UNIT II

BLOCK CIPHERS & PUBLIC KEY CRYPTOGRAPHY

BLOCK CIPHERS
Data Encryption Standard-Block cipher principles-block cipher modes of operation-Advanced Encryption
Standard (AES)-Triple DES-Blowfish-RC5 algorithm.

Public key cryptography:

Principles of public key cryptosystems-The RSA algorithm-Key management - Diffie Hellman Key exchange
Elliptic curve arithmetic-Elliptic curve cryptography.
BLOCK CIPHER PRINCIPLES
 Symmetric block encryption algorithm are based
on Feistel Structure
 Topics to discuss
1. Stream cipher and Block cipher
2. Feistel Cipher
3. Diffusion and Confusion
4. Feistel Cipher Structure
 1. Stream Cipher and Block Cipher
Stream Cipher
 Encrypts data stream one bit or one byte at a time.
 Examples of Stream Cipher
1. Vernam Cipher
2. Vigenere Cipher

Bit Stream Key Bit Stream

Key generation generation
(K) algorithm
(K) algorithm

Ki Ki
Pi Ci Ci Pi
Plaintext + Cyphertext + Plaintext
ENCRYPTION DECRYPTION
1. Stream Cipher and Block Cipher
Stream Cipher
 Encrypts data stream ___________________at a time.
 Examples of Stream Cipher
1. ___________ Cipher
2. ___________ Cipher
Bit Stream
Key generation
(K) algorithm

Ki
Pi
+ Cyphertext + Plaintext
1. Stream Cipher and Block Cipher
Block Cipher
 Encrypts block of plaintext as whole and translate to ciphertext
 Block Size is 64 or 128 bits bits

 Examples of Block Cipher Plaintext Ciphertext

1. DES

Key Encryption Decryption Key

(K) Algorithm Algorithm (K)

Ciphertext Plaintext
bits bits
1. Stream Cipher and Block Cipher
Block Cipher
 Encrypts _______ of plaintext as _______ and translate to ______
 Block Size is ___ or ___ bits bits

 Examples of Block Cipher

1. _______

Key
(K)

Ciphertext Plaintext
bits bits
2. Feistel Cipher
 Utilizing the Concept of Product Cipher
 Product Cipher – Execute two or more Cipher produce product
of stronger component.
 Two Components
1. Substitution
2. Permutation
 Substitution – Each plaintext or group of plaintext are replaced
by ciphertext
 Permutation – Sequence of plaintext elements are replaced by
changing the order of sequence
2. Feistel Cipher
 Utilizing the Concept of __________
 ________ Cipher – Execute _____________produce product of
stronger component.
 Two Components
1. __________
2. __________
 _________ – Each plaintext or group of plaintext are ______ by
ciphertext
 _________ – Sequence of plaintext elements are replaced by
_____________of sequence
3. Diffusion and Confusion
 Diffusion
- Structure of plaintext is dissipated into long range statistics
of ciphertext
 Confusion
- the relationship between ciphertext and key as complex as
possible.
3. Diffusion and Confusion
Match this

Diffusion - Each plaintext or group of plaintext are replaced

by ciphertext
Confusion - Structure of plaintext is dissipated into long
range statistics of ciphertext.
- the relationship between ciphertext and key
as complex as possible.
4. Feistel Cipher Structure
 4. Feistel Cipher Structure
•Encryption
 
 Input – Plaintext and Key
 Output – Ciphertext
 Plaintext block split into two halves L0 and R0.
 Two halves data pass through n rounds.
 Each round input is derived from previous round
 Each round has separate key from Key source.
 All round has same structure.
 Substitution
1. Take left half of the data and Exclusive OR with round function F to the right
half of data with key F(RE,K).
2. Another form is LE F(RE,K)
 Permutation
1. Performed by Interchanging the two halves of the data.
 4. Feistel Cipher Structure
 Important parameters
 Block Size
 Key Size
 Number of Rounds
 Sub Key Generation algorithm
 Round Function
 Decryption
 Same as Encryption except only one rule.
 Input – Ciphertext and key
 Output – Plaintext
 Rule
 Subkeys for Each round in reverse order.
 Round
Block Size
Function
Key Size
Stream cipher
Feistel and Block cipher
Number of Cipher
Rounds Structure
Sub Key Generation BLOCK
algorithm CIPHER
PRINCIPLES

Feistel Substitution
Diffusion and Cipher
Confusion
Permutation
 Data Encryption Standard (DES)
 The mostly used encryption algorithm is DES.

