DOCSLIB.ORG

RSA Public Key Cryptography Algorithm – a Review

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 6, ISSUE 07, JULY 2017 ISSN 2277-8616 RSA Public Key Cryptography Algorithm – A Review Shireen Nisha, Mohammed Farik Abstract: This paper aims to review RSA, examine its strengths and weaknesses, and propose novel solutions to overcome the weakness. RSA (Rivest, Shamir, and Adleman) is one of the best cryptographic algorithms in use today that ensures secure communication over networks. Index Terms: Algorithm, Cryptography, Cypher text, Private Key, Public Key, RSA. ———————————————————— 1 INTRODUCTION The rest of the paper is organized as follows: the next section NETWORKS are a must for any company to achieve looks at literature review on RSA algorithm as the most widely competitive advantage; however, all communication over any used PKC algorithm, section 3 looks at current usage of RSA, network, mainly the Internet needs to be secure to prevent section 4 highlights the strengths and weakness of RSA, while breach of confidential and sensitive data. An IBM sponsored section 5 briefly discusses the recommendations to mitigate benchmark study carried out by Ponemon Institute for the past some of the identified drawbacks. Lastly, section 6 concludes 11 years highlights the alarming boost (see Fig. 1) in the the paper and discusses about future works in this area. average cost of data breach globally (ACoDBG) each year with 2016 being $4 million [1], a 29 percent increase since 2 RSA PUBLIC KEY CRYPTOGRAPHY 2013 [2]. Known also as asymmetric encryption, PKC works on the concept of dual keys. While the recipients’ public key is used to encrypt the message, the private key is used for decryption, so there is no need to share a secret key as required in secret key (symmetric) cryptography [6]. PKC is largely used for authentication, non-repudiation, and key exchange [7]. The most widely used PKC algorithm in the world today, Rivest, Shamir, and Adleman algorithm (RSA) [6], [7], [8], [9] is considered superlative in comparison with algorithms such as the symmetric key Advanced Encryption Standard (AES) [8] and the asymmetric Goldwasser and Micali (GM) algorithms [7]. Officially launched in 1977 and named with the surname Fig 1: Global average cost of data breach from years 2012 to initials of inventors Ron Rivest, Adi Shamir, and Leonard 2016. Data from Ponemon Institute reports for the years 2012 Adleman, RSA is actually a set of two algorithms; key [3], 2013 [3], 2014 [4], 2015 [5] and 2016 [1]. generation, the most complex part used to produce the public and private keys, and RSA function evaluation which looks at Networks aren’t just used by businesses but also by home encrypting and decrypting [10]. Fig. 2 explains how the public users. Hence, network security is of utmost importance. This and private key is generated. Fig. 4 shows the methods of brings in cryptography, as a major component enabling secure encrypting plaintext and decrypting a ciphertext using the two communications over networks. Cryptography looks at keys. methods of hiding the actual message from unintended recipients by scrambling the data via an algorithm. The first proven use of cryptography dates back to 1900 B.C, Ancient Egypt, when a document writer used irregular hieroglyphs (writing system using a combination of graphics, symbols and alphabet) while copying a document [6]. Modern cryptography algorithms offer more security than the ancient ones and can be divided into 3 categories, namely secret key, public key and hash functions. The focus of this paper is public key cryptography (PKC) algorithm. ____________________ Shireen Nisha is currently pursuing masters degree program in Information Technology in the School of Science and Technology at the University of Fiji. E-mail: [email protected] Mohammed Farik (Member IEEE) is a Lecturer in Information Technology in the School of Science and Technology at the University of Fiji. E-mail: Fig 2: RSA Public Key and Private Key Generation Method [email protected] 187 IJSTR©2017 www.ijstr.org INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 6, ISSUE 07, JULY 2017 ISSN 2277-8616 application protocols such as HTTP, Telnet, Network News Transfer Protocol (NNTP), or File Transfer Protocol (FTP) by establishing an RSA key exchange during the SSL handshake between client and server to authenticate each end of the connection [14]. Moreover, RSA is used for employee verification in many organizations. Chip based smart cards use cryptographic algorithms to ensure security by checking the PIN code [22]. Some of these cards use RSA algorithms in combination with other algorithms. For instance, IDPrime MD 3811 smart cards, a single chip based dual-interface (contact Fig 3: RSA Encryption and Decryption Methods and contactless ISO14443 interface) smart card developed by Gemalto is also compatible with the NFC standard already RSA Security Inc. had a 17 year hold on RSA algorithm patent widely used by mobile devises today and is secured with both from 