Академический Документы
Профессиональный Документы
Культура Документы
CRYPTOGRAPHY
EE6163: Telecommunications for Electronic Business
John Griffin
110327871
17th of December 2013
0 | Page
Table of Contents
Abstract................................................................................................................. 1
Introduction........................................................................................................... 1
What is cryptography?........................................................................................ 1
Definition......................................................................................................... 1
History............................................................................................................. 1
Cryptographic Goals........................................................................................ 2
Application of cryptography...................................................................................2
Email communication......................................................................................... 2
What is email encryption?.................................................................................. 3
The importance of encrypting email...................................................................3
The consequences of not encrypting email........................................................4
Protocol.................................................................................................................. 5
PGP overview...................................................................................................... 5
General functions............................................................................................... 5
How it works....................................................................................................... 6
Authentication via Digital signature...................................................................8
Advantages of PGP............................................................................................. 9
Disadvantages of PGP......................................................................................... 9
Algorithm............................................................................................................. 10
Overview....................................................................................................... 10
Difference between RSA and ElGamal...........................................................10
The advantages of ElGamal/Diffie Hellman over RSA:...................................11
The disadvantages of using ElGamel/Diffie Hellman over RSA:.....................11
How ElGamal works.......................................................................................... 11
Conclusion........................................................................................................... 14
References........................................................................................................... 15
1 | Page
Abstract
The following report examines the application of cryptography in everyday
use through an analysis of its use in email encryption. The report first
looks at the importance of email encryption and how cryptography is
applied to make email a secure form of communication .The report then
examines the technical aspects which make this possible. This is done
through an examination of the protocol and then finally a look at the key
algorithms which make this protocol possible.
Introduction
What is cryptography?
Definition
At the most basic level cryptography is defined as secret writing. However
modern cryptography in which is used in countless applications is best
defined as a function in which transfers plaintext into cipher text, while
also providing the function of decryption that transfers cipher text into
plaintext (Al-Hamdani, 2008).
History
The area of cryptography is often referred to as the science of writing
secret code, however its origins can be traced back thousands of years.
The first known use of cryptography is said to have been around 1900 B.C
when and Egyptian scribe used unknown hieroglyphs in and inscription
with the intention of passing information secretly. Cryptography after this
time however has been seen in many cases throughout history including
Ranging in application from battle plans to diplomatic efforts between
civilisations. The modern sense of cryptography however did not appear
until
the
advent
of
the
computer
and
the
mass
(Yang,
grown in its modern sense since 1976, when data encryption was selected
meet
specific
goals.
These
are
privacy,
data
integrity,
Application of cryptography
The following section examines email encryption as a widely used
application of cryptography.
Email communication
Over the last twenty years email as a form of communication for
businesses and individuals, has grown in both size and importance .The
growth of email usage as outlined by (The Radicati Group, 2013) notes
there are currently 3.1 billion email accounts in the world, however this is
expected to rise 4.3 billion by 2016.The enormous current and expected
email usage as a form of communication highlights its importance as a
form of communication. The mass communication through email however
poses a wider problem for those who use it. How is it possible to securely
communicate through such a medium? It is with this problem that
cryptography offers a solution in providing a means by which a user can
encrypt a message thus preventing a third part from viewing its content.
3 | Page
4 | Page
Protocol
The following section examines the protocol PGP (pretty good privacy)
which forms a structure in by which cryptography can be applied in order
to protect the exchange of information via email.
PGP overview
Pretty good privacy(PGP) or it latest version PGP is a public key system
that uses a hybrid structuring combining the best features of public key
cryptography in order to provide security in communication. Because of
this structure it is ideal for securing the medium of email communication.
PGP can use either RSA or Diffie-Hellman algorithms as its encryption and
decryption standard. (Hilal M, 2012)
General functions
6 | Page
PGP provides Data integrity and security by using the following core
technologies:
digital signatures
encryption
compression
conversion
How it works
The sender creates a message
Data compression.
When a user encrypts a plaintext the PGP protocol first compresses that
plaintext. The compression of the plaintext has several advantages for the
process. Data compression saves transmission time and disk space and
also help strengthen cryptographic security. The majority of cryptanalysis
techniques use patterns in plaintext to crack the cipher. Compression
helps reduce these patterns therefore greatly enhancing security against
cryptanalysis (Hilal M, 2012)
Encryption
7 | Page
During this stage the session key is encrypted using the public key of the
recipient. The session key is encrypted using each recipient's public key.
