public key cryptography
play

Public Key Cryptography Background Basic Concepts in Complexity - PowerPoint PPT Presentation

May 30, 2023 •445 likes •1.49k views

Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Public Key Cryptography Background Basic Concepts in Complexity Theory Some Number Theoretic & Algebraic Algorithms Indivar Gupta Some Computational Hard Problems and SAG,

  1. Complexity of an Algorithm IV Public Key Cryptography Example Indivar Gupta SAG, DRDO, QRP � P IFP Delhi Background Definition Basic Concepts in Complexity Theory Some Number A decision problem L is said to be NP -complete if Theoretic & Algebraic Algorithms L ∈ NP Some Computational Hard Problems and their Application L 1 � P L for every L 1 ∈ NP . Cryptography Public Key Cryptography Example Diffie Hellman Key Exchange Protocol Public Key Subset Sum Problem is NP complete problem: given a set of Cryptosystems RSA & ElGamal positive integers { a 1 , a 2 , · · · a n } and a positive integer s , Elliptic Curve Cryptography Other Public Key determine whether or not there is a subset of the a i that sum to s . Cryptosystems: Post Quantum Elliptic Curve Cryptography

  2. Complexity of an Algorithm V Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Definition Background A decision problem is said to be NP -hard if any NP -complete Basic Concepts in Complexity Theory problem polynomially reduces to it. Some Number Theoretic & Algebraic Algorithms Some Computational Hard Problems and Examples their Application Cryptography Computational version of subset sum problem is NP -hard Public Key Cryptography problem. Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  3. Important Topics of Number Theory Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background The Euclidean Algorithm Basic Concepts in Complexity Theory Some Number Modular Arithmetic Theoretic & Algebraic Algorithms Some Computational Arithmetic functions and their Properties Hard Problems and their Application Solution of Linear and Quadratic Congruences, CRT Cryptography Public Key Primality testing and Factorization Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  4. The Euclidean Algorithm Public Key The Euclidean Algorithm finds the greatest common divisor of Cryptography two integers a and b . Indivar Gupta SAG, DRDO, For example, if we want to find gcd ( 287 , 91 ) , we divide 287 by Delhi 91: Background Basic Concepts in Complexity Theory 287 = 91 ∗ 3 + 14 . Some Number Theoretic & Algebraic Algorithms Some Computational Hard Problems and We have if a | b and a | c , then a | ( b + c ) . their Application Cryptography gcd ( 287 , 91 ) = gcd ( 91 , 14 ) Public Key Cryptography Diffie Hellman Key Exchange Protocol gcd ( 91 , 14 ) = gcd ( 14 , 7 ) Public Key Cryptosystems RSA & ElGamal Elliptic Curve gcd ( 14 , 7 ) = 7 Cryptography Other Public Key Cryptosystems: Post Quantum Therefore, gcd ( 287 , 91 ) = 7. Elliptic Curve Cryptography

  5. Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Theorem The gcd ( a , b ) is the least positive value of ax + by , Basic Concepts in Complexity Theory where x and y range over all integers. Some Number Theoretic & Algebraic Algorithms Theorem An integer solution ( x , y ) of equation ax + by = c Some Computational Hard Problems and exists if and only if c is divisible by gcd ( a , b ) . their Application Cryptography gcd ( a , b , c ) = gcd ( gcd ( a , b ) , c ) Public Key Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  6. Number Theoretic Algorithms 3 Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Complexity of Basic Operations in Z n Background Basic Concepts in Operations Complexity Complexity Theory Some Number ( a + b ) mod n O (log n ) Modular Addition Theoretic & Algebraic Algorithms Modular Subtraction ( a − b ) mod n O (log n ) Some Computational Hard Problems and their Application O ((log n ) 2 ) ( a . b ) mod n Modular Multiplication Cryptography a − 1 mod n O ((log n ) 2 ) Modular Inversion Public Key a k mod n , k < n O ((log n ) 3 ) Modular Exponentiation Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve 3 Chapter 2, [2] Cryptography

  7. Solution of the Congruence Public Key Cryptography Indivar Gupta SAG, DRDO, Consider f ( x ) ≡ 0 ( mod m ) , f ( x ) being a polynomial with integer Delhi coefficients. Any n ∈ Z is called a solution of the congruence if Background f ( n ) ≡ 0 ( mod m ) . Basic Concepts in Complexity Theory The solution is not unique as for any k , such that n ≡ k ( mod m ) , Some Number Theoretic & Algebraic Algorithms Some Computational f ( k ) ≡ f ( n ) ( mod m ) Hard Problems and their Application = ⇒ f ( k ) ≡ 0 ( mod m ) Cryptography Public Key Cryptography Thus every congruence having one solution has infinitely many Diffie Hellman Key Exchange Protocol solutions. Public Key Cryptosystems The congruence ax ≡ b ( mod m ) is called a linear congruence. RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  8. Euler Fermat Theorem Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi We define Euler’s totient function φ ( m ) as Background Basic Concepts in � Complexity Theory 1 when m = 1 , Some Number φ ( m ) = Theoretic & Algebraic Algorithms number of positive integers that are ≤ m and co-prime to m Some Computational Hard Problems and their Application Euler Fermat Theorem For ( a , m ) = 1, we have Cryptography Public Key a φ ( m ) ≡ 1 Cryptography mod m . Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  9. Fermat Little Theorem Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Fermat Little Theorem is a corollary to Euler-Fermat Theorem. Let p be a prime number. If ( a , p ) = 1 then from Euler Fermat Background theorem, we have a φ ( p ) ≡ 1 ( mod p ) but φ ( p ) = p − 1, therefore Basic Concepts in Complexity Theory Some Number a p − 1 ≡ 1 . Theoretic & Algebraic Algorithms Multiplying both side by a , we get a p ≡ a ( mod p ) . Some Computational Hard Problems and their Application Otherwise, if ( a , p ) � = 1, then p | a and a ≡ 0 ( mod p ) . Cryptography ⇒ a p ≡ 0 ( mod p ) Public Key = Cryptography ⇒ a p ≡ a ( mod p ) = Diffie Hellman Key Exchange Protocol Which is Fermat Little Theorem. Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  10. The Chinese Remainder Theorem (CRT) Public Key Cryptography Indivar Gupta SAG, DRDO, Let m 1 , m 2 , · · · , m r be pairwise mutually prime positive integers. Delhi For arbitrary integers b 1 , b 2 , · · · , b r , the system of linear Background congruences Basic Concepts in Complexity Theory Some Number Theoretic & Algebraic x ≡ b 1 ( mod m 1 ) Algorithms Some Computational x ≡ b 2 ( mod m 2 ) Hard Problems and their Application . . Cryptography . Public Key x ≡ b r ( mod m r ) Cryptography Diffie Hellman Key Exchange Protocol has a unique solution x = � r k = 1 b k M k M k ′ modulo m , Public Key Cryptosystems where M = m 1 m 2 · · · m r and M k = M / m k , M k M k ′ ≡ 1 ( mod m k ) . RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  11. CRT Problem Public Key To find the least value of x which satisfy, Cryptography Indivar Gupta SAG, DRDO, x ≡ 2 ( mod 3 ) Delhi x ≡ 3 ( mod 5 ) Background x ≡ 2 ( mod 7 ) Basic Concepts in Complexity Theory Some Number Theoretic & Algebraic The calculations are given in the following table. Algorithms Some Computational Hard Problems and their Application M k ( modm k ) b k m k M k M k ′ b k M k M k ′ Cryptography 2 3 35 2 2 140 Public Key Cryptography 3 5 21 1 1 63 Diffie Hellman Key Exchange Protocol 2 7 15 1 1 30 Public Key Cryptosystems sum 233 RSA & ElGamal Elliptic Curve Cryptography Other Public Key The least number of things are obtained by reducing Cryptosystems: Post Quantum 233 (mod 105 ) i.e. 23. Elliptic Curve Cryptography

  12. Quadratic Residues Public Key Consider the quadratic congruences of the type Cryptography x 2 − n ≡ 0 (mod p ) . . . ( 1 ) Indivar Gupta SAG, DRDO, Delhi where p is a prime. We see that the congruence can have at most 2 solutions. Background Basic Concepts in If x is a solution, then ( − x ) is also a solution. Thus, ( 1 ) has either Complexity Theory Some Number two solutions or none. When (1) has solutions, we say that n is a Theoretic & Algebraic Algorithms quadratic residue modulo p and we write nRp , otherwise if ( 1 ) has Some Computational Hard Problems and their Application no solution then we say that n is a quadratic non-residue modulo p Cryptography and we write n ¯ Rp . Public Key Cryptography � n � Diffie Hellman Key The Legendre’s symbol is defined as Exchange Protocol p Public Key Cryptosystems RSA & ElGamal  0 if p | n , Elliptic Curve  � n � Cryptography  = Other Public Key 1 if nRp , Cryptosystems: Post p Quantum  − 1 if n ¯ Rp .  Elliptic Curve Cryptography

