Ti Secured communications
|
|
- Philomena Cross
- 5 years ago
- Views:
Transcription
1 Ti Secured communications Pekka Jäppinen September 20, 2007 Pekka Jäppinen, Lappeenranta University of Technology: September 20, 2007
2 Relies on use of two keys: Public and private Sometimes called Public key systems Idea of publickey cryptosystem was first publicly suggested by Whitfield Diffie and Martin Hellman Encryption is conducted with the recipients public key, decryption with corresponding private key (secret key) After encryption only the recipient (or who ever knows the secret key) may decrypt the message Some algorithms can be used also for digital signatures Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
3 encryption with the signers secret key. (more on digital signatures lecture) Different kind of mathematical approaches have been developed to accomplish the result every approach relies on modular algebra e.g. calulcating in fields RSA, ElGamal, DSA (only for signing), ECC Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
4 RSA DEveloped by Ron Rivest, Adi Shamir, Leonard Adleman Key generation for RSA 1. Generate two big primes p and q, which are roughly the same size. (Has same amount of digits) 2. Calculate n = pq and φ = (p 1)(q 1) 3. Select random key e, 1 < e < φ so that gcd(e,φ) = 1. (Thus e and φ are relatively prime) 4. Calculate key d, 1 < d < φ, so that ed φ 1 i.e. d = e 1 mod(φ) (for example using extended euclidean algorithm on formulaed φk = 1) Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
5 5. Public key is (n,e), private key is d. p,q and φ should be kept secret. Encrypting and decrypting a message Divide message M in blocks that are smaller than n (i.e. is size of n is 2 65 the block size should be 64 bits on maximum. Encrypt the blocks using formula, where i is the block number Decryption is done with formula c i = M e i mod n M i = c d i mod n Proof: c d i = (M e i )d = M ed i = M k φ+1 i = M i M kφ i = M i 1 (mod n) Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
6 from key generation: ed φk = 1 ed = 1 + φk Remember the Euler s theorem a φ(p) p 1 if gcd (a,p) = 1 RSA works both ways > Encryption can be done with either public or private key. Decryption is thus done with the key not used in encryption. Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
7 Example p = 47 q = 71 n = p q = 3337 e cannot have common divisor with (p 1)(q 1) = = 3220 kanssa. Choose e = 79 ; gcd(79,3220) = 1 Calculate d = 79 1 mod 3220 = 1019 Let the message be which is same as integer 688 Encryption: mod 3337 = 1570, which in binary form is the encrypted message Decryption: mod 3337 = 688 Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
8 Speeding up RSA Choosing e cleverly can speed up the RSA calculations, Common choices are 3, 17 ja = ,has only two 1 bits in binary form (first and last bit), which speeds up calculations. For example X.509 recommends for e Algorithm for speed up can be found for example at: alg.html There are risks on using small e (see RSA security If p and q has been stored it is possible to speed up operations done with private key by using chinese remainder theorem Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
9 Roughly 4 times faster than plain exponentation Algorithm for this can be found for example at: alg.html Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
10 RSA security The security is presumed to rely on the hardness of factoring Try to factor n in order to find p and q, to be able to calculate d Current factorization methods base on quadratic sieve method. In 1994 a number with 129 digits (~428 bits) was factorized with Quadratic sieve. In 2005 number with 200 digits was factorized (663 bits), with lattice sieve algortihm There is no mathematical proof that n has to be factored in order to find out decryotion key d and message m. (no-one just don t know any other way.) Attack against value φ is not easier than factoring n. (φ is about the size of n, factoring is as hard) Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
11 Trying all possible d s has also the same complexity. Brute force attack Try all possible decryption keys d to find message when d is big enough this is at least as slow as factoring n Timing attacks measuring the time how long it takes to decrypt a message to determine the private key counter measure: Blinding e.g. multiple the cipher text with random number that is also encrypted before decrypting the message Attacks against RSA implementation or use. Common modulus attack Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
12 The implementation of RSA gives same modulus to all users. Same message is encrypted with two different keys that has same modulus (due to bad RSA implementation) c 1 = m e 1 mod n c 2 = m e 2 mod n Cryptoanalyst now knows values n,e 1,e 2,c 1,c 2 If gcd(e 1,e 2 ) = 1, which is very likely, the analyst can use extended euclidean algorithm to calculate r and s so thatre 1 +se 2 = 1 Let s presume r is in this case negative (one of the values has to be) Using extended euclideaan algorithm calculate c 1 1, after which you can calculate the original message (c 1 1 ) r c s 2 = m mod n Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
