UNIT 2

Public Key Cryptography and RSA

Introduction to Public key Cryptography:

Public key cryptography also called as asymmetric cryptography.

 It was invented by whitfield Diffie and Martin Hellman in 1976.
Sometimes this cryptography also called as Diffie-Helman
Encryption.
 Public key algorithms are based on mathematical problems .

Public key Cryptosystem

 The concept of public key cryptography in invented for two most

difficult problemsof Symmetric key encryption.
 These two keys are named as “Public key” and “Private key”. The private
key is kept secret where as public key is distributed widely.
 A message or text data which is encrypted with the public key can be
decrypted onlywith the corresponding private-key
 This two key system very useful in the areas of confidentiality (secure)
andauthentication

A public-key encryption scheme has six

ingredients
1 Plaintext This is the readable message or data that is fed into the algorithm as input.
Encryption
2 The encryption algorithm performs various transformations on the plaintext.
Algorithm
3 Public key This is a pair of keys that have been selected so that if one is used for
encryption, the other is used for decryption. The exact transformations
4 Private key performed by the algorithm depend on the public or private key that is
provided as input
This is the scrambled message produced as output. It depends on the
5 Ciphertext plaintext and the key. For a given message, two different keys will
produce two different ciphertexts.
Decryption This algorithm accepts the ciphertext and the matching key and produces
6
algorithm the original plaintext.

The essential steps are the following.

1. Each user generates a pair of keys to be used for the encryption and
decryption of messages.
2. Each user places one of the two keys in a public register or other accessible
file. This is the public key.The companion key is kept private.As Figure 9.1a
suggests, each user maintains a collection of public keys obtained from
others.

Prepared by Veena N D, Asst. Professor, Dept of CSE, SSIT Page 1

 Public key cryptography for providing confidentiality (secrecy)

3. If Bob wishes to send a confidential message to Alice, Bob encrypts the message
using Alice’s public key.
4. When Alice receives the message, she decrypts it using her private key. No
other recipient can decrypt the message because only Alice knows Alice’s
private key.

There is some source A that produces a message in plaintext X = [X1, X2, . . . ,XM].

The M elements of X are letters in some finite alphabet. The message is intended for destination B. B
generates a related pair of keys: a public key, PUb, and a private key, PRb. PRb is known only to B, whereas
PUb is publicly available and therefore accessible by A.

Prepared by Veena N D, Asst. Professor, Dept of CSE, SSIT Page 2

 With the message X and the encryption key PUb as input, A forms the ciphertext Y =
[Y1, Y2,. . . , YN]:

The intended receiver, in possession of the matching private key, is able to invert the transformation:

Public key cryptography for proving Authentication:

Prepared by Veena N D, Asst. Professor, Dept of CSE, SSIT Page 3

 The above diagrams show the use of public-key encryption to provide authentication:

 In this case,A prepares a message to B and encrypts it using A’s private key
before transmitting it. B can decrypt the message using A’s public key.
Because the message was encrypted using A’s private key, only A could have
prepared the message. Therefore, the entire encrypted message serves as a
digital signature.

 It is impossible to alter the message without access to A’s private key, so the message
is authenticated both in terms of source and in terms of data integrity.

Public key cryptography for both authentication and confidentiality (Secrecy)

It is, however, possible to provide both the authentication function and

confidentiality by adouble use of the public-key scheme (above figure):

In this case, we begin as before by encrypting a message, using the sender’s private
key. This provides the digital signature. Next, we encrypt again, using the receiver’s
public key. The final ciphertext can be decrypted only by the intended receiver, who
alone has the matching private key. Thus, confidentiality is provided.

Applications for Public-Key Cryptosystems

Prepared by Veena N D, Asst. Professor, Dept of CSE, SSIT Page 4

 The use of public-key cryptosystems, Classified into three categories
• Encryption /decryption: The sender encrypts a message with the recipient’spublic key.
• Digital signature: The sender “signs” a message with its private key.
Signing is achieved by a cryptographic algorithm applied to the
message or to a small block of data that is a function of the message.
• Key exchange: Two sides cooperate to exchange a session key. Several different
approaches are possible, involving the private key(s) of one or both parties.

