Symmetric and Asymmetric Key Cryptography(Part 2) By Radhika B S - - PowerPoint PPT Presentation

Symmetric and Asymmetric Key Cryptography(Part 2)

By Radhika B S

Contents

• Asymmetric Key Cryptography
• Security Requirements
• Advantages
• Modes of Use
• Diffie-Hellman Key Exchange
• RSA Cryptosystem
• ElGamal Cryptosystem
• Comparison

Asymmetric Key Cryptography

• Encryption and Decryption are done using different keys
• Every user has a pair of keys (Public Key(e), Private Key(d))

1.Alice selects key pair (e, d)

• 2. Sends public key e to Bob
• 4. Sends ciphertext C
• 3. Encrypts message M using e

C = Ee(M)

• 5. Decrypts C using the private key d

M = Dd(C)

Security Requirements

• Public Key Algorithms must have following properties

○ Given a ciphertext C, computing the corresponding plaintext P should be hard ○ Given a public key e, computing the corresponding private key d should be hard ○ Given a private key d, it should be computationally easy to retrieve the plaintext

Trap door One-way Functions

Domain Range f : easy f-1 : hard f-1 : easy, given trapdoor t

Benefits of Asymmetric Key Cryptography

• Does not require secure channel to exchange keys
• Public key of an entity A can be used by multiple entities in the network to

send secret messages to A

• Can be used in two ways

○ Encryption using public key : Provides Confidentiality ○ Encryption using private key : Provides Authentication, nonrepudiation

Encryption Using Public Key

Encryption Using Private Key

Digital Signature

• Used to provide

○ Authentication ○ Nonrepudiation

• Requirements of a good digital signature

○ Given a signature s of a message M, it should be hard to find an another message M’ such that Signature M’ is also s ○ Easy to compute ○ Easy to verify

Diffie-Hellman Key Exchange

1.Alice and Bob agree on a prime number p and a generator g

• 2. Alice selects a random

integer a < p and computes A = ga (mod p)

• 3. Alice sends A to Bob
• 2. Bob selects a random integer

b < p and computes B = gb (mod p)

• 3. Bob sends B to Alice

4.Computes key K = Ba (mod p) 4.Computes key K = Ab (mod p)

Diffie-Hellman Key Exchange

K = Ba (mod p) = (gb)a (mod p) [ Since B = gb (mod p) ] = gab (mod p) Given p, g, A and B, it is hard to compute a, b and hence K K = Ab (mod p) = (ga)b (mod p) [ Since A = ga (mod p) ] = gab (mod p)

Hard Problems in Asymmetric Key Cryptography

• Integer Factorization: Ex: RSA
• Discrete Log Problem(DLP): Ex: ElGamal
• Elliptic Curve Discrete Log Problem(ECDLP): Ex: Elliptic Curve Cryptosystem

RSA Cryptosystem

• Introduced in 1977 by Ron Rivest, Adi Shamir and Leonard Adleman
• Was independently developed by Clifford Cocks when working for UK

intelligence agency GCHQ in 1973 and declassified in 1997

• One of the first and most widely used public key cryptosystem
• Has 3 components

○ Key Generation ○ Encryption ○ Decryption

RSA Cryptosystem

Key Generation 1. Select two large prime numbers p and q 2. Compute n = p * q 3. Calculate Ф(n) = (p-1)(q-1) 4. Select e < Ф(n) such that it is relatively prime to Ф(n) 5. Compute d such that ed ≡ 1 mod Ф(n) Public Key = (e, n) Private Key = (d, n)

RSA Cryptosystem

Encryption C = Me (mod n) where M < n Decryption M = Cd (mod n)

Proof of Correctness

C = Me (mod n) M = Cd (mod n) D(E(M)) = D(Me (mod n)) = Med (mod n) = MФ(n) * k + 1 (mod n)

= MФ(n) * k * M (mod n) = M(mod n)

ed ≡ 1 mod Ф(n) ⇒ Ф(n)|(ed-1) ⇒ ed = Ф(n) * k + 1 Euler’s Theorem: If m and n are relatively prime, mΦ(n) (mod n)= 1

Extended Euclidean Algorithm

If g = GCD(b, c), then ∃ x, y such that bx + cy = g gcd(210, 165) 210 = 165 * 1 + 45 165 = 45 * 3 + 30 45 = 30 * 1 + 15 30 = 15 * 2 + 0 15 = 210(4) + 165(-5) 15 = 210(4) - 165(5) 15 = (210 - 165(1))(4) - 165(1) 15 = 45 (4) - 165(1) 15 = 45 - (165 - 45(3))(1) 15 = 45 - 30 (1)

