UNIT 3

#Principles of Public Key Cryptosystems

Asymmetric algorithms rely on one key for encryption and a different but related key for decryption.
These algorithms have the following important characteristic.

■ It is computationally infeasible to determine the decryption key given only knowledge of the
cryptographic algorithm and the encryption key.In addition, some algorithms, such as RSA, also exhibit
the following characteristic.

■ Either of the two related keys can be used for encryption, with the other used for decryption.

A public-key encryption scheme has six ingredients

■ Plaintext: This is the readable message or data that is fed into the algorithm as input.

■ Encryption algorithm: The encryption algorithm performs various transformations on the plaintext.

■ Public and private keys: This is a pair of keys that have been selected so that if

one is used for encryption, the other is used for decryption. The exact transformations performed by the
algorithm depend on the public or private key that

is provided as input.

■ Ciphertext: This is the encrypted message produced as output. It depends on the plaintext and the
key. For a given message, two different keys will produce two different ciphertexts.

■ Decryption algorithm: This algorithm accepts the ciphertext and the matching

key and produces the original plaintext.

#RSA Algorithm

The RSA scheme is a cipher in which the plaintext and ciphertext are integers between 0 and n - 1 for
some n. A typical size for n is 1024 bits, or 309 decimal digits. That is, n is less than 21024
#Diffie-Helman Key Exchange

The purpose of the algorithm is to enable two users to securely exchange a key that can then be used
for subsequent symmetric encryption of messages. The algorithm itself is limited to the exchange of
secret values.

The Diffie–Hellman algorithm depends for its effectiveness on the difficulty of computing discrete
logarithms. Briefly, we can define the discrete logarithm in the following way. Recall from Chapter 2 that
a primitive root of a prime number pis one whose powers modulo p generate all the integers from 1 to p
- 1. That is, if a is a primitive root of the prime number p, then the numbers

a mod p, a2 mod p, …,an-1 mod p

are distinct and consist of the integers from 1 through p - 1 in some permutation.

For any integer b and a primitive root a of prime number p, we can find a

unique exponent i such that

b = ai (mod p) where 0<=i<=(p - 1)

The exponent i is referred to as the discrete logarithm of b for the base a, mod p. We express this value
as dloga,p(b).

#Elliptic Curve Cryptography

-ECC, an alternative technique to RSA, is a powerful cryptography approach. It generates security

between key pairs for public key encryption by using the mathematics of elliptic curves.

-RSA does something similar with prime numbers instead of elliptic curves, but ECC has gradually been
growing in popularity recently due to its smaller key size and ability to maintain security. This trend will
probably continue as the demand on devices to remain secure increases due to the size of keys growing,
drawing on scarce mobile resources. This is why it is so important to understand elliptic curve
cryptography in context.

-In contrast to RSA, ECC bases its approach to public key cryptographic systems on how elliptic curves
are structured algebraically over finite fields. Therefore, ECC creates keys that are more difficult,
mathematically, to crack. For this reason, ECC is considered to be the next generation implementation of
public key cryptography and more secure than RSA.

-It also makes sense to adopt ECC to maintain high levels of both performance and security. That’s
because ECC is increasingly in wider use as websites strive for greater online security in customer data
and greater mobile optimization, simultaneously. More sites using ECC to secure data means a greater
need for this kind of quick guide to elliptic curve cryptography.

-An elliptic curve for current ECC purposes is a plane curve over a finite field which is made up of the
points satisfying the equation:
y²=x³ + ax + b.

-In this elliptic curve cryptography example, any point on the curve can be mirrored over the x-axis and
the curve will stay the same. Any non-vertical line will intersect the curve in three places or fewer.

#Prime fields and binary fields

Prime fields and binary fields are two types of finite fields commonly used in various cryptographic
algorithms, including elliptic curve cryptography (ECC). These fields provide the underlying mathematical
structure for computations in cryptographic systems.

1. Prime Fields (also known as Galois Fields GF(p)):

 Prime fields are finite fields constructed using prime numbers. They are denoted as
GF(p), where p is a prime number.

 Elements in prime fields are integers from 0 to p-1. Addition and multiplication in prime
fields are performed modulo p.
  Prime fields offer simplicity and efficient arithmetic operations. They are widely used in
various cryptographic algorithms, such as RSA and DSA.

 The security of prime fields relies on the difficulty of factorization and solving discrete
logarithm problems.

