Se ha denunciado esta presentación.
Se está descargando tu SlideShare. ×

Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Cargando en…3
×

1 de 22 Anuncio

# CS283-PublicKey.ppt

New paradigm introduced by Diffie and Hellman

New paradigm introduced by Diffie and Hellman

Anuncio
Anuncio

## Más Contenido Relacionado

Anuncio

### CS283-PublicKey.ppt

1. 1. CSCI 172/283 Fall 2010 Public Key Cryptography
2. 2. Public Key Cryptography  New paradigm introduced by Diffie and Hellman  The mailbox analogy:  Bob has a locked mailbox  Alice can insert a letter into the box, but can’t unlock it to take mail out  Bob has the key and can take mail out  Encrypt messages to Bob with Bob’s public key  Can freely distribute  Bob decrypts his messages with his private key  Only Bob knows this
3. 3. Requirements  How should a public key scheme work?  Three main conditions  It must be computationally easy to encrypt or decrypt a message given the appropriate key  It must be computationally infeasible to derive the private key from the public key  It must be computationally infeasible to determine the private key from chosen plaintext attack  Attacker can pick any message, have it encrypted, and obtain the ciphertext
4. 4. Exchanging keys  Alice and Bob want to communicate using a block cipher to encrypt their messages, but don’t have shared key  How do Alice and Bob get a shared key?
5. 5. Solution 1  Alice sends the key along with her encrypted message  Eve sees encrypted message and key  Uses key to decrypt message
6. 6. Solution 2  Alice sends the key at some time prior to sending Bob the encrypted message  Eve has to wait longer  If she saw the key transmission, she has the key  Uses key to decrypt message
7. 7. Solution 3 – Use public key crypto  Diffie Hellman Key Exchange  All users share common modulus, p, and element g  g ≠ 0, g ≠ 1, and g ≠ p-1  Alice chooses her private key, kA  Computes KA = gkA mod p and sends it to Bob in the clear  Bob chooses his private key, kB  Computes KB = gkB mod p and sends it to Alice in the clear  When Alice and Bob want to agree on a shared key, they compute a shared secret S  SA,B = KB kA mod p  S = K kB mod p
8. 8. Why does DH work?  SA,B = SB,A  (gkA) kB mod p = (gkB) kA mod p  Eve knows  g and p  KA and KB  Why can’t Eve compute the secret?  This was the first public key cryptography scheme SA,B = KB kA mod p SB,A = KA kB mod p
9. 9. Hard problems  Public key cryptosystems are based on hard problems  DH is based on the Discrete Logarithm Problem (DLP)  Given:  Multiplicative group G  Element a in G  Output b  Find:  Unique solution to ax = b in G  x is loga b  No polynomial time algorithm exists to solve this* *On classical computers
10. 10. Could it fail?  Eve could fool Alice and Bob  Man in the middle / bucket brigade Alice Bob Eve My key is KA My key is K’A My key is KB My key is K’B Alice has no guarantee that the person she’s establishing a key with is actually Bob
11. 11. RSA  Rivest-Shamir-Adleman  Probably the most well-known public key scheme  First, some background
12. 12. Euler’s Totient  Totient function (n)  Number of positive numbers less than n that are relatively prime to n  Two numbers are relatively prime when their greatest common divisor is 1  Example: (10) = 4  1, 3, 7, 9  Example: (7) = 6  1, 2, 3, 4, 5, 6  If n is prime, (n) = n-1
13. 13. RSA keys  Choose 2 large primes, p and q  N = pq  (N) = (p-1)(q-1)  Choose e < N such that gcd(e, (N))=1  d such that ed = 1 mod (N)  Public key: {N, e}  Private key: {d}  p and q must also be kept secret
14. 14. RSA encryption/decryption  Alice wants to send Bob message m  She knows his public key, {N,e} Alice Bob c = me mod N c m = cd mod N
15. 15. Toy example  p=7, q=11  N=77  (N) = (6)(10) = 60  Bob chooses e=17  Uses extended Euclidean algorithm to find inverse of e mod 60  Finds d=53  Bob makes {N, e} public
16. 16. Toy example (continued)  Alice wants to send Bob “HELLO WORLD”  Represent each letter as a number 00(A) to 25(Z)  26 is a space  Calculates:  0717 mod 77 = 28, 0417 mod 77 = 16, …, 0317 mod 77 = 75  Sends Bob 28 16 44 44 42 38 22 42 19 44 75  He decrypts each number with his private key and gets “HELLO WORLD”
17. 17. What could go wrong?  What was wrong with the toy example?  Eve can easily find the encryption of each letter and use that as a key to Alice’s message  Even without knowing the public key, can use statistics to find likely messages  Like cryptogram puzzles
18. 18. How it should really happen  p and q should be at least 512 bits each  N at least 1024 bits  The message “HELLO WORLD” would be converted into one very large integer  That integer would be raised to the public/private exponent  For short message, pad them with a random string
19. 19. Is this key yours?  How to bind a key to an identity?
20. 20. PK Paradigm  Genkey(some info)  Creates Kpub and Kpriv  Encrypt with Kpub  Decrypt with Kpriv  Certificate binds key to individual
21. 21. IBE  Identity-Based Encryption  Kpub is well-known  Known to be bound to owner  Name, email, SSN, etc.  Owner requests a private key from CA  No certificates required
22. 22. Conclusion by xkcd http://xkcd.com/538/