The Mathematical Principles of Modern Cryptography

The Mathematical Principles of Modern Cryptography

THE MATHEMATICAL PRINCIPLES OF MODERN CRYPTOGRAPHY ATHESIS SUBMITTED TO THE UNIVERSITY OF MANCHESTER FOR A MASTER’S DEGREE IN MATHEMATICS IN THE FACULTY OF SCIENCE AND ENGINEERING May 2021 Sam Holmes Department of Mathematics 1 Abstract In this thesis we study the mathematics that underpins elliptic curve cryptogra- phy and the RSA cryptosystem. The security of most cryptographic protocols used across the internet is currently based on the difficulty of factorising large semiprimes (RSA) or solving the elliptic curve discrete logarithm problem (ECDLP). To study these problems in detail we first provide an extensive background in the theory elliptic curves by proving that the set of points on an elliptic curve forms a finitely generated, abelian group and computing the subgroup of points of finite order. After introducing bilinear pairings we then move on to studying some of the applications of this theory which include secure encryption schemes, key exchange protocols and digital signature schemes. We also implement pollard’s p − 1 fac- torisation algorithm and Lenstra’s elliptic curve factorisation algorithm in Python to compare their ability to factorise large semiprimes. Contents 1 Introduction5 2 The Theory of Elliptic Curves9 2.1 The Projective Plane ........................ 10 2.2 Algebraic Representations of Elliptic Curves............ 11 2.2.1 Weierstrass Normal Form ................. 11 2.2.2 Singular cubic Curves ................... 13 2.2.3 Isomorphic Elliptic Curves................. 17 2.3 The Group of Points on an Elliptic Curve ............. 20 2.3.1 Point Addition ....................... 21 2.3.2 Proving the Associativity of Point Addition . 26 2.3.3 Explicit Formulas for Point Addition ........... 28 2.4 Mordell’s Theorem......................... 30 2.4.1 The Height Function.................... 30 2.4.2 Bounding the Height of P + P0 . 31 2.4.3 Bounding the Height of [2]P . 34 2.4.4 The Subgroup of Points of Order 2............. 38 2.4.5 The Descent Theorem ................... 43 2.5 Points of Finite Order........................ 47 2.5.1 The Nagell-Lutz Theorem................. 47 2.5.2 Reduction Modulo p .................... 50 2.6 Bilinear Pairings .......................... 52 2.6.1 Divisors........................... 53 2.6.2 The Weil Pairing...................... 54 3 Cryptographic Applications 58 3.1 Preliminaries ............................ 59 3.2 Factorising Large Semiprimes ................... 61 3.2.1 The RSA public key encryption scheme.......... 61 3.2.2 Comparing Pollard’s p-1 and Lenstra Elliptic Curve Fac- torisation Algorithms.................... 64 3.3 The Discrete Logarithm Problem and Diffie-Hellman protocol . 68 3.3.1 Choosing a Suitable Elliptic Curve for the ECDLP . 69 3.3.2 The Double-and-Add algorithm.............. 71 3.4 Comparing Digital Signature Schemes............... 73 3.4.1 The RSA Digital Signature Scheme............ 75 3.4.2 The Elliptic Curve Digital Signature Algorithm . 76 3.4.3 BLS Signatures....................... 77 4 Conclusion 79 A Appendix 81 A.1 Curve.py............................... 81 A.2 Point.py............................... 82 2 A.3 Plotting the Performance of the ECM and Pollard’s p-1 . 84 A.4 Plotting the Performance of the Double-and-Add algorithm . 85 Bibliography 87 List of Figures 2.1 Examples of smooth elliptic curves................. 13 2.2 Examples of singular elliptic curves ................ 14 2.3 Elliptic curve point addition .................... 23 2.4 The associativity of elliptic curve point addition........... 27 3.1 Comparing the time complexity of various algorithms used to fac- tor semiprimes n = pq, where B = min p;q . 64 3.2 Comparing the performance of Pollard’s p−1 and the ECM integer factorisation algorithms. ...................... 67 3.3 The performance of the Double-and-Add algorithm to compute multiples of a point on an elliptic curve............... 73 List of Tables 3.1 The RSA encryption scheme..................... 63 3.2 Comparing digital signature schemes. ............... 74 3.3 The RSA digital signature scheme................. 75 3.4 The elliptic curve digital signature algorithm (ECDSA) . 76 3.5 The BLS digital signature scheme ................. 77 3 LIST OF ALGORITHMS 4 List of Algorithms 1 Computing Etors (Q) using the Nagell-Lutz Theorem........ 49 2 Pollard’s p − 1 factorisation algorithm................ 65 3 Lenstra’s elliptic curve factorisation algorithm (ECM)....... 66 4 The binary point multiplication algorithm............... 