 The algorithm used in DES is referred as Data Encryption Algorithm (DEA).

 In DES data is encrypted as 64 bit Block with 56 bit Key.

 Input – 64 bits

 Output – 64 bits

 The step used in Encryption is same as for Decryption but Key is reversed
for decryption.
 Data Encryption Standard (DES)
History
 Late 1960 IBM started project on computer cryptography led by Fiestel.

 This project concluded at 1971 with the name LUCIFER and sold to Lloyds London for use in cash
dispensing system.
 LUCIFER operates on blocks of 64 bits using key size 128 bit.

 This works good so ideally this move on to commercial.

 The updated version of LUCIFER is DES.

 But in DES key size is 56 bit.

 DES is widely used in Financial application.

 In 1994 NIST affirmed for federal use another 5 years as DES.

In 1999 new updated version of DES is triple DES.

 Data Encryption Standard (DES)
DES Encryption
 Input – Plaintext (64 Bits)

- Key (56 Bits)

 Output – Ciphertext (64 bits)

 Block size – 64 Bits

 No of Rounds – 16 rounds

 No of Sub keys – 16 subkeys

 Round function – Later will see

DES Encryption – Block Diagram
 DES Encryption – Block Diagram
 The left hand side of the figure has three Phases
1. Initial Permutation (IP) – 64 bit plaintext is pass through IP
- This rearranges the bits and produce Permitted input
2. Round Function - It has 16 rounds with same function.
- It involves Both Permutation and substitution
- the left and right input has swapped and produce Pre output
3. Inverse Permutation – Finally the pre output is pass through [IP-1] then
produce 64 bit Ciphertext
 The right hand side portion has 56 bit is used.
1. Initially key are pass through permutation.
2. Then each 16 round subkeys(Ki) produced by combination of left circular
shift and permutation.
3. Each permutation function is same but key are different.
 DES Encryption – Initial Permutation (IP)
 Input table consists 64 bits numbered from 1 to 64

M1 M2 M3 M4 M5 M6 M7 M8
M9 M10 M11 M12 M13 M14 M15 M16
M17 M18 M19 M20 M21 M22 M23 M24
M25 M26 M27 M28 M29 M30 M31 M32
M33 M34 M35 M36 M37 M38 M39 M40
M41 M42 M43 M44 M45 M46 M47 M48
M49 M50 M51 M52 M53 M54 M55 M56
M57 M58 M59 M60 M61 M62 M63 M64
 DES Encryption – Initial Permutation (IP)
 Each permutation table indicates the position of numbered input to the
output
X= IP(M)

M58 M50 M42 M34 M26 M18 M10 M2

M60 M52 M44 M36 M28 M20 M12 M4
M62 M54 M46 M38 M30 M22 M14 M6
M64 M56 M48 M40 M32 M24 M16 M8
M57 M49 M41 M33 M25 M17 M9 M1
M59 M51 M43 M35 M27 M19 M11 M3
M61 M53 M45 M37 M29 M21 M13 M5
M63 M55 M47 M39 M31 M23 M15 M7
DES Encryption – Initial Permutation (IP)
Inverse Permutation(IP-1)
DES Encryption – Details of Single Round
 DES Encryption – Details of Single Round
 Focussing Left hand side
 After permutation the 64 bit is split into two halves L (left) (32 bit) and R (Right)
(32 bit)
Li = Ri-1
Ri = Li-1 ⊕ F(Ri-1,Ki)
 The R input is 32 bits. The round key is 48 bits.
 So R is Expanded to 48 bits that is Permutation plus Expansion which duplicate
16 bit is added.
 DES Encryption – Details of Single Round
 S – Box (Substitution Box)
 S- box Contains 8 Boxes
 Input 6 Bits for each Si
 Output 4 Bits for each Si
 The first and last bits in the input to box Si row value.
 The Middle four bits represent column value.
 In general Every S box has 4 rows represent (00,01,10,11)
 Every S box has 16 Column represent by (0000,0001,…………,1111)
 For Example input is 0 1100 1

1th row01S box column 12 1100

 Now choose a value from S1 box with 1st Row and 12th column which is 9
 So output is 1001
 DES Encryption – Details of Single Round
 S – Box (Substitution Box)
 DES Encryption – Details of Single Round
 Sample S – Box (Substitution Box)