  13. Jacobi Symbols Public Key Cryptography Indivar Gupta If P is an odd positive integer with prime factorization SAG, DRDO, Delhi r � p a i Background P = i Basic Concepts in Complexity Theory i = 1 Some Number � n Theoretic & Algebraic � Algorithms The Jacobi symbol is defined as, Some Computational Hard Problems and P their Application � n � n r � a i Cryptography � � = , if P > 1 Public Key P p i Cryptography i = 1 Diffie Hellman Key Exchange Protocol and Public Key � n Cryptosystems � = 1 RSA & ElGamal 1 Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  14. Primitive Roots Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Let a and m be relatively prime and m > 1. Then a is called a Background primitive root modulo m if Basic Concepts in Complexity Theory Some Number Theoretic & Algebraic a k �≡ 1 mod m Algorithms Some Computational Hard Problems and their Application whenever k < φ ( m ) . Cryptography Public Key Theorem: Cryptography There are exactly φ ( p − 1 ) primitive roots modulo p. Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  15. Computing Euler’s function Public Key If p is a prime, then for integers k ≥ 1 Cryptography Indivar Gupta SAG, DRDO, φ ( p k ) = p k − 1 ( p − 1 ) Delhi If m and n are co-prime, then Background Basic Concepts in Complexity Theory Some Number φ ( mn ) = φ ( m ) .φ ( n ) Theoretic & Algebraic Algorithms Some Computational Therefore, the value of φ (n) for any positive integer n can be Hard Problems and their Application computed by writing prime factorization of n, for Cryptography n = p a 1 1 . p a 2 2 ....... p a t t Public Key Cryptography Diffie Hellman Key Exchange Protocol φ ( n ) = ( p 1 − 1 ) . p a 1 − 1 . ( p 2 − 1 ) . p a 2 − 1 .... ( p t − 1 ) . p a t − 1 Public Key 1 2 t Cryptosystems RSA & ElGamal And so, Elliptic Curve Cryptography Other Public Key Cryptosystems: Post ( 1 − 1 Quantum � φ ( n ) = n . p ) Elliptic Curve Cryptography p | n

  16. Some Primality Testing Algorithms 4 Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Algorithms Type Complexity Background O ( k (log n ) log log log n ) Jacobi Some test True Primality Test Basic Concepts in Complexity Theory O (log n ) 6 + ǫ Elliptic Curve -do- Some Number Primality Proving Theoretic & Algebraic Algorithms test (ECPP) Some Computational Hard Problems and O ((log n ) 10 . 5 Agrawal, Kayal, -do (deterministic)- their Application and Saxena Test Cryptography O (( t log n ) 3 ) , ( t modular exp) Miller-Rabin test Probabilist Primality Test Public Key O (( t log n ) 3 ) , ( t modular exp) Solovay-Strassen Probabilist Primality Test Cryptography Test Diffie Hellman Key Exchange Protocol O (( t log n ) 3 ) , ( t modular exp) Fermat’s test Probabilist Primality Test Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve 4 Chapter 4, [2] Cryptography

  17. Fermat’s Primality Test Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Fermat’s Little theorem for p prime and an integer a such that p ∤ a says that a p − 1 ≡ 1 mod p . Background If a p − 1 �≡ 1 mod p for some a then p is composite. Thus, if Basic Concepts in Complexity Theory Some Number a p − 1 ≡ 1 mod p for one or more values of a, then we say that p is Theoretic & Algebraic Algorithms Some Computational probably a prime. Hard Problems and their Application Example: Fermat pseudo-prime: n = 341 , Cryptography Public Key 2 340 ≡ 1 Cryptography mod 341 ( 11 × 31 ) Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  18. Fermat’s Primality Test: Algorithm Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Input: n - an integer to test for primality, n > 3, k - a parameter that determines the number of times to test for primality. Background Basic Concepts in Complexity Theory Output: Composite if n is composite. Some Number Theoretic & Algebraic Otherwise, probably prime. Algorithms Some Computational Hard Problems and Repeat k times. their Application Cryptography Pick ’a’ randomly in the range [ 2 , n − 2 ] Public Key Cryptography If a p − 1 �≡ 1 mod p , then return composite. Diffie Hellman Key Exchange Protocol If composite is never returned: return probable prime. Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  19. Solovay-Strassen Test Public Key Cryptography Concept : Indivar Gupta Euler proved that for an odd prime number p and any integer SAG, DRDO, Delhi � a � � a � a , a p − 1 / 2 ≡ mod p , where is Legendre symbol. Background p p Basic Concepts in Complexity Theory Given an odd number n , we can contemplate weather or not Some Number � a Theoretic & Algebraic the congruence a n − 1 / 2 ≡ � mod n , holds for various Algorithms Some Computational n Hard Problems and values of the base a . If n is prime, then this congruence holds their Application Cryptography for all values of a . Public Key So, if we pick a value of a at random and test the congruence Cryptography Diffie Hellman Key then as soon as we find an a which does not fit the Exchange Protocol Public Key congruence we know that n is not prime. Cryptosystems RSA & ElGamal Elliptic Curve Example of Euler Pseudo-prime is 91 = ( 7 × 13 ) to the base Cryptography 9: 9 45 ≡ ( 9 Other Public Key 91 ) ≡ 1 Cryptosystems: Post Quantum Elliptic Curve Cryptography

  20. Solovay-Strassen Test: Continued – Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Pick a random integer a < n , and do the followings: Basic Concepts in Complexity Theory Some Number If gcd ( a , n ) > 1, then return composite. Theoretic & Algebraic Algorithms � a Some Computational � is not equal to a n − 1 / 2 , then return composite. Hard Problems and If their Application n Cryptography Else, return probable (pseudo) prime. Public Key Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  21. Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Exercises Background Basic Concepts in Complexity Theory Complexity for computation of Jacobi /Legendre Symbol. Some Number Theoretic & Algebraic Algorithms Complexity for finding square root of Quadratic Residue Some Computational Hard Problems and Modulo p . their Application Cryptography Complexity for getting solution the system of linear Public Key congruences using Chinese Remainder Theorem. Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  22. Important Topics of Finite Fields Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Irreducible and Primitive Polynomials, and methods for Basic Concepts in Complexity Theory testing them. Some Number Theoretic & Algebraic Construction of Finite Fields and Basis Algorithms Some Computational Hard Problems and Arithmetic over Finite Fields their Application Cryptography Factorization of polynomial over finite fields Public Key Cryptography Combinatorial Problems over Finite Fields Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  23. Field Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Definition Background Basic Concepts in A field ( F , + , · ) consists of a set F along with 2 binary operations Complexity Theory Some Number + & · on F satisfying the following conditions Theoretic & Algebraic Algorithms Some Computational Hard Problems and i. ( F , +) is a commutative group, their Application Cryptography ii. ( F \ { 0 } , · ) is also a commutative group and Public Key iii. The operation · is distributive over + . Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  24. Finite Fields Public Key Cryptography Indivar Gupta A finite field is a field F which contains a finite number of SAG, DRDO, Delhi elements. If F is a finite field, then F contains p m elements for some Background Basic Concepts in Complexity Theory prime p and integer m ≥ 1. Some Number Theoretic & Algebraic For every prime power order p m , there is a ! finite field of Algorithms Some Computational Hard Problems and order p m . This field is denoted by F p m , or sometimes by their Application GF ( p m ) . Cryptography Public Key For m = 1 , F p or GF ( p ) is a field. If p is a prime then Z p is a Cryptography Diffie Hellman Key field. Exchange Protocol F p ∼ = GF ( p ) ∼ Public Key = Z p . Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  25. Construction of Finite Field of Order p m Public Key First select an irreducible polynomial f ( x ) ∈ Z p [ x ] of degree Cryptography m . Indivar Gupta SAG, DRDO, The ideal < f ( x ) > is e a maximal ideal. Delhi Then Z p [ x ] / < f ( x ) > is a finite field of order p m . Background For each m ≥ 1, ∃ a monic irreducible polynomial of degree Basic Concepts in Complexity Theory m over Z p . Some Number Theoretic & Algebraic Algorithms Hence, every finite field has a polynomial basis Some Computational Hard Problems and representation. their Application Cryptography Theorem Public Key Cryptography The number of monic irreducible polynomials in F q [ x ] of degree n Diffie Hellman Key Exchange Protocol is given by Public Key Cryptosystems 1 RSA & ElGamal � µ ( d ) q n / d , Elliptic Curve n Cryptography Other Public Key d | n Cryptosystems: Post Quantum where µ is Möbius function. Elliptic Curve Cryptography

