An Introduction to Cryptography Spotlight on Science J. Robert Buchanan Department of Mathematics Spring 2008
What is Cryptography? cryptography: study of methods for sending messages in a form that only be understood by the recipient. cryptanalysis: study of methods for defeating cryptography. cryptology: study of both cryptography and cryptanalysis.
Cryptology Throughout History Subject as old as recorded history.
Cryptology Throughout History Subject as old as recorded history. Julius Caesar used substitution ciphers for military and personal communication.
History (cont.) Enigma patented by Arthur Scherbius in 1918 (became the foundation of German and Japanese codes during WWII). Photo credit: JRB
History (cont.) Since WWII foundation of cryptology has been mathematics, particularly number theory. Photo credit: JRB
Terminology Plaintext: the un-encrypted, clearly readable form of a message. Ciphertext: the encrypted form of the plaintext, readable only with the key to the cipher. To tell them apart we will write plaintext in lowercase and ciphertext in UPPERCASE.
Modular Arithmetic Definition Two integers n and m are congruent modulo k (or equivalent modulo k) written symbolically as when k divides n m evenly. n m (mod k) Example 13 39 (mod 26) since 13 39 26 = 1.
Modular Arithmetic Definition Two integers n and m are congruent modulo k (or equivalent modulo k) written symbolically as when k divides n m evenly. n m (mod k) Example 13 39 (mod 26) since 13 39 26 = 1. What other integers are equivalent to 13 modulo 26?
Monoalphabetic Substitution Ciphers Definition A monoalphabetic substitution cipher substitutes each letter in the plaintext with an alternate letter to form the ciphertext.
Monoalphabetic Substitution Ciphers Definition A monoalphabetic substitution cipher substitutes each letter in the plaintext with an alternate letter to form the ciphertext. Question: how do we make the substitution?
Monoalphabetic Substitution Ciphers Definition A monoalphabetic substitution cipher substitutes each letter in the plaintext with an alternate letter to form the ciphertext. Question: how do we make the substitution? An answer: using modular arithmetic.
Positional Representation of the Alphabet Associate each letter with an integer giving its position in the standard alphabet. a b c d e f g h i j k l m 1 2 3 4 5 6 7 8 9 10 11 12 13 n o p q r s t u v w x y z 14 15 16 17 18 19 20 21 22 23 24 25 0 Take the letter at position i and replace it with the letter at position (i + 5) (mod 26). This is called an additive cipher with key 5.
Example a b c d e f g h i j k l m 1 2 3 4 5 6 7 8 9 10 11 12 13 6 7 8 9 10 11 12 13 14 15 16 17 18 F G H I J K L M N O P Q R n o p q r s t u v w x y z 14 15 16 17 18 19 20 21 22 23 24 25 0 19 20 21 22 23 24 25 0 1 2 3 4 5 S T U V W X Y Z A B C D E
Example a b c d e f g h i j k l m 1 2 3 4 5 6 7 8 9 10 11 12 13 6 7 8 9 10 11 12 13 14 15 16 17 18 F G H I J K L M N O P Q R n o p q r s t u v w x y z 14 15 16 17 18 19 20 21 22 23 24 25 0 19 20 21 22 23 24 25 0 1 2 3 4 5 S T U V W X Y Z A B C D E Now encrypt One if by land, two if by sea.
Plaintext to Ciphertext Plaintext: One if by land, two if by sea. o n e i f b y l a n d t w T S J N K G D Q F S I Y B o i f b y s e a T N K G D X J F Ciphertext: TSJ NK GD QFSI, YBT NK GD XJF.
Questions 1 Can you see any deficiencies in this way of encrypting the plaintext? 2 How could it be improved?
Answers Frequently occurring single letter words ( a and I ), common two-letter combinations ( an, in, if, etc.) called digraphs, and common three-letter combinations ( and, the, ion, etc.) called trigraphs can give clues to the cipher key. To help hide these clues, encrypted messages are often written in letter blocks of length five. Thus our encrypted message would be formatted as: TSJNK GDQFS IYBTN KGDXJ F
Decrypting the Ciphertext Suppose you receive a ciphertext, how do you read it?
Decrypting the Ciphertext Suppose you receive a ciphertext, how do you read it? If you have the key, you must apply its additive inverse cipher to the ciphertext to reveal the plaintext.
