Public Key Cryptography In traditional cryptography the sender
Public Key Cryptography
• In traditional cryptography, the sender and receiver use the same secret key; • The sender uses the secret key to encrypt the message, and the receiver uses the same key to decrypt the message. • This method is known as private key or symmetric cryptography.
• The main challenge is getting the sender and receiver to agree on the secret key without anyone else finding out. • If they are in separate physical locations, they must trust a carry, a phone system, or some other transmission medium to prevent the disclosure of the secret key.
• Anyone who overhears or intercepts the key in transit can later read, modify, and forge all messages using that key. • The generation, transmission and storage of keys is called key management.
• All cryptosystems must deal with key management issues. • Because all keys in a secret-key cryptosystem must remain secret, secret-key cryptography often has difficulty providing secure key management, especially in open systems with a large number of users.
• In order to solve the key management problem, Whitfield Diffie and Martin Hellman introduced the concept of public key exchange in 1976. • Diffie-Hellman Key Exchange • Public-key cryptosystems have two primary uses, encryption and digital signatures (authentication).
• In their system, each person gets a pair of keys, one called the public key and the other called the private key. • The public key is published, while the private key is kept secret.
• There is no need for the sender and receiver to share secret information. • All communications involve only public keys, and no private key is ever transmitted or shared.
• In this system, it is no longer necessary to trust the security of some means of communications. • The only requirement is that public keys be associated with their users in a trusted (authenticated) manner (for instance, in a trusted directory).
• The amazing thing is that, using prime numbers and modular, Alice and Bob can share their secret, right under Eve's nose! 1. Alice and Bob agree, publicly, on a prime number P, and a base number N. Eve will know these two numbers, too!
2. Alice chooses a number A, which we'll call her "secret exponent. " She keeps A secret from everyone, including Bob, likewise, chooses his "secret exponent" B, which he keeps secret from everyone, including Alice (for subtle reasons, both A and B should be relatively prime to N; that is, A should have no common factors with N, and neither should B).
3. Then, Alice computes the number J = NA (mod P) and sends J to Bob. • Similarly, Bob computes the number K = NB (mod P) and sends K to Alice. Note that Eve now has both J and K in her possession.
4. The final mathematical trick is that Alice now takes K, the number she got from Bob, and computes KA(mod P). • Bob does the same step in his own way, computing JB (mod P).
• The number they get is the same! Why is this so? • Well, remember that K = NB (mod P) and Alice computed KA (mod P) = (NB)A (mod P) = NBA (mod P). • Also, Bob used J = NA (mod P), and computed JB (mod P) = (NA)B (mod P) = NAB (mod P).
• Thus, without ever knowing Bob's secret exponent, B, Alice was able to compute NAB (mod P). • With this number as a key, Alice and Bob can now start communicating privately using some other cipher.
• In a public-key cryptosystem, the private key is always linked mathematically to the public key. • Therefore, it is always possible to attack a public-key system by deriving the private key from the public key. • Typically, the defense against this is to make the problem of deriving the private key from the public key as difficult as possible.
• For instance, some public-key cryptosystems are designed such that deriving the private key from the public key requires the attacker to factor a large number, it this case it is computationally infeasible to perform the derivation.
• Encryption • When Alice wishes to send a secret message to Bob, she looks up Bob's public key in a directory, uses it to encrypt the message and sends it off. Bob then uses his private key to decrypt the message and read it.
• No one listening in can decrypt the message. Anyone can send an encrypted message to Bob, but only Bob can read it (because only Bob knows Bob's private key).
• Digital Signatures • To sign a message, Alice does a computation involving both her private key and the message itself. The output is called a digital signature and is attached to the message.
• To verify the signature, Bob does a computation involving the message, the purported signature, and Alice's public key. • If the result is correct according to a simple, prescribed mathematical relation, the signature is verified to be genuine; otherwise, the signature is fraudulent, or the message may have been altered.
Diffie-Hellman Key Exchange • The premise of the Diffie-Hellman key exchange is that two people, Alice and Bob, want to come up with a shared secret number.
• However, they're limited to using an insecure telephone line that their adversary, Eve (an eavesdropper), is sure to be listening to. • Alice and Bob may use this secret number as their key to a Vigenere cipher, or as their key to some other cipher.
• If Eve gets the key, then she'll be able to read all of Alice and Bob's correspondence effortlessly. So, what are Alice and Bob to do?
• Why Diffie-Hellman Works? • "Why can't Eve break this? " This is indeed, a good question. • Eve knows N, P, J, and K. Why can't she find A, B, or, most importantly, NAB(mod P)? Isn't there some sort of inverse process by which Eve can recover A from NA(mod P)?
- Slides: 25