Unit 3

Number Theory &
Asymmetric Key
Cryptography

Prime Number
 Prime numbers only have divisors of 1 and self they cannot be written as a
product of other numbers.
eg. 2,3,5,7 are prime, 4,6,8,9,10 are not
 prime numbers are central to number theory
 list of prime number less than 200 is:
2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59
61 67 71 73 79 83 89 97 101 103 107 109 113 127
131 137 139 149 151 157 163 167 173 179 181 191
193 197 199

 An integer p > 1 is a prime number if and only if its only divisors are ± 1 and ±p.
 Any integer a > 1 can be factored in a unique way as
 where p1 < p2 < ... < pt are prime numbers and where each is a positive integer. This
is known as the fundamental theorem of arithmetic
91 = 7 x 13
3600 = 24 x 32 x 52
11011 = 7 x 112 x 13

 If P is the set of all prime numbers, then any positive integer a can be written
uniquely in the following form:
 The right-hand side is the product over all possible prime numbers p; for any
particular value of a, most of the exponents ap will be 0.

Relatively Prime Numbers
 Two numbers a,b are relatively prime (coprime) if they have no common divisors
apart from 1
– eg. 8 and 15 are relatively prime since factors of 8 are 1,2,4,8 and of 15 are 1,3,5,15
and 1 is the only common factor.

Modular Arithmetic
Given two positive integer n and a, if we divide a by n, we get an integer
quotient q and an integer remainder r that obey the following relationship:

THE EUCLIDEAN ALGORITHM
 One of the basic techniques of number theory is the Euclidean algorithm, which is
a simple procedure for determining the greatest common divisor of two positive
integers.

Greatest Common Divisor
 The greatest common divisor of a and b is the largest integer that divides
both a and b . We also define gcd(0, 0) = 0.
 The positive integer c is said to be the greatest common divisor of a and b if
1. c is a divisor of a and of b;
2. any divisor of a and b is a divisor of c.
 An equivalent definition is the following:
gcd(a, b) = max[k, such that k|a and k|b]
gcd(60, 24) = gcd(60,-24) = 12
In general, gcd(a, b) = gcd(|a|, |b|).

Finding the Greatest Common Divisor
 The Euclidean algorithm is based on the following theorem: For any nonnegative
integer a and any positive integer b,
gcd(a,b)=gcd(b,a mod b)
gcd(55, 22) = gcd(22, 55 mod 22) = gcd(22, 11) = 11

Example GCD(1970,1066)
1970 = 1 x 1066 + 904 gcd(1066, 904)
1066 = 1 x 904 + 162 gcd(904, 162)
904 = 5 x 162 + 94 gcd(162, 94)
162 = 1 x 94 + 68 gcd(94, 68)
94 = 1 x 68 + 26 gcd(68, 26)
68 = 2 x 26 + 16 gcd(26, 16)
26 = 1 x 16 + 10 gcd(16, 10)
16 = 1 x 10 + 6 gcd(10, 6)
10 = 1 x 6 + 4 gcd(6, 4)
6 = 1 x 4 + 2 gcd(4, 2)
4 = 2 x 2 + 0 gcd(2, 0)
GCD(1970,1066)=2

CONGRUENT MODULO
 Two integers a and b are said to be congruent modulo of n if
a mod n= b mod n.
then this is written as a ≡ b mod n.
Ex: a=73 b=4 and n=23
73 mod 23 =4
4 mod 23 =4
So 73 ≡ 4 mod 23

FERMAT’S AND EULER’S THEOREMS
 Two theorems that play important roles in public-key cryptography are Fermat’s
theorem and Euler’s theorem.

Fermat’s Theorem
 Fermat’s theorem states the following: If ‘p’ is prime and ‘a’ is a positive integer not
divisible by p, then
ap-1 ≡ 1 mod p

Euler's Totient Function
 It is defined as the number of positive integers less than ‘n’ and relatively prime to
‘n’ and is written as ø(n). By convention ø(1)=1.
 It should be clear that, for a prime number p,
ø(p) = p – 1
ø(37) = 36
 To determine ø(35), we list all of the positive integers less than 35 that are relatively
prime to it:
1, 2, 3, 4, 6, 8, 9, 11, 12, 13, 16, 17, 18,19, 22, 23, 24, 26, 27, 29, 31, 32, 33, 34
There are 24 numbers on the list, so . ø(35) = 24

Euler’s Theorem
Euler’s theorem states that for every a and n that are relatively prime:
aø(n) ≡1(mod n)

71 7(mod 19)
72 = 49 = 2 x 19 + 11 11(mod 19)
73 = 343 = 18 x 19 + 1 1(mod 19)
74 = 2401 = 126 x 19 + 7 7(mod 19)
75 = 16807 = 884 x 19 + 11 11(mod 19)

Table. Powers of Integers, Modulo 19

Public Key Cryptography
 Asymmetric encryption is a form of cryptosystem in which encryption and decryption
are performed using the different keys - one a public key and one a private key. It is
also known as public-key encryption.
 Asymmetric encryption transforms plaintext into ciphertext using a one of two keys
and an encryption algorithm. Using the paired key and a decryption algorithm, the
plaintext is recovered from the ciphertext.
 Asymmetric encryption can be used for confidentiality, authentication, or both.
 The most widely used public-key cryptosystem is RSA.
Introduction

Principles of Public-Key Cryptosystems
 The concept of public key cryptography in invented for two most difficult
problems of Symmetric key encryption.
 key distribution – how to have secure communications in general without having to
trust a KDC with your key.
 digital signatures – how to verify a message comes intact from the claimed sender.

Public-Key Cryptosystems
A public-key encryption scheme has six ingredients
 Plaintext: This is the readable message or data that is fed into the algorithm as input.
 Encryption algorithm: The encryption algorithm performs various transformations on
the plaintext.
 Public and private keys: This is a pair of keys that have been selected so that if one is
used for encryption, the other is used for decryption. The exact transformations
performed by the algorithm depend on the public or private key that is provided as
input.
 Ciphertext: This is the scrambled message produced as output. It depends on the
plaintext and the key. For a given message, two different keys will produce two
different ciphertexts.
 Decryption algorithm: This algorithm accepts the ciphertext and the matching key and
produces the original plaintext.

The essential steps are the following:
1. Each user generates a pair of keys to be used for the encryption and decryption of
messages.
2. Each user places one of the two keys in a public register or other accessible file.
This is the public key. The companion key is kept private. Each user maintains a
collection of public keys obtained from others.
3. If Bob wishes to send a confidential message to Alice, Bob encrypts the message
using Alice's public key.
4. When Alice receives the message, she decrypts it using her private key. No other
recipient can decrypt the message because only Alice knows Alice's private key.

ENCRYPTION
 The plaintext is encrypted with receiver’s public key and decrypted using receiver
private key.

Authentication
 Plaintext is encrypted is sender’s private key and decrypted using sender’s public key.
 The act of messages ciphertext getting decrypted by senders public key is the proof
that the message is actually sent by the designated sender.

 Examples for conventional encryption are DES, AES,IDEA and Blowfish.
 Examples for public key encryption are RSA, Diffie-Hellman, Elliptic Curve
Cryptography.

 There is some source A that produces a message in plaintext, X =[X1,X2,..., XM,].
The M elements of X are letters in some finite alphabet. The message is intended for
destination B. B generates a related pair of keys: a public key, PUb, and a private
key, PRb. PRb is known only to B, whereas PUb is publicly available and therefore
accessible by A.
 With the message X and the encryption key PUb as input, A forms the ciphertext
Y = [Y1, Y2,..., YN]:
Y = E(PUb, X)
 The intended receiver, in possession of the matching private key, is able to invert the
transformation:
X = D(PRb, Y)

Figure: public key cryptosystems: Secrecy (or) confidentailty

Figure: Public-Key Cryptosystem: Authentication

Figure: Public-Key Cryptosystem: Authentication and Secrecy

Applications for Public-Key Cryptosystems
 Encryption/decryption: The sender encrypts a message with the recipient's public
key.
 Digital signature: The sender "signs" a message with its private key. Signing is
achieved by a cryptographic algorithm applied to the message.
 Key exchange: Two sides cooperate to exchange a session key.

