This preview shows pages 1–2. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: CS 161 Computer Security Spring 2010 Paxson/Wagner Notes 3/3 1 Asymmetric cryptography Last lecture, we saw symmetric-key cryptography, where Alice and Bob share a secret key K . However, symmetric-key cryptography can be inconvenient to use, because it requires Alice and Bob to get together in advance to establish the key somehow. Asymmetric cryptography , also known as public-key cryptography , is designed to address this problem. In a public-key cryptosystem or asymmetric cryptosystem, the recipient Bob has a publicly available key, his public key , that everyone can access. When Alice wishes to send him a message, she uses his public key to encrypt her message. Bob also has a secret key, his private key , that lets him decrypt these messages. Bob publishes his public key but does not tell anyone his private key (not even Alice). Public-key cryptography provides a nice way to help with the key management problem. Alice can pick a secret key K for some symmetric-key cryptosystem, then encrypt K under Bobs public key and send Bob the resulting ciphertext. Bob can decrypt using his private key and recover K . Then Alice and Bob can communicate using a symmetric-key cryptosystem, using K as their shared key, from there on. Public-key cryptography is a remarkable thing. Consider the function that, for a given public key, maps the message to the corresponding ciphertext. In a good public-key cryptosystem, this function must be easy to compute, and yet very hard to invert. In other words, it must form a one-way function : a function f such that given x , it is easy to compute f ( x ) , but given y , it is hard to find a value x such that f ( x ) = y . We need the computational equivalent of a process that turns a cow into hamburger: given the cow, you can produce a hamburger, but theres no way to restore the original cow from the hamburger. It is by no means obvious that it should be possible to accomplish this, but this lecture will show you how to do it. The known methods for public-key cryptography tend to rely heavily upon number theory, so this lecture will start with a brief number theory refresher, and then show you a public-key encryption algorithm. 2 Algorithms for modular arithmetic 2.1 Simple modular arithmetic Two n-bit integers can be added, multiplied, or divided by mimicking the usual manual techniques which are taught in elementary school. For addition, the resulting algorithm takes a constant amount of time to produce each bit of the answer, since each such step only requires dealing with three bitstwo input bits and a carryand anything involving a constant number of bits takes O ( 1 ) time. The overall time to add two n-bit integers is therefore O ( n ) , or linear in the bitlength of the integers. Multiplication and division take O ( n 2 ) time, i.e., quadratic time. Also recall that n , the number of bits it takes to represent an integer a in binary, satisfies n d log 2 a e ....
View Full Document
- Spring '08
- Computer Security