CNS 2201 9/20/2023

Symmetric Key Cryptography – A Review

Introduction to Public Key

Cryptography

• Such a system is symmetric with respect to two properties:

• The same secret key is used for encryption and decryption.
• The encryption and decryption function are very similar (in the case of DES they
are essentially identical).

1 2

Symmetric Key Cryptography - Revisited Shortcomings of Symmetric Key Cryptography

• Modern symmetric algorithms such as AES or 3DES are very secure, fast and are
in widespread use.
• However, there are several shortcomings associated with symmetric-key
schemes.
• 1.Key Distribution Problem:
• The key must be established between Alice and Bob using a secure channel.
• Remember that the communication link for the message is not secure, so sending the key
over the channel directly — which would be the most convenient way of transporting it —
• Assume there is a safe with a strong lock.
can’t be done.
• Only Alice and Bob have a copy of the key for the lock.
• The action of encrypting of a message can be viewed as putting the message in the safe.
• In order to read, i.e., decrypt, the message, Bob uses his key and opens the safe.

3 4
CNS 2201 9/20/2023

Shortcomings of Symmetric Key Cryptography Shortcomings of Symmetric Key Cryptography

• 2. Number of Keys: • 3.Protection Against Cheating by Alice or Bob:
• Even if we solve the key distribution problem, we must potentially deal with a • Alice and Bob have the same capabilities, since they possess the same key.
very large number of keys. • As a consequence, symmetric cryptography cannot be used for applications
• If each pair of users needs a separate pair of keys in a network with n users, where we would like to prevent cheating by either Alice or Bob as opposed to
there are key pairs, and every user has to store n − 1 keys securely. cheating by an outsider like Oscar.
• For instance, in e-commerce applications it is often important to prove that
• Even for mid-size networks, say, a corporation with 2000 people, this Alice actually sent a certain message, say, an online order for a flat screen TV.
requires more than 4 million key pairs that must be generated and • If we only use symmetric cryptography and Alice changes her mind later, she
transported via secure channels. can always claim that Bob, the vendor, has falsely generated the electronic
purchase order -> Non-repudiation

5 6

Principles of Asymmetric Key Cryptography Principles of Asymmetric Key Cryptography

• In order to overcome the drawbacks of symmetric key cryptography, Diffie, • A simple analogy of such a system is shown below.
Hellman and Merkle had a revolutionary proposal based on the following idea: It • This systems works quite similarly to the good old mailbox on the corner of a
is not necessary that the key possessed by the person who encrypts the street: Everyone can put a letter in the box, i.e., encrypt, but only a person with a
message (that’s Alice in our example) is secret. private (secret) key can retrieve letters, i.e., decrypt.
• The crucial part is that Bob, the receiver, can only decrypt using a secret key.
• In order to realize such a system, Bob publishes a public encryption key which is
known to everyone.
• Bob also has a matching secret key, which is used for decryption.
• Thus, Bob’s key k consists of two parts, a public part, kpub, and a private one, kpr.

7 8
CNS 2201 9/20/2023

Principles of Asymmetric Key Cryptography Principles of Asymmetric Key Cryptography

• If we assume we have cryptosystems with such a functionality, a basic protocol • By looking at that protocol you might argue that even though we can encrypt a
for public-key encryption looks as shown in the figure below. message without a secret channel for key establishment, we still cannot exchange
a key if we want to encrypt with, say, AES.
• However, the protocol can easily be modified for this use.
• What we have to do is to encrypt a symmetric key, e.g., an AES key, using the
public-key algorithm.
• Once the symmetric key has been decrypted by Bob, both parties can use it to
encrypt and decrypt messages using symmetric ciphers.

9 10

Principles of Asymmetric Key Cryptography Principles of Asymmetric Key Cryptography

• Figure below shows a basic key transport protocol where we use AES as the symmetric cipher for • From the discussion so far, it looks as though asymmetric cryptography is a desirable tool for
illustration purposes (of course, one can use any other symmetric algorithm in such a protocol). security applications.
• The main advantage of this protocol over the purely asymmetric key protocol is that the payload • The question remains how one can build public-key algorithms.
is encrypted with a symmetric cipher, which tends to be much faster than an asymmetric • They are all built from one common principle, the one-way function.
algorithm.
• The informal definition of it is as follows:

11 12
CNS 2201 9/20/2023

Principles of Asymmetric Key Cryptography Principles of Asymmetric Key Cryptography

• In order to be useful in practical crypto schemes, the computation y = f(x) should • There are two popular one-way functions which are used in practical public-key
be sufficiently fast that it does not lead to unacceptably slow execution times in schemes.
an application. 1. The first is the integer factorization problem, on which RSA is based.
• The inverse computation x = f −1(y) should be so computationally intensive (high • Given two large primes, it is easy to compute the product.
complexity) that it is not feasible to evaluate it in any reasonable time period, say, • However, it is very difficult to factor the resulting product.
10,000 years, when using the best known algorithm. 2. The other one-way function that is used widely is the discrete logarithm
problem. This is not quite as intuitive and is introduced later.

