![Page 1: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/1.jpg)
Public Key EncryptionPublic Key Encryption
CS432 – Security in Computing
Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University
![Page 2: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/2.jpg)
Section OverviewSection Overview
Symmetric Key distribution issuesSymmetric Key distribution issues
Public Key encryptionPublic Key encryption
Digital Signatures and HashesDigital Signatures and Hashes
Key ManagementKey Management
![Page 3: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/3.jpg)
ReferencesReferences Security in Computing, 3Security in Computing, 3rdrd Ed. Ed.
Chapter 2 (pgs. 73-88)Chapter 2 (pgs. 73-88) Chapter 10 (pgs. 637-642; 666-682)Chapter 10 (pgs. 637-642; 666-682)
Online ResourcesOnline Resources Why Johnny Can't Encrypt: A Usability EvWhy Johnny Can't Encrypt: A Usability Ev
aluation of PGP 5.0aluation of PGP 5.0, Alma Whitten, Carnegie Mellon , Alma Whitten, Carnegie Mellon UniversityUniversity
![Page 4: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/4.jpg)
Shared Secret Key Shared Secret Key EncryptionEncryption
AliceAlice BobBob
CharlieCharlie ScottScott
• How does Alice distribute the key?How does Alice distribute the key?
• What happens if Scott leaves?What happens if Scott leaves?
![Page 5: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/5.jpg)
Secret Key PairsSecret Key PairsAliceAlice BobBob
CharlieCharlie ScottScott
# of Keys = n * (n – 1)/2# of Keys = n * (n – 1)/2Where n is the # of usersWhere n is the # of users
![Page 6: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/6.jpg)
Public-Key EncryptionPublic-Key Encryption
------------------------------------------------------------------------------------
EncryptionEncryption
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
------------------------------------------------------------------------------------
DecryptionDecryption
Recipient’sRecipient’sPublic KeyPublic Key
Recipient’sRecipient’sPrivate KeyPrivate Key
PlaintextPlaintext PlaintextPlaintextCiphertextCiphertext
![Page 7: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/7.jpg)
PKE Algorithm ComponentsPKE Algorithm Components
One or more Prime NumbersOne or more Prime Numbers Large integer factoringLarge integer factoring Modular arithmeticModular arithmetic Example AlgorithmsExample Algorithms
Merkle-Hellman KnapsacksMerkle-Hellman Knapsacks Rivest-Shivar-Adelman (RSA)Rivest-Shivar-Adelman (RSA) Diffie-Hellman Key ExchangeDiffie-Hellman Key Exchange
![Page 8: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/8.jpg)
Knapsack ConceptKnapsack Concept
Using each block only once, Using each block only once, which blocks could be which blocks could be combined to completely fill combined to completely fill this space without leaving any this space without leaving any open squares inside or block open squares inside or block parts outside the highlighted parts outside the highlighted area?area?
00
11
11
00
11
![Page 9: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/9.jpg)
Merkle-Hellman KnapsacksMerkle-Hellman Knapsacks
Use 1 knapsack for encoding a Use 1 knapsack for encoding a messagemessage
Use a 2Use a 2ndnd knapsack for decoding knapsack for decoding The knapsacks are mathematically The knapsacks are mathematically
related to each otherrelated to each other Modulus Modulus nn Multiplier Multiplier ww
![Page 10: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/10.jpg)
Simple Knapsack Simple Knapsack GenerationGeneration
Create a simple (superincreasing) Create a simple (superincreasing) knapsackknapsack Select a (small) initial numberSelect a (small) initial number Each new number is greater than the sum of all Each new number is greater than the sum of all
previous numbers.previous numbers.
