dit-upm RSA Cybersecurity Cryptography

Similar documents
Definition: For a positive integer n, if 0<a<n and gcd(a,n)=1, a is relatively prime to n. Ahmet Burak Can Hacettepe University

Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013

NUMBER THEORY AND CODES. Álvaro Pelayo WUSTL

Ma/CS 6a Class 3: The RSA Algorithm

10 Modular Arithmetic and Cryptography

Chapter 8 Public-key Cryptography and Digital Signatures

Congruence of Integers

Cryptography. Course 1: Remainder: RSA. Jean-Sébastien Coron. September 21, Université du Luxembourg

Lecture V : Public Key Cryptography

Cryptosystem. Traditional Cryptosystems: The two parties agree on a secret (one to one) function f. To send a message M, thesendersendsthemessage

RSA RSA public key cryptosystem

Mathematical Foundations of Public-Key Cryptography

during transmission safeguard information Cryptography: used to CRYPTOGRAPHY BACKGROUND OF THE MATHEMATICAL

Public Key Cryptography

RSA Algorithm. Factoring, EulerPhi, Breaking RSA. Çetin Kaya Koç Spring / 14

The RSA cryptosystem and primality tests

CS March 17, 2009

Discrete Mathematics GCD, LCM, RSA Algorithm

Public Key Cryptography

Cryptography. P. Danziger. Transmit...Bob...

Addition. Ch1 - Algorithms with numbers. Multiplication. al-khwārizmī. al-khwārizmī. Division 53+35=88. Cost? (n number of bits) 13x11=143. Cost?

Number Theory & Modern Cryptography

MATH 158 FINAL EXAM 20 DECEMBER 2016

Encryption: The RSA Public Key Cipher

Theme : Cryptography. Instructor : Prof. C Pandu Rangan. Speaker : Arun Moorthy CS

CRYPTOGRAPHY AND NUMBER THEORY

Algorithmic Number Theory and Public-key Cryptography

RSA ENCRYPTION USING THREE MERSENNE PRIMES

Asymmetric Encryption

Security Issues in Cloud Computing Modern Cryptography II Asymmetric Cryptography

Lecture 1: Introduction to Public key cryptography

Cryptography and RSA. Group (1854, Cayley) Upcoming Interview? Outline. Commutative or Abelian Groups

Ti Secured communications

Public Key Algorithms

ICS141: Discrete Mathematics for Computer Science I

Public Key 9/17/2018. Symmetric Cryptography Review. Symmetric Cryptography: Shortcomings (1) Symmetric Cryptography: Analogy

Lemma 1.2. (1) If p is prime, then ϕ(p) = p 1. (2) If p q are two primes, then ϕ(pq) = (p 1)(q 1).

Public Key Cryptography. All secret key algorithms & hash algorithms do the same thing but public key algorithms look very different from each other.

CIS 551 / TCOM 401 Computer and Network Security

RSA. Ramki Thurimella

Number Theory in Cryptography

Partial Key Exposure: Generalized Framework to Attack RSA

Lecture 5: Arithmetic Modulo m, Primes and Greatest Common Divisors Lecturer: Lale Özkahya

The security of RSA (part 1) The security of RSA (part 1)

Attacks on RSA & Using Asymmetric Crypto

Public-key Cryptography and elliptic curves

Univ.-Prof. Dr. rer. nat. Rudolf Mathar. Written Examination. Cryptography. Tuesday, August 29, 2017, 01:30 p.m.

5199/IOC5063 Theory of Cryptology, 2014 Fall

Final Exam Math 105: Topics in Mathematics Cryptology, the Science of Secret Writing Rhodes College Tuesday, 30 April :30 11:00 a.m.

Cryptography. pieces from work by Gordon Royle

10 Public Key Cryptography : RSA

Overview. Background / Context. CSC 580 Cryptography and Computer Security. March 21, 2017

Math 412: Number Theory Lecture 13 Applications of

Elliptic Curve Cryptography

Lecture 22: RSA Encryption. RSA Encryption

The RSA Cipher and its Algorithmic Foundations

Mathematics of Cryptography

SIGNATURE SCHEMES & CRYPTOGRAPHIC HASH FUNCTIONS. CIS 400/628 Spring 2005 Introduction to Cryptography

Innovation and Cryptoventures. Cryptography 101. Campbell R. Harvey. Duke University, NBER and Investment Strategy Advisor, Man Group, plc

