SlideShare a Scribd company logo

RSA

Download as PPT, PDF
B
bansidhar11

RSA Algorithm

Engineering
1 of 21
CS 426 (Fall 2010) Public Key Encryption and Digital Signatures
Review of Secret Key (Symmetric) Cryptography • Confidentiality – stream ciphers (uses PRNG) – block ciphers with encryption modes • Integrity – Cryptographic hash functions – Message authentication code (keyed hash functions) • Limitation: sender and receiver must share the same key – Needs secure channel for key distribution – Impossible for two parties having no prior relationship – Needs many keys for n parties to communicate
Public Key Encryption Overview • Each party has a PAIR (K, K-1) of keys: – K is the public key, and used for encryption – K-1 is the private key, and used for decryption – Satisfies DK-1[EK[M]] = M • Knowing the public-key K, it is computationally infeasible to compute the private key K-1 – How to check (K,K-1) is a pair? – Offers only computational security. PK Encryption impossible when P=NP, as deriving K-1 from K is in NP. • The public-key K may be made publicly available, e.g., in a publicly available directory – Many can encrypt, only one can decrypt • Public-key systems aka asymmetric crypto systems
Public Key Cryptography Early History • The concept is proposed in Diffie and Hellman (1976) “New Directions in Cryptography” – public-key encryption schemes – public key distribution systems • Diffie-Hellman key agreement protocol – digital signature • Public-key encryption was proposed in 1970 by James Ellis – in a classified paper made public in 1997 by the British Governmental Communications Headquarters • Concept of digital signature is still originally due to Diffie & Hellman
Public Key Encryption Algorithms • Almost all public-key encryption algorithms use either number theory and modular arithmetic, or elliptic curves • RSA – based on the hardness of factoring large numbers • El Gamal – Based on the hardness of solving discrete logarithm – Basic idea: public key gx, private key x, to encrypt: [gy, gxy M].
RSA Algorithm • Invented in 1978 by Ron Rivest, Adi Shamir and Leonard Adleman – Published as R L Rivest, A Shamir, L Adleman, "On Digital Signatures and Public Key Cryptosystems", Communications of the ACM, vol 21 no 2, pp120-126, Feb 1978 • Security relies on the difficulty of factoring large composite numbers • Essentially the same algorithm was discovered in 1973 by Clifford Cocks, who works for the British intelligence
RSA Public Key Crypto System Key generation: 1. Select 2 large prime numbers of about the same size, p and q Typically each p, q has between 512 and 2048 bits 2. Compute n = pq, and (n) = (q-1)(p-1) 3. Select e, 1<e< (n), s.t. gcd(e, (n)) = 1 Typically e=3 or e=65537 4. Compute d, 1< d< (n) s.t. ed  1 mod (n) Knowing (n), d easy to compute. Public key: (e, n) Private key: d
RSA Description (cont.) Encryption Given a message M, 0 < M < n M  Zn {0} use public key (e, n) compute C = Me mod n C  Zn {0} Decryption Given a ciphertext C, use private key (d) Compute Cd mod n = (Me mod n)d mod n = Med mod n = M
Plaintext: M C = Me mod (n=pq) Ciphertext: C Cd mod n From n, difficult to figure out p,q From (n,e), difficult to figure d. From (n,e) and C, difficult to figure out M s.t. C = Me
RSA Example • p = 11, q = 7, n = 77, (n) = 60 • d = 13, e = 37 (ed = 481; ed mod 60 = 1) • Let M = 15. Then C  Me mod n – C  1537 (mod 77) = 71 • M  Cd mod n – M  7113 (mod 77) = 15
RSA Example 2 • Parameters: – p = 3, q = 5, q= pq = 15 – (n) = ? • Let e = 3, what is d? • Given M=2, what is C? • How to decrypt?
RSA Security • Security depends on the difficulty of factoring n – Factor n => (n) => compute d from (e, (n)) • The length of n=pq reflects the strength – 700-bit n factored in 2007 – 768 bit factored in 2009 • 1024 bit for minimal level of security today – likely to be breakable in near future • Minimal 2048 bits recommended for current usage • NIST suggests 15360-bit RSA keys are equivalent in strength to 256-bit • RSA speed is quadratic in key length
Real World Usage of Public Key Encryption • Often used to encrypt a symmetric key – To encrypt a message M under a public key (n,e), generate a new AES key K, compute [RSA(n,e,K), AES(K,M)] • Plain RSA does not satisfy IND requirement. – How to break it? • One often needs padding, e.g., Optimal Asymmetric Encryption Padding (OAEP) – Roughly, to encrypt M, chooses random r, encode M as M’ = [X = M  H1(r) , Y= r  H2(X) ] where H1 and H2 are cryptographic hash functions, then encrypt it as (M’) e mod n – Note that given M’=[X,Y], r = Y  H2(X), and M = X  H1(r)
Digital Signatures: The Problem • Consider the real-life example where a person pays by credit card and signs a bill; the seller verifies that the signature on the bill is the same with the signature on the card • Contracts, they are valid if they are signed. • Signatures provide non-repudiation. – ensuring that a party in a dispute cannot repudiate, or refute the validity of a statement or contract. • Can we have a similar service in the electronic world? – Does Message Authentication Code provide non-repudiation? Why?
Digital Signatures • MAC: One party generates MAC, one party verifies integrity. • Digital signatures: One party generates signature, many parties can verify. • Digital Signature: a data string which associates a message with some originating entity. • Digital Signature Scheme: – a signing algorithm: takes a message and a (private) signing key, outputs a signature – a verification algorithm: takes a (public) key verification key, a message, and a signature • Provides: – Authentication, Data integrity, Non-Repudiation
Digital Signatures and Hash • Very often digital signatures are used with hash functions, hash of a message is signed, instead of the message. • Hash function must be: – Pre-image resistant – Weak collision resistant – Strong collision resistant
RSA Signatures Key generation (as in RSA encryption): • Select 2 large prime numbers of about the same size, p and q • Compute n = pq, and  = (q - 1)(p - 1) • Select a random integer e, 1 < e < , s.t. gcd(e, ) = 1 • Compute d, 1 < d <  s.t. ed  1 mod  Public key: (e, n) used for verification Secret key: d, used for generation
RSA Signatures (cont.) Signing message M • Verify 0 < M < n • Compute S = Md mod n Verifying signature S • Use public key (e, n) • Compute Se mod n = (Md mod n)e mod n = M Note: in practice, a hash of the message is signed and not the message itself.
The Big Picture Secrecy / Confidentiality Stream ciphers Block ciphers + encryption modes Public key encryption: RSA, El Gamal, etc. Authenticity / Integrity Message Authentication Code Digital Signatures: RSA, DSA, etc. Secret Key Setting Public Key Setting
Readings for This Lecture • Differ & Hellman: – New Directions in Cryptography
Coming Attractions … • Key management and certificates

