13 asymmetric key cryptography
dleyanlin
11,793 views
17 slides
Oct 17, 2012
Slide 1 of 17
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
About This Presentation
No description available for this slideshow.
Slide Content
CHAPTER 13
Asymmetric Key
Cryptography
Slides adapted from "Foundations of Security: What Every Programmer
Needs To Know" by Neil Daswani, Christoph Kern, and Anita Kesavan
(ISBN 1590597842; http://www.foundationsofsecurity.com). Except as
otherwise noted, the content of this presentation is licensed under the
Creative Commons 3.0 License.
Asymmetric Key
Cryptography
Slides adapted from "Foundations of Security: What Every Programmer
Needs To Know" by Neil Daswani, Christoph Kern, and Anita Kesavan
(ISBN 1590597842; http://www.foundationsofsecurity.com). Except as
otherwise noted, the content of this presentation is licensed under the
Creative Commons 3.0 License.
Agenda
Problem with Symmetric Key Crypto: Alice &
Bob have to agree on key!
In 1970, Diffie & Hellman propose asymmetric or
public key cryptography
RSA & Elliptic Curve Cryptography (ECC)
Certificate Authorities (CAs)
Identity-Based Encryption (IBE)
Authentication via Encryption
Problem with Symmetric Key Crypto: Alice &
Bob have to agree on key!
In 1970, Diffie & Hellman propose asymmetric or
public key cryptography
RSA & Elliptic Curve Cryptography (ECC)
Certificate Authorities (CAs)
Identity-Based Encryption (IBE)
Authentication via Encryption
13.1. Why Asymmetric Key
Cryptography?
So two strangers can talk privately on Internet
Ex: Bob wants to talk to Alice & Carol secretly
Instead of sharing different pairs of secret keys with
each (as in symmetric key crypto)
Bob has 2 keys: public key and private (or secret) key
Alice and Carol can send secrets to Bob
encrypted with his public key
Only Bob (with his secret key) can read them
Cryptography?
So two strangers can talk privately on Internet
Ex: Bob wants to talk to Alice & Carol secretly
Instead of sharing different pairs of secret keys with
each (as in symmetric key crypto)
Bob has 2 keys: public key and private (or secret) key
Alice and Carol can send secrets to Bob
encrypted with his public key
Only Bob (with his secret key) can read them
13.1. … To Mess With Poor Eve
Source: http://xkcd.com/177/
Source: http://xkcd.com/177/
13.1. Public Key System
Bob
Alice
Carol
Denise
Directory
Bob
Alice
Carol
Denise
Directory
13.1. The Public Key Treasure
Chest
Public key = Chest with open lock
Private key = Key to chest
Treasure = Message
Encrypting with public key
Find chest with open lock
Put a message in it
Lock the chest
Decrypting with private key
Unlock lock with key
Take contents out of the chest
Chest
Public key = Chest with open lock
Private key = Key to chest
Treasure = Message
Encrypting with public key
Find chest with open lock
Put a message in it
Lock the chest
Decrypting with private key
Unlock lock with key
Take contents out of the chest
13.1. Asymmetric Encryption
Alice encrypts a message with different key
than Bob uses to decrypt
Bob has a public key, k
p
, and a secret key, k
s.
Bob’s public key is known to Alice.
Asymmetric Cipher: F
-1
(F(m,k
p
),k
s
) = m
Alice
Bob
1. Construct m
2. Compute c= F(m,k
p
)
3. Send c to Bob
c
4. Receive c from Alice
5. Compute d=F
-1
(c,k
s
)
6. m = d
Alice encrypts a message with different key
than Bob uses to decrypt
Bob has a public key, k
p
, and a secret key, k
s.
Bob’s public key is known to Alice.
Asymmetric Cipher: F
-1
(F(m,k
p
),k
s
) = m
Alice
Bob
1. Construct m
2. Compute c= F(m,k
p
)
3. Send c to Bob
c
4. Receive c from Alice
5. Compute d=F
-1
(c,k
s
)
6. m = d
13.2. RSA (1)
Invented by Rivest/Shamir/Adelman (1978)
First asymmetric encryption algorithm
Most widely known public key cryptosystem
Used in many protocols (e.g., SSL, PGP, …)
Number theoretic algorithm: security based on
difficulty of factoring large prime numbers
1024, 2048, 4096-bit keys common
Invented by Rivest/Shamir/Adelman (1978)
First asymmetric encryption algorithm
Most widely known public key cryptosystem
Used in many protocols (e.g., SSL, PGP, …)
Number theoretic algorithm: security based on
difficulty of factoring large prime numbers
1024, 2048, 4096-bit keys common
13.2. RSA (2)
Public Key Parameters:
Large composite number n with two prime factors
Encryption exponent e coprime to f(n) = (p-1)(q-1)
Private Key:
Factors of n: p, q (n = pq)
Decryption exponent d such that ed ´ 1 (mod f(n))
Encryption: Alice sends c = m
e
mod n
Decryption: Bob computes m = c
d
mod n
Euler’s Theorem: a
f(n)
´ 1 (mod n)
Check: m
ed
´ m ¢ m
f(n)
´ m (mod n)
Public Key Parameters:
Large composite number n with two prime factors
Encryption exponent e coprime to f(n) = (p-1)(q-1)
Private Key:
Factors of n: p, q (n = pq)
Decryption exponent d such that ed ´ 1 (mod f(n))
Encryption: Alice sends c = m
e
mod n
Decryption: Bob computes m = c
d
mod n
Euler’s Theorem: a
f(n)
´ 1 (mod n)
Check: m
ed
´ m ¢ m
f(n)
´ m (mod n)
13.3. Elliptic Curve
Cryptography
Invented by N. Koblitz & V. Miller (1985)
Based on hardness of elliptic curve discrete log
problem
Standardized by NIST, ANSI, IEEE for
government, financial use
Certicom, Inc. currently holds patent
Small keys: 163 bits (<< 1024-bit RSA keys)
Cryptography
Invented by N. Koblitz & V. Miller (1985)
