This preview shows pages 1–2. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
Unformatted text preview: CS 161 Computer Security Spring 2010 Paxson/Wagner Notes 3/3 1 Asymmetric cryptography Last lecture, we saw symmetrickey cryptography, where Alice and Bob share a secret key K . However, symmetrickey cryptography can be inconvenient to use, because it requires Alice and Bob to get together in advance to establish the key somehow. Asymmetric cryptography , also known as publickey cryptography , is designed to address this problem. In a publickey cryptosystem or asymmetric cryptosystem, the recipient Bob has a publicly available key, his public key , that everyone can access. When Alice wishes to send him a message, she uses his public key to encrypt her message. Bob also has a secret key, his private key , that lets him decrypt these messages. Bob publishes his public key but does not tell anyone his private key (not even Alice). Publickey cryptography provides a nice way to help with the key management problem. Alice can pick a secret key K for some symmetrickey cryptosystem, then encrypt K under Bobs public key and send Bob the resulting ciphertext. Bob can decrypt using his private key and recover K . Then Alice and Bob can communicate using a symmetrickey cryptosystem, using K as their shared key, from there on. Publickey cryptography is a remarkable thing. Consider the function that, for a given public key, maps the message to the corresponding ciphertext. In a good publickey cryptosystem, this function must be easy to compute, and yet very hard to invert. In other words, it must form a oneway function : a function f such that given x , it is easy to compute f ( x ) , but given y , it is hard to find a value x such that f ( x ) = y . We need the computational equivalent of a process that turns a cow into hamburger: given the cow, you can produce a hamburger, but theres no way to restore the original cow from the hamburger. It is by no means obvious that it should be possible to accomplish this, but this lecture will show you how to do it. The known methods for publickey cryptography tend to rely heavily upon number theory, so this lecture will start with a brief number theory refresher, and then show you a publickey encryption algorithm. 2 Algorithms for modular arithmetic 2.1 Simple modular arithmetic Two nbit integers can be added, multiplied, or divided by mimicking the usual manual techniques which are taught in elementary school. For addition, the resulting algorithm takes a constant amount of time to produce each bit of the answer, since each such step only requires dealing with three bitstwo input bits and a carryand anything involving a constant number of bits takes O ( 1 ) time. The overall time to add two nbit integers is therefore O ( n ) , or linear in the bitlength of the integers. Multiplication and division take O ( n 2 ) time, i.e., quadratic time. Also recall that n , the number of bits it takes to represent an integer a in binary, satisfies n d log 2 a e ....
View
Full
Document
 Spring '08
 Staff
 Computer Security

Click to edit the document details