Scribd
Upload
18 views40 pages

Lec-8 RSA and El Gamal

Uploaded by

charvipm
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
18 views40 pages

Lec-8 RSA and El Gamal

Uploaded by

charvipm
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 40

Cryptography

Lec. 8
RSA and El Gamal
Cryptosystems
10-1 INTRODUCTION

Symmetric(Conventional) and Asymmetric-Key(Public-


Key) cryptography will exist in parallel and continue to
serve the community. We actually believe that they are
complements of each other; the advantages of one can
compensate for the disadvantages of the other.

10.2
10.1.1 Keys

Asymmetric key cryptography uses two separate keys: one


private and one public.

Figure 10.1 Locking and unlocking in asymmetric-key cryptosystem

10.3
10.1.2 General Idea

Figure 10.2 General idea of asymmetric-key cryptosystem

10.12
10.1.2 Continued

Plaintext/Ciphertext
Unlike in symmetric-key cryptography, plaintext and
ciphertext are treated as integers in asymmetric-key
cryptography.

Encryption/Decryption

C = f (Kpublic , P) P = g(Kprivate , C)

10.13
10.1.3 Need for Both

10.14
10.1.4 Trapdoor One-Way Function

The main idea behind asymmetric-key cryptography is the


concept of the trapdoor one-way function.

Functions

Figure 10.3 A function as rule mapping a domain to a range

10.15
10.1.4 Continued
One-Way Function (OWF)

1. f is easy to compute.
2. f −1 is difficult to compute.

Trapdoor One-Way Function (TOWF)

3. Given y and a trapdoor, x can be


computed easily.

10.16
10.1.4 Continued

Example 10. 1 (One Way Function)


When n is large, n = p × q is a one-way function. Given p and
q , it is always easy to calculate n ; given n, it is very difficult to
compute p and q. This is the factorization problem.

Example 10.2 (Trapdoor One Way Function)


When n is large, the function y = xk mod n is a trapdoor one-
way function. Given x, k, and n, it is easy to calculate y. Given
y, k, and n, it is very difficult to calculate x. This is the discrete
logarithm problem. However, if we know the trapdoor, k′ such
that k × k ′= 1 mod (n), we can use x = yk′mod n to find x.

10.17
10.1.4 Continued
One-Way Function (OWF)

10.18
10.1.4 Continued

10.19
10-2 RSA CRYPTOSYSTEM

The most common public-key algorithm is the RSA


cryptosystem, named for its inventors (Rivest, Shamir,
and Adleman).

Topics discussed in this section:


1. Introduction
2. Procedure
3. Some Trivial Examples
4. Attacks on RSA
5. Recommendations
6. Optimal Asymmetric Encryption Padding (OAEP)
7. Applications
10.20
10.2.1 Introduction

Figure 10.5 Complexity of operations in RSA

10.21
10.2.2 Procedure

Figure 10.6 Encryption, decryption, and key generation in RSA

10.22
10.2.2 Continued

Two Algebraic Structures

Encryption/Decryption Ring: R = <Zn , +, × >

Key-Generation Group: G = <Z (n)∗, × >

10.23
10.2.2 Continued

10.24
10.2.2 Continued

Encryption

10.25
10.2.2 Continued

Decryption

10.26
10.2.2 Continued
Proof of RSA

10.27
10.2.3 Some Trivial Examples
Example 10. 5

Bob chooses 7 and 11 as p and q and calculates n = 77. The


value of (n) = (7 − 1)(11 − 1) or 60. Now he chooses two
exponents, e and d, from Z60∗. If he chooses e to be 13, then d
is 37. Note that e × d mod 60 = 1 (they are inverses of each
Now imagine that Alice wants to send the plaintext 5 to Bob.
She uses the public exponent 13 to encrypt 5.

Bob receives the ciphertext 26 and uses the private key 37 to


decipher the ciphertext:

10.28
10.2.3 Some Trivial Examples
Example 10. 6

Now assume that another person, John, wants to


send a message to Bob. John can use the same
public key announced by Bob (probably on his
website), 13; John’s plaintext is 63. John calculates
the following:

Bob receives the ciphertext 28 and uses his private key 37 to


decipher the ciphertext:

10.29
10-4 ELGAMAL CRYPTOSYSTEM

Besides RSA, another public-key cryptosystem is


ElGamal. ElGamal is based on the discrete
logarithm problem.

Topics discussed in this section:


1. ElGamal Cryptosystem
2. Procedure
3. Proof
4. Analysis
5. Security of ElGamal
6. Application
10.30
Discrete Logarithms
• Order of an element: The order of an element, a(a and n
are relatively prime), is the smallest integer i, such that
𝑎𝑖 ≡ 1 𝑚𝑜𝑑 𝑛 .
Where i is known as the order of mod n
It is represented as 𝑜𝑟𝑑𝑛 𝑎.
• Euler’s Theorem:
This theorem is very helpful because it shows that the
relationship 𝑎𝑖 ≡ 1 𝑚𝑜𝑑 𝑛 holds when i = ∅(n), even if it holds
when i < ∅(n). In other words, this relation holds at least once.
• Primitive Roots: the order of an element is the same as ∅(n),
that element is called the primitive root of the group.
In other words, ∅(n) = 𝑜𝑟𝑑𝑛 𝑎,
a is known as the primitive root of n
Discrete Logarithms
Discrete Logarithms
Discrete Logarithms
• For an integer b with primitive root as a of a prime number p, we can find a
unique exponent i such that
b ≡ 𝒂𝒊 𝒎𝒐𝒅 𝒑
i is known as the discrete log of b for the base of a mod n

• represented as 𝑑𝑙𝑜𝑔𝑎,𝑝 (𝑏)


Discrete Log Problem
10.4.2 Procedure

Figure 10.11 Key generation, encryption, and decryption in ElGamal

10.36
10.4.2 Continued

Key Generation

10.37
10.4.2 Continued

10.38
10.4.2 Continued

10.39
10.4.3 Continued
Example 10. 10

Here is a trivial example. Bob chooses p = 11 and e1 = 2.


and d = 3 e2 = e1d = 8. So the public keys are (2, 8, 11)
and the private key is 3. Alice chooses r = 4 and calculates
C1 and C2 for the plaintext 7.

Bob receives the ciphertexts (5 and 6) and calculates the


plaintext.

10.40

You might also like