11/7/2015 2:01:37 AM AIIS OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 11/7/2015 2:01:37 AM AIIS.
Download ReportTranscript 11/7/2015 2:01:37 AM AIIS OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 11/7/2015 2:01:37 AM AIIS.
11/7/2015 2:01:37 AM AIIS 1 OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 11/7/2015 2:01:37 AM AIIS 2 AN OVERVIEW OF CRYPTOGRAPHY: Cryptography is derived from the Greek words: Kryptos, “hidden”, and Graphein, ”to write ” or “hidden writing”. The word cryptography means “secret writing”. However, the term today refers to the science and of transforming messages to make them secure and immune to attacks. The original message before being transformed is called plaintext. After the message is transformed, it is called cipher text. An encryption algorithm transforms the plaintext to cipher; a decryption algorithm transforms the cipher text back to plaintext. The sender uses an encryption algorithm, and the receiver uses a decryption algorithm. 11/7/2015 2:01:37 AM AIIS 3 Goals in Cryptography Message Confidentiality Message integrity Sender authentication 11/7/2015 2:01:37 AM AIIS 4 SENDER RECEIVER Plaintext Encryption Ciphertext Network Ciphertext Decryption Cryptography Components 11/7/2015 2:01:37 AM AIIS 5 These encryption and decryption algorithms are called as ciphers (categories of algorithm). One cipher can serve millions of communicating pairs. A Key is value that the cipher, as an algorithm, operates on. To encrypt a message we need an encryption algorithm, an encryption key, and the plain text. These create the cipher text. To decrypt a message, we need a decryption algorithm, and the cipher text. So these reveal the original plaintext. 11/7/2015 2:01:37 AM AIIS 6 DECRYPTION KEY ENCRYPTION KEY ENCRYPTION ALGORITHM DECRYPTION ALGORITHM Plain text Plain text Ciphertext a. Encryption 11/7/2015 2:01:37 AM AIIS b. Decryption 7 Secret Key Cryptography • Single key used to encrypt and decrypt. • Key must be known by both parties. • Assuming we live in a hostile environment (otherwise why the need for cryptography?), it may be hard to share a secret key. 11/7/2015 2:01:37 AM AIIS 8 In Cryptography, the encryption/decryption algorithms are public; anyone can access them. The keys are secret. So they need to be protected. Cryptography algorithms can be divided into two groups. Symmetric-key cryptography (or secret key) algorithm Public-key cryptography (or asymmetric key) algorithm 11/7/2015 2:01:37 AM AIIS 9 Symmetric-key cryptography If the sender and recipient must have the same key in order to encode or decode the protected information , then the cipher is a symmetric key cipher since everyone uses the same key for the same message . The main problem is that the secret key must somehow be given to both the sender and recipient privately. For this reason, symmetric key (or secret key ) ciphers. 11/7/2015 2:01:37 AM AIIS 10 11/7/2015 2:01:37 AM AIIS 11 Public Key Cryptography (a.k.a. asymmetric cryptography) • If the sender and recipient have different keys • respective to the communication roles they play, then the cipher is an asymmetric key cipher as different keys exist for encoding and decoding the same message. Each entity has 2 keys: › private key (a secret) › public key (well known). 11/7/2015 2:01:37 AM AIIS 12 Using Keys • Private keys are used for decrypting. • Public keys are used for encrypting. encryption plaintext ciphertext public key decryption ciphertext plaintext private key 11/7/2015 2:01:37 AM AIIS 13 Digital Signature • Public key cryptography is also used to provide digital signatures. signing plaintext signed message private key signed message 11/7/2015 2:01:37 AM AIIS verification plaintext public key 14 Revised Scheme Alice Bob Sign with Aprivate encrypt using Bpublic 11/7/2015 2:01:37 AM AIIS check signature using Apublic decrypt using Bprivate 15 THANK YOU 11/7/2015 2:01:37 AM AIIS 16 RSA Algorithm In cryptography, RSA (which stands for Rivest, Shamir and Adleman who first publicly described it) is an algorithm for public-key cryptography.[1] It is the first algorithm known to be suitable for signing as well as encryption, and was one of the first great advances in public key cryptography. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date implementations. 11/7/2015 2:01:37 AM AIIS 17 Operation The RSA algorithm involves three steps: key generation, encryption and decryption. Key generation RSA involves a public key and a private key. The public key can be known to everyone and is used for encrypting messages. Messages encrypted with the public key can only be decrypted using the private key. The keys for the RSA algorithm are generated the following way: 1. Choose two distinct prime numbers p and q. For security purposes, the integers p and q should be chosen uniformly at random and should be of similar bit-length. Prime integers can be efficiently found using a primality test. 2. Compute n = pq. n is used as the modulus for both the public and private key 3. Compute φ(pq) = (p − 1)(q − 1). (φ is Euler's totient function). 4. Choose an integer e such that 1 < e < φ(pq), and e and φ(pq) share no divisors other than 1 (i.e., e and φ(pq) are coprime). 11/7/2015 2:01:37 AM AIIS 18 e is released as the public key exponent. e having a short bit-length and small Hamming weight results in more efficient encryption. However, small values of e (such as e = 3) have been shown to be less secure in some settings. 5. Determine d (using modular arithmetic) which satisfies the congruence relation . Stated differently, ed − 1 can be evenly divided by the totient (p − 1)(q − 1). This is often computed using the extended Euclidean algorithm. d is kept as the private key exponent. The public key consists of the modulus n and the public (or encryption) exponent e. The private key consists of the private (or decryption) exponent d which must be kept secret. Note:An alternative, used by PKCS#1, is to choose d matching e d ≡ 1 (mod λ) with λ = lcm(p-1,q-1), where lcm is the least common multiple. Using λ instead of φ(n) allows more choices for d. λ can also be defined using the Carmichael function λ(n). 11/7/2015 2:01:37 AM AIIS 19 An alternative, used by PKCS#1, is to choose d matching e d ≡ 1 (mod λ) with λ = lcm(p-1,q-1), where lcm is the least common multiple. Using λ instead of φ(n) allows more choices for d. λ can also be defined using the Carmichael function λ(n). For efficiency the following values may be precomputed and stored as part of the private key: p and q: the primes from the key generation, and Encryption Alice transmits her public key (n,e) to Bob and keeps the private key secret. Bob then wishes to send message M to Alice. He first turns M into an integer 0 < m < n by using an agreed-upon reversible protocol known as a padding scheme. He then computes the ciphertext c corresponding to: 11/7/2015 2:01:37 AM AIIS 20 This can be done quickly using the method of exponentiation by squaring. Bob then transmits c to Alice. Decryption Alice can recover m from c by using her private key exponent d by the following computation: Given m, she can recover the original message M by reversing the padding scheme. 11/7/2015 2:01:37 AM AIIS 21 THANK YOU 11/7/2015 2:01:37 AM AIIS 22