Public Key Encryption
Docsity.com
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Guidelines and tips
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community
Ask the community for help and clear up your study doubts
University Rankings
Discover the best universities in your country according to Docsity users
Free resources
Our save-the-student-ebooks!
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
Public Key Encryption: Secure Communication without Sharing Keys, Slides of Cryptography and System Security
The concept of public key encryption (pke), where individuals can encrypt messages without sharing a secret key beforehand. It covers the first attempt at pke, the concept of asymmetric keys, and the security levels required for a secure pke system. The document also discusses issues with trap-door pke and the security of rsa and rabin algorithms.
Typology: Slides
2012/2013
1 / 12
This page cannot be seen from the preview
Don't miss anything!
Related documents
Partial preview of the text
Download Public Key Encryption: Secure Communication without Sharing Keys and more Slides Cryptography and System Security in PDF only on Docsity!
Public Key Encryption
2
Public Key Encryption
PROBLEM: Several individuals: Bob, Carla, David, ... wish to sent messages to Alice over insecure channel eavesdropped by Eve GOAL: Each individual encrypts their message without having to pre- establish secret key B A E C D
X
e b aY
4
Asymmetric Key
Each key K splits up into two parts:
P ( K ) - public key used for encryption with the function
T (K) - trapdoor or private key used for decryption with the function P ( K ) should be impossible to compute from T ( K ) at a minimum ( key security ). ePK dT K
5
RSA
K = ( p,q,e ) with p,q primes of equal bitlength, e is relatively prime to both p - 1 and q - 1
PK = P ( K ) = ( n , e ) with n = pq
TK = T ( K ) = ( n,d ) same n ,
P, C depend on K :
Encrypt by exponentiating:
Decrypt by extracting root (raise to the d ):
P = C = Z n
ePK ( x ) = x e mod n dT K ( y ) = y d mod n d = e − 1 mod !( n )
7
Trap-Door PKE Issues
Trap-door functions as defined are deterministic. Since is public information, Eve can compute as well and compare to eavesdropped messages: E.g. suppose message space is limited to {ATTACK, RETREAT}. Eve pre-computes on each message and checks to see which one was sent by Bob. CONCLUSION: Any secure PKE system must be randomized. ePK ePK
8
Security of RSA
Intuitive Security: No known method of extracting e ’th roots mod n without knowing CLAIM: For n = pq, computing is equivalent to factoring n. Key Security THM: If a BPP algorithm exists for finding a valid d from ( n,e ), then a BPP algorithm for factoring n = pq exists. Open Question: Can factoring be reduced to decrypting RSA? !( n ) !( n )
10
Rabin
K = ( p,q ) with p,q primes of equal bitlength
PK = pq = n = product of the primes
TK = K = primes factors of n
P, C depend on K :
Encrypt by squaring:
Decrypt by square-roots:
- Compute
- Patch back with CRT to get 4 roots ePK ( x ) = x 2 mod n dT K ( x ) = √ x mod n ± y p + 1 (^4) mod p , ± y q + 1 (^4) mod q
P = C = Z n
11
Rabin - Analysis
multivalued. FIX: Include uniquely identifying information in plaintext Decryption Security THM: If there is a BPP algorithm for decrypting Rabin, then there is a BPP algorithm for factoring such n. Negative THM: Key insecure under chosen ciphertext attack dT K ( x )