Public Key Cryptography: Secure Digital Communication with RSA Algorithm, Study notes of Computer Science

The concept of public-key cryptography and the rsa algorithm, which enables secure and trustworthy digital communication. The importance of encryption systems that offer assurances to both sender and receiver, such as message integrity and sender authentication. It also introduces the rsa algorithm and its key properties, including the use of prime numbers and the difficulty of factoring large numbers. An overview of the public-key encryption system and its applications, such as https, ssh, ssl, and tls.

Typology: Study notes

Pre 2010

Uploaded on 08/16/2009

koofers-user-mt1-1
koofers-user-mt1-1 🇺🇸

5

(1)

9 documents

1 / 4

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
On the Board
Final Projects — get working …
Requirements for Digital Signatures & Digital Commerce
To enable secure and trustworthy digital communication, we need an
encryption system that has several key properties:
Encrypting and decrypting messages (given the key) should be relatively
inexpensive — at least, a low-order polynomial algorithm.
Breaking the encryption — that is, decrypting it without a key — should
involve solving an intractable problem — exponential cost or higher.
The system should offer assurances to both sender and receiver
o Message stands alone as a voucher of the transaction — that is,
neither the sender nor the receiver can forge it.
o Receiver can establish sender’s unique identity
o Sender can establish that receiver has not modified message
o The encrypted message conveys no knowledge that would let the
sender impersonate the receiver — even by forwarding the same
message to a third party.
Sender can initiate a secure communication without exchanging secret
information, such as the keys required in a single-use code or a
substitution code. (See last lecture.)
Each of these properties plays an important role in establishing widespread,
secure digital communication. (Examples include https, ssh, ssl, & tls.)
The widely-used scheme for “public-key cryptography” was introduced in
1976 by Whitfield Diffle and Martin Helman. The best known and most
widely used cryptosystem (for public-key systems) is the RSA algorithm,
die to Rivest, Sharir, and Adelman.
COMP 200: Elements of Computer Science
Fall 2004
Lecture 32: November 17, 2004
Public Key Cryptography
pf3
pf4

Partial preview of the text

Download Public Key Cryptography: Secure Digital Communication with RSA Algorithm and more Study notes Computer Science in PDF only on Docsity!

On the Board Final Projects — get working … Requirements for Digital Signatures & Digital Commerce To enable secure and trustworthy digital communication, we need an encryption system that has several key properties:

  • Encrypting and decrypting messages (given the key) should be relatively inexpensive — at least, a low-order polynomial algorithm.
  • Breaking the encryption — that is, decrypting it without a key — should involve solving an intractable problem — exponential cost or higher.
  • The system should offer assurances to both sender and receiver o Message stands alone as a voucher of the transaction — that is, neither the sender nor the receiver can forge it. o Receiver can establish sender’s unique identity o Sender can establish that receiver has not modified message o The encrypted message conveys no knowledge that would let the sender impersonate the receiver — even by forwarding the same message to a third party.
  • Sender can initiate a secure communication without exchanging secret information, such as the keys required in a single-use code or a substitution code. (See last lecture.) Each of these properties plays an important role in establishing widespread, secure digital communication. (Examples include https, ssh, ssl, & tls.) The widely-used scheme for “public-key cryptography” was introduced in 1976 by Whitfield Diffle and Martin Helman. The best known and most widely used cryptosystem (for public-key systems) is the RSA algorithm, die to Rivest, Sharir, and Adelman. COMP 200: Elements of Computer Science Fall 2004 Lecture 32: November 17, 2004 Public Key Cryptography

The Model Assume that our encryption system works through two functions: ciphertext = Encr (message), and message = Decr (ciphertext) Further, we will assume that Encr and Decr are related, but that holding one does not reveal the other. That is, given Encr and an encrypted message, the problem of deducing Decr remains computationally intractable — hidden behind a problem of exponential or higher complexity. Now, if we ensure that Encr and Decr are commutative, that is Decr(Encr(M)) = M and Encr(Decr(M)) = M Then we can create a workable public-key encryption system as follows:

  1. Each person has a unique Encr and Decr function, designated with a subscript.
  2. Each person publishes their Encr function in a public registry. As long as generating new Encr and Decr functions is relatively easy, cracking them requires solving a computationally intractable problem, and we can create a public registry of Encr functions, we can make this system work. For Fred to send an encrypted message to Jane, he can simply encrypt it using Jane’s “public key” — EncrJane — and she can read it using her “private key” — DecrJane. Anyone with access to the registry can locate Jane’s public key and send her a message that only she can read. Remember, Encr and Decr must be functional inverses and knowing one cannot give you the other — unless you solve a computationally intractable problem. So far, this scheme works. However, anyone can send Jane a message and claim to be Fred. The encrypted message depends on the message and on Jane’s encryption keys, but has no context that makes it unique to Fred. Remember, the Encr key is published in a registry. To create a message that can only come from Fred (a signed message), Fred can use his Decr process on the message to create a ciphertext that can be decoded with his publicly available Encr. Next, he encodes the ciphertext with Jane’s Encr. Jane decodes the ciphertext that she receives with her

so that K x G ÷ (( P- 1 ) x ( Q- 1 )) = 1, or K x G = 1, modulo (( P- 1 ) x ( Q- 1 )). Now, she can use a simple and efficient algorithm. She posts the pair < G,N > as her public key and keeps K as her private key. Now, the public Encr function breaks the message into numbers between 0 and N- 1. For each such number M , Encr computes MG^ modulo N. For a ciphertext H encrypted this way, the decryption process breaks it into the appropriate number of bits and computes H K modulo N. Number theory and algebra show that these two functions are inverses. To crack the private function, one must find K. However, we chose K as a function of G and the two numbers ( P- 1 ) and (Q- 1 ). Since P and Q are the prime factors of G (and, thus, G has about 600 digits), we would need a major theoretical breakthrough in factoring to find P and Q in any reasonable amount of time. The best known methods for factoring take time exponential in the length of G , so the system is considered uncrackable. As computers get faster, we can simply use longer prime numbers and gain an exponential increase in difficulty. Public Registries and Usability Of course, all of this choosing and factoring is something that the average computer user (such as my eleven year old daughter) does not want to do. Fortunately, software exists to easily choose the appropriate numbers, record the public keys in a registry, and build the private key into a software form where the user does not need to remember 300 digit prime numbers or their products. You may see terms such as SSL certificate — as in, a message from a mail system or an ISP that someone’s SSL certificate has expired. The certificate is nothing more than a public-key pair < G,N >, provided by one of the many registry services that exist on the Internet. (When you register for wireless at Rice, you are asked to accept such a certificate into your browser — which conveniently keeps track of it.)