Public key cryptography,

Digital signature algorithms,

MAC function
Hash function
B. Tech CSE/CST

Instructor:
Dr Mohammad Wazid
Associate Professor, Department of CSE
Graphic Era (Deemed to be University), Dehradun, India
Email: [email protected]
Homepage: https://sites.google.com/site/mwazidiiith/home
Public-Key Cryptography
• Probably most significant advancement in the 3000 year
history of cryptography
• Uses two keys – a public & a private key
• Asymmetric since parties are not equal
• Uses the number theoretic concepts to the
encryption/decryption function
• Complements rather than replaces private key cryptosystem
Why Public-Key Cryptography?
• Developed to address two key issues:
• key distribution – how to have secure
communications in general without having to trust a
KDC with your key
• digital signatures – how to verify a message comes
intact from the claimed sender
• Public invention due to Whitfield Diffie & Martin
Hellman at Stanford University in 1976
 Public-Key Cryptography
• Public-key/two-key/asymmetric cryptography involves the
use of two keys:
• a public-key, which may be known to anybody, and can be
used to encrypt messages, and verify signatures
• a related private-key, known only to the recipient, used to
decrypt messages, and sign (create) signatures
• Infeasible to determine private key from public key
• Is asymmetric because
• those who encrypt messages or verify signatures cannot
decrypt messages or create signatures
Public-Key Cryptography
Symmetric vs Public-Key
 Public-Key Cryptosystems