14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
S1

15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13

15 1 8 14 6 11 3 4 9 7 2 13 12 0 5 10
3 13 4 7 15 2 8 14 12 0 1 10 6 9 11 5
0 14 7 11 10 4 13 1 5 8 12 6 9 3 2 15
S2

13 8 10 1 3 15 4 2 11 6 7 12 0 5 14 9
 DES Encryption – Details of Single Round
 S – Box (Substitution Box)
 DES Encryption – Details of Single Round
 Permutation P

16 7 20 21 29 12 28 17

1 15 23 26 5 18 31 10
2 8 24 14 32 27 3 9
19 13 30 6 22 11 4 25
 DES Encryption – Key Generation
 64 bit key is used to input for the algorithm.
 The bits of key are numbered from 1 to 64.
 Every eighth bit is ignored.
(a) Input Key
1 2 3 4 5 6 7 8

9 10 11 12 13 14 15 16
17 18 19 20 21 22 23 24
25 26 27 28 29 30 31 32
33 34 35 36 37 38 39 40
41 42 43 44 45 46 47 48
49 50 51 52 53 54 55 56
57 58 59 60 61 62 63 64
 DES Encryption – Key Generation
 Now 56 bit input to Permuted Choice 1 (PC1)
(a) Permuted Choice One (PC-1)
57 49 41 33 25 17 9

1 58 50 42 34 26 18
10 2 59 51 43 35 27
19 11 3 60 52 44 36
63 55 47 39 31 23 15
7 62 54 46 38 30 22
14 6 61 53 45 37 29
21 13 5 28 20 12 4

 The resulting 56 bits is treated as two halves with 28 bit labelled C0 and D0.
 Each round separate circular left shift of 1 or 2 bits according below table.
(a) Schedule of Left Shifts
Round Number 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Bits Rotated 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
 DES Encryption – Key Generation
 Now Shifted values are input to Permuted Choice 2 (PC2) which produce 4b bit
then this 48 bit is input to the Function (F)
(a) Permuted Choice Two (PC-2)
14 17 11 24 1 5 3 28

15 6 21 10 23 19 12 4

26 8 16 7 27 20 13 2

41 52 31 37 47 55 30 40

51 45 33 48 44 49 39 56

34 53 46 42 50 36 29 32
 DES Decryption
 Decryption uses same algorithm as encryption except the keys are reversed.
 The Strength of DES
 The use of 56 bit Keys .
 The length is 56 so there are 256 Possible keys approximately 7.2 X 1016 Keys.
 However 1977 Diffie Hellman build parallel machine average time is reduced to 10 hours.
 In 1998 announced DES had broken with special machine “DES Cracker”.
 The nature of DES algorithm
 Timing Attack
 How long it takes the plaintext to perform Decryption of different ciphertext.
MULTIPLE ENCRYPTION
 Due to vulnerability in DES,
Two approaches have been taken,
 1. Design a new algorithm example AES
 2. Preserves existing investment to use multiple encryption then Triple
DES.
 Double DES
 Given a plaintext P and two encryption keys K1 and K2, then ciphertext C
is generated
C=E(K2,E(K1,P))
 Decryption
P=D(K1,D(K2,C))
DOUBLE DES

K1 K2

P C
Encryption

K2 K1

C P
Decryption
MEET IN THE MIDDLE ATTACK
It is based on
X= E(K1,P)=D(K2,C)
The attack proceeds as follows,
1. Given a known pair plaintext P, ciphertext C.
2. Encrypt the P for all possible 256 keys of K1.
3. Store these results in a table then sort by X
4. Decrypt the C by using all 256 possible values of K2.
5. Store these results in a table then sort.
6. Check for there is match then keys produce correct result.
To overcome this Triple DES is introduced
TRIPLE DES (3 DES)
 Three stages of encryption with three different keys.
 Algorithm used in Triple DES is Triple Data Encryption Algorithm (TDEA).
 Two Versions of DES
 Two Keys
 Three Keys
 Triple DES with Two Keys
 Triple Des Follows Encrypt – Decrypt – Encrypt (EDE) sequence
C = E(K1,D(K2,E(K1,P)))
P = D(K1,E(K2,D(K1,C)))
Suppose
C = E(K1,D(K1,E(K1,P))) = E(K1,P)
P = D(K1,E(K2,D(K1,C))) = D(K1,C)
 TRIPLE DES (3 DES) K1 (2 key)
Or
K1 K2 K1 K3 (3 key)

P C
Encryption
K1 (2 key)
Or
K1 K2 K1K3 (3 key)