Recommended

RSA algorithm
RSA algorithmRSA algorithm
RSA algorithm
Arpana shree
 
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithm
Indra97065
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA Algorithm
Srinadh Muvva
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
Sathish Kumar
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
7wounders
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
Dr.Florence Dayana
 
RSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyRSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key Cryptography
Md. Shafiul Alam Sagor
 
Rsa
RsaRsa
Rsa
ismaelhaider
 

Recommended

RSA algorithm
RSA algorithmRSA algorithm
RSA algorithm
Arpana shree
 
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithm
Indra97065
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA Algorithm
Srinadh Muvva
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
Sathish Kumar
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
7wounders
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
Dr.Florence Dayana
 
RSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyRSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key Cryptography
Md. Shafiul Alam Sagor
 
Rsa
RsaRsa
Rsa
ismaelhaider
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric Cryptography
UTD Computer Security Group
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key Exchange
SAURABHDHAGE6
 
Cryptography
CryptographyCryptography
Cryptography
Darshini Parikh
 
Rsa algorithm key generation
Rsa algorithm key generation Rsa algorithm key generation
Rsa algorithm key generation
swarnapatil
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptography
chauhankapil
 
El Gamal Cryptosystem
El Gamal CryptosystemEl Gamal Cryptosystem
El Gamal Cryptosystem
Adri Jovin
 
Cryptography
CryptographyCryptography
Cryptography
IGZ Software house
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithm
Sunita Kharayat
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
Uday Meena
 
Principles of public key cryptography and its Uses
Principles of public key cryptography and its UsesPrinciples of public key cryptography and its Uses
Principles of public key cryptography and its Uses
Mohsin Ali
 
