public key cryptography rsa diffie hellman key management based on slides by dr. lawrie brown of the...
Post on 22-Dec-2015
222 Views
Preview:
TRANSCRIPT
Public Key Cryptography
RSA
Diffie Hellman
Key Management
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Public-Key Cryptography Principles
• The use of two keys has consequences in: key distribution, confidentiality and authentication.
• The scheme has six ingredients– Plaintext– Encryption algorithm– Public and private key– Ciphertext– Decryption algorithm
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Encryption using Public-Key system
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Authentication using Public-Key System
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Applications for Public-Key Cryptosystems
• Three categories:– Encryption/decryption: The sender encrypts
a message with the recipient’s public key.– Digital signature: The sender ”signs” a
message with its private key.– Key exchange: Two sides cooperate to
exhange a session key.
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Requirements for Public Key Cryptography
1. Computationally easy for a party B to generate a pair (public key KUb, private key KRb)
2. Easy for sender to generate ciphertext:
3. Easy for the receiver to decrypt ciphertect using private key:
)]([)( MEDCDM KUbKRbKRb Based on slides by Dr. Lawrie Brown of the Australian Defence
Force Academy, University College, UNSW
Requirements for Public Key Cryptography
4. Computationally infeasible to determine private key (KRb) knowing public key (KUb)
5. Computationally infeasible to recover message M, knowing KUb and ciphertext C
6. Either of the two keys can be used for encryption, with the other used for decryption:
)]([)]([ MEDMEDM KRbKUbKUbKRb
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Public Key Algorithms- RSA
• RSA (1977, Ron Rivest, Adi Shamir and Len Adleman), MIT
• Most popular and widely implemented• Block cipher• Plain text and cipher text are integers between 0
and (n-1) for some n• Based on factorising large integers
– C = Me mod n – M = Cd mod n
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Public key Algorithms- RSA
• Both sender and receiver know n and e
• Only receiver knows d
• Public key = {e,n}
• Private key = {d,n}
• Requirements– Should be possible to find e, d, n such that
Med = M mod n for all M < n
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Requirements continued…
• Easy to calculate Me and Cd for all M < n
• Infeasible to determine d, given e and n
• First two requirements are easy.
• Third one is also possible if e, n are large
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
The RSA Algorithm – Key Generation
1. Select p,q p and q both prime
2. Calculate n = p x q3. Calculate temp = (p-1)(q-1)4. Select integer e 1 < e < temp and
relatively prime5. Calculate d de mod (temp) = 1
6. Public Key KU = {e,n}
7. Private key KR = {d,n}
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Example of RSA AlgorithmExample of RSA Algorithm
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Another Public Key AlgorithmDiffie-Hellman
• Used for key exchange
• First introduced by Diffie-Hellman in 1976
• Like RSA, uses athematical functions (rather than simple operations on bit patterns as in DES)
• Effective because of the difficulty in computing discrete logarithms
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Diffie-Hellman basics
Alice Bob
Pick secret, random X
Pick secret, random Y
gy mod p
gx mod p
Compute k=(gy)x=gxy mod p
Compute k=(gx)y=gxy mod p
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Diffie-Hellman Key EchangeDiffie-Hellman Key Echange
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Other Public-Key Cryptographic Algorithms
• Digital Signature Standard (DSS)– Makes use of the SHA-1– Not for encryption or key echange
• Elliptic-Curve Cryptography (ECC)– Good for smaller bit size– Low confidence level, compared with RSA– Very complex
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Digital signatures
• A digital signature is an encryption of a document with the creator’s private key
• It is attached to a document that validates the creator of the document
• Any one can validate it by decrypting the signature with the claimed creator’s public key
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Some Misconceptions
• Some misconceptions, corrected– Public key cryptography is NOT more secure
than symmetric key– Public key cryptography does NOT Makes
symmetric key obsolete– Central agent is needed for both public key
and conventional cryptography
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Alternatively…. Digital signatures on hashes
• A more efficient way for a digital signature is by creating an authenticator of the document first (a hash)
• Then sign the hash (i.e. encrypt the hash using private key)
• If M is the message (or document) and Alice wants Bob to be certain that M is from her.
• M is not confidential
– H = Hash(M) – Authenticator = EKRA
• i.e. encrypting H with Alice’s private key
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Digital Signatures: The basic idea
? private key
public key
public key
Alice Bob
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Key management
• Distribution of public keys– Well, what’s the issue? – Can’t we just trust Mallory if she claims a key
as her public key?
? private key
public key
public key
Alice Bob
Mallory
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Public keys to exchange secret keys
• Using public-keys to exchange secret keys– why exchange secret keys?– aren’t public keys sufficient?
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Authenticity of public keys
?
Problem: How does Alice know that the public key she received is really Bob’s public key?
private key
AliceBob
public key
Bob’s key
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
Public-key certificates
• Anyone can forge public-keys
• Therefore, use public-key certificates
• A public-key certificate is a public-key that was signed by a trusted third party (called a certificate authority or CA)
• See figure on next slide
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
top related