UNIT 2

RSA Algorithm in Cryptography

RSA algorithm is an asymmetric cryptography algorithm. Asymmetric actually means that it

works on two different keys i.e. Public Key and Private Key. As the name describes that the
Public Key is given to everyone and the Private key is kept private.
An example of asymmetric cryptography:
1. A client (for example browser) sends its public key to the server and requests some data.
2. The server encrypts the data using the client’s public key and sends the encrypted data.
3. The client receives this data and decrypts it.
Since this is asymmetric, nobody else except the browser can decrypt the data even if a third
party has the public key of the browser.
The idea! The idea of RSA is based on the fact that it is difficult to factorize a large integer. The
public key consists of two numbers where one number is a multiplication of two large prime
numbers. And private key is also derived from the same two prime numbers.
So if somebody can factorize the large number, the private key is compromised. Therefore
encryption strength totally lies on the key size and if we double or triple the key size, the strength
of encryption increases exponentially.
RSA keys can be typically 1024 or 2048 bits long, but experts believe that 1024-bit keys could
be broken in the near future. But till now it seems to be an infeasible task.

Let us learn the mechanism behind the RSA algorithm : >> Generating Public Key:
Select two prime no's. Suppose P = 53 and Q = 59.
Now First part of the Public key : n = P*Q = 3127.
We also need a small exponent say e :
But e Must be
An integer.
Not be a factor of Φ(n).
1 < e < Φ(n) [Φ(n) is discussed below],
Let us now consider it to be equal to 3.
Our Public Key is made of n and e

>> Generating Private Key:

We need to calculate Φ(n) :
Such that Φ(n) = (P-1)(Q-1)
so, Φ(n) = 3016
Now calculate Private Key, d :
d = (k*Φ(n) + 1) / e for some integer k
For k = 2, value of d is 2011.
 Now we are ready with our – Public Key ( n = 3127 and e = 3) and Private Key(d = 2011) Now
we will encrypt “HI”:
Convert letters to numbers : H = 8 and I = 9
Thus Encrypted Data c = (89e)mod n
Thus our Encrypted Data comes out to be 1394
Now we will decrypt 1394 :
Decrypted Data = (cd)mod n
Thus our Encrypted Data comes out to be 89
8 = H and I = 9 i.e. "HI".

Implementation of Diffie-Hellman Algorithm

Diffie-Hellman algorithm:
The Diffie-Hellman algorithm is being used to establish a shared secret that can be used for
secret communications while exchanging data over a public network using the elliptic curve to
generate points and get the secret key using the parameters.
 For the sake of simplicity and practical implementation of the algorithm, we will consider
only 4 variables, one prime P and G (a primitive root of P) and two private values a and b.
 P and G are both publicly available numbers. Users (say Alice and Bob) pick private values a
and b and they generate a key and exchange it publicly. The opposite person receives the key
and that generates a secret key, after which they have the same secret key to encrypt.

Step-by-Step explanation is as follows:

Example:
Step 1: Alice and Bob get public numbers P = 23, G = 9
Step 2: Alice selected a private key a = 4 and
Bob selected a private key b = 3
Step 3: Alice and Bob compute public values
Alice: x =(9^4 mod 23) = (6561 mod 23) = 6
Bob: y = (9^3 mod 23) = (729 mod 23) = 16
Step 4: Alice and Bob exchange public numbers
Step 5: Alice receives public key y =16 and
Bob receives public key x = 6
Step 6: Alice and Bob compute symmetric keys
Alice: ka = y^a mod p = 65536 mod 23 = 9
Bob: kb = x^b mod p = 216 mod 23 = 9
Step 7: 9 is the shared secret.
 Cryptography Hash Functions
 Hash functions in cryptography are extremely valuable and are found in practically every
information security application.
 A hash function transforms one numerical input value into another compressed numerical
value.
 It is also a process that turns plaintext data of any size into a unique ciphertext of a
predetermined length.
What is Cryptography Hash Function?
 A cryptographic hash function (CHF) is an equation that is widely used to verify the
validity of data. It has many applications, particularly in information security (e.g. user
authentication).
 CHF translates data of various lengths of the message into a fixed-size numerical string
the hash.
 A cryptographic hash function is a single-directional work, making it extremely difficult
to reverse to recreate the information used to make it.
How Does a Cryptography Hash Function Work?
 The hash function accepts data of a fixed length. The data block size varies between
algorithms.
 If the blocks are too small, padding may be used to fill the space. However, regardless of the
kind of hashing used, the output, or hash value, always has the same set length.
 The hash function is then applied as many times as the number of data blocks.
What Does a Cryptography Hash Function Do?
A hash function in cryptography takes a plaintext input and produces a hashed value output of a
particular size that cannot be reversed. However, from a high-level viewpoint, they do more.
 Secure against unauthorized alterations: It assists you in even minor changes to a message
that will result in the generation of a whole new hash value.
 Protect passwords and operate at various speeds: Many websites allow you to save your
passwords so that you don’t have to remember them each time you log in.
 However, keeping plaintext passwords on a public-facing server is risky since it exposes the
information to thieves.
 Websites commonly use hash passwords to create hash values, which they then store.
Applications of Cryptographic Hash Functions
Below are some applications of cryptography hash functions
Message Authentication
 Message authentication is a system or service that verifies the integrity of a communication.
 It ensures data is received precisely as transmitted, with no modifications, insertions, or
deletions, a hash function is used for message authentication, and the value is sometimes
referred to as a message digest.
 Message authentication often involves employing a message authentication code (MAC).
 MACs are widely used between two parties that share a secret key for authentication purposes.
A MAC function uses a secret key and data block to generate a hash value, that identifies the
protected communication.
Data Integrity Check
 Hash functions are most commonly used to create checksums for data files.
 This program offers the user with assurance that the data is correct.
 The integrity check allows the user to detect any modifications to the original file.
 It does not assure uniqueness. Instead of altering file data, the attacker can update the entire
file, compute a new hash, and deliver it to the recipient.
Digital Signatures
 The digital signature application is comparable to message authentication.
 Digital signatures operate similarly to MACs.
 Digital signatures encrypt message hash values using a user’s private key.
 The digital signature may be verified by anybody who knows the user’s public key.

Advantages and Disadvantages of Cryptography

Cryptography is a strong tool for keeping the confidentiality, integrity, and authenticity of
messages and data in many different systems, Cryptography is all about secured methods of
communication and information techniques that are based upon mathematical algorithms to
encrypt the messages such that it is not readable by third parties.