Applications of Prime Fields (GF(p)):

1. RSA Encryption and Digital Signatures: Prime fields are used in the RSA algorithm for key
generation, encryption, and digital signatures. The security of RSA is based on the difficulty of
factoring large composite numbers in prime fields.

2. Diffie-Hellman Key Exchange: Prime fields are used in the Diffie-Hellman key exchange protocol
for establishing shared secret keys over an insecure channel.

3. DSA (Digital Signature Algorithm): Prime fields are used in the DSA algorithm for generating
digital signatures.

4. ElGamal Encryption: Prime fields are used in the ElGamal encryption scheme, which is an
asymmetric encryption algorithm.

Practical Considerations for Prime Fields:

1. Computational Efficiency: Arithmetic operations in prime fields, such as modular addition and
multiplication, can be efficiently implemented using standard integer arithmetic operations.

2. Compatibility: Prime fields are widely supported in cryptographic libraries and algorithms,
making them compatible with many existing systems and protocols.

3. Key Size: The security of prime fields is influenced by the size of the prime number used. Larger
prime numbers are generally more secure but require more computational resources for key
generation and computations.

4. Interoperability: Prime fields have well-defined standards and specifications, ensuring

interoperability between different implementations and systems.

Binary Fields (also known as Galois Fields GF(2^m)):

 Binary fields are finite fields constructed using polynomials over the binary (GF(2)) field. They
are denoted as GF(2^m), where m is a positive integer.

 Elements in binary fields are binary strings of length m, where each bit represents a coefficient
of the polynomial. Addition and multiplication in binary fields follow specific rules defined by the
irreducible polynomial used to construct the field.
  Binary fields are particularly well-suited for efficient implementations on binary processors and
hardware, making them popular in cryptographic systems implemented in constrained
environments.

 The security of binary fields is based on the hardness of the discrete logarithm problem over
binary fields.

Applications of Binary Fields (GF(2^m)):

1. Elliptic Curve Cryptography (ECC): Binary fields are commonly used in elliptic curve
cryptography, where the elliptic curve points and operations are defined over binary fields. ECC
offers strong security with shorter key sizes, making it suitable for resource-constrained
environments.

2. Stream Ciphers: Binary fields are used in stream ciphers, where the encryption and decryption
process involves bitwise XOR operations on binary strings.

3. Error-Correcting Codes: Binary fields are used in error-correcting codes, such as Reed-Solomon
codes, for error detection and correction in data transmission and storage systems.

Practical Considerations for Binary Fields:

1. Efficient Implementations: Binary fields offer efficient arithmetic operations, particularly in

hardware implementations and binary processors, due to the binary nature of computations.

2. Compact Representations: Binary fields require less storage space compared to prime fields
since elements are represented as binary strings of length m.

3. Implementation Complexity: Implementing cryptographic algorithms over binary fields may

require specialized algorithms and techniques specific to binary arithmetic and polynomial
operations.

4. Key Size: The security of binary fields depends on the choice of the irreducible polynomial used
to define the field. The length of the binary strings determines the size of the field and
influences the security level.

#Cryptography in Embedded Hardware:

-Cryptography in embedded hardware refers to the implementation of cryptographic algorithms and

security mechanisms in small, resource-constrained devices such as microcontrollers, IoT devices, smart
cards, and other embedded systems.

-These devices often have limited processing power, memory, and energy resources, which present
unique challenges for implementing cryptographic operations.
- The possibility of adding security can be specified by hardware or by implementing the cryptography
algorithms in software. This project focuses on cryptography and the implementation of a cryptographic
algorithm to protect data by using encryption technology on embedded systems.

-There are several requirements and challenges of the implementation of cryptography algorithms on
embedded systems. Embedded systems are highly cost sensitive, the length of cryptography key cannot
be too big; a slow running cryptographic algorithm will lead to a long waiting time.

- The cryptographic technology can be divided into the two most common algorithmic models:
symmetric cipher model and asymmetric-key. Asymmetric-key algorithms are very computationally
intensive compared to symmetrickey operations. Sufficient cryptographic algorithms need to be
selected according to the hardware and processor of the embedded systems.

-It requires careful consideration of hardware capabilities, algorithm selection, key management, secure
storage, and protection against physical attacks to ensure robust and efficient cryptographic operations
in resource-constrained environments.