Public-Key Cryptography and

RSA

Nelson Ochieng
Overview

• Public-key algorithms are based on mathematical

functions rather than substitution & permutation
• Uses 2 keys
• Does not replace symmetric encryption.
• Key distribution still needs some form of protocol.
• Much of the theory of public-key encryption is
based on number theory.
Principles of PK Cryptography

• Concept of Public-Key cryptography evolved from

an attempt to attack 2 of the most difficult
problems associated with symmetric encryption:
– Key distribution
– Digital signatures
Public-Key cryptosystem

• Asymmetric algorithms rely on one key for encryption

and a different but related key for decryption.
• The algorithms have the following important
characteristics:
– It is computationally infeasible to determine the decryption
key given only knowledge of the cryptographic algorithm
and the encryption key.
– In addition, for some algorithms, such as RSA, either of the
2 related keys can be used for encryption with the other
used for decryption.
• 6 Ingredients:
– Plain text
– Encryption algorithm
– Public and Private Keys
– Cipher text
– Decryption algorithm
Public-Key Cryptography
• Essential Steps:
– Each user generates a pair of keys to be used for the
encryption and decryption
– Each user places one of the 2 keys in a public register
or other accessible file. This is the public key. The
companion key is kept private.
– If Bob wishes to send a confidential message to Alice,
Bob encrypts the message using Alice’s public key.
– When Alice receives the message, she decrypts it using
her key.
• Essential Elements:
– There is some source A that produces a message in
plaintext, X=[x1, x2,…, xm] intended for destination B.
– B generates a related pair of keys:
• A public key, PUb
• A private key, PRb
– With the message X and the encryption key Pub as
input, A forms the cipher text Y=[y1, y2,…, yn]
– Y=E(Pub,X)
• Essential Elements:
– The intended receiver, in possession of the matching
private key, is able to invert the transformation.
• X=D(PRb,Y)
This provides confidentiality
Applications for PK
Cryptosystem

• Encryption/Decryption (RSA, Elliptic curve)

• Digital Signature (RSA, Elliptic curve, DSS)
• Key exchange (RSA, Elliptic curve, Diffie-Hellman)
Requirements for PK
cryptography

• It is computationally easy for a party B to generate

a pair (public key, private key)
• It is computationally easy for a sender A, knowing
the public key and the message to be encrypted,
M, to generate the corresponding cipher text
C=E(PUb, M)
• It is computationally easy for the receiver B to
decrypt the resulting cipher text using the private
key to recover the original message. M=D(PR b, C)
• It is computationally infeasible for an adversary,
knowing the public key, to determine the private
key.
• It is computationally infeasible for an adversary,
knowing the public key, and cipher text, C, to
recover the original message, M.
Public Key Cryptanalysis

• Vulnerable to a brute-force attack: use larger keys

to thwart.
• Not proven infeasible to compute the private key
given the public key.
• Probable-message attack: thwart by appending
some random bits to sample messages.
RSA Algorithm

• Based on exponentiation
• Developed in 1977 by Ron Rivest, Adi Shamir,
and Len Adleman at MIT
• Most widely accepted and implemented general-
purpose approach to public-key encryption.
• A block cipher in which the PT and CT are
integers between 0 and n-1 for some n.
Description of the Algorithm

• C=Me mod n
• M=Cd mod n
• Both the sender and the receiver must known n.
the sender knows the value of e, and only the
receiver knows the value of d.
• PU={e,n}
• PR={d,n}
• Steps:
– Select 2 prime numbers, p=17 and q=11
– Calculate n=pq =17*11=187
– Calculate phi(n) = (p-1)*(q-1) = 16*10=160
– Select e such that e is relatively prime to phi(n) and less
than phi(n), for example e=7.
– Determine d such that de ≡1 mod 160 and d < 160. The
correct value of d=23, because 23*7=161
– The resulting keys are public key PU={7,187} and
private key PR={23,187}
RSA Example En/Decrypt

• Given a message M=88 (nb. 88<187)

– Encryption: C=887 mod 187 = 11
– Decryption: M=1123 mod 187 = 88
Comments & Questions