Diffie Hellman.pptx
Diffie Hellman.pptxDiffie Hellman.pptx
Diffie Hellman.pptx
Sou Jana
 
Advanced cryptography and implementation
Advanced cryptography and implementationAdvanced cryptography and implementation
Advanced cryptography and implementation
Akash Jadhav
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution Methods
Gulcin Yildirim Jelinek
 
Elliptic curve cryptography
Elliptic curve cryptographyElliptic curve cryptography
Elliptic curve cryptography
Cysinfo Cyber Security Community
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Pa Van Tanku
 
Cryptography using rsa cryptosystem
Cryptography using rsa cryptosystemCryptography using rsa cryptosystem
Cryptography using rsa cryptosystem
Samdish Arora
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA Algorithm
Joon Young Park
 
Rsa
RsaRsa
Rsa
Navneet Sharma
 
Presentation about RSA
Presentation about RSAPresentation about RSA
Presentation about RSA
Srilal Buddika
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
Dr Naim R Kidwai
 
New ppt.ppt
New ppt.pptNew ppt.ppt
New ppt.ppt
ssuser4030a8
 
3 pkc+rsa
3 pkc+rsa3 pkc+rsa
3 pkc+rsa
Shashank Mishra
 

More Related Content

What's hot

Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
Uday Meena
 

What's hot (20)

Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric Cryptography
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key Exchange
 
Cryptography
CryptographyCryptography
Cryptography
 
Rsa algorithm key generation
Rsa algorithm key generation Rsa algorithm key generation
Rsa algorithm key generation
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptography
 
El Gamal Cryptosystem
El Gamal CryptosystemEl Gamal Cryptosystem
El Gamal Cryptosystem
 
Cryptography
CryptographyCryptography
Cryptography
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithm
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Principles of public key cryptography and its Uses
Principles of public key cryptography and its UsesPrinciples of public key cryptography and its Uses
Principles of public key cryptography and its Uses
 
Diffie Hellman.pptx
Diffie Hellman.pptxDiffie Hellman.pptx
Diffie Hellman.pptx
 
Advanced cryptography and implementation
Advanced cryptography and implementationAdvanced cryptography and implementation
Advanced cryptography and implementation
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution Methods
 
Elliptic curve cryptography
Elliptic curve cryptographyElliptic curve cryptography
Elliptic curve cryptography
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
 
Cryptography using rsa cryptosystem
Cryptography using rsa cryptosystemCryptography using rsa cryptosystem
Cryptography using rsa cryptosystem
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA Algorithm
 
Rsa
RsaRsa
Rsa
 
Presentation about RSA
Presentation about RSAPresentation about RSA
Presentation about RSA
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
 

Similar to RSA

RSA & MD5 algorithm
RSA & MD5 algorithmRSA & MD5 algorithm
RSA & MD5 algorithm
Siva Rushi
 

Similar to RSA (20)

New ppt.ppt
New ppt.pptNew ppt.ppt
New ppt.ppt
 
3 pkc+rsa
3 pkc+rsa3 pkc+rsa
3 pkc+rsa
 
Introduction to cryptography
Introduction to cryptographyIntroduction to cryptography
Introduction to cryptography
 
Common Crypto Pitfalls
Common Crypto PitfallsCommon Crypto Pitfalls
Common Crypto Pitfalls
 
Ch9
Ch9Ch9
Ch9
 
PUBLIC KEY & RSA.ppt
PUBLIC KEY & RSA.pptPUBLIC KEY & RSA.ppt
PUBLIC KEY & RSA.ppt
 
Unit-III_3R-CRYPTO_2021-22_VSM.pptx
Unit-III_3R-CRYPTO_2021-22_VSM.pptxUnit-III_3R-CRYPTO_2021-22_VSM.pptx
Unit-III_3R-CRYPTO_2021-22_VSM.pptx
 
OS ppt Modified.pptx
OS ppt Modified.pptxOS ppt Modified.pptx
OS ppt Modified.pptx
 
Rsa
RsaRsa
Rsa
 
RSA Algorithm.ppt
RSA Algorithm.pptRSA Algorithm.ppt
RSA Algorithm.ppt
 
Information and network security 33 rsa algorithm
Information and network security 33 rsa algorithmInformation and network security 33 rsa algorithm
Information and network security 33 rsa algorithm
 
