Mathematical Foundations of Public-Key Cryptography
|
|
- Blaze Carroll
- 6 years ago
- Views:
Transcription
1 Mathematical Foundations of Public-Key Cryptography Adam C. Champion and Dong Xuan CSE 4471: Information Security Material based on (Stallings, 2006) and (Paar and Pelzl, 2010)
2 Outline Review: Basic Mathematical Foundations Group Theory Number Theory Case Study: RSA Cryptosystem
3 Review: Sets A set S is an unordered collection of similar mathematical objects Duplicate objects are not double counted Suppose S 1 = {1, 2, 3, 4} and S 2 = {1, 2, 3, 4, 2}. Both sets have four elements Operations: Intersection: S 1 \ S 2 = {s 1,s 2 : s 1 2 S 1 ^ s 2 2 S 2 } Union: S 1 [ S 2 = {s 1,s 2 : s 1 2 S 1 _ s 2 2 S 2 } Cardinality: S = number of elements in S Well-known sets: N = {1, 2,...} Z = {0, ±1, ±2,...} Q = {p/q : p, q 2 Z ^ q 6= 0} R = {real numbers} C = {complex numbers}
4 Review: Relations A relation R on sets S 1,...,S N is a subset of their Cartesian product: R S 1 S N R s arity equals N (binary, n-ary) Properties: Reflexive: if for all s 2 S, s R s Symmetric: if s 1 R s 2 =) s 2 R s 1 for all s 1,s 2 2 S Transitive: if s 1 R s 2 ^ s 2 R s 3 =) s 1 R s 3 for all s 1,s 2,s 3 2 S Equivalence relation: a relation R that is reflexive, symmetric, and transitive
5 Review: Integer Division For an integer divisor d, we can write any integer n as n = d q + r, where r 2 [0,...,d 1]. As n r = d q, n r (mod d). Division by d actually partitions Z into equivalence classes w.r.t. congruence modulo d: Example 1: Odd and even integers. d =2. Every odd integer n can be written as 2 q +1for some integer q. Every even integer m can be written as 2 q 0 for some integer q 0. The equivalence classes are {..., 3, 1, 1, 3,...} and {..., 4, 2, 0, 2, 4,...}. Example 2: d =5. Notice 8 3=5 1and 23 3 = 5 4, so 23 8 (mod 5). Remainders are not unique! What are the equivalence classes? See (Knuth, 1997; Paar and Pelzl, 2010) for more details.
6 Outline Review: Basic Mathematical Foundations Group Theory Number Theory Case Study: RSA Cryptosystem
7 Groups I A group comprises a set G and an operator, which maps each pair (a, b) (where a, b 2 G) to (a b) 2 G subject to the following axioms: (Stallings, 2006): (A1) Closure: a, b 2 G =) a b 2 G; (A2) Associativity: a (b c) =(a b) c for all a, b, c 2 G; (A3) Identity element: There is an element " 2 G such that a " = " a = a for all a 2 G. (A4) Inverse element: For each a 2 G, there is an element a 0 2 G such that a a 0 = a 0 a = ". Abelian groups obey axiom (A5), commutativity: a b = b a for all a, b 2 G. Not all groups are abelian! refers to any generic operator that obeys axioms (A1) (A4)
8 Groups II Example group: S n, the set of all possible permutations of N = {1,...,n} distinct symbols, denotes permutation operation (Stallings, 2006) Permuting a permutation of N yields a permutation of N, e.g., {3, 2, 1} {1, 3, 2} = {2, 3, 1} for n =3 Associativity holds too Identity element: {1,...,n} Inverse element: permutation mapping N s current permutation to {1,...,n}
9 Rings I A ring R is an abelian group with addition and multiplication operations +, satisfying the following axioms: (Stallings, 2006) (A1) (A5) Abelian group axioms (closure under addition operator +, associativity of addition, existence of identity element 0, existence of inverse element a) (M1) Closure under multiplication: for all a, b 2 R, a b 2 R (M2) Associativity of multiplication: (a b) c = a (b c) for all a, b, c 2 R (M3) Distributive laws: a (b + c) =(a b)+(a c) for all a, b, c 2 R; (a + b) c =(a c)+(b c) for all a, b, c 2 R.
10 Rings II Commutative rings satisfy axiom (M4), commutativity of multiplication: a b = b a for all a, b 2 R Integral domains are commutative rings satisfying the following additional axioms: (M5) Multiplicative identity: There is an element 1 2 R such that a 1=1 a = a for all a 2 R (M6) No zero divisors: If a, b 2 R and a b =0, then a =0or b =0
11 Rings III Example: Ring of integers Z m = {0,...,m 1} with addition, multiplication operators +, such that, for a, b 2 Z m : (Paar and Pelzl, 2010) (1) a + b = c (mod m) (c 2 Z m ); (2) a b = d (mod m) (d 2 Z m ). If m =9, then Z 9 = {0, 1, 2, 3, 4, 5, 6, 7, 8} = 14 5 (mod 9) 6 8 = 48 3 (mod 9) Multiplicative inverse exists only for integers a 2 Z m coprime to m. For such integers, (a b) (a c) (modn) =) b c (mod n).