1983 till its expiry in 2000, however, the company RSA and elliptic curves algorithms [23]. Another example of surprisingly released its claim on the patent two weeks before Gemalto's cards is the IDPrime PIV (personal identity the expiry date, making RSA available to the public domain, verification) card v1.55 that looks at improved identification prompting a major competitor, Baltimore Technologies into free and authentication of US Federal employees and contractors giveaway of a version of its Keytools developer tool kit which to access Federal amenities and was published as FIPS PUB uses RSA algorithm and had cost developers $10,000 to – 201 [24]. Another product that uses RSA is the RSA $20,000 until now [11]. The patent years saw more than 800 SecurID, a two-factor authentication technology used in high- licensed customers and development of over 1,000 security environments to protect network resources and can applications, including the likes of Microsoft Windows, be hardware authenticator (a USB token, smart card, software Netscape Navigator, Intuit Quicken, Lotus Notes, PGP, Cisco application residing on your smartphone or key fob) and RSA Systems Inc., routers, credit cards, iPhone text messaging, authentication manager software based tokens [25]. The making web connections, and hundreds of other authenticator generates passcodes/pin tokens which resets products/services to protect trillions of transactions [9], [11], itself every 60 seconds making the previous token worthless. [12], [13]. When trying to access a protected resource, users enter the passcode together with their username which are intercepted by the RSA authentication Agent and presented to the RSA 3 CURRENT USAGE OF RSA SecureID system on the RSA authentication server which Looking at where RSA is being used today, let’s take the validates the pass code by running the same algorithm that example of Pretty Good Privacy in short PGP, a freeware was used to generate the passcode to check if their 8 digit created by Phil Zimmerman, providing encryption and output matches the one entered by the user along with the authentication for e-mail and file storage applications across username before granting access to the remote server [26]. multiple platforms and it uses RSA algorithm for its key transportation [14], [15]. Many cloud service providers also use PKC for authentication. One example is Googles G Suite, a 4 STRENGTHS AND WEAKNESSES OF RSA brand of cloud based services that has been rated as excellent One of the reason RSA has become most widely used is on PGMags review in February 2017, has about 3 million paid because it allows either of the two keys to encrypt a message customers including large companies such as Whirlpool and and the opposite key to decrypt it, thus promising PiceWaterhouseCoopers taking advantage of a collaboration- confidentiality, integrity, authenticity and non-reputability of ready office suite, a website, shared calendars, mail services, data and electronic communications [20]. It’s important to note chat, video conferences, social media, real-time document that a weak key generation will make RSA very vulnerable to collaborations, and many more [16], [17]. This service has attacks therefore care must be taken to ensure that two large encryption at numerous stages and is enabled by default for all random prime numbers are used to calculate the modulus, n customers. Firstly, data access is enabled through Hypertext [10], which will become the public key and the private key will Transfer Protocol Secure (HTTPS) encrypted tunnels, then it consist of those two primes themselves. The effectiveness of uses Perfect Forward Secrecy (PFS), for which Google made RSA algorithm comes from the fact that it’s difficult to headlines in 2011 for being the first to enable this feature [18], computationally factor large integers into primes [12], [20]. which scrambles data as it moves between their and other Multiplying the two primes is easy but performing the reverse companies servers and it uses SSL (Secure Sockets in the form of factoring is actually hard and gets even harder Layer)/TLS (Transport Layer Security) for connectivity where as the values of p and q gets bigger [27]. Take for instance, the 256-bit TLS looks at the encryption enforcement policy the RSA Factoring Challenge enacted by RSA Laboratories in which rejects all inbound and outbound mail from other mail 1991, has many moduli still pending to be factored. On 12 servers if they don’t use TLS [19]. A common operation in IT is December 2009, a 768-bit RSA modulus containing a 232 RSA signature verification and many protocols such as SSH, decimal digit number was factored by a total of 13 researchers OpenPGP, S/MIME and SSL/TLS rely on it [20]. SSL over a span of two years using hundreds of parallel certificates are used to protect the online users’ private and computers, a task equivalent to approximately 2000 years of sensitive data.
Recommended publications
  • Making Sense of Snowden, Part II: What's Significant in the NSA

