Public Key Cryptography

Public Key Cryptography

Modern PKC was first described publicly by Stanford University professor Martin Hellman and
graduate student Whitfield Diffie in 1976.
Generic PKC employs two keys that are mathematically related although knowledge of one key does not
allow someone to easily determine the other key. One key is used to encrypt the plaintext and the other
key is used to decrypt the ciphertext.
The important point here is that it does not matter which key is applied first, but that both keys are
required for the process to work. Because a pair of keys are required, this approach is also
called asymmetric cryptography.
 Public Key Cryptography
In PKC, one of the keys is designated the public key and may be advertised as
widely as the owner wants. The other key is designated the private key and is never
revealed to another party.
Suppose Alice wants to send Bob a message. Alice encrypts some information using
Bob's public key; Bob decrypts the ciphertext using his private key. This method
could be also used to prove who sent a message; Alice, for example, could encrypt
some plaintext with her private key; when Bob decrypts using Alice's public key, he
knows that Alice sent the message (authentication) and Alice cannot deny having
sent the message (non-repudiation).
 Public Key Cryptography
Figure illustrates the P-K process. The steps are:
1. Each system generates a pair of keys.
2. Each system publishes its encryption key (public key) keeping its companion
key private.
3. If A wishes to send a message to B it encrypts the message using B’s public key.
4. When B receives the message, it decrypts the message using its private key. No
one else can decrypt the message because only B knows its private key.
Public Key Cryptography
 Public Key Cryptography

Public-key cryptography algorithms that are in use today for key exchange or digital signatures
include:
 RSA: The first, and still most common, PKC implementation, named for the three MIT

mathematicians who developed it — Ronald Rivest, Adi Shamir, and Leonard Adleman. RSA
today is used in hundreds of software products and can be used for key exchange, digital
signatures, or encryption of small blocks of data.
Diffie-Hellman: After the RSA algorithm was published, Diffie and Hellman came up with their

own algorithm. D-H is used for secret-key key exchange only, and not for authentication or
digital signatures.
Digital Signature Algorithm (DSA): This algorithm provides digital signature capability for the

authentication of messages.
 Hash Functions
Hash functions, also called message digests and one-way encryption, are
algorithms that, in some sense, use no key.
Hash algorithms are typically used to provide a digital fingerprint of a file's
contents, often used to ensure that the file has not been altered by an intruder or
virus.
Hash functions are also commonly employed by many operating systems to
encrypt passwords. Hash functions, then, provide a measure of the integrity of a
file.
 Hash Functions
Let me reiterate that hashes are one-way encryption. You cannot take a hash and
"decrypt" it to find the original string.
Hash algorithms that are in common use today include:
Message Digest (MD) algorithms: A series of byte-oriented algorithms that

produce a 128-bit hash value from an arbitrary-length message.

MD2 : Designed for systems with limited memory, such as smart cards. MD2 is the oldest, produces a
128-bit hash value, and is regarded as slower and less secure than MD4 and MD5.
MD4 : Similar to MD2 but designed specifically for fast processing in software. MD4 produces a 128-bit
hash of the message, using bit operations on 32-bit operands for fast implementation.
MD5 : MD5 was designed as a strengthened version, a little more complex than in MD4.
 Hash Functions

Secure Hash Algorithm (SHA):

SHA originally designed by NIST (U.S. National Institute of Standards and Technology) & NSA
(National Security Agency) in 1993 was revised in 1995 as SHA-1.
Produces 160-bit hash values.
 RSA
The RSA algorithm was developed by Ron Rivest, Adi Shamir and Len Adleman at
MIT in 1978. Since this time it has reigned supreme as the most widely accepted
and implemented general-purpose approach to public-key encryption.
The RSA scheme is a block cipher in which the plaintext and ciphertext are integers
between 0 and n − 1 for some n. The scheme makes use of an expression with
exponentials.
Plaintext is encrypted in blocks having a binary value less than some number n.
 RSA
For some plaintext block M and ciphertext block C we have:
C = Me (mod n)
M = Cd (mod n) = (Me)d (mod n)
M = Med (mod n)
Both sender and receiver know n. The sender knows the value of e and only the
receiver knows the value of d. To restate:
KU = {e, n}  Public Key
KR = {d, n}  Private Key
 RSA Algorithm

Overview
Key Generation
1. Generate two large prime numbers, p and q.

2. Let n = pq.
3. Let m = (p-1) (q-1).
4. Choose a small number e, coprime to m.
5. Find d, such that de % m=1.
 Publish e and n as the public key.
 Publish d and n as the secret key.
 RSA Algorithm

Encryption
C=Pe%n

Decryption
P=Cd%n

 x % y means the remainder of x divided by y.

