Information and Network Security

Ms. Hansa Vaghela , Assistant Professor

Computer Science & Engineering
 CHAPTER-6
Asymmetric Ciphers

2
 Contents
1. Prime numbers
2. Euler Totient function
3. Euler’s theorem
4. Fermat’s Theorem
5. Testing for primality
6. Principles of public key Cryptosystems
7. RSA algorithm
8. Diffie – Hellman Key exchange algorithm

3
Prime Numbers
• An integer p > 1 is a prime number if and only if its only divisors are 1 and itself
• Ex. 2,3,5,7 are prime, 4,6,8,9,10 are not
•List of prime number less than 200 is:
• 2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71 73 79 83 89 97 101
103 107 109 113 127 131 137 139 149 151 157 163 167 173 179 181 191
193 197 199
• Prime Factorisation
•The prime factorisation of a number n is when its written as a product of primes
•eg. 91=7x13 ; 3600=24x32x52

4
Relative Prime Number
• Two numbers a, b are relatively prime if have no common divisors apart from 1

Ex. 8 & 15 are relatively prime

since factors of 8 are 1,2,4,8 and of 15 are 1,3,5,15 and 1 is the only common
factor

5
EULER’S TOTIENT FUNCTION

6
Euler Totient Function ø(n)
• The Euler’s totient function ø(n), defined as the number of positive
integers less than n & relatively prime to n.

Ex. for n=10 ø(n) = {1,3,7,9}

• Term “residue” refers to numbers less than some modulus, and the
“reduced set of residues” to those numbers (residues) which are
relatively prime to the modulus (n).
Ex for n=10,
complete set of residues is {0,1,2,3,4,5,6,7,8,9}
Reduced set of residues is {1,3,7,9}

7
Euler Totient Function ø(n)
• To compute ø(n) need to count number of residues to be excluded

• In general need prime factorization, but

• for p (p prime) ø(p) = p-1

• for p.q (p,q prime) ø(pq) =(p-1)x(q-1)

• eg.
• ø(37) = 36
• ø(21) = (3–1)x(7–1) = 2x6 = 12

8
Euler’s Theorem
• For every a and n that are relatively prime
aø(n) ≡ 1 (mod n) for any a,n where gcd(a,n)=1

• Ex.
• a=3; n=10; ø(10)=4;
• hence 34 = 81 = 1 mod 10

• a=2; n=11; ø(11)=10;

• hence 210 = 1024 = 1 mod 11

9
FERMAT’S THEOREM

10
 Fermats theorem
if 'p' is a prime number and 'a' is a positive integer not divisible by 'p' then a(p-1)
= 1 (mod p)
Example: Does Fermat's theorem hold true tor P= 5 and a=2?
Solution: Given P=5&a=2
a(P-1) = 1 (modp)
2(5-1)= 1 Imod 5)
2(4) = 1 (mod5)
16 = 1 (mods)
Therefore, fermats theorem hold true for above.

11
Fermat’s Theorem
• ap-1=1(mod p)

• P is prime and a is a positive integer not divisible by p

3201mod 11
3 is not divisible by 11
Hence ap-1mod p
3(11-1) = 310=1mod11
(310)20*(3) mod 11
=1*3 mod 11
=3

12
Fermat’s Theorem
• Solve following:

• 2345 mod 11

• 350 by 7

• 5101mod31

13
TESTING FOR PRIMALITY
• For many cryptographic algorithms, it is necessary to select one or more
very large prime numbers at random.
• Thus, we are faced with the task of determining whether a given large
number is prime.
• There is no simple yet efficient means of accomplishing this task.

• Miller-Rabin Algorithm
• Probabilistic primality test
• checks whether a specific property, which is known to hold for prime
values, holds for the number under testing

14
 Miller-Rabin Algorithm

• The algorithm due to Miller and Rabin [MILL75, RABI80] is typically used
to test a large number for primality
TEST (n)
1. Find integers k, q, with k > 0, q odd, so that (n-1 = 2 kq);
2. Select a random integer a, 1 < q < n-1;
3. if aq mod n = 1 then return (“inconclusive”);
4. for j = 0 to k – 1 do
5. if a2jq mod n = n – 1 then return (“inconclusive”);
6. return (“composite”);

15
Example
• Suppose n =29
• Find ( n- 1) = 28 = 22(7)= 2kq
• Let us try a = 10
• 107 mod 29 = 17 (its neither 1 nor 28, so continue test)
• (107)2 mod 29 = 28 hence test return “in clonclusive”