13 Several attacks when RSA is used for both encrypting and making digital signatures (these will be discussed on signatures lectures). Notes on using small encryption exponent If e(e+1) 2 linearly dependant messages are encrypted with different public keys, which have same e there is an attack against the system. If the messages are identical it is enough to have e messages to make the attack. Menezes et al. p.288 for more details to those interested. It is good idea to pad messages with random characters, to prevent such attacks (more about padding in block cipher lesson) Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
14 ElGamal Taher Elgamal, 1985 Creation of keys: Choose prime p and two random numbeers g and x which both are smaller than p Calculate y = g x mod p Public key is {y,g, p} Private key is x Signing message M with ElGamal Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
15 Choose random number k so that gcd(k, p 1) = 1 Calculate a = g k mod p Solve b from equation M = (xa + xb) mod (p 1) Signature pair is {a,b}, random number k stays secret To verify signature calculate that y a a b mod p = g M mod p (verifier do not know private key x) Every new signature requires new random k If k is revealed it is possible to solve the secret key DSA (Digital signature algorithm) is based on ElGamal algorithm Encryption with ElGamal Choose random number k so that gcd(k, p 1) = 1 Calculate a = g k mod p b = y k M mod p Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
16 Secret message is pair {a,b}, which is twice as long as original message Decryption Calculate M = b a xmod p Proof: a x p g kx and b a x p y k M a x p g xk M g xk p M ElGamal is just slighly modified diffie-hellman key-exchange protocol Security relies on the hardness of computing Discrete logarithms instead of factoring big integer like in RSA. In order to find secret key x by knowing public key {y,g, p} attacker has to solev discrete logarithm y = g x mod p Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
17 Knapsacks Idea is to gather different weights in the sack and inform the total weight Merkle-Hellman knapsack (first knapsack problem based cipher 1978) Super-Increasing set. Esim: A{1,3,7,12,30} Choose pair {n,m}, where m > SUM(A) and has no common factors with m e.g. their gcd is 1. For example: {13,55} gcd(13,55) = 1 and SUM(A) = 53 Public key is A i n mod m J{13,39,36,46,5} Encryption with public key Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
18 Divide the message in blocks which size in bits are same as the terms in sack (in this case 5) Add the values in sack on the position of 1-bits of message together For example if block is 01101: = = 80 To decrypt the key owner calculates n 1 mod m 13 1 mod 55 = 17 The cipher text is then multiplied with inverse of n with modulus m. During the decryption of the message the encrypted message is multiplied with the inverse of n and modulus m is taken from result. From the result, bit values are found out by using the secret key A. J = A n mod m A = J n 1 mod m A{1,3,7,12,30} mod 55 = = 10,12 > 10,10 7 = 3,3 3 = 0,1 > Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
19 Security of knapsacks: All known knapsack problem based algorithms have been broken. Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
20 Elliptic curves Elliptic curve is y 2 = x 3 + ax + b, where x, y, a and b are real numbers. Figure 1: Sample elliptic curves from wolfram.mathworld.com if x 3 + ax + b has no repeated factors (or if 4a b 2 0) the curve can be used to form a group for elliptic curve cryptography (ECC) Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
21 Adding points in elliptic curve group. Draw a line between points and calculate the 3rd point in curve that the line crosses. Then take reflection in the x axis of this point to get the result. If there is no third point crossed, the result is called point of infinity. Let s calculate P + Q = R where P = (xp,yp) and Q = (xq,yq) and P,Q are not negative of each other e.g. R 0 s = P y Q y P x Q x e.g. (slope of the line through P and Q) R x = s 2 P x Q x and R y = P y + s(p x R x ) Adding point to itself (e.g. P+P=2P) Draw a tangent for the selected point P in curve, calculate where the tangent crosses the curve. Then take reflection in the x axis of this point to get the result i.e. 2P to calculate with higher multipliers: 3P=2P+P, 4P=2(2P) and so on. Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
22 Calculate R when 2P = R 0 s = 3P2 x +a 2P Y R X = s 2 2P x and R y = s(p x R x ) P y Elliptic curve mod p Reducing the area on which the points may be on some field p let s assume curve: y 2 5 x 3 + 4x + 4 in mod 5 the values for x can be 0,1,2,3,4 and point of infinity x 5 0 y = 4 y 2, 2 y 5 2,3 (5-2=3)(2 2 = 4and 3 2 = 9 9mod 5 = 4) x 5 1 y y 5 2,3 x 5 2 y y 5 0 x 5 3 y 2 5 3No solution x 5 4 y y 5 2,3 x = y = Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
23 Thus the points for curve in mod 5 are (0,2),(0,3),(1,2),(1,3),(2,0),(4,2),(4,3 and (, ) Adding points is done as normal though remember a b = a b 1 adding points (1,2) and (4,3) in above curve together 3 2 slope m , ( ) x 3 5 m 2 x 1 x y 3 5 m(x 1 x 3 ) y 1 5 2(1 4) Thus: (1,2) + (4,3) = (4,2) Elliptic curve discrete logarithm problem(ecdlp): Given two points G and Y on an elliptic curve such that Y = kg (that is, Y is G added to itself k times), find the integer k. In discrete logratihm we have to try all possible powers, in elliptic curve we have to try all k Like in discrete logartihms the calculations can be done much Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
24 faster when the multiplier k is known Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