S = [ 1, 2, 4, 8 ]S = [ 1, 2, 4, 8 ] Pick Pick nn and and ww
n is greater than the sum of Sn is greater than the sum of S n and w have no common factors n and w have no common factors Easiest way: set n to a prime numberEasiest way: set n to a prime number
n > 15; set n = 17 / Pick w < n; w = 7n > 15; set n = 17 / Pick w < n; w = 7
![Page 11: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/11.jpg)
Hard Knapsack GenerationHard Knapsack Generation Hard knapsack is a function of S, w, and nHard knapsack is a function of S, w, and n
hhii = s = sii * w mod n * w mod n
hh11 = 1 * 7 mod 17 = 7 = 1 * 7 mod 17 = 7
hh22 = 2 * 7 mod 17 = 14 = 2 * 7 mod 17 = 14
hh33 = 4 * 7 mod 17 = 11 = 4 * 7 mod 17 = 11
hh44 = 8 * 7 mod 17 = 5 = 8 * 7 mod 17 = 5
H = [ 7, 14, 11, 5 ]H = [ 7, 14, 11, 5 ]
H becomes the public keyH becomes the public key S, n, and w together become the private S, n, and w together become the private
keykey
![Page 12: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/12.jpg)
Encrypting a MessageEncrypting a Message Message is broken down in binary blocksMessage is broken down in binary blocks Block size = number of elements in HBlock size = number of elements in H Calculate sum of PT * H for each blockCalculate sum of PT * H for each block This becomes the encrypted messageThis becomes the encrypted message
SumSum11 = 7 + 11 + = 7 + 11 + 55
= 23= 23
SumSum22 = 14 + 11= 14 + 11 = 25= 25
SumSum33 = 7 + 11= 7 + 11 = 18= 18
SumSum44 = 14 + 5= 14 + 5 = 19= 19
PT = 1011 0110 1010 0101 / H = [ 7, 14, 11, 5 ]PT = 1011 0110 1010 0101 / H = [ 7, 14, 11, 5 ]
Message M = [ 23, 25, 18, 19 ]Message M = [ 23, 25, 18, 19 ]
![Page 13: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/13.jpg)
Decrypting a MessageDecrypting a Message Need to find inverse v of w:Need to find inverse v of w:
w * v mod n = 1w * v mod n = 1 Use Extended Euclidean Algorithm to find vUse Extended Euclidean Algorithm to find v
7 * v mod 17 = 1; v = 57 * v mod 17 = 1; v = 5
Calculate new sum totals: MCalculate new sum totals: Mii * v mod n * v mod n
SumSum
11
= 23 * 5 mod = 23 * 5 mod 1717
= 13= 13
SumSum
22
= 25 * 5 mod = 25 * 5 mod 1717
= 6= 6
SumSum
33
= 18 * 5 mod = 18 * 5 mod 1717
= 5= 5
SumSum
44
= 19 * 5 mod = 19 * 5 mod 1717
= 10= 10
M = [ 23, 25, 18, 16 ] / Sumi = Mi * 5 mod 17
![Page 14: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/14.jpg)
Decrypting the Message Decrypting the Message (con’t.)(con’t.)
To get the plaintext, we now use STo get the plaintext, we now use SS * PTS * PTii = Sum = Sumii
SumSum11 = 13 = [ 1, 2, 4, 8 ] * PT = 13 = [ 1, 2, 4, 8 ] * PT11; PT; PT11 = [1011] = [1011]
SumSum22 = 6 = [ 1, 2, 4, 8 ] * PT = 6 = [ 1, 2, 4, 8 ] * PT22; PT; PT22 = [0110] = [0110]
SumSum33 = 5 = [ 1, 2, 4, 8 ] * PT = 5 = [ 1, 2, 4, 8 ] * PT33; PT; PT33 = [1010] = [1010]
SumSum44 = 10 = [ 1, 2, 4, 8 ] * PT = 10 = [ 1, 2, 4, 8 ] * PT44; PT; PT44 = [0101] = [0101]
PT = 1011 0110 1010 0101PT = 1011 0110 1010 0101
![Page 15: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/15.jpg)
RSA Public Key EncryptionRSA Public Key Encryption
Developed by MIT professors Ron Rivest, Developed by MIT professors Ron Rivest, Adi Shamir and Len Adleman (1977)Adi Shamir and Len Adleman (1977)
