More Related Content
What's hot (20)
Similar to 2. public key cryptography and RSA (20)
More from Dr.Florence Dayana (20)
Recently uploaded (20)
2. public key cryptography and RSA
- 1. NETWORK SECURITY Name of the Staff : M.FLORENCE DAYANA M.C.A.,M.Phil.,(Ph.D)., Head, Dept. of CA Bon Secours College For Women Thanjavur. Class : II MSc., CS Semester : III Unit : II Topic : Public Key Cryptography 2/15/2019 1
- 2. Public key Cryptography •Public key cryptography (PKC) is an encryption technique that uses a paired public and private key algorithm for secure data communication. •A message sender uses a recipient's public key to encrypt a message. •To decrypt the sender's message, only the recipient's private key may be used.
- 3. Principles of Public-Key Cryptosystems • The concept of public-key cryptography evolved from an attempt to attack two of the most difficult problems associated with symmetric encryption: • The communicants already shares a key or someone has been distributed the key. • How to secure communications in general without having to trust a KDC with your key Key distribution • How to verify that a message comes intact from the claimed sender Digital signatures
- 4. Public-Key Cryptosystems • A public-key encryption scheme has six ingredients: Plaintext The readable message or data that is fed into the algorithm as input Encryption algorithm Performs various transform -ations on the plaintext Public key Used for encryption or decryption Private key Used for encryption or decryption Ciphertext The scrambled message produced as output Decryption algorithm Accepts the ciphertext and the matching key and produces the original plaintext
- 6. Conventional and Public-Key Encryption
- 7. Public-Key Cryptosystem: encryption using public key -Secrecy This figure provides confidentiality because two related key used for encryption other being used for decryption
- 8. Public-Key Cryptosystem: Encryption using private key -Authentication There is no protection of confidentiality because any observer can decrypt the message by using the sender’s public key
- 9. Public-Key Cryptosystem: Authentication and Secrecy we begin as before by encrypting a message, using the sender’s private key. This provides the digital signature. Next, we encrypt again, using the receiver’s public key. The final ciphertext can be decrypted only by the intended receiver, who alone has the matching private key. Thus, confidentiality is provided
- 10. Applications for Public-Key Cryptosystems • Public-key cryptosystems can be classified into three categories: • The sender encrypts a message with the recipient’s public keyEncryption/decryption • The sender “signs” a message with its private keyDigital signature • Two sides cooperate to exchange a session keyKey exchange
- 11. Applications for Public-Key Cryptosystems
- 12. Public-Key Requirements Conditions that these algorithms must fulfil: 1. It is computationally easy for a party B to generate a pair (public- key PUb, private key PRb) 2. It is computationally easy for a sender A, knowing the public key and the message to be encrypted, to generate the corresponding ciphertext 3. It is computationally easy for the receiver B to decrypt the resulting ciphertext using the private key to recover the original message 4. It is computationally infeasible for an adversary, knowing the public key, to determine the private key. 5. It is computationally infeasible for an adversary, knowing the public key and a ciphertext, to recover the original message. 6. The two keys can be applied in either order.
- 13. Public-Key Requirements trap-door one-way function •A trapdoor function is a function that is easy to compute in one direction, yet difficult to compute in the opposite direction (finding its inverse) without special information, called the "trapdoor". Trapdoor functions are widely used in cryptography. •Y = f(X) easy •X = f–1(Y) infeasible
- 14. Public-Key Requirements A trap-door one-way function is a family of invertible functions fk, such that Y = fk(X) easy, if k and X are known X = fk –1(Y) easy, if k and Y are known X = fk –1(Y) infeasible, if Y known but k not known A practical public-key scheme depends on a suitable trap-door one-way function
- 15. Rivest-Shamir-Adleman (RSA) Scheme •RSA is the algorithm used by modern computers to encrypt and decrypt messages. It is an asymmetric cryptographic algorithm. •Asymmetric means that there are two different keys. This is also called public key cryptography, because one of them can be given to everyone. The other key must be kept private. •One of the first successful responses to the challenge was Developed in 1977 at MIT by Ron Rivest, Adi Shamir & Len Adleman
- 16. RSA Algorithm •Plaintext is encrypted in blocks with each block having a binary value less than some number n •Encryption and decryption are of the following form, for some plaintext block M and cipher text block C C = Memod n M = Cd mod n = (Me)d mod n = Med mod n •Both sender and receiver must know the value of n •The sender knows the value of e, and only the receiver knows the value of d •This is a public-key encryption algorithm with a public key of PU={e,n} and a private key of PR={d,n}
- 17. Algorithm Requirements • For this algorithm to be satisfactory for public-key encryption, the following requirements must be met: 1. It is possible to find values of e, d, n such that Med mod n = M for all M<n 2. It is relatively easy to calculate Me mod n and Cd mod n for all values of M < n 3. It is infeasible to determine d given e and n
- 18. RSA Algorithm
- 19. Example of RSA Algorithm
- 21. The Security of RSA Five possible approaches to attacking RSA are: Brute force • Involves trying all possible private keys Mathematical attacks • There are several approaches, all equivalent in effort to factoring the product of two primes Timing attacks • These depend on the running time of the decryption algorithm Hardware fault-based attack • This involves inducing hardware faults in the processor that is generating digital signatures Chosen ciphertext attacks • This type of attack exploits properties of the RSA algorithm
- 22. Optimal Asymmetric Encryption Padding (OAEP) •Optimal Asymmetric Encryption Padding (OAEP) is a padding scheme often used together with RSA encryption. •The OAEP algorithm is a form of Feistel network which uses a pair of random oracles G and H to process the plaintext prior to asymmetric encryption.
- 24. Figure shows OAEP encryption. 1. As a first step, the message M to be encrypted is padded. A set of optional parameters, P, is passed through a hash function, H. 2. The output is then padded with zeros to get the desired length in the overall data block (DB). 3.Next, a random seed is generated and passed through another hash function, called the mask generating function (MGF). 4. The resulting hash value is bit-by-bit XORed with DB to produce a maskedDB. 5.The maskedDB is in turn passed through the MGF to form a hash that is XORed with the seed to produce the masked seed. 6. The concatenation of the masked-seed and the maskedDB forms the encoded message EM. Note that the EM includes the padded message, masked by the seed, and the seed, masked by the maskedDB. The EM is then encrypted using RSA.