    Making Sense of Snowden, Part II: What's Significant in the NSA

    web extra Making Sense of Snowden, Part II: What’s Significant in the NSA Revelations Susan Landau, Google hen The Guardian began publishing a widely used cryptographic standard has vastly wider impact, leaked documents from the National especially because industry relies so heavily on secure Inter- Security Agency (NSA) on 6 June 2013, net commerce. Then The Guardian and Der Spiegel revealed each day brought startling news. From extensive, directed US eavesdropping on European leaders7 as the NSA’s collection of metadata re- well as broad surveillance by its fellow members of the “Five cords of all calls made within the US1 Eyes”: Australia, Canada, New Zealand, and the UK. Finally, to programs that collected and stored data of “non-US” per- there were documents showing the NSA targeting Google and W2 8,9 sons to the UK Government Communications Headquarters’ Yahoo’s inter-datacenter communications. (GCHQs’) interception of 200 transatlantic fiberoptic cables I summarized the initial revelations in the July/August is- at the point where they reached Britain3 to the NSA’s pene- sue of IEEE Security & Privacy.10 This installment, written in tration of communications by leaders at the G20 summit, the late December, examines the more recent ones; as a Web ex- pot was boiling over. But by late June, things had slowed to a tra, it offers more details on the teaser I wrote for the January/ simmer. The summer carried news that the NSA was partially February 2014 issue of IEEE Security & Privacy magazine funding the GCHQ’s surveillance efforts,4 and The Guardian (www.computer.org/security).
  • Public Key Cryptography And

    Public Key Cryptography And

    PublicPublic KeyKey CryptographyCryptography andand RSARSA Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 [email protected] Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/ Washington University in St. Louis CSE571S ©2011 Raj Jain 9-1 OverviewOverview 1. Public Key Encryption 2. Symmetric vs. Public-Key 3. RSA Public Key Encryption 4. RSA Key Construction 5. Optimizing Private Key Operations 6. RSA Security These slides are based partly on Lawrie Brown’s slides supplied with William Stallings’s book “Cryptography and Network Security: Principles and Practice,” 5th Ed, 2011. Washington University in St. Louis CSE571S ©2011 Raj Jain 9-2 PublicPublic KeyKey EncryptionEncryption Invented in 1975 by Diffie and Hellman at Stanford Encrypted_Message = Encrypt(Key1, Message) Message = Decrypt(Key2, Encrypted_Message) Key1 Key2 Text Ciphertext Text Keys are interchangeable: Key2 Key1 Text Ciphertext Text One key is made public while the other is kept private Sender knows only public key of the receiver Asymmetric Washington University in St. Louis CSE571S ©2011 Raj Jain 9-3 PublicPublic KeyKey EncryptionEncryption ExampleExample Rivest, Shamir, and Adleman at MIT RSA: Encrypted_Message = m3 mod 187 Message = Encrypted_Message107 mod 187 Key1 = <3,187>, Key2 = <107,187> Message = 5 Encrypted Message = 53 = 125 Message = 125107 mod 187 = 5 = 125(64+32+8+2+1) mod 187 = {(12564 mod 187)(12532 mod 187)... (1252 mod 187)(125 mod 187)} mod 187 Washington University in
  • Crypto Wars of the 1990S