25 Elliptic curve cryptography (ECC) Let s first define the curve y 2 5 x 3 + ax + b mod p e.g.e p (a,b) Generation of keys: First select base point B in the curve Pick random integer k, which is the secret key Compute point K by scalar multiplication K=k*B Public key is [K,B,a,b,p] secret key [k,b,a,b,p] Encryption First Message is described as point M on curve Select randon integer r and compute C 0 = r B and C 1 = M + r K Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
26 The cipher text is point pair [C 0 C 1 ] Decryption calculate: C 1 k C 2 = M Proof: C 1 = M + rk, C 0 = r B and K=k*B thus: M + rk k(r B) M + r(k B) k(r B) = M ECDSA (Elliptic curve digital signature algorithm) Signatures with Elliptic curves can be done in similar fashion than ElGamal Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
27 Diffie-hellman type key exchange with elliptic curves First decide elliptic curve and choose point P A chooses random number k and calculates multiplied P i.e. kp and sends this to B B chooses random number l and calculates multiplied P i.e. lp and sends this to A Now A can calculate shared key by multiplying the received lp with k i.e. k(lp). B gets the same point by multiplying the gained results from a with his own secret i.e. l(kp) Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
28 The shared key is point lkp==klp Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
29 Elliptic curve efficiency Elliptic curves can have smaller key size than RSA or other discrete logarithm based asymmetric systems. (224 bit ECC key is equivalent to 2048 bit RSA key from security point of view) ECC is overall a bit faster than RSA (ECC with 160 bit key vs RSA 1024 bit key) ECC is faster in decryption (and signing) while slower in encryption (and verifying) than RSA. Elliptic curves have several patent issues, which has slowed down their use Pekka Jäppinen, Lappeenranta University of Technology: September 20, /28
Public Key Algorithms
Public Key Algorithms Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-09/
More informationPublic Key 9/17/2018. Symmetric Cryptography Review. Symmetric Cryptography: Shortcomings (1) Symmetric Cryptography: Analogy
Symmetric Cryptography Review Alice Bob Public Key x e K (x) y d K (y) x K K Instructor: Dr. Wei (Lisa) Li Department of Computer Science, GSU Two properties of symmetric (secret-key) crypto-systems: The
More informationChapter 8 Public-key Cryptography and Digital Signatures
Chapter 8 Public-key Cryptography and Digital Signatures v 1. Introduction to Public-key Cryptography 2. Example of Public-key Algorithm: Diffie- Hellman Key Exchange Scheme 3. RSA Encryption and Digital
More informationDefinition: For a positive integer n, if 0<a<n and gcd(a,n)=1, a is relatively prime to n. Ahmet Burak Can Hacettepe University
Number Theory, Public Key Cryptography, RSA Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr The Euler Phi Function For a positive integer n, if 0
More informationRSA. Ramki Thurimella
RSA Ramki Thurimella Public-Key Cryptography Symmetric cryptography: same key is used for encryption and decryption. Asymmetric cryptography: different keys used for encryption and decryption. Public-Key
More informationLemma 1.2. (1) If p is prime, then ϕ(p) = p 1. (2) If p q are two primes, then ϕ(pq) = (p 1)(q 1).
1 Background 1.1 The group of units MAT 3343, APPLIED ALGEBRA, FALL 2003 Handout 3: The RSA Cryptosystem Peter Selinger Let (R, +, ) be a ring. Then R forms an abelian group under addition. R does not
More informationSecurity Issues in Cloud Computing Modern Cryptography II Asymmetric Cryptography
Security Issues in Cloud Computing Modern Cryptography II Asymmetric Cryptography Peter Schwabe October 21 and 28, 2011 So far we assumed that Alice and Bob both have some key, which nobody else has. How
More informationCIS 551 / TCOM 401 Computer and Network Security
CIS 551 / TCOM 401 Computer and Network Security Spring 2008 Lecture 15 3/20/08 CIS/TCOM 551 1 Announcements Project 3 available on the web. Get the handout in class today. Project 3 is due April 4th It
More information10 Public Key Cryptography : RSA
10 Public Key Cryptography : RSA 10.1 Introduction The idea behind a public-key system is that it might be possible to find a cryptosystem where it is computationally infeasible to determine d K even if
More informationCryptography IV: Asymmetric Ciphers
Cryptography IV: Asymmetric Ciphers Computer Security Lecture 7 David Aspinall School of Informatics University of Edinburgh 31st January 2011 Outline Background RSA Diffie-Hellman ElGamal Summary Outline
More informationSlides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013
RSA Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013 Recap Recap Number theory o What is a prime number? o What is prime factorization? o What is a GCD? o What does relatively prime
More informationCRYPTOGRAPHY AND NUMBER THEORY
CRYPTOGRAPHY AND NUMBER THEORY XINYU SHI Abstract. In this paper, we will discuss a few examples of cryptographic systems, categorized into two different types: symmetric and asymmetric cryptography. We
More informationPublic-key Cryptography and elliptic curves
Public-key Cryptography and elliptic curves Dan Nichols nichols@math.umass.edu University of Massachusetts Oct. 14, 2015 Cryptography basics Cryptography is the study of secure communications. Here are
More informationOther Public-Key Cryptosystems
Other Public-Key Cryptosystems Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/
More informationCryptography. P. Danziger. Transmit...Bob...
