CNT-4403: 2.April.2015 1

Week 12

Number Theory

&

Modern Cryptography

Stallings: Ch 4, 8, 9, 10

CNT-4403: 2.April.2015 2

Increasing importance in cryptography

Public Key Crypto and Signatures

Concern operations on “numbers”

Introduction

CNT-4403: 2.April.2015 3

Basic Number Theory

Modern Cryptography: Public Key Cryptosystems

Today’s Class

CNT-4403: 2.April.2015 4

Divisors

A non-zero number b divides a if For some m, a=mb (a,b,m all integers)

b divides into a with no remainder

Denote this b|a

b is a divisor of a

Example What are the divisors of 24 ?

1, 2, 3, 4, 6, 8, 12, 24

Other examples 13 | 182; –5 | 30; 17 | 289; 17 | 0

CNT-4403: 2.April.2015 5

Properties of Divisibility

1. If a|1, then a = ±1

2. If a|b and b|a, then a = ±b

3. Any b != 0 divides 0

4. If a | b and b | c, then a | c

Example: 11 | 66 and 66 | 198 → 11 | 198

5. If b|g and b|h, then b|(mg + nh) for arbitrary m and n

Example

b = 7; g = 14; h = 21; m = 3; n = 2

7|14 and 7|21 → 7|84

CNT-4403: 2.April.2015 6

Division Algorithm

If divide a by n get integer quotient q and integer remainder r such that:

a = qn + r where 0 <= r < n; q = floor(a/n)

Remainder r often referred to as a residue

CNT-4403: 2.April.2015 7

Greatest Common Divisor (GCD)

A common problem in number theory

GCD (a,b) of a and b

The largest integer that divides evenly into both a and b

Example: GCD(60,24) = 12

Define gcd(0, 0) = 0

Relative primality

No common factors: GCD(a,b) = 1

Example: GCD(8,15) = 1 : 8 & 15 are relatively prime

CNT-4403: 2.April.2015 8

Efficient way to find the GCD(a,b)

Theorem: GCD(a,b) = GCD(b, a mod b)

Euclidean Algorithm to compute GCD(a,b):

Euclid(a,b){

if (b=0) then return a;

else return Euclid(b, a mod b);

}

Euclidean Algorithm

CNT-4403: 2.April.2015 9

1970 = 1 x 1066 + 904 → gcd(1066, 904) 1066 = 1 x 904 + 162 → gcd(904, 162) 904 = 5 x 162 + 94 → gcd(162, 94) 162 = 1 x 94 + 68 → gcd(94, 68) 94 = 1 x 68 + 26 → gcd(68, 26) 68 = 2 x 26 + 16 → gcd(26, 16) 26 = 1 x 16 + 10 → gcd(16, 10) 16 = 1 x 10 + 6 → gcd(10, 6) 10 = 1 x 6 + 4 → gcd(6, 4) 6 = 1 x 4 + 2 → gcd(4, 2) 4 = 2 x 2 + 0 → gcd(2, 0) = 2

Example: GCD(1970,1066)

CNT-4403: 2.April.2015 10

Modulo operator a mod n: Remainder when a is divided by n

Integer n is called the modulus

b is called a residue of a mod n if a = qn + b

Smallest positive remainder as residue: 0 <= b <= n-1

Modulo reduction: eg. -12 mod 7 = -5 mod 7 = 2 mod 7 = 9 mod 7

Congruence a ≡ b a mod n = b mod n

When divided by n, a & b have same remainder

Example: 100 ≡ 34 (mod 11)

Modular Arithmetic

CNT-4403: 2.April.2015 11

Perform arithmetic with residues

Use a finite number of values

Zn = {0, 1, . . . , (n – 1)}

Modular arithmetic

Addition & multiplication then

Modulo reduce answer

Reduction can be done at any point

a+b mod n = [a mod n + b mod n] mod n

Modular Arithmetic Operations

CNT-4403: 2.April.2015 12

1. [(a mod n) + (b mod n)] mod n = (a + b) mod n

2. [(a mod n) – (b mod n)] mod n = (a – b) mod n

3. [(a mod n) x (b mod n)] mod n = (a x b) mod n

Examples:

[(11 mod 8) + (15 mod 8)] mod 8 = (3+7) mod 8 = 2 =(11 + 15) mod 8 = 26 mod 8 = 2

[(11 mod 8) – (15 mod 8)] mod 8 = (3-7) mod 8 = 4 = (11 – 15) mod 8 = –4 mod 8 = 4

[(11 mod 8) x (15 mod 8)] mod 8 = (3 x 7) mod 8 = 5 = (11 x 15) mod 8 = 165 mod 8 = 5

Modular Operations (cont’d)

CNT-4403: 2.April.2015 13

Modular Arithmetic Properties

CNT-4403: 2.April.2015 14

Set of integers

{0,1, … , p-1}

With arithmetic operations modulo prime p

Form a finite field

Have multiplicative inverses

Find inverse with Extended Euclidean algorithm

Arithmetic is well-behaved can do

Addition, subtraction

Multiplication, and division

With closure: within the field GF(p)

Galois Field: GF(p)

CNT-4403: 2.April.2015 15

Basic Number Theory

Modern Cryptography: Public Key Cryptosystems

RSA

Today’s Class

CNT-4403: 2.April.2015 16

Most significant advance in the 3000 year history of cryptography !

