Computer Security
Week 21
Delivered by: Dr
Leila Musavian
[email protected]
Public-key cipher
• We consider a scenario when Alice wants to
send a confidential message to Bob
• Alice and Bob use two different keys
• Alice’s key is the public key: it is publicly
known. This key is used to encipher the
message.
• Bob’s key is the private key: only Bob knows it,
this key is used to decipher
• Also called asymmetric cipher
Keys and blocks
• In ciphers like DES, keys are just arrays of bits.
• In public-key cryptography, keys are parameters of
some complicated calculations, and they are not
necessarily arrays of bits.
• In ciphers like DES, a message is treated as a long
array of bits, and is split in blocks.
• In public-key cryptography, blocks are not necessarily
arrays of bits.
RSA
• RSA is a public-key cipher invented in the
1970s.
• It is still considered secure and is used in many
applications
Modular arithmetic
• This example is
modulo 7
• The numbers allowed
are 0 to 6
• After 6, numbers
“wrap around”
• 0 = 7 (mod 7)
• 3+3 = 6 (mod 7)
4+4 = 1 (mod 7)
0
6
1
5
2
4
3
Mock RSA
• This is a simplified version of RSA
• Bob finds three numbers e, d, n such that ed =
1 (mod n)
• e is for encryption, d is for decryption
• For example, e = 2, d = 3, n = 5
• Each block m in a message is a number
between 0 and n-1
Mock RSA
•
•
•
•
For example, e = 2, d = 3, n = 5
m is a number between 0 and n-1
To encrypt, calculate c = em modulo n
To decrypt, calculate dc = dem = 1m = m
modulo n
• Alice’s (public) key is the pair e and n
• Bob’s (private) key is the pair d and n
• Both keys are prepared by Bob
RSA
•
•
•
•
For example, e = 3, d = 7, n = 33
m is a number between 0 and n-1
To encrypt, calculate c = me modulo n
To decrypt, calculate cd = med modulo n = m
• Alice’s (public) key is the pair e and n
• Bob’s (private) key is the pair d and n
• Both keys are prepared by Bob
• Now say we want to encrypt the message m =
7
• c = me (mod n) = 73 (mod 33) = 343 (mod 33) =
13.
• Hence the ciphertext c = 13.
• To decrypt, we compute
m = cd (mod n) = 137 (mod 33) = 7.
RSA – Problem 1
Recall how the RSA works:
• The public key is a pair
e and n
• Bob’s private key is a pair
d and n
• To encrypt, calculate
c = me (mod n)
• To decrypt, calculate
cd = med = m1 = m (mod n)
Problem 1:
• Bob has published the
public key
e = 3, d = 4, n=11
• Use this public key to
encrypt a message
m=3, 5, 6, 8, 10,
• Can you decode using d?
RSA – Problem 3
• Recall how the RSA works:
• The public key is a pair
e and n
• Bob’s private key is a pair
d and n
• To encrypt, calculate
c = me (mod n)
• To decrypt, calculate
cd = med = m1 = m (mod n)
Problem 2:
• Bob has published the
public key
e = 317, n = 851.
• Alice has encrypted a
message
m = 111
using this key and obtained
an encrypted message
c = 148.
• Use this information to find
the private key.
RSA
• RSA is secure because it is difficult to find d
when n and e are known
• Of course, n, e and d should be larger than in
our example (say, 21000)
Man-in-the-middle attack
Alice
Bob
Alice and Bob work in the same company.
They want to use the RSA cipher to
communicate privately
Man-in-the-middle attack
Alice
Bob
Bob sends to Alice his public key by e-mail
Man-in-the-middle attack
Alice
Bob
Alice encrypts her message using the key that
she has received from Bob and sends an
encrypted message to Bob by e-mail
Man-in-the-middle attack
Eve
Alice
Bob
But after that, the system administrator Eve will
be able to decrypt Alice’s message. How did
Eve break the cipher?
Man-in-the-middle attack
Alice
Bob
Bob sends to Alice his public key by e-mail, and
he thinks that she has received this key. Alice
thinks that she receives a message from Bob.
But in reality…
Man-in-the-middle attack
Eve
Alice
Bob
Eve intercepts Bob’s message with his public
key and replaces Bob’s public key by Eve’s
public key.
Man-in-the-middle attack
Eve
Alice
Bob
Alice thinks that she sends a message
encrypted with Bob’s public key, but this is
Eve’s public key. Therefore, Eve can read this
message
Man-in-the-middle attack
Eve
Alice
Bob
Guess what else Eve should do if she wants to
continue reading Alice’s secret messages to
Bob?
Man-in-the-middle attack
Eve
Alice
Bob
Eve should decrypt Alice’s message using Eve’s
key, encrypt it using Bob’s key and forward it to
Bob
Message authentication
• Suppose I am sending a message to a remote
correspondent.
• How can I prove that this message comes from
me?
• Public key cryptography can be applied
Public-key cryptography
(as used for encryption)
Public key
Encrypted
text
Plain
text
Private key
Public-key cryptography
(as used for message authentication)
Public key
message
signature
Private key
Message authentication
• Alice publishes her public key (remember about the
man-in-the-middle attack!)
• Alice applies her private key to the message and
sends the result (the signature) to Bob
• Bob applies Alice’s public key to the signature and
sees that it coincides with the message
• Because only Alice knows her private key, only she
could have generated the signature.
Linear feedback shift register
XOR
• At each step, each bit is shifted by one position to the right
• The new value of the leftmost bit is calculated as an XOR of the bits
that stood at so-called tap positions
Linear feedback shift register
• For example, populate the register as follows:
00010110011010111
• Use the rightmost bit (1) as the first bit of the key
stream
• Find the bits in the tap positions and XOR their
values:
00010110011010111
• Shift the register:
?0001011001101011
• Provide a new value for the leftmost bit (as the
XOR of the bits that were in tap positions):
00001011001101011
Linear feedback shift register
• LFSRs can be used to produce a
pseudorandom key stream
• The length of the register and the choice of
the tap positions are important
• If they are chosen correctly, the LFSR will get
back to its original value only after it has taken
all other possible values
• Such an LFSR is called maximum-length
Sample exam questions
• Explain the difference between symmetric and
asymmetric ciphers.
• What are the relative advantages of each of
these types of cipher?
• Give an example of a public key cipher
• Show exactly (with formulas) how a message
is encrypted and decrypted in RSA