Decrypting the Ciphertext Suppose you receive a ciphertext, how do you read it? If you have the key, you must apply its additive inverse cipher to the ciphertext to reveal the plaintext. What is the additive inverse of 5 (mod 26)?
Decrypting the Ciphertext Suppose you receive a ciphertext, how do you read it? If you have the key, you must apply its additive inverse cipher to the ciphertext to reveal the plaintext. What is the additive inverse of 5 (mod 26)? (q + 5) (mod 26) 0 q + 5 26 = 1 q = 21
Decryption A B C D E F G H I J K L M 1 2 3 4 5 6 7 8 9 10 11 12 13 22 23 24 25 0 1 2 3 4 5 6 7 8 v w x y z a b c d e f g h N O P Q R S T U V W X Y Z 14 15 16 17 18 19 20 21 22 23 24 25 0 9 10 11 12 13 14 15 16 17 18 19 20 21 i j k l m n o p q r s t u
Example A B C D E F G H I J K L M v w x y z a b c d e f g h N O P Q R S T U V W X Y Z i j k l m n o p q r s t u Ciphertext H M J J X J G Z W L J W Plaintext
Example A B C D E F G H I J K L M v w x y z a b c d e f g h N O P Q R S T U V W X Y Z i j k l m n o p q r s t u Ciphertext H M J J X J G Z W L J W Plaintext c h e e s e b u r g e r
What if You Don t Have the Key? Questions: 1 If the letter a occurs 10 times in the plaintext and F is substituted for a in the ciphertext, how often will F occur in the ciphertext?
What if You Don t Have the Key? Questions: 1 If the letter a occurs 10 times in the plaintext and F is substituted for a in the ciphertext, how often will F occur in the ciphertext?
What if You Don t Have the Key? Questions: 1 If the letter a occurs 10 times in the plaintext and F is substituted for a in the ciphertext, how often will F occur in the ciphertext? 2 How often do various letters and letter combinations occur in English writing?
Single Letter Frequencies Letter Position Frequency Letter Position Frequency a 1 0.08167 n 14 0.06749 b 2 0.01492 o 15 0.07507 c 3 0.02782 p 16 0.01929 d 4 0.04253 q 17 0.00095 e 5 0.12702 r 18 0.05987 f 6 0.02228 s 19 0.06327 g 7 0.02015 t 20 0.09056 h 8 0.06094 u 21 0.02758 i 9 0.06966 v 22 0.00978 j 10 0.00153 w 23 0.0236 k 11 0.00772 x 24 0.0015 l 12 0.04025 y 25 0.01974 m 13 0.02406 z 26 0.00074
Highest to Lowest Frequencies Letter Position Frequency Letter Position Frequency e 5 0.12702 m 13 0.02406 t 20 0.09056 w 23 0.0236 a 1 0.08167 f 6 0.02228 o 15 0.07507 g 7 0.02015 i 9 0.06966 y 25 0.01974 n 14 0.06749 p 16 0.01929 s 19 0.06327 b 2 0.01492 h 8 0.06094 v 22 0.00978 r 18 0.05987 k 11 0.00772 d 4 0.04253 j 10 0.00153 l 12 0.04025 x 24 0.0015 c 3 0.02782 q 17 0.00095 u 21 0.02758 z 26 0.00074
Challenge Decrypt the following ciphertext: VUNIR RAWBL RQZRR GVATJ VGULB HGBQN LNAQG NYXVA TNOBH GPELC GBTEN CULVU BCRLB HYRNE ARQFB ZRGUV ATNOB HGGUR CBJRE NAQHG VYVGL BSZNG URZNG VPFNA QUBJV GCYNL FNAVZ CBEGN AGEBY RVABH EYVIR FJURA LBHQR PELCG GUVFZ RFFNT RCYRN FRFRA QNARZ NVYGB EBORE GQBGO HPUNA NANGZ VYYRE FIVYY RQBGR QH
Public Key Cryptography In the previous cryptographic systems, the key used to encipher the message must be kept hidden from the public and should be known only by the sender and recipient of the message. There are other cryptographic systems in which each party has a private key (which they keep secret) and a public key which they publish so that others may send them encrypted messages which only they can decrypt. The public key functions as the recipient s cryptographic telephone number.