  26. Finite Fields GF ( 2 3 ) Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Consider an irreducible polynomial x 3 + x + 1 over GF ( 2 ) Background Basic Concepts in Complexity Theory GF ( 2 )[ x ] / < x 3 + x + 1 > = Some Number Theoretic & Algebraic { 0 , 1 , x , x + 1 , x 2 , x 2 + 1 , x 2 + x , x 2 + x + 1 } Algorithms Some Computational Hard Problems and One to one correspondence between GF ( 2 3 ) and Z 8 . their Application Cryptography Similarly, GF ( 2 3 ) maps all of the polynomials over GF ( 2 ) to Public Key the 8 polynomials shown above. Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  27. Finite Field Basis I Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi ✑ GF ( p m ) is a vector space over GF ( P ) of dimension m . Background ✑ Any set of m Linearly Independent elements can be used as a Basic Concepts in Complexity Theory Some Number basis. Theoretic & Algebraic Algorithms Some Computational Hard Problems and their Application 1 Polynomial Basis: If α is roots of generating polynomial f ( x ) = 0 with GF ( P m ) ⋆ = < α > then { 0 , α 0 , α 1 , · · · α n − 1 } Cryptography Public Key will be basis of GF ( p m ) . Cryptography Diffie Hellman Key 2 Normal Basis: : Basis of the form { α, α p , · · · α p m − 1 } is called Exchange Protocol Public Key Cryptosystems normal basis, where α is a normal element. RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  28. Finite Field Basis II Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Basic Concepts in Complexity Theory Some Number Theoretic & Algebraic Algorithms Some Computational Hard Problems and their Application Cryptography Public Key Cryptography Diffie Hellman Key Figure: Representation of GF ( 2 3 ) , f ( x ) = x 3 + x + 1 Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  29. Complexity of Arithmetic Operations in F p m 5 Public Key Cryptography Complexity wrt Polynomial Basis Representation Indivar Gupta Operations Complexity in terms SAG, DRDO, Delhi of Z p -operations ( g ( x ) + h ( x )) mod f ( x ) O ( m ) Background Addition Basic Concepts in ( g ( x ) + h ( x )) mod f ( x ) O ( m ) Subtraction Complexity Theory Some Number O ( m 2 ) ( g ( x ) . h ( x )) mod f ( x ) Multiplication Theoretic & Algebraic g ( x ) − 1 mod f ( x ) Algorithms O ( m 2 ) Inversion Some Computational g ( x ) k mod f ( x ) , k < p m Hard Problems and O ((log p ) m 3 ) Exponentiation their Application * f ( x ) is irreducible polynomial of degree m . Cryptography Public Key Cryptography Exercises Diffie Hellman Key Exchange Protocol Public Key Cryptosystems Running time complexity of Extended Euclidean Algorithm RSA & ElGamal Elliptic Curve in Z p [ x ] Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve 5 Chapter 2, [2] Cryptography

  30. Hard Problems and One-way Function I Public Key PKC is based on Cryptography Indivar Gupta SAG, DRDO, Mathematical problems believed to be hard to solve. Delhi Hard means computationally infeasible Background Hard=2 128 or more operations : ECC-256, Basic Concepts in Complexity Theory Trapdoor one-way function Some Number Theoretic & Algebraic Algorithms Some Computational Hard Problems and their Application Cryptography Public Key Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  31. Hard Problems and One-way Function II Definition (One-way Function) Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Basic Concepts in Complexity Theory Some Number Theoretic & Algebraic Algorithms Easy: There exists a polynomial-time algorithm that gives Some Computational Hard Problems and y = f ( x ) . their Application Cryptography Hard: For given any y = f ( x ) it is computationally infeasible to Public Key find x . Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  32. Hard Problems and One-way Function III Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Definition (trapdoor one-way function) Basic Concepts in Complexity Theory Some Number A trapdoor one-way function is a one-way function with the Theoretic & Algebraic Algorithms additional property that given some extra information (called the Some Computational Hard Problems and their Application trapdoor information) it becomes feasible to find for any given Cryptography y ∈ Im ( f ) , an x ∈ X such that f ( x ) = y . Public Key Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  33. Some Computationally Hard Problems I Public Key Cryptography Integer factorization (RSA) Indivar Gupta Subset sum problem (Knapsack) SAG, DRDO, Delhi Quadratic Residuosity Problem (Rabin) Background Basic Concepts in DLP in finite fields (El Gamal) Complexity Theory Some Number Theoretic & Algebraic DLP in elliptic curve over finite fields (ECC) (ElGamal, ECIES, Algorithms Some Computational ECDSA) Hard Problems and their Application CDHP, DDHP, GDHP, GDLP Cryptography Public Key Conjugacy Search Problem Cryptography Diffie Hellman Key Exchange Protocol Group action and Semi-group action problem Public Key Cryptosystems BDHP (Joux Protocol) RSA & ElGamal Elliptic Curve Cryptography Factorization with Discrete Logarithm Problem (Over Group Ring) Other Public Key Cryptosystems: Post Quantum Discrete logarithm with conjugacy Search Problem Elliptic Curve Cryptography

  34. Some Computationally Hard Problems II Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Solving system of multivariate polynomial equations over finite fields and isomorphism of polynomials (HFE, Sflash, Quartz) Background Basic Concepts in Complexity Theory Decoding Problem: GBD/GD (Code based Cryptography: Some Number Theoretic & Algebraic McEliece’s Crypto-system) Algorithms Some Computational Hard Problems and Lattice basis reduction (NTRU, FALCON) their Application Cryptography Hash Based PKC (Gravity-SPHINCS), PICNIC, SPHINCS+ Public Key Cryptography Computational Supersingular Isogeny Problem Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  35. Integer factorization (RSA) Public Key N = Large Composite Integer. IFP: Find factor of N . Cryptography Indivar Gupta Sub-exponential Algorithms SAG, DRDO, Delhi Methods Running Time Background √ Basic Concepts in � � T ( CFRAC ) = O ( L N ( 1 / 2 , 2 ) Continued Fraction Complexity Theory Some Number Method Theoretic & Algebraic Algorithms Some Computational T ( ECM ) = Lenstra’s Elliptic Curve Hard Problems and √ their Application � 2 ) . (log N ) 2 ) � L p ( 1 / 2 , Method O √ Cryptography � � T ( MPQS ) = O L N ( 1 / 2 , 3 / 2 2 ) Multiple Polynomial Public Key Cryptography Quadratic Field Sieve Diffie Hellman Key Exchange Protocol Method Public Key Cryptosystems � � � T ( GNFS ) = O L N ( 1 / 3 , 3 64 / 9 ) General Number Field RSA & ElGamal Elliptic Curve Sieve Method Cryptography Other Public Key � � � Cryptosystems: Post T ( SNFS ) = O L N ( 1 / 3 , 3 32 / 9 ) Special Number Field Quantum Sieve Method Elliptic Curve Cryptography

  36. Integer factorization (RSA) Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Other Integer Factorization Algorithms (Exponential) Background Basic Concepts in Complexity Theory Some Number Methods Running Time Theoretic & Algebraic Algorithms 1 3 + ǫ ) Lehman’s Method O ( N Some Computational Hard Problems and their Application 1 4 ) Shanks’ Square Form O ( N Cryptography Factorization Number Public Key Cryptography 1 5 + ǫ ) O ( N Shanks’ Class Group Diffie Hellman Key Exchange Protocol Method Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  37. DLP in finite fields (El Gamal) Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Basic Concepts in Complexity Theory Definition (Discrete Logarithm Problem (DLP)) Some Number Theoretic & Algebraic Algorithms Given y ∈ G , The DLP in G is to find the unique x ∈ Z N such that y = g x . Some Computational Hard Problems and their Application Such an x is called the discrete log of y with respect to base g . Cryptography Public Key Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  38. DLP in finite fields (El Gamal) Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Algorithm for Solving DLP Background Basic Concepts in Methods Running Time / Space Complexity Theory √ Some Number Theoretic & Algebraic O ( N log N ) Shanks’ Baby-Step Giant- (group Opera- √ Algorithms Some Computational tions) / O ( N ) Step Algorithm Hard Problems and their Application √ p i )) O ( � i = k i = 1 α i (log N + Silver-Pohlig-Hellman, Cryptography N = � i = k i = 1 p α 1 (group Operations) /Compara- Public Key i Cryptography ble Diffie Hellman Key √ Exchange Protocol Pollard’s Rho O ( N ) (group Operations) Public Key Cryptosystems /Negligible RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  39. DLP in finite fields (El Gamal) Public Key Cryptography Indivar Gupta SAG, DRDO, Algorithm for Solving DLP Delhi Background � � Adleman’s Index Calculus O L p ( 1 / 2 , c ) Basic Concepts in Complexity Theory Algorithm for F ⋆ Some Number p Theoretic & Algebraic � � L p ( 1 / 2 , c ) Algorithms Coppersmith et al Algo (for O ( c is smaller than Adle- Some Computational F ⋆ Hard Problems and p ) man’s Algo) their Application � � L q ( 1 / 2 , c ) Index Calculus Algorithm O Cryptography for GF ( q ) : q = p m Public Key Cryptography � � L 2 m ( 1 / 3 , c ) Coppersmith Index Calculus O Diffie Hellman Key Algorithm for GF ( 2 m ) Exchange Protocol Public Key Cryptosystems � � , c = ( 64 / 9 ) 1 / 3 L q ( 1 / 3 , c ) General Number Field Sieve O RSA & ElGamal Algorithm (for GF ( q ) ) Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  40. Outline Public Key 1 Background Cryptography Basic Concepts in Complexity Theory Indivar Gupta SAG, DRDO, Some Number Theoretic & Algebraic Algorithms Delhi Some Computational Hard Problems and their Application Background Basic Concepts in Complexity Theory 2 Cryptography Some Number Theoretic & Algebraic Algorithms 3 Public Key Cryptography Some Computational Hard Problems and Diffie Hellman Key Exchange Protocol their Application Cryptography Public Key Cryptosystems Public Key RSA & ElGamal Cryptography Diffie Hellman Key Elliptic Curve Cryptography Exchange Protocol Public Key Other Public Key Cryptosystems: Post Quantum Cryptosystems RSA & ElGamal Elliptic Curve 4 Elliptic Curve Cryptography Cryptography Other Public Key Cryptosystems: Post 5 Open Source Libraries Quantum Elliptic Curve Cryptography