    Crypto Wars of the 1990S

    Danielle Kehl, Andi Wilson, and Kevin Bankston DOOMED TO REPEAT HISTORY? LESSONS FROM THE CRYPTO WARS OF THE 1990S CYBERSECURITY June 2015 | INITIATIVE © 2015 NEW AMERICA This report carries a Creative Commons license, which permits non-commercial re-use of New America content when proper attribution is provided. This means you are free to copy, display and distribute New America’s work, or in- clude our content in derivative works, under the following conditions: ATTRIBUTION. NONCOMMERCIAL. SHARE ALIKE. You must clearly attribute the work You may not use this work for If you alter, transform, or build to New America, and provide a link commercial purposes without upon this work, you may distribute back to www.newamerica.org. explicit prior permission from the resulting work only under a New America. license identical to this one. For the full legal code of this Creative Commons license, please visit creativecommons.org. If you have any questions about citing or reusing New America content, please contact us. AUTHORS Danielle Kehl, Senior Policy Analyst, Open Technology Institute Andi Wilson, Program Associate, Open Technology Institute Kevin Bankston, Director, Open Technology Institute ABOUT THE OPEN TECHNOLOGY INSTITUTE ACKNOWLEDGEMENTS The Open Technology Institute at New America is committed to freedom The authors would like to thank and social justice in the digital age. To achieve these goals, it intervenes Hal Abelson, Steven Bellovin, Jerry in traditional policy debates, builds technology, and deploys tools with Berman, Matt Blaze, Alan David- communities. OTI brings together a unique mix of technologists, policy son, Joseph Hall, Lance Hoffman, experts, lawyers, community organizers, and urban planners to examine the Seth Schoen, and Danny Weitzner impacts of technology and policy on people, commerce, and communities.
  • NSA's Efforts to Secure Private-Sector Telecommunications Infrastructure

    NSA's Efforts to Secure Private-Sector Telecommunications Infrastructure

    Under the Radar: NSA’s Efforts to Secure Private-Sector Telecommunications Infrastructure Susan Landau* INTRODUCTION When Google discovered that intruders were accessing certain Gmail ac- counts and stealing intellectual property,1 the company turned to the National Security Agency (NSA) for help in securing its systems. For a company that had faced accusations of violating user privacy, to ask for help from the agency that had been wiretapping Americans without warrants appeared decidedly odd, and Google came under a great deal of criticism. Google had approached a number of federal agencies for help on its problem; press reports focused on the company’s approach to the NSA. Google’s was the sensible approach. Not only was NSA the sole government agency with the necessary expertise to aid the company after its systems had been exploited, it was also the right agency to be doing so. That seems especially ironic in light of the recent revelations by Edward Snowden over the extent of NSA surveillance, including, apparently, Google inter-data-center communications.2 The NSA has always had two functions: the well-known one of signals intelligence, known in the trade as SIGINT, and the lesser known one of communications security or COMSEC. The former became the subject of novels, histories of the agency, and legend. The latter has garnered much less attention. One example of the myriad one could pick is David Kahn’s seminal book on cryptography, The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet.3 It devotes fifty pages to NSA and SIGINT and only ten pages to NSA and COMSEC.
  • Ch 13 Digital Signature

