Rabin Cryptosystem and BlumGoldwasser Cryptosystem by Yernar Rabin
Rabin Cryptosystem and Blum-Goldwasser Cryptosystem by Yernar
Rabin Cryptosystem � Background � Key generation � Encryption � Decryption � Preset Bits � Example
Background � Asymmetric cryptographic technique, whose security, like that of RSA, is related to the difficulty of factorization. � Public-key � January encryption. 1979 by Michael O. Rabin.
Key generation � 1. Alice generates two large random and distinct primes p and q, roughly the same size. � 2. Computes n=pq. � 3. n is public key, (p, q) is private key.
Encryption � Bob encrypts a message m for Alice: 1. Obtains Alice’s authentic public key n. 2. Represents the message as an integer m in the range {0, 1, …, n-1}. 3. Computes c = m 2 mod n. 4. Sends the ciphertext c to Alice.
Decryption �
Decryption (cont. ) c) Get 4 square roots of c (mod n) using Chinese Remainder Theorem (CRT) m 1= x 1*q*(q-1 mod p)+y 1*p*(p-1 mod q) (mod n) m 2=-r 1 (mod n) m 3=x 1*q*(q-1 mod p)-y 1*p*(p-1 mod q) (mod n) m 4=-r 3 (mod n)
Decryption (cont. ) 2. The message sent was either m 1, m 2, m 3 or m 4. Alice decides which one of these is m. Usually done with the help of preset bits.
Preset Bits � string of bits added to every message � mechanism � usually to distinguish the “correct” square root appended to the message
Example � Key generation: p=23, q=31, n=713, m=87, preset bits: “ 000” � Encryption: 8710= 10101112 m = 10101110002=69610 � Bob computes c=m 2 mod n = 6962 mod 713 = 289 and sends this to Alice.
Example (cont. ) �
Example (cont. ) m 1= x 1*q*(q-1 mod p)+y 1*p*(p-1 mod q) (mod n) = 6*31*3+14*23*27 mod 713 = 696 = 1010111000 m 2=-r 1 (mod n) = -696 mod 713 = 17 = 10001 m 3=x 1*q*(q-1 mod p)-y 1*p*(p-1 mod q) (mod n) = 6*31*3 -14*23*27 mod 713 = 420 = 110100100 m 4=-r 3 (mod n) = -420 mod 713 = 293 = 10111
Example (cont. ) � m 1=1010111000, m 2=10001, m 3=110100100, m 4=10111 � Only m 1 has required redundancy, original message is m=10101112=8710.
Blum-Goldwasser Cryptosystem � Background � Key generation � Encryption � Decryption � Example
Background � Asymmetric key encryption algorithm by Manuel Blum and Shafi Goldwasser in 1984. � Probabilistic, semantically secure cryptosystem with a constant-size ciphertext expansion.
Key Generation � 1. Alice selects two large random (and distinct) primes p, q, each congruent to 3 modulo 4. � 2. � 3. Computes n=pq – public key. Computes integers a and b, such that ap+bq=1. (p, q, a, b) – private key.
Encryption �
Encryption (cont. ) �
Encryption (cont. ) �
Decryption �
Decryption (cont. ) �
Example � Key generation: � p=499, q=547, n=pq=272953. Alice computes the integers a=-57 and b=52 satisfying ap+bq=1. � Alice’s public key is n=272953 and private key is (p, q, a, b)
Example (cont. ) �
Example (cont. ) � i pi 1 180539 1011 0010 2 193932 1100 0000 3 245613 1101 1100 4 130286 1110 5 40632 1000 0100
Example (cont. ) �
Example (cont. ) Finally, Alice uses x 0 to construct the xi and pi just as Bob did for encryption, and recovers the plaintext mi by XORing the pi with the ciphertext blocks ci. i pi 1 180539 1011 1001 2 193932 1100 3 245613 1101 0001 4 130286 1110 0000 5 40632 1000 1100
References � � A. Menezes, P. van Oorschot, S. Vanstone, “Handbook of Applied Cryptography”, retrieved from http: //cacr. uwaterloo. ca/hac/ M. Blum, S. Goldwasser, “An Efficient Probabilistic Public-Key Encryption Scheme Which Hides All Partial Information”, Proceedings of Advances in Cryptology - CRYPTO '84, pp. 289 -299, Springer Verlag, 1985.
Quiz 1. What are the preset bits? 2. How many possible inputs can generate each output of the Rabin function? 3. What theorem is used in Rabin cryptosystem to get the square roots of c (mod n)? 4. True or False. Blum-Goldwasser cryptosystem uses Inclusive or function when computing the ciphertext. 5. Briefly explain how the keys are generated in Rabin Cryptosystem? (What is public key and what is private key).
Answers 1. String of bits added to every message to distinguish the “correct” square root. 2. Four. 3. Chinese Remainder Theorem. 4. False. 5. Alice generates two large random and distinct primes p and q, roughly the same size. Computes n=pq. n is public key, (p, q) is private key.
- Slides: 29