CS 5323 Asymmetric Cryptography Prof Ravi Sandhu Executive
- Slides: 27
CS 5323 Asymmetric Cryptography Prof. Ravi Sandhu Executive Director and Endowed Chair Lecture 3 ravi. utsa@gmail. com www. profsandhu. com © Ravi Sandhu World-Leading Research with Real-World Impact! 1
Asymmetric Encryption © Ravi Sandhu World-Leading Research with Real-World Impact! 2
Public-Key Encryption INSECURE CHANNEL Plaintext Ciphertext Encryption Algorithm E Decryption Algorithm D A Plaintext B B's Public Key B's Private Key SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 3
Symmetric-Key Encryption INSECURE CHANNEL Plaintext Ciphertext Encryption Algorithm E Decryption Algorithm D A Symmetric Key shared by A and B B K K SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 4
Public-Key Encryption Ø reduces the key distribution problem to a secure channel for authentic communication of public keys Ø requires authentic dissemination of 1 public key/party Ø scales well for large-scale systems Ø with N parties we need to generate and distribute N public keys © Ravi Sandhu World-Leading Research with Real-World Impact! 5
Known Public-Key Attack Ø confidentiality based on infeasibility of computing B's private key from B's public key Ø key sizes are large (2048 bits and above) to make this computation infeasible © Ravi Sandhu World-Leading Research with Real-World Impact! 6
Speed Ø public key runs 1000 times slower than symmetric key v think 2 g versus 4 g on smartphone Ø This large difference in speed is likely to remain v Maybe reduce to 100 times Ø Use public keys to distribute symmetric keys, use symmetric keys to protect data © Ravi Sandhu World-Leading Research with Real-World Impact! 7
RSA Cryptosystem Ø Ø public key is (n, e) private key is d encrypt: C = Me mod n decrypt: M = Cd mod n X Not covered in lecture © Ravi Sandhu World-Leading Research with Real-World Impact! 8
RSA Cryptosystem Ø Ø public key is (n, e) private key is d encrypt: C = Me mod n decrypt: M = Cd mod n X Not covered in lecture © Ravi Sandhu This naive use of RSA is not secure but will suffice for our purposes World-Leading Research with Real-World Impact! 9
RSA Key Generation Ø Ø Ø choose 2 large prime numbers p and q compute n = p * q pick e relatively prime to (p-1)*(q-1) compute d, e*d = 1 mod (p-1)*(q-1) publish (n, e) keep d private (and discard p, q) X Not covered in lecture © Ravi Sandhu World-Leading Research with Real-World Impact! 10
RSA Key Protection Ø compute d, e*d = 1 mod (p-1)*(q-1) Ø if factorization of n into p*q is known, this is easy to do Ø security of RSA is no better than the difficulty of factoring n into p, q X Not covered in lecture © Ravi Sandhu World-Leading Research with Real-World Impact! 11
Asymmetric Digital Signatures © Ravi Sandhu World-Leading Research with Real-World Impact! 12
Public-Key Digital Signature INSECURE CHANNEL Plaintext + Signature Algorithm S Yes/No Verification Algorithm V A B A's Private Key A's Public Key SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 13
Compare Public-Key Encryption INSECURE CHANNEL Plaintext Ciphertext Encryption Algorithm E Decryption Algorithm D A Plaintext B B's Public Key B's Private Key SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 14
Compare Symmetric Key MAC INSECURE CHANNEL Plaintext + MAC Plaintext MAC Algorithm M Yes/No Verification Algorithm V A B K K SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 15
Digital Signatures in RSA Ø RSA has a unique property, not shared by other public key systems Ø Encryption and decryption commute Ø (Me mod n)d mod n = M encryption Ø (Md mod n)e mod n = M signature Ø Same public key can be use for encryption and signature v But not recommended © Ravi Sandhu World-Leading Research with Real-World Impact! X Not covered in lecture 16
Message Digest © Ravi Sandhu World-Leading Research with Real-World Impact! 17
Encryption Speed Revisited Ø public key runs 1000 times slower than symmetric key v think 2 g versus 4 g on smartphone Ø This large difference in speed is likely to remain v Maybe reduce to 100 times Ø Use public keys to distribute symmetric keys, use symmetric keys to protect data © Ravi Sandhu World-Leading Research with Real-World Impact! 18
Digital Signature Speed Ø public key runs 1000 times slower than symmetric key v think 2 g versus 4 g on smartphone Ø This large difference in speed is likely to remain v Maybe reduce to 100 times Ø Sign the message digest (or hash) not the message © Ravi Sandhu World-Leading Research with Real-World Impact! 19
Message Digest (Hash) original message no practical limit to size M M=H-1(m) message digest algorithm H easy m=H(M) © Ravi Sandhu message digest 256 bit m World-Leading Research with Real-World Impact! hard 20
Desired Characteristics Ø weak hash function v difficult to find M' such that H(M')=H(M) Ø given M, m=H(M) try messages at random to find M’ with H(M’)=m v 2 k trials on average, k=128 to be safe © Ravi Sandhu World-Leading Research with Real-World Impact! 21
Desired Characteristics Ø strong hash function v difficult to find any two M and M' such that H(M')=H(M) Ø try pairs of messages at random to find M and M’ such that H(M’)=H(M) v 2 k/2 trials on average, k=256 to be safe Birthday paradox © Ravi Sandhu World-Leading Research with Real-World Impact! 22
Message Authentication Code Symmetric Encryption Based Message-Digest Based CBC-MAC HMAC has same size as block size of underlying cryptosystem Hash the message and a symmetric key CCM mode Provides confidentiality and integrity MAC has same size as underlying hash function or can truncate Revisiting after discussing message digests © Ravi Sandhu World-Leading Research with Real-World Impact! 23
Asymmetric Key Exchange © Ravi Sandhu World-Leading Research with Real-World Impact! 24
Diffie-Hellman Key Agreement A y. A=ax. A mod p public key y. B=ax. B mod p public key private key x. A B private key x. B k = y. Bx. A mod p = y. Ax. B mod p = ax. A*x. B mod p system constants: p: prime number, a: integer X Not covered in lecture © Ravi Sandhu World-Leading Research with Real-World Impact! 25
Diffie-Hellman Key Agreement Ø security depends on difficulty of computing x given y=ax mod p Ø called the discrete logarithm problem X Not covered in lecture © Ravi Sandhu World-Leading Research with Real-World Impact! 26
Diffie-Hellman Man-in-the-Middle Attack A C X Not covered in lecture © Ravi Sandhu B Public keys need to be authenticated World-Leading Research with Real-World Impact! 27
Clark-wilson model
Advantages of symmetric key encryption
Asymmetric key cryptography
Winkle sandhu
Asymmetric information diagram
Asymmetric multicore processing
Rsa vs aes performance
X=vxt
Ccna vlan
Asymmetric encryption 歴史
Rotational spectral lines
Asymmetric information game theory
Two-way asymmetric model
Asymmetric communication
Asymmetric bandwidth
Asymmetric synthesis example
Symmetric and asymmetric matrix
Asymmetric vlan
Multiprocessing system adalah
Asymmetric key authentication
Asymmetric vlan
Illusion of asymmetric insight
Id vlan (7-4094)
Asymmetric dominance effect
Introduction to corporate communication
Key distribution center
Asymmetric information diagram
Extreme spbm
