Chapter 9: Public Key Encryption

Information Security
Nguyễn Đăng Quang
Fall 2022
Goals
• Modular Arithmetic,
• RSA Encryption,
• Discrete logarithm
• Diffie - Hellman
Introduction to Modular Arithmetic
• Modulo

R = A mod B say: A modulo B is equal to R where B is modulus

• Congruent Modulo A is congruent to B modulo C

Properties
Addition

(a + b) mod n = (a mod n + b mod n) mod n

Subtraction

(a - b) mod n = (a mod n - b mod n) mod n

Multiplication

(a * b) mod n = (a mod n * b mod n) mod n

Exponentiation

ax mod n = (a mod n)x mod n

Euler’s totient function
(n): (Euler Phi function) – the number of integers smaller than n and
relatively prime (coprime) to n
 Ex: (9) has 6 relatively prime to n: 1, 2, 4, 5, 7, 8

• If p is prime, (p) = p-1

• If n = p x q and p, q are primes, (n) = (p-1)x(q-1)

 Ex: Find (21): 21 = 3 (p) x 7 (q) => (21) = (3-1) x (7-1) = 12
Euler’s Theorem
If gcd(a,n) = 1 then

𝑎𝜑(𝑛) ≡ 1 (𝑚𝑜𝑑 𝑛)

Example:

φ(10)=4, so if gcd(a,10) = , then a4 ≡ 1 (mod 10)

Extended Euclidean Algorithm
• GCD(a,b): a*x + b*y = gcd(a,b)
• If gcd(a,b) = 1 (a,b are coprime) ➔ mod b for both side:
• a*x = 1 (mod b) → x is the modular inverse of a
Modular inverse
• The modular inverse of A (mod C) is A -1
• (A * A-1) ≡ 1 (mod C) or equivalently (A*A -1) mod C = 1
• Only the numbers coprime to C have a modular inverse (mod C)
Example: Find modular inverse for A (mod C):
for m in range©: if A * m mod C = 1 ➔ m is modular inverse of A (mod C)

3 * 0 ≡ 0 (mod 7)
3 * 1 ≡ 3 (mod 7)
3 * 2 ≡ 6 (mod 7)
3 * 3 ≡ 9 ≡ 2 (mod 7)
3 * 4 ≡ 12 ≡ 5 (mod 7)
3 * 5 ≡ 15 (mod 7) ≡ 1 (mod 7) <------ FOUND INVERSE!
3 * 6 ≡ 18 (mod 7) ≡ 4 (mod 7)
RSA
• Named after its inventors (Rivest, Shamir, Adleman).

• RSA is the most widely used public key algorithm, supports both public key
encryption and digital signature.

• The security strength of RSA is based on the hypothesis that, factoring a very large
number into two primes is a very hard problem.
Encryption, Decryption, and key
generation in RSA
 RSA Algorithm
• Select two prime numbers, p and q

• Compute RSA modulus n = p x q

• Compute (n) = (p-1) x (q-1) (2048 bits)

• Select an integer e that is relatively

prime to (n)

• Find d which is modular inverse of e

mod (n).

• The public key is (e, n)

• The private key is (d, n)

 Example
• Select two prime numbers, p = 17 and q = 11.
• Calculate n = p*q = 17 * 11 = 187.
• Calculate (n) = (p - 1)(q - 1) = 16 * 10 = 160.
• Select e relatively prime to (n) = 160 and less than (n) → e = 7.

• Determine d such that de ≡ 1 (mod 160) and d 6 160. The correct value is d = 23,
because 23 * 7 = 161 = (1 * 160) + 1;

• Public key PU = {7,187}

• Private key PR = {23,187}

RSA Encryption & Decryption
 Step-by-step encryption process
Convert the message "Hello world" Encrypt each value using public key {7,187}
into ASCII values:
72 → 72^7 mod 187 = 1,028,071,702 mod 187 = 66
"H" = 72
101→ 101^7 mod 187 = 10,201,010,101 mod 187 = 128
"e" = 101
108→ 108^7 mod 187 = 1,782,969,984 mod 187 = 121
"l" = 108
108→ 108^7 mod 187 = 1,782,969,984 mod 187 = 121
"l" = 108
111: 111^7 mod 187 = 2,487,388,671 mod 187 = 49
"o" = 111
32→ 32^7 mod 187 = 1,073,741,824 mod 187 = 1
" " (space) = 32
119→ 119^7 mod 187 = 1,872,517,119 mod 187 = 119
"w" = 119
111→ 111^7 mod 187 = 2,487,388,671 mod 187 = 49
"o" = 111
114→ 114^7 mod 187 = 3,972,969,984 mod 187 = 161
"r" = 114
108→ 108^7 mod 187 = 1,782,969,984 mod 187 = 121
"l" = 108
100→ 100^7 mod 187 = 1,000,000,000 mod 187 = 100
"d" = 100
RSA Example
RSA processing of multiple blocks
Quiz
1. Given p = 3, q = 11