In this article, we will cover the advantages and disadvantages of cryptography and some of the
frequently asked questions related to it.
What is Cryptography?
In computer science, cryptography is about secure communication and information techniques
that are based on mathematics and rule-based algorithms, which are called algorithms, encrypt
messages so that they may not be read by unintended parties.
These deterministic algorithms show the purpose of cryptographic key generation, digital
signing, verification, data privacy protection, web browsing on the internet, and confidential
information transfer like credit card transactions and email.
Advantages of Cryptography
 Confidentiality: One of the safety measures of cryptography is that it is only the authorized
parties can effectively understand and gain access to the information being transmitted or
stored.
 Integrity: It guarantees that data is not modified or counterfeited by the time of its
transmission or storage.
 Authentication: Cryptography reliably verifies the sender’s identity; thus, messages are never
tampered with, ensuring that they only come from trusted sources.
 Non-repudiation: With cryptographic techniques, the date and time of this message or its
receipt are being proved so no one can deny it has done what.
 Secure Communication: It provides for encrypted data transmission over almost every
channel including the insecure internet, that prevents criminals from spying or intercepting
sensitive information.
 Data Integrity Verification: Cryptography can use a digital signature to seal a document,
validating that it is untouched by the person to whom it belongs.
 Access Control: Cryptography brings up the confidentiality of data by encrypting it and
makes decryption a procedure accessible only to privileged users of the data.
 Secure Transactions: It secures digital transactions, for example, e-commerce or online
banking, making sure that business personal-related information is safe from theft or fraud.
Disadvantages of Cryptography
 Complexity: Cryptographic systems are not quite easy to implement and manage, meaning
that a high level of technical savviness is required, thereby a specialized knowledge and
expertise.
 Key Management: Key management in the case of cryptographic systems is a complex issue
and proper key management is a must, especially in case of the large scale of security
implementations.
 Performance Overhead: Efficient encryption/decryption at the point of degrading
performance may compromise the overall efficiency, especially in cases of resource-
constrained environments.
 Vulnerabilities: Cryptography algorithms and their implementations are known to the hacker.
Therefore, it is possible that cryptography operators can uncover unauthentic weaknesses.
This leaves the virtual system at risk of being compromised with the whole system’s cyber
security destroyed.
 Misuse: The application of Cryptography (codification) for unlawful purposes for instance the
encryption of malware or the use of encrypted channels by criminals which in turn interferes
with the work of law enforcement agencies who no longer can decrypt or intercept.
 Dependency on Algorithms: Cryptographic devices are based on the strength and solidity of
the algorithms underneath the system, where the framework or system might be damaged if
they are tampered with.
 Key Compromise: When keys of cryptography are compromised or ever stolen, this
represents a moment when unauthorized access to, and decryption of, sensitive information
can occur.
 Regulatory Compliance: Rule compliance in the crypto field can be troublesome for
corporate bodies as it requires engagement with policies and practices that are used
exclusively in the effort to be legalized.
Digital Signature Standard (DSS)
As we have studied, signature is a way of authenticating the data coming from a trusted
individual. Similarly, digital signature is a way of authenticating a digital data coming from a
trusted source.
 Digital Signature Standard (DSS) is a Federal Information Processing Standard(FIPS) which
defines algorithms that are used to generate digital signatures with the help of Secure Hash
Algorithm(SHA) for the authentication of electronic documents.
DSS only provides us with the digital signature function and not with any encryption or key
exchanging strategies.