C P
Decryption
TRIPLE DES (3 DES)
Triple DES with Three Key
Three Key DES is Defined as
E=(K3,D(K2,E(K1,P)))
BLOCK CIPHER MODES OF OPERATION
 In general Block cipher takes fixed length block of text of length b bits and
key as input it produce b bit of ciphertext.
 If Plaintext length is greater than b bits then block cipher breaking up block
into b bits block.
 When multiple blocks are encrypted using same key some security issues
arise.
 to apply Block cipher in a variety of application FIVE MODES OF
OPERATION are defined.
1. ECB – Electronic Code Book
2. CBC – Cipher Block Chaining Mode
3. CFB – Cipher Feedback Mode
4. OFB – Output Feedback Mode
 Mode description Typical Application

Electronic Codebook (ECB) Each block of plaintext bits is • Secure transmission of

encoded independently using the single values (e.g., an
same key. encryption key)

Cipher Block Chaining (CBC) The input to the encryption algorithm • General-purpose
is the XOR of the next block of blockoriented
plaintext and the preceding block of transmission
ciphertext. • Authentication
Cipher Feedback (CFB) Input is processed s bits at a time. • General-purpose stream-
Preceding ciphertext is used as input oriented transmission
to the encryption algorithm to produce • Authentication
pseudorandom output, which is
XORed with plaintext to produce next
unit of ciphertext.

Output Feedback (OFB) Similar to CFB, except that the input • Stream-oriented
to the encryption algorithm is the transmission over noisy
preceding encryption output, and full channel (e.g., satellite
blocks are used. communication)

Counter (CTR) Each block of plaintext is XORed • General-purpose block-

with an encrypted counter. The oriented transmission
counter is incremented for each • Useful for high-speed
subsequent block. requirements
ECB – ELCTRONIC CODE BOOK

(a) Encryption

(b) Decryption
ECB – ELCTRONIC CODE BOOK
 The simplest mode is ECB

ECB Cj = E(K,Pj) Pj = D(K,Cj)

j=1,2…n j=1,2…n
2. CBC – Cipher Block Chaining Mode

(a) Encryption Decryption

2. CBC – Cipher Block Chaining Mode


CBC C1 = E(K,[P1⊕IV]) P1 = D(K,C1) ⊕ IV

Cj = E(K,[Pj ⊕ Cj- Pj = D(K,Cj) ⊕ Cj-
1]) j=1,2…n 1 j=1,2…n
3. CFB – Cipher Feedback Mode

ENCRYPTION
3. CFB – Cipher Feedback Mode

DECRYPTION
3. CFB – Cipher Feedback Mode

CFB I1 = IV I1 = IV
Ij = LSBb-s (Ij-1) || Cj-1 Ij = LSBb-s (Ij-1) || Cj-1
Oj = E(K,Ij) Oj = E(K,Ij)
Cj = Pj ⊕ MSBs(Oj) Pj = Cj ⊕ MSBs(Oj)
4. OFB – Output Feedback Mode
4. OFB – Output Feedback Mode
4. OFB – Output Feedback Mode

OFB I1 = Nonce I1 = Nonce

Ij = Oj-1 Ij = LSBb-s (Ij-1) || Cj-1
Oj = E(K,Ij) Oj = E(K,Ij)
Cj = Pj ⊕ Oj Pj = Cj ⊕ Oj
Cn = Pn ⊕ MSB (On) Pn = Cn ⊕ MSB (On)
5. CTR – Counter Mode
5. CTR – Counter Mode
5. CTR – Counter Mode

CTR Cj = Pj ⊕ E(K,Tj) Pj = Cj ⊕ E(K,Tj)

AES (ADVANCED ENCRYPTION STANDARD)
 Block Size – 128 bits of plaintext. (4 words / 16 bytes)
 No of Rounds – 10 Rounds
 Key Size – 128 bit (4 words / 16 bytes)
 No of sub Keys – 44 subkeys
 Each Subkey Size – 32 bit / 1 word / 4 bytes
 Each Round – 4 Subkey (128 bit / 4 words / 16 Bytes)
 Pre Round Calculation – 4 Subkey (128 bit / 4 words / 16 Bytes)
 Ciphertext – 128 bits
 Key length – 16,24 or 32 Bytes (128,192 or 256 Bits)
 Number rounds – 10 for 16 bytes, 12 for 24 byte, 14 for 32 byte
 Then this algorithm referred to AES128, AES192 or AES256
Plaintext—16 bytes (128 bits) Key—M bytes