2. Compute n = ?

3. Compute (n) = ?

4. Assume e = 7, compute d = ?

5. The public key (e, n) = ?

6. The private key (d, n) = ?

7. Suppose m = 2, what is the encryption of m. Enc(m) = ?

8. Check that the decryption of Enc(m) equals to m ?

Tools
Generate RSA keys: openssl genrsa –aes128 –out private.pem 1024

View the Private key: openssl rsa –in private.pem –noout –text

View keys in text: openssl rsa –in private.pem –text

Extract the Public key: openssl rsa –in private.pem –pubout > public.pem
View: openssl rsa –in public.pem –pubin –text

Encrypt & Decrypt

Encrypt: openssl rsautl –encrypt –inkey public.pem –pubin –in msg.txt –out msg.enc
Decrypt: openssl rsautl –decrypt –inkey private.pem –in msg.enc
Performance measurement
Strength:
• 1024-bit RSA key = 80-bit symmetric key
• 2048-bit RSA key = 112-bit symmetric key
• 3072-bit RSA key = 128-bit symmetric key

openssl speed rsa

openssl speed aes-128-cbc
 Hybrid Encryption

key Plaintext

Recipient’s
Public key
RSA AES

Encrypted key Ciphertext

Digital Signature

Signer’s
Private
Key Hashing
Data function

Equal?
Data

Hashing Signature Verifying Hash

Algorithm
Signature Algorithm
function Code

Hash
Code
Signer’s
Public
Key
Digital signature with Openssl
• Generating hash
openssl sha256 –binary msg.txt > msg.sha256
• Signing and Verifying
Signing:
openssl rsautl –sign –inkey private.pem –in msg.sha256 –out msg.sig
Verify the signature:
openssl rsautl –verify –inkey public.pem –in msg.sig –pubin –raw |xxd
Other applications
Public-key based Authentication

A B
Challenge R
A’s private key A’s public key

Signature = Sign(R) Verify the signature

Github SSH keys
HTTPs
A B (server)
Server’s public key PK
A’s private key B’s public key

S encrypted using PK Decrypt S using

Generate secret S Server’s private key

Session key K Session key K

Data encrypted using K

Symmetric-key encryption
Credit Cards
 Card Authentication

Card’s
preloaded
public key
Card’s public key
certificate signed public key certificate
by issuer
preloaded Verify the certificate
Card’s private
key

Challenge R Generate Card’s public key

Sign R Challenge R

Signature
Signature Verify the signature
Transaction Authentication

Card’s private
Card’s public key
key

Transaction data (TD) Doing

Sign TD transaction

Signature
Signature Verify the signature
Diffie-Hellman Key Exchange
• First published public-key algorithm.

• By Diffie and Hellman in 1976 along with the public key concepts.

• Used in a number of commercial products.

• Practical method to exchange a secret key securely that can be used for subsequent
encryption messages.

• Security relies on difficulty of computing discrete logarithm.

Recall…
Arithmetic Modular arithmetic
(modulus p)
• y = 2𝑥 : exponent • y ≡ 2𝑥 (mod p)
• x = log 2 𝑦: logarithm (calculate the • x ≡ log 2 𝑦 (mod p)
power x)
Discrete logarithm
• Let p: the prime modulus
• Let g: the primitive root of p
• Calculate y = gx mod p, the result are all numbers in range 1→p-1
• Example: p = 11 ➔ g = 2,
for x in range(1, p):
g = 2**x
k=g%p
print(k, end=‘,’) ➔ 2, 4, 8, 5, 10, 9, 7, 3, 6, 1
(all numbers in range 1 → 11)
• g is also called the generator
• Calculate x from y is the discrete logarithm problem. If p is chosen as
a very long number, the time to calculate x is extremely long.
Diffie and Hellman Key Exchange
• In the Diffie-Hellman protocol two parties create a symmetric session key
without the need of a Key Distribution Center (KDC);

• The two parties need to choose two numbers p and g;

• p is a prime modulus, g is a generator

• These two numbers do not need to be confidential. They can be sent publicly
through the Internet;
Key Exchange protocol steps
1. Alice chooses a large random number x (0 ≤ x ≤ p − 1) and calculates R1 = gx mod p.

2. Alice sends R1 to Bob

3. Bob chooses another large random number y (0 ≤ y ≤ p − 1) and calculates

R2 =gy mod p.

4. Bob sends R2 to Alice

5. Alice calculates K = (R2) x mod p. Bob also calculates K = (R1) y mod p. K is the
symmetric key for the session
Alice: (R2)x mod p = (gy mod p) x mod p = (gy) x mod p = KA
KA=KB
Bob: (R1)y mod p= (gx mod p)y mod p = (gx)y mod p = KB
Symmetric-Key Agreement
Diffie-Hellman Key Agreement
Turn DH to public-key encryption
1. Alice & Bob agree on g,p

2. Alice generates (public, private) key-pair: (g, p, gx mod p), x.

the public-key (g, p, gx mod p) is sent to Bob

3. Bob computes (gx mod p)y mod p = gxy mod p which is the common key to decrypt