Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Cryptography and Network security # Lecture 5
1. Lec-5: Cryptography & Network
Security
Mr. Islahuddin Jalal
MS (Cyber Security) – UKM Malaysia
Research Title – 3C-CSIRT Model for Afghanistan
BAKHTAR UNIVERSITY باخترپوهنتون د
Bakhtar University 1
3. Problems in symmetric cryptography
• Key distribution
• Two communicants already share a key by the use of ( KDC)
• Neglected the essence of cryptography (Diffie and Martin Hellman)
• Verifying a message comes intact from the claimed sender
Bakhtar University 3
4. Public-Key Characteristics
1. Computationally infeasible to find decryption key
• Knowing only algorithm and encryption key
2. Computationally easy to en/decrypt messages
• When the relevant en/decrypt key is known either of the two related keys can
be used for encryption, with other used for decryption
Bakhtar University 4
5. In Symmetric Cryptography
• If Alice and Bob are physically apart and communicate, they have to
agree on a key Meet personally, or Use trusted couriers
• Alice needs one secret key for Bob, one for Carol, one for Dave and so
on. This means that Storage of so many secret keys is not feasible.
Bakhtar University 5
6. In Asymmetric Key Cryptography
• 2 people who never met can communicate securely. Alice can
securely communicate with all her friends by storing just a single
private key. 2 keys are used
• Public: known to everyone (for encryption or signature verification)
• Private: known to receiver only (for decryption or signature
generation)
Bakhtar University 6
7. Public-Key Cryptography
• Y = E(PUb, X )
• X = D(PRb, Y )
• Adversary can access PUb and Y, attempt to recover X or PRb;
Impossible to alter the message without access to A’s private key.
• Authenticate the source. Ensure data integrity. Authentication and
Confidentiality.
• Z = E(PUb, E(PRa, X))
• X = D(PUa, E(PRb, Z))
• Overhead: public key algorithm executed four times
Bakhtar University 7
8. Public-Key Applications
• Classify uses into 3 categories
• Encryption/Decryption (provide secrecy)
• Digital Signatures (provide authentication)
• Key Exchange (of session keys)
Bakhtar University 8
9. Example: Party A wants to send a message to party B
• When only confidentiality is needed
Bakhtar University 9
10. Example: Party A wants to send a message to party B
• When only authentication is needed
Bakhtar University 10
11. Example: Party A wants to send a message to party B
• When confidentiality and authentication are needed
Bakhtar University 11
13. RSA
• by Rivest, Shamir & Adleman of MIT in 1977
• best known & widely used public-key scheme
• Block cipher scheme: plaintext and ciphertext are integer b/w 0 to n-1
for some n.
• uses large integers (eg. 1024 bits)
• security due to cost of factoring large numbers
12/1/2017 Bakhtar University 13
14. RSA Key Setup
• each user generates a public/private key pair by:
• selecting two large primes at random - p, q
• computing their system modulus N=p.q
• note ø(N)=(p-1)(q-1)
• selecting at random the encryption key e
• where 1<e<ø(N), gcd(e,ø(N))=1
• solve following equation to find decryption key d
• e.d=1 mod ø(N) and 0≤d≤N
• publish their public encryption key: KU={e,N}
• keep secret private decryption key: KR={d,p,q}
12/1/2017 Bakhtar University 14
15. RSA Use
• to encrypt a message M the sender:
• obtains public key of recipient KU={e,N}
• computes: C=Me mod N, where 0≤M<N
• to decrypt the ciphertext C the owner:
• uses their private key KR={d,p,q}
• computes: M=Cd mod N
• note that the message M must be smaller than the modulus N (block
if needed)
12/1/2017 Bakhtar University 15
16. RSA Example
1. Select primes: p=17 & q=11
2. Compute n = pq =17×11=187
3. Compute ø(n)=(p–1)(q-1)=16×10=160
4. Select e : gcd(e,160)=1; choose e=7
5. Determine d: de=1 mod 160 and d < 160 Value is d=23 since
23×7=161= (1×160)+1
6. Publish public key KU={7,187}
7. Keep secret private key KR={23,17,11}
12/1/2017 Bakhtar University 16
17. RSA Example cont
• sample RSA encryption/decryption is:
• given message M = 88 (nb. 88<187)
• encryption:
C = 887 mod 187 = 11
• decryption:
M = 1123 mod 187 = 88
12/1/2017 Bakhtar University 17
18. RSA Key Generation
• Select p, q
• Calculate n=p x q
• Calculate ǿ(n)= (p-1)(q-1)
• Select integer e gcd(ǿ(n), e) =1; 1< e < ǿ(n)
• Calculate d d e-1 mod(ǿ(n))
• Public Key PU= {e, n}
• Private Key PR={d,n}
12/1/2017 Bakhtar University 18
19. Encryption by Bob with Alice’s Public Key
• Plaintext M<N
• Ciphertext: C=Me mod n
12/1/2017 Bakhtar University 19
20. Decryption by Alice with Alice’s private key
• Ciphertext: C
• Plaintext: M=Cd mod n
12/1/2017 Bakhtar University 20