














Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
The importance of public-key encryption in addressing key distribution problems in cryptography and network security. It covers the distribution of public keys through methods like public announcement, publicly available directories, and public-key authorities, and the use of public-key certificates. The document also introduces the concept of key exchange protocols, such as diffie-hellman key exchange, and their vulnerabilities to attacks.
Typology: Study notes
1 / 22
This page cannot be seen from the preview
Don't miss anything!















distribution of public keys
distribution of public keys
use of public-key encryption to
use of public-key encryption to distribute
distribute
secret keys
secret keys
eg. append PGP keys to email messages or
eg. append PGP keys to email messages or
post to news groups or email list
post to news groups or email list
anyone can create a key claiming to be
anyone can create a key claiming to be
someone else and broadcast it
someone else and broadcast it
until forgery is discovered can masquerade as
until forgery is discovered can masquerade as
claimed user
claimed user
contains {name,public-key} entries
contains {name,public-key} entries
participants register securely with directory
participants register securely with directory
participants can replace key at any time
participants can replace key at any time
directory is periodically published
directory is periodically published
directory can be accessed electronically
directory can be accessed electronically
usually with other info such as period of
usually with other info such as period of
validity, rights of use etc
validity, rights of use etc
Public-Key D
Public-Key D
istribution of Secret
istribution of Secret
Keys
Keys
A generates a new temporary public key pair
A generates a new temporary public key pair
A sends B the public key and their identity
A sends B the public key and their identity
B generates a session key K sends it to A
B generates a session key K sends it to A
encrypted using the supplied public key
encrypted using the supplied public key
A decrypts the session key and both use
A decrypts the session key and both use
especially useful with widely distributed users
especially useful with widely distributed users
performance
performance
backward compatibility
backward compatibility
note: now know that
note: now know that
Williamson
Williamson
(UK CESG)
secretly proposed the concept in 1970
secretly proposed the concept in 1970
large prime integer or polynomial
large prime integer or polynomial
q
q
a
a being a primitive root mod
being a primitive root mod q
q
chooses a secret key (number):
chooses a secret key (number): x
x
A
A
< q
< q
compute their
compute their public key
public key :
y
y
AA
a
a
x
x
A
A
mod q
mod q
A
A
shared session key for users A & B is K
shared session key for users A & B is K
AB
AB
K
K
AB
AB
=
=
a
a
x
x
A.A.
x
x
BB
mod q
mod q
= y
= y
A
A
x
x
B
B
mod q (which
mod q (which B
B can compute)
can compute)
= y
= y
BB
xx
AA
mod q (which
mod q (which A
A can compute)
can compute)
AB
AB
is used as session key in private-key
is used as session key in private-key
encryption scheme between Alice and Bob
encryption scheme between Alice and Bob
if Alice and Bob subsequently communicate,
if Alice and Bob subsequently communicate,
they will have the
they will have the same
same key as before, unless
key as before, unless
they choose new public-keys
they choose new public-keys
attacker needs an x, must solve discrete log
attacker needs an x, must solve discrete log
In this simple example, it would be possible by brute force to
In this simple example, it would be possible by brute force to
determine the secret key 160. In particular, an attacker E can
determine the secret key 160. In particular, an attacker E can
determine the determine the
common key by discovering a solution to the equation 3
common key by discovering a solution to the equation 3
a
a
mod 353 = 40 or the equation 3
mod 353 = 40 or the equation 3
b
b
mod 353 = 248. The brute-force approach is to
mod 353 = 248. The brute-force approach is to
calculate powers of 3 modulo 353, stopping when the result equals
calculate powers of 3 modulo 353, stopping when the result equals
either 40 or 248. The desired answer is reached with the exponent
either 40 or 248. The desired answer is reached with the exponent
value of 97, which provides 3
value of 97, which provides 3
97
97
mod 353 = 40.
mod 353 = 40.
With larger numbers, the problem becomes impractical.
With larger numbers, the problem becomes impractical.