Chapter3

Public-Key Cryptography and Message Authentication

OUTLINE
Approaches to Message Authentication Secure Hash Functions and HMAC Public-Key Cryptography Principles Public-Key Cryptography Algorithms Digital Signatures Key Management
2

Authentication
Requirements - must be able to verify that: 1. Message came from apparent source or author, 2. Contents have not been altered, 3. Sometimes, it was sent at a certain time or sequence. Protection against active attack (falsification of data and transactions)
3

Secure HASH Functions

Purpose of the HASH function is to produce a fingerprint. Properties of a HASH function H :

1. 2. 3. 4.

H can be applied to a block of data at any size H produces a fixed length output H(x) is easy to compute for any given x. For any given block x, it is computationally infeasible to find x such that H(x) = h 5. For any given block x, it is computationally infeasible to find y x with H(y) = H(x). 6. It is computationally infeasible to find any pair (x, y) such that H(x) = H(y)
4

Public-Key Cryptography Principles

The use of two keys has consequences in: key distribution, confidentiality and authentication. The scheme has six ingredients (see Figure 3.7)
Plaintext Encryption algorithm Public and private key Ciphertext Decryption algorithm
5

Encryption using Public-Key system

Authentication using PublicKey System

Applications for Public-Key Cryptosystems

Three categories: Encryption/decryption: The sender encrypts a message with the recipients public key. Digital signature: The sender signs a message with its private key. Key echange: Two sides cooperate two exhange a session key.
8

Public-Key Cryptography
public-key/two-key/asymmetric cryptography involves the use of two keys:
a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures those who encrypt messages or verify signatures cannot decrypt messages or create signatures

is asymmetric because

Requirements for PublicKey Cryptography

1. Computationally easy for a party B to generate a pair (public key KUb, private key KRb) 2. Easy for sender to generate ciphertext: C EKUb (M ) 3. Easy for the receiver to decrypt ciphertect using private key: M DKRb (C ) DKRb [ EKUb ( M )]
10

Requirements for PublicKey Cryptography

4. Computationally infeasible to determine private key (KRb) knowing public key (KUb) 5. Computationally infeasible to recover message M, knowing KUb and ciphertext C 6. Either of the two keys can be used for encryption, with the other used for decryption:

M DKRb [ EKUb ( M )] DKUb [ EKRb ( M )]

11

Public-Key Cryptographic Algorithms

RSA and Diffie-Hellman RSA - Ron Rives, Adi Shamir and Len Adleman at MIT, in 1977.
Diffie-Hellman
RSA is a block cipher The most widely implemented

Echange a secret key securely Compute discrete logarithms

12

RSA
by Rivest, Shamir & Adleman of MIT in 1977 best known & widely used public-key scheme based on exponentiation in a finite (Galois) field over integers modulo a prime uses large integers (eg. 1024 bits) security due to cost of factoring large numbers
nb. factorization takes O(e log n log log n) operations (hard)

RSA ALGORITHM
1.
2.

Choose two large prime numbers P and Q

Calculate N = P x Q

3.
4.

Select the public key (i.e, Encryption Key) E such that it is not a factor of (P-1) and (Q-1)
Select the Private key (i.e, Dcryption Key) D such that the following eq is true: (D X E) mod (P-1) X (Q-1) = 1

RSA ALGORITHM
5. For encryption, Calculate the cipher text CT from the plain text PT as follows: CT = PT^E mod N 6. Send CT as the cipher text to the receiver
7. For Decryption, Calculate the plain Text PT from the cipher text CT as follows: PT = CT^D mod N

RSA Example
1. 2. 3. P = 7, Q=17 N = P x Q = 7 x 17 = 119 (P-1) x (Q-1) = 6 x 16 = 96 =2*2*2*2*2*3

We have to choose E such that none of the factors of E is 2 and 3. ( Cant choose E = 4, 15, 6 etc) Let us choose E = 5

4. (D x E) mod( (P-1) x (Q-1)) = 1 (D x 5) mod (6 x 16)= 1 (D x 5) mod 96 = 1 D = 77

5. Suppose PT =10 CT = 10^5 mod 119 = 40 6. PT = 40^77 mod 119 = 10

Question
In a public-key system using RSA, you intercept the ciphertext C = 10 sent to a user whose public key is e = 5, n = 35. What is the plaintext M?

Perform encryption and decryption using RSA algorithm, as in Figure 1, for the following:
p = 3; q = 11, e = 7; M = 5 p = 5; q = 11, e = 3; M = 9

Digital signatures
Text encrypted with ones private key can only be decrypted with his public key This also helps to ensure the authenticity that the text has been arrived from the appropriate user This encrypted message serves a purpose for digital signatures. But message being sent is safe from alteration but not safe for eaves dropping As any user who got the data can decrypt it with the public key of the user.
20