Public Key Cryptography and Hash

Functions

Public Key Cryptography

Principles of Public Key Cryptography

Public key cryptography, also known as asymmetric cryptography, uses two keys for
secure communication: a **public key** and a **private key**.

- **Public Key**: This key can be shared openly. Anyone can use it to encrypt messages
intended for the owner of the private key.

- **Private Key**: This key is kept secret by the owner. It is used to decrypt messages
that were encrypted with the corresponding public key.

The key advantage of public key cryptography is that it allows secure communication
without needing to share a secret key beforehand.

Key Pair Generation

Generating a key pair involves the following steps:

1. **Select Large Prime Numbers**: Choose two large prime numbers, \( p \) and \( q
\).
2. **Calculate the Modulus**: Multiply these primes to get \( n = p \times q \).

3. **Choose the Public Exponent**: Select a small integer \( e \) that is coprime to \( (p-
1)(q-1) \).

4. **Calculate the Private Exponent**: Use the Extended Euclidean Algorithm to find the
private key \( d \), which satisfies the equation \( d \times e \mod (p-1)(q-1) = 1 \).

Diffie-Hellman Key Exchange

The Diffie-Hellman key exchange method allows two parties to create a shared secret
over a public channel. Here’s how it works:

1. **Agree on a Prime Number and Base**: Both parties choose a large prime number
\( p \) and a base \( g \).

2. **Generate Private Keys**: Each party selects a private key, kept secret.

3. **Calculate Public Keys**: Each computes their public key using \( g^{\text{private
key}} \mod p \).

• 4. **Exchange Public Keys**: The public keys are shared with each other.

5. **Compute the Shared Secret**: Each party computes the shared secret using the
other’s public key and their own private key.

This shared secret can then be used for encrypted communication.

Common Public Key Algorithms

1. **RSA (Rivest-Shamir-Adleman)**: One of the most widely used public key algorithms,
based on the difficulty of factoring large integers.

2. **DSA (Digital Signature Algorithm)**: Primarily used for digital signatures, based on
the mathematics of discrete logarithms.

3. **ECC (Elliptic Curve Cryptography)**: Offers similar security to RSA but uses smaller
key sizes, making it more efficient.

AUTHENTICATION SCHEMES AND HASH

FUNCTIONS

### Message Authentication

Message authentication ensures that a message comes from a legitimate sender and has
not been altered. This can be achieved using:

- **Message Authentication Codes (MACs)**: A MAC is created using a secret key and
the message itself. It ensures that the message is authentic and has not been tampered
with.

INTRODUCTION TO DIGITAL SIGNATURES

Digital signatures verify the authenticity and integrity of a message. They provide
assurance that the message was created by the sender and hasn’t been changed.

DIGITAL SIGNATURE ALGORITHMS (RSA)

The process of creating a digital signature with RSA involves:

1. **Hashing the Message**: A hash function generates a fixed-size string from the
message.

2. **Encrypting the Hash**: The hash is encrypted with the sender’s private key to create
the digital signature.

3. **Sending the Message and Signature**: The original message and the digital signature
are sent to the recipient.

4. **Verification**: The recipient decrypts the signature using the sender’s public key and
checks if it matches the hash of the received message.

INTRODUCTION TO HASH FUNCTIONS

A hash function converts input data into a fixed-size string of characters, called a hash.
This is useful for data integrity and security.

PROPERTIES OF HASH FUNCTIONS

1. **Deterministic**: The same input always produces the same output.

2. **Fast Computation**: Hash values can be calculated quickly for any input.

3. **Pre-image Resistance**: It should be difficult to reverse-engineer the original input

from its hash.

4. **Collision Resistance**: Finding two different inputs that produce the same hash
should be hard.

5. **Avalanche Effect**: A small change in the input should result in a drastically different
hash.
 Common Hash Algorithms

1. **MD5 (Message-Digest Algorithm 5)**: Produces a 128-bit hash and is no longer

considered secure for cryptographic purposes.

2. **SHA-1 (Secure Hash Algorithm 1)**: Produces a 160-bit hash but has known
vulnerabilities and is being phased out.

3. **SHA-256**: Part of the SHA-2 family, producing a 256-bit hash and is currently
considered secure and widely used.

Cryptographic Hash Applications

Password Hashing and Storage

When storing passwords, it is crucial to hash them instead of saving them in plain text.
This helps protect user credentials in case of a data breach.

- **Salting**: Adding a unique random value (salt) to each password before hashing
ensures that identical passwords yield different hashes. This makes it harder for attackers
to crack passwords using pre-computed hash tables.

MESSAGE AUTHENTICATION CODE (MAC)

A MAC is used to verify both the integrity and authenticity of a message. It combines a
secret key with the message using a hash function:

1. **Keyed Hash Function**: The MAC is generated by applying a hash function to the
message along with a secret key.
2. **Verification**: The recipient can verify the MAC by recalculating it using the same
secret key. If it matches the received MAC, the message is considered authentic.