Computer Systems &

Security
Week 05 – Cryptography – Part 3

Asymmetric Cryptography

2019-2020 (Semester 1) 1
Last time …
 We looked at symmetric cryptography algorithms
such as DES and AES
 The idea was to use the same key to encrypt
and decrypt
 The main problem with this method is the keys
distribution: How can the sender secretly
shares/agrees the key with the receiver?
 Today, we’ll look into a different way. 2
Lecture’s Objectives

 This week we will:

 Introduce the basic mathematical concepts that
underpin asymmetric cryptography
 Introduce Public Key Infrastructure (PKI)
 Illustrate PKI through the RSA cryptosystem, which
is very widely used for securing data transmission

2019-2020 (Semester 1) 3
Asymmetric Cryptography
 Contrary to the symmetric approach, asymmetric
cryptography assumes two different keys:
 Encryption key often called public key
 Decryption key often called private key
 These two keys are different (they’re not the
same key)
 However, they’re strongly related as we’ll see
later.
2019-2020 (Semester 1) 4
But before moving on … Math!
 Prime numbers
 An integer n  2 is said to be a prime number
if its only positive divisors are 1 and itself.
 Examples
 2, 7, 19 are primes
 -3, 0, 1, 6 are not primes
 Any integer can be expressed as a unique
product of prime numbers raised to positive
integer powers. 5
Prime Factorisation
 Prime decomposition of a positive integer n:
n = p1e1 x … x pkek
 Example
 200 = 23 x 52
 7569 = 3 x 3 x 29 x 29 = 32 x 292
 5886 = 2 x 27 x 109 = 2 x 33 x 109
 4900 = 72 x 52 x 22
 This process is called Prime Factorisation 6
Greatest Common Divisor (GCD)
 The greatest common divisor (GCD) of two positive
integers a and b, denoted gcd(a, b), is the largest
positive integer that divides both a and b
 Examples:
gcd(18, 30) = 6 gcd(0, 20) = 20 gcd(-21, 49) = 7
 Two integers a and b are said to be relatively prime if
gcd(a, b) = 1
 Example:
 15 and 28 are relatively prime 7
Modular Arithmetic Again
 Modulo operator for a positive integer n
a mod n = r is equivalent to a = r + kn
 Example:
29 mod 13 = 3 is equivalent to 29 = 3 + 213
-1 mod 13 = 12 is equivalent to 12 = -1 + 113
 Modulo and GCD:
gcd(a, b) = gcd(b, a mod b)
 Example:
gcd(21, 12) = 3 can be also expressed as:
gcd(12, 21 mod 12) = gcd(12, 9) = 3 8
Back to Asymmetric Cryptography
 As we mentioned before, the keys used to
encrypt and decrypt are different.
 Anyone who wants to be a receiver needs to
“publish” an encryption key, which is known as
the public key, KB and keep the private key, Kv
a secret.
 Anyone who wants to send data to the receiver
needs to know KB only, which is public.
9
 Hence, no need to agree/share a secret key!
Public Key Infrastructure
 Alice wants to send a secret message m to Bob
 Bob should have 2 keys: public KB and private Kv

Kv
m Ciphertext m
Message Encryption Message
Decryption
Source Source

Alice Bob

KB
2019-2020 (Semester 1) Public domain 10
Public Key Infrastructure
 It should not be possible to deduce the
plaintext from knowledge of the ciphertext
and the public key.
 It should not be possible to deduce the
private key from knowledge of the public key.
 Public key cryptography is based on One-
Way Functions (OWF)
2019-2020 (Semester 1) 11
One-Way Functions (OWF)
 A one-way function is a function that is
“easy” to compute and “difficult” to reverse

 Examples of OWF that we’ll use in this

lecture to explain public key systems:
 Multiplication of two prime numbers
 Modular exponentiation

2019-2020 (Semester 1) 12
OWF: Multiplying Two Prime Numbers

 Multiplication of two large prime numbers is

believed to be a one-way function.
 Given two large prime numbers p and q
 It’s easy to find n = pq
 However, starting from n, it’s difficult to find p and
q
 Example: if n = 589, can you work out p and q? Is
589 prime?
2019-2020 (Semester 1) 13
OWF: Modular Exponentiation
 The process of exponentiation just means
raising numbers to a power.
 Raising a to the power b, normally denoted ab
just means multiplying a by itself b times. In
other words:
ab = a x a x a x … x a  
 Modular exponentiation means computing ab
modulo some other number n. We tend to write
this as ab mod n.
2019-2020 (Semester 1) 14
OWF: Modular Exponentiation
 Examples

 33 mod 7 = 6  also written 33 = 6 (mod 7)

 28 mod 8 = 0  also written 28 = 0 (mod 8)
 103 mod 26 = 12  103 = 12 (mod 26)

