Public Key Cryptography and

Digital Signatures

Curt JonesCDA 5505April 12, 2005

Public Key Cryptography -What is public key cryptography?

Public key cryptography is a form of cryptography which allows secure

communications between users without the need for a previously agreed upon secret

encryption/decryption key. It is also known as asymmetric key cryptography.

Public Key Cryptography -Why do we need it?

One difficulty in using symmetric key cryptography is key exchange. Public key cryptography allows a user to create a public key/private key pair that can be used to securely communicate with other users without the need for a previously agreed upon key. The public key is published so that any user can use it to encrypt a message. This message can only be decrypted using the matching private key, which is not shared with any other user.

Public Key Cryptography -How it works

A public key cryptographic system must meet three requirements:

1. D(E(P)) = P.

The decryption algorithm, D, applied to the encrypted plaintext, E(P), returns the unencrypted plaintext, P. If this property did not hold, the recipient could not decrypt the cyphertext they received.

Public Key Cryptography -How it works

2. Determining D from E is extremely difficult.

D and E must be related, since D reverses the actions of E. Because E is known to the public it must be virtually impossible to determine D given E. Public key algorithms rely on various difficult mathematical problems, such as factorization of large numbers, to insure that this is as hard as possible.

Public Key Cryptography -How it works

3. E cannot be broken by a chosen plaintext attack.

Since the encryption key is known to the public, an attacker can encrypt any, and as many, plaintext messages as they like. The output from the encryption algorithm must be sufficiently random that knowledge of a given encrypted message does not reveal information about any other encrypted messages.

Public Key Cryptography - Some Public Key Algorithms

Diffie-Hellman – 1976RSA - 1977

Merkle-Hellman - 1978El Gamal - 1984

Elliptic curve - 1985Paillier cryptosystem - 1999

Public Key Cryptography -RSA – Key Generation1. Choose two large prime numbers, p and q.

2. Compute N, where n = p * q.3. Compute z, where z = (p-1) * (q-1).

4. Choose a number d, such that d is co-prime to z.5. Find e such that e * d = 1 (mod z).

Publish N (the modulus) and e (the public exponent) as the public key.

Retain N (the modulus) and d (the private exponent) as the private key.

Public Key Cryptography -RSA - useTo encrypt and send a plaintext message, the

message is converted to a number n by a predetermined padding scheme. The number n is then encrypted by computing c = ne (mod N). The cyphertext value c is then sent to the holder of the

private key.

To decrypt the message, the private key holder computes n = cd (mod N). The plaintext message

can be recovered by running n through the inverse of the original padding function.

Public Key Cryptography -Problems

Authentication

In symmetric key encryption, the ability to properly encrypt a message strongly implies that the sender is who they claim to be, since only they (and the recipient) should be in possession of the key.

In public key encryption, the encryption key is not secret, so the ability to encrypt a message provides no information about the identity of the sender.

The use of a public key infrastructure can help insure that all parties involved in communications are who they claim to be.

Public Key Cryptography -Problems

Computational Complexity

Public key algorithms rely on difficult to solve mathematical problems for their security. Because of this, they require more computing power, and thus more time, to encrypt and decrypt messages than

symmetric key algorithms.

Public Key Cryptography -Uses

Though Public key algorithms can be used for secure communication, due to their much higher

computational overhead than symmetric key algorithms they are, in practice, generally used to

communicate a key which is then used by a symmetric key communication system.

Public key encryption is also used in the creation of digital signatures.

Digital Signatures -What is a digital signature?

A digital signature is the electronic equivalent of a physical signature. It is used to authenticate the identity of the signer. It has the additional

advantage of being able to verify that the signed message is unchanged since the time it

was signed.

Digital Signatures -Requirements of a digital signature

To be useful, a digital signature must meet three conditions:

1. The receiver can verify the identity of the sender.

2. The sender cannot repudiate the contents of the message.

3. The receiver cannot create or alter a signed message.

Digital Signatures -Types of Digital Signatures

Symmetric Key

Public Key/Asymmetric Key

Message Digests/Hash Functions

Digital Signatures -Symmetric Key Signatures

Using symmetric key cryptography for digital signatures requires a trusted Central Authority(CA). Each user shares a unique secret key with CA. To

digitally sign a message Alice encrypts the message and the identity of the intended recipient (Bob) and

sends it to CA. CA decrypts the message using Alice's key to verify authenticity.

Continued>

Digital Signatures -Symmetric Key Signatures

Once Alice's message is verified, CA encrypts it and the identity of the sender with its own secret key (not

known to Alice or Bob). This encrypted message and the plaintext of the original message are then encrypted with Bob's key and forwarded to Bob.

Bob can then decrypt this message, read the plaintext, and keep the message encrypted with the

CA's key. Should a dispute arise, the CA can decrypt this saved message and verify its

authenticity.

Digital Signatures -Symmetric Key Signatures - Problems

The main drawback of symmetric key signatures is the need for a trusted central authority to maintain the

keys for each user. Since the CA has everyone's key, and all messages must pass through them if they are

to be signed, the CA has access to everyones information. In practice there is no group that

inspires this level of trust among the entire population.

Digital Signatures -Public Key/asymmetric Key

A public key algorithm, such as RSA, with the property that E(D(P)) = P (in addition to the

required D(E(P)) = P) can be used to digitally sign a message. If Alice creates a message EB(DA(P)) and sends it to Bob, Bob can then apply DB to recover DA(P), which could only have been generated by

Alice, since only she know her private key. Bob can now apply EA to recover the plaintext message.

Digital Signatures -Public Key/asymmetric Key - Problems

If someones private key is compromised, there is no longer any assurance that they created the original

message.

If someone changes their key, the new encryption key will no longer decrypt an old signed message,

making it appear that a validly signed message is fake.

Digital Signatures -Hash Functions and Message Digests

A cryptographic hash function has the following properties:

● Takes an arbitrary length input.● Returns a fixed length output.● Is a one way function.● Is collision free.

The output is called a Message Digest.

Digital Signatures -Hash Functions and Message Digests

A message digest can be used without further processing as a digital fingerprint to verify the

integrity of a message or file.

A message digest can also be digitally signed and transmitted along with the input it was created from. This allows the recipient to verify both the integrity and authenticity of the message. This method does

not encrypt the message itself.

Public Key Cryptography and

Digital Signatures

Questions?

References

Computer Networks, 4 th edition, Andrew S. Tanenbaum (2003), Prentice Hall PTR.

Practical Cryptography, Niels Ferguson and Bruce Schneier (2003), Wiley Publishing, Inc.

A Method for Obtaining Digital Signatures and Public-Key Cryptosystems, R. Rivest, A. Shamir, L. Adleman, Communications of

the ACM, Vol. 21 (2), 1978, pages 120-126.