12 Fields A field F is a set of elements with addition and multiplication operations +, satisfying the following axioms: (A1) (M6) Integral domain axioms (M7) Multiplicative inverse: For all a 2 F (except 0), there is an element a 1 2 F such that a a 1 =(a 1 a) =1. Examples of fields: rational numbers Q, real numbers R, complex numbers C
13 Outline Review: Basic Mathematical Foundations Group Theory Number Theory Case Study: RSA Cryptosystem
14 Primality An integer n is prime if and only if n has two divisors: 1 and n. Example primes: P = {2, 3, 5, 7, 11, 13, 17, 19,...} = {p 1,p 2,...} Fundamental Theorem of Arithmetic: Every integer n>1 is either prime or can be written as a unique product of primes. Examples: 7=7 1 = = = More generally, n = p e 1 1 pe 2 2 = Y p i 2P p e i i, where e i 2{0, 1, 2,...} (1)
15 Greatest Common Divisor The greatest common divisor (GCD) of integers m and n is the largest integer d that divides both m and n. Notation: gcd(m, n) =d. If gcd(m, n) =1for integers m and n, then m and n are coprime. How do we find the GCD? Small numbers: multiply common prime factors. Example: m = 84,n= 30. m = ; n =2 3 5; gcd(m, n) =2 3=6 This approach is inefficient for large numbers
16 Euclid s Algorithm Faster algorithm to find GCD, exploits the following theorem: gcd(m, n) =gcd(n, m mod n) (m>n) PROOF: Let d = gcd(m, n). As d m and d n, we can write m = d k and n = d ` for coprime integers k, ` (k >`>0). (k `) and ` are coprime too. Then gcd(x y, y) = gcd(d (k `),d `) =d. Algorithm 1 EUCLID(m, n) 1: A m; B n 2: while B 6= 0do 3: R A mod B 4: A B 5: B R 6: return A Compute gcd(84, 30) and gcd(973, 301).
17 Extended Euclidean Algorithm If gcd(m, n) =1for positive integer m<n, there is a positive multiplicative inverse modulo m, n 1, such that n n 1 =1modm Euclidean algorithm can be extended to compute n 1 if it exists (and return gcd(m, n)) (Stallings, 2006) Algorithm 2 EXTENDED EUCLID(m, n) 1: (A 1,A 2,A 3 ) (1, 0,m); (B 1,B 2,B 3 ) (0, 1,n) 2: while true do 3: if B 3 == 0 then return A 3 // no inverse 4: if B 3 == 1 then return B 3 // B 2 = n 1 mod m 5: Q = ba 3 /B 3 c 6: (T 1,T 2,T 3 ) (A 1 Q B 1,A 2 Q B 2,A 3 Q B 3 ) 7: (A 1,A 2,A 3 ) (B 1,B 2,B 3 ) 8: (B 1,B 2,B 3 ) (T 1,T 2,T 3 )
18 Euler s Totient Function I Consider the ring Z m = {0,...,m 1}. We want to find how many integers in Z m are coprime to m, i.e., '(m). Convention: '(1) = 1. Let s compute '(5) and '(6)...
19 Euler s Totient Function II If m is prime, '(m) =(m 1). Otherwise, we need to determine m s (unique) prime factorization to compute '(m). Recall Eq. (1): m = Y p i 2P p e i i, where e i 2{0, 1, 2,...}. Let be the smallest prime larger than m ( is the n-th prime). Then '(m) = ny i=1 (p e i i p e i 1 i ). (2) Let s compute '(240) using Eq. (2)...
20 More Number Theory Theorems Fermat s Little Theorem: Let a be an integer and p be a prime. Then a p a (mod p). Equivalently, a p 1 1(modp). So we can invert a modulo p: a 1 a p 2 (mod p). Euler s Theorem: Let a and m be integers such that gcd(a, m) =1. Then a '(m) 1(modm). Notice that Euler s Theorem is a generalization of Fermat s Little Theorem (arbitrary modulus).
21 Outline Review: Basic Mathematical Foundations Group Theory Number Theory Case Study: RSA Cryptosystem
22 RSA Cryptosystem Widely used public-key (asymmetric) cryptosystem Security based on the following: it s easy to multiply large primes, but very hard to factor the product (Paar and Pelzl, 2010) Computations in integer ring Z n, where plaintext m 2 Z n RSA Encryption: Given public key (n, e) =k pub and plaintext m, the encryption function is c = E kpub (m) m e (mod n), (3) where x, y 2 Z n. RSA Decryption: Given private key (n, d) =k priv and ciphertext c, the decryption function is where x, y 2 Z n. m = D kpriv c d (mod n), (4)
23 RSA Key Generation Algorithm 3 RSA KEY GENERATION 1: Choose two large primes p and q 2: Compute n p q 3: Compute '(n) =(p 1)(q 1) 4: Select public exponent e 2{1, 2,...,'(n)} such that gcd(e, '(n)) = 1 5: Choose private exponent d such that d e 1(mod'(n)) Suppose Alice picks p =3and q =11and wants to send m =4to Bob. How would the RSA scheme work?
