CB3491– Cryptography and cyber security (Regulation2021)

III Year / V Semester - CSE

ASYMMERTIC CRYPTOGRAPHY UNIT-3

MATHEMATICS OF ASYMMETRIC KEY CRYPTOGRAPHY:

Primes–Primality Testing–Factorization–Euler’s totient function, Fermat’s and Euler’s
Theorem–Chinese Remainder Theorem– Exponentiation and logarithm.
ASYMMETRIC KEY CIPHERS: RSA cryptosystem – Key distribution – Key
management – Diffie Hellman key exchange-– Elliptic curve arithmetic –Elliptic curve
cryptography.

MATHEMATICS OF A SYMMETRIC KEY CRYPTOGRAPHY:

Primes
The positive integers can be divided into three groups: the number 1, primes and
composites. A positive integer is a prime if and only if it is exactly divisible by two integers, 1 and
itself. A composite is a positive integer with more than two divisors.
Definition: A prime is divisible only by itself and 1.

Three Groups of positive integers

Prime Factorization
Prime factorisation to compute GCD of any two numbers in prime factorization approach
we need to find prime factors of the two numbers.

Coprimes:

Two positive integers a and b are relatively prime or coprime.

Infinite Number of Primes: There is an infinite number of primes.

Sieve of Eratosthenes

The Greek mathematician Eratosthenes devised a method to find all primes less than n. This
method is called the Sieve of Eratosthenes. Suppose we wants to find all prime less than 100.

1
 CB3491– Cryptography and cyber security (Regulation2021)
III Year / V Semester - CSE

Primality Testing Methods

Primality testing method is a method to find and to prove whether the given number is prime number.

1. Naive Algorithm
 Naïve Algorithm is used to divide the given input number P by all the integers starting from 2 to
root of P – 1.
 If any one of them is a divisor, then the input number P is not a prime. Otherwise, it is
considered as a prime number .
Algorithm:

1. Pick any integer P that is greater than 2

2. Try to divide P by all integers starting from 2 to the square root of P
3. If P is divisible by any one of these integer, we can conclude that P is a composite
4. Else P is a prime number
Example:
Find the primality test for the number 100 using naïve algorithm.
1. P=100
2. 2,3,4,5,6,7,8,9
3. Case 1: 100/2 = 50(composite)
Therefore, 100 is not a prime number.

2. Fermat’s Primality Test:

If P is a prime and P does not divide a, which is a natural number then

Example:
Check whether the given number 12 is prime number or not using Fermat‘s theorem
Given P = 12. To check whether 12 is prime number or not, we have to check

If it is equal to 1, then it is called prime number. Otherwise, it is called composite number.

Consider, a = 5

It is not equal to 1.Therefore it is not a prime number.

2
 CB3491– Cryptography and cyber security (Regulation2021)
III Year / V Semester - CSE

3. Miller – Rabin Primality Test

Function Miller-Rabin (x)

Euler’s totient function

Before presenting Euler’s theorem, we need to introduce an important quantity in number theory,
referred to as Euler’s totient function, written f(n), and defined as the number of positive integers less
than and relatively primeton.By convention, f(1) = 1.

 Above Table lists the first 30 values of f(n). The value f(1) is without meaning but is defined to
have the value 1.It should be clear that, for a prime number p,

 It should be clear that, for a prime number p,

 Now suppose that we have two prime numbers p and q with p≠ q. Then we can show that, for

3
 CB3491– Cryptography and cyber security (Regulation2021)
III Year / V Semester - CSE

n = pq,

Using Fermat’s theorem, find a mod p. What is Euler’s totient function? (Nov/Dec2016)
Two theorems that play important roles in public-key cryptography are Fermat’s theorem and
Euler’s theorem.

Fermat’s Theorem

 Fermat’s theorem states the following: If p is prime and a is a positive integer not divisible
by p, then

Proof:

 Consider the set of positive integers less than p: {1, 2, c, p - 1} and multiply each element by
a, modulo p, to get the set X = {a mod p, 2a mod p, c, (p - 1) a mod p}.

 Multiplying the numbers in both sets (p and X) and taking the result mod p yields

 We can cancel the (p - 1)! term because it is relatively prime to p .This yields Equation
(8.2), which completes the proof.

 An alternative form of Fermat’s theorem is also useful: If p is prime and a is a positive

integer,then


4
 CB3491– Cryptography and cyber security (Regulation2021)
III Year / V Semester - CSE

 Note that the first form of the theorem [Equation (8.2)] requires that a be relatively
prime to p, but this form does not.

