أستاذ المادة
م .د .اخالص عباس البحراني
1
�Decrypting DES
same function to encrypt or decrypt a block.
The only difference is that the keys must be used in the reverse order.
That is, if the encryption keys for each round are K1, K2, K3, . . . , K16,
then the decryption keys are K16, K15, K14, . . . , K1,.
The algorithm that generates the key used for each round is circular as
well.
The key shift is a right shift and the number of positions shifted is 0, 1,
2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1.
2
�3
� Block vs. Stream Ciphers
Block cipher Stream cipher
process messages in into blocks, each of which is then process messages a bit or byte at a time when
en/decrypted en/decrypting
Error propagation Low error propagation
Slowness Speed of transformation
High Diffusion Low diffusion
Immunity to insertions Susceptibility to attacks on integrity
4
� Public-Key Cryptography
public-key/two-key/asymmetric cryptography involves the use of two keys:
a public-key, which may be known by anybody, and can be used to encrypt messages, and
verify signatures
a private-key, known only to the recipient, used to decrypt messages, and sign (create)
signatures
is asymmetric because those who encrypt messages or verify signatures cannot
decrypt messages or create signatures
5
�Public-Key Characteristics: -
it is computationally infeasible to find decryption key knowing only algorithm &
encryption key
it is computationally easy to en/decrypt messages when the relevant (en/decrypt) key is
known
either of the two related keys can be used for encryption, with the other used for
decryption (for some algorithms)
Public-Key Applications: -
can classify uses into 3 categories:
encryption/decryption (provide secrecy)
digital signatures (provide authentication)
key exchange (of session keys)
some algorithms are suitable for all uses, others are specific to one
Security of Public Key Schemes: -
like private key schemes brute force exhaustive search attack is always theoretically
possible
but keys used are too large (>512bits)
6
� Diffie-Hellman
first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key
concepts.
Based on the difficulty of computing discrete logarithms of large numbers.
7
� Where g is a primitive root of p.
Let p be a prime. Then g is a primitive root for p if the powers of g,
2
1, g,
g, 3
g, ... include all of the residue classes mod p (except 0)
Examples:
If p=7, then 3 is a primitive root for p because the powers of 3 are
1, 3, 2, 6, 4, 5---that is, every number mod 7 occurs except 0.
But 2 isn't a primitive root because the powers of 2 are
1, 2, 4, 1, 2, 4, 1, 2, 4...missing several values.
Example:
If p=13, then 2 is a primitive root because the powers of 2 are
1, 2, 4, 8, 3, 6, 12, 11, 9, 5, 10, 7---which is all of the classes mod 13 except 0.
There are other primitive roots for 13 (?).
8
�Diffie-Hellman
Eve
A g mod p
x
B g y
mod p
ALICE
BOB
A B
k B mod p x
k ' A mod p
y
k' k g xy
mod p 9
� Example : -
Alice and Bob agree on p = 23 and g = 5.(show that 5 is primitive root of
23)
Alice chooses a= 6 and sends 5 6 mod 23 = 8.
Bob chooses b = 15 and sends 515 mod 23 = 19.
Alice computes 19 6 mod 23 = 2.
Bob computes 815 mod 23 = 2. Then 2 is the shared secret.
Clearly, much larger values of a, b, and p are required.
10
�Rivest, Shamir and Adleman (RSA)
RSA stands for Rivest, Shamir, and Adleman, they are the inventors of the RSA cryptosystem.
RSA is one of the algorithms used in PKI (Public Key Infrastructure), asymmetric key encryption
scheme. RSA is a block chiper, it encrypt message in blocks (block by block). The common size
for the key length now is 1024 bits for P and Q, therefore N is 2048 bits, if the implementation
(the library) of RSA is fast enough, we can double the key size.
Key Generation Algorithm
Generate two large random primes, p and q, of approximately equal size such that their product
n = pq is of the required bit length, e.g. 1024 bits.
Compute n = pq and (φ) phi = (p-1)(q-1).
Choose an integer e, 1 < e < phi, such that gcd(e, phi) = 1.
Compute the secret exponent d, 1 < d < phi, such that ed ≡ 1 (mod phi).
The public key is (n, e) and the private key is (n, d). Keep all the values d, p, q and phi secret.
n is known as the modulus.
e is known as the public exponent or encryption exponent or just the exponent.
d is known as the secret exponent or decryption exponent.`
11
� In encryption, represents the plaintext message as a positive integer m and
𝒆
computes the ciphertext 𝑪 = 𝒎 mod n.
𝒅
In decryption compute 𝒎 = 𝒄 mod n
Example : let p=17 & q=11 then
Compute n = pq =17×11=187.
Compute ø(n) or (φ) phi =(p–1)(q-1)=16×10=160.
choose e=7 (1 < e < 160) where gcd(7,160)=1.
d=23 where 1 < d < 160 and ed ≡ 1 (mod 160).(multiplication inverse).
The public key is (187, 7) and the private key is (187, 23).
given message M = 88 (88<187)
𝒆
encryption: 𝑪 = 𝒎 mod n: 𝑪 = 𝟖𝟖 mod 187 = 11 .
𝟕
𝟐𝟑
Decryption: 𝒎 = 𝒄 mod n: 𝒎
𝒅
= 𝟏𝟏 mod 187=88.
12
� Ex/ p=3,q=11,e=7,m=2 encrypt and decrypt using RSA Algorithm?
Choose p = 3 and q = 11
Compute n = p * q = 3 * 11 = 33
Compute φ(n) = (p - 1) * (q - 1) = 2 * 10 = 20
Let e = 7
Compute d = 3 [(3 * 7) mod 20 = 1]
Public key is (e, n) => (7, 33)
Private key is (d, n) => (3, 33)
The encryption of m = 2 is c = 27
mod 33 = 29
3
The decryption of c = 29 is m = 29 mod 33 = 2
13
