Lec4_ Information Security _ public cryptosystem.ppt
mohammadaltemimi1
0 views
18 slides
Oct 13, 2025
Slide 1 of 18
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
About This Presentation
to factor a number n is to write it as a product of other numbers: n=a × b × c
note that factoring a number is relatively hard compared to multiplying the factors together to generate the number
the prime factorisation of a number n is when its written as a product of primes
Slide Content
Public Key Public Key
CryptosystemsCryptosystems
By By
Dr. Rana Al-janabiDr. Rana Al-janabi
CryptosystemsCryptosystems
By By
Dr. Rana Al-janabiDr. Rana Al-janabi
Prime Factorisation
to factor a number n is to write it as a product of
other numbers: n=a × b × c
note that factoring a number is relatively hard
compared to multiplying the factors together to
generate the number
the prime factorisation of a number n is when its
written as a product of primes
eg. 91=7×13 ; 3600=2
4
×3
2
×5
2
2
to factor a number n is to write it as a product of
other numbers: n=a × b × c
note that factoring a number is relatively hard
compared to multiplying the factors together to
generate the number
the prime factorisation of a number n is when its
written as a product of primes
eg. 91=7×13 ; 3600=2
4
×3
2
×5
2
2
Primitive Roots
from Euler’s theorem have a
ø(n)
mod n=1
consider a
m
mod n=1, GCD(a,n)=1
must exist for m= ø(n) but may be smaller
once powers reach m, cycle will repeat
if smallest is m= ø(n) then a is called a primitive
root
if p is prime, then successive powers of a
"generate" the group mod p
these are useful but relatively hard to find
from Euler’s theorem have a
ø(n)
mod n=1
consider a
m
mod n=1, GCD(a,n)=1
must exist for m= ø(n) but may be smaller
once powers reach m, cycle will repeat
if smallest is m= ø(n) then a is called a primitive
root
if p is prime, then successive powers of a
"generate" the group mod p
these are useful but relatively hard to find
Powers of Integers,Modulo 19
ø(19)=18
4
ø(19)=18
4
Primitive Roots cont..
.For the prime number 19,
19 has the following primitive roots
{2,3,10,13,14,15}
successive powers of primitive root "generate" the
group mod p
5
.For the prime number 19,
19 has the following primitive roots
{2,3,10,13,14,15}
successive powers of primitive root "generate" the
group mod p
5
Diffie-Hellman Key ExchangeDiffie-Hellman Key Exchange
first public-key type scheme proposed first public-key type scheme proposed
by Diffie & Hellman in 1976 along with the by Diffie & Hellman in 1976 along with the
exposition of public key conceptsexposition of public key concepts
note: now know that note: now know that WilliamsonWilliamson (UK CESG) (UK CESG)
secretly proposed the concept in 1970 secretly proposed the concept in 1970
is a practical method for public exchange is a practical method for public exchange
of a secret keyof a secret key
used in a number of commercial productsused in a number of commercial products
first public-key type scheme proposed first public-key type scheme proposed
by Diffie & Hellman in 1976 along with the by Diffie & Hellman in 1976 along with the
exposition of public key conceptsexposition of public key concepts
note: now know that note: now know that WilliamsonWilliamson (UK CESG) (UK CESG)
secretly proposed the concept in 1970 secretly proposed the concept in 1970
is a practical method for public exchange is a practical method for public exchange
of a secret keyof a secret key
used in a number of commercial productsused in a number of commercial products
Diffie-Hellman Key ExchangeDiffie-Hellman Key Exchange
The purpose of the algorithm is to enable two users to
securely exchange a key that can then be used for
subsequent encryption of messages. The algorithm
itself is limited to the exchange of secret values, which
depends on the value of the public/private keys of the
participants. The Diffie-Hellman algorithm uses
exponentiation in a finite (Galois) field (modulo a prime
or a polynomial), and depends for its effectiveness on
the difficulty of computing discrete logarithms.
