See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/371641373

Cryptography and Network Security Course Lessons

Presentation · February 2019

CITATIONS READS

0 1,143

1 author:

Asmelash Girmay
Mekelle University
6 PUBLICATIONS 1 CITATION

SEE PROFILE

All content following this page was uploaded by Asmelash Girmay on 19 June 2023.

The user has requested enhancement of the downloaded file.

 Cryptography and Network Security
Chapter 4: Public Key Cryptography and Hashing Functions

Asmelash Girmay
Department of Information Technology
 Public Key Cryptography
Also known as asymmetric cryptography – RSA, Diffie-Hellman, ElGamal, ECC
 Introduction
• Public key cryptography also know as two-keys cryptography or asymmetric
cryptography
• This type of cryptography can be used for confidentiality, authentication or both.
• It has two keys
1. Public key – it is known by anyone. It’s used for message encryption and signature
verifications
2. Private key – known only by the owner. It’s used for message decryption and signature
creation (signing)

• It is asymmetric because those who encrypt messages or verify signatures cannot

decrypt messages or create signatures.
2019-01-17 IT4201 Cryptography and Network Security 3
 Principles of Public Key Cryptosystems
• Developed to address two key issues associated with secret key cryptography
• Key distribution – how to make a secure communication without trusted KDC
• KDC stands for Key Distribution Center
• Digital signature – how to verify messages come from the claimed sender
• Public and private keys: This is a pair of related keys that have been selected so
that if one is used for encryption, the other is used for decryption
• It has plaintext as input, ciphertext as output, encryption algorithm, and decryption
algorithm like the secret key cryptography has.
• Que: compare and contrast secret key cryptography with public key cryptography.
• Note: Public cryptography requires number theory. Please revise it again.

2019-01-17 IT4201 Cryptography and Network Security 4

 Essential Steps
1. Each user generates a pair of keys
– private and public keys
2. Each user shall place the public
key in public register
3. If Bob wishes to send a
confidential message to Alice,
Bob encrypts the message using
Alice's public key.
4. When Alice receives the message,
she decrypts it with her private
key.
2019-01-17 IT4201 Cryptography and Network Security 5
 Public Key Cryptography Notations
• Source, say Alice, generates the plaintext P
• Bob with related keys, PRbob and PUbob, where PRbob is known only to
Bob.
• Alice gets PUbob from the public key registry.
• Alice computes Ciphertext, C = E (PUbob, P) and sends it to Bob.
• Bob then decrypts the ciphertext to get the original plaintext as
• Plaintext, P = D (PRbob, C)

2019-01-17 IT4201 Cryptography and Network Security 6

 Public Key Cryptography Applications
• Applications of public key cryptography are categorized into three:
1. Encryption and decryption – to provide confidentiality
2. Digital signatures – to provide authentication
3. Key exchanges – to exchange session keys
• Some algorithms are suitable for all uses, while others are specific to
one of them.
• It is much secure than the secret key cryptography though slow in
processing. Thus, recommended to use for the two last applications.

2019-01-17 IT4201 Cryptography and Network Security 7

 Public Key Cryptography Applications…

Confidentiality Authentication

2019-01-17 IT4201 Cryptography and Network Security 8

 Public Key Cryptography Applications…

Confidentiality

2019-01-17 IT4201 Cryptography and Network Security 9

 Apps: Distribution of Public Keys
• Users’ public keys can be distributed using one of the following:
1. Public announcements
• Broadcast using emails or related announcements
• Vulnerable for forgery
2. Public available directory
• Better trusted with entry details, which contains {name, public-key}
• With secure, periodically updating directory
3. Public-key authority
• Users know the public key of the directory. Check for steps on online resources
4. Certificate authority
• In public key authority each time the user must appeal to the authority for a public key

2019-01-17 IT4201 Cryptography and Network Security 10

 Apps: Distribution of Public Keys…

Public-Key Authority Certificate Authority

2019-01-17 IT4201 Cryptography and Network Security 11

 Apps: Simple Secret Key Distribution
• Alice generates a public/private key pair {PUAlice, PRAlice} and transmits a
message to Bob consisting of PUAlice and an identifier of Alice, IDAlice.
• Bob generates a secret key, K, and transmits it to Alice, encrypted with
Alice's public key as E(PUAlice, K)
• Alice computes D(PRAlice, E(PUAlice, K)) to recover the secret key, K.
Because only Alice can decrypt the message, only Alice and Bob will
know the identity of K.
• Alice discards PUAlice and PRAlice and Bob discards PUAlice.
2019-01-17 IT4201 Cryptography and Network Security 12
 RSA Cryptosystem
• By Rivest, Shamir & Adleman of MIT in 1977
• It is best known and widely used public-key scheme
• Based on exponentiation in a finite field over integers modulo a prime
• Uses large integers (e.g., 1024 bits)
• Security due to cost of factoring large numbers

2019-01-17 IT4201 Cryptography and Network Security 13

 RSA: Algorithm Description
• Makes use of an expression with exponentials
• Plaintext is encrypted in blocks
• With each block having a binary value less than some number n
• For some plaintext block M and ciphertext block C:
• C = Me mod n
• M = Cd mod n = (Me)d mod n = Med mod n
• Both sender and receiver must know the value of n

2019-01-17 IT4201 Cryptography and Network Security 14

 RSA: Algorithm Description…
• The sender knows the value of e, and only the receiver knows the value
of d
• Thus, this is a public-key encryption algorithm with
• Public key, PU = {e, n}
• Private key, PR = {d, n}
• It is infeasible to determine d given e and n

