Asymmetric Encryption / Public key Encryption and Message Digest
UNIT 3
Symmetric Key Encryption
Public Key Encryption
A public-key encryption scheme
● Plaintext: This is the readable message or data that is fed into the algorithm as input.
● Encryption algorithm: The encryption algorithm performs various transformations on the plaintext.
● Public and private keys: This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption. The exact transformations performed by the algorithm depend on the public or private key that is provided as input.
● Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the key. For a given message, two different keys will produce two different ciphertexts.
● Decryption algorithm: This algorithm accepts the ciphertext and the matching key and produces the original plaintext.
Hash functions
Features of Hash Functions
Fixed Length Output (Hash Value)
Efficiency of Operation
Properties of Hash Functions
Design of Hashing Algorithms
Popular Hash Functions
Secure Hash Function (SHA)
Applications of Hash Functions
Password Storage
Data Integrity Check
Public-Key Cryptography Principles
The essential steps are the following:
1. Each user generates a pair of keys to be used for the encryption and decryption of messages.
2. Each user places one of the two keys in a public register or other accessible file. This is the public key. The companion key is kept private. As Figure suggests, each user maintains a collection of public keys obtained from others.
3. If Bob wishes to send a confidential message to Alice, Bob encrypts the message using Alice's public key.
4. When Alice receives the message, she decrypts it using her private key. No other recipient can decrypt the message because only Alice knows Alice's private key.
Applications for Public-Key Cryptosystems
In broad terms, we can classify the use of public-key cryptosystems into three categories:
● Encryption/decryption: The sender encrypts a message with the recipient's public key.
● Digital signature: The sender "signs" a message with its private key. Signing is achieved by a cryptographic algorithm applied to the message or to a small block of data that is a function of the message.
● Key exchange: Two sides cooperate to exchange a session key. Several different approaches are possible, involving the private key(s) of one or both parties. Some algorithms are suitable for all three applications, whereas others can be used only for one or two of these applications.
Applications for Public-Key Cryptosystems
Requirements of public key
C= E(PUb, M)
M= D(PRb, C) = D(PRb, E(PUb, M))
Asymmetric Encryption
Asymmetric Encryption – RSA Algorithm
(d=(K*z+1)/e (for some integer k lets suppose k=6)
Asymmetric Encryption - RSA
Plain Text | Numeric Representation | me | Cipher Text (c = me mod n) |
l | 12 | 248832 | 17 |
o | 15 | 759375 | 15 |
v | 22 | 5153632 | 22 |
e | 5 | 3125 | 10 |
Asymmetric Encryption - RSA
Cipher Text | cd | (m = me mod n) | Plain Text |
17 | 481968572106750915091411825223072000 | 17 | l |
15 | 12783403948858939111232757568359400 | 15 | o |
22 | 852643319086537701956194499721110000000 | 22 | v |
10 | 100000000000000000000000000000 | 10 | e |
Asymmetric Encryption – Key Agreement
Cipher
(DES)
Session Key
Cipher
(DES)
Bob’s
Public Key
Alice’s
Public Key
Bob’s
Private Key
Alice’s
Private Key
Alice and Bob
Generate Same
Session Key!
Asymmetric Encryption – Key Agreement contd.
Diffie-Hellman Mathematical Analysis
Bob & Alice
agree on non-secret
prime p and value a
Generate Secret
Random Number x
Compute Public Key
ax mod p
Compute Session Key
(ay)x mod p
Generate Secret
Random Number y
Compute Public Key
ay mod p
Compute Session Key
(ax)y mod p
Bob
Alice
Identical Secret Key
Bob & Alice exchange public keys
Diffie-Hellman Key Exchange
Diffie-Hellman Key Exchange
Message Signature
Authentication – Digital Signatures
Message
Sent to
Receiver
Digest
Algorithm
Digital
Signature
Sent to
Receiver
Message
Digest
Sender’s
Private Key
Sender’s
Public Key
Message
Digest
Signature
Algorithm
Signature
Algorithm
Digest
Algorithm
Message
Digest
Sender
Receiver
Same?
Authentication – Message Digests
Message
Message
Digest
Algorithm
Digest
Message Authentication Codes
Message
Message
Digest
Algorithm
Digest
Secret Key
Authentication – Digital Certificates
Identity
Information
Certificate Authority’s Private Key
Sender’s
Public Key
Signature
Algorithm
Certificate
Asymmetric Encryption - Weaknesses
Trudeau’s
Message
+ public key
Cipher
Trudeau’s
Encrypted
Message
David’s
Message
+ public key
Trudeau’s
New Message
+ public key
David
Attacker
Bob’s
Message
+ Public key
Cipher
David’s
Public Key
Trudeau
(Middle-man)
Trudeau’s
Public Key
Bob’s
Encrypted
Message
Bob’s
Public Key
David’s
Public Key
Cipher
Trudeau’s
Encrypted
Message
Cipher
Trudeau’s
Encrypted
Message
Asymmetric Encryption - Weaknesses
Message Authentication Code (MAC)
Limitations of MAC