Unit-II: Public Key Cryptography and Message Authentication

1. Public Key Cryptography and RSA

1.1 Principles of Public Key Cryptosystems

Public key cryptography, also known as asymmetric cryptography, uses a

pair of keys: a public key for encryption and a private key for
decryption. This solves the key distribution problem faced in symmetric
cryptography.

How Public Key Cryptography Works:

1. Key Generation:

o Each user generates a pair of keys: a public key (shared with

everyone) and a private key (kept secret).

2. Encryption:

o The sender uses the recipient’s public key to encrypt the

message.

3. Decryption:

o The recipient uses their private key to decrypt the message.

Key Concepts:

 Public Key: Shared openly and used for encryption.

 Private Key: Kept secret and used for decryption.

 One-Way Function: Easy to compute in one direction but hard to

reverse without the private key.

Real-Life Example:

 When you visit a secure website (HTTPS), your browser uses the
website’s public key to encrypt data. Only the website’s private key
can decrypt it.

Diagram:

Copy

Public Key Cryptography

-------------------------

| Sender: |

| 1. Encrypt Message with Recipient's Public Key |

| 2. Send Encrypted Message |

| |

| Receiver: |

| 1. Decrypt Message with Private Key |

-------------------------

1.2 The RSA Algorithm

The RSA algorithm is one of the most widely used public key
cryptosystems. It is based on the mathematical difficulty of factoring large
integers.

Steps in RSA:

1. Key Generation:

o Choose two large prime numbers, pp and qq.

o Compute n=p×qn=p×q and ϕ(n)=(p−1)(q−1)ϕ(n)=(p−1)

(q−1).

o Choose an integer ee such

that 1<e<ϕ(n)1<e<ϕ(n) and gcd(e,ϕ(n))=1gcd(e,ϕ(n))=1.

o Compute dd such that d×e≡1mod ϕ(n)d×e≡1modϕ(n).

o Public Key: (e,n)(e,n), Private Key: (d,n)(d,n).

2. Encryption:

o Ciphertext C=Memod nC=Memodn, where MM is the plaintext.

3. Decryption:

o Plaintext M=Cdmod nM=Cdmodn.

Example:

 Let p=3p=3, q=11q=11.

 Compute n=3×11=33n=3×11=33 and ϕ(n)=(3−1)

(11−1)=20ϕ(n)=(3−1)(11−1)=20.

 Choose e=3e=3 (since gcd(3,20)=1gcd(3,20)=1).

 Compute d=7d=7 (since 3×7=21≡1mod 203×7=21≡1mod20).

 Public Key: (3,33)(3,33), Private Key: (7,33)(7,33).

  Encrypt M=5M=5: C=53mod 33=125mod
33=26C=53mod33=125mod33=26.

 Decrypt C=26C=26: M=267mod 33=5M=267mod33=5.

Real-Life Example:

 RSA is used in secure email systems, digital signatures, and HTTPS

for secure web browsing.

Diagram:

Copy

RSA Process

-------------------------

| Key Generation: |

| 1. Choose p, q → Compute n, ϕ(n) |

| 2. Choose e → Compute d |

| |

| Encryption: |

| 1. C = M^e mod n |

| |

| Decryption: |

| 1. M = C^d mod n |

-------------------------

1.3 Key Management

Key management involves securely generating, distributing, storing, and

revoking cryptographic keys.

Key Distribution:

 Public Key Infrastructure (PKI):

o Uses digital certificates and Certificate Authorities (CAs) to

verify public keys.

o Example: When you connect to a secure website, your

browser uses PKI to verify the website’s public key.

 Diffie-Hellman Key Exchange:

 o Allows two parties to securely exchange a shared secret over
an insecure channel.

Real-Life Example:

 PKI is used in online banking, e-commerce, and secure email

systems.

2. Diffie-Hellman Key Exchange

2.1 Principles of Diffie-Hellman

The Diffie-Hellman key exchange allows two parties to securely exchange

a shared secret over an insecure channel. It is based on the discrete
logarithm problem, which makes it computationally infeasible for an
attacker to derive the shared secret.

How Diffie-Hellman Works:

1. Agreement on Public Parameters:

o Both parties agree on a large prime number pp and a base gg.