RSA
RSARSA
RSA
 
PKC&RSA
PKC&RSAPKC&RSA
PKC&RSA
 
Simple Overview of PKI and Digital signature by Tarek_Gaber
Simple Overview of PKI and Digital signature by Tarek_GaberSimple Overview of PKI and Digital signature by Tarek_Gaber
Simple Overview of PKI and Digital signature by Tarek_Gaber
 
CNS.ppt
CNS.pptCNS.ppt
CNS.ppt
 
Rivest Shamir Adleman Algorithm and its variant : DRSA.pptx
Rivest Shamir Adleman Algorithm and its variant : DRSA.pptxRivest Shamir Adleman Algorithm and its variant : DRSA.pptx
Rivest Shamir Adleman Algorithm and its variant : DRSA.pptx
 
Ch09
Ch09Ch09
Ch09
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
RSA & MD5 algorithm
RSA & MD5 algorithmRSA & MD5 algorithm
RSA & MD5 algorithm
 
Public key cryptography and RSA
Public key cryptography and RSAPublic key cryptography and RSA
Public key cryptography and RSA
 

Recently uploaded

Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Call Girls in Nagpur High Profile
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
ankushspencer015
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
rknatarajan
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
Kamal Acharya
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
Tonystark477637
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
Asst.prof M.Gokilavani
 
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
roncy bisnoi
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
ranjana rawat
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Call Girls in Nagpur High Profile
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Christo Ananth
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 

Recently uploaded (20)

Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
 
chapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringchapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineering
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
 
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICSUNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
 

