COMPUTER SECURITY

PUBLIC KEY CRYPTOGRAPHY

RSA, DIFFIE-HELLMAN

Willy Sudiarto Raharjo

Teknik Informatika
Universitas Kristen Duta Wacana
 Diffie-Hellman Key Exchange
Proposed by Diffie & Hellman (1976)
Enables two parties to exchange a shared key over an
unsecure medium without having any prior shared secrets
Standard: RFC 2631
Anonymous (non-authenticated) key agreement protocol
 Requirement for Diffie-Helman
It is computationally easy for a party B to generate a pair of public key KUb
and private key KRb
It is computationally easy for a sender A, knowing the public key and the
message M, to generate ciphertext
C = EKUb (M)
It is computationally easy for a receiver B to decrypt the ciphertext using
the private key
M = DKRb (C) = DKRb (EKUb (M))
It is computationally infeasible for opponent, knowing public key KUb and
ciphertext C to recover M
It is computationally infeasible for opponent, knowing public key Kub to
determine the private key KRb
 Diffie-Helman Example
Scenario
Sender: Alice
Recipient: Bob
Parameters:
p: large prime integer (1024 bits)
g: an integer less than p
a: secret integer for Alice
b: secret integer for Bob
Diffie-Helman Protocol
Both Alice and Bob have arrived at the same value,
because gab and gba are equal mod p
a, b and gab = gba mod p are kept secret
p, g, ga mod p, and gb mod p – are sent in the clear
Once Alice and Bob compute the shared secret they can
use it as an encryption key, known only to them, for
sending messages across the same open communications
channel
Online Diffie-Helman Example

http://buchananweb.co.uk/security02.aspx
 Public-Key Cryptography
Known as asymetric-key cryptography
Encryption and decryption is carried out using two
different keys
The two keys in such a key pair are referred to as the public
key and the private key
The use of two keys will solve the key distribution problem
With public key cryptography, all parties interested in
secure communications can publish their public keys and
keep the private keys on their system
Uses number theoretics concepts
 RSA
Developed by Ron Rivest, Adi Shamir, and Leonard
Adleman in 1977
Uses a large pair of prime numbers so that factoring the
product is beyond all computing capabilities
Testing for primes is easy
Factoring the product is very difficult
Unbreakable (for now)
 Background Theory
Modulus Arithmetic
Relatively Prime Numbers
Euler's Totient Theorem
 Modulus Arithmetic
Modulus as a "remainder" operator, usually denoted by
"%", which gives the remainder of an integer division
instead of the quotient
Example: 27 % 12 = 3
Can also be expressed as 27 = 3 (mod 12)
Replace with congruent values
16 = 4 (mod 12), therefore
11 + 16 = 11 + 4 = 3 (mod 12).
 Another Example
9835 = 7 (mod 12) and 1176 = 0 (mod 12), therefore
9835 + 1176 = 7 + 0 = 7 (mod 12)
This also works for multiplication
9835 * 1176 = 7 * 0 = 0 (mod 12)
9835 * 1176 is 11565960, and 11565960 = 0 (mod 12))
If our modulus was 10, then modulus arithmetic would be
equivalent to ignoring all but the last digit in our numbers:
37 = 7 (mod 10)
287 + 482 = 9 (mod 10)
895 * 9836 = 0 (mod 10)
 Relatively Prime Numbers
The greatest common divisor (abbreviated GCD) of two
numbers is the largest number that evenly divides into
both of them
GCD(15, 10) = 5
GCD(18, 10) = 2
GCD(21, 10) = 1
GCD(170, 102) = 34
Or, another way to look at it is to say that the GCD is the
intersection of the two numbers' set of prime factors:
GCD((2^3 * 3^1 * 7^2), (2^2 * 5^1 * 7^3)) = 2^2 * 7^2, so
GCD(1176, 6860) = 196
 RSA
Choose two prime numbers p and q
Calculate modulus n = pq
Calculate (p-1)(q-1)
Chose e > 1 that is coprime to ((p-1)(q-1)) => called Φ(n)
Choosing a prime number for e leaves you with a single check:
that e is not a divisor of ((p-q)(q-1))
Compute d such that de = 1 (mod ((p-1)(q-1))
Public key: {e, n}, Private key: {d}
It's currently virtually impossible to obtain private key (d)
from the public key (n and e)
 Example
p = 5, q = 11
n = p x q = 55
(p-1)(q-1) = 40
e = 3 (because 40 can't be divided by 3 and it's a prime)
d = 27 because 27 * 3 = 81 and 81 mod 40 = 1
Public key = (n = 55, e = 3)
Private key = (d = 27)
 Encryption/Decryption
Encryption
C = Me mod n
To encrypt M (message) = 5
C = 53 mod 55
125 mod 55 = 15
Decryption
d
M = C mod n
To decrypt C (ciphertext) = 15
M = 1527 mod 55 = 5
 Practice
p = 17
q = 11
M = 88
What is the C ?
Show the process to convert C → M
 Answers
Select primes: p=17 & q=11
Compute n = pq =17×11=187
Compute Φ(n)=(p–1)(q-1)=16×10=160
Select e : gcd(e,160)=1; choose e=7
Determine d: de=1 mod 160 and d < 160 Value is d=23
since 23×7=161= 10×160+1
Publish public key P={7,187}
Keep secret private key S={23,17,11}
17, 11 (p dan q)
given message M = 88
Encryption (using public key):
C = 887 mod 187 = 11
Decryption (using private key):
M = 1123 mod 187 = 88
 Public-Key Cryptography
Public key cryptography can provides
Confidentiality (plus integrity)
Authenticity
Confidentiality + Authenticity
Confidentiality + Integrity
 Authenticity

Public key signatures also provides Non Repudiation

Confidentiality, Integrity and Authenticity
 Issues on RSA
Encryption and Decryption
The efficiency of exponentiation computation
Key generation
Determining two prime numbers p and q
Selecting either e or d and calculating the other
Key distribution
Public key can be intercepted (MiTM attack)
Solution: use key server to distribute the public key
 Speeding Up RSA
To speed up RSA → use the same e for all users
As long as p and q are different for each user, d (private keys)
will be different also
Common value for e = 3
Private key operation remains expensive
Don't use same d for all users → symetric key