Uses two keys – a public and a private key

Asymmetric: parties are not equal

Public Key Cryptosystems (PKC)

Public invention Whitfield Diffie & Martin Hellman at Stanford University in

1976

Known earlier in classified community

CNT-4403: 2.April.2015 17

Addresses two key issues:

Key distribution – how to have secure communications in general without having to trust a KDC with your key

Digital signatures – how to verify a message comes intact from the claimed sender

Why Public Key ?

CNT-4403: 2.April.2015 18

PKC in a Nutshell

Plaintext

Encryption

Algorithm

Encryption Key Decryption Key

Plaintext

Decryption

Algorithm

CNT-4403: 2.April.2015 19

PKC in Real Life!

Alice

Bob

Malory

C= Encrypt(pubKeyB, M) 1

pubKeyB - public

privKeyB - private

pubKeyB - public

Cannot Infer privKeyB

from pubKeyB !

Intercept C 2

Cannot Obtain M !

M= Decrypt(privKeyB, C)

Has message M

CNT-4403: 2.April.2015 20

ap-1 = 1 (mod p)

p is prime and gcd(a,p)=1

Known as Fermat’s Little Theorem

Note: ap = a (mod p)

Fermat’s Theorem

CNT-4403: 2.April.2015 21

Arithmetic modulo n

Complete set of residues is: 0..n-1

Euler Totient Function ø(n):

Number of residues that are relatively prime to n

n prime ø(p)=p-1

n = p x q (p,q prime) ø(p.q)=(p-1)x(q-1)

Example:

ø(37) = 36

ø(21) = (3–1) x (7–1) = 2 x 6 = 12

Euler’s Totient: ø(n)

CNT-4403: 2.April.2015 22

Generalisation of Fermat's Theorem

aø(n) = 1 (mod n) for any a,n where gcd(a,n)=1

Example:

a=3; n=10; ø(10)=4;

Hence 34 = 81 = 1 mod 10

Note: aø(n)+1 = a (mod n)

Euler’s Theorem

CNT-4403: 2.April.2015 23

Rivest, Shamir & Adleman - MIT in 1977

Equivalent introduced by Clifford Cocks (UK intelligence agency GCHQ) in 1973 Classified top secret until 1998

Best known & widely used public-key scheme Uses large integers (eg. 1024, 2048 bits) Security due to cost of factoring large numbers

RSA

CNT-4403: 2.April.2015 24

Select two large primes at random: p, q

Compute modulus n = p x q

ø(n)=(p-1) x (q-1)

Select at random the encryption key e

where 1<e<ø(n), gcd(e,ø(n))=1

Solve following equation to find decryption key d

e x d=1 mod ø(n) and 0≤d≤n

Publish public encryption key: pubKey = {e,n}

Keep secret private decryption key: privKey = {d,p,q}

RSA Key Setup

CNT-4403: 2.April.2015 25

Given message M

Given public encryption key: pubKey = {e,n}

Compute ciphertext:

C = Me mod n

RSA Encryption

CNT-4403: 2.April.2015 26

Given cyphertext C

Given private decryption key: privKey = {d,p,q}

Compute plaintext

M = Cd mod n

RSA Decryption

CNT-4403: 2.April.2015 27

RSA Key Setup

Bob

privKeyB = {d,p,q}

pubKeyB = {e,n}

Alice

Cannot Infer privKeyB

from pubKeyB !

n = p x q

pubKeyB = {e,n}

Cannot get d given e and n

Need p and q !

CNT-4403: 2.April.2015 28

RSA Encryption and Decryption

Bob

privKeyB = {d,p,q}

pubKeyB = {e,n}

Alice

n = p x q

pubKeyB = {e,n}

C= Me mod n 1

Has message M (<n !)

M = Cd mod n

Malory

Intercept C 2

Cannot obtain M

from Me mod n !

CNT-4403: 2.April.2015 29

1. Select primes: p=17 and q=11

2. Calculate n = pq =17 x 11=187

3. Calculate ø(n)=(p–1)x(q-1)=16x10=160

4. Select e, gcd(e,160)=1 e=7

5. Determine d

de=1 mod 160 and d < 160 d=23

since 23 * 7=161= 10 * 160+1

6. Publish public key pubKey = {7,187}

7. Keep secret private key privKey = {23,187}

RSA Example: Key Setup

CNT-4403: 2.April.2015 30

Message M = 88

M < n: 88<187

Encryption:

C = 887 mod 187 = 11

Decryption:

M = 1123 mod 187 = 88

RSA Example: Encryption/Decryption