2019-2020 (Semester 1) 15
OWF: Modular Exponentiation
 However, given a, and ab mod n (when n is
prime), calculating b is regarded as a hard
problem.
 This difficult problem is often referred to as the
discrete logarithm problem.
 In other words, given a number a and a prime
number n, the function f(b) = ab mod n is
believed to be a one-way function.
2019-2020 (Semester 1) 16
Discrete Logarithm Problem
 Take 33 = 27
 Now 33 mod 7 = 6
 If we’re asked the following question: assume
that 3b mod 7 = 6, can you find b?
 Yes, it’s 3!
 No, it can also be 9 
 Try 39 mod 7 … believe me the result will be also
6.
 Other solutions? 17
RSA Cryptosystem
 It is named after it inventors Ron Rivest, Adi
Shamir and Len Adleman.
 First published in 1977
 It is the most widely used public key encryption
algorithm today.
 It provides confidentiality and digital signatures.
 Its security is based on the difficulty of integer
factorisation and discrete logarithm problem
2019-2020 (Semester 1) 18
RSA: Choosing Keys
 Choose two large prime numbers p, q. (e.g.,
1024 bits each)
 Compute n = pq, z = (p-1)(q-1)
 Choose e (with e<z) that has no common factors
with z (i.e., e, z are “relatively prime”).
 Choose d such that ed-1 is exactly divisible by z.
(in other words: ed mod z = 1 ).
 Public key is KB =(n,e), Private key is Kv=(n,d). 19
RSA: Choosing e & Calculating d
 Let’s consider p=17 and q=11. n = 187. What choices of
e and d are acceptable?
 In this case z = (p-1)(q-1) = 16 x 10 = 160. Any suitable
choice of e must have the property that there are no
numbers that divide both z and e except for 1.
 e= 2, 4, 6, 8, 9, 10, 20, … are no good. Why?
 e= 7 is valid option
 Calculate d where ed mod z = 1
 Let’s say d = 23? (7x23 mod 160) = 1? YES
 Public key (187, 7), Private key (187, 23) 20
RSA: Encryption, Decryption
 Given (n,e) and (n,d) as computed before
 To encrypt a bit pattern, m, compute
c = me mod n (i.e., compute the remainder when
me is divided by n)
 To decrypt a received bit pattern, c, compute
m = cd mod n (i.e., remainder when cd is divided
by n)

Magic d
m = (m e mod n) mod n
happens!
c 21
RSA Example – Encryption
 Say Bob has public key KB =(n, e) = (187, 7), making his
private key Kv =(n, d) = (187, 23)
 Alice knows Bob’s public key (it’s public). She wants to
secretly send Bob the message hello [104 101 108 108
111]
 1047 mod 187 = 179
 1017 mod 187 = 84
 1087 mod 187 = 48
 1087 mod 187 = 48
 1117 mod 187 = 155
 Alice sends ciphertext [179 84 48 48 155] = |T00ø 22
RSA Example – Decryption
 Bob receives [179 84 48 48 155] = |T00ø
 Bob uses his private key Kv where d = 23, to
decrypt the message:
 17923 mod 187 = 104 h
 8423 mod 187 = 101 e
 4823 mod 187 = 108 l
 4823 mod 187 = 108 l
 15523 mod 187 = 111 o
 No one else could’ve read the message except
Bob because he has the private key. 23
RSA Security
 Security of RSA depends on the difficulty of
factoring n=pq
 The best-known algorithm takes exponential time
 In May 2005, a 200 long digits n was factored. It took a
cluster of 80 2.2 GHz computers continually running
for 3 months to calculate.
 This is estimated to be the equivalent of a single 2.2
GHz machine running for 55 continual years! 
2019-2020 (Semester 1) 24
RSA Security
 Therefore, n should be no less than 300 digits to
make sure RSA is secure.
 300 digits would require about 995 bits for
representation.
 RSA-300 =
276931556780344213902868906164723309223760836
398395325400503672280937582471494739461900602
187562551243171865731050750745462388288171212
746300721613469564396741836389979086904304472
476001839015983033451909174663464663867829125
664459895575157178816900228792711267471958357
574416714366499722090015674047 25
RSA Security
 If you choose the key size between 1024 and
4096 bits, RSA is secure.
 The longest key that is factored was RSA-786
which has 232 digits in 2009. It took about two
years using cluster of computers which is
estimated to take 2000 years of computing on a
single-core 2.2 GHz.
 The factoring competition stopped now but
people are still trying 
2019-2020 (Semester 1) 26
RSA Performance
 Yes, it’s very difficult to break because it’s
computationally expensive but so to encrypt as
well.
 Imagine encrypting large files, with large keys in
RSA, how long do you think it’ll take? Short time
or very long time?
 The answer depends on the computer capability
but it’s always very long time.
 Only use RSA to encrypt Symmetric keys! and
digital signatures (next week)
27
That’s all folks!

Questions?

2019-2020 (Semester 1) 28