10.4 Cryptography P. Danziger 1 Cipher Schemes A cryptographic scheme is an example of a code. The special requirement is that the encoded message be difficult to retrieve without some special piece of
More informationPublic Key Cryptography
Public Key Cryptography Spotlight on Science J. Robert Buchanan Department of Mathematics 2011 What is Cryptography? cryptography: study of methods for sending messages in a form that only be understood
More information8.1 Principles of Public-Key Cryptosystems
Public-key cryptography is a radical departure from all that has gone before. Right up to modern times all cryptographic systems have been based on the elementary tools of substitution and permutation.
More informationMathematics of Cryptography
UNIT - III Mathematics of Cryptography Part III: Primes and Related Congruence Equations 1 Objectives To introduce prime numbers and their applications in cryptography. To discuss some primality test algorithms
More informationduring transmission safeguard information Cryptography: used to CRYPTOGRAPHY BACKGROUND OF THE MATHEMATICAL
THE MATHEMATICAL BACKGROUND OF CRYPTOGRAPHY Cryptography: used to safeguard information during transmission (e.g., credit card number for internet shopping) as opposed to Coding Theory: used to transmit
More informationOther Public-Key Cryptosystems
Other Public-Key Cryptosystems Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: 10-1 Overview 1. How to exchange
More informationChapter 4 Asymmetric Cryptography
Chapter 4 Asymmetric Cryptography Introduction Encryption: RSA Key Exchange: Diffie-Hellman [NetSec/SysSec], WS 2008/2009 4.1 Asymmetric Cryptography General idea: Use two different keys -K and +K for
More informationAsymmetric Cryptography
Asymmetric Cryptography Chapter 4 Asymmetric Cryptography Introduction Encryption: RSA Key Exchange: Diffie-Hellman General idea: Use two different keys -K and +K for encryption and decryption Given a
More informationThe RSA cryptosystem and primality tests
Mathematics, KTH Bengt Ek November 2015 Supplementary material for SF2736, Discrete mathematics: The RSA cryptosystem and primality tests Secret codes (i.e. codes used to make messages unreadable to outsiders
More information8 Elliptic Curve Cryptography
8 Elliptic Curve Cryptography 8.1 Elliptic Curves over a Finite Field For the purposes of cryptography, we want to consider an elliptic curve defined over a finite field F p = Z/pZ for p a prime. Given
More informationIntroduction to Elliptic Curve Cryptography. Anupam Datta
Introduction to Elliptic Curve Cryptography Anupam Datta 18-733 Elliptic Curve Cryptography Public Key Cryptosystem Duality between Elliptic Curve Cryptography and Discrete Log Based Cryptography Groups
More informationRSA Algorithm. Factoring, EulerPhi, Breaking RSA. Çetin Kaya Koç Spring / 14
RSA Algorithm http://koclab.org Çetin Kaya Koç Spring 2018 1 / 14 Well-Known One-Way Functions Discrete Logarithm: Given p, g, and x, computing y in y = g x (mod p) is EASY Given p, g, y, computing x in
More informationMy brief introduction to cryptography
My brief introduction to cryptography David Thomson dthomson@math.carleton.ca Carleton University September 7, 2013 introduction to cryptography September 7, 2013 1 / 28 Outline 1 The general framework
More informationPowers in Modular Arithmetic, and RSA Public Key Cryptography
1 Powers in Modular Arithmetic, and RSA Public Key Cryptography Lecture notes for Access 2006, by Nick Korevaar. It was a long time from Mary Queen of Scotts and substitution ciphers until the end of the
More informationPublic-Key Cryptosystems CHAPTER 4
Public-Key Cryptosystems CHAPTER 4 Introduction How to distribute the cryptographic keys? Naïve Solution Naïve Solution Give every user P i a separate random key K ij to communicate with every P j. Disadvantage:
More informationOutline. Available public-key technologies. Diffie-Hellman protocol Digital Signature. Elliptic curves and the discrete logarithm problem
Outline Public-key cryptography A collection of hard problems Mathematical Background Trapdoor Knapsack Integer factorization Problem Discrete logarithm problem revisited Case of Study: The Sun NFS Cryptosystem
More informationA Knapsack Cryptosystem Based on The Discrete Logarithm Problem
A Knapsack Cryptosystem Based on The Discrete Logarithm Problem By K.H. Rahouma Electrical Technology Department Technical College in Riyadh Riyadh, Kingdom of Saudi Arabia E-mail: kamel_rahouma@yahoo.com
More informationPublic Key Cryptography. All secret key algorithms & hash algorithms do the same thing but public key algorithms look very different from each other.