13 14

Practical Aspects of Public-Key Cryptography - Practical Aspects of Public-Key Cryptography -

Security Mechanisms Security Mechanisms
• As shown in the previous section, public-key schemes can be used for encryption • 2. Nonrepudiation: Providing nonrepudiation and message integrity can be
of data. realized with digital signature algorithms, e.g., RSA, DSA or ECDSA.
• It turns out that we can do many other, previously unimaginable, things with • 3. Identification: We can identify entities using challenge-and-response protocols
public-key cryptography. together with digital signatures, e.g., in applications such as smart cards for
• The main functions that they can provide are listed below: banking or for mobile phones.
• 1.Key Establishment: • 4. Encryption: We can encrypt messages using algorithms such as RSA or Elgamal.
• There are protocols for establishing secret keys over an insecure channel.
• Examples for such protocols include the Diffie–Hellman key exchange (DHKE) or RSA key
transport protocols.

15 16
CNS 2201 9/20/2023

Practical Aspects of Public-Key Cryptography - Practical Aspects of Public-Key Cryptography -

Security Mechanisms Security Mechanisms
• We note that identification and encryption can also be achieved with symmetric • Thus, somewhat ironically, public-key cryptography is rarely used for the
ciphers, but they typically require much more effort with key management. actual encryption of data.
• It looks as though public-key schemes can provide all functions required by • On the other hand, symmetric algorithms are poor at providing non-
modern security protocols. repudiation and key establishment functionality.
• Even though this is true, the major drawback in practice is that encryption • In order to use the best of both worlds, most practical protocols are hybrid
of data is very computationally intensive — or more colloquially: extremely slow
protocols which incorporate both symmetric and public-key algorithms.
— with public-key algorithms.
• Many block and stream ciphers can encrypt about one hundred to one thousand • Examples include the SSL/TLS protocol that is commonly used for secure
times faster than public-key algorithms. Web connections, or IPsec, the security part of the Internet communication

17 18

Practical Aspects of Public-Key Cryptography - The Practical Aspects of Public-Key Cryptography -

Remaining Problem: Authenticity of Public Keys Important Public-Key Algorithms
• From the discussion so far we’ve seen that a major advantage of asymmetric • In the previous chapters, we learned about some block ciphers, DES and
schemes is that we can freely distribute public keys, as shown in the protocols in AES.
the previous diagrams.
• However, in practice, things are a bit more tricky because we still have to assure • However, there exist many other symmetric algorithms.
the authenticity of public keys. • Several hundred algorithms have been proposed over the years and even
• In other words: Do we really know that a certain public key belongs to a certain person?
• In practice, this issue is often solved with what is called certificates.
though a lot were found not to be secure, there exist many
• Roughly speaking, certificates bind a public key to a certain identity. cryptographically strong ones.
• This is a major issue in many security application, e.g., when doing e-commerce transactions
on the Internet.
• The situation is quite different for asymmetric algorithms.
• We discuss this topic in more detail later. • There are only three major families of public-key algorithms which are of
• Another problem, which is not as fundamental, is that public-key algorithms practical relevance.
require very long keys, resulting in slow execution times. • They can be classified based on their underlying computational problem.

19 20
CNS 2201 9/20/2023

Practical Aspects of Public-Key Cryptography - Practical Aspects of Public-Key Cryptography -

Important Public-Key Algorithms - Important Public-Key Algorithms
1. Integer-Factorization Schemes: • The first two families were proposed in the mid-1970s, and elliptic curves
• Several public-key schemes are based on the fact that it is difficult to factor large integers. were proposed in the mid-1980s.
• The most prominent representative of this algorithm family is RSA.
2. Discrete Logarithm Schemes: • There are no known attacks against any of the schemes if the parameters,
• There are several algorithms which are based on what is known as the discrete logarithm especially the operand and key lengths, are chosen carefully.
problem in finite fields.
• Algorithms belonging to each of the families will be introduced later
• The most prominent examples include the Diffie–Hellman key exchange, Elgamal encryption
or the Digital Signature Algorithm (DSA). • It is important to note that each of the three families can be used to
3. Elliptic Curve (EC) Schemes: provide the main public-key mechanisms of key establishment,
• A generalization of the discrete logarithm algorithm are elliptic curve public-key schemes. nonrepudiation through digital signatures and encryption of data.
• The most popular examples include Elliptic Curve Diffie–Hellman key exchange (ECDH) and
the Elliptic Curve Digital Signature Algorithm (ECDSA).

21 22

Extended Euclidean Algorithm Extended Euclidean Algorithm – Example 1

CNS 2201 9/20/2023

Extended Euclidean Algorithm – Example 2