Figure 5.1 AES Encryption Process

Input array, State array and Output array
 Input is copied to State array which is modified in each stage of encryption
or Decryption.
The first four bytes are on the first column, the following 4 on the second column, etc.
 At final State array is copied to Output matrix
Key Expansion
 The 128-bit key is also shown as a matrix of 4x4 bytes (each byte is a
number from 0 to 255): first 4 bytes on the first column, following 4 on the
2nd columns, etc.
 The key is expanded in an array of 44 words – each word has 4 bytes;
General Structure
General Structure
1. It is not feistel structure
2. The key is provided as input is expanded to 44 words.
3. Four different stages
i. Substitute Bytes
ii. Shift rows
iii. Mix columns
iv. Add round Key
4. Structure quite simple
5. Add round key uses the key
6. Except add round key other stages provides confusion and diffusion
7. Each stages are reversible
8. Key in decryption algorithm in reverse order
9. State is same for encryption and decryption
10. Final round both encryption and decryption only 3 stages.
AES Encryption Round
Substitute Bytes
Substitute Bytes

AES defines a 16 * 16 matrix of byte values, called an S-box

Each individual byte of State is mapped into a new byte
The leftmost 4 bits of the byte are used as a row value and the
rightmost 4 bits are used as a column value.
For example, the hexadecimal value {95} references row 9, column 5
of the S-box, which contains the value {2A}. Accordingly, the value
{95} is mapped into the value {2A}.
Substitute Bytes
Table 5.2 AES S-Boxes
y

0 1 2 3 4 5 6 7 8 9 A B C D E F
0 63 7C 77 7B F2 6B 6F C5 30 01 67 2B FE D7 AB 76
1 CA 82 C9 7D FA 59 47 F0 AD D4 A2 AF 9C A4 72 C0
2 B7 FD 93 26 36 3F F7 CC 34 A5 E5 F1 71 D8 31 15
3 04 C7 23 C3 18 96 05 9A 07 12 80 E2 EB 27 B2 75
4 09 83 2C 1A 1B 6E 5A A0 52 3B D6 B3 29 E3 2F 84
5 53 D1 00 ED 20 FC B1 5B 6A CB BE 39 4A 4C 58 CF
6 D0 EF AA FB 43 4D 33 85 45 F9 02 7F 50 3C 9F A8
7 51 A3 40 8F 92 9D 38 F5 BC B6 DA 21 10 FF F3 D2
8 CD 0C 13 EC 5F 97 44 17 C4 A7 7E 3D 64 5D 19 73
9 60 81 4F DC 22 2A 90 88 46 EE B8 14 DE 5E 0B DB
A E0 32 3A 0A 49 06 24 5C C2 D3 AC 62 91 95 E4 79
B E7 C8 37 6D 8D D5 4E A9 6C 56 F4 EA 65 7A AE 08
C BA 78 25 2E 1C A6 B4 C6 E8 DD 74 1F 4B BD 8B 8A
D 70 3E B5 66 48 03 F6 0E 61 35 57 B9 86 C1 1D 9E
E E1 F8 98 11 69 D9 8E 94 9B 1E 87 E9 CE 55 28 DF

x F 8C A1 89 0D BF E6 42 68 41 99 2D 0F B0 54 BB 16
(a) S-box
Shift Rows Transformation
 The first row of State is not altered.
 For the second row, a 1-byte circular left shift is performed.
 For the third row, a 2-byte circular left shift is performed.
 For the fourth row, a 3-byte circular left shift is performed.
87 F2 4D 97 87 F2 4D 97

EC 6E 4C 90 6E 4C 90 EC

46 E7 4A C3
4A C3 46 E7
A6 8C D8 95
8C D8 95 A6
Shift Rows Transformation
Mix Columns Transformation
•  Each column is mapped into new value by matrix multiplication on
State
=

=
=
=
=
ADD Round Key
47 40 A3 4C AC 19 28 57

37 D4 70 9F 77 FA D1 5C
⊕
94 E4 3A 42 66 DC 29 00

ED A5 A6 BC F3 21 41 6A

=
EB 59 8B 1B

40 2E A1 C3

F2 38 13 42

1E 84 E7 D6
INPUTS FOR AES SINGLE ROUND
AES KEY EXPANSION
AES KEY EXPANSION
 The function g consists of the following subfunctions.
 RotWord performs a one-byte circular left shift on a word. This means
that an input word [B0, B1, B2, B3] is transformed into [B1, B2, B3, B0].
 SubWord performs a byte substitution on each byte of its input word,
using the S-box.
 The result of steps 1 and 2 is XORed with a round constant, Rcon[j].
RC5 Algorithm
In cryptography, RC5 is a symmetric-key block cipher notable for its
simplicity.
 Designed by Ronald Rivest in 1994.
 RC stands for "Rivest Cipher", or alternatively, "Ron's Code“.
 Block Size - 32, 64 or 128 bits (64 suggested)
 Key sizes 0 to 2040 bits (128 suggested)
 Structure Feistel-like network
 Rounds 1-255 (12 suggested originally)
Block Diagram