Sign any document online efficiently and organize your workflow with the user-friendly and
highly secure e-signature platform SignNow. With this, you can easily share any electronic
documents for signature, keep track of them, and even sign the documents on any device.

Sender Side: In DSS Approach, a hash code is generated out of the message and following
inputs are given to the signature function –
1. The hash code.
2. The random number ‘k’ generated for that particular signature.
3. The private key of the sender i.e., PR(a).
4. A global public key(which is a set of parameters for the communicating principles) i.e.,
PU(g).
These input to the function will provide us with the output signature containing two components
– ‘s’ and ‘r’.
Therefore, the original message concatenated with the signature is sent to the receiver. Receiver
Side : At the receiver end, verification of the sender is done.
The hash code of the sent message is generated. There is a verification function which takes the
following inputs –
1. The hash code generated by the receiver.
2. Signature components ‘s’ and ‘r’.
3. Public key of the sender.
4. Global public key.
The output of the verification function is compared with the signature component ‘r’. Both the
values will match if the sent signature is valid because only the sender with the help of it private
key can generate a valid signature.
Benefits of advanced signature:
1.A computerized signature gives better security in the exchange. Any unapproved individual
can’t do fakeness in exchanges.
2.You can undoubtedly follow the situation with the archives on which the computerized mark is
applied.
3.High velocity up record conveyance.
4.It is 100 percent lawful it is given by the public authority approved ensuring authority.
5.In the event that you have marked a report carefully, you can’t deny it.
6.In this mark, When a record is get marked, date and time are consequently stepped on it.
7.It is preposterous to expect to duplicate or change the report marked carefully.
8.ID of the individual that signs.
9.Disposal of the chance of committing misrepresentation by a sham.
Burdens of computerized signature:
1.You really want to investigate all the similarity issues. In there are a great deal of similarity
settings like a refreshed rendition of driver and programming.
2.Programming is one of the main pressing concerns while utilizing a computerized signature
testament.
3.On the off chance that you are having a place with the corporate world and running a
commodity import association, you want to create a computerized signature for E-tagging.
4.In this signature, Lost or burglary of keys and the utilization of weak storage spaces.
5.There is a more grounded need for a norm through which these various strategies can
cooperate.
In this period of quick mechanical headway, a considerable lot of these tech items have a short
timeframe of realistic usability.
6.To successfully utilize a computerized signature, the two shippers and beneficiaries might need
to purchase computerized endorsements.
7.To work with computerized endorsements, the shipper and beneficiaries need to purchase
check programming at an expense.
8.A computerized signature includes the essential road for any business is cash.
 Digital Signatures and Certificates
Encryption – Process of converting electronic data into another form, called ciphertext, which
cannot be easily understood by anyone except the authorized parties. This assures data security.
Decryption– Process of translating code to data.
 The message is encrypted at the sender’s side using various encryption algorithms and
decrypted at the receiver’s end with the help of the decryption algorithms.
 When some message is to be kept secure like username, password, etc., encryption and
decryption techniques are used to assure data security.
Experience the ease of obtaining legally binding signatures online, all while maintaining the
highest standards of security and compliance with the leading e-signature platform, SignNow. It
is a secure and efficient electronic signature solution designed to streamline your document
signing process while ensuring top-tier security features.
Types of Encryption
 Data encryption transforms information into a code that is only accessible to those with a
password or secret key, sometimes referred to as a decryption key.
 Data that has not been encrypted is referred to as plaintext, whereas data that has been
encrypted is referred to as ciphertext.
 In today’s business sector, encryption is one of the most popular and effective data
protection solutions.
 By converting data into ciphertext, which can only be decoded with a special decryption
key generated either before or at the time of the encryption, data encryption serves to
protect the secrecy of data.
 Symmetric Encryption
Data is encrypted using a key and the decryption is also done using the same key.
 There are a few strategies used in cryptography algorithms. For encryption and decryption
processes, some algorithms employ a unique key. In such operations, the unique key must be
secured since the system or person who knows the key has complete authentication to decode
the message for reading.
 Asymmetric Encryption
Asymmetric Cryptography is also known as public-key cryptography. It uses public and
private keys for the encryption and decryption of message.
 One key in the pair which can be shared with everyone is called the public key. The other key
in the pair which is kept secret and is only known by the owner is called the private key.

