UNIT III CRYPTOGRAPHY & NETWORK SECURITY

Asymmetric Key Cryptography

Asymmetric-Key Encipherment
In asymmetric-key encipherment (sometimes called public-key encipherment or
public-key cryptography), we have the same situation as the symmetric-key
encipherment, with a few exceptions. First, there are two keys instead of one:
one public key and one private key. To send a secured message to Bob, Alice
first encrypts the message using Bob’s public key. To decrypt the message, Bob
uses his own private key.

Need for Both

There is a very important fact that is sometimes misunderstood: The advent of
asymmetric key (public-key) cryptography does not eliminate the need for
symmetric-key (secret-key) cryptography.
The reason is that asymmetric-key cryptography, which uses mathe-matical
functions for encryption and decryption, is much slower than symmetric-key
cryptography.
For encipherment of large messages, symmetric-key cryptography is still
needed. On the other hand, the speed of symmetric-key cryptography does not
eliminate the need for asymmetric-key cryptography.
Asymmetric-key cryptography is still needed for authentication, digital
signatures, and secret-key exchanges. This means that, to be able to use all

1
Prof. Andleeb Sahar
UNIT III CRYPTOGRAPHY & NETWORK SECURITY

aspects of security today, we need both symmetric-key and asymmetric-key

cryptography. One complements the other.

Euler’s Phi-Function
Euler’s phi-function, φ(n), which is sometimes called the Euler’s totient
function plays a very important role in cryptography. The function finds the
number of integers that are both smaller than n and relatively prime to n.
The following helps to find the value of φ(n).
1. φ(1) = 0.
2. φ(p) = p − 1 if p is a prime.
3. φ(m × n) = φ(m) × φ(n) if m and n are relatively prime.

Example: What is the value of φ(13)?

Ans: Because 13 is a prime, φ(13) = (13 −1) = 12.

Fermat’s and Euler’s Theorems

Two theorems that play important roles in public-key cryptography are Fermat’s
theorem and Euler’s theorem.
1) Fermat’s Little Theorem
Fermat’s little theorem plays a very important role in number theory and
cryptography. There are two versions of the theorem.
First Version
The first version says that if p is a prime and a is an integer such that p does not
divide a, then ap−1 ≡ 1 mod p.
Second Version
The second version removes the condition on a. It says that if p is a prime and a
is an integer, then ap ≡ a mod p

2
Prof. Andleeb Sahar
UNIT III CRYPTOGRAPHY & NETWORK SECURITY

2) Euler’s Theorem
Euler’s theorem can be thought of as a generalization of Fermat’s little theorem.
The modulus in the Fermat theorem is a prime, the modulus in Euler’s theorem
is an integer.
First Version
The first version of Euler’s theorem is similar to the first version of the Fermat’s
little theorem. If a and n are coprime, then aφ(n) ≡ 1 (mod n).
Second Version
The second version of Euler’s theorem is similar to the second version of
Fermat’s little theorem; it removes the condition that a and n should be coprime.
If n = p × q, a < n, and k an integer, then ak × φ(n) + 1 ≡ a (mod n).

3
Prof. Andleeb Sahar
UNIT III CRYPTOGRAPHY & NETWORK SECURITY

SYMMETRIC-KEY AGREEMENT
Alice and Bob can create a session key between themselves without using a
KDC. This method of session-key creation is referred to as the symmetric-key
agreement.
Although there are several ways to accomplish this, one common method is
Diffie-Hellman .

> Diffie-Hellman Key Agreement

In the Diffie-Hellman protocol two parties create a symmetric session key
without the need of a KDC.
Before establishing a symmetric key, the two parties need to choose two
numbers p and g. The first number, p, is a large prime number on the order of
300 decimal digits (1024 bits). The second number, g, is a generator of order
p − 1 in the group.
These two (group and generator) do not need to be confidential. They can be
sent through the Internet; they can be public.

The steps are as follows:

1. Alice chooses a large random number x such that 0 ≤ x ≤ p − 1 and calculates
R1 = gX mod p.
2. Bob chooses another large random number y such that 0 ≤ y ≤ p − 1 and
calculates R2 = gY mod p.
3. Alice sends R1 to Bob. Note that Alice does not send the value of x; she
sends only R1.
4. Bob sends R2 to Alice. Again, note that Bob does not send the value of y, he
sends only R2.
5. Alice calculates K = (R2)X mod p.
6. Bob also calculates K = (R1)Y mod p.