These values are public and can be shared over an insecure
channel.

2. Private Key Generation:

o Party A chooses a private key aa (a random number) and

computes A=gamod pA=gamodp.

o Party B chooses a private key bb (a random number) and

computes B=gbmod pB=gbmodp.

3. Exchange of Public Values:

o Party A sends AA to Party B.

o Party B sends BB to Party A.

4. Shared Secret Calculation:

o Party A computes the shared secret S=Bamod pS=Bamodp.

o Party B computes the shared secret S=Abmod pS=Abmodp.

Both parties now have the same shared secret SS, which can be used for
symmetric encryption.

Why Diffie-Hellman is Secure:

 The security of Diffie-Hellman relies on the difficulty of solving

the discrete logarithm problem. Even if an attacker
 intercepts AA and BB, they cannot easily compute aa or bb to
derive SS.

Example:

 Let p=23p=23 and g=5g=5.

 Party A chooses a=6a=6 and computes A=56mod

23=8A=56mod23=8.

 Party B chooses b=15b=15 and computes B=515mod

23=19B=515mod23=19.

 Party A computes S=196mod 23=2S=196mod23=2.

 Party B computes S=815mod 23=2S=815mod23=2.

Both parties now have the shared secret S=2S=2.

Real-Life Example:

 Diffie-Hellman is used in VPNs (Virtual Private Networks) to

establish secure connections between a user and a server. It
ensures that the shared secret used for encryption is securely
exchanged.

Diagram:

Copy

Diffie-Hellman Key Exchange

-------------------------

| Party A: |

| 1. Choose a → Compute A = g^a mod p |

| 2. Send A to Party B |

| |

| Party B: |

| 1. Choose b → Compute B = g^b mod p |

| 2. Send B to Party A |

| |

| Shared Secret: |

| S = B^a mod p (Party A) |

| S = A^b mod p (Party B) |

-------------------------

2.2 Advantages of Diffie-Hellman

 No Prior Key Exchange: Diffie-Hellman allows two parties to

establish a shared secret without needing to exchange keys
beforehand.

 Forward Secrecy: Even if an attacker compromises one of the

private keys in the future, they cannot decrypt past
communications.

 Widely Used: Diffie-Hellman is a fundamental protocol in modern

cryptography and is used in protocols like TLS/SSL, SSH, and IPsec.

2.3 Limitations of Diffie-Hellman

 Man-in-the-Middle (MITM) Attack: Without authentication, an

attacker can intercept and modify the public values AA and BB. This
can be mitigated using digital signatures or certificates.

 Computational Overhead: Diffie-Hellman requires significant

computational resources, especially for large prime numbers.

3. Message Authentication and Hash Functions

3.1 Authentication Requirements

Message authentication ensures that a message is from the claimed

sender and has not been altered during transmission. It addresses two key
requirements:

1. Integrity: The message has not been tampered with.

2. Authenticity: The message is from the claimed sender.

3.2 Authentication Functions

Authentication functions are used to verify the integrity and authenticity

of a message. The two main types are:

1. Message Authentication Code (MAC).

2. Hash Functions.

Message Authentication Code (MAC):

  A MAC is a short piece of information used to authenticate a
message.

 It is generated using a shared secret key and a hash function.

 The sender computes the MAC and appends it to the message. The
receiver recomputes the MAC and compares it with the received
MAC to verify authenticity.

 Example: HMAC (Hash-based MAC) uses a cryptographic hash

function (e.g., SHA-256) and a secret key to generate the MAC.

Hash Functions:

 A hash function maps data of arbitrary size to a fixed-size output

(hash value).

 Properties of a secure hash function:

1. Pre-image Resistance: Given a hash value, it is

computationally infeasible to find the original input.

2. Second Pre-image Resistance: Given an input, it is

computationally infeasible to find another input that produces
the same hash value.

3. Collision Resistance: It is computationally infeasible to find

two different inputs that produce the same hash value.

 Example: SHA-256 (Secure Hash Algorithm 256-bit) is widely used

for generating hash values.

Real-Life Example:

 HMAC: Used in secure APIs to authenticate requests. For example,

when you log into a website, your password is hashed and sent with
a MAC to verify its authenticity.