An Example

Key Generation Let us consider p = 3 and q = 11 1. n = p * q = 3 * 11 = 33 2. Ф(n) = (p-1)(q-1) = 2 * 10 = 20 3. Select e = 3 [GCD(3, 20) = 1] 4. By Using Extended Euclidean Algorithm we can compute d = 7 Public Key = (3, 33) Private Key = (7, 33)

An Example

Encryption M = 5 C = 53 (mod 33) = Decryption M = 267 (mod 33) = 26 5

Attacks on RSA

• Brute Force attack: Try all possible keys
• Factoring large numbers: Mathematical solution
• Chosen Ciphertext attacks: Exploits properties of the algorithm
• Side Channel Attacks : Use external factors

Factorization Problem

• RSA can be broken in 3 ways

○ Factor n to obtain p and q. Use them to compute Ф(n). Retrieve private key d by computing inverse of e(mod Ф(n)) ○ Find Ф(n) and then compute inverse of e(mod Ф(n)) ○ Directly find d

• All are believed to be equivalent to factorization problem
• No polynomial time algorithm for factoring arbitrarily large integers obtained by

multiplying large prime numbers

Factorization Problem

Side Channel Attacks

• Relatively new class of attacks
• Traditional Attacks exploit weakness in algorithms and key
• Side Channel Attacks exploit weakness in the implementation
• Use external factors like time, power..
• Attacker carefully observes the behavior of the implementation under different

conditions

• Based on this, the attacker can obtain partial/full key
• Solution: Implementation should not reveal any information

ElGamal Cryptosystem

• Introduced by Taher ElGamal in 1985
• Uses Discrete Log Problem: Given a prime number p, a generator g ∈ Zp

* and

an element a ≡ gx (mod p) , find the value of x.

• Based on Diffie-Hellman key exchange
• Consists of 3 components

○ Key Generation ○ Encryption ○ Decryption

ElGamal Cryptosystem

Key Generation

1. Select a prime number p and its generator/primitive root g 2. To generate Alice’s key-pair, generate a random integer a, such that 1 < a < p-1 3. Compute A = ga (mod p) 4. Alice’s public key : {p, g, A}

ElGamal Cryptosystem

Encryption Bob encrypts Message M < p as follows: 1. Bob Chooses a random integer k such that 1 ≤ k ≤ p-1 2. Computes one-time key K = Ak (mod p) 3. Computes a pair C1 = gk (mod p) and C2 = KM (mod p) 4. Sends (C1, C2) to Alice

ElGamal Cryptosystem

Decryption 1. Alice computes key K = C1

a(mod p)

2. Recovers M = C2K-1(mod p)

An Example

Key Generation P = 47 g = 5 a = 5 A = 55 (mod 47) = 23 Encryption k = 7 M = 21 K = Ak (mod p) = 237 (mod 47) = 29 C1 = gk (mod p) = 57 (mod 47) = 11 C2 = KM (mod p) = 29 * 21(mod 47) = 45 Decryption K = C1

a(mod p) = 115(mod 47) = 29

M = C2K-1(mod p) = 45 * 13 (mod 47) = 21

Applications

• Encryption/Decryption: To secure confidentiality of data
• Digital Signature: To provide authentication
• Key Exchange: To exchange session keys

Algorithm Encryption/Decryption Digital Signature Key Exchange Diffie-Hellman No No Yes RSA Yes Yes Yes ElGamal Yes Yes Yes

Comparison

Symmetric Key Cryptography

• High encryption rate
• Keys are shorter
• Sharing secret key
• Separate key needs to be

maintained for communication with each entity Asymmetric Key Cryptography

• Only private key needs to be

secret

• Longer key validity time
• Same key-pair can be used to

communicate with multiple entities

How are they used?

• Asymmetric Key Cryptosystems are mainly used for key exchanges and digital

certificates

• Symmetric Key cryptography is used for encryption of bulk data

References

1. Menezes, Alfred J., Paul C. Van Oorschot, and Scott A. Vanstone. Handbook

• f applied cryptography. CRC press, 1996.

2. Stallings, William. Cryptography and network security: principles and

• practices. Pearson Education India, 2006.

3. Menezes, Bernard L. Network Security and Cryptography. Wadsworth Publishing Company Incorporated, 2012.