16
Example
• Now let us apply the test to the composite number
• N = 13*17 = 221
• Then
• (n-1) = 220 = 22(55)= 2kq
• Let us try a=5
• 555mod 221 = 112 (neither 1 nor 220)
• (555)2 mod 221 = 168 test return “Composite”

17
PRINCIPLES OF PUBLIC KEY CRYPTO SYSTEMS

18
Principles Of Public-Key Cryptosystems
• Public-Key Cryptosystems
• Applications for Public-Key Cryptosystems
• Requirements for Public-Key Cryptography
• Public-Key Cryptanalysis

19
Introduction
• Asymmetric encryption is a form of cryptosystem in which encryption
and decryption are performed using the different keys- one is a public
key and one a private key. It is also known as public-key encryption.
• Asymmetric encryption transform plaintext into ciphertext using one of
two keys and an encryption algorithm. Using the paired key and
decryption algorithm, plaintext is recovered from the ciphertext.
• Asymmetric encryption can be used for confidentiality, authentication,
or both.
• The most widely used public-key cryptosystem is RSA. The difficulty of
attacking RSA is based on the difficulty of finding the prime factors of a
composite number.

20
Principles of Public-key Cryptosystems
• Public-key algorithms are based on mathematical functions rather than
on substitution and permutation.
• Public-key encryption is more secure from cryptanalysis than is
symmetric encryption.
• The concept of public-key cryptography evolved from an attempt to
attack two of the most difficult problems associated with symmetric
encryption.
• (1) two communications already share a key, which somehow has been
distributed to them.
• (2) the use of key distribution center.
• The idea of public-key cryptography was invented by Diffie and Hellman.

21
Public-key Cryptosystems
• Asymmetric algorithm rely on one key for encryption and a different but
related key for decryption.

• Characteristic of PKC: it is computationally infeasible to determine the

decryption key given only knowledge of the cryptographic algorithm
and encryption key.

• Public key is known to every one even, it is infeasible to derived a

private key related to that public key.

22
Public-key Cryptosystems (Conti…)

Fig 5.1: Encryption

23
Public-key Cryptosystems (Conti…)
• A public-key encryption scheme has six ingredients.

• Plaintext

• Encryption algorithm

• Public and private key

• Ciphertext

• Decryption algorithm

24
Public-key Cryptosystems (Conti…)
• The essential steps for the communication in PKC are as follows:

• Each user generate a pair of keys to be used for the encryption and
decryption of messages.
• Each user places one of the two keys in a public register or other
accessible file. This is public key. The companion key is kept private.
• If bob wishes to send a confidential message to alice, bob encrypts the
message using alice’s public key.
• When alice receives the message, she decrypt it using her private key.
No other recipient can decrypt the message because only alice knows
her private key.

25
Public-key Cryptosystems (Conti…)
• With this approach, all participants have access to public keys, and
private keys are generated locally by each participant and therefore
need never be distributed .

• As long as a user’s private key remains protected and secrete, incoming

communication is secure.

• At any time, a system can change its private key and publish the
companion public key to replace its old key.

26
Public-key Cryptosystems (Conti…)

Fig 5.2: Public-Key Cryptosystem: Secrecy

27
Public-key Cryptosystems (Conti…)
• User A want to send some message to B.
• B generates a related pair of keys: a public key PUb, and private key PRb.
PRb is known to only B, whereas PUb is publicly available and so
accessible by A.
• With the message X and the encryption key PUb as input, A forms
ciphertext y = [y1, y2, y3,….yn]

• Y = E(PUb, X)

• The intended receiver, in possession of the matching private key, is able

to invert the transformation:

• X = D(PRb, Y)
28
Public-key Cryptosystems (Conti…)

Fig 6.3: Public-Key Cryptosystem: Authentication [1]

29
Public-key Cryptosystems (Conti…)
• Figurer 6.3 show the use of public-key encryption to provide
authentication.
• Y = E(PRa, X)
• X = D(PUa, Y)
• In this case, A prepare a message to B and encrypts it using A’s private
key before transmitting it.
• B can decrypt it using A’s public key .
• Because the message was encrypted using A’s private key, only A could
have prepare the message.
• So, the entire encrypted message serves as a digital signature.
• In addition, it is impossible to alter the message without access to A’s
private key, so the message is authenticated both the terms of source
and in terms of data integrity.
30
Public-key Cryptosystems (Conti…)
• In the preceding scheme, the entire message is encrypted, which,
although validating both author and contents, requires a great deal of
storage.
• Each document must be kept in plaintext to be used for pratical
purpose.
• A copy also stored in ciphertext so that the original and contents can be
verified in case of dispute.
• A more efficient way of achieving the same results is to encrypt a small
block of bits that is a function of the document.
• Such a block, called an authenticator, must have the property that it is
infeasible to change the document without without changing the
authenticator.
• If the authenticator is encrypted with the sender’s private key, it serve
as signature that verifies origin, content, and sequencing
31
Public-key Cryptosystems (Conti…)