Number theory (Chapter 4)

Introduction to Modern Cryptography. Benny Chor

Introduction to Public-Key Cryptosystems:

Network Security Technology Spring, 2018 Tutorial 3, Week 4 (March 23) Due Date: March 30

CIS 6930/4930 Computer and Network Security. Topic 5.2 Public Key Cryptography

LECTURE 5: APPLICATIONS TO CRYPTOGRAPHY AND COMPUTATIONS

MATH3302 Cryptography Problem Set 2

Simple Math: Cryptography

basics of security/cryptography

Great Theoretical Ideas in Computer Science

8.1 Principles of Public-Key Cryptosystems

Exam Security January 19, :30 11:30

ECE596C: Handout #11

Cryptography and Secure Communication Protocols

CPSC 467: Cryptography and Computer Security

ECE 646 Lecture 9. RSA: Genesis, operation & security

Mathematics of Public Key Cryptography

Public-Key Cryptosystems CHAPTER 4

Cryptography and Security Final Exam

CPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems

Carmen s Core Concepts (Math 135)

Post-Quantum Cryptography

Discrete mathematics I - Number theory

Public Key Algorithms

1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2

Theory of Computation Chapter 12: Cryptography

Circuit Complexity. Circuit complexity is based on boolean circuits instead of Turing machines.

THE RSA ENCRYPTION SCHEME

Public Key Cryptography

Chapter 7: Signature Schemes. COMP Lih-Yuan Deng

CS483 Design and Analysis of Algorithms

Powers in Modular Arithmetic, and RSA Public Key Cryptography

Asymmetric Cryptography

Chapter 4 Asymmetric Cryptography

2 3 DIGITAL SIGNATURE STANDARD (DSS) [PROPOSED BY NIST, 1991] Pick an x 2 Z p,1 as the private key Compute y = g x (mod p) asthe public key To sign a

Review. CS311H: Discrete Mathematics. Number Theory. Computing GCDs. Insight Behind Euclid s Algorithm. Using this Theorem. Euclidian Algorithm

University of Tokyo: Advanced Algorithms Summer Lecture 6 27 May. Let s keep in mind definitions from the previous lecture:

RSA-256bit 數位電路實驗 TA: 吳柏辰. Author: Trumen

Cryptography: A Fairy Tale for Mathematicians and Starring Mathematicians!

OWO Lecture: Modular Arithmetic with Algorithmic Applications

NET 311D INFORMATION SECURITY

Transcription:

-upm Cybersecurity Cryptography José A. Mañas < http://www.dit.upm.es/~pepe/> Information Technology Department Universidad Politécnica de Madrid 4 october 2018

public key (asymmetric) public key secret key data encrypt decrypt data home 2

wrapped encryption public key session key secret key encrypt decrypt data encrypt decrypt data home 3

signed hash public key private key data data hash hash validation sign signature valid? 4

e=13 n= 55 d= 37 n= 55 toy data m e mod n x d mod n data 3 5 15 38 15 20 3 5 15 5

cryptoanalysis e = 13 n = 55 brute force try every option! is there a better path? red = 3 black = pow(red, e, n) for d in range(0, n): x = pow(black, d, n) if x == red: print(d) 6

encrypt: (1978) Ron Rivest, Adi Shamir & Leonard Adleman (MIT) Set up choose prime numbers p, q public key: <n, e> n= p q φ n = (p 1)(q 1) e gcd(e, φ n ) = 1 private key: <n, d> e d 1 mod φ n Encryption c = m e mod n Decryption m = c d mod n e may be simple: 0x11 0x10001 attack: guess p y q out of n integer number factorization 7

preparation encrypt: : example m= 688 p= 47 n= p*q= 47*71= 3337 q= 71 Z= (p-1)*(q-1)= 3220 e= 79; prime w.r.t. Z e*d= 1 mod Z d= 1019 public <e= 79, n= 3337> encrypt c= m e mod n = 688 79 mod 3337 private <d=1019, n= 3337> decrypt m= c d mod n= 1570 1019 mod 3337 black <c= 1570> m= 688 8

