Symmetric-Key Cryptography

INTRODUCTION

Symmetric and asymmetric-key cryptography will exist in

parallel and continue to serve the community. We actually
believe that they are complements of each other; the
advantages of one can compensate for the disadvantages of
the other.

Symmetric-key cryptography is based on sharing secrecy;

asymmetric-key cryptography is based on personal secrecy.
Asymmetric key cryptography uses two separate keys: one
private and one public.
Locking and unlocking in asymmetric-key cryptosystem
 Public-Key Cryptography

◼ public-key/two-key/asymmetric cryptography involves the

use of two keys:

◼ a public-key, which may be known by anybody, and can be

used to encrypt messages, and verify signatures

◼ a private-key, known only to the recipient, used to decrypt

messages, and sign (create) signatures

◼ is asymmetric because
◼ those who encrypt messages or verify signatures cannot
decrypt messages or create signatures
Public-Key Cryptography
 Public-Key Characteristics

◼ Public-Key algorithms rely on two keys where:

◼ it is computationally infeasible to find decryption key

knowing only algorithm & encryption key

◼ it is computationally easy to en/decrypt messages when the

relevant (en/decrypt) key is known

◼ either of the two related keys can be used for encryption,

with the other used for decryption (for some algorithms)
Public-Key Cryptosystems
 Public-Key Applications

◼ can classify uses into 3 categories:

◼ encryption/decryption (provide secrecy)

◼ digital signatures (provide authentication)

◼ key exchange (of session keys)

◼ some algorithms are suitable for all uses, others are specific to
one
 Security of Public Key Schemes

◼ like private key schemes brute force exhaustive search

attack is always theoretically possible
◼ but keys used are too large (>512bits)
◼ security relies on a large enough difference in difficulty
between easy (en/decrypt) and hard (cryptanalyse)
problems
◼ more generally the hard problem is known, but is made
hard enough to be impractical to break
◼ requires the use of very large numbers
◼ hence is slow compared to private key schemes
General idea of asymmetric-key cryptosystem
Plaintext/Ciphertext

Unlike in symmetric-key cryptography, plaintext and ciphertext are

treated as integers in asymmetric-key cryptography.

Encryption/Decryption

C = f (Kpublic , P) P = g(Kprivate , C)
 Trapdoor One-Way Function

The main idea behind asymmetric-key cryptography is the

concept of the trapdoor one-way function.

Functions
A function as rule mapping a domain to a range
One-Way Function (OWF)

1. f is easy to compute.
2. f −1 is difficult to compute.

Trapdoor One-Way Function (TOWF)

3. Given y and a trapdoor, x can be

computed easily.
Example 10. 1

When n is large, n = p × q is a one-way function. Given p and q , it is

always easy to calculate n ; given n, it is very difficult to compute p
and q. This is the factorization problem.

Example 10. 2

When n is large, the function y = xk mod n is a trapdoor one-way

function. Given x, k, and n, it is easy to calculate y. Given y, k, and n,
it is very difficult to calculate x. This is the discrete logarithm
problem. However, if we know the trapdoor, k′ such that k × k ′ = 1
mod f(n), we can use x = yk′ mod n to find x.
 Knapsack Cryptosystem
Definition
a = [a1, a2, …, ak ] and x = [x1, x2, …, xk].

Given a and x, it is easy to calculate s. However, given s

and a it is difficult to find x.

Superincreasing Tuple

ai ≥ a1 + a2 + … + ai−1
Example 10. 3

As a very trivial example, assume that a = [17, 25, 46, 94, 201,400]
and s = 272 are given. Table 10.1 shows how the tuple x is found
using inv_knapsackSum routine in Algorithm 10.1. In this case x =
[0, 1, 1, 0, 1, 0], which means that 25, 46, and 201 are in the
knapsack.
Secret Communication with Knapsacks.

Secret communication with knapsack cryptosystem

 Example 10. 4

This is a trivial (very insecure) example just to show the procedure.

 RSA CRYPTOSYSTEM

The most common public-key algorithm is the RSA

cryptosystem, named for its inventors (Rivest, Shamir, and
Adleman).
Procedure

Encryption, Decryption, and key generation in RSA

Proof of RSA
 Why RSA Works

◼ because of Euler's Theorem:

◼ aø(n)mod n = 1 where gcd(a,n)=1
◼ in RSA have:
◼ n=p.q
◼ ø(n)=(p-1)(q-1)
◼ carefully chose e & d to be inverses mod ø(n)
◼ hence e.d=1+k.ø(n) for some k
◼ hence :
Cd = Me.d = M1+k.ø(n) = M1.(Mø(n))k
= M1.(1)k = M1 = M mod n
 RSA Key Setup
◼ each user generates a public/private key pair by:
◼ selecting two large primes at random - p, q
◼ computing their system modulus n=p.q
◼ note ø(n)=(p-1)(q-1)

◼ selecting at random the encryption key e

◼ where 1<e<ø(n), gcd(e,ø(n))=1

◼ solve following equation to find decryption key d

◼ e.d=1 mod ø(n) and 0≤d≤n

◼ publish their public encryption key: PU={e,n}

◼ keep secret private decryption key: PR={d,n}
 RSA Use

◼ to encrypt a message M the sender:

◼ obtains public key of recipient PU={e,n}

e
◼ computes: C = M mod n, where 0≤M<n

◼ to decrypt the ciphertext C the owner:

◼ uses their private key PR={d,n}

d
◼ computes: M = C mod n

◼ note that the message M must be smaller than the modulus n

(block if needed)
 RSA Example - Key Setup

1. Select primes: p=17 & q=11

2. Compute n = pq =17 x 11=187
3. Compute ø(n)=(p–1)(q-1)=16 x 10=160
4. Select e: gcd(e,160)=1; choose e=7
5. Determine d: de=1 mod 160 and d < 160 Value is d=23
since 23x7=161= 10x160+1
6. Publish public key PU={7,187}
7. Keep secret private key PR={23,187}
 Some Trivial Examples
Example 10. 5

Bob chooses 7 and 11 as p and q and calculates n = 77. The value of

f(n) = (7 − 1)(11 − 1) or 60. Now he chooses two exponents, e and d,
from Z60∗. If he chooses e to be 13, then d is 37. Note that e × d mod
60 = 1 (they are inverses of each Now imagine that Alice wants to
send the plaintext 5 to Bob. She uses the public exponent 13 to
encrypt 5.

Bob receives the ciphertext 26 and uses the private key 37 to

decipher the ciphertext:
 Some Trivial Examples
Example 10. 6

Now assume that another person, John, wants to send a message to

Bob. John can use the same public key announced by Bob (probably
on his website), 13; John’s plaintext is 63. John calculates the
following:

Bob receives the ciphertext 28 and uses his private key 37 to

decipher the ciphertext:
 Some Trivial Examples
Example 10. 7

Jennifer creates a pair of keys for herself. She chooses p = 397 and q
= 401. She calculates
n = 159197. She then calculates f(n) = 158400. She then chooses e =
343 and d = 12007. Show how Ted can send a message to Jennifer if
he knows e and n.

Suppose Ted wants to send the message “NO” to Jennifer. He

changes each character to a number (from 00 to 25), with each
character coded as two digits. He then concatenates the two coded
characters and gets a four-digit number. The plaintext is 1314. Figure
10.7 shows the process.
Encryption and Decryption in Example
 Attacks on RSA

Taxonomy of potential attacks on RSA