Euler’s Theorem

Euler’s theorem states that for every a and n that are relatively prime:

Proof:
Above Equation is true if n is prime, because in that case, f(n) = (n - 1) and Fermat’s theorem
holds.However, it also holds for any integer n. Recall that f(n) is the number of positive integers
lessthann thatarerelativelyprimeton.Considerthesetofsuchintegers,labeledas

That is, each element x i of R is a unique positive integer less than n with

gcd (xi,n)=1

Now multiply each element by a, modulo n:

The set S is a permutation of R, by the following line of reasoning:

1. Because a is relatively prime to n and xi is relatively prime to n, aximust also be relatively prime
ton. Thus, all the members of S are integers that are less than n and that are relatively primeton.
2. There are no duplicates in S. Refer to Equation (4.5).If a xi mod n=axj mod n, then xi=xj.
Therefore,

 Which completes the proof. This is the same line of reasoning applied to the proof of Fermat’s
theorem.

 As is the case for Fermat’s theorem, an alternative form of the theorem is also useful:

The Chinese Remainder Theorem

5
 CB3491– Cryptography and cyber security (Regulation2021)
III Year / V Semester - CSE

 One of the most useful results of number theory is the Chinese remainder theorem (CRT).
Inessence, the CRT says it is possible to reconstruct integers in a certain range from their residues
modulo a set of pair wise relatively prime moduli.

 The CRT can be stated in several ways.We present here a formulation that is most useful from the
point of view of this text. An alternative formulation is explored in Problem8.17.Let

Where the mi are pair wise relatively prime; that is, gcd (mi, mj) = 1 for 1 ≤ i, j ≤ k, and i
≠ j. Wecan represent any integer A in Z M by a k-tuple whose elements are in Zmi using the following
correspondence:

Where A€ZM, ai_Z mi, and ai=A mod mi for 1≤i≤k.

The CRT makes two assertions.

 The mapping of Equation (8.7) is a one-to-one correspondence (called a bijection) between ZM

and the Cartesian product Zm1 × Zm2 ×…..× Zmk.
 Operations performed on the elements of ZM can be equivalently performed on the corresponding
k-tuples by performing the operation independently in each coordinate position in the appropriate
system.

 By the definition of Mi, it is relatively prime to miand therefore has a unique multiplicative inverse
mod mi.So Equation (8.8) is well defined and produces a unique value ci.
Wecannowcompute.

 To show that the value of A produced by Equation (8.9) is correct, we must show that
 ai = A mod mi for 1 ≤ i ≤ k. Note that cj≡ Mj≡ 0 (mod mi) if j ≠ i, and that ci≡ 1 (mod mi). It
follows that ai=A mod mi.

6
 CB3491– Cryptography and cyber security (Regulation2021)
III Year / V Semester - CSE

The second assertion of the CRT, concerning arithmetic operations, follows from the rules for
modular arithmetic. That is, the second assertion can be stated as follows: If

 One of the useful features of the Chinese remainder theorem is that it provides a way to manipulate
(potentially very large) numbers mod M in terms of tuples of smaller numbers. This can be useful
when M is 150 digits or more. However, note that it is necessary to know beforehand the
factorization of M.

EXPONENTIATION AND LOGARITHM

 Exponentiation and logarithm are inverses of each other. The following shows the relationship
between them, in which a is called the base of the exponentiation or logarithm.

 In cryptography, a common modular operation is exponentiation. That is, we often need to

calculate.

 The RSA cryptosystem, which will be discussed in Chapter 10, uses exponentiation for both
encryption and decryption with very large exponents. Unfortunately, most computer languages
have no operator that can efficiently compute exponentiation, particularly when the exponent is
very large. To make this type of calculation more efficient, we need algorithms that are more
efficient.

 Fast Exponentiation

7
 CB3491– Cryptography and cyber security (Regulation2021)
III Year / V Semester - CSE

Fast exponentiation is possible using the square-and-multiply method. In traditional algorithms

only multiplication is used to simulate exponentiation, but the fast exponentiation algorithm uses
both squaring and multiplication. The main idea behind this method is to treat the exponent as a
method is to treat the exponent as a binary number of n b bits.

Figure shows the idea behind the square-and-multiply method

 Note that y is the product of nb terms. Each term is either 1 (if the corresponding bit is 0) or a2 I
(if the corresponding bit is 1). In other words, the term is included in the multiplication if the bit
is 1, it is not included if the bit is 0 (multiplication by 1 has no effect).
 Figure gives the general idea how to write the algorithm. We can continuously square the base
If the corresponding bit is 0, the term is not included in the multiplication
process; if the bit is 1, it is. Algorithm 9.7 reflects these two observations.