Asymmetric Encryption
Public key– Key which is known to everyone. Ex-public key of A is 7, this information is
known to everyone.
Private key– Key which is only known to the person who’s private key it is.
Authentication-Authentication is any process by which a system verifies the identity of a user
who wishes to access it.
Non- repudiation– Non-repudiation is a way to guarantee that the sender of a message cannot
later deny having sent the message and that the recipient cannot deny having received the
message.
Integrity– to ensure that the message was not altered during the transmission.
Message digest -The representation of text in the form of a single string of digits, created using a
formula called a one way hash function. Encrypting a message digest with a private key creates a
digital signature which is an electronic means of authentication..

Digital Signature
A digital signature is a mathematical technique used to validate the authenticity and integrity of a
message, software, or digital document.
1. Key Generation Algorithms: Digital signature is electronic signatures, which assure that the
message was sent by a particular sender. While performing digital transactions authenticity
and integrity should be assured, otherwise, the data can be altered or someone can also act as
if he was the sender and expect a reply.
2. Signing Algorithms: To create a digital signature, signing algorithms like email programs
create a one-way hash of the electronic data which is to be signed. The signing algorithm then
encrypts the hash value using the private key (signature key). This encrypted hash along with
 other information like the hashing algorithm is the digital signature. This digital signature is
appended with the data and sent to the verifier. The reason for encrypting the hash instead of
the entire message or document is that a hash function converts any arbitrary input into a
much shorter fixed-length value. This saves time as now instead of signing a long message a
shorter hash value has to be signed and moreover hashing is much faster than signing.
3. Signature Verification Algorithms : Verifier receives Digital Signature along with the data.
It then uses Verification algorithm to process on the digital signature and the public key
(verification key) and generates some value. It also applies the same hash function on the
received data and generates a hash value. If they both are equal, then the digital signature is
valid else it is invalid.
The steps followed in creating digital signature are :
1. Message digest is computed by applying hash function on the message and then message
digest is encrypted using private key of sender to form the digital signature. (digital signature
= encryption (private key of sender, message digest) and message digest = message digest
algorithm(message)).
2. Digital signature is then transmitted with the message.(message + digital signature is
transmitted)
3. Receiver decrypts the digital signature using the public key of sender.(This assures
authenticity, as only sender has his private key so only sender can encrypt using his private
key which can thus be decrypted by sender’s public key).
4. The receiver now has the message digest.
5. The receiver can compute the message digest from the message (actual message is sent with
the digital signature).
6. The message digest computed by receiver and the message digest (got by decryption on digital
signature) need to be same for ensuring integrity.
Message digest is computed using one-way hash function, i.e. a hash function in which
computation of hash value of a message is easy but computation of the message from hash value
of the message is very difficult.
 Assurances about digital signatures
The definitions and words that follow illustrate the kind of assurances that digital signatures
offer.
1. Authenticity: The identity of the signer is verified.
2. Integration: Since the content was digitally signed, it hasn’t been altered or interfered with.
3. Non-repudiation: demonstrates the source of the signed content to all parties. The act of a
signer denying any affiliation with the signed material is known as repudiation.
4. Notarization: Under some conditions, a signature in a Microsoft Word, Microsoft Excel, or
Microsoft PowerPoint document that has been time-stamped by a secure time-stamp server is
equivalent to a notarization.
Benefits of Digital Signatures
 Legal documents and contracts: Digital signatures are legally binding. This makes them
ideal for any legal document that requires a signature authenticated by one or more parties and
guarantees that the record has not been altered.
 Sales contracts: Digital signing of contracts and sales contracts authenticates the identity of
the seller and the buyer, and both parties can be sure that the signatures are legally binding
and that the terms of the agreement have not been changed.
 Financial Documents: Finance departments digitally sign invoices so customers can trust that
the payment request is from the right seller, not from a bad actor trying to trick the buyer into
sending payments to a fraudulent account.
 Health Data: In the healthcare industry, privacy is paramount for both patient records and
research data. Digital signatures ensure that this confidential information was not modified
when it was transmitted between the consenting parties.
Drawbacks of Digital Signature
 Dependency on technology: Because digital signatures rely on technology, they are
susceptible to crimes, including hacking. As a result, businesses that use digital signatures
 must make sure their systems are safe and have the most recent security patches and upgrades
installed.
 Complexity: Setting up and using digital signatures can be challenging, especially for those
who are unfamiliar with the technology. This may result in blunders and errors that reduce the
system’s efficacy. The process of issuing digital signatures to senior citizens can occasionally
be challenging.
 Limited acceptance: Digital signatures take time to replace manual ones since technology is
not widely available in India, a developing nation.
Digital Certificate
Digital certificate is issued by a trusted third party which proves sender’s identity to the receiver
and receiver’s identity to the sender.
A digital certificate is a certificate issued by a Certificate Authority (CA) to verify the identity of
the certificate holder. Digital certificate is used to attach public key with a particular individual
or an entity.
Digital certificate contains
 Name of certificate holder.
 Serial number which is used to uniquely identify a certificate, the individual or the entity
identified by the certificate
 Expiration dates.
 Copy of certificate holder’s public key.(used for decrypting messages and digital signatures)
 Digital Signature of the certificate issuing authority.
Digital certificate is also sent with the digital signature and the message.
Advantages of Digital Certificate
 NETWORK SECURITY : A complete, layered strategy is required by modern cybersecurity
methods, wherein many solutions cooperate to offer the highest level of protection against
malevolent actors.
 An essential component of this puzzle is digital certificates, which offer strong defence
against manipulation and man-in-the-middle assaults.

 VERIFICATION : Digital certificates facilitate cybersecurity by restricting access to

sensitive data, which makes authentication a crucial component of cybersecurity. Thus, there
is a decreased chance that hostile actors will cause chaos.
 At many different endpoints, certificate-based authentication provides a dependable method of
identity verification. Compared to other popular authentication methods like biometrics or
one-time passwords, certificates are more flexible.

 BUYER SUCCESS : Astute consumers demand complete assurance that the websites they
visit are reliable.
 Because digital certificates are supported by certificate authority that users’ browsers trust,
they offer a readily identifiable indicator of reliability.
 Disadvantages of Digital Certificate
 Phishing attacks: To make their websites look authentic, attackers can fabricate bogus
websites and obtain certificates.
 Users may be fooled into providing sensitive information, such as their login credentials,
which the attacker may then take advantage of.
 Weak encryption: Older digital certificate systems may employ less secure encryption
methods that are open to intrusions.
 Misconfiguration: In order for digital certificates to work, they need to be set up correctly.
Websites and online interactions can be attacked due to incorrectly configured certificates.