 RSA Algorithm
1. Generate two large prime numbers, p and q
To make the example easy to follow, I am going to use small numbers, but this is not
secure.
Lets have:
p=7
q = 19
2. Let n = pq
n=pxq
= 7 x 19
= 133
3. Let m = (p-1) (q-1)
= 6 x 18
= 108
 RSA Algorithm
4. Choose a small number, e coprime to m.
 e coprime to m, means that the largest number that can exactly
divide both e and m (their greatest common divisor, or GCD) is 1.
 Let have e= 5

e = 5  GCD (5,108) = 1 (Yes !)

 RSA Algorithm

5. Find d, such that de % m=1

This is equivalent to finding d which satisfies
de = 1 +nm, Where n is any integer.
We can rewrite this as,
d = (1 + nm)/ e
Now we work through values of n until an integer solution for e is found:
n = 0  d = (1 + 0 * 108) / 5 = 1/5 (no)
n = 1  d = (1 + 1 * 108) / 5 = 109/5 (no)
n = 2  d = (1 + 2 * 108) / 5 = 217/5 (no)
n = 3  d = (1 + 3 * 108) / 5 = 325/5 = 65 (yes !)
 RSA Algorithm

Public Key Secret Key

n = 133 n = 133

e=5 d = 65
 RSA Algorithm
Communication
Encryption

 This message must be a number less than the smaller of p and q.

 However, at this point we don’t know p or q, so in practice a lower bound on p and q must be
published.
 This can be published below their true value and so isn't a major security concern.
 For e.g., lets use the message “ 6”.
C =Pe % n
= 6 5 % 133
= 7776 % 133
= 62
 RSA Algorithm
Decryption
This works very much like encryption

P =cd %n
= 62 65 % 133
=6

 And that matches the plaintext we put in at the beginning, so that algorithm
worked.
 Diffie Hellman Key Exchange
The Diffie-Hellman key agreement protocol (1976) was the first practical
method for establishing a shared secret over an unsecured communication
channel.
The point is to agree on a key that two parties can use for a symmetric
encryption, in such a way that an eavesdropper cannot obtain the key.
 Diffie Hellman Algorithm

Steps in the algorithm:

1. Alice and Bob agree on a prime number p and a base g.

2. Alice chooses a secret number a, and sends Bob (ga mod p).

3. Bob chooses a secret number b, and sends Alice (gb mod p).

4. Alice computes ((gb mod p)a mod p).

5. Bob computes ((ga mod p)b mod p).

 Diffie Hellman Example
1.Alice and Bob agree on p = 23 and g = 5.
2. Alice chooses a = 6 and sends 56 mod 23 = 8.

3. Bob chooses b = 15 and sends 515 mod 23 = 19.

4. Alice computes 196 mod 23 = 2.

5. Bob computes 815 mod 23 = 2.

Then 2 is the shared secret.
Clearly, much larger values of a, b, and p are required. An eavesdropper cannot
discover this value even if she knows p and g and can obtain each of the
messages.
 Diffie Hellman Security

Suppose p is a prime of around 300 digits, and a and b at least 100

digits each.
Discovering the shared secret given g, p, ga mod p and gb mod p would
take longer than the lifetime of the universe, using the best known
algorithm. This is called the discrete logarithm problem.
The Diffie-Hellman algorithm accomplishes this, and is still widely
used.
With sufficiently large inputs, Diffie-Hellman is very secure.
 Digital Signatures
Digital signatures are essential in today’s modern world to verify the sender of a
document’s identity.
Digital signatures are the public-key primitives of message authentication. In the
physical world, it is common to use handwritten signatures on handwritten or
typed messages. They are used to bind signatory to the message.
Similarly, a digital signature is a technique that binds a person/entity to the digital
data. This binding can be independently verified by receiver as well as any third
party.
Digital signature is a cryptographic value that is calculated from the data and a
secret key known only by the signer.
 Digital Signatures
In real world, the receiver of message needs assurance that the message belongs to
the sender and he should not be able to repudiate the origination of that message.
This requirement is very crucial in business applications, since likelihood of a
dispute over exchanged data is very high.
Digital signatures are used to detect unauthorized modifications to data. Also, the
recipient of a digitally signed document in proving to a third party that the
document was indeed signed by the person who it is claimed to be signed by. This is
known as nonrepudiation.
Digital signature algorithms can be used in e-mails, electronic funds transfer,
electronic data interchange, software distribution, data storage, and just about any
application that would need to assure the integrity and originality of data.
 Digital Signatures
A digital signature is analogous to the handwritten signature, and provides a set of
security capabilities that would be difficult to implement in any other way.
It must have the following properties:
It must verify the author and the date and time of the signature.
 It must to authenticate the contents at the time of the signature.
It must be verifiable by third parties, to resolve disputes.

Thus, the digital signature function includes the authentication function.

Thank You