 Hash Functions: Used in password storage. Instead of storing

plaintext passwords, systems store their hash values. When you log
in, the system hashes your input and compares it with the stored
hash.

3.3 Security of Hash Functions and MACs

Hash Function Security:

 Collision Attacks: If a hash function is not collision-resistant, an

attacker can find two different inputs that produce the same hash
value. This compromises the integrity of the system.
 o Example: MD5 is no longer considered secure due to collision
vulnerabilities.

MAC Security:

 Key Management: The security of a MAC depends on the secrecy

of the shared key. If the key is compromised, an attacker can forge
MACs.

 Replay Attacks: An attacker can capture a valid message and its

MAC and replay it later. This can be mitigated using timestamps or
sequence numbers.

3.4 Applications of Hash Functions and MACs

1. Digital Signatures:

o Hash functions are used to generate a message digest, which

is then encrypted with the sender’s private key to create a
digital signature.

2. Password Storage:

o Hash functions are used to store passwords securely. Instead

of storing plaintext passwords, systems store their hash
values.

3. Data Integrity:

o Hash functions are used to verify the integrity of files. For

example, when downloading software, you can compare the
hash of the downloaded file with the provided hash to ensure
it hasn’t been tampered with.

3.5 Example of HMAC

 Let’s say Alice wants to send a message to Bob with a MAC to

ensure its authenticity.

1. Alice and Bob share a secret key KK.

2. Alice computes the HMAC of the message MM using KK and a

hash function (e.g., SHA-256).

3. Alice sends MM and the HMAC to Bob.

4. Bob recomputes the HMAC using MM and KK and compares it

with the received HMAC.
 5. If the HMACs match, Bob knows the message is authentic and
has not been altered.

Diagram:

Copy

HMAC Process

-------------------------

| Sender: |

| 1. Compute HMAC = Hash(K + M) |

| 2. Send M + HMAC |

| |

| Receiver: |

| 1. Compute HMAC' = Hash(K + M) |

| 2. Compare HMAC and HMAC' |

-------------------------

Summary

This expanded version provides detailed explanations, examples,

and diagrams for Diffie-Hellman Key Exchange, Message
Authentication, and Hash Functions. It is designed to help you
write essay-type answers with enough depth and clarity to score full
marks. Let me know if you need further assistance! 😊

4. Digital Signatures and Authentication Protocols

4.1 Digital Signatures

A digital signature is a cryptographic technique that

provides authenticity, integrity, and non-repudiation for a message.
It ensures that the message is from the claimed sender and has not been
altered during transmission.

How Digital Signatures Work:

1. Hashing the Message:

o The sender generates a hash of the message using a

cryptographic hash function (e.g., SHA-256).
 o The hash is a fixed-size representation of the message, unique
to its content.

2. Encrypting the Hash:

o The sender encrypts the hash using their private key to

create the digital signature.

o This step ensures that only the sender (who holds the private
key) can generate the signature.

3. Sending the Message and Signature:

o The sender transmits the original message along with the

digital signature.

4. Verification by the Receiver:

o The receiver decrypts the digital signature using the

sender’s public key to retrieve the hash.

o The receiver also hashes the received message and compares

it with the decrypted hash.

o If the hashes match, the message is authentic and has not

been altered.

Properties of Digital Signatures:

 Authenticity: The receiver can verify the sender’s identity using

the public key.

 Integrity: Any change in the message will result in a different hash,

making tampering detectable.

 Non-Repudiation: The sender cannot deny sending the message,

as only their private key could have generated the signature.

Real-Life Example:

 Online Contracts: When you sign a contract digitally, your

signature is created using your private key. The recipient verifies it
using your public key, ensuring the contract’s authenticity and
integrity.

Diagram:

Copy

Digital Signature Process

-------------------------
| Sender: |

| 1. Hash Message → Encrypt with Private Key → Digital Signature |

| 2. Send Message + Signature |

| |

| Receiver: |

| 1. Decrypt Signature with Public Key → Retrieve Hash |

| 2. Hash Received Message → Compare Hashes |

-------------------------

4.2 Authentication Protocols

Authentication protocols are used to verify the identity of users or systems

in a network. They ensure that only authorized parties can access
resources.