24 RSA in Practice This textbook RSA scheme has several weaknesses: (Paar and Pelzl, 2010) RSA encryption is deterministic Plaintext values m =0,m=1,m= 1 produce the same ciphertext values (c =0,c=1,c= 1) Attacks are possible with small plaintext and exponent values In practice, RSA encryption is combined with zero padding, salt, and message hash functions to securely transmit messages
25 RSA Digital Signatures The RSA algorithm can be repurposed for digitally signing a message m Public key k pub =(n, d), private key k priv =(n, e) Signing: Compute s = Sign kpriv (m) m d (mod n) Verification: Compute m 0 = s e mod n. If m 0 m (mod n), the signature is valid.
26 Questions & Comments? Thank you! If you find this material interesting, consider taking CSE 5473 (Introduction to Network Security) and/or CSE 5431 (Introduction to Cryptography). More to explore: (Sage Math, 2012) ( Sage-based notes on the RSA cryptosystem (van Nguyen, 2010); Free book on number theory (Stein, 2008)
27 References I Knuth, D. E. (1997). The Art of Computer Programming, volume 1. Addison-Wesley, 3rd edition. Paar, C. and Pelzl, J. (2010). Understanding Cryptography: A Textbook for Students and Practioners. Springer, 2nd edition. Sage Math (2012). Stallings, W. (2006). Cryptography and Network Security. Addison-Wesley, 4th edition. Stein, W. (2008). Elementary Number Theory: Primes, Congruences, and Secrets. Springer. van Nguyen, M. (2010). Number Theory and the RSA Cryptosystem. downloads/numtheory-crypto-1.1.pdf.
Carmen s Core Concepts (Math 135)
Carmen s Core Concepts (Math 135) Carmen Bruni University of Waterloo Week 8 1 The following are equivalent (TFAE) 2 Inverses 3 More on Multiplicative Inverses 4 Linear Congruence Theorem 2 [LCT2] 5 Fermat
More informationIntroduction to Public-Key Cryptosystems:
Introduction to Public-Key Cryptosystems: Technical Underpinnings: RSA and Primality Testing Modes of Encryption for RSA Digital Signatures for RSA 1 RSA Block Encryption / Decryption and Signing Each
More informationNumber Theory & Modern Cryptography
Number Theory & Modern Cryptography Week 12 Stallings: Ch 4, 8, 9, 10 CNT-4403: 2.April.2015 1 Introduction Increasing importance in cryptography Public Key Crypto and Signatures Concern operations on
More informationNumber Theory and Algebra: A Brief Introduction
Number Theory and Algebra: A Brief Introduction Indian Statistical Institute Kolkata May 15, 2017 Elementary Number Theory: Modular Arithmetic Definition Let n be a positive integer and a and b two integers.
More informationMathematics of Cryptography
UNIT - III Mathematics of Cryptography Part III: Primes and Related Congruence Equations 1 Objectives To introduce prime numbers and their applications in cryptography. To discuss some primality test algorithms
More informationLemma 1.2. (1) If p is prime, then ϕ(p) = p 1. (2) If p q are two primes, then ϕ(pq) = (p 1)(q 1).
1 Background 1.1 The group of units MAT 3343, APPLIED ALGEBRA, FALL 2003 Handout 3: The RSA Cryptosystem Peter Selinger Let (R, +, ) be a ring. Then R forms an abelian group under addition. R does not
More informationCourse 2BA1: Trinity 2006 Section 9: Introduction to Number Theory and Cryptography
Course 2BA1: Trinity 2006 Section 9: Introduction to Number Theory and Cryptography David R. Wilkins Copyright c David R. Wilkins 2006 Contents 9 Introduction to Number Theory and Cryptography 1 9.1 Subgroups
More information[Part 2] Asymmetric-Key Encipherment. Chapter 9. Mathematics of Cryptography. Objectives. Contents. Objectives
[Part 2] Asymmetric-Key Encipherment Mathematics of Cryptography Forouzan, B.A. Cryptography and Network Security (International Edition). United States: McGraw Hill, 2008. Objectives To introduce prime
More informationECE596C: Handout #11
ECE596C: Handout #11 Public Key Cryptosystems Electrical and Computer Engineering, University of Arizona, Loukas Lazos Abstract In this lecture we introduce necessary mathematical background for studying
More informationChapter 8 Public-key Cryptography and Digital Signatures
Chapter 8 Public-key Cryptography and Digital Signatures v 1. Introduction to Public-key Cryptography 2. Example of Public-key Algorithm: Diffie- Hellman Key Exchange Scheme 3. RSA Encryption and Digital
More informationSlides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013
RSA Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013 Recap Recap Number theory o What is a prime number? o What is prime factorization? o What is a GCD? o What does relatively prime
More informationNumber Theory and Group Theoryfor Public-Key Cryptography
Number Theory and Group Theory for Public-Key Cryptography TDA352, DIT250 Wissam Aoudi Chalmers University of Technology November 21, 2017 Wissam Aoudi Number Theory and Group Theoryfor Public-Key Cryptography
More informationThe security of RSA (part 1) The security of RSA (part 1)
The modulus n and its totient value φ(n) are known φ(n) = p q (p + q) + 1 = n (p + q) + 1 The modulus n and its totient value φ(n) are known φ(n) = p q (p + q) + 1 = n (p + q) + 1 i.e. q = (n φ(n) + 1)