K ⊕ - XOR OPERATION
⊞ - ADDITION MOD
<<< - Left Shift

K
Blowfish Algorithm
 Blowfish is a symmetric-key block cipher, designed in 1993 by Bruce
Schneier and included in a large number of cipher suites and encryption
products.
 Blowfish provides a good encryption rate in software and no effective
cryptanalysis.
 Schneier designed Blowfish as a general-purpose algorithm, intended as an
alternative to the aging DES
 Free of the problems and constraints associated with other algorithms.
Key sizes - 32–448 bits
Block sizes - 64 bits
Structure - Feistel network
Rounds - 16
Block Diagram
Blowfish Algorithm
Every round r consists of 4 actions:
Action 1 XOR the left half (L) of the data with the r th P-array entry
Action 2 Use the XORed data as input for Blowfish's F-function
Action 3 XOR the F-function's output with the right half (R) of the data
Action 4 Swap L and R

 The F-function splits the 32-bit input into four eight-bit quarters, and uses
the quarters as input to the S-boxes.
 Decryption is exactly the same as encryption, except that P1, P2, …, P18
are used in the reverse order.
ASYMMETRIC CIPHERS

Public key cryptography:

Principles of public key cryptosystems-The
RSA algorithm-Key management - Diffie
Hellman Key exchange Elliptic curve
arithmetic-Elliptic curve cryptography.
Principles of Public key Cryptosystems
 Asymmetric Key – one key for Encryption and another one key
decryption.
 Characteristics
 Decryption key given only the knowledge of Cryptographic algorithm.
 Encryption also
 Public Key Encryption has Six Ingredients
 Plaintext
 Encryption Algorithm
 Private Key and Public key
 Decryption Algorithm
 Ciphertext
Principles of Public key Cryptosystems
 STEPS TO BE FOLLOWED
 User Generates pair of keys for both encryption and decryption.
 One key used public key another one used as private.
 Bob wishes to send a message to Alice. Bob encrypts message using
public key.
 Alice receive a message and decrypt the message using Private key.
 Two Keys in Public key cryptography
 Public Key – Known by Every one
 Private Key – Known only by him
Principles of Public key Cryptosystems
 Essential Elements in Public Key Cryptography
Principles of Public key Cryptosystems
 Essential Elements in Public Key Cryptography
Plaintext – X=[X1,X2,…….,Xn]
Public Key = PUb
Private Key = PRb
Ciphertext = [Y1,Y2,Y3…..,Yn]
Y = E(PUb, X)
X = D(PRb,Y)
Principles of Public key Cryptosystems


Y = E(PRa,X)
X= D(PUa,Y)
Principles of Public key Cryptosystems


Z = E(Pub,E(PRa,X))
X= D(PUa,D(PRb,Z))
Application Public Key Cryptosystems
 Encryption/decryption: The sender encrypts a message with the recipient’s public key.
 Digital signature: The sender “signs” a message with its private key.
 Key exchange: Two sides cooperate to exchange a session key.

one-way function
A one-way function is one that maps a domain into a range such that every function value has a
unique inverse, with the condition that the calculation of the function is easy, whereas the
calculation of the inverse is infeasible:
Y = f(X) easy
X = f-1(Y) infeasible
trap-door one-way function
Easy to calculate in one direction and infeasible to calculate in the other direction unless certain
additional information is known.
Y = fk(X) easy, if k and X are known
X = fk-1(Y) easy, if k and Y are known
X = fk-1(Y) infeasible, if Y is known but k is not known
The RSA Algorithm
 RSA Stands for Rivest-Shamir-Adleman
 The mostly used, accepted and implemented general purpose public key
encryption.
 Plaintext and Ciphertext are integers between 0 and n - 1 for some n.
 Both sender and receiver must know the value of n.
 The sender knows the value of e.
 The receiver knows the value of d.
 Public-key encryption algorithm with a public key of PU = {e, n} and a
private key of PR = {d, n}.
RSA ALGORITHM
Key Generation
Select p, q p and q both prime, p ≠ q
Calculate n = p * q
Calcuate ɸ(n) = (p - 1)(q - 1)
Select integer e gcd (ɸ(n), e) = 1; 1 < e < ɸ(n)
Calculate d d ≡ e-1 (mod ɸ(n))
Public key PU = {e, n}
Private key PR = {d, n}
Encryption using Public Key
Plaintext: M < n
Ciphertext: C = Me mod n