These encrypted session keys start the message.
8 | Page
private key.
9 | Page
Advantages of PGP
Flexibility-secure messages can be sent to multiple users at the same
time, and each of these users can decrypt the message using their own
private key. Added to this users can use their private keys to encrypt
personal files and documents.
Authentication-Users can sign clear messages with their PGP encrypted
signatures which other users can then then verify, providing a means by
which users can authenticate messages which increases trust.
10 | P a g e
Disadvantages of PGP
Software-The software is not built into email therefore users need the
necessary software and key in order to use the protocol.
Cost-The purchase and installation of the protocol can be financially high,
so the user must value their security highly in order to justify the protocol.
(group O. r., 2013)
Algorithm
The following section examines one of the key algorithms within the PGP
protocol. The algorithm examined is ElGamel. An outline of the algorithm is first
examined. A comparison with its main alternative is then carried out before
finally taking a look the working of the algorithm.
Overview
ElGamal is an extension of Diffie Hellmans shared secret generation. It
generates a shared secret and uses it as a one-time pad in order to
encrypt data.ElGamel can be used within the PGP protocol to both encrypt
and decrypt the message. For this reason it is necessary to examines it
algorithm.
11 | P a g e
The PGP protocol can also use RSA, for that reason alone ElGamel can be
seen as an alternative to RSA. The main difference between the two is as
follows. The security of the RSA algorithm revolves around the difficulty of
factoring large integers, however ElGamal depends on the difficulty of
computing discrete logs in large prime modulus.
12 | P a g e
When any user (say user B) possessing As public key (y,g,p) intends to
send a message M(0M<p) to user A user B proceeds as follows:-
13 | P a g e
User A receives the cipher-text (g^k mod p, M^k mod p). A proceeds to
decrypt the received cipher-text using its private key(x,g,p).
1) Choose (-x) mod (p) = (p)-x = p-1-x
2) Compute (g^k mod p) ^ (-x mod (p)) mod p = g^ -kx mod p.
3) Compute M= ((My^k mod p). (g^-kx mod p))Mod p.
Let p=11; g=2 Let x=5 Y=g^x mod p = 2^5 mod 11 = 32 mod 11=10
14 | P a g e
Encryption
Suppose a user B wants to send message M= 3 to A , then B will
encrypt M a follows and transmit C to A:- B will select an integer k such
that 0<k<(p).
Let k=7
C= (g^k mod p, My^k mod p)
= (2^7 mod 11, 3x 10^7 mod 11)
= (128 mod 11, (100x100x100x30) mod 11)
= (7,8)
.
Decryption
Knowing (x,g,p), user A will decrypt the cipher-text C as follows:Compute (-x) mod (p) = (-x) mod 10=10-x=10-5=5.
Compute (g^k)^-x mod p =(7)^5 mod 11 = (49x49x7)mod 11
Compute (M.y^k.g^-xk) mod p
= (8x 10) mod 11
=3
=M (Original Message) (Rashmi Singh, 2012)
Conclusion
The application of cryptography in securing email is only one of its many
essential applications in the modern world, however without it many
individuals and companies security and privacy would be under huge risk
with the result of major consequences. It is for this reason that the
development of the protocols and algorithms which ensure this security
has become an issue of utmost importance. This report simply outlines an
15 | P a g e
References
A.J Menezes P.C Van Oarschot, S. V. (1996). Handbook of Applied
Cryptography. London: CRC Press.
group, O. r. (2013). Why Should You Encrypt Email and what happens if
you don't? Symantic.
group, T. o. (2012). Why Securing Communications and content is a
critical best practive. The osterman research group.
Hilal M, Y. A.-B. (2012). PGP Protocols and it's applications. In D. Sen,
Cryptography and security in computing (pp. 182-202). Rijeka:
InTech.
Rashmi Singh, S. K. (2012). Elgamals Algorithm in Cryptography.
International Journal of Scientific & Engineering, 1-4.
Stallings, W. (2006). Digital Signatures. In W. Stallings, Cryptography and
Network security. London: Pearson Education.
The Radicati Group, I. (2013). Email Statistics Report, 2011-2015 . Palo
Alto: The Radicati Group, Inc.
W Diffie, M. H. (1976). New Directions In cryptography. IEEE Transactions
on information theory.
Yang, H. R. (2011). Applied cryptography for cyber security and defense.
New York: Hershey.
16 | P a g e
17 | P a g e