  41. Cryptography for Secure Communication Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Input Encoding Compression Input Encoding Compression Background Basic Concepts in Complexity Theory Some Number Key Encryption Theoretic & Algebraic Text, Speech, Key Text, Speech, Encryption Algorithms Some Computational Fax, Image Fax, Image Hard Problems and their Application Cryptography Steganography Public Key Wireless Wireless Cryptography or wired or wired Diffie Hellman Key Exchange Protocol Public Key Cryptosystems Modulation Error Control Modulation Error Control RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  42. Cryptography for Secure Communication Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Example Background Input to Source Basic Concepts in Text ⇒ ASCII Complexity Theory Some Number Theoretic & Algebraic Text Speech ⇒ PCM Algorithms Some Computational Hard Problems and Speech Picture/Movie ⇒ JPEG, their Application Cryptography MPEG Picture/Movie Public Key FAX ⇒ Modified Huffman Cryptography Fax Diffie Hellman Key Coding Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  43. Cryptology Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Cryptography Design of algorithms, systems, protocols which are Basic Concepts in Complexity Theory used to protect information against specific threats. PRIVACY, Some Number AUTHENTICATION, INTEGRITY & NON-REPUDIATION. Theoretic & Algebraic Algorithms Some Computational Hard Problems and Cryptanalysis Evolving mathematical methods to check if the their Application specified cryptographic design achieves the desired security goal. Cryptography It is a science which deals with how to defeat of achieving Public Key Cryptography ‘ Security Goals ’. Diffie Hellman Key Exchange Protocol Cryptology = Cryptography + Cryptanalysis Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  44. Cryptology I Public Key Cryptography Indivar Gupta Symmetric Key Crypto : → Alice and Bob both agree on SAG, DRDO, Delhi common key. Background Public Key Crypto : → PKC use a pair of keys − → public key, Basic Concepts in Complexity Theory private key. Computing the private key form public key has to be Some Number Theoretic & Algebraic intractable. Algorithms Some Computational Hard Problems and Hash Function: → function that maps a bit string of arbitrary their Application length into an output of fixed number of bits, called message digest Cryptography or hash value. Public Key Cryptography Diffie Hellman Key Digital Signature: A digital signature is a data string which Exchange Protocol Public Key associates a message (in digital form) with some originating entity. Cryptosystems RSA & ElGamal Non-repudiation: An entity should not be allowed to deny valid Elliptic Curve Cryptography signatures made by him. Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  45. Cryptology II Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Data Origin Authentication /Message-Authentication: Background Basic Concepts in techniques provide to receiver which receives a message assurance Complexity Theory Some Number of the identity of the party which originated the message. Theoretic & Algebraic Algorithms Some Computational Entity Authentication/Identification: Alice proves her identity to Hard Problems and their Application Bob. Alice demonstrates to Bob her knowledge of a secret piece of Cryptography information. Public Key Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  46. Outline Public Key 1 Background Cryptography Basic Concepts in Complexity Theory Indivar Gupta SAG, DRDO, Some Number Theoretic & Algebraic Algorithms Delhi Some Computational Hard Problems and their Application Background Basic Concepts in Complexity Theory 2 Cryptography Some Number Theoretic & Algebraic Algorithms 3 Public Key Cryptography Some Computational Hard Problems and Diffie Hellman Key Exchange Protocol their Application Cryptography Public Key Cryptosystems Public Key RSA & ElGamal Cryptography Diffie Hellman Key Elliptic Curve Cryptography Exchange Protocol Public Key Other Public Key Cryptosystems: Post Quantum Cryptosystems RSA & ElGamal Elliptic Curve 4 Elliptic Curve Cryptography Cryptography Other Public Key Cryptosystems: Post 5 Open Source Libraries Quantum Elliptic Curve Cryptography

  47. Introduction Public Key Cryptography Indivar Gupta SAG, DRDO, PKC developed by Diffie-Hellman and Merkle in the mid Delhi 1970s. Background Basic Concepts in In PKC, each user has pair of keys: Private Key and Public Complexity Theory Some Number Key. Theoretic & Algebraic Algorithms Some Computational Every one has access to the public key but private Hard Problems and their Application information can be accessed by only the owner. Cryptography PKC depends on computationally hard problems that prevent Public Key Cryptography inverting the public map. Diffie Hellman Key Exchange Protocol Computing the private key form public key has to be Public Key Cryptosystems RSA & ElGamal intractable. Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  48. Public-Key Cryptosystems Public Key Cryptography Public Key Cryptosystem CS is a five-tuple Indivar Gupta SAG, DRDO, CS = ( P , C , K , E , D ) Delhi Background Basic Concepts in Complexity Theory Some Number P : Plaintext Space, C : Ciphertext Space Theoretic & Algebraic Algorithms Some Computational K : Key Space Hard Problems and their Application E : Encryption Rule, D : Decryption Rule Cryptography Public Key E e : P → C , E e ( M ) = C , D d : P → C , D d ( C ) = M Cryptography ( e , d ) ∈ K , E ∈ E , D ∈ D . Diffie Hellman Key Exchange Protocol Public Key It is computationally infeasible to compute d from e . Cryptosystems RSA & ElGamal Elliptic Curve D d ( E e ( M )) = M . Cryptography Other Public Key Cryptosystems: Post E and D operations should be efficiently computable. Quantum Elliptic Curve Cryptography

  49. Advantages and Disadvantages of PKC Public Key Cryptography Indivar Gupta Key Security: Only private key needs to be kept secret. SAG, DRDO, Delhi Longevity: Key pairs may be used without change in most Background cases over long period of time. Basic Concepts in Complexity Theory Key Management: In a large network fewer private keys Some Number Theoretic & Algebraic will be required. Algorithms Some Computational Hard Problems and Key-exchange: No key exchange is required their Application Cryptography Digital Signature: The greatest advantage of PKC. Public Key Cryptography Performance: It is slow, in general. Diffie Hellman Key Exchange Protocol Dependency: Role of CA, require PKI. Public Key Cryptosystems System Security: Depends on well-defined computational RSA & ElGamal Elliptic Curve Cryptography hard problems. Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  50. k is the shared secret key b mod p p a large prime a - a generator of Z p * Unsecured Channel x a mod p y A x B y y x k º (a ) mod p x y k º (a ) mod p Diffie Hellman Key Exchange Protocol I Diffie Hellman Key Exchange Protocol Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Basic Concepts in Complexity Theory Some Number Theoretic & Algebraic Algorithms Some Computational Hard Problems and their Application Cryptography Public Key Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  51. Diffie Hellman Key Exchange Protocol Public Key Cryptography Indivar Gupta SAG, DRDO, Knowing α, α x and α y (but neither x nor y ) it is hard to find Delhi α xy . Background Basic Concepts in Complexity Theory This is as secure as discrete log is intractable. Some Number Theoretic & Algebraic Algorithms Idea of this protocol: The enciphering key can be made Some Computational Hard Problems and public since it is computationally infeasible to obtain the their Application deciphering key from enciphering key. Cryptography Public Key This protocol is the door-opener to Public Key Cryptography Diffie Hellman Key Cryptography. Exchange Protocol Public Key Cryptosystems ✑ Security: CDHP RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  52. Public Key Encryption Schemes Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Basic Concepts in Setup Complexity Theory Some Number Theoretic & Algebraic Key Generation Algorithm Algorithms Some Computational Hard Problems and Encryption their Application Cryptography Decryption Public Key Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  53. RSA Cryptosystem Public Key Cryptography Indivar Gupta SAG, DRDO, Key Generation Delhi Background The first task is to select n . n is normally very large (approx Basic Concepts in 308 digits) which is a product of two large primes p and q . Complexity Theory Some Number Theoretic & Algebraic Next a large integer e is chosen such that e is relatively prime Algorithms Some Computational Hard Problems and to φ ( n ) . e is usually picked as a prime larger than both their Application ( p − 1 ) and ( q − 1 ) . Cryptography Public Key Next d is selected in such a way that: e . d ≡ 1 mod φ ( n ) . Cryptography Diffie Hellman Key n and e are made public. Exchange Protocol Public Key Cryptosystems p , q and d are kept private. RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  54. Encryption and Decryption Public Key Cryptography Indivar Gupta SAG, DRDO, Encryption Delhi A obtains B’s public key Background Basic Concepts in Message m is an integer in the interval [ 1 , n − 1 ] . Complexity Theory Some Number Compute c ≡ m e mod n . Theoretic & Algebraic Algorithms Some Computational Hard Problems and Send the cipher text c to B. their Application Cryptography Decryption Public Key To recover plaintext m from c , B uses his private key d to Cryptography recover m ≡ c d mod n . Diffie Hellman Key Exchange Protocol Public Key Cryptosystems ✑ Security: IFP RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  55. Example Public Key Suppose A wants to send the following message to B Cryptography Indivar Gupta SAG, DRDO, powera Delhi Background Let B chooses his n = 1943 = 29 . 67. Then φ ( n ) = 1848 . Basic Concepts in Suppose he picks e = 701, then d = 29 . ∵ 26 2 < n < 26 3 , Complexity Theory Some Number Theoretic & Algebraic therefore the block size of the plaintext = 2 . Algorithms Some Computational Hard Problems and m 1 = po = 15 . 26 + 14 = 404 , m 2 = we = 22 . 26 + 4 = their Application Cryptography 576 , m 3 = ra = 17 . 26 + 0 = 42 . Public Key c 1 = 404 701 ≡ 1419 ( mod 1943 ) . Similarly, A can Cryptography Diffie Hellman Key calculate c 2 = 344 & c 3 = 210 . Exchange Protocol Public Key Now c 1 = 1419 = 2 . 26 2 + 2 . 26 + 15 = ccp , c 2 = 344 = Cryptosystems RSA & ElGamal Elliptic Curve 13 . 26 + 6 = ng & c 3 = 210 = 8 . 26 + 2 = ic Therefore the Cryptography Other Public Key cipher text is Cryptosystems: Post Quantum ccpngic Elliptic Curve Cryptography

  56. RSA Signature Scheme Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Basic Concepts in Setup Complexity Theory Some Number Theoretic & Algebraic Key Generation Algorithm Algorithms Some Computational Hard Problems and Signature Generation their Application Cryptography Signature Verification Public Key Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  57. RSA Signature Scheme Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Setup: common parameters: security level, hash Background ( h : { 0 , 1 } ∗ − → Z n ). Basic Concepts in Complexity Theory Some Number Key Generation Algorithm : Public Key of Signer ( n , e ) , Theoretic & Algebraic Algorithms Some Computational private key d . Hard Problems and their Application Signature Generation: s = h ( m ) d mod n . Cryptography m = s e mod n , verify that Public Key Signature Verification: ˜ Cryptography ˜ m = h ( m ) , if not reject the signature. Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  58. Discrete Log: ElGamal Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Key Generation Background Basic Concepts in First choose a large prime p such that the DLP is infeasible in Complexity Theory Some Number ( Z ∗ p , . ) . Theoretic & Algebraic Algorithms Some Computational Select a primitive element α of ( Z ∗ p , . ) . Hard Problems and their Application Pick a random integer a ( 1 < a < p − 1 ) and compute Cryptography β ≡ α a ( modp ) . Public Key Cryptography Diffie Hellman Key Public Para = ( p , α ) , Public Key = β and Private key = a . Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  59. Encryption and Decryption Public Key Cryptography Indivar Gupta SAG, DRDO, Encryption Delhi A obtains B’s public information ( p , α, β ) . Background Basic Concepts in He represents the message m as an integer in Z ∗ p . Complexity Theory Some Number Theoretic & Algebraic He chooses a random integer k in [ 2 , p − 2 ] . Algorithms Some Computational Hard Problems and Compute c = ( c 1 , c 2 ) ∈ Z ∗ p × Z ∗ p , where c 1 ≡ α k ( their Application mod p )& c 2 ≡ m β k ( mod p ) . Cryptography Public Key Decryption Using B’s private key, he decrypts the ciphertext Cryptography Diffie Hellman Key 1 ) − 1 ( mod p ) . c = ( c 1 , c 2 ) by calculating m ≡ c 2 ( c a Exchange Protocol Public Key Cryptosystems ✑ Security: DLP RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  60. Example of ElGamal Public Key Let p = 2579 and α = 2, α is a primitive element Cryptography mod 2579. Indivar Gupta SAG, DRDO, Delhi Let a = 765 then β ≡ 2 765 ( mod 2579 ) ≡ 949 ( mod 2579 ) . Background Basic Concepts in Therefore the public key of B = ( 2579 , 2 , 949 ) and private Complexity Theory Some Number Theoretic & Algebraic key is 765 . Algorithms Some Computational m = 1299 Hard Problems and their Application Cryptography Now suppose A wants to send the message m = 1299 to B Public Key and A picks the random integer k = 853 . Cryptography Then A computes c 1 ≡ 2 853 mod 2579 ≡ 435 mod 2579 Diffie Hellman Key Exchange Protocol and c 2 ≡ 1299 . 949 853 mod 2579 ≡ 2396 ( mod 2579 ) . Public Key Cryptosystems RSA & ElGamal Therefore, the ciphertext of A is Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum C = ( 435 , 2396 ) . Elliptic Curve Cryptography

  61. Digital Signature Algorithm (DSA) Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi ✑ Adopted by NIST in 1994 Background Setup: common parameters: security level, hash Basic Concepts in Complexity Theory ( h : { 0 , 1 } ∗ − Some Number → Z q ). Theoretic & Algebraic Algorithms Key Generation Algorithm: Some Computational Hard Problems and their Application 1 Select primes p , q with q / ( p − 1 ) Cryptography p such that g q = 1 mod p 2 select g � = 1 ∈ Z ⋆ Public Key 3 Select x ∈ Z q and compute y = g x mod p Cryptography 4 public key ( p , q , g , y ) , secret key x Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  62. Digital Signature Algorithm (DSA) Public Key Cryptography Indivar Gupta SAG, DRDO, Signature Generation Delhi 1 Choose k ∈ Z ⋆ q , Background 2 Compute r = ( g k mod p ) mod q Basic Concepts in Complexity Theory 3 s = k − 1 ( H ( m ) + xr ) mod q Some Number Theoretic & Algebraic 4 Output the signature σ = ( s , r ) Algorithms Some Computational Hard Problems and their Application Signature Verification: Cryptography 1 Check if r , s ∈ { 1 , . . . , q − 1 } , otherwise reject signature Public Key 2 set w = s − 1 mod q , u 1 = H ( m ) w mod q , u 2 = rw mod q Cryptography 3 Compute v = ( g u 1 y u 2 mod p ) mod q Diffie Hellman Key Exchange Protocol Public Key 4 Accept sign if v = r mod q , and reject otherwise. Cryptosystems RSA & ElGamal Elliptic Curve ✑ Security: DLP Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  63. RSA Factoring Challanges 7 Public Key Factorization of Giver Number Cryptography Indivar Gupta Started by RSA Laboratories: March 1991, Ended: 2009 SAG, DRDO, Delhi RSA-768 factored in Dec 2009 Background A lot of research have been carried out to factor RSA number Basic Concepts in beyond 768-bit. 6 Complexity Theory Some Number Theoretic & Algebraic RSA-768= 12301866845301177551304949583849627207728535695953347 Algorithms Some Computational 92197322452151726400507263657518745202199786469389956 Hard Problems and their Application 47494277406384592519255732630345373154826850791702612 21429134616704292143116022212404792747377940806653514 Cryptography 19597459856902143413 Public Key Cryptography Diffie Hellman Key p = 33478071698956898786044169848212 Exchange Protocol 6908177047949837137685689124313889828837938780022 Public Key Cryptosystems 87614711652531743087737814467999489 RSA & ElGamal × q = 3674604366679959042824463379962795 Elliptic Curve Cryptography 2632279158164343087642676032283815739666511279233 Other Public Key 373417143396810270092798736308917 Cryptosystems: Post Quantum 6 Cryptology ePrint Archive: http://eprint.iacr.org/2010/006 Elliptic Curve 7 https://en.wikipedia.org/wiki/RSA_Factoring_Challenge Cryptography