Applications for Public-Key Cryptosystems

Algorithm Encryption/Decryption Digital Signature Key Exchange
RSA Yes Yes Yes
Elliptic Curve Yes Yes Yes
Diffie-Hellman No No Yes
DSS No Yes No

RSA

 It is the most common public key algorithm.

 This RSA name is get from its inventors first letter (Rivest (R), Shamir
(S) andAdleman (A)) in the year 1977.
 The RSA scheme is a block cipher in which the plaintext & ciphertext are
integers between 0 and n-1 for some ‘n’.
 A typical size for ‘n’ is 1024 bits or 309 decimal digits. That is, n is less than 21024

Description of the Algorithm:

 RSA algorithm uses an expression with exponentials.
 In RSA plaintext is encrypted in blocks, with each block having a binary
value lessthan some number n. that is, the block size must be less than or
equal to log2(n)
 RSA uses two exponents ‘e’ and ‘d’ where epublic and dprivate.
 Encryption and decryption are of following form, for some PlainText ‘M’
andCipherText block ‘C’

M=Cd mod = (Me mod n) d mon n =(Me)d mod n= Med mod n

Prepared by Veena N D, Asst. Professor, Dept of CSE, SSIT Page 5
 Both sender and receiver must know the value of n. The sender knows the value of ‘e’ & only the
reviver knows the value of ‘d’ thus this is a public key encryption algorithm with a
Public key PU={e, n}
Private key PR={d, n}

Requirements:
The RSA algorithm to be satisfactory for public key encryption, the following
requirementsmust be met:
1. It is possible to find values of e, d n such that “ Med mod n =M ” for all M<n
2. It is relatively easy to calculate “ Me mod n “ and “ Cd mod n “for M<n
3. It is infeasible to determine “d” given ‘e’ & ‘n’. The “ Med mod n =M ” relationship
holds if ‘e’ & ‘d’ are multiplicative inverses modulo Ø(n).
Ø(n) Euler Totient function
For p,q primes where p*q and p≠q.
Ø(n)= Ø(pq)=(p-1)(q-1)

Then the relation between ‘e’ & ‘d’ can be expressed as “ “

this is equivalent to saying

That is ‘e’ and ‘d’ are multiplicative inverses mod Ø(n).

Note: according to the rules of modular arithmetic, this is true only if ‘d’ (and ‘e’) is
relatively prime to
Ø(n). Equivalently
gcd(Ø(n), d)=1.

Steps of RSA algorithm:

Step 1Select 2 prime
numbers p & qStep
2Calculate n=pq
Step 3Calculate Ø(n)=(p-1)(q-1)
Step 4 Select or find integer e (public key) which is relatively prime
to Ø(n). ie., e with gcd (Ø(n), e)=1 where 1<e< Ø(n).
Step 5 Calculate “d” (private key) by using following condition.
d< Ø(n).
Step 6 Perform encryption by using

Step 7 perform Decryption

by using

Prepared by Veena N D, Asst. Professor, Dept of CSE, SSIT Page 6

 Example:
1. Select two prime numbers, p = 17 and q = 11.
2. Calculate n = pq = 17 × 11 = 187.
3. Calculate Ø(n) = (p - 1)(q - 1) = 16 × 10 = 160.
4. Select e such that e is relatively prime to Ø(n) = 160 and less than Ø (n); we choose e = 7.
5. Determine d such that de ≡1 (mod 160) and d < 160.The correct value is d = 23,
because23 * 7 = 161 = (1 × 160) + 1; d can be calculated using the extended Euclid’s
algorithm

The resulting keys are public key PU = {7, 187} and private key PR = {23, 187}.
The example shows the use of these keys for a plaintext input of M= 88. For encryption,

we need to calculate C = 887 mod 187. Exploiting the properties of modular

arithmetic, wecan do this as follows.