Requirements for Public-Key Cryptography
1. It is computationally easy for a party B to generate a pair (public key PUb, private key PRb).
2. It is computationally easy for a sender A, knowing the public key and the message to be encrypted, M, to
generate the corresponding ciphertext: C = E(PUb, M)
3. It is computationally easy for the receiver B to decrypt the resulting ciphertext using the private key to
recover the original message: M = D(PRb, C) = D[PRb, E(PUb, M)]
4. It is computationally infeasible for an adversary, knowing the public key, PUb, to determine the private
key, PRb.
5. It is computationally infeasible for an adversary, knowing the public key, PUb, and a ciphertext, C, to recover
the original message, M.
We can add a sixth requirement that, although useful, is not necessary for all public-key applications:
The two keys can be applied in either order:
M = D[PUb, E(PRb, M)] = D[PRb, E(PUb, M)]

The RSA Algorithm
 RSA is a public key encryption algorithm developed by Rivert(R) , Shamir(S) and Adleman (A) in
year 1977.
 The RSA scheme is a block cipher in which the plaintext & ciphertext are integers between 0
and n-1 for some ‘n’.
 A typical size for ‘n’ is 1024 bits or 309 decimal digits.

Description of the Algorithm
• RSA algorithm uses an expression with exponentials.
• In RSA plaintext is encrypted in blocks, with each block having a binary value less than some number n.
that is, the block size must be less than or equal to log2(n)+1
• RSA uses two exponents ‘e’ and ‘d’ where epublic and dprivate.
• Encryption and decryption are of following form, for some PlainText ‘M’ and CipherText block ‘C’
• Both sender and receiver must know the value of n.
• The sender knows the value of ‘e’ & only the reviver knows the value of ‘d’ thus this is a public key
encryption algorithm with a
Public key PU={e, n}
Private key PR={d, n}
M=Cd mod n = (Me mod n) d mod n =(Me)d mod n= Med mod n

Requirements
The RSA algorithm to be satisfactory for public key encryption, the following requirements must be met:
o It is possible to find values of e, d and n such that “ Med mod n =M ” for all M<n
o It is relatively easy to calculate “ Me mod n “ and “ Cd mod n “for all values of M<n
o It is infeasible to determine “d” given ‘e’ & ‘n’.

Example
1. Select two prime numbers, p = 17 and q = 11.
2. Calculate n = pq = 17 × 11 = 187.
3. Calculate Ø(n) = (p - 1)(q - 1) = 16 × 10 = 160.
4. Select e such that e is relatively prime to Ø(n) = 160 and less than Ø (n); we choose e = 7.
5. Determine d such that de ≡1 (mod 160) and d < 160.The correct value is d = 23,
because 23 * 7 = 161 = (1 × 160) + 1; d can be calculated using the extended Euclid’s algorithm
The resulting keys are public key PU = {7, 187} and private key PR = {23, 187}.

The example shows the use of these keys for a plaintext input of M= 88. For
encryption,
we need to calculate C = 887 mod 187.
Exploiting the properties of modular arithmetic, we can do this as follows.

Diffie-Hellman key exchange/Agreement
Algorithm
 Whitefield Diffie and Martin Hellman devised an amazing solution to the problem of key agreement, or key
exchange, in 1976.
 This solution is called the Diffie—Hellman key exchange/agreement algorithm.
 The beauty Of this scheme is that the two parties, who want to communicate securely, can agree on a
symmetric key using this technique.
 This key can then be used for encryption/decryption.
 However, we must note that the Diffie—HeIIman key exchange algorithm can be used only for key
agreement, but not for encryption or decryption of messages.
 Once both the parties agree on the key to be used, they need to use other symmetric key-encryption
algorithms for actual encryption or decryption of messages.
 Although the Diffie—Hellman key-exchange algorithm is based on mathematical principles, it is quite simple
to understand.