Machine 9

maths Fermat (1636): A B 1 1 mod B if A > 0, B is prime, A prime to B (1978): M (p 1)(q 1) 1 (mod pq) fermat (A = M p 1, B = q) M (p 1)(q 1) 1 (mod q) M (p 1)(q 1) 1 = kq, that is, q X fermat (A = M q 1, B = p) M (p 1)(q 1) 1 (mod p) M (p 1)(q 1) 1 = kp, that is, p X q X and p X and p prime and q prime pq X M (p 1)(q 1) 1 = kpq M (p 1)(q 1) 1 (mod pq) 10

maths encrypt then decrypt M ed = M k p 1 q 1 +1 = M M (p 1)(q 1) k = M 1 k = M 11

example # return (g, x, y) a*x + b*y = gcd(x, y) def egcd(a, b): if a == 0: return (b, 0, 1) else: g, x, y = egcd(b % a, a) return (g, y - (b // a) * x, x) # x = mulinv(b) mod n, (x * b) % n == 1 def mulinv(b, n): g, x, _ = egcd(b, n) if g == 1: return x % n p = 5 q = 11 n = p * q z = (p-1)*(q-1) e = 13 d = mulinv(e, z) m = pow(m, e, n) pow(pow(m, e, n), d, n) extended euclidean algorithm 12

more general private key: <n, d> e d 1 mod lcm p 1, q 1 ; 0 < d < n def lcm(a, b): return a * b / math.gcd(a, b) m = lcm(p-1, q-1) d = mulinv(e, m) d + m d + 2*m d + 3 * m 32 bits p = bd19 q = f2a7 e = 10001 d = 1b63fb39 d = 394332d1 d = 57226a69 d = 7501a201 d = 92e0d999 d = b0c01131 13

Ron Rivest, Adi Shamir & Leonard Adleman (MIT) set up let prime numbers p, q public key: <n, e> n= p q e prime w.r.t. φ n = (p 1)(q 1) private key: <n, d> e d 1 mod φ n sign: (1978) sign send verify s = H(m) d mod n <m, s> compare equality H(m) s e mod n 14

sign: : example preparation p= 5 n= p*q= 5*11= 55 q= 11 Z= (p-1)*(q-1)= 4*10= 40 e= 13; prime w.r.t. Z e*d= 1 mod Z d= 37 private <d=37, n= 55> signed s= m d mod n= 3 37 mod 55= 53 public <e= 13, n= 55> verification s e mod n = 53 13 mod 55 = 3 h(m) = 3 signed message <m, s= 53> h(m)= 3 15

how many primes are there? Estimates 3.7 10 151 with 512 bits 1.5 10 298 with 1.000 bits dictionary attacks are unfeasible The first fifty million primes 16

http://www.emc.com/emc-plus/rsa-labs/historical/the-rsa-factoring-challenge-faq.htm17

https://aiimpacts.org/progress-in-general-purpose-factoring/ 18

number of bits http://www.keylength.com/ 19

references A Method for Obtaining Digital Signatures and Public-Key Cryptosystems Tools R.L. Rivest, A. Shamir, and L. Adleman Prime factorization tool Prime factors calculator Number Factorization 20

exercises 1. check validity of pub = (133, 40501), sec = (38797, 40501) 2. check validity of pub = (133, 40501), sec = (397, 40501) 3. check validity of pub = (133, 40501), sec = (16413, 40501) 4. design a key pair where p = 53, q = 113 choose minimal e 5. design a key pair where p = 193, q = 163 choose minimal e try e= 3, 5, 7, 9, 11, 13,, 17,, 25,... 6. idem p= 193, q= 181 21

exam Home automation. We need reduced keys. Specifically, we have a thermostat with this public reception key: {e = 7, n = 33}. The owner of the house sends it an order to set the temperature of the house to "31", where 31 is the desired temperature, encrypted with the previous key. It is requested: 1. Is the key correct? What is its strength in bits? 2. What temperature range can we mark? 3. Break the key; that is, find out the private part to decipher. 4. Find out at what temperature you want to set the thermostat. Decipher and verify. 22

exercise Alice uses the Crypto System to receive messages from Bob Alice publishes n = 299 and e = 35 Check that e = 35 is a valid exponent for the algorithm Compute d, the private exponent of Alice Bob wants to send to Alice the (encrypted) plaintext P=15 What does he send to Alice? Verify she can decrypt this message 23

exercise Alice publishes the following data n = pq = 221 and e = 13 Bob receives the message M = 65 and the corresponding digital signature S = 182. Verify the signature 24

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback