1 / 21

Public Key Cryptography

Public Key Cryptography. INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh. CRYPTOLOGY. CRYPTOGRAPHY. CRYPTANALYSIS. Private Key (Secret Key). Public Key. Block Cipher. Stream Cipher. Integer Factorization. Discrete Logarithm. What we have looked at so far. Outline.

erma
Télécharger la présentation

Public Key Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh

  2. CRYPTOLOGY CRYPTOGRAPHY CRYPTANALYSIS Private Key (Secret Key) Public Key Block Cipher Stream Cipher Integer Factorization Discrete Logarithm What we have looked at so far

  3. Outline • Problems with secret key schemes • Public key cryptography • Integer factorization • Discrete logarithms • How to achieve confidentiality, authentication, or both

  4. Conventional Encryption Model Insecure channel Alice Bob Encrypt Decrypt y x x k k Secure Channel Key Source y = ek (x) : Ciphertext x = dk (y) : Plaintext Oscar

  5. Bob Alice Carol Secret Key Cryptosystems • Block ciphers and stream ciphers • Use the same secret key on both sides for encryption and decryption • Operations for ek and dk are identical • A separate key for each communication Kbob&Carol KAlice&Bob KAlice&Carol

  6. Problems with Secret Key Schemes • Key distribution and management is a problem • If the key is disclosed, communications are compromised • How many secret keys do we need? • How to provide non-repudiation? • What if a receiver forges a message and claims that is sent by a sender! Both have access to the secret key! • Authentication, which secret key cryptosystems do not provide

  7. Bob Alice Dan Carol Problems with Secret Key Schemes (cont.) • A secret key algorithm implies every pair of communicating entities share a secret key • Total number of keys is O(n2) • For n users, we need n(n – 1)/2 pairs of keys • It is like having a mailbox for EACH pair of communicating people

  8. Solution • One mailbox for one person • Make a SLOT in the mailbox • Everyone (including Oscar) can deposit messages in the mailbox • Only the owner of the mailbox can recover the messages • So now for n users we only need n mailboxes and n keys

  9. Why Public Key Cryptography? • Developed to address two key issues: • Key distribution – how to have secure communications in general without having to trust a KDC with your key (Confidentiality) • Digital signatures – how to verify a message comes intact from the claimed sender (non-repudiation)

  10. Public Key Cryptography • Pioneered by Whitfield Diffie and Martin Hellman in 1976 • Public-key / two-key / asymmetriccryptography involves the use of two keys: • Public-key (KU) • Is known to everyone, used to encrypt messages and verify signatures • (Slot in the mailbox) • Private-key (KR) • known only to the recipient, used to decrypt messages and sign (create signatures) • (Actual key to open the mailbox) • Public Key Cryptography is asymmetric because • Those who encrypt messages or verify signatures cannot decrypt messages or create signatures

  11. Public Key Encryption Model Insecure channel Encrypt Decrypt y x x Alice Bob krbob kubob y = eku (x) : Ciphertext x = dkr (y) : Plaintext Oscar knows kubob

  12. Requirements • It is easy to encrypt using the public key KU • It is easy to decrypt using the private key KR • It is computationally infeasible to determine the private key given the public key • It is computationally infeasible to determine the plaintext x given the ciphertexty and the public key KU • It should be easy to generate a public key-private key pair • Encryption and decryption should be inverse functions • dKR(eKU(x)) = x

  13. What can satisfy these requirements? • There is a need for a mathematical function unlike secret key cryptosystems • One way functions: • Every function value has a unique inverse • Calculating y = f (x) is easy • Calculating x = f-1(y) is not feasible • Examples: • Integer factorization • Discrete logarithms

  14. Integer Factorization • Multiplication is easy • 7  17  109  151 = 195821 • Integer factorization is difficult • 30616693 = ?  ?  ? ? • Answer: 47 59 61 181 • Used in RSA

  15. Discrete Logarithm • EASY: Modular exponentiation • 223 mod 109 = ? • 223 = 8388608  77 mod 109 • DIFFICULT: Discrete logarithm • 2x mod 109 = 68 : Find x • x = log2 68 mod 109 • One way to solve it: Brute Force • Answer: x = 15 • Used in Diffie-Hellman Key Exchange, ElGamalEncryption Scheme, and Elliptic Curves

  16. Trapdoor One-Way Functions • A special kind of one-way function that is hard to invert unless some secret information, called the trapdoor, is known • Every function value has a unique inverse • There are two related keys k1 and k2 • Calculating y = f (k1, x) is easy • Calculating x = f-1(k2, y) is easy if k2 is known. It is infeasible if k2 is not known and only k1 is known • Finding k2 given k1 is very hard

  17. Providing Confidentiality Bob’s public key KUB Bob’s private key KRB plaintext message encryption algorithm decryption algorithm plaintext message, m ciphertext eKU(m) m = dKR( eKU(m) ) B B B

  18. Providing Authentication Alice’s public key KUA Alice’s private key KRA plaintext message encryption algorithm decryption algorithm plaintext message, m ciphertext eKR(m) m = dKR( eKU(m) ) B B B Bob’s public key KUB Bob’s private key KRB

  19. Providing Authentication & Confidentiality C C ’ encryption algorithm plaintext message, m encryption algorithm eKR(m) eKU( eKR(m) ) A B A decryption algorithm C plaintext message decryption algorithm dKU( eKR(m) ) dKR ( eKU( eKR(m) ) ) A A B B A

  20. Remarks • Single most major advance in cryptography • Much slower than private key cryptosystems • Used primarily for signatures and key exchange rather than bulk data encryption • Vulnerable to brute force attacks • Vulnerable to mathematical analysis • Note that KU and KR are related • Key sizes are much larger than those in secret key algorithms • Probable message attack • KU is known • If the number of messages is small, Oscar can encrypt all possible messages to break the system

  21. Public Key Algorithms and Security • Three different popular algorithms • RSA (integer factorization) • ElGamal (discrete logarithms on prime number fields) • Menezes-Vanstone (discrete logarithms on elliptic curves) • Keys sizes for security • 1024 bits for RSA and ElGamal • 160 bits for Menezes-Vanstone • 80 bits for block ciphers

More Related