Pseudocode for square-and-multiply algorithm

 Algorithm uses n iterations. In each iteration, it checks the value of the corresponding bit. If the
value of the bit is 1, it multiplies the current base with the previous value of the result. It then
squares the base for the next iteration. Note that squaring is not needed in the last step (the result
is not used).

8
 CB3491– Cryptography and cyber security (Regulation2021)
III Year / V Semester - CSE

The bit-operation complexity of the fast exponential algorithm is polynomial.

LOGARITHM or INDICES
• Discrete logarithms are logarithms defined with regard to multiplicative cyclic groups. If G is a
multiplicative cyclic group and g is a generator of G, then from the definition of cyclic groups, we
know every element h in G can be written as x g for some x. The discrete logarithm to the base g of
h in the group G is defined to be x .

ASYMMETRIC KEY CIPHERS:

The conceptual differences between the two systems are based on how these systems keep a secret.
In symmetric-key cryptography, the secret must be shared between two persons. In asymmetric-key
cryptography, the secret is personal (unshared); each person creates and keeps his or her own secret.
In a community of n people, n(n - 1)/2 shared secrets are needed for symmetric-key cryptography;
only n personal secrets are needed in asymmetric-key cryptography. For a community with a
population of 1 million, symmetric-key cryptography would require half a billion shared secrets;
asymmetric-key cryptography would require 1 million personal secrets.

9
 CB3491– Cryptography and cyber security (Regulation2021)
III Year / V Semester - CSE

RSA cryptosystem

Explain the RSA algorithm and its key generation, encryption and decryption Operations. Or
Perform encryption and decryption using RSA Alg.

Introduction:
 It was developed by Rivest, Shamir and Adleman. This algorithm makes use of an expression with
exponentials. Plaintext is encrypted in blocks, with each block having a binary value less than
some number n.
 The RSA scheme is a cipher in which the plaintext and cipher text are integers between 0 and n - 1
for some n. A typical size for n is 1024 bits, or 309 decimal digits. That is, n is less than 2^ 1024. That
is, the block size must be less than or equal to Iog 2 (n); in practice, the block size is k its, k *1 .
where 2< n < 2 k*1
 Encryption and decryption are of the following form, for some plain text block M and cipher text
block C:

 Both the sender and receiver know the value of n. the sender knows the value of e and only the
receiver knows the value of d. thus, this is a public key encryption algorithm with a public key
of KU = {e, n) and a private key of KR = {d, n}. For this algorithm to be satisfactory for public
key encryption, the following requirements must be met:

DIFFIE HELLMAN KEY EXCHANGE

 The purpose of the algorithm is to enable two users to exchange a key securely that can then be
used for subsequent encryption of messages. The Diffie-Hellman algorithm depends for its
effectiveness on the difficulty of computing discrete logarithms.

 First, we define a primitive root of a prime number p as one whose power generate all the
integers from 1 to (p-1) i.e., if =a‘ is a primitive root of a prime number p, then the numbers a

10
 CB3491– Cryptography and cyber security (Regulation2021)
III Year / V Semester - CSE

mod p, a2mod p, ... ap 1 mod p are distinct and consists of integers from 1 to (p-1) in some
permutation.

The Algorithm

 Figure summarizes the Diffie-Hellman key exchange algorithm. There are publicly known
numbers: a prime number =q‘ and an integer a that is primitive root of q. suppose users A and B
wish to exchange a key. User A selects a random integer XA‹ q and computes YA = a XA mod q.

Fig. Diffie Hellman Key Exchange

Similarly, user B independently selects a random integer XB< q and computes YB a XB mod q. Each
side keeps the X value private and makes the Y value available publicly to the other side.

11
 CB3491– Cryptography and cyber security (Regulation2021)
III Year / V Semester - CSE

The result is that two sides have exchanged a secret key. The security of the algorithm lies in the
fact that, while it is relatively easy to calculate exponentials modulo a prime, it is very difficult to
calculate discrete logarithms.

Key Exchange Protocols

Figure. Diffe-Hellman Key Exchange

The protocol depicted in figure is insecure against a man-in-the-middle attack. Suppose Alice and Bob
wish to exchange keys, and Darth is the adversary. The attack proceeds as follows:

1. Darth prepares for the attack by generating two random private keys XD1 and XD2 and then
computing the corresponding public keys YD1 and

12
 CB3491– Cryptography and cyber security (Regulation2021)
III Year / V Semester - CSE

ELLIPTIC CURVE ARITHMETIC

Elliptic Curves:
An elliptic Curve is a Cubic equation of the form

Where a,b,c,d and e are real numbers

13