Here, we’ll
achieve both
properties
secrecy
(confidentiality)
as well as
authenticity of
messages
Public-Key Applications
• Can be classified into 3 categories:
• encryption/decryption (provide secrecy)
• digital signatures (provide authentication)
• key exchange (of session keys)
• Some algorithms are suitable for all uses, others are specific to
one
Public-Key Requirements
• Public-Key algorithms rely on two keys where:
• It is computationally infeasible to find decryption key
knowing only algorithm & encryption key.
• It is computationally easy to en/decrypt messages
when the relevant (en/decrypt) key is known.
• Either of the two related keys can be used for
encryption, with the other used for decryption (for
some algorithms).
• These are essential requirements which only a few
algorithms have satisfied.
 Security of Public Key Schemes
Like private key schemes brute force exhaustive search attack is
always theoretically possible.
But keys used are too large (>512bits).
Security relies on a large enough difference in difficulty between
easy (en/decrypt) and hard (cryptanalyse) problems.
More generally the hard problem is known, but is made hard
enough to be impractical to break.
Requires the use of very large numbers.
Hence, these algorithms are slow as compared to private key
schemes.
RSA Algorithm
• The RSA algorithm is named after Ron Rivest, Adi Shamir
and Len Adleman, who invented it in 1977.
• The RSA cryptosystem is the most widely-used public key
cryptography algorithm in the world.
• It can be used to encrypt a message without the need to
exchange a secret key separately.
• The RSA algorithm can be used for both public key
encryption and digital signatures.
RSA Algorithm
• Its security is based on the difficulty of factoring large
integers.
• Party A can send an encrypted message to party B without
any prior exchange of secret keys.
• A just uses B's public key to encrypt the message and B
decrypts it using the private key, which only he knows.
• RSA can also be used to sign a message, so A can sign a
message using his/her private key and B can verify it using
A's public key.
RSA Algorithm
• Key Generation Algorithm
• Generate two large random primes, p and q, of
approximately equal size such that their product n=p*q is of
the required bit length, e.g. 1024 bits.
• Compute n=p*q and ϕ(n)=(p-1)(q-1). Here ϕ(n) is euler’s
totient function
• Choose an integer e, 1<e<ϕ(n), such that gcd(e, ϕ(n))=1.
• Compute the secret exponent d, 1<d<ϕ(n), such that ed≡1
mod ϕ(n).
• The public key is (e, n) and the private key (d, n).
Use euclidean algorithm to compute gcd
• In order to find the largest common divisor, we can prime
factorize both numbers and examine which prime factors that
appear in both numbers, that is, the largest common divisor will
be the intersection of the sets of prime factors for both numbers.
• However, the procedure of prime factorizing numbers is very
tedious.
• Start by dividing the larger number m with the smaller n. This
gives a remainder r1.
• Then divide the smaller number n with the obtained remainder
r1.
Use euclidean algorithm to compute gcd
• This gives a new remainder r2. Now divide the remainder r1
with the remainder r2.
• This gives yet another remainder r3.
• Repeat the procedure until the remainder becomes zero.
• The last non-zero remainder is equal to the largest common
divisor.
Use euclidean algorithm to compute gcd
• Example:
• gcd(100,44)?
• In case if we get 0 in the
reminder then previous
reminder is the gcd.
Use euclidean algorithm to compute gcd
• Other case:
• Example:
• gcd(9,7)?
• 9=7x1+2
• 7=2x3+1
• Note: In the reminder if get 1 then 1 will be the gcd.
Use euclidean algorithm to compute gcd
• Another example:
• gcd(15,13)?
• 15=13x1+2
• 13=2x6+1
• Therefore gcd will be 1.
• Note: greatest common factor (G.C.F)or highest common
factor (H.C.F) or greatest common divisor (G.C.D), we know
that there is no difference between them.
Extended Euclidean algorithm to compute
inverse modulo
• Compute 7-1 (mod 20)
• To compute this first apply the steps of Euclidean algorithm
• 20=7*2+6 ---(eq. 1)
• 7=6*1+1 ---(eq. 2)
• If we get reminder as a 1 then inverse modulo is possible
otherwise not.
• Eq. 1 and 2 can also be written as
• 20=7*2+6 ---(eq. 1) or 6=20-7*2
• 7=6*1+1 ---(eq. 2) or 1=7-6*1
Extended Euclidean algorithm to compute
inverse modulo
• 6=20-7*2 --- (eq. 3)
• 1=7-6*1--- (eq. 4)
• Substitute the value of 6 from eq. 3 to eq. 4
• 1=7-1*(20-7*2)
• 1=7-1*20+7*2
• 1=7*1-1*20+7*2
• 1=7*3-1*20 (whatever we’ll have in the multiplication of 7 will
be the modulo inverse.
• Therefore, 7-1 (mod 20) will be 3.
RSA Algorithm
Encryption
• Sender A does the following:
• Obtains the recipient B's public key (e,n).
• Represents the plaintext message as a positive integer m with 1<m<n
• Computes the ciphertext c=m^e mod n.
• Sends the ciphertext c to recipient B.
Decryption
• Recipient B does the following:
• Uses his private key (d,n) to compute m=c^d mod n.
• Extracts the plaintext m from the received message c.
 Example of RSA encryption and decryption using the
key pair established:
• public key: (9, 1189) and private key: (249,1189)
• Suppose someone wants to encrypt the plaintext 19. We
• Step 3:
thus have to calculate: • C ≡ (19^8)(19^1) mod 1189
• C ≡ 19^9 mod 1189.
• ≡ (1185)(19) mod 1189
• This is most efficiently calculated using the Repeated
Squares Algorithm: • ≡ 22515 mod 1189
• Step 1:
• ≡ 1113 mod 1189
• C ≡ {19^(8+1)} mod 1189
• C ≡ {(19^8)(19^1)} mod 1189 • So the ciphertext C is 1113.
• Step 2:
• 19^1 ≡ 19 mod 1189
• 19^2 ≡ 19^2 = 361 mod 1189
• 19^4 = (19^2)^2 ≡ (361)^2 = 130321 ≡ 720 mod 1189
• 19^8 = (19^4)^2 ≡ (720)^2 = 518400 ≡ 1185 mod 1189
 Example of RSA encryption and decryption using the
key pair established:
• RSA Decryption • Step 2:
• Suppose we now receive this ciphertext • 1113^1 ≡ 1113 mod 1189
C=1113. To decrypt it we have to calculate:
• 1113^2 ≡ 11132 = 1238769 ≡ 1020 mod
• M ≡ {1113^249} mod 1189. 1189
• This is most efficiently calculated using the • 1113^4 = (1113^2)^2 ≡ (1020)^2 =
Repeated Squares Algorithm:
1040400 ≡ 25 mod 1189
• Step 1:
• 1113^8 = (1113^4)^2 ≡ (25)^2 = 625
• M ≡ 1113^249 mod 1189 mod 1189
• M ≡ {1113^(128+64+32+16+8+1)} mod 1189
• M≡
{(1113^128)(1113^64)(1113^32)(1113^16)(1
113^8)(1113^1)} mod 1189
 Example of RSA encryption and decryption using the
key pair established:
• 1113^16 = (1113^8)^2 ≡ (625)^2 = 390625 ≡ (256)(16)(1185)(633)(625)(1113) mod 1189
≡ 633 mod 1189 ≡ (256)(16)(1185)(633){(625)(1113) mod 1189}
• 1113^32 = (1113^16)^2 ≡ (633)^2 = 400689 ≡ (256)(16)(1185)(633)(60) mod 1189
≡ 1185 mod 1189 ≡ (256)(16)(60){(1185)(633) mod 1189}
• 1113^64 = (1113^32)^2 ≡ (1185)^2 = ≡ (256)(16)(60)(1035) mod 1189
1404225 ≡ 16 mod 1189 ≡ (16)(60){(256)(1035) mod 1189}
≡(16)(60)(1002) mod 1189
• 1113^128 = (1113^64)^2 ≡ (16)^2 = 256
mod 1189 ≡961920 mod 1189
≡ 19 mod 1189.
• Step 3: • So the plaintext M is 19. Cross verified.
• M≡
(1113^128)(1113^64)(1113^32)(1113^16)(11
13^8)(1113^1) mod 1189
Correctness proof of RSA Algorithm
 Diffie-Hellman Key Exchange
• First published public-key algorithm (in 1976).