Prepared by Veena N D, Asst. Professor, Dept of CSE, SSIT Page 7

 The Security of RSA
Four possible approaches to attacking the RSA algorithm are
• Brute force: This involves trying all possible private keys.
• Mathematical attacks: There are several approaches, all equivalent in effort to
factoringthe product of two primes.
• Timing attacks: These depend on the running time of the decryption algorithm.
• Chosen ciphertext attacks: This type of attack exploits properties of the RSA algorithm.

Diffie-Hellman Key Exchange:

 Diffie-Hellman key exchange is the first published public key algorithm

 This Diffie-Hellman key exchange protocol is also known as exponential key
agreement. And it is based on mathematical principles.
 The purpose of the algorithm is to enable two users to exchange a key
securely that can then be used for subsequent encryption of messages.
 This algorithm itself is limited to exchange of the keys.
 The discrete logarithms are defined in this algorithm in the way of define a
primitive root of a prime number.
 Primitive root: we define a primitive root of a prime number P as one
whose power generate all the integers form 1 to P-1 that is if ‘a’ is a
primitive root of the prime number P, then the numbers

Are distinct and consist of the integers form 1 through P-1 in some
permutation.
For any integer ‘b’ and ‘a’, here ‘a’ is a primitive root of prime number P, then
b≡ ai mod P 0 ≤ i ≤ (P-1)
The exponent i  is refer as discrete logarithm or index of b for the base a,
mod P. The value denoted as ind a,p(b)

Prepared by Veena N D, Asst. Professor, Dept of CSE, SSIT Page 8

 Algorithm for Diffie-Hellman Key Exchange:

Step 1 two public known numbers q, α

q Prime number
α primitive root of q and α< q.
Step 2  if A & B users wish to exchange a key
a) User A select a random integer XA<q and computes
b) User B independently select a random integer XB <q and computes
c) Each side keeps the X value private and Makes the Y value available
publicly tothe outer side.

Step 3 User A Computes the

key asUser B Computes

the key as
Step 4 two calculation produce identical results

(We know that )

Prepared by Veena N D, Asst. Professor, Dept of CSE, SSIT Page 9

 (We know that )
The result is that the two sides have exchanged a secret key.

Example:

MAN-in the Middle Attack (MITM)

Definition: A man in the middle attack is a form of eavesdropping where

communicationbetween two users is monitored and modified by an unauthorized
party.

Generally the attacker actively eavesdrops by intercepting (stoping) a public key

message exchange.
The Diffie- Hellman key exchange is insecure against a “Man in the middle attack”.

Prepared by Veena N D, Asst. Professor, Dept of CSE, SSIT Page 10

 Suppose user ‘A’ & ‘B’ wish to exchange keys, and D is the adversary (opponent). The attack

proceeds as follows.

1. ‘D’ prepares for the attack by generating two random private keys XD1 & XD2
and thencomputing the corresponding public keys YD1 and YD2.
2. ‘A’ transmits ‘YA’ to ‘B’
3. ‘D’ intercepts YA and transmits YD1 to ‘B’. and D also calculates

4. ‘B’ receives YD1 & calculate

5. ‘B’ transmits ‘YB’ to ‘A”
6. ‘D’ intercepts ‘YB’ and transmits YD2 to ‘A’ and ‘D’ calculate K1

7. A receives YD2 and calculates

At this point, Bob and Alice think that they share a secret key, but instead Bob and
Darth share secret key K1 and Alice and Darth share secret key K2. All future
communication between Bob and Alice is compromised in the following way.

Prepared by Veena N D, Asst. Professor, Dept of CSE, SSIT Page 11

 The key exchange protocol is vulnerable to such an attack because it does not
authenticate the participants. This vulnerability can be overcome with the use of digital
signatures and public- key certificates

Prepared by Veena N D, Asst. Professor, Dept of CSE, SSIT Page 12