More informationLecture 3.1: Public Key Cryptography I
Lecture 3.1: Public Key Cryptography I CS 436/636/736 Spring 2015 Nitesh Saxena Today s Informative/Fun Bit Acoustic Emanations http://www.google.com/search?source=ig&hl=en&rlz=&q=keyboard+acoustic+em
More informationCPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems
CPE 776:DATA SECURITY & CRYPTOGRAPHY Some Number Theory and Classical Crypto Systems Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Some Number Theory
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 8 February 1, 2012 CPSC 467b, Lecture 8 1/42 Number Theory Needed for RSA Z n : The integers mod n Modular arithmetic GCD Relatively
More informationOverview. Background / Context. CSC 580 Cryptography and Computer Security. March 21, 2017
CSC 580 Cryptography and Computer Security Math for Public Key Crypto, RSA, and Diffie-Hellman (Sections 2.4-2.6, 2.8, 9.2, 10.1-10.2) March 21, 2017 Overview Today: Math needed for basic public-key crypto
More informationIterated Encryption and Wiener s attack on RSA
Iterated Encryption Euler s function Euler s function: φ(n) = {1 x n : gcd(x, n) = 1} Theorem (Euler) If n is a positive integer and m is a positive integer coprime to n then m φ(n) mod n = 1. Iterated
More informationNumber Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.
CSS322: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 29 December 2011 CSS322Y11S2L06, Steve/Courses/2011/S2/CSS322/Lectures/number.tex,
More informationPublic Key Cryptography
Public Key Cryptography Spotlight on Science J. Robert Buchanan Department of Mathematics 2011 What is Cryptography? cryptography: study of methods for sending messages in a form that only be understood
More informationTopics in Cryptography. Lecture 5: Basic Number Theory
Topics in Cryptography Lecture 5: Basic Number Theory Benny Pinkas page 1 1 Classical symmetric ciphers Alice and Bob share a private key k. System is secure as long as k is secret. Major problem: generating
More informationNUMBER THEORY AND CODES. Álvaro Pelayo WUSTL
NUMBER THEORY AND CODES Álvaro Pelayo WUSTL Talk Goal To develop codes of the sort can tell the world how to put messages in code (public key cryptography) only you can decode them Structure of Talk Part
More informationCourse MA2C02, Hilary Term 2013 Section 9: Introduction to Number Theory and Cryptography
Course MA2C02, Hilary Term 2013 Section 9: Introduction to Number Theory and Cryptography David R. Wilkins Copyright c David R. Wilkins 2000 2013 Contents 9 Introduction to Number Theory 63 9.1 Subgroups
More informationApplied Cryptography and Computer Security CSE 664 Spring 2018
Applied Cryptography and Computer Security Lecture 12: Introduction to Number Theory II Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline This time we ll finish the
More information1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2
Contents 1 Recommended Reading 1 2 Public Key/Private Key Cryptography 1 2.1 Overview............................................. 1 2.2 RSA Algorithm.......................................... 2 3 A Number
More informationLecture 1: Introduction to Public key cryptography
Lecture 1: Introduction to Public key cryptography Thomas Johansson T. Johansson (Lund University) 1 / 44 Key distribution Symmetric key cryptography: Alice and Bob share a common secret key. Some means
More informationIntroduction to Cybersecurity Cryptography (Part 5)
Introduction to Cybersecurity Cryptography (Part 5) Prof. Dr. Michael Backes 13.01.2017 February 17 th Special Lecture! 45 Minutes Your Choice 1. Automotive Security 2. Smartphone Security 3. Side Channel
More informationCryptography. Course 1: Remainder: RSA. Jean-Sébastien Coron. September 21, Université du Luxembourg
Course 1: Remainder: RSA Université du Luxembourg September 21, 2010 Public-key encryption Public-key encryption: two keys. One key is made public and used to encrypt. The other key is kept private and
More informationLecture 5: Arithmetic Modulo m, Primes and Greatest Common Divisors Lecturer: Lale Özkahya
BBM 205 Discrete Mathematics Hacettepe University http://web.cs.hacettepe.edu.tr/ bbm205 Lecture 5: Arithmetic Modulo m, Primes and Greatest Common Divisors Lecturer: Lale Özkahya Resources: Kenneth Rosen,
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 9 September 30, 2015 CPSC 467, Lecture 9 1/47 Fast Exponentiation Algorithms Number Theory Needed for RSA Elementary Number Theory
More informationCSC 5930/9010 Modern Cryptography: Number Theory
CSC 5930/9010 Modern Cryptography: Number Theory Professor Henry Carter Fall 2018 Recap Hash functions map arbitrary-length strings to fixedlength outputs Cryptographic hashes should be collision-resistant
More informationCRYPTOGRAPHY AND NUMBER THEORY
CRYPTOGRAPHY AND NUMBER THEORY XINYU SHI Abstract. In this paper, we will discuss a few examples of cryptographic systems, categorized into two different types: symmetric and asymmetric cryptography. We
More informationBasic elements of number theory