• A number of commercial products employ this key exchange

technique.
• Purpose is to enable two users to securely exchange a key that
can then be used for subsequent symmetric encryption of
messages.
• The algorithm itself is limited to the exchange of secret values.

• Its effectiveness depends on the difficulty of computing discrete

logarithms.
• W. Diffie and M. Hellman,"New directions in cryptography", IEEE Transactions on Information Theory,
Vol.22(6), pp.644-654, 1976.
 Key Exchange Protocols

• Users could create random private/public Diffie-Hellman keys

each time when they communicate.
• Vulnerable to Man-in-the-Middle-Attack.
• Therefore, authentication of the keys is needed.
Primitive root of a prime number
• A number g is a primitive root modulo n if every number
a coprime to n is congruent to a power of g modulo n.
• That is, g is a primitive root modulo n if for every integer
a coprime to n, there is an integer k such that g^k ≡ a
(mod n).
• Such a value k is called the index or discrete logarithm of
a to the base g modulo n.
Example: 3 is primitive root of 7
Example: 3 is primitive root of 7
• Here we see that the period of 3k modulo 7 is 6.
• The remainders in the period, which are 3, 2, 6, 4, 5, 1,
form a rearrangement of all nonzero remainders modulo
7, implying that 3 is indeed a primitive root modulo 7.
• This derives from the fact that a sequence (gk modulo n)
always repeats after some value of k, since
modulo n produces a finite number of values.
• If g is a primitive root modulo n and n is prime, then the
period of repetition is n−1.
• 7 also has another primitive root which is 5.
Digital Signature Algorithm/Digital Signature
Standard (DSA)
• Introduced in 1991 by the National Institute of
Standards and Technology (NIST).
• The digital signature algorithm is the standard for digital
signatures.
• Most digital signature types are used by signing
messages using the private key of the originator (source)
of the message.
Digital Signature Algorithm/Digital Signature
Standard (DSA)
• DSA doesn’t use the private key to encrypt messages
nor does it use the public key to decrypt messages.
• DSA makes use of a unique mathematical functions that
create a digital signature with two 160-bit numbers.
• These numbers are originated from the message digests
and the private key.
• While DSA does use the public key to authenticate the
signature.
Digital Signature Generation and Verification
• The DSA is used by a signatory to generate a digital signature
on data and by a verifier to verify the authenticity of the
signature.
• Each signatory has a public and private key.
• The private key is used in the signature generation process
and the public key is used in the signature verification
process.
Digital Signature Generation and Verification
• For both signature generation and verification, the data
(which is referred to as a message) is reduced by means of the
Secure Hash Algorithm (SHA).
• An adversary, who does not know the private key of the
signatory, cannot generate the correct signature of the
signatory.
• In other words, signatures cannot be forged.
• However, by using the signatory’s public key, anyone can
verify a correctly signed message.
DSA process:
DSA process:
DSA process:
DSA process:
Signing phase:
DSA process:
Verification phase:
RSA digital signature
• RSA digital signature scheme applies the sender’s private key
to a message to generate a signature.
• The signature can then be verified by applying the
corresponding public key to the message and the signature
through the verification process.
• These two operations are there sign and verify.
RSA digital signature: process
RSA digital signature: process
RSA digital signature: process
RSA digital signature: process
RSA digital signature: correctness proof
RSA digital signature: process
Message authentication code (MAC)
• A message authentication code (often called MAC) is a
block of a few bytes that is used to authenticate a
message.
• The receiver can check this block and be sure that the
message hasn’t been modified by the third party.
• A MAC requires two inputs: a message and a secret key
known only to the originator of the message and its
intended recipient(s).
Message authentication code (MAC)
Uses:
• Message authentication codes (MACs) are commonly used in
electronic funds transfers (EFTs) to maintain information
integrity.
• They confirm that a message is authentic; that it really does
come, in other words, from the stated sender, and hasn’t
undergone any changes en route.
• A verifier who also possesses the key can use it to detect changes
to the content of the message if there.
Message authentication code (MAC)
• This allows the recipient of the message to verify its
integrity.
• MAC=C(M,K). MAC (authenticator) is fixed length of
code generated using original message M and key K.
Here, C is a function (algorithm) used to compute MAC.
Message authentication code (MAC)
Process:
Message authentication code (MAC)
Types:
 Secure Hash Algorithms
• Secure Hash Algorithms, also known as SHA, are a
family of cryptographic functions designed to keep data
secured i.e., SHA256, MD5.
• It works by transforming the data using a hash function:
an algorithm that consists of bitwise operations, modular
additions, and compression functions.
 Secure Hash Algorithms
• The hash function then produces a fixed-size string (hash
code-authenticator).
• These algorithms are designed to be one-way functions,
meaning that once they’re transformed into their
respective hash values, it’s impossible to transform them
back into the original data.
 Secure Hash Algorithms
• A few algorithms of interest are SHA-1, SHA-2, and
SHA-3, each of which was successively designed with
increasingly stronger encryption in response to hacker
attacks.
• SHA-1, for instance, is now obsolete due to the widely
exposed vulnerabilities.
• A common application of SHA is to encrypt passwords, as
the server side only needs to keep track of a specific
user’s hash value, rather than the actual password.
 Secure Hash Algorithms
• This is helpful in case an attacker hacks the database, as
they will only find the hashed functions and not the actual
passwords.
• Additionally, SHAs exhibit the avalanche effect, where
the modification of very few letters being encrypted
causes a big change in output.
Secure Hash Algorithms: process
Original message M
Hash code x also called as authenticator
x=h(M)
Where h() is a hash function
 Basic uses of hash function
a) For integrity checking of the
transmitted message (also achieve
secrecy)

b) For integrity checking of the

transmitted message, (No secrecy-
message is going in plaintext)

c) For integrity checking and

message authentication (No
secrecy)
 Basic uses of hash function

c) For integrity checking and

message authentication. ( No
secrecy-Message is going in
plaintext. )
(S is a common secret of
sender and receiver).

d) For integrity checking and

message authentication. S is a
common secret of sender and
receiver. (Achieve secrecy-
Message is transmitted in
encrypted form).
Important references:
1. Textbook: Cryptography and Network Security: Principles
and Practice by William Stallings