Message blocks treated as a large number Message blocks treated as a large number less that some number less that some number nn
Block size 2Block size 2kk bits bits 2 2kk < n < 2 < n < 2k+1k+1
Relies on:Relies on: Large prime numbersLarge prime numbers Large number factoringLarge number factoring Modular arithmeticModular arithmetic
![Page 16: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/16.jpg)
RSA Key GenerationRSA Key Generation
Select 2 prime numbers, p and qSelect 2 prime numbers, p and q Let n = p * qLet n = p * q Let Let (n) = (p – 1)(q – 1)(n) = (p – 1)(q – 1) Pick e that is Pick e that is relatively primerelatively prime to to (n)(n) Find d Find d d = e d = e-1-1 mod mod (n) (n) de = 1 mod de = 1 mod
(n)(n) Generated keys:Generated keys:
Public: e & nPublic: e & n Private: d & n Private: d & n
![Page 17: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/17.jpg)
RSA Encryption & RSA Encryption & DecryptionDecryption
Encryption:Encryption: Break message into M sized blocks < nBreak message into M sized blocks < n Cipher C = MCipher C = Mee mod n mod n
Decryption:Decryption: Message M = CMessage M = Cdd mod n mod n
![Page 18: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/18.jpg)
RSA ExampleRSA Example
Key Generation:Key Generation: Let p = 5 and q = 11Let p = 5 and q = 11 N = 5 * 11 = 55N = 5 * 11 = 55 (n) = (5 – 1)(11 – 1) = 40(n) = (5 – 1)(11 – 1) = 40 Let e = 3Let e = 3 Find d Find d 3d = 1 mod 40; d = 27 3d = 1 mod 40; d = 27
Encrypt M = 5 Encrypt M = 5 C = 5 C = 533 mod 55 = 15 mod 55 = 15 Decrypt C Decrypt C M = 15 M = 152727 mod 55 = 5 mod 55 = 5
![Page 19: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/19.jpg)
Digital SignaturesDigital Signatures
------------------------------------------------------------------------------------
HashHashEncryptionEncryption
------------------------------------------------++++++++++++++++++++++++
------------------------------------------------------------------------------------
HashHashDecryptionDecryption
Sender’sSender’sPrivate KeyPrivate Key
Sender’sSender’sPublic KeyPublic Key
PlaintextPlaintext PlaintextPlaintextSignedSignedMessageMessage
![Page 20: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/20.jpg)
Hash FunctionsHash Functions
Accept messages of Accept messages of anyany size and size and generated a small, fixed size outputgenerated a small, fixed size output
One way functionOne way function Easy and fast to calculateEasy and fast to calculate Collision ResistantCollision Resistant
![Page 21: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/21.jpg)
XOR ExampleXOR Example
Break message into fixed length Break message into fixed length blocksblocks
XOR first element of all blocksXOR first element of all blocks Repeat for all elementsRepeat for all elements
GG 0 1 0 0 0 1 1 10 1 0 0 0 1 1 1oo 0 1 1 0 1 1 1 10 1 1 0 1 1 1 1nn 0 1 1 0 1 1 1 00 1 1 0 1 1 1 0oo 0 1 1 0 1 1 1 10 1 1 0 1 1 1 1ww 0 1 1 0 0 1 1 10 1 1 0 0 1 1 1
0 1 0 1 1 1 1 00 1 0 1 1 1 1 0 55 E E
Source: Source: Classical and Contemporary CryptologyClassical and Contemporary Cryptologyby Richard J. Spillmanby Richard J. Spillman
Not very collision resistant!!!Not very collision resistant!!!