Overview of Public Key Cryptography Suppose Alice wants to send Bob a message which only Bob will be able to read. 1 Alice looks up Bob s public key and enciphers the plaintext using his public key.
Overview of Public Key Cryptography Suppose Alice wants to send Bob a message which only Bob will be able to read. 1 Alice looks up Bob s public key and enciphers the plaintext using his public key. 2 Alice sends Bob the ciphertext (or even publishes it in the newspaper!).
Overview of Public Key Cryptography Suppose Alice wants to send Bob a message which only Bob will be able to read. 1 Alice looks up Bob s public key and enciphers the plaintext using his public key. 2 Alice sends Bob the ciphertext (or even publishes it in the newspaper!). 3 Bob decrypts the ciphertext using his private key.
RSA Public Key Cryptography One of the most popular public key cryptographic systems is known as RSA. It was developed by Adi Shamir Ronald Rivest Leonard Adelman.
A Little Number Theory Definition A prime number is a whole number p greater than 1 whose only divisors are p and 1. An integer which is not prime is called a composite number.
A Little Number Theory Definition A prime number is a whole number p greater than 1 whose only divisors are p and 1. An integer which is not prime is called a composite number. Definition If a and b are positive integers, the greatest common divisor of a and b is number denoted gcd(a, b) and is the positive integer d satisfying both of the following properties: d divides a and d divides b, if c is and integer and c divides a and c divides b, then c divides d.
A Little Number Theory Definition A prime number is a whole number p greater than 1 whose only divisors are p and 1. An integer which is not prime is called a composite number. Definition If a and b are positive integers, the greatest common divisor of a and b is number denoted gcd(a, b) and is the positive integer d satisfying both of the following properties: d divides a and d divides b, if c is and integer and c divides a and c divides b, then c divides d. Definition If gcd(a, b) = 1 we say that a and b are relatively prime.
Examples Example 4 = gcd(16, 60) 13 = gcd(13, 65)? = gcd(72, 81)
Euclidean Algorithm To find the gcd(a, b): 1 If b divides a evenly, gcd(a, b) = b. 2 If not, replace a by b and replace b by the remainder of a b and go back to step 1. A Java applet implementing the Euclidean Algorithm is also available.
Example Example Find gcd(105, 56) using the Euclidean Algorithm.
Example Example Find gcd(105, 56) using the Euclidean Algorithm. a b 105 56 56 49 49 7 gcd(105, 56) = 7
Linear Combinations Definition If a and b are integers, then an expression of the from ax + by where x and y are also integers is called a linear combination of a and b.
Linear Combinations Definition If a and b are integers, then an expression of the from ax + by where x and y are also integers is called a linear combination of a and b. Theorem If a and b are integers, then gcd(a, b) is the smallest positive integer which can be written as a linear combination of a and b.
Linear Combinations Definition If a and b are integers, then an expression of the from ax + by where x and y are also integers is called a linear combination of a and b. Theorem If a and b are integers, then gcd(a, b) is the smallest positive integer which can be written as a linear combination of a and b. Corollary If a and b are relatively prime then b has a multiplicative inverse modulo a.
Extended Euclidean Algorithm To find x and y such that use the tabular method. gcd(a, b) = ax + by Start the table like this: x y d 1 0 a 0 1 b???
Extended Euclidean Algorithm To find x and y such that gcd(a, b) = ax + by use the tabular method. Start the table like this: x y d 1 0 a 0 1 b??? To fill in the next row: 1 Find q and r such that a b = q + r b. 2 Multiply next to last row by q and subtract from third to last row. 3 Keep appending rows to the table until r = 0.
Example x y d 1 0 105 0 1 56 1 1 49 1 2 7 ( 1)(105) + (2)(56) = 7 A Java applet implementing the Extended Euclidean Algorithm is also available.
Finding a Multiplicative Inverse Verify that 23 and 29 are relatively prime and find the multiplicative inverse of 29 modulo 23. x y d 1 0 29 0 1 23 1 1 6 3 4 5 4 5 1 1 (4)(29) + ( 5)(23) (mod 23) 1 (4)(29) (mod 23) So 4 is the multiplicative inverse of 29 modulo 23.
More Number Theory Definition If N is the set of all positive integers then for each positive integer n define φ(n) to be the number of positive integers less than or equal to n which are relatively prime to n. Such a function φ is called the Euler phi function.