Cryptography Basic elements of number theory Marius Zimand By default all the variables, such as a, b, k, etc., denote integer numbers. Divisibility a 0 divides b if b = a k for some integer k. Notation
More informationBasic elements of number theory
Cryptography Basic elements of number theory Marius Zimand 1 Divisibility, prime numbers By default all the variables, such as a, b, k, etc., denote integer numbers. Divisibility a 0 divides b if b = a
More informationAsymmetric Encryption
-3 s s Encryption Comp Sci 3600 Outline -3 s s 1-3 2 3 4 5 s s Outline -3 s s 1-3 2 3 4 5 s s Function Using Bitwise XOR -3 s s Key Properties for -3 s s The most important property of a hash function
More informationIntroduction to Cryptography. Lecture 6
Introduction to Cryptography Lecture 6 Benny Pinkas page 1 Public Key Encryption page 2 Classical symmetric ciphers Alice and Bob share a private key k. System is secure as long as k is secret. Major problem:
More informationDiscrete Mathematics GCD, LCM, RSA Algorithm
Discrete Mathematics GCD, LCM, RSA Algorithm Abdul Hameed http://informationtechnology.pk/pucit abdul.hameed@pucit.edu.pk Lecture 16 Greatest Common Divisor 2 Greatest common divisor The greatest common
More informationIntroduction to Cybersecurity Cryptography (Part 4)
Introduction to Cybersecurity Cryptography (Part 4) Review of Last Lecture Blockciphers Review of DES Attacks on Blockciphers Advanced Encryption Standard (AES) Modes of Operation MACs and Hashes Message
More informationRSA. Ramki Thurimella
RSA Ramki Thurimella Public-Key Cryptography Symmetric cryptography: same key is used for encryption and decryption. Asymmetric cryptography: different keys used for encryption and decryption. Public-Key
More informationNumber theory. Myrto Arapinis School of Informatics University of Edinburgh. October 9, /29
Number theory Myrto Arapinis School of Informatics University of Edinburgh October 9, 2014 1/29 Division Definition If a and b are integers with a 6= 0, then a divides b if there exists an integer c such
More informationIntroduction to Cybersecurity Cryptography (Part 4)
Introduction to Cybersecurity Cryptography (Part 4) Review of Last Lecture Blockciphers Review of DES Attacks on Blockciphers Advanced Encryption Standard (AES) Modes of Operation MACs and Hashes Message
More informationNumber Theory. Modular Arithmetic
Number Theory The branch of mathematics that is important in IT security especially in cryptography. Deals only in integer numbers and the process can be done in a very fast manner. Modular Arithmetic
More informationPublic Key Cryptography
Public Key Cryptography Introduction Public Key Cryptography Unlike symmetric key, there is no need for Alice and Bob to share a common secret Alice can convey her public key to Bob in a public communication:
More informationCIS 551 / TCOM 401 Computer and Network Security
CIS 551 / TCOM 401 Computer and Network Security Spring 2008 Lecture 15 3/20/08 CIS/TCOM 551 1 Announcements Project 3 available on the web. Get the handout in class today. Project 3 is due April 4th It
More informationHans Delfs & Helmut Knebl: Kryptographie und Informationssicherheit WS 2008/2009. References. References
Hans Delfs & Helmut Knebl: Kryptographie und Informationssicherheit WS 2008/2009 Die Unterlagen sind ausschliesslich zum persoenlichen Gebrauch der Vorlesungshoerer bestimmt. Die Herstellung von elektronischen
More informationCryptography IV: Asymmetric Ciphers
Cryptography IV: Asymmetric Ciphers Computer Security Lecture 7 David Aspinall School of Informatics University of Edinburgh 31st January 2011 Outline Background RSA Diffie-Hellman ElGamal Summary Outline
More informationdit-upm RSA Cybersecurity Cryptography
-upm Cybersecurity Cryptography José A. Mañas < http://www.dit.upm.es/~pepe/> Information Technology Department Universidad Politécnica de Madrid 4 october 2018 public key (asymmetric) public key secret
More informationAlgorithmic Number Theory and Public-key Cryptography
Algorithmic Number Theory and Public-key Cryptography Course 3 University of Luxembourg March 22, 2018 The RSA algorithm The RSA algorithm is the most widely-used public-key encryption algorithm Invented
More informationYALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE
YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467a: Cryptography and Computer Security Notes 13 (rev. 2) Professor M. J. Fischer October 22, 2008 53 Chinese Remainder Theorem Lecture Notes 13 We
More informationAsymmetric Cryptography
Asymmetric Cryptography Chapter 4 Asymmetric Cryptography Introduction Encryption: RSA Key Exchange: Diffie-Hellman General idea: Use two different keys -K and +K for encryption and decryption Given a
More informationChapter 4 Asymmetric Cryptography
Chapter 4 Asymmetric Cryptography Introduction Encryption: RSA Key Exchange: Diffie-Hellman [NetSec/SysSec], WS 2008/2009 4.1 Asymmetric Cryptography General idea: Use two different keys -K and +K for
More information2.3 In modular arithmetic, all arithmetic operations are performed modulo some integer.
