1 / 29

PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9

Understand the principles, applications, requirements, and security of RSA algorithm. Learn about the misconceptions of PKC versus symmetric encryption, key management, and the steps for encryption and authentication. Discover the significance of confidentiality, authentication, digital signatures, and key exchange in PKC. Explore the applications and terminology of cipher security in PKC technology. Step into the world of RSA algorithm, computation, and security measures against brute-force and mathematical attacks. Delve into the intricacies of factorization and decryption security in RSA. Key in on the importance of constant exponentiation time, random delay, blinding, and countermeasures against timing attacks.

kyle
Télécharger la présentation

PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9 • Principles • Applications • Requirements • RSA Algorithm • Description • Security

  2. Historically – Symmetric-Key (one key) substitution (confusion) permutation (diffusion) More Recently – Asymmetric-Key (two keys) PUBLIC-KEY CRYPTOGRAPHY (PKC) – A New Idea

  3. PKC more secure than symmetric encryp. WRONG!! • PKC more useful than symmetric encryp. • WRONG!! – PKC costly • PKC doesn’t need complicated protocol • WRONG!! MISCONCEPTIONS PKC vs Symmetric Encryption

  4. Key Management • Signature PKC - USES

  5. Plaintext – input to encryp. algorithm • output from decryp. algorithm • Encryp. Algorithm – acts on plaintext • - controlled by public or private key • Public and Private Key • - one for encryption • - one for decryption • Ciphertext – output from encryp. algorithm • input to decryp. algorithm • Decryp. Algorithm – acts on ciphertext • - controlled by public or private key PKC – SIX INGREDIENTS

  6. Each user generates two related keys • - PUBLIC and PRIVATE • 2. Each user makes: • public key  PUBLIC • private key  PRIVATE • access  ALL public keys • 3. BOB: Encr(plaintext,PUBLICAlice) ciphertext ALICE • 4. ALICE: Decr(ciphertext,PRIVATEAlice) PKC – STEPS

  7. PKC for a) ENCRYPTION b) AUTHENTICATION

  8. At ANY TIME, ANY Private/Public key pair can be changed. Public key should be made public IMMEDIATELY KEYS EASILY UPDATED

  9. Symmetric-Key: One SECRET KEY Asymmetric-Key (PKC): One PRIVATE KEY One PUBLIC KEY CIPHER TERMINOLOGY

  10. CONFIDENTIALITY

  11. AUTHENTICATION (source)(Integrity/Signature)

  12. CONFIDENTIALITY and AUTHENTICATION

  13. Encryp./Decryp. • Sender encrypts with RECIPIENT’S PUBLIC key. • Applied to ALL of message. • Digital Signature • Sender signs with SENDER’S PRIVATE key. • Applied to ALL or PART of message. • Key Exchange • Uses one or more PRIVATE keys. • Several approaches APPLICATIONS OF PKC

  14. APPLICATIONS OF PKC Table 9.2

  15. Every value has an inverse • Y = F(X)  X = F-1(Y) • Y = F(X) - easy • X = F-1(Y) - infeasible • easy – polynomial time (poly in message length) • infeasible - > poly time (e.g. exp. in message length) ONE-WAY FUNCTION

  16. Y = fk(X) - easy if k and X known X = fk-1(Y) - easy if k and Y known X = fk-1(Y) - infeasible if only Y known TRAP-DOOR ONE-WAY FUNCTION (e.g. PKC)

  17. Brute-Force Attack  Use LARGE keys But, PKC COMPLEXITY GROWS fast with key size So, PKC TOO COMPLEX encryp/decryp PKC only for key management and signature PKC – THE PROBLEM OF KEY SIZE

  18. PKC: 1960’s (NSA) 1970 Ellis – CESG 1976 Diffie and Hellman RSA: 1973 Cocks – CESG 1977 Rivest, Shamir, Adleman - MIT RSA ALGORITHM

  19. Plaintext and Ciphertext integers between 0 and n-1 i.e. k bits, 2k < n <2k+1 Encryption: C = Me mod n Decryption: M = Cd mod n = (Me)d mod n = Med mod n RSA

  20. Sender knows n,e Receiver knows n,d  PUBLIC key, KU = {e,n}  PRIVATE key, KR = {d} RSA (continued)

  21. PKC REQUIREMENTS OF RSA 1. There exists e,d,n s.t. Med = M mod n 2. Easy to calculate Me and Cd given {M,e} or {C,d}, resp. 3. Infeasible to find d given {e,n}

  22. p = 17, q = 11 n = p.q = 187 mod p = 17, {1,6,62,63,64,65,66,67,68,69,610,611,612,613,614,615} = {1,6,2,12,4,7,8,14,16,11,15,5,13,10,9,3} Mod p = 11 {1,2,4,8,5,10,9,7,3,6} EXAMPLE

  23. 57 = (6,2), 572 = (2,4), 573 = (12,8), 574 = (4,5) EXAMPLE

  24. We want number, g, between 1 and 186 s.t. g mod 17 = 6, g mod 11 = 2 Use CRT: g = 154.6 + 34.2 mod 187 = 57 EXAMPLE Chinese Remainder Theorem

  25. EXAMPLE RSA COMPUTATION

  26. Brute-Force Attacks • – try all possible private keys. • Mathematical Attacks • - all equivalent to factoring n. • Timing Attacks • - depend on running time of • decryption algorithm. SECURITY OF RSA

  27. Table 9.3 Progress in Factorisation

  28. MIPS-years NEEDED TO FACTOR

  29. For Decryption: • Constant exponentiation time • Random delay • Blinding • Generate random r • C’ = Cre • M’ = C’d • M = M’r-1 TIMING ATTACKS ON RSA - countermeasures

More Related