More Number Theory Definition If N is the set of all positive integers then for each positive integer n define φ(n) to be the number of positive integers less than or equal to n which are relatively prime to n. Such a function φ is called the Euler phi function. Example Do you notice a pattern? 80 60 40 20 n
Euler Phi Function n φ(n) n φ(n) 1 1 6 2 2 1 7 6 3 2 8 4 4 2 9 6 5 4 10 4
Euler Phi Function n φ(n) n φ(n) 1 1 6 2 2 1 7 6 3 2 8 4 4 2 9 6 5 4 10 4 Lemma If p is prime, then φ(p) = p 1.
Euler Phi Function n φ(n) n φ(n) 1 1 6 2 2 1 7 6 3 2 8 4 4 2 9 6 5 4 10 4 Lemma If p is prime, then φ(p) = p 1. Lemma If p and q are distinct primes, then φ(pq) = φ(p)φ(q) = (p 1)(q 1).
Getting Public and Private Keys A public agency (call it the Key Utility ) 1 selects two large primes p and q, 1 let p = 1009 and q = 2003.
Getting Public and Private Keys A public agency (call it the Key Utility ) 1 selects two large primes p and q, 2 forms the product n = pq, 1 let p = 1009 and q = 2003. 2 n = 2021027
Getting Public and Private Keys A public agency (call it the Key Utility ) 1 selects two large primes p and q, 2 forms the product n = pq, 3 computes φ(n), 1 let p = 1009 and q = 2003. 2 n = 2021027 3 φ(2021027) = (1009 1)(2003 1) = 2018016
Getting Public and Private Keys A public agency (call it the Key Utility ) 1 selects two large primes p and q, 2 forms the product n = pq, 3 computes φ(n), 4 selects integer e such that gcd(e, φ(n)) = 1, 1 let p = 1009 and q = 2003. 2 n = 2021027 3 φ(2021027) = (1009 1)(2003 1) = 2018016 4 e = 1003 (for example)
Getting Public and Private Keys A public agency (call it the Key Utility ) 1 selects two large primes p and q, 2 forms the product n = pq, 3 computes φ(n), 4 selects integer e such that gcd(e, φ(n)) = 1, 5 finds the multiplicative inverse d of e (mod φ(n)), 1 let p = 1009 and q = 2003. 2 n = 2021027 3 φ(2021027) = (1009 1)(2003 1) = 2018016 4 e = 1003 (for example) 5 d = 1311811 (for this e)
Getting Public and Private Keys A public agency (call it the Key Utility ) 1 selects two large primes p and q, 2 forms the product n = pq, 3 computes φ(n), 4 selects integer e such that gcd(e, φ(n)) = 1, 5 finds the multiplicative inverse d of e (mod φ(n)), 6 private key is d, public key is (e, n). 1 let p = 1009 and q = 2003. 2 n = 2021027 3 φ(2021027) = (1009 1)(2003 1) = 2018016 4 e = 1003 (for example) 5 d = 1311811 (for this e) 6 private key is 1311811, public key is (1003, 2021027).
Getting Public and Private Keys A public agency (call it the Key Utility ) 1 selects two large primes p and q, 2 forms the product n = pq, 3 computes φ(n), 4 selects integer e such that gcd(e, φ(n)) = 1, 5 finds the multiplicative inverse d of e (mod φ(n)), 6 private key is d, public key is (e, n). 1 let p = 1009 and q = 2003. 2 n = 2021027 Remark: only the Key Utility knows p and q. 3 φ(2021027) = (1009 1)(2003 1) = 2018016 4 e = 1003 (for example) 5 d = 1311811 (for this e) 6 private key is 1311811, public key is (1003, 2021027).
Exchanging Messages Suppose Alice and Bob have the following keys. Key Holder Public Key Private Key Alice (e a, n a ) = (1003, 2021027) d a = 1311811 Bob (e b, n b ) = (10007, 2021027) d b = 1197863
Exchanging Messages Suppose Alice and Bob have the following keys. Key Holder Public Key Private Key Alice (e a, n a ) = (1003, 2021027) d a = 1311811 Bob (e b, n b ) = (10007, 2021027) d b = 1197863 Private key d a is known only to Alice (and the Key Utility), while private key d b is known only to Bob (and the Key Utility).