    Ch 13 Digital Signature

    1 CH 13 DIGITAL SIGNATURE Cryptography and Network Security HanJung Mason Yun 2 Index 13.1 Digital Signatures 13.2 Elgamal Digital Signature Scheme 13.3 Schnorr Digital Signature Scheme 13.4 NIST Digital Signature Algorithm 13.6 RSA-PSS Digital Signature Algorithm 3 13.1 Digital Signature - Properties • It must verify the author and the date and time of the signature. • It must authenticate the contents at the time of the signature. • It must be verifiable by third parties, to resolve disputes. • The digital signature function includes authentication. 4 5 6 Attacks and Forgeries • Key-Only attack • Known message attack • Generic chosen message attack • Directed chosen message attack • Adaptive chosen message attack 7 Attacks and Forgeries • Total break • Universal forgery • Selective forgery • Existential forgery 8 Digital Signature Requirements • It must be a bit pattern that depends on the message. • It must use some information unique to the sender to prevent both forgery and denial. • It must be relatively easy to produce the digital signature. • It must be relatively easy to recognize and verify the digital signature. • It must be computationally infeasible to forge a digital signature, either by constructing a new message for an existing digital signature or by constructing a fraudulent digital signature for a given message. • It must be practical to retain a copy of the digital signature in storage. 9 Direct Digital Signature • Digital signature scheme that involves only the communication parties. • It must authenticate the contents at the time of the signature. • It must be verifiable by third parties, to resolve disputes. • Thus, the digital signature function includes the authentication function.
  • RSA BSAFE Crypto-C 5.21 FIPS 140-1 Security Policy2.…

    RSA BSAFE Crypto-C 5.21 FIPS 140-1 Security Policy2.…

    RSA Security, Inc. RSA™ BSAFE® Crypto-C Crypto-C Version 5.2.1 FIPS 140-1 Non-Proprietary Security Policy Level 1 Validation Revision 1.0, May 2001 © Copyright 2001 RSA Security, Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice. Table of Contents 1 INTRODUCTION.................................................................................................................. 3 1.1 PURPOSE ............................................................................................................................. 3 1.2 REFERENCES ....................................................................................................................... 3 1.3 DOCUMENT ORGANIZATION ............................................................................................... 3 2 THE RSA BSAFE PRODUCTS............................................................................................ 5 2.1 THE RSA BSAFE CRYPTO-C TOOLKIT MODULE .............................................................. 5 2.2 MODULE INTERFACES ......................................................................................................... 5 2.3 ROLES AND SERVICES ......................................................................................................... 6 2.4 CRYPTOGRAPHIC KEY MANAGEMENT ................................................................................ 7 2.4.1 Protocol Support........................................................................................................
  • Implementation and Performance Evaluation of XTR Over Wireless Network

    Implementation and Performance Evaluation of XTR Over Wireless Network

    Implementation and Performance Evaluation of XTR over Wireless Network By Basem Shihada [email protected] Dept. of Computer Science 200 University Avenue West Waterloo, Ontario, Canada (519) 888-4567 ext. 6238 CS 887 Final Project 19th of April 2002 Implementation and Performance Evaluation of XTR over Wireless Network 1. Abstract Wireless systems require reliable data transmission, large bandwidth and maximum data security. Most current implementations of wireless security algorithms perform lots of operations on the wireless device. This result in a large number of computation overhead, thus reducing the device performance. Furthermore, many current implementations do not provide a fast level of security measures such as client authentication, authorization, data validation and data encryption. XTR is an abbreviation of Efficient and Compact Subgroup Trace Representation (ECSTR). Developed by Arjen Lenstra & Eric Verheul and considered a new public key cryptographic security system that merges high level of security GF(p6) with less number of computation GF(p2). The claim here is that XTR has less communication requirements, and significant computation advantages, which indicate that XTR is suitable for the small computing devices such as, wireless devices, wireless internet, and general wireless applications. The hoping result is a more flexible and powerful secure wireless network that can be easily used for application deployment. This project presents an implementation and performance evaluation to XTR public key cryptographic system over wireless network. The goal of this project is to develop an efficient and portable secure wireless network, which perform a variety of wireless applications in a secure manner. The project literately surveys XTR mathematical and theoretical background as well as system implementation and deployment over wireless network.
  • Key Improvements to XTR

