Encryption Algorithms

RSA
by Rivest, Shamir & Adleman of MIT in 1977
best known & widely used public-key scheme
based on exponentiation in a finite (Galois) field
over integers modulo a prime
nb. exponentiation takes O((log n)3) operations (easy)
uses large integers (eg. 1024 bits)
security due to cost of factoring large numbers
nb. factorization takes O(e log n log log n
) operations (hard)
RSA Key Setup
each user generates a public/private key pair by:
selecting two large primes at random - p, q
computing their system modulus N=p.q
note ø(N)=(p-1)(q-1)
selecting at random the encryption key e
 where 1<e<ø(N), gcd(e,ø(N))=1
solve following equation to find decryption key d
e.d=1 mod ø(N) and 0≤d≤N
publish their public encryption key: KU={e,N}
keep secret private decryption key: KR={d,p,q}
RSA Use
to encrypt a message M the sender:
obtains public key of recipient KU={e,N}
computes: C=Me mod N, where 0≤M<N
to decrypt the ciphertext C the owner:
 uses their private key KR={d,p,q}
computes: M=Cd mod N
note that the message M must be smaller than the
modulus N (block if needed)
Why RSA Works
 because of Euler's Theorem:
 aø(n)mod N = 1
 where gcd(a,N)=1
 in RSA have:
 N=p.q
 ø(N)=(p-1)(q-1)
 carefully chosen e & d to be inverses mod ø(N)
 hence e.d=1+k.ø(N) for some k
 hence :
Cd = (Me)d = M1+k.ø(N) = M1.(Mø(N))q = M1.(1)q =
M1 = M mod N
RSA Example
1. Select primes: p=17 & q=11
2. Compute n = pq =17×11=187
3. Compute ø(n)=(p–1)(q-1)=16×10=160
4. Select e : gcd(e,160)=1; choose e=7
5. Determine d: de=1 mod 160 and d < 160
Value is d=23 since 23×7=161= 10×160+1
6. Publish public key KU={7,187}
7. Keep secret private key KR={23,17,11}
RSA Example cont
sample RSA encryption/decryption is:
given message M = 88 (nb. 88<187)
encryption:
C = 887 mod 187 = 11
decryption:
M = 1123 mod 187 = 88
Diffie-Hellman
Diffie-Hellman is a public key distribution scheme
First public-key type scheme, proposed in 1976.
W Diffie, M E Hellman, "New directions in
Cryptography", IEEE Trans. Information Theory, IT-22,
pp644-654, Nov 1976
Diffie-Hellman
Public-key distribution scheme
Cannot be used to exchange an arbitrary message
Exchange only a key, whose value depends on the
participants (and their private and public key
information)
The algorithm is based on exponentiation in a
finite (Galois) field, either over integers modulo a
prime, or a polynomial field
exponentiation takes O((log n)3) operations
Diffie-Hellman
Security relies on the difficulty of computing
logarithms in these fields
discrete logarithms takes O(e log n log log n) operations
The algorithm:
two people Alice and Bob who wish to exchange some
key over an insecure communications channel.
They select a large prime p (~200 digit), such as (p-1)/2
should also be prime
They also select g, a primitive root mod p
 g is a primitive if for each n from 0 to p-1, there exists some a
where ga = n mod p.
 Diffie-Hellman
The algorithm
The values of g and p don’t need to be secret
Alice then chooses a secret number x
A
Bob also chooses a secret number x
B
Alice and Bob compute y and y respectively, which are
A B
then exchanged
 y = gxA mod p y = gxB mod p
A B
Both Alice and Bob can calculate the key as
K = gxA.xB mod p
AB

=y A
xB
mod p (which B can compute)
=y B
xA
mod p (which A can compute)
The key may then be used in a private-key cipher to
secure communications between A and B
 DES
DES encrypts and decrypts data in 64-bit blocks, using a
64-bit key (although the effective key strength is only 56
bits).
 It takes a 64-bit block of plaintext as input and outputs a
64-bit block of ciphertext.
DES has 16 rounds, meaning the main algorithm is
repeated 16 times to produce the ciphertext.
It has been found that the number of rounds is
exponentially proportional to the amount of time required
to find a key using a brute-force attack. So as the number
of rounds increases, the security of the algorithm
increases exponentially.
DES Encryption
DES Round Structure
DES Round Structure
uses two 32-bit L & R halves
cipher can describe as:
Li = Ri–1
Ri = Li–1 xor F(Ri–1, Ki)
takes 32-bit R half and 48-bit subkey and:
expands R to 48-bits using perm E
adds to subkey
passes through 8 S-boxes to get 32-bit result
finally permutes this using 32-bit perm P