Public Key Cryptography All secret key algorithms & hash algorithms do the same thing but public key algorithms look very different from each other. The thing that is common among all of them is that each
More informationLecture 1: Introduction to Public key cryptography
Lecture 1: Introduction to Public key cryptography Thomas Johansson T. Johansson (Lund University) 1 / 44 Key distribution Symmetric key cryptography: Alice and Bob share a common secret key. Some means
More informationAlgorithmic Number Theory and Public-key Cryptography
Algorithmic Number Theory and Public-key Cryptography Course 3 University of Luxembourg March 22, 2018 The RSA algorithm The RSA algorithm is the most widely-used public-key encryption algorithm Invented
More informationAsymmetric Encryption
-3 s s Encryption Comp Sci 3600 Outline -3 s s 1-3 2 3 4 5 s s Outline -3 s s 1-3 2 3 4 5 s s Function Using Bitwise XOR -3 s s Key Properties for -3 s s The most important property of a hash function
More informationLecture 7: ElGamal and Discrete Logarithms
Lecture 7: ElGamal and Discrete Logarithms Johan Håstad, transcribed by Johan Linde 2006-02-07 1 The discrete logarithm problem Recall that a generator g of a group G is an element of order n such that
More informationLecture V : Public Key Cryptography
Lecture V : Public Key Cryptography Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Amir Rezapoor Computer Science Department, National Chiao Tung University 2 Outline Functional
More informationCryptography. Course 1: Remainder: RSA. Jean-Sébastien Coron. September 21, Université du Luxembourg
Course 1: Remainder: RSA Université du Luxembourg September 21, 2010 Public-key encryption Public-key encryption: two keys. One key is made public and used to encrypt. The other key is kept private and
More information5199/IOC5063 Theory of Cryptology, 2014 Fall
5199/IOC5063 Theory of Cryptology, 2014 Fall Homework 2 Reference Solution 1. This is about the RSA common modulus problem. Consider that two users A and B use the same modulus n = 146171 for the RSA encryption.
More informationEncryption: The RSA Public Key Cipher
Encryption: The RSA Public Key Cipher Michael Brockway March 5, 2018 Overview Transport-layer security employs an asymmetric public cryptosystem to allow two parties (usually a client application and a
More informationInnovation and Cryptoventures. Cryptography 101. Campbell R. Harvey. Duke University, NBER and Investment Strategy Advisor, Man Group, plc
Innovation and Cryptoventures Cryptography 101 Campbell R. Harvey Duke University, NBER and Investment Strategy Advisor, Man Group, plc Revised February 6, 2017 1 Definition Cryptography is the science
More informationPublic-Key Encryption: ElGamal, RSA, Rabin
Public-Key Encryption: ElGamal, RSA, Rabin Introduction to Modern Cryptography Benny Applebaum Tel-Aviv University Fall Semester, 2011 12 Public-Key Encryption Syntax Encryption algorithm: E. Decryption
More informationElliptic Curve Cryptography with Derive
Elliptic Curve Cryptography with Derive Johann Wiesenbauer Vienna University of Technology DES-TIME-2006, Dresden General remarks on Elliptic curves Elliptic curces can be described as nonsingular algebraic
More informationIntroduction to Modern Cryptography. Benny Chor
Introduction to Modern Cryptography Benny Chor RSA Public Key Encryption Factoring Algorithms Lecture 7 Tel-Aviv University Revised March 1st, 2008 Reminder: The Prime Number Theorem Let π(x) denote the
More informationAttacks on RSA & Using Asymmetric Crypto
Attacks on RSA & Using Asymmetric Crypto Luke Anderson luke@lukeanderson.com.au 7 th April 2017 University Of Sydney Overview 1. Crypto-Bulletin 2. Breaking RSA 2.1 Chinese Remainder Theorem 2.2 Common
More informationCIS 6930/4930 Computer and Network Security. Topic 5.2 Public Key Cryptography
CIS 6930/4930 Computer and Network Security Topic 5.2 Public Key Cryptography 1 Diffie-Hellman Key Exchange 2 Diffie-Hellman Protocol For negotiating a shared secret key using only public communication
More informationdit-upm RSA Cybersecurity Cryptography
-upm Cybersecurity Cryptography José A. Mañas < http://www.dit.upm.es/~pepe/> Information Technology Department Universidad Politécnica de Madrid 4 october 2018 public key (asymmetric) public key secret
More informationCryptography CS 555. Topic 18: RSA Implementation and Security. CS555 Topic 18 1
Cryptography CS 555 Topic 18: RSA Implementation and Security Topic 18 1 Outline and Readings Outline RSA implementation issues Factoring large numbers Knowing (e,d) enables factoring Prime testing Readings:
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer 1 Lecture 13 October 16, 2017 (notes revised 10/23/17) 1 Derived from lecture notes by Ewa Syta. CPSC 467, Lecture 13 1/57 Elliptic Curves
More informationOverview. Background / Context. CSC 580 Cryptography and Computer Security. March 21, 2017
CSC 580 Cryptography and Computer Security Math for Public Key Crypto, RSA, and Diffie-Hellman (Sections 2.4-2.6, 2.8, 9.2, 10.1-10.2) March 21, 2017 Overview Today: Math needed for basic public-key crypto
More informationGreat Theoretical Ideas in Computer Science
15-251 Great Theoretical Ideas in Computer Science Lecture 22: Cryptography November 12th, 2015 What is cryptography about? Adversary Eavesdropper I will cut your throat I will cut your throat What is
More information1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2
Contents 1 Recommended Reading 1 2 Public Key/Private Key Cryptography 1 2.1 Overview............................................. 1 2.2 RSA Algorithm.......................................... 2 3 A Number
More informationTheme : Cryptography. Instructor : Prof. C Pandu Rangan. Speaker : Arun Moorthy CS
1 C Theme : Cryptography Instructor : Prof. C Pandu Rangan Speaker : Arun Moorthy 93115 CS 2 RSA Cryptosystem Outline of the Talk! Introduction to RSA! Working of the RSA system and associated terminology!