  64. RSA Factoring Record: Feb 2020 Public Key Cryptography Indivar Gupta RSA-250 has 250 decimal digits (829 bits), and was factored in SAG, DRDO, February 2020 by Fabrice Boudot, Pierrick Gaudry, Aurore Delhi Guillevic, Nadia Heninger, Emmanuel Thome, and Paul Background Basic Concepts in Zimmermann Complexity Theory RSA-250 21403246502407449612644230728393335630086147151447550177 Some Number Theoretic & Algebraic (829)= 97754920881418023447140136643345519095804679610992851872 Algorithms Some Computational 47091458768739626192155736304745477052080511905649310668 Hard Problems and 76915900197594056934574522305893259766974716817380693648 their Application 94699871578494975937497937 Cryptography Public Key p = 64135289477071580278790190170577389084825014742943 Cryptography 4472081168596320245323446302386235987526683477087376619255 Diffie Hellman Key Exchange Protocol 85694639798853367 Public Key × q = 3337202759497815655622601060535511422794076034 Cryptosystems RSA & ElGamal 47675546667845209870238417292100370802574486732968818775657 Elliptic Curve 18986258036932062711 Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  65. Post Quantum Cryptography Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi If quantum computers are available then Shor’s algorithm runs in polynomail time to solve Background Basic Concepts in Integer factorization problem Complexity Theory Some Number DLP in finite fields & DLP on elliptic curves Theoretic & Algebraic Algorithms DLP in general class groups Some Computational Hard Problems and their Application The following PKC will be dead: RSA, DLP /ECDLP based Cryptography Cryptosystems Public Key Cryptography Cryptography that will be resistant to attack by quantum Diffie Hellman Key Exchange Protocol computer is known as Post Quantum Cryptography Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  66. Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Definition (Lattices) Background A lattices is defined as the set of all integer combinations of n Basic Concepts in Complexity Theory linearly independent vectors b 1 , · · · , b n : Some Number Theoretic & Algebraic Algorithms Some Computational � i = n Hard Problems and � their Application � L ( b 1 , · · · , b n ) = x i b i : x i ∈ Z for 1 ≤ i ≤ n . Cryptography i = 1 Public Key Cryptography The set of vectors b 1 , · · · , b n is called a basis for the lattice. Diffie Hellman Key Exchange Protocol B = [ b 1 , · · · , b n ] Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  67. Lattice basis reduction (NTRU) Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Lattice Problems Background Basic Concepts in Shortest Vector Problem (SVP): Given a lattice basis B , find Complexity Theory Some Number the shortest non zero vector in L ( B ) . Theoretic & Algebraic Algorithms Some Computational Closest Vector Problem (CVP): Given a lattice basis B and a Hard Problems and their Application target vector t (not necessarily in the lattice), find the lattice Cryptography point v closest to t . Public Key Cryptography Fact: SVP and CVP are NP-hard Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  68. Solving System of Multivariate Polynomial Equations Over Finite Field Public Key Cryptography Indivar Gupta SAG, DRDO, Definition ( MQ Problem) Delhi Background Solve the system p 1 ( x ) = p 2 ( x ) = · · · = p m ( x ) , where each p i is a Basic Concepts in Complexity Theory quadratic in x . All coefficients and variables are in = ˛ F q , the field Some Number Theoretic & Algebraic with q elements. Algorithms Some Computational Hard Problems and their Application Multivariate Public Key Cryptography is based on hardness Cryptography of MQ . Public Key Cryptography MQ is an NP-Hard Problem Diffie Hellman Key Exchange Protocol Public Key HFE, Sflash, Quartz Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  69. Decoding Problem: GBD/GD Public Key Cryptography Indivar Gupta SAG, DRDO, Definition (Goppa Bounded Decoding (GBD) Problem) Delhi Instance: An r × n binary matrix H and word s ∈ F r 2 . Background Question: Is there a word e in F n Basic Concepts in 2 of weight ≤ r / log 2 n such that Complexity Theory He T = s ? Some Number Theoretic & Algebraic Algorithms Some Computational Hard Problems and their Application Definition (Goppa Code Distinguishing (GD) Problem) Cryptography Instance: An r × n binary matrix H . Public Key Cryptography Question: Does H belong to G n , t for some t . Here G n , t denotes the Diffie Hellman Key Exchange Protocol set of all parity check matrices of t -error correcting binary Goppa Public Key Cryptosystems codes of length n . RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  70. Decoding Problem: GBD/GD Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi GBD and GD problem are NP-hard. In fact these problems Background are exponential. Basic Concepts in Complexity Theory Security of Code based Cryptography are based on hardness Some Number Theoretic & Algebraic Algorithms of GBD/GD problem. Some Computational Hard Problems and Examples: McEliece’s Cryptosystem and Niederreiter. their Application Cryptography Cryptanalytic Attacks: not susceptible to all known attacks Public Key Cryptography Key Size: Very Large Diffie Hellman Key Exchange Protocol Encryption/Decryption Speed: Reasonable Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  71. Outline Public Key 1 Background Cryptography Basic Concepts in Complexity Theory Indivar Gupta SAG, DRDO, Some Number Theoretic & Algebraic Algorithms Delhi Some Computational Hard Problems and their Application Background Basic Concepts in Complexity Theory 2 Cryptography Some Number Theoretic & Algebraic Algorithms 3 Public Key Cryptography Some Computational Hard Problems and Diffie Hellman Key Exchange Protocol their Application Cryptography Public Key Cryptosystems Public Key RSA & ElGamal Cryptography Diffie Hellman Key Elliptic Curve Cryptography Exchange Protocol Public Key Other Public Key Cryptosystems: Post Quantum Cryptosystems RSA & ElGamal Elliptic Curve 4 Elliptic Curve Cryptography Cryptography Other Public Key Cryptosystems: Post 5 Open Source Libraries Quantum Elliptic Curve Cryptography

  72. Introduction to Elliptic Curve I Public Key Cryptography An elliptic curve E over a field K is a non-singular cubic Indivar Gupta SAG, DRDO, curve in two variables, f ( x , y ) = 0 together with an extra Delhi point the point at infinity . Background The field K is usually taken to be the complex, real, rational, Basic Concepts in Complexity Theory algebraic extensions of rational or a finite field . Some Number Theoretic & Algebraic Algorithms Elliptic curves groups for cryptographic applications are Some Computational Hard Problems and their Application examined with the underlying finite fields of characteristic Cryptography p (where p > 3 is a prime) i.e F p m and fields of characteristic Public Key 2 i.e. F 2 m . Cryptography Diffie Hellman Key Exchange Protocol The “standard elliptic curve”has the form: Public Key Cryptosystems RSA & ElGamal y 2 = x 3 + ax + b Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum for some fixed a and b . Elliptic Curve Cryptography

  73. Introduction to Elliptic Curve II Public Key Examples for Characteristic 0: Cryptography Indivar Gupta y 2 = x 3 − 1 y 2 = x 3 + 1 SAG, DRDO, Delhi Background Basic Concepts in Complexity Theory Some Number Theoretic & Algebraic Algorithms Some Computational Hard Problems and their Application Cryptography y 2 = x 3 − 3 x + 3 Public Key y 2 = x 3 − 4 x Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  74. Elliptic Curve Generalized Form: An elliptic curve E over a field K is defined by a Public Key Cryptography Weiestrass equation: E : y 2 + a 1 xy + a 3 y = x 3 + a 2 x 2 + a 4 x + a 6 , Indivar Gupta a i ∈ K together with a point O called point at infinity . SAG, DRDO, Delhi E / K - if a 1 , a 2 , a 3 , a 4 , a 6 ∈ K Background E ( K ) the set of K - rational points of E , with the point O . Basic Concepts in Complexity Theory E ( K ) = { ( x , y ) ∈ K 2 : y 2 + a 1 xy + a 3 y = x 3 + a 2 x 2 + a 4 x + a 6 }∪{O} . Some Number Theoretic & Algebraic Algorithms (1) Some Computational Hard Problems and their Application we define some constants: Cryptography b 2 = a 2 1 + 4 a 2 , b 4 = a 1 a 3 + 2 a 4 , b 6 = a 2  3 + 4 a 6 ,  Public Key b 8 = a 2 1 a 6 + 4 a 2 a 6 − a 1 a 2 a 4 − a 2 a 2 3 − a 2 4 , Cryptography c 4 = b 2 2 − 24 b 4 , c 6 = − b 3 2 + 36 b 2 b 4 − 216 b 6 . Diffie Hellman Key  Exchange Protocol Public Key discriminant ∆ = − b 2 2 b 8 − 8 b 3 4 − 27 b 2 6 + 9 b 2 b 4 b 6 . Cryptosystems RSA & ElGamal Elliptic Curve ( K ) � = 2, 3, ∆ = ( c 3 4 − c 2 6 ) / 1728. Cryptography Other Public Key The curve f ( x , y ) = 0 is non singular iff at least one of ∂ f ∂ x , ∂ f Cryptosystems: Post ∂ y � = 0. Quantum Equivalent condition is Discriminant ∆ � = 0. Elliptic Curve Cryptography

  75. Let E be an elliptic curve given by a Weierstrass equation. Then Public Key Cryptography ( E , +) is an abelian group with identity element O and E ( K ) is a subgroup of E . Indivar Gupta SAG, DRDO, Delhi P ( x 1 , y 1 ) and Q ( x 2 , y 2 ) be two points on a curve. the explicit Background formula for P + Q = ( x 3 , y 3 ) can be computed easily. If the curve Basic Concepts in Complexity Theory is defined in equation (1), then Some Number Theoretic & Algebraic Algorithms x 3 = λ 2 + a 1 λ − a 2 − x 1 − x 2 Some Computational (2) Hard Problems and their Application y 3 = − ( λ + a 1 ) x 3 − β − a 3 Cryptography Public Key where β = y 1 − λ x 1 and Cryptography Diffie Hellman Key Exchange Protocol Public Key  y 2 − y 1 if P � = Q , Cryptosystems  x 2 − x 1 RSA & ElGamal λ = Elliptic Curve 3 x 2 1 + 2 a 2 x 1 + a 4 − a 1 y 1 , if P = Q . Cryptography  2 y 1 + a 1 x 1 + a 3 Other Public Key Cryptosystems: Post Quantum Elliptic Curve − P = ( x 1 , − y 1 − a 1 x 1 − a 3 ) Cryptography

  76. Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Basic Concepts in Complexity Theory Some Number Theoretic & Algebraic Algorithms Some Computational Hard Problems and their Application Cryptography Public Key Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  77. Complexity Analysis Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Basic Concepts in Complexity Theory Some Number Theoretic & Algebraic Algorithms Some Computational Hard Problems and their Application Cryptography Public Key Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  78. Elliptic Curve based Cryptographic Schemes Public Key Koblitz (1987) and Miller (1985) first recommended the use of Cryptography elliptic-curve groups (over finite fields) in cryptosystems. Some Indivar Gupta SAG, DRDO, cryptographic schemes [6]: Delhi 1 Signature Scheme Background ECDSA Basic Concepts in Complexity Theory EC-KCDSA Some Number Theoretic & Algebraic Algorithms 2 Public Key Encryption Some Computational Hard Problems and their Application ElGamal Elliptic Curve Encryption. Cryptography Elliptic Curve Integrated Encryption (ECIES)(Bellare and Public Key Rogaway, Variant of ElGamal). Cryptography Provably Secure Encryption Curve Scheme(PSEC)-Fujisaki Diffie Hellman Key Exchange Protocol and Okamoto. Public Key Cryptosystems 3 Key Agreement RSA & ElGamal Elliptic Curve Cryptography Diffie-Hellman. Other Public Key Cryptosystems: Post Station-to-station (Diffie, Van Oorschot, Wiener). Quantum ECMQV (Menezes, Qu, Vanstone). Elliptic Curve Cryptography

