CHAPTER FIVE

advertisement

Chapter Five : Public key Cipher Systems ----------------------------------------------------------------------

1

5.1 INTRODUCTION

In the real world , key management is the hardest part of cryptology .Cryptanalysts often attack cipher system through their key management .One of the problems facing symmetric cipher systems is key distribution Keys must be distributed in secret , since knowledge of the key gives knowledge of the massage .From the other side, keys are shared by pairs , and could work well in small networks , but raised tremendously as network grows up , since every pair of users must exchange keys .

The total numbers of key exchanges required in n-person network is n(n-1)/2 .In six person network , 15 key exchange are required , in 1000 – person network ,nearly 500,000 key exchanges are requied .

Public key system are invented to over come the problems of key distribution faced by symmetric (one - key) cipher systems .We summarize the mentioned problems as follows :

First key must be distributed in secret .

Second : If key is compromised , then stranger can share the system as member .

Third : number of key increases rapidly as users increased .

Public key cryptography based on one-way hash function (trap-door function),that is depend on two keys public key used for encryption process and it is available for every one in the network, the second key is the secret key which is used for decryption processes , and every person in the network has his own secret keys .In another meaning users have their own secret keys and share others with public keys .Since public key is known for every one , then A can communicate with B as follows :

Chapter Five : Public key Cipher Systems ----------------------------------------------------------------------

2

A gets public key of B from database.

A encrypt his message using B public key and send it .

B decrypt the message using his own secret key .

5.2 ONE-WAY HAASAH FUNCTION:

The notion of one- way function is central to public key cryptography .One way function are easy to compute , but it is significantly hard (computationally) to reverse. That is given x , it is easy to compute f(x) , but given f(x), it is hard to compute x .Breaking plate is a good example of a one-way hash function , it is easy to smash a plate into thousands of tiny pieces back together into a plate . One-way functions are not useful in public key cryptography, in public key. We need a special type of one –way function, that is trap-door one-way function, which has a secret door (secret key) used to reverse the other direction .i.e giving f(x) and some secret Value we can deduce.

5.3 PUBLIC KEY CRY TOGRAPHY:

The concept of public key or (exponential ciphers) was invented by

Whitfield Diffie and Martin Hellman and independently by Ralph Merkle at 1976. Since 1976, numerous Public key cryptography algorithms have been proposed, many of these are insecure, others are impractical, only a few of them are secure and practical. Only three algorithms work well for both encryption and digital signature, RSA, EIGamal, and Rabin. All of them are much slower than symmetricp algorithms by 1000 limes.

Public key cryptography used two different keys, public key for encrypting process, and secret key for decrypting process. Any one can use public key and encrypt a message, but only those who have secret key are

Chapter Five : Public key Cipher Systems ----------------------------------------------------------------------

3 allowed to decrypt the message. Mathematically, the process is based on the trapdoor one-way function.Encryption is the easy direction, while decryption is the hard direction unless he has the secret key.

Public key system encrypt a message block M c 

0 , n

1

 by computing the exponential

C=M e mod n

Where e (public key) and are the keys of encryption transformation ,

M is restored by the same operation using different exponential d (secret key):

M=C d

mod n

By symmetry, Encryption and decryption are commulative and malual inverses, thus substituting 5.2 by 5.1:

M=(M d mod n) e mod n = M de mod n = M

Encryption and decryption can be implemented using fast exponentiation algorithm.

Fastexp (a,z,n); rturn x = a mod n

Begin

Al := a i

zi := z i x=1

While (zi<> 0) do

Begin

While (zI mod 2 =0) do

Begin

zI : = zI div 2

al:= (al*al) mod n;

end;

z1:=z1-1;

x : =(x*a1) mod n;

end;

fastexp: = x;

end;

Figure 5-1 Fast exponentiation

Chapter Five : Public key Cipher Systems ----------------------------------------------------------------------

4

Using above algorithm then:

C = fastexp (m ,e , n)

M = fastexp (c ,d , n)

5.4 EXPONENTIAL CIPHER:

Encryption and decryption transformations are based on modular exponentiation. Modular arithmetic is easier to work with on computers, because, it restricts She range of all intermediate values and the result.

Exponentiation in modular arithmetic is performed without huge intermediate results. For example, to calculate a

8

mod n , don't use the naive approach and perfonn seven multiplications and one huge modular reduction: a 8 mod n = (a . a. a. a . a . a. a. a) mod n

Instead, perform three smaller multiplications and three smaller modular reductions: a 8 modn = ((a 2 mod n) 2 mod n) 2 mod n also a 16 modn = (((a 2 mod n) 2 mod n) 2 mod n) 2 mod n a 25 mod n= (a . a 24 ) mod n

=(a. a 8 . a 16 ) mod n

=(((a 2 . a 2 ) 2 ) 2 . (((a 2 ) 2 ) 2 ) 2 ) mod n

= ((((a 2 - a) 2 ) 2 ) 2 . a) mod n

=(((((((a 2 mod n) .a) mod n) 2 mod n) 2 mod n) 2 mod n) . a) mod n

Inverses is a problem of finding an integer x such that: ax mod n = 1 a -1 = x mod n .

For example 3 and 7 are multiplicative inverses mod 10, because

21 mod 10 = 1. In general a -1 = x mod n has a unique solution if a and n

Chapter Five : Public key Cipher Systems ----------------------------------------------------------------------

5 are relatively prime. If n is prime number then every number in the range

(1, n-1) is relatively prime to n and has exactly one inverse modulo in that range. Femat's theorem and Euler's generalization can solve such a problem.