known only to the two participants known only to the two participants
The purpose of the algorithm is to enable two users to
securely exchange a key that can then be used for
subsequent encryption of messages. The algorithm
itself is limited to the exchange of secret values, which
depends on the value of the public/private keys of the
participants. The Diffie-Hellman algorithm uses
exponentiation in a finite (Galois) field (modulo a prime
or a polynomial), and depends for its effectiveness on
the difficulty of computing discrete logarithms.
known only to the two participants known only to the two participants
Diffie-Hellman SetupDiffie-Hellman Setup
a users agree on global parameters:a users agree on global parameters:
large prime integer or polynomial large prime integer or polynomial qq
aa being a primitive root mod being a primitive root mod qq
each user (eg. A) generates their keyeach user (eg. A) generates their key
chooses a secret key (number): chooses a secret key (number): xx
AA < q < q
compute their compute their public keypublic key: : yy
AA = = aa
xx
AA
mod q mod q
each user makes public that key each user makes public that key yy
AA
a users agree on global parameters:a users agree on global parameters:
large prime integer or polynomial large prime integer or polynomial qq
aa being a primitive root mod being a primitive root mod qq
each user (eg. A) generates their keyeach user (eg. A) generates their key
chooses a secret key (number): chooses a secret key (number): xx
AA < q < q
compute their compute their public keypublic key: : yy
AA = = aa
xx
AA
mod q mod q
each user makes public that key each user makes public that key yy
AA
Diffie-Hellman Key ExchangeDiffie-Hellman Key Exchange
shared session key for users A & B is Kshared session key for users A & B is K
ABAB: :
KK
ABAB = = aa
xx
A.A.
xx
BB
mod q mod q
= y= y
AA
xx
BB
mod q (which mod q (which BB can compute) can compute)
= y= y
BB
xx
AA
mod q (which mod q (which AA can compute) can compute)
KK
ABAB is used as session key in private-key is used as session key in private-key
encryption scheme between Alice and Bobencryption scheme between Alice and Bob
if Alice and Bob subsequently communicate, if Alice and Bob subsequently communicate,
they will have the they will have the samesame key as before, unless key as before, unless
they choose new public-keys they choose new public-keys
attacker needs an x, must solve discrete logattacker needs an x, must solve discrete log
shared session key for users A & B is Kshared session key for users A & B is K
ABAB: :
KK
ABAB = = aa
xx
A.A.
xx
BB
mod q mod q
= y= y
AA
xx
BB
mod q (which mod q (which BB can compute) can compute)
= y= y
BB
xx
AA
mod q (which mod q (which AA can compute) can compute)
KK
ABAB is used as session key in private-key is used as session key in private-key
encryption scheme between Alice and Bobencryption scheme between Alice and Bob
if Alice and Bob subsequently communicate, if Alice and Bob subsequently communicate,
they will have the they will have the samesame key as before, unless key as before, unless
they choose new public-keys they choose new public-keys
attacker needs an x, must solve discrete logattacker needs an x, must solve discrete log
Diffie-Hellman Example Diffie-Hellman Example
users Alice & Bob who wish to swap keys:users Alice & Bob who wish to swap keys:
agree on prime agree on prime q=353q=353 and and aa=3=3
select random secret keys:select random secret keys:
A chooses A chooses xx
AA=97, =97, B chooses B chooses xx
BB=233=233
compute respective public keys:compute respective public keys:
yy
AA==33
97 97
mod 353 = 40 mod 353 = 40(Alice)(Alice)
yy
BB==33
233233
mod 353 = 248 mod 353 = 248 (Bob)(Bob)
compute shared session key as:compute shared session key as:
KK
ABAB= y= y
BB
xx
AA
mod 353 = mod 353 = 248248
9797
= 160= 160(Alice)(Alice)
KK
ABAB= y= y
AA
xx
BB
mod 353 = mod 353 = 4040
233233
= 160 = 160(Bob)(Bob)
users Alice & Bob who wish to swap keys:users Alice & Bob who wish to swap keys:
agree on prime agree on prime q=353q=353 and and aa=3=3
select random secret keys:select random secret keys:
A chooses A chooses xx
AA=97, =97, B chooses B chooses xx
BB=233=233
compute respective public keys:compute respective public keys:
yy
AA==33
97 97
mod 353 = 40 mod 353 = 40(Alice)(Alice)
yy
BB==33
233233
mod 353 = 248 mod 353 = 248 (Bob)(Bob)