  79. ElGamal Elliptic Curve Cryptosystem Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background ElGamal Cryptosystem Consists of: Basic Concepts in Complexity Theory Setup: Domain Parameters D = ( F p , E , P , n ) Some Number Theoretic & Algebraic Algorithms Key Generation Algorithm: Key Pair ( d , Q ) , where Q = d . P . Some Computational Hard Problems and their Application Encryption Algorithm: Ciphertext Cryptography Decryption Algorithm: Plaintext Public Key Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  80. Encryption Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Input: Elliptic curve domain parameters ( F p , E , P , n ) , public Background key Q = d . P , plaintext m . Basic Concepts in Complexity Theory Some Number Output: Ciphertext ( C 1 , C 2 ) Theoretic & Algebraic Algorithms 1 Represent the message m as a point M in E ( F p ) . Some Computational Hard Problems and their Application 2 Select random k ∈ [ 2 , n − 1 ] . Cryptography 3 Compute C 1 = k . P (scalar multiplication). Public Key 4 Compute C 2 = M + k . Q . Cryptography 5 Return ( C 1 , C 2 ) . Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  81. Decryption Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Background Basic Concepts in Input: Elliptic curve domain parameters ( F p , E , P , n ) , Complexity Theory Some Number private key d , ciphertext ( C 1 , C 2 ) . Theoretic & Algebraic Algorithms Some Computational Output: Plaintext m Hard Problems and their Application 1 Compute M = C 2 − d . C 1 . Cryptography 2 Return ( m ) . Public Key Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  82. Key Size Comparison: Public Key Cryptography Key sizes (in bits) recommended by the National Institute of Indivar Gupta SAG, DRDO, Standards and Technology (NIST) to protect keys used in (DES) Delhi and (AES) together with the key sizes for RSA, Diffie-Hellman Background and elliptic curves that are needed to provide equivalent security. 8 Basic Concepts in Complexity Theory Some Number Theoretic & Algebraic Algorithms Symmetric Key Size RSA and Diffie- Elliptic Curve Key Some Computational Hard Problems and their Application Hellman Key Size Size Cryptography 80 1024 160 Public Key 112 2048 224 Cryptography 128 3072 256 Diffie Hellman Key Exchange Protocol 192 7680 384 Public Key Cryptosystems 256 15360 512 RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve 8 https://www.nsa.gov/business/programs/elliptic_curve.shtm Cryptography

  83. ECC:Advantage Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Shorter Key Length translates to Background Basic Concepts in 1 Faster implementation Complexity Theory Some Number 2 Less power consumption Theoretic & Algebraic Algorithms 3 Less silicon area Some Computational Hard Problems and their Application Can be implemented in 8/16/32-bits microprocessor with Cryptography reasonable amount of security. Public Key Cryptography Can be implemented in Smart Card, PDA etc.. Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  84. Implementation of ECC Public Key Cryptography Indivar Gupta SAG, DRDO, Delhi Note: Basic necessity for implementation of ECC: a good Background Basic Concepts in finite filed library Complexity Theory Some Number Theoretic & Algebraic Choice of Finite Filed Algorithms Some Computational Hard Problems and Choice of Basis their Application Cryptography Choice of coordinate Systems Public Key Choice of methods for scaler multiplication Cryptography Diffie Hellman Key Exchange Protocol Public Key Cryptosystems RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  85. Certicom ECC CChallanges 9 Public Key Cryptography The Challenge is to compute the ECC private keys from the Indivar Gupta given list of ECC public keys and associated system SAG, DRDO, Delhi parameters Background Certicom Proposed two levels of challenges for elliptic Basic Concepts in curves over prime fields ( F p ) and elliptic over extension of Complexity Theory Some Number finite fields ( F 2 n ). Theoretic & Algebraic Algorithms Some Computational Level I level II Hard Problems and their Application 109-bit challenge Solved EECp- 163-bit challenge Cryptography 109 Solved in 2002 EECC2-109 Public Key Cryptography Solved in 2004 Diffie Hellman Key Exchange Protocol 131-bit challenge 191-bit challenge Public Key Cryptosystems 239-bit challenge RSA & ElGamal Elliptic Curve 359-bit challenge Cryptography Other Public Key Cryptosystems: Post World records: 113-bit Koblitz curve using FPGA-cluster Quantum Elliptic Curve 9 Certicom Research Cryptography

  86. Identity Based Cryptography I Public Key Cryptography Conventional Public-key cryptography is dependent on a Indivar Gupta SAG, DRDO, public-key infrastructure(PKI). Delhi PKI addresses authentication of public key problem Background A PKI often works with a party trusted by all users, called Basic Concepts in Complexity Theory Some Number Certification Authority (CA) Theoretic & Algebraic Algorithms Some Computational CA has to generate and sign certificates containing public Hard Problems and their Application key of users along with identity. Cryptography PKI- based cryptography is both time-consuming and Public Key Cryptography error-prone. Diffie Hellman Key Exchange Protocol In 1984, Shamir introduced the concept of identity-based Public Key Cryptosystems RSA & ElGamal cryptography. Elliptic Curve Cryptography It uses user identity attributes, such as email addresses/ phone Other Public Key Cryptosystems: Post Quantum numbers company address instead of digital certificates Elliptic Curve Cryptography

  87. Identity Based Cryptography II Public Key Cryptography Indivar Gupta More precisely, the public key of a user is derived directly SAG, DRDO, Delhi from publicly available information. Background Practical realization of identity-based public key Basic Concepts in Complexity Theory cryptography (ID-PKC) came prom pairings. Some Number Theoretic & Algebraic Algorithms In 2001, Boneh and Franklin proposed the first identity-based Some Computational Hard Problems and encryption scheme, using the bilinearity of pairings. their Application Cryptography Computationally Hard prob: Bilinear Diffie Hellman Public Key Problem Cryptography Diffie Hellman Key Exchange Protocol Although it provides some advantages over PKI-based Public Key Cryptosystems approaches, it is not without its drawbacks (Key escrow). RSA & ElGamal Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve Cryptography

  88. Outline Public Key 1 Background Cryptography Basic Concepts in Complexity Theory Indivar Gupta SAG, DRDO, Some Number Theoretic & Algebraic Algorithms Delhi Some Computational Hard Problems and their Application Background Basic Concepts in Complexity Theory 2 Cryptography Some Number Theoretic & Algebraic Algorithms 3 Public Key Cryptography Some Computational Hard Problems and Diffie Hellman Key Exchange Protocol their Application Cryptography Public Key Cryptosystems Public Key RSA & ElGamal Cryptography Diffie Hellman Key Elliptic Curve Cryptography Exchange Protocol Public Key Other Public Key Cryptosystems: Post Quantum Cryptosystems RSA & ElGamal Elliptic Curve 4 Elliptic Curve Cryptography Cryptography Other Public Key Cryptosystems: Post 5 Open Source Libraries Quantum Elliptic Curve Cryptography

  89. Some Open Source Libraries 10 Public Key Cryptography Indivar Gupta SAGE [System for Algebra and Geometry Experimentation]: SAG, DRDO, Delhi http://www.sagemath.org/ Background PARI/GP: http://pari.math.u-bordeaux.fr/ Basic Concepts in Complexity Theory crypto - OpenSSL cryptographic library: Some Number Theoretic & Algebraic Algorithms https://www.openssl.org/docs/crypto/crypto.html Some Computational Hard Problems and their Application GAP http://www.gap-system.org Cryptography NTL: A Library for doing Number Theory Public Key Cryptography http://www.shoup.net/ntl/ Diffie Hellman Key Exchange Protocol MIRACL http://indigo.ie/?mscott/ Public Key Cryptosystems RSA & ElGamal GNU MP http://www.swox.com/gmp/ Elliptic Curve Cryptography Other Public Key Cryptosystems: Post Quantum Elliptic Curve 10 Appendix B, [6] Cryptography

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9

Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9

Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9 CCA Security SIM-CCA Security (PKE) Recv Send PK/Enc SK/Dec Replay Filter Secure (and correct) if: s.t. output of is distributed

1.26k views • 101 slides
Public Key Cryptography in Practice Eli Biham - May 3, 2005 c 372 Public Key Cryptography in

Public Key Cryptography in Practice Eli Biham - May 3, 2005 c 372 Public Key Cryptography in

Public Key Cryptography in Practice Eli Biham - May 3, 2005 c 372 Public Key Cryptography in Practice (13) How Cryptography is Used in Applications The main drawback of public key cryptography is the inherent slow speed of the public key

442 views • 14 slides
Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia

Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia

Cryptography Public Key Cryptography Concepts of Public Key Cryptography Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia Prepared by Steven Gordon on 20 Feb 2020, public.tex, r1803 1

421 views • 7 slides
Lecture 7 Public Key Cryptography (Diffie-Hellman and RSA) 1 Public Key Cryptography

Lecture 7 Public Key Cryptography (Diffie-Hellman and RSA) 1 Public Key Cryptography

Lecture 7 Public Key Cryptography (Diffie-Hellman and RSA) 1 Public Key Cryptography Asymmetric cryptography Invented in 1974-1978 (Diffie-Hellman and Rivest-Shamir- Adleman) Two keys: private (SK), public (PK) Encryption:

810 views • 42 slides
Lecture 8 Public Key Cryptography (Diffie-Hellman and RSA) 1 Public Key Cryptography

Lecture 8 Public Key Cryptography (Diffie-Hellman and RSA) 1 Public Key Cryptography

Lecture 8 Public Key Cryptography (Diffie-Hellman and RSA) 1 Public Key Cryptography Asymmetric cryptography Invented in 1974-1978 (Diffie-Hellman and Rivest-Shamir- Adleman) Two keys: private (SK), public (PK) Encryption:

