Diffie and
Hellman in
1976
based on
mathematical
functions
asymmetric
•
uses two
separate keys
•
public key and
private key
•
public key is
made public for
others to use
some form of
protocol is
needed for
distribution
2017
컴퓨터보안
52
plaintext
readable message or data that
is fed into the algorithm as
input
encryption algorithm
performs transformations on
the plaintext
public and private key
pair of keys, one for
encryption, one for decryption
ciphertext
scrambled message produced
as output
decryption key
produces the original
plaintext
2017
컴퓨터보안
53
Table 2.3
Applications for Public
-
Key Cryptosystems
2017
컴퓨터보안
54
computationally easy to
create key pairs
computationally easy
for sender knowing
public key to encrypt
messages
computationally easy
for receiver knowing
private key to decrypt
ciphertext
computationally
infeasible for opponent
to determine private key
from public key
computationally
infeasible for opponent
to otherwise recover
original message
useful if either key can
be used for each role
2017
컴퓨터보안
55
RSA (
Rivest
,
Shamir,
Adleman
)
developed in 1977
most widely
accepted and
implemented
approach to public-
key encryption
block cipher in which
the plaintext and
ciphertext are
integers between 0
and
n
-1 for some
n
.
Diffie
-
Hellman
key exchange
algorithm
enables two users to securely reach
agreement about a shared secret that
can be used as a secret key for
subsequent symmetric encryption of
messages
limited to the
exchange of the keys
Digital Signature
Standard (DSS)
provides only a
digital signature
function with SHA-1
cannot be used for
encryption or key
exchange
Elliptic curve
cryptography
(ECC)
security like RSA, but
with much smaller
keys
2017
컴퓨터보안
56
RSA Public-Key Encryption
by Rivest, Shamir & Adleman of MIT in 1977
best known and widely used public-key algorithm
uses exponentiation of integers modulo a prime
encrypt:
C
=
M
e
mod
n
decrypt:
M
=
C
d
mod
n
= (
M
e
)
d
mod
n
=
M
both sender and receiver know values of
n
and
e
only receiver knows value of
d
public-key encryption algorithm with
public key
PU
= {
e
,
n
} and private key
PR
= {
d
,
n
}.
2017
컴퓨터보안
57
RSA
Algorithm
58
RSA Example
2017
컴퓨터보안
59
Security of RSA
•
trying all possible private keys
•
defense is to use a large key space, however this slows speed of execution
brute force
•
several approaches, all equivalent in effort to factoring the product of two
primes
mathematical attacks
•
depend on the running time of the decryption algorithm
•
comes from a completely unexpected direction and is a ciphertext-only attack
•
countermeasures: constant exponentiation time, random delay, blinding
timing attacks
•
attack exploits properties of the RSA algorithm
chosen ciphertext attacks
2017
컴퓨터보안
60
Table 21.2
Progress in Factorization
2017
컴퓨터보안
61
Diffie-Hellman Key Exchange
first published public-key algorithm
by Diffie and Hellman in 1976 along with the exposition
of public key concepts
used in a number of commercial products
practical method to exchange a secret key securely that
can then be used for subsequent encryption of messages
security relies on difficulty of computing discrete
logarithms
2017
컴퓨터보안
62
Diffie-Hellman
Key
Exchange
Algorithm