Fig 5.4: Public-Key Cryptosystem: Authentication & Secrecy[1]

32
Applications for Public-key Cryptosystem
• In broad terms, we can classify the use of public-key cryptosystem into
three categories:

• Encryption/decryption

• Digital signature

• Key exchange

33
Requirements for Public-key Cryptography
• The PKC algorithm must fulfill the following conditions

• It is computationally easy for party B to generate the key pair.

• It is computationally easy for a sender A, knowing the public key and the
message to be encrypted, M, to generate the corresponding cipher text.
• It is computationally easy for the receiver B to decrypt the resulting
cipher text using private key to recover the original message.
• It is computationally infeasible for an adversary, knowing the public key
to determine the private key.
• It is computationally infeasible for an adversary, knowing the public key
and cipher text to recover the original message

34
THE RSA ALGORITHM

35
The RSA Algorithm
• RSA - Ron Rivest, Adi Shamir and Len Adleman at MIT, in 1977.
• RSA is a block cipher
• The most widely implemented
• Provides confidentiality (encryption/decryption) and digital
signatures for authentication and integrity checking.
• Encryption: Data is encrypted using the recipient's public key. This
scrambled data, called ciphertext, can only be decrypted with the
corresponding private key.
• Decryption: The recipient uses their private key to decrypt the
ciphertext, transforming it back to the original data (plaintext).
• The security of RSA relies on the difficulty of factoring large numbers.
Because the public key is based on the product of two large prime
numbers, cracking it would involve factoring this large number, which
is computationally infeasible with current technology.

36
RSA Algorithm
Here's why RSA is important for network security:
Confidentiality: It ensures only authorized parties with the private key can access
encrypted information.
Digital Signatures: RSA can be used for digital signatures, allowing verification of
the sender's identity and message integrity.
However, it's important to note that RSA isn't perfect. The key size is crucial, and
with increasing computing power, larger key sizes are needed to maintain
security.

37
The RSA Algorithm (Conti…)
Key Generation Alice
• Select p,q p and q both are prime, p≠q
• Calculate n= p*q
• Calculate ø (n)= (p-1)*(q-1)
• Select integer e gcd(ø(n),e)=1; 1<e< ø(n)
• Calculate d d=e-1 (mod(ø(n)))
• Public Key PU= {e,n}
• Private Key PR={d,n}

38
The RSA Algorithm (Conti…)
• To encrypt a message
c = me mod n
• To decrypt a message
m = cd mod n
= (me mod n)d mod n
= med mod n
= m1+kø(n)mod n
= m . mkø(n)mod n
=m

39
RSA Example- Key setup
• Select two prime numbers
• P=17 and q=11
• Compute n
n= p*q = 17*11= 187
• Compute ø Value
Ø (n) = (p-1)*(q-1)= (17-1)*(11-1)= 16*10 = 160
• Select Encryption Parameter
e : gcd(e,160)=1; choose e =7

40
RSA Example- Key setup
• Determine Decryption Parameter
d: de=1 mod 160 and d < 160
Value of d = 23 since 23*7 = 161

• Public Key PU= {7, 187}

• Private Key PR= {23, 187}

41
RSA Example- En/Decryption
• Encrypt message M =88
C = 887 mod 187
= 88 (3+3+1) mod 187
= ((883 mod 187) (883mod 187)(88 mod 187)) mod 187
= (44 * 44 * 88 ) mod 187
= 11
• Decryption is:
M = 1123 mod 187 = 88

42
RSA Example- Key setup
• Select two prime numbers
P=11 and q=3
• Compute n
n= p*q = 11*3= 33
• Compute ø Value
Ø (n) = (p-1)*(q-1)= (11-1)*(3-1)= 10*2 = 20
• Select Encryption Parameter
e : gcd(e,20)=1; choose e =3
• Determine decryption parameter
d: de=1 mod 20 and d<20 ; d=7 since