CHAPTER 2 INTRODUCTION TO NUMBER THEORY ANSWERS TO QUESTIONS 2.1 A nonzero b is a divisor of a if a = mb for some m, where a, b, and m are integers. That is, b is a divisor of a if there is no remainder
More informationCryptography. P. Danziger. Transmit...Bob...
10.4 Cryptography P. Danziger 1 Cipher Schemes A cryptographic scheme is an example of a code. The special requirement is that the encoded message be difficult to retrieve without some special piece of
More informationElementary Number Theory Review. Franz Luef
Elementary Number Theory Review Principle of Induction Principle of Induction Suppose we have a sequence of mathematical statements P(1), P(2),... such that (a) P(1) is true. (b) If P(k) is true, then
More informationCS483 Design and Analysis of Algorithms
CS483 Design and Analysis of Algorithms Lectures 2-3 Algorithms with Numbers Instructor: Fei Li lifei@cs.gmu.edu with subject: CS483 Office hours: STII, Room 443, Friday 4:00pm - 6:00pm or by appointments
More informationCosc 412: Cryptography and complexity Lecture 7 (22/8/2018) Knapsacks and attacks
1 Cosc 412: Cryptography and complexity Lecture 7 (22/8/2018) Knapsacks and attacks Michael Albert michael.albert@cs.otago.ac.nz 2 This week Arithmetic Knapsack cryptosystems Attacks on knapsacks Some
More informationECEN 5022 Cryptography
Elementary Algebra and Number Theory University of Colorado Spring 2008 Divisibility, Primes Definition. N denotes the set {1, 2, 3,...} of natural numbers and Z denotes the set of integers {..., 2, 1,
More informationbasics of security/cryptography
RSA Cryptography basics of security/cryptography Bob encrypts message M into ciphertext C=P(M) using a public key; Bob sends C to Alice Alice decrypts ciphertext back into M using a private key (secret)
More informationPublic Key 9/17/2018. Symmetric Cryptography Review. Symmetric Cryptography: Shortcomings (1) Symmetric Cryptography: Analogy
Symmetric Cryptography Review Alice Bob Public Key x e K (x) y d K (y) x K K Instructor: Dr. Wei (Lisa) Li Department of Computer Science, GSU Two properties of symmetric (secret-key) crypto-systems: The
More informationPublic Key Cryptography. All secret key algorithms & hash algorithms do the same thing but public key algorithms look very different from each other.
Public Key Cryptography All secret key algorithms & hash algorithms do the same thing but public key algorithms look very different from each other. The thing that is common among all of them is that each
More informationEncryption: The RSA Public Key Cipher
Encryption: The RSA Public Key Cipher Michael Brockway March 5, 2018 Overview Transport-layer security employs an asymmetric public cryptosystem to allow two parties (usually a client application and a
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 9 February 14, 2013 CPSC 467b, Lecture 9 1/42 Integer Division (cont.) Relatively prime numbers, Z n, and φ(n) Computing in Z n
More informationLecture notes: Algorithms for integers, polynomials (Thorsten Theobald)
Lecture notes: Algorithms for integers, polynomials (Thorsten Theobald) 1 Euclid s Algorithm Euclid s Algorithm for computing the greatest common divisor belongs to the oldest known computing procedures
More informationHomework 4 for Modular Arithmetic: The RSA Cipher
Homework 4 for Modular Arithmetic: The RSA Cipher Gregory V. Bard April 25, 2018 This is a practice workbook for the RSA cipher. It is not suitable for learning the RSA cipher from scratch. However, there
More informationMATH 158 FINAL EXAM 20 DECEMBER 2016
MATH 158 FINAL EXAM 20 DECEMBER 2016 Name : The exam is double-sided. Make sure to read both sides of each page. The time limit is three hours. No calculators are permitted. You are permitted one page
More informationCPSC 467b: Cryptography and Computer Security
Outline Quadratic residues Useful tests Digital Signatures CPSC 467b: Cryptography and Computer Security Lecture 14 Michael J. Fischer Department of Computer Science Yale University March 1, 2010 Michael
More informationSecurity Issues in Cloud Computing Modern Cryptography II Asymmetric Cryptography
Security Issues in Cloud Computing Modern Cryptography II Asymmetric Cryptography Peter Schwabe October 21 and 28, 2011 So far we assumed that Alice and Bob both have some key, which nobody else has. How
More informationINTEGERS. In this section we aim to show the following: Goal. Every natural number can be written uniquely as a product of primes.