Decryption using Private Key

Ciphertext: C
Plaintext: M = Cd mod n
The RSA Algorithm
 The public key encryption has following requirements.
1. It is possible to find values of e, d, and n such that Med mod n = M for all M < n.
2. It is relatively easy to calculate Me mod n and Cd mod n for all values of M < n.
3. It is infeasible to determine d given e and n.
The RSA Algorithm Example
 Select two prime numbers, p = 17 and q = 11.
 Calculate n = pq = 17 * 11 = 187
 Calculate ɸ(n) = (p - 1)(q - 1) = 16 * 10 = 160.
 Select e such that e is relatively prime to ɸ(n) = 160 and less than ɸ(n); we
choose e = 7.
 Determine d such that de K 1 (mod 160) and d 6 160. The correct value is
d = 23, because 23 * 7 = 161 = (1 * 160) + 1;
 The resulting keys are public key PU = {7, 187} and private key PR = {23,
187}.
Encryption
 Plaintext input of M = 88
 For encryption, we need to calculate C = 887 mod 187.
 887 mod 187 = [(884 mod 187) * (882 mod 187) * (881 mod 187)]
mod 187
881 mod 187 = 88
882 mod 187 = 7744 mod 187 = 77
884 mod 187 = 59,969,536 mod 187 = 132
887 mod 187 = (88 * 77 * 132) mod 187 = 894,432 mod 187 = 11
Decryption
 For decryption, we calculate M = 1123 mod 187:
1123 mod 187 = [(111 mod 187) * (112 mod 187) * (114 mod 187)
* (118 mod 187) * (118 mod 187)] mod 187
111 mod 187 = 11
112 mod 187 = 121
114 mod 187 = 14,641 mod 187 = 55
118 mod 187 = 214,358,881 mod 187 = 33
1123 mod 187 = (11 * 121 * 55 * 33 * 33) mod 187
= 79,720,245 mod 187 = 88
The Security of RSA
 Five possible approaches to attacking the RSA algorithm are
 Brute force
 Mathematical attacks
Timing attacks
 Hardware fault-based attack
 Chosen ciphertext attacks
 Key Management
What is Key Management?
 Key management is the management of cryptographic keys in a cryptosystem.
This includes dealing with the generation, exchange, storage, use, and replacement of
keys.
 Distribution of Public Keys
 Public announcement
 Publicly available directory
 Public-key authority
 Public-key certificates
Diffie-Hellman key exchange
 The purpose of the algorithm is to enable two users to securely exchange a key.
 Algorithm
1. Select a prime number q .
2. Choose integer α that is a primitive root of q.
Suppose the users A and B wish to create a shared key
3. User A selects a random integer XA < q Where XA is Private key
4. Computes YA = αXA mod q Where YA is Public key
5. User A selects a random integer XA < q Where XA is Private key
6. Computes YA = αXA mod q Where YA is Public key
7. User B independently selects a random integer XB < q is Private key
8. Computes YB = αXB mod q
9. Sender K=(YB) XA mod q
10. Receiver K= (YA) XB mod q
 ALICE BOB

Alice and Bob share a prime Alice and Bob share a prime
number q and an integer α, number q and an integer α,
such that α < q and α is a such that α < q and α is a
primitive root of q primitive root of q

Alice generates a private Bob generates a private

key XA such that XA < q key XB such that XB < q

Alice calculates a public Bob calculates a public

key YA = αXA mod q YA key YB = αXB mod q

Alice receives Bob’s YB Bob receives Alice’s

public key YB in plaintext public key YA in plaintext

Alice calculates shared Bob calculates shared

secret key K = (YB)XA mod q secret key K = (YA)XB mod q
Diffie-Hellman key exchange
Algorithm
 Choose integer α that is a primitive root of q.
 primitive root of a prime number p is one whose powers modulo p
 Generate all the integers from 1 to p - 1.
That is
a mod p, a2 mod p, .......... ap-1 mod p
integers from 1 through p - 1
Diffie-Hellman key exchange Example
q=11
α = Primitive root of 11
α1 mod 11
α2 mod 11
. { 1,2,3,….10 }
.
α10 mod 11
Diffie-Hellman key exchange Example
Power / 1 2 3 4 5 6 7 8 9 10
number
1 1 1 1 1 1 1 1 1 1 1

