Chapter 10 cryptography-public encryption
0 likes510 views
The document discusses public key cryptography, including: - Public key cryptography uses two keys - a public key which can encrypt messages, and a private key which can decrypt messages. - The RSA algorithm is an example of an asymmetric public key encryption algorithm that uses a public and private key pair. It involves choosing two prime numbers to generate the keys. - RSA encryption involves using the public key to encrypt a message, while decryption requires the private key. Properly implemented, it is very difficult to derive the private key from the public key and encrypted message.
Chapter 10 cryptography-public encryption
- 1. 12/16/2019 1 1 1 Part 2 Access Control 1Security+ Guide to Network Security Fundamentals, Third Edition 1 11 1 1 tohttps://github.com/syaifulahdan/ INFORMATION SECURITY Criptography - Public Encryption Private Key Criptography Public-Key Crytpgraphy Public Key Cryptography Public Key Caractheristics Public Key Cryptosystem Public Key Applications Security of Publics Key Scheme Public Key Encription Algorithms RSA : Choosing Keys RSA : Encryption Decryption RSA Example
- 2. 12/16/2019 2 2 2 Part 2 Access Control 2Security+ Guide to Network Security Fundamentals, Third Edition 2 22 2 2 tohttps://github.com/syaifulahdan/ Cryptography
- 3. 12/16/2019 3 3 3 Part 2 Access Control 3Security+ Guide to Network Security Fundamentals, Third Edition 3 33 3 3 tohttps://github.com/syaifulahdan/ Summary • Symmetric encryption • Public encryption • Digital Signature • Key distribution
- 4. 12/16/2019 4 4 4 Part 2 Access Control 4Security+ Guide to Network Security Fundamentals, Third Edition 4 44 4 4 tohttps://github.com/syaifulahdan/ Private-Key Cryptography • traditional private/secret/single key cryptography uses one key • shared by both sender and receiver • if this key is disclosed communications are compromised • also is symmetric, parties are equal • hence does not protect sender from receiver forging a message & claiming is sent by sender
- 5. 12/16/2019 5 5 5 Part 2 Access Control 5Security+ Guide to Network Security Fundamentals, Third Edition 5 55 5 5 tohttps://github.com/syaifulahdan/ Public-Key Cryptography • probably most significant advance in the 3000 year history of cryptography • uses two keys – a public & a private key • asymmetric since parties are not equal • uses clever application of number theoretic concepts to function • complements rather than replaces private key crypto
- 6. 12/16/2019 6 6 6 Part 2 Access Control 6Security+ Guide to Network Security Fundamentals, Third Edition 6 66 6 6 tohttps://github.com/syaifulahdan/ Public-Key Cryptography • public-key/two-key/asymmetric cryptography involves the use of two keys: – a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures – a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures • is asymmetric because – those who encrypt messages or verify signatures cannot decrypt messages or create signatures
- 7. 12/16/2019 7 7 7 Part 2 Access Control 7Security+ Guide to Network Security Fundamentals, Third Edition 7 77 7 7 tohttps://github.com/syaifulahdan/ Public-Key Cryptography
- 8. 12/16/2019 8 8 8 Part 2 Access Control 8Security+ Guide to Network Security Fundamentals, Third Edition 8 88 8 8 tohttps://github.com/syaifulahdan/ Public-Key Characteristics • Public-Key algorithms rely on two keys with the characteristics that it is: – computationally infeasible to find decryption key knowing only algorithm & encryption key – computationally easy to en/decrypt messages when the relevant (en/decrypt) key is known – either of the two related keys can be used for encryption, with the other used for decryption (in some schemes)
- 9. 12/16/2019 9 9 9 Part 2 Access Control 9Security+ Guide to Network Security Fundamentals, Third Edition 9 99 9 9 tohttps://github.com/syaifulahdan/ Public-Key Cryptosystems