INTEGERS PETER MAYR (MATH 2001, CU BOULDER) In this section we aim to show the following: Goal. Every natural number can be written uniquely as a product of primes. 1. Divisibility Definition. Let a, b
More informationMa/CS 6a Class 3: The RSA Algorithm
Ma/CS 6a Class 3: The RSA Algorithm By Adam Sheffer Reminder: Putnam Competition Signup ends Wednesday 10/08. Signup sheets available in all Sloan classrooms, Math office, or contact Kathy Carreon, kcarreon@caltech.edu.
More informationRSA-256bit 數位電路實驗 TA: 吳柏辰. Author: Trumen
RSA-256bit 數位電路實驗 TA: 吳柏辰 Author: Trumen Outline Introduction to Cryptography RSA Algorithm Montgomery Algorithm for RSA-256 bit 2 Introduction to Cryptography 3 Communication Is Insecure Alice Bob Paparazzi
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 13 March 3, 2013 CPSC 467b, Lecture 13 1/52 Elliptic Curves Basics Elliptic Curve Cryptography CPSC
More information2 More on Congruences
2 More on Congruences 2.1 Fermat s Theorem and Euler s Theorem definition 2.1 Let m be a positive integer. A set S = {x 0,x 1,,x m 1 x i Z} is called a complete residue system if x i x j (mod m) whenever
More informationICS141: Discrete Mathematics for Computer Science I
ICS141: Discrete Mathematics for Computer Science I Dept. Information & Computer Sci., Jan Stelovsky based on slides by Dr. Baek and Dr. Still Originals by Dr. M. P. Frank and Dr. J.L. Gross Provided by
More informationPublic Key Encryption
Public Key Encryption 3/13/2012 Cryptography 1 Facts About Numbers Prime number p: p is an integer p 2 The only divisors of p are 1 and p s 2, 7, 19 are primes -3, 0, 1, 6 are not primes Prime decomposition
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer 1 Lecture 13 October 16, 2017 (notes revised 10/23/17) 1 Derived from lecture notes by Ewa Syta. CPSC 467, Lecture 13 1/57 Elliptic Curves
More informationDefinition: For a positive integer n, if 0<a<n and gcd(a,n)=1, a is relatively prime to n. Ahmet Burak Can Hacettepe University
Number Theory, Public Key Cryptography, RSA Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr The Euler Phi Function For a positive integer n, if 0
More informationPublic-Key Cryptosystems CHAPTER 4
Public-Key Cryptosystems CHAPTER 4 Introduction How to distribute the cryptographic keys? Naïve Solution Naïve Solution Give every user P i a separate random key K ij to communicate with every P j. Disadvantage:
More informationNumber theory (Chapter 4)
EECS 203 Spring 2016 Lecture 12 Page 1 of 8 Number theory (Chapter 4) Review Compute 6 11 mod 13 in an efficient way What is the prime factorization of 100? 138? What is gcd(100, 138)? What is lcm(100,138)?
More informationChapter 9 Mathematics of Cryptography Part III: Primes and Related Congruence Equations
Chapter 9 Mathematics of Cryptography Part III: Primes and Related Congruence Equations Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 9.1 Chapter 9 Objectives
More informationTheme : Cryptography. Instructor : Prof. C Pandu Rangan. Speaker : Arun Moorthy CS
1 C Theme : Cryptography Instructor : Prof. C Pandu Rangan Speaker : Arun Moorthy 93115 CS 2 RSA Cryptosystem Outline of the Talk! Introduction to RSA! Working of the RSA system and associated terminology!
More informationAddition. Ch1 - Algorithms with numbers. Multiplication. al-khwārizmī. al-khwārizmī. Division 53+35=88. Cost? (n number of bits) 13x11=143. Cost?
Ch - Algorithms with numbers Addition Basic arithmetic Addition ultiplication Division odular arithmetic factoring is hard Primality testing 53+35=88 Cost? (n number of bits) O(n) ultiplication al-khwārizmī
More informationCongruence Classes. Number Theory Essentials. Modular Arithmetic Systems
Cryptography Introduction to Number Theory 1 Preview Integers Prime Numbers Modular Arithmetic Totient Function Euler's Theorem Fermat's Little Theorem Euclid's Algorithm 2 Introduction to Number Theory
More informationAll variables a, b, n, etc are integers unless otherwise stated. Each part of a problem is worth 5 points.