256 views • 22 slides
Lecture 8 Public Key Cryptography (Diffie-Hellman and RSA) 1 Public Key Cryptography

Lecture 8 Public Key Cryptography (Diffie-Hellman and RSA) 1 Public Key Cryptography

Lecture 8 Public Key Cryptography (Diffie-Hellman and RSA) 1 Public Key Cryptography Asymmetric cryptography Invented in 1974-1978 (Diffie-Hellman and Rivest-Shamir- Adleman) Two keys: private (SK), public (PK) Encryption: with

445 views • 17 slides
Public-Key Cryptography Public-Key Cryptography Lecture 8 Public-Key Encryption Public-Key

Public-Key Cryptography Public-Key Cryptography Lecture 8 Public-Key Encryption Public-Key

Public-Key Cryptography Public-Key Cryptography Lecture 8 Public-Key Encryption Public-Key Cryptography Lecture 8 Public-Key Encryption Diffie-Hellman Key-Exchange PKE scheme PKE scheme SKE: Syntax KeyGen outputs K K Enc: M K R

1.18k views • 104 slides
Outline CPSC 418/MATH 318 Introduction to Cryptography Public Key Cryptography, RSA Public-Key

Outline CPSC 418/MATH 318 Introduction to Cryptography Public Key Cryptography, RSA Public-Key

Outline CPSC 418/MATH 318 Introduction to Cryptography Public Key Cryptography, RSA Public-Key Cryptography 1 Renate Scheidler The RSA Cryptosystem 2 Department of Mathematics &amp; Statistics Department of Computer Science University of

372 views • 7 slides
Laconic Zero Knowledge to Public Key Cryptography Public Key Cryptography Akshay Degwekar

Laconic Zero Knowledge to Public Key Cryptography Public Key Cryptography Akshay Degwekar

Laconic Zero Knowledge to Public Key Cryptography Public Key Cryptography Akshay Degwekar (MIT) Public Key Encryption (PKE) [Diffie-Hellman76, Rivest-Shamir-Adelman78, Goldwasser-Micali82] pk sk Public Key Encryption Public Key Encryption

296 views • 25 slides
Handout 8 Summary of this handout: Asymmetric Cryptography Public Key Cryptography

Handout 8 Summary of this handout: Asymmetric Cryptography Public Key Cryptography

06-20008 Cryptography The University of Birmingham Autumn Semester 2012 School of Computer Science Eike Ritter 15 November, 2012 Handout 8 Summary of this handout: Asymmetric Cryptography Public Key Cryptography Diffie-Hellman Key

207 views • 8 slides
Public key cryptography: a practical Public key cryptography: a practical approach approach

Public key cryptography: a practical Public key cryptography: a practical approach approach

Public key cryptography: a practical Public key cryptography: a practical approach approach Israel Herraiz &lt;isra@herraiz.org&gt; &lt;israel.herraiz@upm.es&gt; KeyID FE0A7AF3 Fingerprint D0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF3

996 views • 43 slides
Public Key Cryptography Diffie-Hellman Others CSS441: Security and Cryptography Sirindhorn

Public Key Cryptography Diffie-Hellman Others CSS441: Security and Cryptography Sirindhorn

CSS441 Public Key Crypto Principles RSA Public Key Cryptography Diffie-Hellman Others CSS441: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 20 December 2015

461 views • 29 slides
Cryptography Public-Key Cryptography Uwe Egly Vienna University of Technology Institute of

Cryptography Public-Key Cryptography Uwe Egly Vienna University of Technology Institute of

Cryptography Public-Key Cryptography Uwe Egly Vienna University of Technology Institute of Information Systems Knowledge-Based Systems Group 1 / 18 Overview Problem of symmetric procedures: Exchange of secret key Solution: public-key

884 views • 18 slides
Cryptography: Public Key Cryptography; Mathematical Preliminaries Greg Plaxton Theory in

Cryptography: Public Key Cryptography; Mathematical Preliminaries Greg Plaxton Theory in

Cryptography: Public Key Cryptography; Mathematical Preliminaries Greg Plaxton Theory in Programming Practice, Spring 2005 Department of Computer Science University of Texas at Austin Secure Communication Earlier we discussed the problems

202 views • 18 slides
C) Public Key Cryptography C.a) Fundamentals C.b) RSA with Applications C.c) DSA and Diffie

C) Public Key Cryptography C.a) Fundamentals C.b) RSA with Applications C.c) DSA and Diffie

1 C) Public Key Cryptography C.a) Fundamentals C.b) RSA with Applications C.c) DSA and Diffie Hellman W. Schindler: Cryptography, B-IT, winter 2006 / 2007 2 C.a) Fundamentals 3 C.1 Introducing Remark Public key cryptosystems are widely

621 views • 47 slides
Public-Key Cryptography Public-Key Cryptography Lecture 8 Public-Key Cryptography Lecture 8

Public-Key Cryptography Public-Key Cryptography Lecture 8 Public-Key Cryptography Lecture 8

Public-Key Cryptography Public-Key Cryptography Lecture 8 Public-Key Cryptography Lecture 8 Public-Key Encryption from Trapdoor OWP Public-Key Cryptography Lecture 8 Public-Key Encryption from Trapdoor OWP CCA Security El Gamal Encryption

1.78k views • 162 slides
NUMERICAL SEMIGROUPS FengRao distances in numerical semigroups and application to AG

NUMERICAL SEMIGROUPS FengRao distances in numerical semigroups and application to AG

I BERIAN MEETING ON NUMERICAL SEMIGROUPS FengRao distances in numerical semigroups and application to AG codes Porto 2008 Jos e Ignacio Farr an Mart n ignfar@eis.uva.es Departamento de Matem atica Aplicada Universidad

1.61k views • 94 slides
A Geometric Approach for the Computation of Riemann-Roch Spaces : Algorithm and Complexity Aude Le

A Geometric Approach for the Computation of Riemann-Roch Spaces : Algorithm and Complexity Aude Le

A Geometric Approach for the Computation of Riemann-Roch Spaces : Algorithm and Complexity Aude Le Gluher and Pierre-Jean Spaenlehauer Universit de Lorraine / INRIA Nancy Grand Est / CNRS CARAMBA team JNCF, Luminy, 2019 1 / 26

484 views • 29 slides
Numerical Semigroups and Codes Cortona 2014 Jos e Ignacio Farr an Mart n

Numerical Semigroups and Codes Cortona 2014 Jos e Ignacio Farr an Mart n

I NTERNATIONAL M EETING ON N UMERICAL S EMIGROUPS Numerical Semigroups and Codes Cortona 2014 Jos e Ignacio Farr an Mart n jifarran@eii.uva.es Departamento de Matem atica Aplicada Universidad de Valladolid Campus de Segovia

719 views • 48 slides
Feng-Rao distances in Arf and inductive semigroups Jos e I. Farr an Pedro A. Garc

Feng-Rao distances in Arf and inductive semigroups Jos e I. Farr an Pedro A. Garc

AG codes Numerical semigroups Arf semigroups Inductive semigroups Feng-Rao distances in Arf and inductive semigroups Jos e I. Farr an Pedro A. Garc a-S anchez International Meeting on Numerical Semigroups Levico Terme July

393 views • 20 slides
6.s096 Lecture 2 1 Thursday, January 10, 13 Administrative Notes Assignment 1 due at

6.s096 Lecture 2 1 Thursday, January 10, 13 Administrative Notes Assignment 1 due at

6.s096 Lecture 2 1 Thursday, January 10, 13 Administrative Notes Assignment 1 due at midnight (11:59pm) tonight. Please try to use Piazza for asking questions when possible: h t ps://piazza.com/mit/spring2013/6s096/home Let us

483 views • 26 slides
Theory of Computer Science D3. GOTO-Computability Malte Helmert University of Basel April 25,

Theory of Computer Science D3. GOTO-Computability Malte Helmert University of Basel April 25,

Theory of Computer Science D3. GOTO-Computability Malte Helmert University of Basel April 25, 2016 WHILE vs. Turing GOTO Programs GOTO vs. WHILE Turing vs. GOTO Summary Overview: Computability Theory Computability Theory imperative

1.09k views • 32 slides
Intermediate Code Generation - Part 4 Y.N. Srikant Department of Computer Science and Automation

Intermediate Code Generation - Part 4 Y.N. Srikant Department of Computer Science and Automation

Intermediate Code Generation - Part 4 Y.N. Srikant Department of Computer Science and Automation Indian Institute of Science Bangalore 560 012 NPTEL Course on Principles of Compiler Design Y.N. Srikant Intermediate Code Generation Outline of

711 views • 26 slides
Intermediate Code Generation ALSU Textbook Chapter 6.16.4, 6.5.16.5.3, 6.66.8 Tsan-sheng

Intermediate Code Generation ALSU Textbook Chapter 6.16.4, 6.5.16.5.3, 6.66.8 Tsan-sheng

Intermediate Code Generation ALSU Textbook Chapter 6.16.4, 6.5.16.5.3, 6.66.8 Tsan-sheng Hsu tshsu@iis.sinica.edu.tw http://www.iis.sinica.edu.tw/~tshsu 1 Intermediate code generation Compiler usually generates intermediate codes.

658 views • 51 slides

More recommend