K is the symmetric key for the session.

4
Prof. Andleeb Sahar
UNIT III CRYPTOGRAPHY & NETWORK SECURITY

Example: Assume that g = 7 and p = 23. The steps are as follows:

1. Alice chooses x = 3 and calculates R1 = 73 mod 23 = 21.
2. Bob chooses y = 6 and calculates R2 = 76 mod 23 = 4.
3. Alice sends the number 21 to Bob.
4. Bob sends the number 4 to Alice.
5. Alice calculates the symmetric key K = 43 mod 23 = 18.
6. Bob calculates the symmetric key K = 216 mod 23 = 18.

5
Prof. Andleeb Sahar
UNIT III CRYPTOGRAPHY & NETWORK SECURITY

>RSA
The most common public-key algorithm is the RSA cryptosystem, named for its
inventors (Rivest, Shamir, and Adleman).
Introduction
RSA uses two exponents, e and d, where e is public and d is private.
Suppose P is the plaintext and C is the ciphertext. Alice uses C = Pe mod n to
create ciphertext C from plaintext P;
Bob uses P = Cd mod n to retrieve the plaintext sent by Alice.
The modulus n, a very large number, is created during the key generation
process,

Example:
1. Select two prime numbers, p = 17 and q = 11.
2. Calculate n = p*q = 17 * 11 = 187.
3. Calculate f(n) = (p - 1)(q - 1) = 16 * 10 = 160.
4. Select e such that e is relatively prime to f(n) = 160 and less than f(n); we
choose e = 7.
5. Determine d such that de K 1 (mod 160) and d 6 160. The correct value is
d = 23, because 23 * 7 = 161 = (1 * 160) + 1; d can be calculated using the
extended Euclid’s algorithm.
The example shows the use of these keys for a plaintext input of M = 88.

6
Prof. Andleeb Sahar
UNIT III CRYPTOGRAPHY & NETWORK SECURITY

6. C = Me mod n
C = 88 7 mod 187.
C= 11
7. For decryption, M = C d mod n
we calculate M = 112 3 mod 187
M= 88

Example:

p=7 , q=17, PT=10

1. n= p*q
= 7*17
n= 119
2. phi(n)= (p-1)*(q-1)
= 6*16
phi(n) = 96
3. Find value of e.
gcd(e,phi(n))=1
gcd(e, 96) = 1 { 1< e <phi(n) && e should not be the factor of
(p-1) (q-1) }
gcd(5 , 96)= 1
therefore, e=5
4. (e*d) mod phi(n)=1
(5*d) mod 96 = 1
(5*77) mod 96 =1
385 mod 96 = 1
therefore, d= 77
5. Cipher Text = PTE mod n

7
Prof. Andleeb Sahar
UNIT III CRYPTOGRAPHY & NETWORK SECURITY

= 105 mod 119

CT= 40
6. Plain Text = CTD mod n
= 40 mod 119
PT = 10

8
Prof. Andleeb Sahar
UNIT III CRYPTOGRAPHY & NETWORK SECURITY

> Elliptic Curve Cryptography (ECC):

Most of the products and standards that use public-key cryptography for
encryption and digital signatures use RSA. As we have seen, the key length for
secure RSA use has increased over recent years, and this has put a heavier
processing load on applications using RSA. This burden has ramifications,
especially for electronic commerce sites that conduct large numbers of secure
transactions. A competing system challenges RSA: elliptic curve cryptography
(ECC).
The principal attraction of ECC, compared to RSA, is that it appears to offer
equal security for a far smaller key size, thereby reducing processing overhead.

In contrast to RSA, ECC bases its approach to public key cryptographic systems
on how elliptic curves are structured algebraically over finite fields. Therefore,
ECC creates keys that are more difficult, mathematically, to crack. For this
reason, ECC is considered to be the next generation implementation of public
key cryptography and more secure than RSA.

It also makes sense to adopt ECC to maintain high levels of both performance
and security. That’s because ECC is increasingly in wider use as websites strive
for greater online security in customer data and greater mobile optimization,
simultaneously.