- 10. 12/16/2019 10 10 10 Part 2 Access Control 10Security+ Guide to Network Security Fundamentals, Third Edition 10 1010 10 10 tohttps://github.com/syaifulahdan/ Public-Key Applications • can classify uses into 3 categories: – encryption/decryption (provide secrecy) – digital signatures (provide authentication) – key exchange (of session keys) • some algorithms are suitable for all uses, others are specific to one
- 11. 12/16/2019 11 11 11 Part 2 Access Control 11Security+ Guide to Network Security Fundamentals, Third Edition 11 1111 11 11 tohttps://github.com/syaifulahdan/ Security of Public Key Schemes • like private key schemes brute force exhaustive search attack is always theoretically possible • but keys used are too large (>512bits) • security relies on a large enough difference in difficulty between easy (en/decrypt) and hard (cryptanalysis) problems • more generally the hard problem is known, its just made too hard to do in practise • requires the use of very large numbers • hence is slow compared to secret key schemes
- 12. 12/16/2019 12 12 12 Part 2 Access Control 12Security+ Guide to Network Security Fundamentals, Third Edition 12 1212 12 12 tohttps://github.com/syaifulahdan/ Public key encryption algorithms need K ( ) and K ( ) such thatB B . . given public key K , it should be impossible to compute private key KB B Requirements: 1 2 RSA: Rivest, Shamir, Adelson algorithm + - K (K (m)) = m BB - + + -
- 13. 12/16/2019 13 13 13 Part 2 Access Control 13Security+ Guide to Network Security Fundamentals, Third Edition 13 1313 13 13 tohttps://github.com/syaifulahdan/ RSA: Choosing keys 1. Choose two large prime numbers p, q. (e.g., 1024 bits each) 2. Compute n = pq, z = (p-1)(q-1) 3. Choose e (with e<n) that has no common factors with z. (e, z are “relatively prime”). 4. Choose d such that ed-1 is exactly divisible by z. (in other words: ed mod z = 1 ). 5. Public key is (n,e). Private key is (n,d). KB + KB -
- 14. 12/16/2019 14 14 14 Part 2 Access Control 14Security+ Guide to Network Security Fundamentals, Third Edition 14 1414 14 14 tohttps://github.com/syaifulahdan/ RSA: Encryption, decryption 0. Given (n,e) and (n,d) as computed above 1. To encrypt bit pattern, m, compute c = m mod ne (i.e., remainder when m is divided by n) e 2. To decrypt received bit pattern, c, compute m = c mod nd (i.e., remainder when c is divided by n)d m = (m mod n)e mod n dMagic happens! c
- 15. 12/16/2019 15 15 15 Part 2 Access Control 15Security+ Guide to Network Security Fundamentals, Third Edition 15 1515 15 15 tohttps://github.com/syaifulahdan/ RSA example: Bob chooses p=5, q=7. Then n=35, z=24. e=5 (so e, z relatively prime). d=29 (so ed-1 exactly divisible by z. letter m me c = m mod ne l 12 1524832 17 c m = c mod nd 17 481968572106750915091411825223071697 12 c d letter l encrypt: decrypt:
- 16. 12/16/2019 16 16 16 Part 2 Access Control 16Security+ Guide to Network Security Fundamentals, Third Edition 16 1616 16 16 tohttps://github.com/syaifulahdan/ RSA: Why is that m = (m mod n)e mod n d (m mod n) e mod n = m mod n d ed Useful number theory result: If p,q prime and n = pq, then: x mod n = x mod n y y mod (p-1)(q-1) = m mod n ed mod (p-1)(q-1) = m mod n 1 = m (using number theory result above) (since we chose ed to be divisible by (p-1)(q-1) with remainder 1 )
- 17. 12/16/2019 17 17 17 Part 2 Access Control 17Security+ Guide to Network Security Fundamentals, Third Edition 17 1717 17 17 tohttps://github.com/syaifulahdan/ RSA: another important property The following property will be very useful later: K (K (m)) = m BB - + K (K (m))BB + - = use public key first, followed by private key use private key first, followed by public key Result is the same!
- 18. 12/16/2019 18 18 18 Part 2 Access Control 18Security+ Guide to Network Security Fundamentals, Third Edition 18 1818 18 18 tohttps://github.com/syaifulahdan/ Summary • Symmetric encryption • Public encryption • Digital Signature • Key distribution