    Key Improvements to XTR

    To appear in Advances in Cryptology|Asiacrypt 2000, Lecture Notes in Computer Science 1976, Springer-Verlag 2000, 220-223. Key improvements to XTR Arjen K. Lenstra1, Eric R. Verheul2 1 Citibank, N.A., Technical University Eindhoven, 1 North Gate Road, Mendham, NJ 07945-3104, U.S.A., [email protected] 2 PricewaterhouseCoopers, GRMS Crypto Group, Goudsbloemstraat 14, 5644 KE Eindhoven, The Netherlands, Eric.Verheul@[nl.pwcglobal.com, pobox.com] Abstract. This paper describes improved methods for XTR key rep- resentation and parameter generation (cf. [4]). If the ¯eld characteristic is properly chosen, the size of the XTR public key for signature appli- cations can be reduced by a factor of three at the cost of a small one time computation for the recipient of the key. Furthermore, the para- meter set-up for an XTR system can be simpli¯ed because the trace of a proper subgroup generator can, with very high probability, be com- puted directly, thus avoiding the probabilistic approach from [4]. These non-trivial extensions further enhance the practical potential of XTR. 1 Introduction In [1] it was shown that conjugates of elements of a subgroup of GF(p6)¤ of order 2 dividing Á6(p) = p ¡ p + 1 can be represented using 2 log2(p) bits, as opposed to the 6 log2(p) bits that would be required for their traditional representation. In [4] an improved version of the method from [1] was introduced that achieves the same communication advantage at a much lower computational cost. The resulting representation method is referred to as XTR, which stands for E±cient and Compact Subgroup Trace Representation.
  • Elements of Cryptography

    Elements of Cryptography

    Elements Of Cryptography The discussion of computer security issues and threats in the previous chap- ters makes it clear that cryptography provides a solution to many security problems. Without cryptography, the main task of a hacker would be to break into a computer, locate sensitive data, and copy it. Alternatively, the hacker may intercept data sent between computers, analyze it, and help himself to any important or useful “nuggets.” Encrypting sensitive data com- plicates these tasks, because in addition to obtaining the data, the wrongdoer also has to decrypt it. Cryptography is therefore a very useful tool in the hands of security workers, but is not a panacea. Even the strongest cryp- tographic methods cannot prevent a virus from damaging data or deleting files. Similarly, DoS attacks are possible even in environments where all data is encrypted. Because of the importance of cryptography, this chapter provides an introduction to the principles and concepts behind the many encryption al- gorithms used by modern cryptography. More historical and background ma- terial, descriptions of algorithms, and examples, can be found in [Salomon 03] and in the many other texts on cryptography, code breaking, and data hiding that are currently available in libraries, bookstores, and the Internet. Cryptography is the art and science of making data impossible to read. The task of the various encryption methods is to start with plain, readable data (the plaintext) and scramble it so it becomes an unreadable ciphertext. Each encryption method must also specify how the ciphertext can be de- crypted back into the plaintext it came from, and Figure 1 illustrates the relation between plaintext, ciphertext, encryption, and decryption.
  • Efficient Encryption on Limited Devices

    Efficient Encryption on Limited Devices

    Rochester Institute of Technology RIT Scholar Works Theses 2006 Efficient encryption on limited devices Roderic Campbell Follow this and additional works at: https://scholarworks.rit.edu/theses Recommended Citation Campbell, Roderic, "Efficient encryption on limited devices" (2006). Thesis. Rochester Institute of Technology. Accessed from This Master's Project is brought to you for free and open access by RIT Scholar Works. It has been accepted for inclusion in Theses by an authorized administrator of RIT Scholar Works. For more information, please contact [email protected]. Masters Project Proposal: Efficient Encryption on Limited Devices Roderic Campbell Department of Computer Science Rochester Institute of Technology Rochester, NY, USA [email protected] June 24, 2004 ________________________________________ Chair: Prof. Alan Kaminsky Date ________________________________________ Reader: Prof. Hans-Peter Bischof Date ________________________________________ Observer: Prof. Leonid Reznik Date 1 1 Summary As the capstone of my Master’s education, I intend to perform a comparison of Elliptic Curve Cryptography(ECC) and The XTR Public Key System to the well known RSA encryption algorithm. The purpose of such a project is to provide a further understanding of such types of encryption, as well as present an analysis and recommendation for the appropriate technique for given circumstances. This comparison will be done by developing a series of tests on which to run identical tasks using each of the previously mentioned algorithms. Metrics such as running time, maximum and average memory usage will be measured as applicable. There are four main goals of Crypto-systems: Confidentiality, Data Integrity, Authentication and Non-repudiation[5]. This implementation deals only with confidentiality of symmetric key exchange.
  • The RSA Algorithm