72 Chapter 1 Introduction Cryptography is a fascinating field which draws inspiration from many areas of Mathematics and Computer Science in order to design protocols that enable secure communications between users in the presence of a potentially malicious adver- sary. Such adversaries may intend to eavesdrop on, tamper with or forge mes- sages between other users. The field is particularly relevant in today’s digital so- ciety because a large proportion of our online communications contain sensitive information, such as credit card details, which we would like to rigorously secure. Communication systems which use cryptographic protocols are often referred to as cryptographic systems or cryptosystems. Before we define the concept of security or explain the mathematics behind how cryptosystems operate in practice, we shall first state the four fundamental goals of cryptography which have remained at the heart of the subject since it’s inception [10]. (a) Confidentiality of the message: The primary goal of most cryptosystems is to allow messages to be sent in a disguised (or encrypted) form so that only the intended recipient(s) can obtain any information 1 from a transmitted message. (b) Message integrity: The recipient of a message must be able to determine whether the message was altered during transmission. This is often achieved through the usage of cryptographic hash functions (Definition 22). (c) Authentication of the sender: The recipient should be able to identify the sender and verify that no one else could have sent a given message. This is achieved through digital signatures. We study three examples in Section 3.4. (d) Irrevocability of the sender: If a message originated from a given user of a cryptosystem then it should be impossible for the user to deny the authorship of the message. 1This means that obtaining any information about the contents of the message (such as the statis- tical distribution of characters) known as meta-data should not be possible as such systems can be easily broken by a technique known as frequency analysis. 5 CHAPTER 1. INTRODUCTION 6 Not all modern cryptosystems are designed to achieve all four of these goals and several other attributes of information transmission can also be mathematically as- sured. For example, cryptocurrencies such as Bitcoin aim to solve the problem of double spending [4] to provide an efficient, secure and anonymous digital currency. A given cryptosystem which aims to provide confidentiality usually consists of the following three algorithms: (a)A key generation algorithm defines two distinct but related pieces of infor- mation: A user’s public and private keys. (b) An encryption algorithm or bijective function is used to convert the original message or plaintext into illegible ciphertext using a public key. (c)A decryption algorithm, another bijective function which carries out the reverse computation (from ciphertext back to plaintext) using the private key. A cryptosystem is considered semantically secure (or simply secure for our purposes) if only negligible information about the plaintext can be extracted from the ciphertext using any probabilistic, polynomial time algorithm. In practice se- mantic security is considered an insufficient condition. One also needs to ensure that an adversary with access to a message and the message’s corresponding cipher- text is not able to decrypt any other messages2. Cryptosystems with larger keys (or signatures) are usually more secure, but less efficient. Modern cryptography aims to optimise this trade-off to design efficient cryptosystems which use the smallest keys (or signatures) possible whilst providing sufficient security. Cryptosystems can be divided into two main categories depending on whether the encryption and decryption keys for a given message are the same. A user of a Private key (or symmetric ) cryptosystem encrypts their message with the same key the recipient uses to decrypt the message. This was the only form of encryption used throughout history until 1976. The earliest use of private key cryptography arguably dates back to around 1900 BC where hieroglyphics were systematically substituted with other unusual symbols in the tomb of the ancient Egyptian noble- man Khnumhotep II. There is substantial evidence that the ancient Greeks, partic- ularly the Spartan Military later popularised the usage of private key cryptography with early protocols such as the Caeser Cipher [2]. Private key systems are usually faster but less secure than their public key coun- terparts because the decryption algorithm can be implemented in approximately the same order of magnitude of time as the encryption algorithm. One important dis- advantage of private key cryptosystems is that each distinct pair of users requires a unique shared key. This leads to extensive key management as the total number of keys required increases with the square of the number of users. Due to their speed, 2This technique is referred to as a “known-plaintext attack” and was used by Alan Turing and others at Bletchley Park during World

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    91 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us