compute shared session key as:compute shared session key as:
KK
ABAB= y= y
BB
xx
AA
mod 353 = mod 353 = 248248
9797
= 160= 160(Alice)(Alice)
KK
ABAB= y= y
AA
xx
BB
mod 353 = mod 353 = 4040
233233
= 160 = 160(Bob)(Bob)
Key Exchange ProtocolsKey Exchange Protocols
users could create random private/public users could create random private/public
D-H keys each time they communicateD-H keys each time they communicate
users could create a known private/public users could create a known private/public
D-H key and publish in a directory, then D-H key and publish in a directory, then
consulted and used to securely consulted and used to securely
communicate with themcommunicate with them
both of these are vulnerable to a Man-in-both of these are vulnerable to a Man-in-
the-Middle Attackthe-Middle Attack
authentication of the keys is neededauthentication of the keys is needed
users could create random private/public users could create random private/public
D-H keys each time they communicateD-H keys each time they communicate
users could create a known private/public users could create a known private/public
D-H key and publish in a directory, then D-H key and publish in a directory, then
consulted and used to securely consulted and used to securely
communicate with themcommunicate with them
both of these are vulnerable to a Man-in-both of these are vulnerable to a Man-in-
the-Middle Attackthe-Middle Attack
authentication of the keys is neededauthentication of the keys is needed
Man-in-the-Middle AttackMan-in-the-Middle Attack
1.1.Darth prepares by creating two private / public keys Darth prepares by creating two private / public keys
2.2.Alice transmits her public key to BobAlice transmits her public key to Bob
3.3.Darth intercepts this and transmits his first public key to Darth intercepts this and transmits his first public key to
Bob. Darth also calculates a shared key with AliceBob. Darth also calculates a shared key with Alice
4.4.Bob receives the public key and calculates the shared key Bob receives the public key and calculates the shared key
(with Darth instead of Alice) (with Darth instead of Alice)
5.5.Bob transmits his public key to Alice Bob transmits his public key to Alice
6.6.Darth intercepts this and transmits his second public key Darth intercepts this and transmits his second public key
to Alice. Darth calculates a shared key with Bobto Alice. Darth calculates a shared key with Bob
7.7.Alice receives the key and calculates the shared key (with Alice receives the key and calculates the shared key (with
Darth instead of Bob)Darth instead of Bob)
Darth can then intercept, decrypt, re-encrypt, forward all Darth can then intercept, decrypt, re-encrypt, forward all
messages between Alice & Bobmessages between Alice & Bob
1.1.Darth prepares by creating two private / public keys Darth prepares by creating two private / public keys
2.2.Alice transmits her public key to BobAlice transmits her public key to Bob
3.3.Darth intercepts this and transmits his first public key to Darth intercepts this and transmits his first public key to
Bob. Darth also calculates a shared key with AliceBob. Darth also calculates a shared key with Alice
4.4.Bob receives the public key and calculates the shared key Bob receives the public key and calculates the shared key
(with Darth instead of Alice) (with Darth instead of Alice)
5.5.Bob transmits his public key to Alice Bob transmits his public key to Alice
6.6.Darth intercepts this and transmits his second public key Darth intercepts this and transmits his second public key
to Alice. Darth calculates a shared key with Bobto Alice. Darth calculates a shared key with Bob
7.7.Alice receives the key and calculates the shared key (with Alice receives the key and calculates the shared key (with
Darth instead of Bob)Darth instead of Bob)
Darth can then intercept, decrypt, re-encrypt, forward all Darth can then intercept, decrypt, re-encrypt, forward all
messages between Alice & Bobmessages between Alice & Bob
Man-in-the-Middle AttackMan-in-the-Middle Attack
1.At this point, Bob and Alice think that they share a secret key,
but instead Bob and Darth share secret key K1 and Alice and
Darth share secret key K2. All future communication between
Bob and Alice is compromised in the following way:
2.Alice sends an encrypted message M: E(K2, M).
