1 / 22

Introduction to Public Key Encryption

Introduction to Public Key Encryption. CSIS 5857: Encoding and Encryption. Public Key Encryption. +. Recipient (Alice) generates key pair : Public key k PU Does not have to be kept secret Distributed to all senders (such as Bob) Private key k PR Kept secret by Alice.

zoe-noble
Télécharger la présentation

Introduction to Public Key Encryption

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to Public Key Encryption CSIS 5857: Encoding and Encryption

  2. Public Key Encryption + • Recipient (Alice) generates key pair: • Public keykPU • Does not have to be kept secret • Distributed to all senders (such as Bob) • Private keykPR • Kept secret by Alice Key pair generator Copy of Alice’s public key

  3. Public Key Encryption • Bob uses Alice’s public keykPUto encrypt message • C= E(kPU,P) • Alice uses her private keykPRto decrypt message • P= D(kPR, C) C E D P P Alice’s kPU Alice’s kPR List of others’ public keys

  4. Public Key Encryption • Central idea: Adversary cannot determine private key from corresponding public key • Could theoretically find private key, but computationally infeasible to do so • Cannot read intercepted messages encrypted with public key “I still can’t compute

  5. Public and Symmetric Keys Problem: How to securely distribute a symmetric keyKS? Solution: • Use public key encryption to securely send it • Use faster symmetric key algorithm (like AES) to securely transmit the rest of the message Epublic (kS, kPU) ks ks E D D E P P Esymmetric (P, kS)

  6. Public Key Math • Public key algorithms are mathematical functions of integer numbers • Keys are large numbers • Plaintext translated to large numbers (not bits) • Encryption is a mathematical function of plaintext and key which creates another large number as ciphertext Alice’s KPR Alice’s KPU

  7. Trapdoor One-Way Functions One-way functions: • Function: y= f (x) • Inverse function: x= f -1 (y) • Given x, y= f (x) very easy to compute • Given y, x= f -1 (y) computationally infeasible to compute Example: Factoring • p and q are very large prime numbers • n = p x q is easy to compute • Factoringninto p and q infeasible • Must try almost all possible p and q

  8. Trapdoor One-Way Functions Trapdoor functions: • Given one-way function: y= f (x) • There exists some “secret trapdoor” that allows x= f -1 (y) to be easily computed Example (very simple): • n = p x q product of two large primes • Factoring ninto p and q to find p infeasible • Finding p is easy if know q • q is a “trapdoor” for finding p from n

  9. Trapdoor One-Way Functions Idea behind public-key encryption: • Encryption function C =E (KPU,P) must be one way • Must not be able to compute P from C • Must have trapdoor to allow decryption • Must be able to easily compute P from C if know trapdoor • Trapdoor = private key

  10. Trapdoor One-Way Functions • Factoring/Discrete Logarithms • RSA, Rabin, ElGamal • Easy to implement, well understood • Elliptic Curve • Relatively new, thought to be much faster than factoring/discrete logarithms • NP-Complete problems • Exponential time to solve problem • Easy to confirm solution if given

  11. Knapsack Problem • NP-Complete problem • Merkle and Hellman (1978) • First proposed approach to public key encryption • Description: • “Knapsack” of size s • k “packages” of different sizes • Which set of packages combine to exactly “fill” the knapsack?

  12. Knapsack Problem Mathematical Description: • Package i has size ai • Package i is in the knapsack if xi = 1not in the knapsack if xi = 0 • Total size of packages in knapsack =x1a1+ x2a2+ …+ xkak Example: • a = [9, 12, 2, 7, 5] • Knapsack size s = 11 • Configuration x that exactly fills the knapsack: x = [1, 0, 1, 0, 0] • Sum = 19 + 012 + 12 + 07 + 05 = 11

  13. Knapsack Problem • One-way function: • Given configuration x, easy to compute sum of packages in knapsack • Given knapsack size s, difficult to compute configuration x of packages that fill knapsack exactly • 2k possible configurations of packages • Have to try all of them to find a fit in knapsack

  14. Knapsack Trapdoor • Superincreasing package sizes • Next package size greater than sum of all previous packages • ai > a1+ a2+ … + ai -1 • Simple algorithm to solve knapsack problem:for (i = k down to 1) { if (s >= ai) { xi = 1 s = s – ai } else xi = 0 }

  15. Knapsack Trapdoor Example: • a = [2, 3, 6, 12, 25, 50, 100, 200] • s = 139 • Steps: • 139 < 200  x8= 0 • 139 > 100  x7 = 1 s = 39 • 39 < 50  x6= 0 • 39 > 25  x5 = 1 s = 14 • 14 > 12  x4 = 1 s = 2 • 2 < 6  x3= 0 • 2 < 3  x2= 0 • 2 = 2  x1 = 1 s = 0

  16. Knapsack Encryption Key Generation: • Create superincreasing set b = [b1, b2, …bk] • Example: b = [2, 3, 6, 12] • Will be part of private key since can solve problem • Problem: how to hide this private key information? • Mix it up with permutation • Use a mod to make it impossible to reorder by size

  17. Knapsack Encryption Key Generation: • Choose a modulusn such that n > b1 + b2 + … + bk • Larger than any possible knapsack size • Example: n = 25 • Choose some multiplierr < nrelatively prime to n • No common divisors • All b r mod n will be different • Example: r = 7 • Compute t such that ti= bi  r mod n • Example: b = [ 2, 3, 6, 12] t = [14, 21, 17, 9] • Note that no longer in increasing order!

  18. Knapsack Encryption Key Generation: • Create permutation of t and use it to create a • Example: [3, 2, 4, 1]t = [14, 21, 17, 9] a = [17, 21, 9, 14] • Cannot find t from a! • Adversary cannot recover initial value of b without knowing n and rand the permutation • Public key: a • Private key: b, n, r, and the permutation

  19. Encryption Bob encrypts value 1101using Alice’s public key • Public key = [17, 21, 9, 14] • Value 1001 used as configurationx = [1, 1, 0, 1] • Multiplied/added using public key to get knapsack size171 + 211 + 90 + 141 =52 • Ciphertext: 52 52 Encryption 1101

  20. Decryption • Alice receives ciphertext s = 52 • Compute r -1 mod n • Used to invert the multiplication by r • Example: r = 7, n = 257-1 mod 25 = 18 (718 = 126 = 1 mod 25) • Compute s′ = r -1 s mod n • s′ = 18  52 = 936 mod 25 = 11

  21. Decryption • Invert knapsack process to find values of b that sum to s′ • b = [2, 3, 6, 12] • 1 = 1  2 + 1  3 + 1  6 + 0  12  1110 • Apply the permutation to get the plaintext back • Permutation: [3, 2, 4, 1] • 1 1 1 0  1 1 0 1

  22. Knapsack Encryption

More Related