Fermit's theorem:

Let n is a prime number; then for every a such that gcd (a,n) =1: a n-1 mod n =1

Totient Function:

For n = p q and p, q are prime

Ø(n)=(p-1)(q-1)

Where

Ø(n)

is Euler totient function, the number of'elements in tlie reduced set of residues modulo n.

Example: let p = 3, q = 5, 11 = p , q = 15 '.

Ø (15) = (3-1) (5-1) =8

There are eight elements in the reduced set of residues modulo 15 (1, 2, 4,

7, 8, 11, 13, 14) are relatively prime to 15

5.5 POHLIG-HELLMAN CIPHERS:

Pohlig-Helman scheme is not a symmetric algorithm because different keys are used for encryption and decryption. It is not a public key scheme, because the keys are easily derived from each other, both encryption and decryption keys must kept secret .In the Pohlig-Helman scheme, the modulus is chosen to be a large prime P. because P is prime, then

Ø(P) =P-1

, which is trivially derived from P, thus the scheme can only be used for conventional encryption where e and d are both kept secret.The enciphering and deciphering functions are thus given by :

Chapter Five : Public key Cipher Systems ----------------------------------------------------------------------

6

C=M e mod p and M = C d mod p

Where e d = l ( mod some complex number )

Example:

Let p = l l , whence Ø (p) = p – l = 10; chose d = 7 and compute e

e = inv(7,10) = 3 , M = 5

C = Me mod p = 5 3 mod l l = 4

M = C d mod p = 4 7 mod l l = 5

5.6 RSA CIPHER SYSTEM:

One of the most well known and popular public key systems is the

RSA system, named after the first letters of the surnames of its designers

(Rivest, Shamir and Adleman of the Massachusetts lnstitute of Technology

MIT). The RSA based on the fact that it is relatively easy to calculate the product of tow prime numbers, but giving the product it far more complicated. First two prime numbers are generated (p and q of length 100 -200 digit ), and their product is calculated and denoted by : n = p* q

Chose e (encryption key ) randomly, relatively prime to p and q and satisfy the following expression:

3 < e < (p – l) (q – l) and gcd [ e , (p – 1 ) * (p – 1 ) ] = 1

The value of e is used to determine another, d ( decryption key ) for which: e d = 1 (mod (p -1) (q – 1))

d = e -1 mod ((p – 1) * (q – 1))

The public key consists of the pair (e. n). The encipherment of atext is performed by taking the binary representation of a message divided into blocks and denoted by M. the cipher block C is computed by raising the

Chapter Five : Public key Cipher Systems ----------------------------------------------------------------------

7 decimal value of M To the power of e and taking the remainder of a division by n:

Encrypt: C = M e mod n ciphertext

Decrypt M = C d mod n plaintext

Public key gets its efficiency from the difficulty of factorizing large prime numbers. Furthermore, it is almost impossible to calculate the value of d if only the public key (e, n) is known. In order to calculate d then p and q must be known too.

Example

Let p = 3, q = 17 ; n = p * q , 3 x 17 = 51

(p – 1 ) (q – 1) = 2 x 16 = 32

Find a number e between 3 and 32 which has no factor in common with 32.

Let e = 7; d can be determined using equation 5.13, then d = 23

e d = 7 x 23 = 161 mod 32 = 1

Let M = 2 then using (5.14) C = 2 7 mod 51 = 26 and

26 23 mod 51 = 26 1 . 26 2 . 26 4 .26

16 (mod 51 ) = 16 x 13 x 16 x 1 (mod 51) = 2

1. Cenerate two large prime mumbers p and q.

2. Calculate their product n. = p* q.

3. Determine encryption key e such that ;

3 < e < (p – 1) (q – 1) and

Ø

(n) = (p – 1) * (q – 1)

gcd ( e, (p – 1) ( q – 1 ) ) = 1

4. Calculate d = d = e 1 mod (( p – 1 ) * ( q – 1 ) = e 1 mod

Ø

(n)

5. Encrypt : C = M e mod n

6.Decr

ypt : M = C d mod n

Figure 5-3 RSA algorithm

Chapter Five : Public key Cipher Systems ----------------------------------------------------------------------

8

Example 2:

Let p = 53 and q 61 , then pq 3233, and Ø (n)= (p – 1) (q -1) =52 X 61=

3120, the value of e must be chosen some where between 3 and 3233.

Assume e =71, we can calcuilate d with d =e

–1

mod (p -1) (q – 1) = 71

–1 mod 3120 = 157.

Assuume that the message is given by M = RENAISSANCE. And the alphabet is represented by decimal values a = 00, b = 01, c = 02, ete. with space = 26, And divided into 4 –digit blocks, then we can proceeds as follows:

M = RE NA I S SA NC E

1704 1300 0818 1800 1302 0426

M1 M2 M3 M4 M5 M6

Now encrypt:

C1 = M1 71 mod 3233, = 1704 71 mod 3233 = 3106

C2 =M2 71 mod 3233 , C3 = M3 71 m 3233, etc…

C = 3106 0100 0931 2691 1984 2927

C1 C2 C3 C4 C5 C6

And decrypt:

M1 = C1 791 mod 3233 =3106 791 mod 3233

M1 = C1 791 mod 3233, M2 = C2 791 mod 3233, M3 = C3 791 mod 3233, etc

Download