43
RSA Example- En/Decryption
• The sample RSA private/public operations are:
• Given message M = 7
• Encryption is:
• C= 73 mod 33
• = 343 mod 33
• = 13
• Decryption is:
M = 137 mod 33
= 13(3+3+1) mod 33
=((133 mod 3)*(133 mod 33)*(13 mod 33)) mod 33
=19*19*13 mod 33= 4693 mod 33 = 7

44
RSA Example- Key setup
• Consider the text grouping in the groups of three i.e
• ATTACKXATXSEVEN = ATT ACK XAT XSE VEN
• Represent the blocks in base 26 using A=0, B=1, C=2 …
• ATT = 0*262 + 19*261 + 19 = 513
• ACK =0*262+ 2*261 + 10 = 62
• XAT= 23*262 + 0*261 + 19 = 15567
• XSE= 23 *262 + 18 * 261 + 4 = 16020
• VEN= 21*262 + 4*261 + 13 = 14313
• What should be the value of n?
• The value of n should be greater than 17575. How & Why?
• Let p = 137 and q = 131; so that n= pq = 17947

45
RSA Example- Key setup
• Compute phi value:
• Ø(n) = (p-1)(q-1) = 136*130 = 17680
• Select encryption parameter
• e: gcd(e,17680)=1; choose e=3
• Determine decryption parameter
• d: de=1 mod 17680 and d< 17680
• Value is d=11787 since 11787*3 = 35361= 11787*2+1
• Publish public key PU= {3, 17947}
• Keep secret private key PR={7, 17947}

46
RSA Example- En/Decryption
• The sample RSA private/public operations are:
• Given message M = ATT = 513
• Encryption is
• C = 5133 mod 17947 = 8363
• Decryption is
• M= 836311787 mod 17947 = 513
• Plaintext is represented as the set of integer’s m
• {513, 62, 15567, 16020, 14313}
• Cipher text is represented as the set of integers m
• { 8363, 5017, 11884, 9546, 13366}

47
The RSA Algorithm (Conti…)
Encryption by Bob with Alice’s Public Key
Plaintext: M<n
Cipher Text C= M e mod n

Decryption by Alice with Alice’s Private Key

Cipher text: C
Plain Text: M= Cd mod n

48
The Security of RSA
• Four possible approaches to attacking the RSA algorithm are as follows:
• Brute force: this involves trying all possible private keys.
• The defense against the brute-force approach is same for RSA as for
other cryptosystem, namely, use a large key space.
• So the large number of bit in d is better.
• However, because the calculations involve, both in key generation and
in encryption/decryption, are complex, the large the size of key, the
slower the system will run.
• Timing attacks: these depend on the running time of the decryption
algorithm.
• Chosen ciphertext attacks: this type of attack exploits properties of the
RSA algorithm.

49
The Security of RSA (Conti…)
• The Factoring Problem: we can identify three approaches to attacking
RSA mathematically.

• Factor n into its two prime factors. This enables calculation of ø(n)=(p-1)
(q-1), which, in turn, enables determination of d = e -1 mod ø(n)

• Determine ø(n) directly, without first determining p and q. Again, this

enables determination of d = e-1 mod ø(n).

• Determine d directly, without determining ø(n)

50
The Security of RSA (Conti…)
• Timing Attacks:

• Paul kocher, a cryptographic consultant, demonstrated that a snooper

can determine a private key by keeping track of how long a computer
takes to decipher message.

• Timing attacks are applicable not just for RSA, but to other public-key
cryptography systems.

• This attack is alarming for two reasons: it comes from a completely

unexpected direction and it is a ciphertext-only attack.

51
The Security of RSA (Conti…)
• There are simple countermeasures that can be used for timing attack:
• Constant exponentiation time.
• Ensure that all exponentiations take the same amount of time before
returning a result. This is a simple but does degrade performance.
• Random delay
• Better performance could be achieved by adding a random delay to the
exponentiation algorithm to confuse the timing attack.
• Blinding: multiply the ciphertext by a random number before
performing exponentiation .
• This process prevents the attacker from knowing what ciphertext bits
are being processed inside the computer and so prevents the bit-by-bit
analysis essential to the timing attack

52
Issue:

• How to exchange same secret key so that no

one else can obtain a copy.

• Diffie Hellman Key Exchange algorithm

53
DIFFIE-HELLMAN KEY EXCHANGE ALGORITHM

54
 Diffie Hellman Algorithm
• The Diffie-Hellman (DH) key exchange algorithm is a clever
method for two parties (like Alice and Bob) to securely establish
a shared secret key over an insecure public channel, without ever
actually exchanging the key itself. Here's a simplified
explanation:
• Imagine Alice and Bob want to chat secretly over a walkie-talkie:
• Public Agreement: They agree on two publicly known numbers: a
large prime number (p) and a base number (g). Think of these like
ingredients for a secret recipe.

