Cybersecurity and

Cryptography in
Fintech
Chapter 9: 1
Public Key Cryptography and RSA
LEARNING OBJECTIVES
After studying this chapter, you should be able to:
• Present an overview of the basic principles of public-key cryptosystems.

• Explain the two distinct uses of public-key cryptosystems.

• List and explain the requirements for a public-key cryptosystem.

• Present an overview of the RSA algorithm.

• Understand the timing attack.

• Summarize the relevant issues related to the complexity of algorithms.

2
Private-Key Cryptography
▪ Traditional private/secret/single key cryptography uses one key that is shared by
both sender and receiver.
▪ If this key is disclosed, communications are compromised.

▪ Also is symmetric, parties are equal, hence does not protect sender from receiver
forging a message and claiming that it is sent by sender.

3
Public-Key Cryptography
▪ Probably most significant advance in the 3000 years history of cryptography.

▪ Uses two keys – a public & a private key.

▪ Asymmetric since parties are not equal.

▪ Uses clever application of number theory concepts to function.

▪ Complements rather than replaces private key crypto.

4
 Why Public-Key Cryptography?
▪ Developed to address two key issues:
• Key distribution – how to have secure communications in general without having to trust a KDC
with your key.
• Digital signatures – how to verify a message comes intact from the claimed sender

▪ Public invention due to Whitfield Diffie & Martin Hellman at Stanford Uni in 1976, however,
it was Known earlier in classified community.

5
Public-Key Cryptography
▪ Public-key/two-key/asymmetric cryptography involves the
use of two keys:
▪ A public-key, which may be known by anybody, and can be used to
▪ Encrypt messages, and
▪ Verify signatures.
▪ A private-key, known only to the recipient, used to
▪ Decrypt messages, and
▪ Sign (create) signatures.

▪ Is asymmetric because
▪ Those who encrypt messages or verify signatures cannot decrypt
messages or create signatures.
6
Public-Key Cryptography

7
Public-Key Characteristics
▪ Public-Key algorithms rely on two keys where:
▪ It is computationally infeasible to find decryption key knowing only
algorithm & encryption key.
▪ It is computationally easy to en/decrypt messages when the
relevant (en/decrypt) key is known.
▪ Either of the two related keys can be used for encryption, with the
other used for decryption (for some algorithms).

8
Public-Key Cryptosystems

9
Public-Key Cryptosystems

10
Public-Key Cryptosystems

11
Public-Key Applications
▪ Can classify uses into 3 categories:

▪ Encryption/Decryption (provide secrecy).

▪ Digital signatures (provide authentication).

▪ Key exchange (of session keys).

▪ Some algorithms are suitable for all uses, others are specific to one.

12
RSA
▪ By Rivest, Shamir & Adleman of MIT in 1977.
▪ Best known & widely used public-key scheme.
▪ Based on exponentiation in a finite (Galois) field:
▪ Exponentiation takes O((log n)3) operations (easy).

▪ Uses large integers (eg. 1024 bits).

▪ Security due to cost of factoring large numbers:
▪ Factorization takes O(e log n log n log n) operations (hard).

13
 RSA Key Setup (1/2)
▪ Each user generates a public/private key pair by:
▪ selecting two large primes at random p, q
▪ To test n for primality: just divide by all of the primes less than the square
root of n. For example, to show is 211 is prime, we just divide by 2, 3, 5, 7,
11, and 13 [sqrt(211)=14]

▪ Computing their modulus n=p.q

▪ Computing ø(n)=(p-1)(q-1)
▪ Euler’s totient function: is defined as the number of positive integers less than n and
relatively prime to n. E.g ø(35)=24
▪ Relatively prime: When two numbers have no common factors other than 1. In other words,
there is no value that you could divide them both by exactly (without any remainder)

14
Euler’s totient function

15
RSA Key Setup (2/2)

▪ Selecting at random the encryption key e

▪ where 1<e<ø(n), gcd(e,ø(n))=1

▪ Solve following equation to find decryption key d

▪ e.d=1 mod ø(n) and 0≤d≤ø(n)
▪ d = e-1 mod ø(n) (Using Euclid’s Inverse algorithm)

▪ Publish their public encryption key: PU={e,n}

▪ Keep secret private decryption key: PR={d,n}

16
RSA Use
▪ To encrypt a message M the sender:
▪ Obtains public key of recipient PU={e,n}
▪ Computes: C = Me mod n, where 0≤M<n
▪ The message M must be smaller than the modulus n (block if needed)

▪ To decrypt the ciphertext C the owner:

▪ Uses their private key PR={d,n}
▪ Computes: M = Cd mod n

17
Example of RSA Algorithm

18
RSA ALGORITHM (summarize)

19
 References
➢ Primality test & GCD & & Decimal to Binary → p& q, gcd(e,ø(n))
▪ TOOL: https://www.numberempire.com/primenumbers.php
▪ TOOL: http://www.alcula.com/calculators/math/gcd/
▪ TOOL: https://www.rapidtables.com/convert/number/decimal-to-binary.html?x=23

▪ Mod of –ve/+ve number → (a mod b)

▪ https://www.youtube.com/watch?v=i-RnxlXUfTA
▪ TOOL → https://miniwebtool.com/modulo-calculator/

▪ Mod of inverse → e-1 mod ø(n) (Euclid’s Inverse algorithm)

▪ https://www.youtube.com/watch?v=O-4_oS3G7MI
▪ https://www.youtube.com/watch?v=fz1vxq5ts5I
▪ TOOL → https://planetcalc.com/3298/

▪ Square and Multiply (SM) → ab mod n

▪ https://www.youtube.com/watch?v=rdMaG7s-lE4
▪ https://www.youtube.com/watch?v=EHUgNLN8F1Y
▪ TOOL → https://www.dcode.fr/modular-exponentiation
20
GCD Calculation
▪ GCD of two numbers is the largest number that divides both.
▪ A simple way to find GCD is to factorize both numbers and
multiply common factors.

▪ Simple naïve method that don’t work for large numbers.

21
 Basic Euclidean Algorithm for GCD
▪ The algorithm is based on below facts:
If we subtract smaller number from larger (we reduce larger number), GCD
doesn’t change. So, if we keep subtracting repeatedly the larger of two, we
end up with GCD.
▪ Now instead of subtraction, if we divide smaller number, the algorithm stops
when we find remainder 0.
▪ Try on (75,20)

▪ Subtraction:75 20 55 35 20 15 5 10 5 5 0 ➔ GCD(5)

▪ Division: 75 20 15 5 0 ➔ GCD(5)

▪ http://www.alcula.com/calculators/math/gcd/

22
Modular Arithmetic
▪ R= a mod b
▪ R= a – (b*X)
▪ Find MAX value of X that makes R +ve

▪ Ex: R = 11 mod 4
▪ R= 11- (4 * 2)= 11- 8 =3

▪ Ex: R = -11 mod 4

▪ R= -11- (4 * -3)= -11 – ( -12)= -11 +12= 1

▪ Ex: R= -12 mod 7= ? (send private in chat)

▪ R=-12- (7*-2)= -12 – (-14)= -12 +14= 2
➢ https://miniwebtool.com/modulo-calculator/

23
Calculating e mod
-1 ø(n
▪ d(7) = 1 mod 40
▪ d= 7-1 mod 40
▪ Steps: (Target : Reach To Reminder 1 In terms of 40 And 7)
▪ 40 mod 7= 5 = 40 – (7*5)
▪ 7 mod 5 = 2 = 7 – (5*1)
▪ 5 mod 2 = 1 = 5 - (2*2) → reminder 1:STOP
▪ 1= 5 – (2*2)
▪ 1= 5- (7 – (5*1)*2)= 5 – 2(7) + 2(5) = 3(5) -2(7)
▪ 1=3(40 – (7*5)) – 2(7) =3(40) -15(7) -2(7)= 3(40) -17 (7)
▪ d= -17 mod 40 = 23
▪ Ex: d=9-1 mod 35, d=?
➢ d= 4 mod 35 =4 https://planetcalc.com/3298/ 24
Square and Multiply (SM) → ab mod n
▪ 3200 mod 50
▪ 31 mod 50= 3 mod 50= 3
▪ 32 mod 50= 9 mod 50= 9
▪ 34 mod 50= 81 mod 50= 31
▪ 38 mod 50= 961 mod 50= 11
▪ 316 mod 50= 121 mod 50= 21
▪ 332 mod 50= 441 mod 50= 41
▪ 364 mod 50= 1681 mod 50= 31
▪ 3128 mod 50= 961 mod 50= 11
▪ 3256 → >200 (STOP)
▪ BINARY(200) = 1 1 0 0 1 0 0 0 → ones: (23, 26, 27)=(8, 64, 128)=200
▪ 3200=38+64+128 =38 * 364 *3128
▪ 3200 mod 50=(38 * 364 *3128) mod 50= (11*31*11) mod 50= 3751 mod 50= 1
▪ EX: 413 mod 5 (send private in chat)