Based on hardness of elliptic curve discrete log
problem
Standardized by NIST, ANSI, IEEE for
government, financial use
Certicom, Inc. currently holds patent
Small keys: 163 bits (<< 1024-bit RSA keys)
13.3: RSA vs. ECC
RSA Advantages:
Has been around longer; math well-understood
Patent expired; royalty free
Faster encryption
ECC Advantages:
Shorter key size
Fast key generation (no primality testing)
Faster decryption
RSA Advantages:
Has been around longer; math well-understood
Patent expired; royalty free
Faster encryption
ECC Advantages:
Shorter key size
Fast key generation (no primality testing)
Faster decryption
13.4. Symmetric vs. Asymmetric
Key Cryptography
Symmetric-Crypto (DES, 3DES, AES)
Efficient (smaller keys / faster encryption) because
of simpler operations (e.g. discrete log)
Key agreement problem
Online
Asymmetric-Crypto (RSA, ECC)
RSA 1000x slower than DES, more complicated
operations (e.g. modular exponentiation)
How to publish public keys? Requires PKI / CAs
Offline or Online
Key Cryptography
Symmetric-Crypto (DES, 3DES, AES)
Efficient (smaller keys / faster encryption) because
of simpler operations (e.g. discrete log)
Key agreement problem
Online
Asymmetric-Crypto (RSA, ECC)
RSA 1000x slower than DES, more complicated
operations (e.g. modular exponentiation)
How to publish public keys? Requires PKI / CAs
Offline or Online
13.5. Certificate Authorities
Trusted third party: CA verifies people’s identities
Authenticates Bob & creates public key
certificate (binds Bob’s identity to his public key)
CA also revokes keys and certificates
Certificate Revocation List: compromised keys
Public Key Infrastructure (PKI): CA + everything
required for public key encryption
Trusted third party: CA verifies people’s identities
Authenticates Bob & creates public key
certificate (binds Bob’s identity to his public key)
CA also revokes keys and certificates
Certificate Revocation List: compromised keys
Public Key Infrastructure (PKI): CA + everything
required for public key encryption
13.6. Identity-Based Encryption
Ex: e-mail address as identity & public key
Bob gets his private key from a generator (PKG)
after authenticating himself via a CA
Commercialized by Voltage Security (2002)
Revoked Keys: concatenate current date to
public key
Then PKG doesn’t provide private key after date
when compromised
Ex: e-mail address as identity & public key
Bob gets his private key from a generator (PKG)
after authenticating himself via a CA
Commercialized by Voltage Security (2002)
Revoked Keys: concatenate current date to
public key
Then PKG doesn’t provide private key after date
when compromised
13.7. Authentication with
Encryption
Alice issues “challenge” message to person
Random # (nonce) encrypted with Bob’s public key
If person is actually Bob, he will be able to decrypt it
Bob
{384764342}
PK(Bob)
384764342
Alic
e
Eve
{957362353}
PK(Bob)
???
Encryption
Alice issues “challenge” message to person
Random # (nonce) encrypted with Bob’s public key
If person is actually Bob, he will be able to decrypt it
Bob
{384764342}
PK(Bob)
384764342
Alic
e
Eve
{957362353}
PK(Bob)
???
A Word of Caution
In the previous example, as well as some other
examples presented in later chapters, the simple toy
protocols that we discuss are for instructive and
illustration purposes only. They are designed to make
concepts easy to understand, and are vulnerable to
various types of attacks that we do not necessarily
describe. Do not implement these protocols as is in
software.
For example, the simple “challenge” authentication
method is vulnerable to a man-in-the-middle attack.
Mallory gets a challenge from Alice, sends it to Bob
She takes his response and returns it to Alice
Bob needs to authenticate Alice as well
In the previous example, as well as some other
examples presented in later chapters, the simple toy
protocols that we discuss are for instructive and
illustration purposes only. They are designed to make
concepts easy to understand, and are vulnerable to
various types of attacks that we do not necessarily
describe. Do not implement these protocols as is in
software.
For example, the simple “challenge” authentication
method is vulnerable to a man-in-the-middle attack.
Mallory gets a challenge from Alice, sends it to Bob
She takes his response and returns it to Alice
Bob needs to authenticate Alice as well
Summary
Asymmetric Cryptography: Two Keys
Public key published in directory
Secret key known only to Bob
Solves key exchange problem
Examples: RSA, ECC
PKI required: CAs, Trusted Third Parties
Applications: IBE, Authentication, SSL…
Asymmetric Cryptography: Two Keys
Public key published in directory
Secret key known only to Bob
Solves key exchange problem
Examples: RSA, ECC
PKI required: CAs, Trusted Third Parties
Applications: IBE, Authentication, SSL…
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 11,793
- Slides 17
- Favorites 6
- Age 4797 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
33 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
36 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
33 views
14
Fertility awareness methods for women in the society
Isaiah47
30 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
29 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
30 views