More informationMATH 158 FINAL EXAM 20 DECEMBER 2016
MATH 158 FINAL EXAM 20 DECEMBER 2016 Name : The exam is double-sided. Make sure to read both sides of each page. The time limit is three hours. No calculators are permitted. You are permitted one page
More informationNET 311D INFORMATION SECURITY
1 NET 311D INFORMATION SECURITY Networks and Communication Department TUTORIAL 3 : Asymmetric Ciphers (RSA) A Symmetric-Key Cryptography (Public-Key Cryptography) Asymmetric-key (public key cryptography)
More informationRSA RSA public key cryptosystem
RSA 1 RSA As we have seen, the security of most cipher systems rests on the users keeping secret a special key, for anyone possessing the key can encrypt and/or decrypt the messages sent between them.
More informationCSC 5930/9010 Modern Cryptography: Number Theory
CSC 5930/9010 Modern Cryptography: Number Theory Professor Henry Carter Fall 2018 Recap Hash functions map arbitrary-length strings to fixedlength outputs Cryptographic hashes should be collision-resistant
More informationIntroduction. will now introduce finite fields of increasing importance in cryptography. AES, Elliptic Curve, IDEA, Public Key
Introduction will now introduce finite fields of increasing importance in cryptography AES, Elliptic Curve, IDEA, Public Key concern operations on numbers where what constitutes a number and the type of
More informationNotes 10: Public-key cryptography
MTH6115 Cryptography Notes 10: Public-key cryptography In this section we look at two other schemes that have been proposed for publickey ciphers. The first is interesting because it was the earliest such
More informationDiscrete Mathematics GCD, LCM, RSA Algorithm
Discrete Mathematics GCD, LCM, RSA Algorithm Abdul Hameed http://informationtechnology.pk/pucit abdul.hameed@pucit.edu.pk Lecture 16 Greatest Common Divisor 2 Greatest common divisor The greatest common
More informationCPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems
CPE 776:DATA SECURITY & CRYPTOGRAPHY Some Number Theory and Classical Crypto Systems Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Some Number Theory
More informationAddition. Ch1 - Algorithms with numbers. Multiplication. al-khwārizmī. al-khwārizmī. Division 53+35=88. Cost? (n number of bits) 13x11=143. Cost?
Ch - Algorithms with numbers Addition Basic arithmetic Addition ultiplication Division odular arithmetic factoring is hard Primality testing 53+35=88 Cost? (n number of bits) O(n) ultiplication al-khwārizmī
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 13 March 3, 2013 CPSC 467b, Lecture 13 1/52 Elliptic Curves Basics Elliptic Curve Cryptography CPSC
More informationNUMBER THEORY AND CODES. Álvaro Pelayo WUSTL
NUMBER THEORY AND CODES Álvaro Pelayo WUSTL Talk Goal To develop codes of the sort can tell the world how to put messages in code (public key cryptography) only you can decode them Structure of Talk Part
More informationPublic-key Cryptography and elliptic curves
Public-key Cryptography and elliptic curves Dan Nichols University of Massachusetts Amherst nichols@math.umass.edu WINRS Research Symposium Brown University March 4, 2017 Cryptography basics Cryptography
More informationElliptic curves: Theory and Applications. Day 4: The discrete logarithm problem.
