Scribd
Upload
129 views

Application OF: Presented by

This document discusses cryptographic security and the RSA cryptosystem. It begins by outlining security risks like eavesdropping, message tampering, and spoofing that cryptography aims to address through goals like confidentiality, integrity, authentication, and non-repudiation. It then introduces symmetric and asymmetric key cryptography. The bulk of the document focuses on RSA, explaining how it uses a public/private key pair based on the difficulty of factoring large numbers to encrypt messages for confidentiality or create digital signatures. Key generation, encryption, and decryption processes are outlined along with an example calculation.

Uploaded by

tbijle
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
129 views

Application OF: Presented by

This document discusses cryptographic security and the RSA cryptosystem. It begins by outlining security risks like eavesdropping, message tampering, and spoofing that cryptography aims to address through goals like confidentiality, integrity, authentication, and non-repudiation. It then introduces symmetric and asymmetric key cryptography. The bulk of the document focuses on RSA, explaining how it uses a public/private key pair based on the difficulty of factoring large numbers to encrypt messages for confidentiality or create digital signatures. Key generation, encryption, and decryption processes are outlined along with an example calculation.

Uploaded by

tbijle
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 18

APPLICATION

OF

PRESENTED BY>

by Ritu Sharma

Cryptographic Security

Consider the following security risks that


could face two communicating entities in
an unprotected environment:
(1)

C
C could view the secret message by
eavesdropping on the communication.
Loss of privacy/confidentiality

by Ritu Sharma
2

Cryptographic Security

(2)

C
C could alter/corrupt the message, or the message could change while
in transit. If B does not detect this, then we have Loss of Integrity

(3)

Or it could send a massage to B pretending to be A

m
C
If B cannot verify the source entity of the information then we
lack authentication
by Ritu Sharma
3

Cryptographic Security

(4)

A might repudiate having sent m to B


Hence, some possible goals for communication:
Privacy/confidentiality - information not disclosed to unauthorized entities
Integrity - information not altered deliberately or accidentally
Authentication - validation of identity of source of information
Non-repudiation Sender should not be able to deny sending a message

by Ritu Sharma
4

Cryptographic Security

Cryptography is the study of


mathematical techniques related to
aspects of information security such as
confidentiality, data integrity,
authentication, and non-repudiation.

by Ritu Sharma
5

Cryptographic Security

Sender

(encryption)
(encryption key)

Receiver

(decryption)

(decryption key)

Plaintext: original message or data (also called


cleartext)
Encryption: transforming the plaintext, under the
control of the key
Ciphertext: encrypted plaintext
Decryption: transforming the ciphertext back to the
original plaintext
Cryptographic key: used with an algorithm to
determine the transformation from plaintext to
ciphertext, and v.v.
by Ritu Sharma
6

Ciphertext Alone attack: The attacker has


available only the intercepted cryptogram C.
From C , try to find P or (even better) the key.

(encryption)

(key)

by Ritu Sharma
7

Known Plaintext attack: The attacker knows a


small amount of plaintext (Pi) and its ciphertext
Equivalent (Ci).
Attacker tries to find key or to infer Pi+1 (next plaintext)

Pi
Pi+1

Ci
(encryption)

Ci+1

(key)
by Ritu Sharma
8

Chosen Plaintext attack: The attacker can choose


plaintext (Pi) and obtain its ciphertext (Ci).
A careful selection of (Pi) would give a pair of
(Pi, Ci) good for analyzing Enc. Alg. + key and in
finding Pi+1 (next plaintext of sender)

Pi
Pi+1

Ci
(encryption)

Ci+1

(key)
by Ritu Sharma
9

Private Key (symmetric) :


A single key (K) is used for both encryption and decryption and
must be kept secret.
Key distribution problem a secure channel is needed to transmit
the key before secure communication can take place over an
unsecure channel.

Sender

(encryption)
(K)

EK(M) = C

Receiver

(decryption)

(K)

DK(C) = M
by Ritu Sharma
10

Public Key (asymmetric):

The encryption procedure (key) is public while the


decryption procedure (key) is private.
Each participant has a public key and a private
key.
May allow for both encryption of messages and
creation of digital signatures.

by Ritu Sharma

11

Forms of Cryptosystems
Public Key (asymmetric):
Requirements:
1. For every message M, encrypting with public key and then
decrypting resulting ciphertext with matching private key
results in M.
2. Encryption and Decryption can be efficiently applied to M
3. It is impractical to derive decryption key from encryption key.

Sender

(encryption)
(public key
of Receiver)

Receiver
(decryption)

(private key
of Receiver)
by Ritu Sharma
12

Cryptographic Security

Combining Public/Private Key


Systems
Public key encryption is more expensive than symmetric key encryption
For efficiency, combine the two approaches

(1)

(2)

(1) Use public key encryption for authentication; once


authenticated, transfer a shared secret symmetric key
(2) Use symmetric key for encrypting subsequent data transmissions

by Ritu Sharma
13

Cryptographic Security

RivestShamirAdelman (RSA)
Method

Named after the designers: Rivest,


Shamir, and Adleman

Public-key cryptosystem and digital


signature scheme.

Based on difficulty of factoring large


integers
For large primes p & q, n = pq
Public key e and private key d calculated
by Ritu Sharma
14

RSA Key Generation


Every participant must generate a Public and Private key:
1. Let p and q be large prime numbers,
randomly chosen from the set of all large prime
numbers.
2. Compute n = pq.
3. Choose any large integer, d, so that:
GCD( d, (n)) = 1 (where(n)=(p1)(q1))
4. Compute e = d-1 (mod (n)).
5. Publish n and e. Keep p, q and d secret.
Note:
Step 4 can be written as:
Find e so that: e x d = 1 (modulo (n))
If we can obtain p and q, and we have (n, e), we can
find d
by Ritu Sharma
15

RivestShamirAdelman (RSA)
Method

Assume A wants to send something


confidentially to B:
A takes M, computes C = Me mod n, where
(e, n) is Bs public key. Sends C to B
B takes C, finds M = Cd mod n, where (d, n)
is Bs private key + Confidentiality
M

Cd

B
mod

M
Me mod
C
n
n
(e,
(d, n)
n)Key for
Encryption
Decryption Key for user B
user B
(Bs PrivateKey)
(Bs Public Key)
by Ritu Sharma
16

RSA Method
Example:
1. p = 5, q = 11 and n = 55.
(p1)x(q1) = 4 x 10 = 40
2. A valid d is 23 since GCD(40, 23) = 1

3. Then e = 7 since:
23 x 7 = 161 modulo 40 = 1
in other words
e = 23-1 (mod 40) = 7
by Ritu Sharma
17

Digital Signatures Based on RSA


In RSA algorithm the encryption and
decryption
operations are commutative:
( me ) d = ( m d ) e = m
We can use this property to create a digital
signature with RSA.

by Ritu Sharma
18

You might also like