CS 5323
Asymmetric Cryptography
Prof. Ravi Sandhu Executive Director and Endowed Chair
Lecture 3
[email protected] www.profsandhu.com
© Ravi Sandhu World-Leading Research with Real-World Impact! 1 Asymmetric Encryption
© Ravi Sandhu World-Leading Research with Real-World Impact! 2 Public-Key Encryption
INSECURE CHANNEL
Plain- Ciphertext Plain- text text Encryption Decryption Algorithm E Algorithm D A B
B's Public Key B's Private Key
SECURE CHANNEL Confidentiality Integrity
© Ravi Sandhu World-Leading Research with Real-World Impact! 3 Symmetric-Key Encryption
INSECURE CHANNEL Plain- Plain- Ciphertext text text
Encryption Decryption Algorithm E Algorithm D A B
Symmetric Key K K shared by A and B
SECURE CHANNEL Confidentiality Integrity
© Ravi Sandhu World-Leading Research with Real-World Impact! 4 Public-Key Encryption
reduces the key distribution problem to a secure channel for authentic communication of public keys requires authentic dissemination of 1 public key/party scales well for large-scale systems with N parties we need to generate and distribute N public keys
© Ravi Sandhu World-Leading Research with Real-World Impact! 5 Known Public-Key Attack
confidentiality based on infeasibility of computing B's private key from B's public key key sizes are large (2048 bits and above) to make this computation infeasible
© Ravi Sandhu World-Leading Research with Real-World Impact! 6 Speed
public key runs 1000 times slower than symmetric key think 2g versus 4g on smartphone This large difference in speed is likely to remain Maybe reduce to 100 times
Use public keys to distribute symmetric keys, use symmetric keys to protect data
© Ravi Sandhu World-Leading Research with Real-World Impact! 7 RSA Cryptosystem
public key is (n,e) private key is d encrypt: C = M mod n decrypt: M = C mod n
X Not covered in lecture
© Ravi Sandhu World-Leading Research with Real-World Impact! 8 RSA Cryptosystem
public key is (n,e) private key is d encrypt: C = M mod n decrypt: M = C mod n
This naive use of RSA is X not secure but will Not covered suffice for our purposes in lecture
© Ravi Sandhu World-Leading Research with Real-World Impact! 9 RSA Key Generation
choose 2 large prime numbers p and q compute n = p * q pick e relatively prime to (p-1)*(q-1) compute d, e*d = 1 mod (p-1)*(q-1) publish (n,e) keep d private (and discard p, q)
X Not covered in lecture
© Ravi Sandhu World-Leading Research with Real-World Impact! 10 RSA Key Protection
compute d, e*d = 1 mod (p-1)*(q-1) if factorization of n into p*q is known, this is easy to do security of RSA is no better than the difficulty of factoring n into p, q
X Not covered in lecture
© Ravi Sandhu World-Leading Research with Real-World Impact! 11 Asymmetric Digital Signatures
© Ravi Sandhu World-Leading Research with Real-World Impact! 12 Public-Key Digital Signature
INSECURE CHANNEL
Plain- Plaintext + Signature Yes/No text Signature Verification Algorithm S Algorithm V A B
A's Private Key A's Public Key
SECURE CHANNEL Confidentiality Integrity
© Ravi Sandhu World-Leading Research with Real-World Impact! 13 Compare Public-Key Encryption
INSECURE CHANNEL
Plain- Ciphertext Plain- text text Encryption Decryption Algorithm E Algorithm D A B
B's Public Key B's Private Key
SECURE CHANNEL Confidentiality Integrity
© Ravi Sandhu World-Leading Research with Real-World Impact! 14 Compare Symmetric Key MAC
INSECURE CHANNEL
Plain- Plaintext + MAC Yes/No text MAC Verification Algorithm M Algorithm V A B
K K
SECURE CHANNEL Confidentiality Integrity
© Ravi Sandhu World-Leading Research with Real-World Impact! 15 Digital Signatures in RSA
RSA has a unique property, not shared by other public key systems Encryption and decryption commute (M mod n) mod n = M encryption (M mod n) mod n = M signature Same public key can be use for encryption and signature But not recommended X Not covered in lecture
© Ravi Sandhu World-Leading Research with Real-World Impact! 16 Message Digest
© Ravi Sandhu World-Leading Research with Real-World Impact! 17 Encryption Speed Revisited
public key runs 1000 times slower than symmetric key think 2g versus 4g on smartphone This large difference in speed is likely to remain Maybe reduce to 100 times
Use public keys to distribute symmetric keys, use symmetric keys to protect data
© Ravi Sandhu World-Leading Research with Real-World Impact! 18 Digital Signature Speed
public key runs 1000 times slower than symmetric key think 2g versus 4g on smartphone This large difference in speed is likely to remain Maybe reduce to 100 times
Sign the message digest (or hash) not the message
© Ravi Sandhu World-Leading Research with Real-World Impact! 19 Message Digest (Hash)
M=H-1(m) original message no practical limit to size M
message digest algorithm H
message digest easy 256 bit hard m m=H(M)
© Ravi Sandhu World-Leading Research with Real-World Impact! 20 Desired Characteristics
weak hash function difficult to find M' such that H(M')=H(M) given M, m=H(M) try messages at random to find M’ with H(M’)=m 2k trials on average, k=128 to be safe
© Ravi Sandhu World-Leading Research with Real-World Impact! 21 Desired Characteristics
strong hash function difficult to find any two M and M' such that H(M')=H(M) try pairs of messages at random to find M and M’ such that H(M’)=H(M) 2k/2 trials on average, k=256 to be safe
Birthday paradox
© Ravi Sandhu World-Leading Research with Real-World Impact! 22 Message Authentication Code
Symmetric Encryption Message-Digest Based Based
CBC-MAC HMAC
MAC has same size as Hash the message block size of underlying cryptosystem and a symmetric key
CCM mode MAC has same size as Provides confidentiality and integrity underlying hash function or can truncate
Revisiting after discussing message digests
© Ravi Sandhu World-Leading Research with Real-World Impact! 23 Asymmetric Key Exchange
© Ravi Sandhu World-Leading Research with Real-World Impact! 24 Diffie-Hellman Key Agreement
xA xB yA=a mod p yB=a mod p A public key public key B
private key private key xA xB
xA xB xA*xB k = yB mod p = yA mod p = a mod p system constants: p: prime number, a: integer X Not covered in lecture
© Ravi Sandhu World-Leading Research with Real-World Impact! 25 Diffie-Hellman Key Agreement
security depends on difficulty of computing x given y=ax mod p called the discrete logarithm problem
X Not covered in lecture
© Ravi Sandhu World-Leading Research with Real-World Impact! 26 Diffie-Hellman Man-in-the-Middle Attack
A C B
Public keys need to be X authenticated Not covered in lecture
© Ravi Sandhu World-Leading Research with Real-World Impact! 27