55
Diffie Hellman Algorithm
• Secret Ingredients: Each keeps a secret number to themselves (a for Alice
and b for Bob). These are their private keys.
• Key Exchange:
• Alice uses her secret (a) and the public ingredients (g and p) to create a
message (A) and sends it over the walkie-talkie (insecure channel).
• Bob does the same with his secret (b), creating a message (B) and
sending it back.
• Secret Handshake:
• Alice now uses Bob's message (B) along with her own secret (a) and
the public numbers (p and g) to create a shared secret key (K).
• Bob uses Alice's message (A) along with his own secret (b) and the
public numbers to arrive at the same shared secret key (K).

56
Diffie Hellman Algorithm
• Crucially, no one listening on the walkie-talkie can figure out the secret key
(K) from the messages exchanged (A and B). The math behind DH makes it
very difficult to derive the secret key without the private information (a and
b).

57
Alice wants to send a message to Bob

Eve

Alice
Bob
58
Can use cryptography

Eve

Bob
Alice

Need to have Key for Encryption –

59
Objective
• Describe key Exchange

• Discuss Diffie Hellman Key Exchange Algorithm

• Solve Numerical based on Diffie Hellman Key Exchange Algorithm

60
Introduction

• Discovered by Whitfield Diffie and Martin Hellman

• “New Directions in Cryptography”

• Diffie-Hellman key agreement protocol

• Exponential key agreement
• Allows two users to exchange a secret key
• Requires no prior secrets
• Real-time over an untrusted network

61
Introduction Cont..
• Security of transmission is critical for many network and Internet
applications

• Requires users to share information in a way that others can’t decipher

the flow of information

62
Key exchange

= =
63
Key Exchange Cont…

= =
64
Basic Concept

eas
+ y
har
+ d
Based on the difficulty of computing discrete
logarithms of large numbers.

65
Key exchange

YA YB q
q

α α

XA = YA YB
= XB

66
Key Exchange Cont…

YA YB

=
XA XB
=
K
K
YB YA
67
Algorithm
• Global Public Elements
• q prime number
• α α < q and α a primitive root of q
• User A Key Generation
• Select private XA XA < q
• Calculate public YA YA= αXA mod q
• User B Key Generation
• Select private XB XB < q
• Calculate public YB YB = αXB mod q

68
Algorithm Cont…

• Calculation of Secret Key by User A

K = (YB)XA mod q

• Calculation of Secret Key by User B

K = (YA)XB mod q

69
Example
• Alice and Bob get public numbers
• q = 23, α = 9

• Alice and Bob choose Private Number

• XA = 4
• XB = 3
• Alice and Bob compute public values
• YA = 94 mod 23 = 6561 mod 23 = 6
• YB = 93 mod 23 = 729 mod 23 = 16

• Alice and Bob exchange public numbers

70
Example cont..

• Alice and Bob compute symmetric keys

• K = (YA ) XB mod q = 164 mod 23 = 9

• K = (YB ) XA mod q = 63 mod 23 = 9

• Alice and Bob now can talk securely!

71
Applications
• Diffie-Hellman is currently used in many protocols, namely:

• Secure Sockets Layer (SSL)/Transport Layer Security (TLS)

• Secure Shell (SSH)

• Internet Protocol Security (IPSec)

• Public Key Infrastructure (PKI)

72
Conclusion

• Authenticated Diffie-Hellman Key Agreement (1992)

• Defeats middleperson attack

• Diffie-Hellman POP Algorithm

• Enhances IPSec layer

• Diffie-Hellman continues to play large role in secure protocol creation

73
Man in the middle attack
 Suppose Alice and Bob wish to exchange keys, and Darth is the adversary.

1. Darth prepares for the attack by generating two random private keys XD1 and
XD2 and then computes corresponding public keys YD1 and YD2.
2. Alice transmits YA to Bob.

3. Darth intercepts YA and transmits YD1 to Bob. Darth also calculates K2=(YA)XD2
mod q.
4. Bob receives YD1 and calculates K1 = (YD1)XB mod q.

5. Bob transmits YB to Alice.

6. Darth intercepts YB and transmits YD2 to Alice. Darth calculates K1=(YB)XD1

mod q.
7. Alice receives YD2 and calculates K2 = (YD2)XA mod q.
Thank You

76
www.paruluniversity.ac.in
77