    The RSA Algorithm

    The RSA Algorithm Evgeny Milanov 3 June 2009 In 1978, Ron Rivest, Adi Shamir, and Leonard Adleman introduced a cryptographic algorithm, which was essentially to replace the less secure National Bureau of Standards (NBS) algorithm. Most impor- tantly, RSA implements a public-key cryptosystem, as well as digital signatures. RSA is motivated by the published works of Diffie and Hellman from several years before, who described the idea of such an algorithm, but never truly developed it. Introduced at the time when the era of electronic email was expected to soon arise, RSA implemented two important ideas: 1. Public-key encryption. This idea omits the need for a \courier" to deliver keys to recipients over another secure channel before transmitting the originally-intended message. In RSA, encryption keys are public, while the decryption keys are not, so only the person with the correct decryption key can decipher an encrypted message. Everyone has their own encryption and decryption keys. The keys must be made in such a way that the decryption key may not be easily deduced from the public encryption key. 2. Digital signatures. The receiver may need to verify that a transmitted message actually origi- nated from the sender (signature), and didn't just come from there (authentication). This is done using the sender's decryption key, and the signature can later be verified by anyone, using the corresponding public encryption key. Signatures therefore cannot be forged. Also, no signer can later deny having signed the message. This is not only useful for electronic mail, but for other electronic transactions and transmissions, such as fund transfers.
  • Hash, DH and RSA

    Hash, DH and RSA

    CSE468/598 Computer Network Security Hash, DH and RSA Short Version Chun-Jen Chung Arizona State University CSE468/598 Computer Network Security Outline . Background . Hash Functions . Public key cryptography (PKC) • DH • RSA . Summary 2 CSE468/598 Computer Network Security Background CSE468/598 Computer Network Security Crypto algorithms review Encryption Authentication Hash functions Symmetric Asymmetric SHA-1 MD5 MAC Secret key: Public key: (message authentication code) DES, 3DES, AES RSA, ECC HMAC Digital Signature (secret key) (public key) Key management Manual Secret key Exchange: Public key Exchange: operation Diffie-Hellman Certificate Authority on PKI CSE468/598 Computer Network Security Introduction to Hash Functions CSE468/598 Computer Network Security Hash Algorithms Message of hash H A fixed-length arbitrary length Math transformation short message . Also known as • (Cryptographic) Hash functions • Message digests • One-way transformations • One-way functions . Length of H(m) much shorter than length of m . Usually fixed lengths: 128 or 160 bits . Example algorithms • MD5 (Message-Digest) – 128 bits output • SHA-1 (secure hash algorithm) : 160 bits output • SHA-2: 256/224, 512/384 CSE468/598 Computer Network Security Hash Algorithms (cont’d) Image from scanner All files of a floppy disk All files of a hard disk User password 8 bytes 512 K bytes 1.4 M bytes 80Giga bytes One way hash One way hash One way hash One way hash (SHA-1) (SHA-1) (SHA-1) (SHA-1) 43 B0 4C 54 3B 73 BF 4C 34 3B 54 3B 4C 34 3B 32 2B 23 70 7A 67 A2 23 3F 7D 67 A2 45 23 76 62 3C D3 AF A2 2B 4F 43 B0 4C 36 2B 7A 2B 49 3F 76 D2 37 F6 45 67 A2 23 3F 54 3B 49 28 67 3C D3 AF 27 4A 44 47 8F 93 D2 7D 43 B0 4C 19 A2 23 8F 7D 36 Hash value 20 bytes Hash value 20 bytes Hash value 20 bytes Hash value 20 bytes (160 bits) CSE468/598 Computer Network Security Applications of Hash Functions .