![Page 22: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/22.jpg)
MD5 HashMD5 Hash Developed by Ron RivestDeveloped by Ron Rivest Generates a 128-bit hashGenerates a 128-bit hash InitializationInitialization
Pad message (1 followed by Pad message (1 followed by nn 0s) such that the 0s) such that the message size is 448 mod 512message size is 448 mod 512
(message size) mod 2(message size) mod 26464 appended to message appended to message as 64-bit numberas 64-bit number
4 32-bit registers used store intermediate and 4 32-bit registers used store intermediate and final resultsfinal results
512-bit message block processed in 4 rounds, 512-bit message block processed in 4 rounds, each consisting of 16 stageseach consisting of 16 stages
![Page 23: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/23.jpg)
BlockBlockii
DD
CC
BB
AA
MD5 RoundsMD5 Rounds
FFT[1..16]T[1..16]
++
++
++
++
DD
CC
BB
AA
GGT[17..32]T[17..32]
HHT[33..48]T[33..48]
IIT[49..64]T[49..64]
CVCVii CVCVi+1i+1
![Page 24: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/24.jpg)
GG
MD5 StageMD5 Stage
DD
CC
BB
AA ++ ++ ++ RotRot ++
BlockBlockii[k][k] T[j]T[j]
DD
CC
BB
AA
![Page 25: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/25.jpg)
Birthday ParadoxBirthday Paradox
![Page 26: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/26.jpg)
El Gamal KeysEl Gamal Keys
Choose a large prime number, Choose a large prime number, pp, , such that (such that (pp – 1) has a large prime – 1) has a large prime factor, factor, qq
Select 2 integers, Select 2 integers, xx and and aa, such that , such that x < p and a < p.x < p and a < p.
Calculate y = aCalculate y = axx mod p mod p Private Key: xPrivate Key: x Public Key: y, p, aPublic Key: y, p, a
![Page 27: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/27.jpg)
El Gamal SignaturesEl Gamal Signatures
Used to sign message, Used to sign message, mm Select an integer Select an integer kk such that: such that:
0 < k < p – 10 < k < p – 1 Not used previouslyNot used previously Relatively prime to (p – 1)Relatively prime to (p – 1)
Message signature is Message signature is r r and and ss r = ar = akk mod p mod p s = ks = k-1-1(m – xr) mod (p – 1)(m – xr) mod (p – 1)
![Page 28: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/28.jpg)
El Gamal Signatures (Con’t)El Gamal Signatures (Con’t)
Checked:Checked: Calculate yCalculate yrrrrss mod p mod p Should be same as aShould be same as amm mod p mod p
Digital Signature Standard (DSS)Digital Signature Standard (DSS) Based on El GamalBased on El Gamal 22511511 < p < 2 < p < 2512512
22159159 < q < 2 < q < 2160160
Uses a hash (SHA-1) instead of mUses a hash (SHA-1) instead of m q, instead of (p – 1) is used to calculate r and sq, instead of (p – 1) is used to calculate r and s
![Page 29: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/29.jpg)
Diffie-Hellman Key Diffie-Hellman Key ExchangeExchange
Bob and Alice together select a prime number, p, Bob and Alice together select a prime number, p, and a base, gand a base, g
Alice:Alice: Selects secret number aSelects secret number a Sends Bob gSends Bob gaa mod p mod p
Bob:Bob: Selects secret number bSelects secret number b Sends Alice gSends Alice gbb mod p mod p
Shared secret: kShared secret: k k = (gk = (gaa mod p) mod p)bb mod p = (g mod p = (gbb mod p) mod p)aa mod p mod p Used as key in symmetric cryptography algorithmUsed as key in symmetric cryptography algorithm
![Page 30: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/30.jpg)
““Pretty Good Privacy”Pretty Good Privacy”
Freely available PKE systemFreely available PKE system Minimizes email forgingMinimizes email forging Promotes privacyPromotes privacy Requires a Requires a Circle of TrustCircle of Trust AlternativesAlternatives
MIME Object Security Services (MOSS)MIME Object Security Services (MOSS) Security Multiparts for MIME (S/MIME)Security Multiparts for MIME (S/MIME)
![Page 31: Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University](https://reader036.vdocument.in/reader036/viewer/2022081519/56649ed55503460f94be5cba/html5/thumbnails/31.jpg)
Public Key DistributionPublic Key Distribution
Sent via disk/emailSent via disk/email Downloaded from web pageDownloaded from web page Public Key ServerPublic Key Server Fingerprints and key signingFingerprints and key signing Public Key InfrastructurePublic Key Infrastructure
Certificate AuthoritiesCertificate Authorities Registration AuthoritiesRegistration Authorities Certificate Distribution SystemCertificate Distribution System Key EscrowKey Escrow