Académique Documents
Professionnel Documents
Culture Documents
http://buchananweb.co.uk/security02.aspx
Public-Key Cryptography
Known as asymetric-key cryptography
Encryption and decryption is carried out using two
different keys
The two keys in such a key pair are referred to as the public
key and the private key
The use of two keys will solve the key distribution problem
With public key cryptography, all parties interested in
secure communications can publish their public keys and
keep the private keys on their system
Uses number theoretics concepts
RSA
Developed by Ron Rivest, Adi Shamir, and Leonard
Adleman in 1977
Uses a large pair of prime numbers so that factoring the
product is beyond all computing capabilities
Testing for primes is easy
Factoring the product is very difficult
Unbreakable (for now)
Background Theory
Modulus Arithmetic
Relatively Prime Numbers
Euler's Totient Theorem
Modulus Arithmetic
Modulus as a "remainder" operator, usually denoted by
"%", which gives the remainder of an integer division
instead of the quotient
Example: 27 % 12 = 3
Can also be expressed as 27 = 3 (mod 12)
Replace with congruent values
16 = 4 (mod 12), therefore
11 + 16 = 11 + 4 = 3 (mod 12).
Another Example
9835 = 7 (mod 12) and 1176 = 0 (mod 12), therefore
9835 + 1176 = 7 + 0 = 7 (mod 12)
This also works for multiplication
9835 * 1176 = 7 * 0 = 0 (mod 12)
9835 * 1176 is 11565960, and 11565960 = 0 (mod 12))
If our modulus was 10, then modulus arithmetic would be
equivalent to ignoring all but the last digit in our numbers:
37 = 7 (mod 10)
287 + 482 = 9 (mod 10)
895 * 9836 = 0 (mod 10)
Relatively Prime Numbers
The greatest common divisor (abbreviated GCD) of two
numbers is the largest number that evenly divides into
both of them
GCD(15, 10) = 5
GCD(18, 10) = 2
GCD(21, 10) = 1
GCD(170, 102) = 34
Or, another way to look at it is to say that the GCD is the
intersection of the two numbers' set of prime factors:
GCD((2^3 * 3^1 * 7^2), (2^2 * 5^1 * 7^3)) = 2^2 * 7^2, so
GCD(1176, 6860) = 196
RSA
Choose two prime numbers p and q
Calculate modulus n = pq
Calculate (p-1)(q-1)
Chose e > 1 that is coprime to ((p-1)(q-1)) => called Φ(n)
Choosing a prime number for e leaves you with a single check:
that e is not a divisor of ((p-q)(q-1))
Compute d such that de = 1 (mod ((p-1)(q-1))
Public key: {e, n}, Private key: {d}
It's currently virtually impossible to obtain private key (d)
from the public key (n and e)
Example
p = 5, q = 11
n = p x q = 55
(p-1)(q-1) = 40
e = 3 (because 40 can't be divided by 3 and it's a prime)
d = 27 because 27 * 3 = 81 and 81 mod 40 = 1
Public key = (n = 55, e = 3)
Private key = (d = 27)
Encryption/Decryption
Encryption
C = Me mod n
To encrypt M (message) = 5
C = 53 mod 55
125 mod 55 = 15
Decryption
d
M = C mod n
To decrypt C (ciphertext) = 15
M = 1527 mod 55 = 5
Practice
p = 17
q = 11
M = 88
What is the C ?
Show the process to convert C → M
Answers
Select primes: p=17 & q=11
Compute n = pq =17×11=187
Compute Φ(n)=(p–1)(q-1)=16×10=160
Select e : gcd(e,160)=1; choose e=7
Determine d: de=1 mod 160 and d < 160 Value is d=23
since 23×7=161= 10×160+1
Publish public key P={7,187}
Keep secret private key S={23,17,11}
17, 11 (p dan q)
given message M = 88
Encryption (using public key):
C = 887 mod 187 = 11
Decryption (using private key):
M = 1123 mod 187 = 88
Public-Key Cryptography
Public key cryptography can provides
Confidentiality (plus integrity)
Authenticity
Confidentiality + Authenticity
Confidentiality + Integrity
Authenticity