Scribd
Upload
17 views20 pages

Chapter6-Intro To Public Key-Part1

Uploaded by

Abdo Almass
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
17 views20 pages

Chapter6-Intro To Public Key-Part1

Uploaded by

Abdo Almass
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 20

Chapter 6 – Introduction to

Public-Key Cryptography

Dr. Safi Ibrahim


Content of this Chapter

• Symmetric Cryptography Revisited


• Principles of Asymmetric Cryptography
• Practical Aspects of Public-Key Cryptography
• Important Public-Key Algorithms
• Essential Number Theory for Public-Key Algorithms

2/29
Content of this Chapter

• Symmetric Cryptography Revisited


• Principles of Asymmetric Cryptography
• Practical Aspects of Public-Key Cryptography
• Important Public-Key Algorithms
• Essential Number Theory for Public-Key Algorithms

3/29
 Symmetric Cryptography revisited

Alice Bob

x eK(x) dK(y) x
y

K K

Two properties of symmetric (secret-key) crypto-systems:


• The same secret key K is used for encryption and decryption
• Encryption and Decryption are very similar (or even identical) functions

4/29
 Symmetric Cryptography: Analogy

K K

Safe with a strong lock, only Alice and Bob have a copy of the key
• Alice encrypts  locks message in the safe with her key
• Bob decrypts  uses his copy of the key to open the safe

5/29
 Symmetric Cryptography: Shortcomings
• Symmetric algorithms, e.g., AES or 3DES, are very secure, fast & widespread but:

• Key distribution problem: The secret key must be transported securely


• Number of keys: In a network, each pair of users requires an individual key

 n users in the network require keys, each user stores (n-1) keys

Example:
6 users (nodes)

65
 15 keys (edges)
2

• Alice or Bob can cheat each other, because they have identical keys.
Example: Alice can claim that she never ordered a TV on-line from Bob (he could
have fabricated her order). To prevent this: „non-repudiation“
6/29
Content of this Chapter

• Symmetric Cryptography Revisited


• Principles of Asymmetric Cryptography
• Practical Aspects of Public-Key Cryptography
• Important Public-Key Algorithms
• Essential Number Theory for Public-Key Algorithms

7/29
 Idea behind Asymmetric Cryptography

New Idea:

Use the „good old mailbox“ principle:

Everyone can drop a letter

But: Only the owner has the


correct key to open the box

1976: first publication of such an algorithm by Whitfield Diffie and Martin Hellman,and
also by Ralph Merkle.

8/29
 Asymmetric (Public-Key) Cryptography

Principle: “Split up” the key

Public Key (Kpub) Secret Key (Kpr)


(Encrypt) (Decrypt)

 During the key generation, a key pair Kpub and Kpr is computed

9/29
 Asymmetric Cryptography: Analogy

Safe with public lock and private lock:

(Kpub) (Kpr)

• Alice deposits (encrypts) a message with the - not secret - public key Kpub
• Only Bob has the - secret - private key Kpr to retrieve (decrypt) the message

10/29
Content of this Chapter

• Symmetric Cryptography Revisited


• Principles of Asymmetric Cryptography
• Practical Aspects of Public-Key Cryptography
• Important Public-Key Algorithms
• Essential Number Theory for Public-Key Algorithms

11/29
 Basic Protocol for Public-Key Encryption

Alice Bob

KpubB (KpubB,KprB) = K

x
y=eKpubB(x) y

x=dKprB(y)

 Key Distribution Problem solved *

*) at least for now; public keys need to be authenticated, cf.Chptr. 13 of Understanding Cryptogr.
12/29
 Security Mechanisms of Public-Key Cryptography

Here are main mechanisms that can be realized with asymmetric cryptography:

• Key Distribution (e.g., Diffie-Hellman key exchange, RSA) without a pre-


shared secret (key)

• Nonrepudiation and Digital Signatures (e.g., RSA, DSA or ECDSA) to


provide message integrity

• Identification, using challenge-response protocols with digital signatures

• Encryption (e.g., RSA / Elgamal)


Disadvantage: Computationally very intensive
(1000 times slower than symmetric Algorithms!)

13/29
 Basic Key Transport Protocol 1/2

In practice: Hybrid systems, incorporating asymmetric and symmetric algorithms

1. Key exchange (for symmetric schemes) and digital signatures are performed
with (slow) asymmetric algorithms

2. Encryption of data is done using (fast) symmetric ciphers, e.g., block ciphers
or stream ciphers

14/29
 Basic Key Transport Protocol 2/2
Example: Hybrid protocol with AES as the symmetric cipher

Alice Bob
(KpubB,KprB) = K
KpubB

Choose random
symmetric key K Key Exchange
(asymmetric)

y1 = eK (K)
pubB
y1
K = dK (y1)
prB

message x Data Encryption

y2 (symmetric)
y2 = AESK (x) x = AES-1K (y2)
15/29
Content of this Chapter

• Symmetric Cryptography Revisited


• Principles of Asymmetric Cryptography
• Practical Aspects of Public-Key Cryptography
• Important Public-Key Algorithms
• Essential Number Theory for Public-Key Algorithms

16/29
 How to build Public-Key Algorithms
Asymmetric schemes are based on a „one-way function“ f():
• Computing y = f(x) is computationally easy
• Computing x = f-1(y) is computationally infeasible

One way functions are based on mathematically hard problems.


Three main families:
• Factoring integers (RSA, ...):
Given a composite integer n, find its prime factors
(Multiply two primes: easy)

• Discrete Logarithm (Diffie-Hellman, Elgamal, DSA, …):


Given a, y and m, find x such that ax = y mod m
(Exponentiation ax : easy)

• Elliptic Curves (EC) (ECDH, ECDSA): Generalization of discrete logarithm

Note: The problems are considered mathematically hard, but no proof exists (so far).

17/29
 Key Lengths and Security Levels

Symmetric ECC RSA, DL Remark

64 Bit 128 Bit  700 Bit Only short term security


(a few hours or days)
80 Bit 160 Bit  1024 Bit Medium security
(except attacks from big
governmental institutions etc.)
128 Bit 256 Bit  3072 Bit Long term security
(without quantum computers)

• The exact complexity of RSA (factoring) and DL (Index-Calculus) is difficult to


estimate
• The existence of quantum computers would probably be the end for ECC, RSA & DL
(at least 2-3 decades away, and some people doubt that QC will ever exist)
18/29
Content of this Chapter

• Symmetric Cryptography Revisited


• Principles of Asymmetric Cryptography
• Practical Aspects of Public-Key Cryptography
• Important Public-Key Algorithms
• Essential Number Theory for Public-Key Algorithms

19/29
 Lessons Learned

• Public-key algorithms have capabilities that symmetric ciphers don’t have,


in particular digital signature and key establishment functions.

• Public-key algorithms are computationally intensive (a nice way of saying


that they are slow), and hence are poorly suited for bulk data encryption.

• Only three families of public-key schemes are widely used. This is


considerably fewer than in the case of symmetric algorithms.

20/29

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy