This preview shows pages 1–12. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.
View Full DocumentThis preview has intentionally blurred sections. Sign up to view the full version.
View Full DocumentThis preview has intentionally blurred sections. Sign up to view the full version.
View Full DocumentThis preview has intentionally blurred sections. Sign up to view the full version.
View Full DocumentThis preview has intentionally blurred sections. Sign up to view the full version.
View Full DocumentThis preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
Unformatted text preview: ASYMMETRIC ENCRYPTION 1 / 135 Recommended Book Steven Levy. Crypto . Penguin books. 2001. A nontechnical account of the history of publickey cryptography and the colorful characters involved. 2 / 135 Recall Symmetric Cryptography Before Alice and Bob can communicate securely, they need to have a common secret key K AB . If Alice wishes to also communicate with Charlie then she and Charlie must also have another common secret key K AC . If Alice generates K AB , K AC , they must be communicated to her partners over private and authenticated channels. 3 / 135 Public Key Encryption Alice has a secret key that is shared with nobody, and an associated public key that is known to everybody. Anyone (Bob, Charlie, ... ) can use Alices public key to send her an encrypted message which only she can decrypt. Think of the public key like a phone number that you can look up in a database 4 / 135 Public Key Encryption Alice has a secret key that is shared with nobody, and an associated public key that is known to everybody. Anyone (Bob, Charlie, ... ) can use Alices public key to send her an encrypted message which only she can decrypt. Think of the public key like a phone number that you can look up in a database Senders dont need secrets There are no shared secrets 4 / 135 Syntax of PKE A publickey (or asymmetric) encryption scheme AE = ( K , E , D ) consists of three algorithms, where E M D M or sk K C C pk A 5 / 135 How it Works Step 1 : Key generation Alice locally computers ( pk , sk ) $ K and stores sk . Step 2 : Alice enables any prospective sender to get pk . Step 3 : The sender encrypts under pk and Alice decrypts under sk . We dont require privacy of pk but we do require authenticity: the sender should be assured pk is really Alices key and not someone elses. One could Put public keys in a trusted but public phone book, say a cryptographic DNS. Use certificates as we will see later. 6 / 135 Security of PKE Schemes: Issues The issues are the same as for symmetric encryption: Want general purpose schemes Security should not rely on assumptions about usage setting Want to prevent leakage of partial information about plaintexts 7 / 135 Security requirements Suppose sender computes C 1 $ E pk ( M 1 ) ; ; C q $ E pk ( M q ) Adversary A has C 1 ,..., C q What if A Retrieves sk Bad! Retrieves M 1 Bad! But also ... 8 / 135 Security requirements We want to hide all partial information about the data stream. Examples of partial information: Does M 1 = M 2 ? What is first bit of M 1 ? What is XOR of first bits of M 1 , M 2 ? 9 / 135 Security requirements We want to hide all partial information about the data stream....
View
Full
Document
This note was uploaded on 08/31/2011 for the course CSE 207 taught by Professor Daniele during the Winter '08 term at UCSD.
 Winter '08
 daniele

Click to edit the document details