3.Darth intercepts the encrypted message and decrypts it, to
recover M.
4.Darth sends Bob E(K1, M) or E(K1, M'), where M' is any
message. In the first case, Darth simply wants to eavesdrop on
the communication without altering it. In the second case, Darth
wants to modify the message going to Bob. The key exchange
protocol is vulnerable to such an attack because it does not
authenticate the participants. This vulnerability can be overcome
with the use of digital signatures and public- key certificates.
1.At this point, Bob and Alice think that they share a secret key,
but instead Bob and Darth share secret key K1 and Alice and
Darth share secret key K2. All future communication between
Bob and Alice is compromised in the following way:
2.Alice sends an encrypted message M: E(K2, M).
3.Darth intercepts the encrypted message and decrypts it, to
recover M.
4.Darth sends Bob E(K1, M) or E(K1, M'), where M' is any
message. In the first case, Darth simply wants to eavesdrop on
the communication without altering it. In the second case, Darth
wants to modify the message going to Bob. The key exchange
protocol is vulnerable to such an attack because it does not
authenticate the participants. This vulnerability can be overcome
with the use of digital signatures and public- key certificates.
ElGamal CryptographyElGamal Cryptography
public-key cryptosystem related to D-Hpublic-key cryptosystem related to D-H
uses exponentiation in a finite fielduses exponentiation in a finite field
with security based difficulty of computing with security based difficulty of computing
discrete logarithms, as in D-Hdiscrete logarithms, as in D-H
each user (eg. A) generates their keyeach user (eg. A) generates their key
chooses a secret key (number): chooses a secret key (number): 1 < 1 < xx
AA < q-1 < q-1
compute their compute their public keypublic key: : yy
AA = = aa
xx
AA
mod q mod q
public-key cryptosystem related to D-Hpublic-key cryptosystem related to D-H
uses exponentiation in a finite fielduses exponentiation in a finite field
with security based difficulty of computing with security based difficulty of computing
discrete logarithms, as in D-Hdiscrete logarithms, as in D-H
each user (eg. A) generates their keyeach user (eg. A) generates their key
chooses a secret key (number): chooses a secret key (number): 1 < 1 < xx
AA < q-1 < q-1
compute their compute their public keypublic key: : yy
AA = = aa
xx
AA
mod q mod q
ElGamal Message ExchangeElGamal Message Exchange
Bob encrypts a message to send to A computingBob encrypts a message to send to A computing
represent message represent message MM in range in range 0 <= M <= q-10 <= M <= q-1
•longer messages must be sent as blockslonger messages must be sent as blocks
chose random integer chose random integer k k with with 1 <= k <= q-11 <= k <= q-1
compute one-time key compute one-time key K = yK = y
AA
kk
mod q mod q
encrypt M as a pair of integers encrypt M as a pair of integers (C(C
11,C,C
22) ) wherewhere
•
CC
1 1 = = aa
kk
mod q ; mod q ; CC
22 = KM mod q = KM mod q
A then recovers message byA then recovers message by
recovering key K as recovering key K as K = K = CC
11
xxAA
mod q mod q
computing M as computing M as M = CM = C
22 K K
-1-1
mod q mod q
a unique k must be used each timea unique k must be used each time
otherwise result is insecureotherwise result is insecure
Bob encrypts a message to send to A computingBob encrypts a message to send to A computing
represent message represent message MM in range in range 0 <= M <= q-10 <= M <= q-1
•longer messages must be sent as blockslonger messages must be sent as blocks