Math 152, Problem Set 2 solutions (2018-01-24) All variables a, b, n, etc are integers unless otherwise stated. Each part of a problem is worth 5 points. 1. Let us look at the following equation: x 5 1
More informationPublic Key Cryptography
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Public Key Cryptography EECE 412 1 What is it? Two keys Sender uses recipient s public key to encrypt Receiver uses his private key to decrypt
More informationMATH 145 Algebra, Solutions to Assignment 4
MATH 145 Algebra, Solutions to Assignment 4 1: a) Find the inverse of 178 in Z 365. Solution: We find s and t so that 178s + 365t = 1, and then 178 1 = s. The Euclidean Algorithm gives 365 = 178 + 9 178
More informationW3203 Discrete Mathema1cs. Number Theory. Spring 2015 Instructor: Ilia Vovsha. hcp://www.cs.columbia.edu/~vovsha/w3203
W3203 Discrete Mathema1cs Number Theory Spring 2015 Instructor: Ilia Vovsha hcp://www.cs.columbia.edu/~vovsha/w3203 1 Outline Communica1on, encryp1on Number system Divisibility Prime numbers Greatest Common
More informationElementary Number Theory MARUCO. Summer, 2018
Elementary Number Theory MARUCO Summer, 2018 Problem Set #0 axiom, theorem, proof, Z, N. Axioms Make a list of axioms for the integers. Does your list adequately describe them? Can you make this list as
More informationMath 299 Supplement: Modular Arithmetic Nov 8, 2013
Math 299 Supplement: Modular Arithmetic Nov 8, 2013 Numbers modulo n. We have previously seen examples of clock arithmetic, an algebraic system with only finitely many numbers. In this lecture, we make
More informationReview. CS311H: Discrete Mathematics. Number Theory. Computing GCDs. Insight Behind Euclid s Algorithm. Using this Theorem. Euclidian Algorithm
Review CS311H: Discrete Mathematics Number Theory Instructor: Işıl Dillig What does it mean for two ints a, b to be congruent mod m? What is the Division theorem? If a b and a c, does it mean b c? What
More informationCSc 466/566. Computer Security. 5 : Cryptography Basics
1/84 CSc 466/566 Computer Security 5 : Cryptography Basics Version: 2012/03/03 10:44:26 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian Collberg Christian
More informationCryptography: Joining the RSA Cryptosystem
Cryptography: Joining the RSA Cryptosystem Greg Plaxton Theory in Programming Practice, Fall 2005 Department of Computer Science University of Texas at Austin Joining the RSA Cryptosystem: Overview First,
More informationEindhoven University of Technology MASTER. Kleptography cryptography with backdoors. Antheunisse, M. Award date: 2015
Eindhoven University of Technology MASTER Kleptography cryptography with backdoors Antheunisse, M. Award date: 2015 Disclaimer This document contains a student thesis (bachelor's or master's), as authored
More informationdownload instant at
2 CRYPTOGRAPHY AND NUMBER THEORY 2.1 CRYPTOGRAPHY AND MODULAR ARITHMETIC Pages 54 to 56 Problem 1 Problem 2 Problem 3 Problem 4 14 mod 9 = 5; 1 mod 9 = 8; 11 mod 9 = 7. KHUH LV D PHVVDJH. EBOB FP X JBPPXDB.
More informationAN ALGEBRAIC PROOF OF RSA ENCRYPTION AND DECRYPTION
AN ALGEBRAIC PROOF OF RSA ENCRYPTION AND DECRYPTION Recall that RSA works as follows. A wants B to communicate with A, but without E understanding the transmitted message. To do so: A broadcasts RSA method,
More informationThe RSA Cipher and its Algorithmic Foundations
Chapter 1 The RSA Cipher and its Algorithmic Foundations The most important that is, most applied and most analyzed asymmetric cipher is RSA, named after its inventors Ron Rivest, Adi Shamir, and Len Adleman.
More informationFor your quiz in recitation this week, refer to these exercise generators:
Monday, Oct 29 Today we will talk about inverses in modular arithmetic, and the use of inverses to solve linear congruences. For your quiz in recitation this week, refer to these exercise generators: GCD
More informationCryptosystem. Traditional Cryptosystems: The two parties agree on a secret (one to one) function f. To send a message M, thesendersendsthemessage
Cryptosystem Traditional Cryptosystems: The two parties agree on a secret (one to one) function f. To send a message M, thesendersendsthemessage f(m). The receiver computes f 1 (f(m)). Advantage: Cannot
More informationDiscrete mathematics I - Number theory
Discrete mathematics I - Number theory Emil Vatai (based on hungarian slides by László Mérai) 1 January 31, 2018 1 Financed from the financial support ELTE won from the Higher Education
More informationMATH 501 Discrete Mathematics. Lecture 6: Number theory. German University Cairo, Department of Media Engineering and Technology.
MATH 501 Discrete Mathematics Lecture 6: Number theory Prof. Dr. Slim Abdennadher, slim.abdennadher@guc.edu.eg German University Cairo, Department of Media Engineering and Technology 1 Number theory Number
More information