Problem with the algorithm(Man-in-the-
middle attack)
 Can we now consider that the Diffie—Hellman key-exchange algorithm solves
all our problems associated with key exchange? Unfortunately, not quite!
 The Diffie-hellman key exchange algorithm can fall pray to the man-in-the-
middle attack

1. Alice wants to communicate with Bob securely, and therefore, she first wants to do a
Diffie-HeIIman key exchange with him. For this purpose, she sends the values of n and g
to Bob, as usual. Let n =11 and g = 7. (As usual, these values Will form the basis of
Alice's A and Bob's B, which will be used to calculate the symmetric key K1 = K2 = K)
2. Alice does not realize that the attacker Tom is listening quietly to the conversation
between her and Bob. Tom simply picks up the values of n and g, and also forwards them
to Bob as they originally were (i.e. n = Il and g = 7).

3. Now, let us assume that Alice, Tom and Bob select random numbers x and y as
shown in Figure.

4. One question at this Stage could be: Why does Tom select both x and y? We shall
answer that shortly. Now, based on these values, all the three persons calculate the
values of A and B as shown in Figure, Note that Alice and Bob calculate only A and B,
respectively. However, Tom calculates both A and B.

5. Now the real drama begins as shown in figure,

As shown in the figure, the following things happen:
a) Alice sends her (i.e. 2) to Bob. Tom intercepts it, and instead, sends his A (i.e.
9) to Bob. Bob has no idea that Tom had hijacked Alice's A and has instead
given his A to Bob.
b) In return, Bob sends his B (i.e. 8) to Alice. As before, Tom intercepts it, and
instead, sends his B (i.e. 4) to Alice. Alice thinks that this B came from Bob.
She has no idea that Tom had intercepted the transmission from Bob, and
changed B.
c) Therefore, at this juncture, Alice, Tom and Bob have the values Of A and B as
shown in following Fig.

 Based on these values, all The three persons now calculate their keys as shown in
following Figure. We will notice that Alice calculates only K1 , Bob calculates only K2,
whereas Tom calculates both K1 and K2. Why does Tom need to do this?

 Let us now revisit the question as to why Tom needs two keys. This is because at
one side, Tom wants to communicate with Alice securely using a shared symmetric
key (9), and on the other hand, he wants to communicate with Bob securely using
a different shared symmetric key Only then can he receive messages from Alice,
view/manipulate them and forward them to Bob, and Vice versa. Unfortunately for
Alice and Bob, both will (incorrectly) believe that they are directly communicating
with each other. That is, Alice Will feel that the key 9 is shared between her and
Bob, whereas Bob Will feel that the key 5 is shared between him and Alice.
Actually, what is happening is, Tom is sharing the key 5 with Alice and with Bob!

 This is also the reason why Tom needed both sets Of the secret variables x
and y, as well as later on, the non-secret variables A and B.
 As we can see, the man-in-middle/attack can work against the Diffie-Hellman
key-exchange algorithm, causing it to fail. This is plainly because the man-in-
the-middle makes the actual communicators believe that they are talking to
each other, whereas they are actually talking to the man-in-the-middle, who
is talking to each of them!
 This attack can be prevented if Alice and Bob authenticate each other before
beginning to exchange information. This proves to Alice that Bob is indeed
Bob, and not someone else (e.g. Tom) posing as Bob, Similarly, Bob can also
get convinced that Alice is genuine as well.

ElGamal cryptography
 Taber ElGamal created EIGamal cryptography, more popularly known as
EIGamal cryptosystem, There are three aspects that need to be discussed:
EIGamaI key generation, EIGamaI encryption, and EIGamaI decryption.

Elliptic curve cryptography
 Elliptic Curve Cryptography (ECC) was discovered in 1985 by Victor Miller (IBM) and Neil
Koblitz (University of Washington) as an alternative mechanism for implementing public-
key cryptography.
 Public-key algorithms create a mechanism for sharing keys among large numbers of
participants or entities in a complex information system.
 Unlike other popular algorithms such as RSA, ECC is based on discrete logarithms that is
much more difficult to challenge at equivalent key lengths.

Unit 3

More Related Content

What's hot (20)

Similar to Unit 3 (20)

More from KRAMANJANEYULU1 (8)

Recently uploaded (20)

Unit 3