Elliptic curves: Theory and Applications. Day 4: The discrete logarithm problem. Elisa Lorenzo García Université de Rennes 1 14-09-2017 Elisa Lorenzo García (Rennes 1) Elliptic Curves 4 14-09-2017 1 /
More information2. Cryptography 2.5. ElGamal cryptosystems and Discrete logarithms
CRYPTOGRAPHY 19 Cryptography 5 ElGamal cryptosystems and Discrete logarithms Definition Let G be a cyclic group of order n and let α be a generator of G For each A G there exists an uniue 0 a n 1 such
More informationInformation Security
SE 4472 / ECE 9064 Information Security Week 12: Random Number Generators and Picking Appropriate Key Lengths Fall 2015 Prof. Aleksander Essex Random Number Generation Where do keys come from? So far we
More informationCS March 17, 2009
Discrete Mathematics CS 2610 March 17, 2009 Number Theory Elementary number theory, concerned with numbers, usually integers and their properties or rational numbers mainly divisibility among integers
More informationCryptography and RSA. Group (1854, Cayley) Upcoming Interview? Outline. Commutative or Abelian Groups
Great Theoretical Ideas in CS V. Adamchik CS 15-251 Upcoming Interview? Lecture 24 Carnegie Mellon University Cryptography and RSA How the World's Smartest Company Selects the Most Creative Thinkers Groups
More informationCosc 412: Cryptography and complexity Lecture 7 (22/8/2018) Knapsacks and attacks
1 Cosc 412: Cryptography and complexity Lecture 7 (22/8/2018) Knapsacks and attacks Michael Albert michael.albert@cs.otago.ac.nz 2 This week Arithmetic Knapsack cryptosystems Attacks on knapsacks Some
More informationWeek : Public Key Cryptosystem and Digital Signatures
Week 10-11 : Public Key Cryptosystem and Digital Signatures 1. Public Key Encryptions RSA, ElGamal, 2 RSA- PKC(1/3) 1st public key cryptosystem R.L.Rivest, A.Shamir, L.Adleman, A Method for Obtaining Digital
More informationPublic Key Algorithms
1 Public Key Algorithms ffl hash: irreversible transformation(message) ffl secret key: reversible transformation(block) encryption digital signatures authentication RSA yes yes yes El Gamal no yes no Zero-knowledge
More informationDiscrete mathematics I - Number theory
Discrete mathematics I - Number theory Emil Vatai (based on hungarian slides by László Mérai) 1 January 31, 2018 1 Financed from the financial support ELTE won from the Higher Education
More informationPublic Key Cryptography
Public Key Cryptography Introduction Public Key Cryptography Unlike symmetric key, there is no need for Alice and Bob to share a common secret Alice can convey her public key to Bob in a public communication:
More informationGurgen Khachatrian Martun Karapetyan
34 International Journal Information Theories and Applications, Vol. 23, Number 1, (c) 2016 On a public key encryption algorithm based on Permutation Polynomials and performance analyses Gurgen Khachatrian
More information9 Knapsack Cryptography
9 Knapsack Cryptography In the past four weeks, we ve discussed public-key encryption systems that depend on various problems that we believe to be hard: prime factorization, the discrete logarithm, and
More informationKTH, NADA , and D1449 Kryptografins grunder. Lecture 6: RSA. Johan Håstad, transcribed by Martin Lindkvist
Lecture 6: RSA Johan Håstad, transcribed by Martin Lindkvist 2006-01-31, 2006-02-02 and 2006-02-07 1 Introduction Using an ordinary cryptosystem, encryption uses a key K and decryption is performed by
More informationSEMINAR SECURITY - REPORT ELLIPTIC CURVE CRYPTOGRAPHY
SEMINAR SECURITY - REPORT ELLIPTIC CURVE CRYPTOGRAPHY OFER M. SHIR, THE HEBREW UNIVERSITY OF JERUSALEM, ISRAEL FLORIAN HÖNIG, JOHANNES KEPLER UNIVERSITY LINZ, AUSTRIA ABSTRACT. The area of elliptic curves
More informationLecture Notes, Week 6
YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467b: Cryptography and Computer Security Week 6 (rev. 3) Professor M. J. Fischer February 15 & 17, 2005 1 RSA Security Lecture Notes, Week 6 Several
More informationIntroduction to Cybersecurity Cryptography (Part 5)
Introduction to Cybersecurity Cryptography (Part 5) Prof. Dr. Michael Backes 13.01.2017 February 17 th Special Lecture! 45 Minutes Your Choice 1. Automotive Security 2. Smartphone Security 3. Side Channel
More informationNumber Theory & Modern Cryptography
Number Theory & Modern Cryptography Week 12 Stallings: Ch 4, 8, 9, 10 CNT-4403: 2.April.2015 1 Introduction Increasing importance in cryptography Public Key Crypto and Signatures Concern operations on
More information2 3 DIGITAL SIGNATURE STANDARD (DSS) [PROPOSED BY NIST, 1991] Pick an x 2 Z p,1 as the private key Compute y = g x (mod p) asthe public key To sign a