Kerberos:

 Overview:

o Kerberos is a network authentication protocol that uses

symmetric encryption to authenticate users and services.

o It relies on a trusted third party called the Key Distribution

Center (KDC).

 Steps in Kerberos:

1. Authentication Request:

 The user sends a request to the KDC for a Ticket

Granting Ticket (TGT).

2. TGT Issuance:

 The KDC verifies the user’s credentials and issues a TGT

encrypted with the user’s password.

3. Service Ticket Request:

 The user sends the TGT to the KDC to request a Service

Ticket for a specific service.

4. Service Ticket Issuance:

 The KDC issues a Service Ticket encrypted with the

service’s secret key.
 5. Service Access:

 The user presents the Service Ticket to the service,

which decrypts it and grants access.

 Real-Life Example:

o Kerberos is used in Windows Active Directory to authenticate

users and grant access to network resources.

X.509 Authentication Service:

 Overview:

o X.509 is a standard for public key certificates, which are used

to verify the identity of users, systems, or services.

o Certificates are issued by Certificate Authorities (CAs) and

contain the public key, identity information, and a digital
signature.

 Components of an X.509 Certificate:

o Version: The version of the X.509 standard.

o Serial Number: A unique identifier for the certificate.

o Signature Algorithm: The algorithm used to sign the

certificate.

o Issuer: The name of the CA that issued the certificate.

o Validity Period: The start and end dates for which the
certificate is valid.

o Subject: The entity (user, system, or service) the certificate

belongs to.

o Public Key: The public key of the subject.

o Digital Signature: The CA’s signature to verify the

certificate’s authenticity.

 Real-Life Example:

o When you visit a secure website (HTTPS), your browser checks

the website’s X.509 certificate to verify its identity.

Diagram:

Copy

X.509 Certificate
-------------------------

| Version |

| Serial Number |

| Signature Algorithm |

| Issuer |

| Validity Period |

| Subject |

| Public Key |

| Digital Signature |

-------------------------

5. Digital Signature Standard (DSS)

5.1 Overview of DSS

The Digital Signature Standard (DSS) is a federal standard for digital

signatures, defined by the National Institute of Standards and Technology
(NIST). It specifies the use of the Digital Signature Algorithm (DSA) for
generating and verifying digital signatures.

Key Features of DSS:

 Algorithm: Uses DSA, which is based on the mathematical difficulty

of computing discrete logarithms.

 Hash Function: Requires the use of a secure hash function (e.g.,

SHA-256) to generate the message digest.

 Key Sizes: Supports key sizes of 1024, 2048, and 3072 bits for
enhanced security.

Steps in DSS:

1. Key Generation:

o Generate a private key xx and a public key yy using DSA.

o The public key is shared, while the private key is kept secret.

2. Signature Generation:

o Hash the message using a secure hash function (e.g., SHA-

256) to produce a message digest.
 o Use the private key and DSA to generate the digital signature.

3. Signature Verification:

o Hash the received message to produce a message digest.

o Use the sender’s public key and DSA to verify the digital
signature.

Real-Life Example:

 Government Documents: DSS is used to sign and verify digital

documents in government systems, ensuring their authenticity and
integrity.

Diagram:

Copy

DSS Process

-------------------------

| Sender: |

| 1. Hash Message → Generate Signature with DSA and Private Key |

| 2. Send Message + Signature |

| |

| Receiver: |

| 1. Hash Received Message → Verify Signature with DSA and Public Key |

-------------------------

5.2 Advantages of DSS

 Security: DSA is based on the discrete logarithm problem, making

it computationally infeasible to forge signatures.

 Standardization: DSS is a widely recognized standard, ensuring

interoperability across systems.

 Non-Repudiation: Provides strong evidence of the sender’s

identity, preventing denial of actions.

5.3 Limitations of DSS

 Performance: DSA is slower than some other signature algorithms

(e.g., RSA) due to its mathematical complexity.
  Key Management: Requires secure storage and distribution of
private keys.

Summary

This expanded version provides detailed explanations, examples,

and diagrams for Digital Signatures, Authentication Protocols, and
the Digital Signature Standard (DSS). It is designed to help you
write essay-type answers with enough depth and clarity to score full
marks. Let me know if you need further assistance! 😊