▪ Answer= 4 https://www.dcode.fr/modular-exponentiation 25
26
Another RSA Example (1/2) - Key Setup
Here walk through example RSA key generation using “trivial” sized numbers.
1. Select primes: p=17 & q=11
2. Compute n = pq =17 x 11=187
3. Compute ø(n)=(p–1)(q-1)=16 x 10=160
4. Select e: gcd(e,160)=1; choose e=7
5. Determine d: de=1 mod 160 and d < 160 Value is d=23 since
23x7=161= 10x160+1
▪ d = e-1 mod ø(n)
▪ Finding d as inverse of e mod ø(n) requires use of Euclid’s
Inverse algorithm
6. Publish public key PU={7,187}
7. Keep secret private key PR={23,187} 27
RSA Example (2/2) - En/Decryption

▪ Sample RSA encryption/decryption is:

▪ Given message M = 88 (note 88<187)

▪ Encryption:
C = 887 mod 187 = 11
▪ Decryption:
M = 1123 mod 187 = 88

28
Analysis: RSA Key Generation
▪ Users of RSA must:

▪ Determine two primes at random : p, q

▪ Select either e or d and compute the other

▪ Primes p,q must not be easily derived from modulus n=p.q

▪ Means must be sufficiently large

▪ Typically guess (p,q) and use primality test, if not repeat

▪ Note that the prime number theorem shows that the average number of guesses needed is not too

large.

▪ Exponents e, d are inverses, so use Inverse algorithm to compute the other

29
Analysis: Exponentiation
▪ Can use the Square and Multiply Algorithm.
▪ A fast, efficient algorithm for exponentiation
▪ Concept is based on repeatedly squaring base
▪ And multiplying in the ones that are needed to compute the result
▪ Look at binary representation of exponent

▪ Only takes O(log2 n) multiples for number n

▪ e.g. 75 mod 11= 74.71 = 3.7 = 21 mod 11=10
▪ e.g. 3129 mod 11= 3128.31 = 5.3 = 4 mod 11=4

30
Analysis: Efficient Encryption
▪ Encryption uses exponentiation to power e

▪ C = Me mod n

▪ Hence if e small, this will be faster

▪ often choose e=65537 (216-1)

▪ But if e too small (e.g., e=3) can attack

▪ Using Chinese remainder theorem & 3 messages with different moduli

▪ If e fixed must ensure gcd(e,ø(n))=1

▪ i.e., reject any p or q not relatively prime to e

31
Analysis: Efficient Decryption
▪ Decryption uses exponentiation to power d

▪ this is likely large, insecure if not

▪ Can use the Chinese Remainder Theorem (CRT) to compute mod p & q separately.

▪ then combine to get desired answer

▪ Approx 4 times faster than doing directly

▪ M = Cd mod n n=p*q

▪ Only owner of private key who knows values of p & q can use this technique

32
Analysis: Key Collision
▪ In asymmetric cryptography, key pairs are randomly generated. Furthermore, the

amount of different keypairs that can be generated is huge.

▪ Therefore, the probability of two people accidentally generating the same

keypair is negligible.

33
Analysis: RSA Security
▪ Possible approaches to attacking RSA are:

▪ Brute force key search (infeasible given size of numbers)

▪ Mathematical attacks (based on difficulty of computing ø(n), by factoring modulus (n)

▪ Timing attacks (on running of decryption)

▪ Chosen ciphertext attacks (given properties of RSA)

34
Analysis: Factoring Problem
▪ Mathematical approach takes 3 forms:
▪ Factor n=p.q, hence, compute ø(n)= (p-1) *(q-1) and
then d.
▪ Determine ø(n) directly and compute d. (d = e-1 mod ø(n))
▪ Find d directly

35
Analysis: Timing Attacks
▪ Is somewhat analogous to a burglar guessing the combination of a
safe by observing how long it takes for someone to turn the dial
from number to number.
▪ Exploit timing variations in operations
▪ E.g., multiplying by small vs large number

▪ Infer operand size based on time taken.

▪ Countermeasures
▪ Use constant exponentiation time , M = Cd mod n.
▪ Ensure that all exponentiations take the same amount of time before returning a result. This is a simple fix
but does degrade performance
▪ Add random delays.
▪ Blind values used in calculations: Multiply the ciphertext by a random
number before performing exponentiation.
36
Analysis: Chosen Ciphertext Attacks

▪ RSA is vulnerable to a Chosen Ciphertext Attack (CCA).

▪ Attackers chooses ciphertexts & gets decrypted plaintext back.
▪ choose ciphertext to exploit properties of RSA to provide info to help
cryptanalysis
▪ Can counter with the algorithm itself randomly pad plaintext prior
to encryption process.
▪ More sophisticated variants need to modify the plaintext using a procedure
known as optimal asymmetric encryption padding (OAEP).
▪ https://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding

37
Summary
▪ Have considered:

▪ Principles of public-key cryptography

▪ RSA algorithm, implementation, security

38