Cryptography

Jumana Khwaileh-LTUC
Learning Objectives

 Upon successful completion of this chapter, you will be understanding :

Asymmetric Encryption
Public-Key Cryptography
 RSA
 El Gamal
Symmetric Cryptography Revisited
• Symmetric algorithms, e.g., AES or 3DES, are very
secure, fast & widespread but:
 Key distribution problem: The secret key must be
transported securely
 Number of keys: In a network, each pair of users requires an
individual key
 n users in the network require n.(n-1)/2 keys, each user
stores (n-1) keys
 Alice or Bob can cheat each other, because they have identical keys.
 Example: Alice can claim that she never ordered a TV on-line from Bob
(he could have fabricated her order). To prevent this: “non-repudiation”
Idea behind Asymmetric Cryptography
• New Idea: Use the “good old mailbox“ principle
Idea behind Asymmetric Cryptography. Cont.
 Principles of Public-Key Cryptosystems
 The concept of asymmetric-key cryptography evolved from an attempt to solve two
of the most difficult problems associated with conventional encryption.
Key distribution
• How to have secure communications in general without having to trust a KDC
with your key

Digital signatures
• How to verify that a message comes intact from the claimed sender

• Whitfield Diffie and Martin Hellman from Stanford University achieved a

breakthrough in 1976 by coming up with a method that addressed both problems
and was radically different from all previous approaches to cryptography.
Public-Key Cryptosystems
• A public-key encryption scheme has six ingredients:

Encryption Decryption
Plaintext Public key Private key Ciphertext
algorithm algorithm

The Accepts the

readable Performs The cipher-text
message various Used for Used for scrambled and the
or data transform- encryption encryption matching
that is fed ations on or or
message key and
into the the decryption decryption produced produces
algorithm plaintext as output the original
as input plaintext
 Asymmetric Encryption- Basics
• Uses a pair of keys for encryption
• Public key for encryption
• Private key for decryption

• Messages encoded using public key can only be decoded by the private key
• Secret transmission of key for decryption is not required
• Every entity can generate a key pair and release its public key

Plain Text Cipher Text Plain Text

Cipher Cipher

Public Key Private Key

 Asymmetric Encryption- Types

• Two most popular algorithms are RSA & El Gamal

• RSA
• Developed by Ron Rivest, Adi Shamir, Len Adelman
• Both public and private key are interchangeable
• Variable Key Size (512, 1024, or 2048 bits)
• Most popular public key algorithm
• El Gamal
• Developed by Taher ElGamal
• Variable key size (512 or 1024 bits)
• Less common than RSA, used in protocols like PGP
Applications for Public-Key Cryptosystems
• Public-key cryptosystems can be classified into three categories:

• The sender encrypts a message

Encryption/decryption
with the recipient’s public key
• The sender “signs” a message
Digital signature
with its private key
• Two sides cooperate to
Key exchange
exchange a session key

• Some algorithms are suitable for all three applications, whereas others
can be used only for one or two
 Applications for Public-Key Cryptosystems

Security Mechanisms of Public-Key Cryptography

 Key Distribution (e.g., Diffie-Hellman key exchange, RSA, Elliptic Curve) without a
preshared secret (key)
 Nonrepudiation and Digital Signatures (e.g., RSA, DSA or ECDSA) to provide message
integrity.
 Identification, using challenge-response protocols with digital signatures
 Encryption (e.g., RSA / Elgamal)
 Disadvantage: Computationally very intensive (1000 times slower than symmetric
Algorithms!)
Example: Confidentiality

Clear-text Input Cipher-text Clear-text Output

“An “Py75c%bn&*)9| “An
introduction to fDe^bDzjF@g5= introduction to
cryptography” &nmdFgegMs” cryptography”

Encryption Decryption

public privat
Different keys e

Recipient’s Recipient’s
public key private key
Example: Authenticity

Clear-text Input Cipher-text Clear-text Output

“An introduction “Py75c%bn&*)9| “An introduction
to cryptography” fDe^bDzjF@g5= to cryptography”
&nmdFgegMs”

Encryption Decryption

public privat
Different keys e

Sender’s Sender’s
public key private key
Public-Key Cryptosystem: Authentication and Secrecy
Creating a Digital Signature

Message or File Message Digest Digital Signature

This is the (Typically 128 bits)
document
created by
Ahmed Py75c%bn 3kJfgf*£$&
SHA, MD5

Generate Asymmetric
Hash Encryption

Calculate a short message

digest from even a long
input using a one-way
message digest function priv
(hash) Signatory's
private key
Signed
Document
Verifying a Digital Signature

This is the Message Digest

document Generate
Py75c%bn
created by Hash
Ahmed

3kJfgf*£$&
Signed
? Compare ?
Document Digital
Signature

pub
Asymmetric Py75c%bn
Decryption

Gianni's public key

(from certificate)
Public-Key Requirements
 Conditions that these algorithms must fulfill:
• It is computationally easy for a party B to generate a pair (public-key PUb,
private key PRb)
• It is computationally easy for a sender A, knowing the public key and the
message to be encrypted, to generate the corresponding ciphertext
• It is computationally easy for the receiver B to decrypt the resulting ciphertext
using the private key to recover the original message
• It is computationally infeasible for an adversary, knowing the public key, to
determine the private key
• It is computationally infeasible for an adversary, knowing the public key and a
ciphertext, to recover the original message
How to build Public-Key Algorithms

• Need a trap-door one-way function

• A one-way function is one that maps a domain into a range such that every
function value has a unique inverse, with the condition that the calculation of
the function is easy, whereas the calculation of the inverse is infeasible,
Asymmetric schemes are based on a “one-way function“ f():

• Computing Y = f(X) is computationally easy

• Computing X = f–1(Y) is computationally infeasible

How to build Public-Key Algorithms

• A trap-door one-way function is a family of invertible functions fk, such that

• Y = fk(X) easy, if k and X are known

• X = fk–1(Y) easy, if k and Y are known

• X = fk–1(Y) infeasible, if Y known but k not known

• A practical public-key scheme depends on a suitable trap-door one-way function

How to build Public-Key Algorithms
• One way functions are based on mathematically hard problems.
• The main families:
• Factoring integers (RSA, Rabin, ...):
• Given a composite integer n, find its prime factors (Multiply two primes: easy)
• Discrete Logarithm (Diffie-Hellman, Elgamal, DSA, …):
• Given a, y and n, find x such that ax = y mod n (Exponentiation ax : easy)
• Elliptic Curves (EC) (ECDH, ECDSA): Generalization of discrete logarithm
• Difficulty of the subset problem (Knapsack system): Merkel-Hellman, Id Method,
Chor-Rivest.
• Algebraic cod theory: MCEliece
• Probabilistic public key encryption: Goldwasser–Micali (GM), Blum-Goldwasser
TASK RSA
• Generate the key for RSA algorathem and Encrypt the
massage “M” by using the key you creat
• Note: back to ASCII Table to convert “M” to “01”