RSA

  • 1. CS 426 (Fall 2010) Public Key Encryption and Digital Signatures
  • 2. Review of Secret Key (Symmetric) Cryptography • Confidentiality – stream ciphers (uses PRNG) – block ciphers with encryption modes • Integrity – Cryptographic hash functions – Message authentication code (keyed hash functions) • Limitation: sender and receiver must share the same key – Needs secure channel for key distribution – Impossible for two parties having no prior relationship – Needs many keys for n parties to communicate
  • 3. Public Key Encryption Overview • Each party has a PAIR (K, K-1) of keys: – K is the public key, and used for encryption – K-1 is the private key, and used for decryption – Satisfies DK-1[EK[M]] = M • Knowing the public-key K, it is computationally infeasible to compute the private key K-1 – How to check (K,K-1) is a pair? – Offers only computational security. PK Encryption impossible when P=NP, as deriving K-1 from K is in NP. • The public-key K may be made publicly available, e.g., in a publicly available directory – Many can encrypt, only one can decrypt • Public-key systems aka asymmetric crypto systems
  • 4. Public Key Cryptography Early History • The concept is proposed in Diffie and Hellman (1976) “New Directions in Cryptography” – public-key encryption schemes – public key distribution systems • Diffie-Hellman key agreement protocol – digital signature • Public-key encryption was proposed in 1970 by James Ellis – in a classified paper made public in 1997 by the British Governmental Communications Headquarters • Concept of digital signature is still originally due to Diffie & Hellman
  • 5. Public Key Encryption Algorithms • Almost all public-key encryption algorithms use either number theory and modular arithmetic, or elliptic curves • RSA – based on the hardness of factoring large numbers • El Gamal – Based on the hardness of solving discrete logarithm – Basic idea: public key gx, private key x, to encrypt: [gy, gxy M].
  • 6. RSA Algorithm • Invented in 1978 by Ron Rivest, Adi Shamir and Leonard Adleman – Published as R L Rivest, A Shamir, L Adleman, "On Digital Signatures and Public Key Cryptosystems", Communications of the ACM, vol 21 no 2, pp120-126, Feb 1978 • Security relies on the difficulty of factoring large composite numbers • Essentially the same algorithm was discovered in 1973 by Clifford Cocks, who works for the British intelligence
  • 7. RSA Public Key Crypto System Key generation: 1. Select 2 large prime numbers of about the same size, p and q Typically each p, q has between 512 and 2048 bits 2. Compute n = pq, and (n) = (q-1)(p-1) 3. Select e, 1<e< (n), s.t. gcd(e, (n)) = 1 Typically e=3 or e=65537 4. Compute d, 1< d< (n) s.t. ed  1 mod (n) Knowing (n), d easy to compute. Public key: (e, n) Private key: d
  • 8. RSA Description (cont.) Encryption Given a message M, 0 < M < n M  Zn {0} use public key (e, n) compute C = Me mod n C  Zn {0} Decryption Given a ciphertext C, use private key (d) Compute Cd mod n = (Me mod n)d mod n = Med mod n = M
  • 9. Plaintext: M C = Me mod (n=pq) Ciphertext: C Cd mod n From n, difficult to figure out p,q From (n,e), difficult to figure d. From (n,e) and C, difficult to figure out M s.t. C = Me
  • 10. RSA Example • p = 11, q = 7, n = 77, (n) = 60 • d = 13, e = 37 (ed = 481; ed mod 60 = 1) • Let M = 15. Then C  Me mod n – C  1537 (mod 77) = 71 • M  Cd mod n – M  7113 (mod 77) = 15
  • 11. RSA Example 2 • Parameters: – p = 3, q = 5, q= pq = 15 – (n) = ? • Let e = 3, what is d? • Given M=2, what is C? • How to decrypt?
  • 12. RSA Security • Security depends on the difficulty of factoring n – Factor n => (n) => compute d from (e, (n)) • The length of n=pq reflects the strength – 700-bit n factored in 2007 – 768 bit factored in 2009 • 1024 bit for minimal level of security today – likely to be breakable in near future • Minimal 2048 bits recommended for current usage • NIST suggests 15360-bit RSA keys are equivalent in strength to 256-bit • RSA speed is quadratic in key length
  • 13. Real World Usage of Public Key Encryption • Often used to encrypt a symmetric key – To encrypt a message M under a public key (n,e), generate a new AES key K, compute [RSA(n,e,K), AES(K,M)] • Plain RSA does not satisfy IND requirement. – How to break it? • One often needs padding, e.g., Optimal Asymmetric Encryption Padding (OAEP) – Roughly, to encrypt M, chooses random r, encode M as M’ = [X = M  H1(r) , Y= r  H2(X) ] where H1 and H2 are cryptographic hash functions, then encrypt it as (M’) e mod n – Note that given M’=[X,Y], r = Y  H2(X), and M = X  H1(r)
  • 14. Digital Signatures: The Problem • Consider the real-life example where a person pays by credit card and signs a bill; the seller verifies that the signature on the bill is the same with the signature on the card • Contracts, they are valid if they are signed. • Signatures provide non-repudiation. – ensuring that a party in a dispute cannot repudiate, or refute the validity of a statement or contract. • Can we have a similar service in the electronic world? – Does Message Authentication Code provide non-repudiation? Why?
  • 15. Digital Signatures • MAC: One party generates MAC, one party verifies integrity. • Digital signatures: One party generates signature, many parties can verify. • Digital Signature: a data string which associates a message with some originating entity. • Digital Signature Scheme: – a signing algorithm: takes a message and a (private) signing key, outputs a signature – a verification algorithm: takes a (public) key verification key, a message, and a signature • Provides: – Authentication, Data integrity, Non-Repudiation
  • 16. Digital Signatures and Hash • Very often digital signatures are used with hash functions, hash of a message is signed, instead of the message. • Hash function must be: – Pre-image resistant – Weak collision resistant – Strong collision resistant
  • 17. RSA Signatures Key generation (as in RSA encryption): • Select 2 large prime numbers of about the same size, p and q • Compute n = pq, and  = (q - 1)(p - 1) • Select a random integer e, 1 < e < , s.t. gcd(e, ) = 1 • Compute d, 1 < d <  s.t. ed  1 mod  Public key: (e, n) used for verification Secret key: d, used for generation
  • 18. RSA Signatures (cont.) Signing message M • Verify 0 < M < n • Compute S = Md mod n Verifying signature S • Use public key (e, n) • Compute Se mod n = (Md mod n)e mod n = M Note: in practice, a hash of the message is signed and not the message itself.
  • 19. The Big Picture Secrecy / Confidentiality Stream ciphers Block ciphers + encryption modes Public key encryption: RSA, El Gamal, etc. Authenticity / Integrity Message Authentication Code Digital Signatures: RSA, DSA, etc. Secret Key Setting Public Key Setting
  • 20. Readings for This Lecture • Differ & Hellman: – New Directions in Cryptography
  • 21. Coming Attractions … • Key management and certificates