This preview shows page 1. Sign up to view the full content.
Unformatted text preview: to work on efficient specialpurpose
The
implementation (e.g. special circuit board, and then the “RSA chip”,
which did RSA in 0.4 seconds) to prove practicality of RSA.
IBM PC debuts in 1981 and Moore’s Law to the rescuesoftware
IBM
now runs 2000x faster…
also, software and the Web rule…now ;
Speed differs on types of operations, (i.e. encryption, decryption,
Speed
digital signing and signature verification), as well as relatively size
of e and d ;
and e.g. with e = 3, encryption and signature verification are
e.g.
3, encryption
typically much (510 times) faster than decryption and digital
much
than
signing respectively ; Why not make d = 3 instead ?
instead DiffieHellman Key Exchange
DiffieHellman keyexchange enables two users to establish a shared
secret key securely using an open/ public communications channel. YA
XA Public channel:
anyone can listen to YB
XB = (YB)XA mod q = aXBXA mod q =Secret = aXAXB mod q = (YA) XB mod q DiffieHellman Key Exchange enables two users to establish a shared secret key via an open/
enables
public communications channel. Choose a prime number q, and q and is a primitive root of
Choose q ); both made public
); Alice randomly chooses x in {2, …, q1} as her secret;
Alice send Bob x (mod q)
(mod
Bob randomly chooses y in {2, …, q1} as his secret;
Bob
send Alice y (mod q)
(mod Shared key KAB = (y)x = (x)y
Shared DiffieHellman Example users Alice & Bob who wish to swap keys:
users
agree on prime q=353 and =3
agree
q=353 and
select random secret keys:
select A chooses xA=97, B chooses xB=233
chooses =97,
chooses =233
compute respective public keys:
compute
97 yA=3
mod 353 = 40 (Alice)
mod
(Alice)
233 yB=3
mod 353 = 248
(Bob)
mod
(Bob)
compute shared session key as:
compute
xA
97 KAB= yB
mod 353 = 248 mod 353 = 160
mod
248
xB
233 KAB= yA
mod 353 = 40 mod 353 = 160
mod
40 (Alice)
(Alice)
(Bob)
(Bob) How secure is DiffieHellman Key
Exchange ? It relies on the fact that “Discrete Logarithm” is a computationally
It
difficult problem, i.e.: Knowing that YA = aXA mod q and the values of a, q and YA
It is still computationally difficult to find XA But still subjected to ManintheMiddle Attack !! Because Alice does
But
not know for sure if it’s actually Bob who is sending her the YB Remedy: Published those public numbers, i.e. a, q and YA , YB in
Remedy:
in
a “Trusted, publicly accessible directory for each person”
This also allows Alice to send Bob an encrypted message
This
even when he is currently offline.
But how can you be sure that you are looking at the directory
But
hosted by the “true trusted directory server” ? Maninthemiddle (MITM) Attack DH protocol:
DH
1. Alice > Bob: x (mod q)
(mod
2. Bob > Alice: y (mod q)
(mod Attack scenario
Attack Vulnerability: lack of what?
Vulnerability: Other Public Key Algorithms 1978: Merkle/Hellman (Knapsack), subsequently found to be insecure
1978:
1985: El Gamal (Discrete logarithm Problem)
1985:
1985: Miller/Koblitz (Elliptic curves)
1985:
1991: Digital Signature Standard (DSS) (Discrete logarithm Problem)
1991: And many others, too El Gamal Ell Gamal can be considered to be a generalization of DiffieHellman keyexchange
E
algorithm => still relies on the difficulty of doing discrete logarithm: y = x mod q
mod q is prime ;
is and x are +ve integers < q and is a primitive root of q and 0 < x < q1
and
is Public key = (y, , q) ; Private key = x
Public Encryption of plaintext message M (< q ):
Encryp...
View
Full
Document
This note was uploaded on 04/15/2013 for the course IE IERG4130 taught by Professor Zhangkehuan during the Spring '13 term at CUHK.
 Spring '13
 ZHANGKEHUAN

Click to edit the document details