Exchanging Messages Suppose Alice and Bob have the following keys. Key Holder Public Key Private Key Alice (e a, n a ) = (1003, 2021027) d a = 1311811 Bob (e b, n b ) = (10007, 2021027) d b = 1197863 Private key d a is known only to Alice (and the Key Utility), while private key d b is known only to Bob (and the Key Utility). If Alice wants to send the message hi to Bob, she looks up Bob s public key (e b, n b ) and must do two things.
Encrypting Using RSA 1 Alice converts hi to a number, m. Letter h i ASCII Code 104 105 m = 104105
Encrypting Using RSA 1 Alice converts hi to a number, m. Letter h i ASCII Code 104 105 m = 104105 2 Alice creates the ciphertext c using the formula c m e b (mod n b ) c = 104105 10007 (mod 2021027) c = 1086444 and sends it to Bob. Alice can try this Java applet if she needs help with modular exponentiation.
Encrypting Using RSA 1 Alice converts hi to a number, m. Letter h i ASCII Code 104 105 m = 104105 2 Alice creates the ciphertext c using the formula c m e b (mod n b ) c = 104105 10007 (mod 2021027) c = 1086444 and sends it to Bob. Alice can try this Java applet if she needs help with modular exponentiation. Remark: if m > n b Alice breaks the m into chunks smaller than n b.
Bob Decrypts the Ciphertext When Bob receives the ciphertext c he uses his private key d b and computes m c d b (mod n b ) m = 1086444 1197863 (mod 2021027) m = 104105.
Bob Decrypts the Ciphertext When Bob receives the ciphertext c he uses his private key d b and computes m c d b (mod n b ) m = 1086444 1197863 (mod 2021027) m = 104105. ASCII Code 104 105 Letter h i
Is RSA Secure? The security of RSA depends on the difficulty in factoring large numbers like n.
Is RSA Secure? The security of RSA depends on the difficulty in factoring large numbers like n. If n = pq where p and q are prime numbers with more than 500 digits each then n has more than 1000 digits.
Is RSA Secure? The security of RSA depends on the difficulty in factoring large numbers like n. If n = pq where p and q are prime numbers with more than 500 digits each then n has more than 1000 digits. It takes approximately 4.7 10 22 years to factor a 500-digit composite number using today s computers.
Is RSA Secure? The security of RSA depends on the difficulty in factoring large numbers like n. If n = pq where p and q are prime numbers with more than 500 digits each then n has more than 1000 digits. It takes approximately 4.7 10 22 years to factor a 500-digit composite number using today s computers. As computers get faster, we can keep increasing n.
Will We Run Out of Primes? Theorem There are infinitely many prime numbers.
Will We Run Out of Primes? Theorem There are infinitely many prime numbers. Proof. Suppose there are only finitely many primes p 1 < p 2 < < p k.
Will We Run Out of Primes? Theorem There are infinitely many prime numbers. Proof. Suppose there are only finitely many primes p 1 < p 2 < < p k. Form the number q = (p 1 )(p 2 ) (p k ) + 1 > p k. This number is either prime or composite.
Will We Run Out of Primes? Theorem There are infinitely many prime numbers. Proof. Suppose there are only finitely many primes p 1 < p 2 < < p k. Form the number q = (p 1 )(p 2 ) (p k ) + 1 > p k. This number is either prime or composite. 1 q (mod p i )
Will We Run Out of Primes? Theorem There are infinitely many prime numbers. Proof. Suppose there are only finitely many primes p 1 < p 2 < < p k. Form the number q = (p 1 )(p 2 ) (p k ) + 1 > p k. This number is either prime or composite. 1 q (mod p i ) No (known) prime evenly divides q.
Will We Run Out of Primes? Theorem There are infinitely many prime numbers. Proof. Suppose there are only finitely many primes p 1 < p 2 < < p k. Form the number q = (p 1 )(p 2 ) (p k ) + 1 > p k. This number is either prime or composite. 1 q (mod p i ) No (known) prime evenly divides q. Either q itself is prime or there is a prime larger than p k which divides q.
Where Can You Learn More? The modern language of cryptology is mathematics. Major in mathematics in college. Take a course in number theory. The National Security Agency employs and educates cryptologists. The National Cryptologic Museum has exhibits on ancient and modern cryptography.