P = Y whenever 0 ≤ Y < P Practical Aspects of Modern Cryptography**Proof of RSA**We have shown … YP mod P = Y whenever 0 ≤ Y < P and P is prime! Practical Aspects of Modern Cryptography**Proof of RSA**We have shown … YP mod P = Y whenever 0 ≤ Y < P and P is prime! You will show … Practical Aspects of Modern Cryptography**Proof of RSA**We have shown … YP mod P = Y whenever 0 ≤ Y < P and P is prime! You will show … YK(P-1)(Q-1)+1 mod PQ = Y when 0 ≤ Y < PQ Practical Aspects of Modern Cryptography**Proof of RSA**We have shown … YP mod P = Y whenever 0 ≤ Y < P and P is prime! You will show … YK(P-1)(Q-1)+1 mod PQ = Y when 0 ≤ Y < PQ P and Q are distinct primes and K ≥ 0. Practical Aspects of Modern Cryptography**Finding Primes**Practical Aspects of Modern Cryptography**Finding Primes**Euclid’s proof of the infinity of primes Practical Aspects of Modern Cryptography**Finding Primes**Euclid’s proof of the infinity of primes • Suppose that the set of all primes were finite. Practical Aspects of Modern Cryptography**Finding Primes**Euclid’s proof of the infinity of primes • Suppose that the set of all primes were finite. • Let N be the product of all of the primes. Practical Aspects of Modern Cryptography**Finding Primes**Euclid’s proof of the infinity of primes • Suppose that the set of all primes were finite. • Let N be the product of all of the primes. • Consider N+1. Practical Aspects of Modern Cryptography**Finding Primes**Euclid’s proof of the infinity of primes • Suppose that the set of all primes were finite. • Let N be the product of all of the primes. • Consider N+1. • The prime factors of N+1 are not among the finite set of primes multiplied to form N. Practical Aspects of Modern Cryptography**Finding Primes**Euclid’s proof of the infinity of primes • Suppose that the set of all primes were finite. • Let N be the product of all of the primes. • Consider N+1. • The prime factors of N+1 are not among the finite set of primes multiplied to form N. • This contradicts the assumption that the set of all primes is finite. Practical Aspects of Modern Cryptography**The Prime Number Theorem**Practical Aspects of Modern Cryptography**The Prime Number Theorem**The number of primes less than N is approximately N/(ln N). Practical Aspects of Modern Cryptography**The Prime Number Theorem**The number of primes less than N is approximately N/(ln N). Thus, approximately 1 out of every n randomly selected n-bit integers will be prime. Practical Aspects of Modern Cryptography**Testing Primality**Recall Fermat’s Little Theorem If p is prime, then a(p-1) mod p = 1 for all a in the range 0 < a < p. Practical Aspects of Modern Cryptography**The Miller-Rabin Primality Test**Practical Aspects of Modern Cryptography**The Miller-Rabin Primality Test**To test an integer N for primality, write N–1 as N–1 = m2k where m is odd. Practical Aspects of Modern Cryptography**The Miller-Rabin Primality Test**To test an integer N for primality, write N–1 as N–1 = m2k where m is odd. Repeat several (many) times Practical Aspects of Modern Cryptography**The Miller-Rabin Primality Test**To test an integer N for primality, write N–1 as N–1 = m2k where m is odd. Repeat several (many) times • Select a random a in 1 < a < N–1 Practical Aspects of Modern Cryptography**The Miller-Rabin Primality Test**To test an integer N for primality, write N–1 as N–1 = m2k where m is odd. Repeat several (many) times • Select a random a in 1 < a < N–1 • Compute am, a2m, a4m, …, a(N–1)/2 all mod N. Practical Aspects of Modern Cryptography**The Miller-Rabin Primality Test**To test an integer N for primality, write N–1 as N–1 = m2k where m is odd. Repeat several (many) times • Select a random a in 1 < a < N–1 • Compute am, a2m, a4m, …, a(N–1)/2 all mod N. • If am = ±1 or if some a2im = -1, then N is probably prime – continue. Practical Aspects of Modern Cryptography**The Miller-Rabin Primality Test**To test an integer N for primality, write N–1 as N–1 = m2k where m is odd. Repeat several (many) times • Select a random a in 1 < a < N–1 • Compute am, a2m, a4m, …, a(N–1)/2 all mod N. • If am = ±1 or if some a2im = -1, then N is probably prime – continue. • Otherwise, N is composite – stop. Practical Aspects of Modern Cryptography

More Related