By using ECC we can perform Key exchange, encryption as well as

decryption & also we can Implement the digital signature using ECC.

Key exchange using ECC:

We are having global public elements

i) Eq (a,b) : elliptic curve with the parameter a,b & q.

Where q is either prime no. or integer
ii) G: point on the curve whose order is large value of n. (g>n)

9
Prof. Andleeb Sahar
UNIT III CRYPTOGRAPHY & NETWORK SECURITY

User A key generation:

select private key nA such that nA < n.

calculate public key PA. PA= nA * G

User B key generation:

select private key nB such that nB < n

calculate public key PB. PB= nB * G

Calculation of secret key by user A:

KA = nA * PB

Calculation of secret key by user B:

KB = nB * PA

ECC Encryption:

Let the message be m

First encode this message m into a point on elliptic curve

Let this point be Pm (encrypted point)

For encryption choose a random positive integer k.

The cipher text will be: Cm = {K G , Pm + K PB}

This point will send to the receiver.

ECC Decryption:

For decryption multiply 1st point in the pair with receiver’s secret key

i.e KG * nB

Then subtract it from 2nd point in the pair

i.e =Pm + KPB – (KG * nB)

= Pm + KPB - KPB (PB= nB*G)

= Pm So receiver will get the same point.

10
Prof. Andleeb Sahar
UNIT III CRYPTOGRAPHY & NETWORK SECURITY

> Digital Signature:

When Alice sends a message to Bob, Bob needs to check the authenticity
of the sender; he needs to be sure that the message comes from Alice and
not Eve. Bob can ask Alice to sign the message electronically.
In other words, an electronic signature can prove the authenticity of Alice
as the sender of the message. We refer to this type of signature as a digital
signature.

● A conventional signature is included in the document; it is part of

the document.
● When we write a check, the signature is on the check; it is not a
separate document.
● But when we sign a document digitally, we send the signature as a
separate document.
● The sender sends two documents: the message and the signature.
● The recipient receives both documents and verifies that the signature
belongs to the supposed sender.
● If this is proven, the message is kept; otherwise, it is rejected.

Verification Method
For a digital signature, the recipient receives the message and the
signature.A copy of the signature is not stored anywhere. The recipient
needs to apply a verification technique to the combination of the message
and the signature to verify the authenticity.
Relationship
For a conventional signature, there is normally a one-to-many relationship
between a signature and documents. A person uses the same signature to
sign many documents.
For a digital signature, there is a one-to-one relationship between a
signature and a message. Each message has its own signature. The
signature of one message cannot be used in another message. If Bob
receives two messages, one after another, from Alice, he cannot use the

11
Prof. Andleeb Sahar
UNIT III CRYPTOGRAPHY & NETWORK SECURITY

signature of the first message to verify the second. Each message needs a
new signature.

Process:

The sender uses a signing algorithm to sign the message. The message and
the signature are sent to the receiver. The receiver receives the message
and the signature and applies the verifying algorithms to the combination.
If the result is true, the message is accepted; otherwise, it is rejected.

In a digital signature, the signer uses her private key, applied to a signing
algorithm, to sign the document. The verifier, on the other hand, uses the
public key of the signer, applied to the verifying algorithm, to verify the
document.
A digital signature needs a public-key system. The signer signs with
her private key; the verifier verifies with the signer’s public key.

12
Prof. Andleeb Sahar
UNIT III CRYPTOGRAPHY & NETWORK SECURITY

Digital Signature Services:

1.Message Authentication
A secure digital signature scheme, like a secure conventional signature
(one that cannot be easily copied) can provide message authentication
(also referred to as data-origin authentication). Bob can verify that the
message is sent by Alice because Alice’s public key is used in verification.
2.Message Integrity
The integrity of the message is preserved even if we sign the whole
message because we cannot get the same signature if the message is
changed. The digital signature schemes today use a hash function in the
signing and verifying algorithms that preserve the integrity of the message.

3.Non Repudiation

If in the future Alice denies that she sent the message, the center can show
a copy of the saved message. If Bob’s message is a duplicate of the
message saved at the center, Alice will lose the dispute.
Nonrepudiation can be provided using a trusted party.

4.Confidentiality
A digital signature does not provide confidential communication.

13
Prof. Andleeb Sahar