chose random integer chose random integer k k with with 1 <= k <= q-11 <= k <= q-1
compute one-time key compute one-time key K = yK = y
AA
kk
mod q mod q
encrypt M as a pair of integers encrypt M as a pair of integers (C(C
11,C,C
22) ) wherewhere
•
CC
1 1 = = aa
kk
mod q ; mod q ; CC
22 = KM mod q = KM mod q
A then recovers message byA then recovers message by
recovering key K as recovering key K as K = K = CC
11
xxAA
mod q mod q
computing M as computing M as M = CM = C
22 K K
-1-1
mod q mod q
a unique k must be used each timea unique k must be used each time
otherwise result is insecureotherwise result is insecure
ElGamal Example ElGamal Example
use field GF(19) use field GF(19) q=19 q=19 and and aa=10=10
Alice computes her key:Alice computes her key:
A chooses A chooses xx
AA=5 & =5 & computes computes yy
AA==1010
5 5
mod 19 = 3mod 19 = 3
Bob send message Bob send message m=17m=17 as as (11,5) (11,5) byby
chosing random chosing random k=6k=6
computing computing K = yK = y
AA
kk
mod q = 3 mod q = 3
66
mod 19 = 7 mod 19 = 7
computing computing CC
1 1 = = aa
kk
mod q = 10 mod q = 10
66
mod 19 = 11; mod 19 = 11;
CC
22 = KM mod q = 7.17 mod 19 = 5 = KM mod q = 7.17 mod 19 = 5
Alice recovers original message by computing:Alice recovers original message by computing:
recover recover K = K = CC
11
xxAA
mod q = mod q = 1111
5 5
mod 19 = 7mod 19 = 7
compute inverse compute inverse KK
-1-1
= 7 = 7
-1-1
= 11 = 11
recover recover M = CM = C
22 K K
-1-1
mod q = 5.11 mod 19 = 17 mod q = 5.11 mod 19 = 17
use field GF(19) use field GF(19) q=19 q=19 and and aa=10=10
Alice computes her key:Alice computes her key:
A chooses A chooses xx
AA=5 & =5 & computes computes yy
AA==1010
5 5
mod 19 = 3mod 19 = 3
Bob send message Bob send message m=17m=17 as as (11,5) (11,5) byby
chosing random chosing random k=6k=6
computing computing K = yK = y
AA
kk
mod q = 3 mod q = 3
66
mod 19 = 7 mod 19 = 7
computing computing CC
1 1 = = aa
kk
mod q = 10 mod q = 10
66
mod 19 = 11; mod 19 = 11;
CC
22 = KM mod q = 7.17 mod 19 = 5 = KM mod q = 7.17 mod 19 = 5
Alice recovers original message by computing:Alice recovers original message by computing:
recover recover K = K = CC
11
xxAA
mod q = mod q = 1111
5 5
mod 19 = 7mod 19 = 7
compute inverse compute inverse KK
-1-1
= 7 = 7
-1-1
= 11 = 11
recover recover M = CM = C
22 K K
-1-1
mod q = 5.11 mod 19 = 17 mod q = 5.11 mod 19 = 17
Disadvantages:
It is slow speed algorithm.
message is expansion by a factor of two takes place
during encryption( means the ciphertext is twice as
long as the plaintext.)
It is slow speed algorithm.
message is expansion by a factor of two takes place
during encryption( means the ciphertext is twice as
long as the plaintext.)
Elgamal Characteristic
ElGamal Cryptosystem (EC)
is a non-deterministic scheme which produces different
outputs for the same input, making the cryptosystem more
secure.
On the other hand, the efficiency of its cryptosystem is low
as it produces a 2:1 expansion in size from plaintext to
ciphertext, resulting in a delay in execution time.
DLP (Discrete logarithm Problem) is harder than integer
factorization problem.
ElGamal Cryptosystem (EC)
is a non-deterministic scheme which produces different
outputs for the same input, making the cryptosystem more
secure.
On the other hand, the efficiency of its cryptosystem is low
as it produces a 2:1 expansion in size from plaintext to
ciphertext, resulting in a delay in execution time.
DLP (Discrete logarithm Problem) is harder than integer
factorization problem.
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 0
- Slides 18
- Age 48 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views