PUBLIC KEY CRYPTOGRAPHY ALGORITHM

1. PUBLIC KEY CRYPTOGRAPHY ALGORITHM Concept and Example IT352 | Network Security |Najwa AlGhamdi

2. RSA • It’s a block cipher algorithm. • Plain text and cipher text are integer between 0 to n-1 for some n. • RSA algorithm involve the following operations • Key Generation. • Encryption/Decryption IT352 | Network Security |Najwa AlGhamdi

3. RSA - Key Generation • Each user generates a public/private key pair by: • selecting two large primes at random: p, q & p<> q • computing their system modulus n=p.q • Calculate ø(n)=(p-1)(q-1) • ø(n) is Euler Totient : عدد الأرقام الموجبة التي اقل من n والقاسم المشترك بينها هو 1 . • selecting at random the encryption key e • where 1<e<ø(n), gcd(e,ø(n))=1 • solve following equation to find decryption key d • e.d mod ø(n) = 1 and 0≤d≤n • publish their public encryption key: PU={e,n} • keep secret private decryption key: PR={d,n} IT352 | Network Security |Najwa AlGhamdi

4. RSA – Encryption/ Decryption • to encrypt a message M the sender: • obtains public key of recipient PU={e,n} • computes: C = Me mod n, where 0≤M<n • to decrypt the ciphertext C the owner: • uses their private key PR={d,n} • computes: M = Cd mod n • Both Sender and Receiver know the value of n, e. • Only receiver knows d. IT352 | Network Security |Najwa AlGhamdi

5. Example • Plain Text =88; IT352 | Network Security |Najwa AlGhamdi

6. Example • Plain Text =88; • sample RSA encryption/decryption is: • given message M = 88 (nb. 88<187) • encryption: C = 887 mod 187 = 11 • decryption: M = 1123 mod 187 = 88 IT352 | Network Security |Najwa AlGhamdi

7. Diffie-Hellman Key Exchange • The purpose is to share a secrete key securely and use it in the encryption. • Diffie- Hellman is using discrete logarithm IT352 | Network Security |Najwa AlGhamdi

8. Diffie-Hellman Key Exchange: Discrete Logarithm • Primitive root of a prime number p is a number whose power generate all integers from 1 to p-1 . • A mod p , a^2 mod p , a ^3 mod p .. Contain all numbers from 1 to p-1 • Example : p = 7 , then a = 3 IT352 | Network Security |Najwa AlGhamdi

9. 2. Diffie Hellman Setup 1. all users agree on global parameters: • large prime integer q • a being a primitive root mod q 2. each user generates their key • User A • chooses a secret key (number): xA < q • compute their public key: yA = axA mod q • User B • chooses a secret key (number): xB< q • compute their public key: yB= axBmod q IT352 | Network Security |Najwa AlGhamdi

10. 2. Diffie Hellman Setup 3. Generation of Secret Key User A : K = (yB)xAmod q User B : K = (yA)xBmod q IT352 | Network Security |Najwa AlGhamdi

11. 2. Diffie Hellman Key Exchange • shared session key for users A & B is KAB: KAB = yAxB mod q (which B can compute) = yBxA mod q (which A can compute) • KAB is used as session key in private-key encryption scheme between Alice and Bob • if Alice and Bob subsequently communicate, they will have the same key as before, unless they choose new public-keys yA A B yB IT352 | Network Security |Najwa AlGhamdi

12. Man in the Middle Attack • Darth prepares by creating two private / public keys • Alice transmits her public key to Bob • Darth intercepts this and transmits his first public key to Bob. Darth also calculates a shared key with Alice • Bob receives the public key and calculates the shared key (with Darth instead of Alice) • Bob transmits his public key to Alice • Darth intercepts this and transmits his second public key to Alice. Darth calculates a shared key with Bob • Alice receives the key and calculates the shared key (with Darth instead of Bob) • Darth can then intercept, decrypt, re-encrypt, forward all messages between Alice & Bob IT352 | Network Security |Najwa AlGhamdi