6.857 Computer and Network Security Fall Term, 1997 Lecture 8 : September 30, 1997 Lecturer: Ron Rivest Scribe: Debajit Ghosh 1 Topics Covered Public Key Cryptography Review of ElGamal DSS RSA Elliptic
More informationIntroduction to Cryptography. Lecture 8
Introduction to Cryptography Lecture 8 Benny Pinkas page 1 1 Groups we will use Multiplication modulo a prime number p (G, ) = ({1,2,,p-1}, ) E.g., Z 7* = ( {1,2,3,4,5,6}, ) Z p * Z N * Multiplication
More informationPolynomial Interpolation in the Elliptic Curve Cryptosystem
Journal of Mathematics and Statistics 7 (4): 326-331, 2011 ISSN 1549-3644 2011 Science Publications Polynomial Interpolation in the Elliptic Curve Cryptosystem Liew Khang Jie and Hailiza Kamarulhaili School
More informationNUMBER THEORY FOR CRYPTOGRAPHY
1 CHAPTER 4. NUMBER THEORY FOR CRYPTOGRAPHY 1 INSTITÚID TEICNEOLAÍOCHTA CHEATHARLACH INSTITUTE OF TECHNOLOGY CARLOW NUMBER THEORY FOR CRYPTOGRAPHY Contents 1 Number Theory for Cryptography 2 1.1 Linear
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 33 The Diffie-Hellman Problem
More informationIntroduction to Cybersecurity Cryptography (Part 4)
Introduction to Cybersecurity Cryptography (Part 4) Review of Last Lecture Blockciphers Review of DES Attacks on Blockciphers Advanced Encryption Standard (AES) Modes of Operation MACs and Hashes Message
More informationOWO Lecture: Modular Arithmetic with Algorithmic Applications
OWO Lecture: Modular Arithmetic with Algorithmic Applications Martin Otto Winter Term 2008/09 Contents 1 Basic ingredients 1 2 Modular arithmetic 2 2.1 Going in circles.......................... 2 2.2
More informationOne can use elliptic curves to factor integers, although probably not RSA moduli.
Elliptic Curves Elliptic curves are groups created by defining a binary operation (addition) on the points of the graph of certain polynomial equations in two variables. These groups have several properties
More informationIntroduction. What is RSA. A Guide To RSA by Robert Yates. Topics
A Guide To RSA by Robert Yates. Topics Introduction...01/09 What is RSA...01/09 Mod-Exponentiation...02/09 Euler's Theorem...03/09 RSA Algorithm...08/09 RSA Security...09/09 Introduction Welcome to my
More informationPublic Key Cryptography
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Public Key Cryptography EECE 412 1 What is it? Two keys Sender uses recipient s public key to encrypt Receiver uses his private key to decrypt
More informationENEE 457: Computer Systems Security 10/3/16. Lecture 9 RSA Encryption and Diffie-Helmann Key Exchange
ENEE 457: Computer Systems Security 10/3/16 Lecture 9 RSA Encryption and Diffie-Helmann Key Exchange Charalampos (Babis) Papamanthou Department of Electrical and Computer Engineering University of Maryland,
More informationFundamentals of Modern Cryptography
Fundamentals of Modern Cryptography BRUCE MOMJIAN This presentation explains the fundamentals of modern cryptographic methods. Creative Commons Attribution License http://momjian.us/presentations Last
More informationIntroduction to Cybersecurity Cryptography (Part 4)
Introduction to Cybersecurity Cryptography (Part 4) Review of Last Lecture Blockciphers Review of DES Attacks on Blockciphers Advanced Encryption Standard (AES) Modes of Operation MACs and Hashes Message
More information1 What are Physical Attacks. 2 Physical Attacks on RSA. Today:
Today: Introduction to the class. Examples of concrete physical attacks on RSA A computational approach to cryptography Pseudorandomness 1 What are Physical Attacks Tampering/Leakage attacks Issue of how
More informationLecture 6: Cryptanalysis of public-key algorithms.,
T-79.159 Cryptography and Data Security Lecture 6: Cryptanalysis of public-key algorithms. Helsinki University of Technology mjos@tcs.hut.fi 1 Outline Computational complexity Reminder about basic number
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 11 October 7, 2015 CPSC 467, Lecture 11 1/37 Digital Signature Algorithms Signatures from commutative cryptosystems Signatures from
More informationElliptic Curves. Giulia Mauri. Politecnico di Milano website:
Elliptic Curves Giulia Mauri Politecnico di Milano email: giulia.mauri@polimi.it website: http://home.deib.polimi.it/gmauri May 13, 2015 Giulia Mauri (DEIB) Exercises May 13, 2015 1 / 34 Overview 1 Elliptic
More informationArithmétique et Cryptographie Asymétrique
Arithmétique et Cryptographie Asymétrique Laurent Imbert CNRS, LIRMM, Université Montpellier 2 Journée d inauguration groupe Sécurité 23 mars 2010 This talk is about public-key cryptography Why did mathematicians
More information