ece-8843 csc.gatech/copeland/jac/8843/ prof. john a. copeland
DESCRIPTION
ECE-8843 http://www.csc.gatech.edu/copeland/jac/8843/ Prof. John A. Copeland [email protected] 404 894-5177 fax 404 894-0035 Office: GCATT Bldg 579 email or call for office visit, or call Kathy Cheek, 404 894-5696 Chapter 3 - Public-Key Cryptography & Authentication. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/1.jpg)
ECE-8843http://www.csc.gatech.edu/copeland/jac/8843/
Prof. John A. [email protected]
404 894-5177fax 404 894-0035
Office: GCATT Bldg 579email or call for office visit, or call Kathy Cheek, 404 894-5696
Chapter 3 - Public-Key Cryptography & Authentication
![Page 2: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/2.jpg)
2
Requirements - must be able to verify that:1. Message came from apparent source or author,2. Contents have not been altered,3. Sometimes, it was sent at a certain time or sequence.
Sometimes we would like to provide authentication without encryption (public statements do not need privacy). Still, authentication requires that the sender know something that the forger does not ( a secret key).
Conventional encryption can be used, but the sender must share the secret key with the receiver.
Authentication
![Page 3: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/3.jpg)
3
![Page 4: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/4.jpg)
(b) Using public-keyencryption
4
![Page 5: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/5.jpg)
Secret Value is added by both parties to message before the “hash,” function is used to get the Message Integrity Check (MIC). It is removed before transmission.
MIC MIC
It is critical that a forger can not compose a different message that would produce the same MIC value.
5
![Page 6: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/6.jpg)
6
![Page 7: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/7.jpg)
SHA-1
Secure Hash Algorithm 1
7
![Page 8: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/8.jpg)
8
![Page 9: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/9.jpg)
HMAC Structure 9
![Page 10: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/10.jpg)
Public-Key Cryptography(Public-Private Key)
plaintext (data file or message)
encryption by key-1 decryption by key-1
ciphertext (stored or transmitted safely)
decryption by key-2encryption by key-2
plaintext (original data or message)
10
![Page 11: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/11.jpg)
Encryption using aPublic-Key System
11
![Page 12: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/12.jpg)
Authentication using aPublic-Key System
12
![Page 13: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/13.jpg)
RSA (Rivest, Shamir, and Adleman)Key length is variable, 512 bits most common.
• The plaintext block ("m") must be less than the key
length.Key Generation
• Choose two large prime numbers, p and q (secret)
• n = pq, Ø(n) = (p-1)(q-1)
• Find a number, e, that is relatively prime to Ø(n)
• The public key is e and n (e,n)
• Find d, the multiplicative inverse to e mod Ø(n)(by “Number Theory”: d * e mod Ø(n) = 1)
The private key is d and n (d,n), public key is (e,n)
Encryption: c = m^e mod n ("m" is message)
Decryption: m = c^d mod n ("c" is ciphertext)13
![Page 14: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/14.jpg)
Is RSA Secure?
To factor a 512-bit number (to find p and qfrom n) with the best known technique would
take 500,000 MIPs-years• In 500 years on a 1000 MIP/s CPU, an
eavesdropper can encrypt a list of all possible messages (using the Public Key), and compare the corresponding ciphertext to the transmitted ciphertext.• If the message is your password, make sure you
picked a good one (not in any dictionary).
• A defense is to add random bits to the message.
MIPs - Millions of Instructions per second.
14
![Page 15: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/15.jpg)
How Efficient are RSA Operations
Efficient techniques for doing exponentiation:
X * Y mod n = (X mod n) * (Y mod n)
• Do a "mod n" operation whenever a multiplier isbigger than n
To calculate x^10110111011000012 mod n
x^102 = (x^12 )^2
x^1002 = (x^10
2 )^2
x^(1012) = (x^1002
) * x15
![Page 16: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/16.jpg)
c = E(m) =(m ^ e) mod n (the ciphertext)
D(c) = (c ^ d) mod n (decryption of c)
= m^(e*d) mod n
= m^(e*d mod Ø(n)) mod n (Number Theory)
= m^(1) mod n
= m (the plaintext message)
Does It Work?(Does D(E(m))=m)
16To experiment use: www.csc.gatech.edu/copeland/jac/8843/tools/RSA.xls
![Page 17: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/17.jpg)
17
![Page 18: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/18.jpg)
Public-Key Systems
Encrypt/ Digital Key Decrypt Signature Exchange
RSA X X X
Diffie-Hellman X X
DSS X
Elliptic Curve X X X
18
![Page 19: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/19.jpg)
Diffie-Hellman TechniqueMutual Secret Keys or Public-Private Keys
Global Public Elements: q (large prime) and a (a < q)
User A‘s Keys: Select secret Xa (Xa < q)Public Key is Ya = a^Xa mod q
User B‘s Keys: Select secret Xb (Xb < q)Public Key is Yb = a^Xb mod q
Mutual Key is K = Yb ^Xa (A’s calculation)Ya ^ Xb (B’s calculation)a^(Xa*Xb) mod q (in both cases)
No one else knows either Xa or Xb, so they can not find out K
19
![Page 20: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/20.jpg)
+ a and q
+ message encrypted with “ K”
(Ya, a,q are A’s Public Key)
Diffie-Hellman as usedfor a Public-Private System
B has to send “ Yb” withmessage so A can decrypt it.
“Trudie” does not know Xa: Can not read message. 20
![Page 21: ECE-8843 csc.gatech/copeland/jac/8843/ Prof. John A. Copeland](https://reader030.vdocument.in/reader030/viewer/2022033100/56814986550346895db6ce5d/html5/thumbnails/21.jpg)
Certificate Authority generates the“signature” that is added to raw
“Certificate”
MIC
Hash
Raw “Certificate” has user name, public key, expiration date, ...
RawCert.
SignedCert.
21
Generate hash codeof Raw Certificate
Encrypt hash code with CA’s private key to form CA’s signature
Signed CertificateRecipient can verify signature using CA’s public key.