2 2 4 8 5 10 9 7 3 6 1

10
Diffie-Hellman key exchange Example
α=2
Sender
choose XA = 8 private key
Compute YA = αXA mod q public key
YA = 28 mod 11
YA = 3
Receiver
XB = 4
YB = 24 mod 11
YB = 5
Diffie-Hellman key exchange Example

User A XA = 8
YA = 3
User B XB = 4
YB = 5

Sender Receiver
K=(YB) XA mod q K= (YA) XB mod q
K=(5) 8 mod 11 K=(3) 4 mod 11
K= 4 K= 4
Successfully Exchanged
Man in the middle attack
Diffie-Hellman key exchange Practices
Users Alice and Bob use the Diffie-Hellman key exchange technique with a
common prime q = 83 and a primitive root α = 5.
i) If Alice has a private key XA = 6, what is Alice's public key YA ? (6)
ii) If Bob has a private key XB = 10, what is Bob's public key YB ? (6)
Elliptic Curve Cryptography(ECC)
 Abelian Groups
An abelian group G, sometimes denoted by {G, . }, is a set of elements with a
binary operation, denoted by . .
 If a group is said to be abelian group the following axioms are obeyed.
If a and b belong to G, then a . b is also in
(A1) Closure: G.
(A2) Associative: a . (b . c) = (a . b) . c for all a, b, c in G.
(A3) Identity There is an element e in G such that a . e
element: = e . a = a for all a in G.
(A4) Inverse element: For each a in G there is an element a′ in G
(A5) Commutative: such that a . a′ = a′ . a = e.
a . b = b . a for all a, b in G.
Elliptic Curve Cryptography(ECC)
 Abelian Groups
An abelian group G, sometimes denoted by {G, . }, is a set of elements with a
binary operation, denoted by . .
 If a group is said to be abelian group the following axioms are obeyed.
If a and b belong to G, then a . b is also in
(A1) Closure: G.
(A2) Associative: a . (b . c) = (a . b) . c for all a, b, c in G.
(A3) Identity There is an element e in G such that a . e
element: = e . a = a for all a in G.
(A4) Inverse element: For each a in G there is an element a′ in G
(A5) Commutative: such that a . a′ = a′ . a = e.
a . b = b . a for all a, b in G.
Elliptic Curve Cryptography(ECC)
Elliptic Curve
An elliptic curve is defined by an equation in two variables with coefficients.
For cryptography, the variables and coefficients are restricted to elements in a
finite field, which results in the definition of a finite abelian group.
 Elliptic Curves over Real Numbers
 Elliptic curves are not ellipses.
 Cubic equations, similar to those used for calculating the circumference of an
ellipse.
Y2 = X3 + ax + b
Y = √X3 + ax + b
Elliptic Curve Examples
2 3
(a y   x   x
)
4

4   (P   )
(P ) Q
   
Q
2

2
Q
Q

0
P
P 0

  2
  2
(P )
 
Q

4   4 (P )
   
Q

  2   1 0 1 2 3 4 5
2 1 0 1 2 3 4 5
   
2 3
(b y   x   x  
) 1
Elliptic Curves over Zp
 Elliptic curve cryptography makes use of elliptic curves in which the variables
and coefficients are all restricted to elements of a finite field.
Two families
 prime curves over Zp
 binary curves over GF(2m )
 Prime curve over Zp
 The variables and coefficients all take on values in the set of integers from 0
through p - 1 and in which calculations are performed modulo p.
 Binary Curve over GF(2m )
 Binary curve defined over GF(2m), the variables and coefficients all take on
values in GF(2m) and in calculations are performed over GF(2m).
 For elliptic curves over Zp, as with real numbers,
Y2 mod p= (X3 + ax + b) mod p
Elliptic Curves over GF(2 ) m
 Finite field GF(2m) consists of 2m elements, together with addition and
multiplication operations that can be defined over polynomials.\
Y2 + xy = X3 + ax + b

Elliptic Curve Encryption/Decryption

Global Public Elements
Eq(a, b) elliptic curve with parameters a, b, and q, where q is a prime or an integer of the form 2m
G point on elliptic curve whose order is large value n
User A Key Generation
Select private nA nA < n
Calculate public PA PA = nA * G
User B Key Generation
Select private nB nB 6 n
Calculate public PB PB = nB * G
Calculation of Secret Key by User A
K = nA * PB
Calculation of Secret Key by User B
K = nB * PA