2019-01-17 IT4201 Cryptography and Network Security 15

 RSA: Key Setup
• Each user generates a public/private key pair by:
• Selecting two large primes at random - p, q
• Computing their system modulus n=p.q
• Note ø(n)=(p-1)(q-1)
• Selecting at random the encryption key e
• Where 1<e<ø(n), gcd(e,ø(n))=1
• Solve following equation to find decryption key d
• E.d Ξ 1 mod ø(n) and 0≤d≤n
• Publish their public encryption key: PU={e, n}
• Keep secret private decryption key: PR={d, n}

2019-01-17 IT4201 Cryptography and Network Security 16

 RSA: Algorithm

2019-01-17 IT4201 Cryptography and Network Security 17

 RSA: Algorithm…

2019-01-17 IT4201 Cryptography and Network Security 18

 RSA: Example Key Setup
1. Select primes: p=17 & q=11
2. Compute n = pq =17 x 11=187
3. Compute ø(n)=(p–1)(q-1)=16 x 10=160
4. Select e: gcd(e,160)=1; choose e=7
5. Determine d: de=1 mod 160 and d < 160 Value is d=23 since
23x7=161= 10x16+1
6. Publish public key PU={7,187}
7. Keep secret private key PR={23,187}

2019-01-17 IT4201 Cryptography and Network Security 19

 RSA: Example Encryption/Decryption
• Sample RSA encryption/decryption is:
• Given message M = 88 (nb. 88<187)
• Encryption:
C = 887 mod 187 = 11
• Decryption:
M = 1123 mod 187 = 88

Exercise: given that p = 11, q = 3, e = 3, find N, d, PU, and PR. Then

encrypt the message, m = 7.

2019-01-17 IT4201 Cryptography and Network Security 20

 RSA: Key-Length Strength
• RSA has challenges for different key-lengths
• RSA-140
• Factored in 1 month using 200 machines in 1999
• RSA-155 (512-bit)
• Factored in 3.7 months using 300 machines in 1999
• RSA-160
• Factored in 20 days in 2003
• RSA-200
• Factored in 18 month in 2005
• RSA-210, RSA-220, RSA-232, … RSA-2048
Lab 5 – RSA implementation using C
2019-01-17 IT4201 Cryptography and Network Security 21
 RSA Security

• Possible approaches to attacking RSA are:

• Brute force key search (infeasible given size of numbers)

• Mathematical attacks (based on difficulty of computing ø(n), by factoring

modulus n)

• Timing attacks (on running of decryption)

• Chosen ciphertext attacks (given properties of RSA)

2019-01-17 IT4201 Cryptography and Network Security 22

 Diffie-Hellman Cryptosystem
• The Diffie-Hellman public key cryptosystem predates RSA and is in fact the oldest
public key system still in use.
• It does neither encryption nor signature. It’s used for shared secret key exchanges.

• Once secret key is exchanged using Diffie-Helman, communicating parties can use
secret-key cryptography for communications.
• The limitation with this algorithm is that it doesn’t have an authenticating.

2019-01-17 IT4201 Cryptography and Network Security 23

 Diffie-Hellman Algorithm
• Using the assumption that Alice and Bob wants to exchange a shared key,
1. Alice and Bob agree on a prime number, p and a base g, in advance,
• For example: p = 23 and g = 5
2. Alice and Bob choose their own random numbers, RA and RB, that only known for the owner
• Alice: PRAlice = 7 and Bob: PRBob = 3
3. Compute respective public keys using p, g, and PRs and exchange between each other
• PUAlice: 57 mod 23 = 17; PUBob: 53 mod 23 = 10
4. Both computes the shared secret key using:
• Alice: 107 mod 23 = 14; Bob: 173 mod 23 = 14. Shared key exchanged!

• Dear Bob, I’d like our prime to be 128903289023 and g to be 23489. Love, Alice

2019-01-17 IT4201 Cryptography and Network Security 24

 Diffie-Hellman Algorithm…
• Analogy:

2019-01-17 IT4201 Cryptography and Network Security 25

 Summary of Diffie-Hellman Algorithm

2019-01-17 IT4201 Cryptography and Network Security 26

 Diffie-Hellman Security
• Security confidence of Diffie-Helman is on the properties of the prime
number.
• The prime number shall be large number
• It is also advisable to use a prime, p with property of (p-1) / 2 be another prime.
• Example: a prime 5 has (5-1)/2 = 2, which is another prime.

2019-01-17 IT4201 Cryptography and Network Security 27

 ElGamal Cryptosystem
• A variant of the Diffie-Hellman key distribution scheme, allowing secure
exchange of messages
• It is based on discrete logarithm
• It is published in 1985 by ElGamal
• Like Diffie-Hellman its security depends on the difficulty of factoring
logarithms
• ElGamal cryptosystem, called Elliptic Curve Variant, is based on the Discrete
Logarithm Problem.

2019-01-17 IT4201 Cryptography and Network Security 28

 ElGamal Cryptosystem: Key Generation
• Each user of ElGamal cryptosystem generates the key pair through as follows −
• Choosing a large prime, n:
• Generally a prime number of 1024 to 2048 bits length is chosen.

• Choosing a generator element, g:

• This number must be between 1 and n − 1, but cannot be any number.
• It is a generator of the multiplicative group of integers modulo n.
• This means for every integer m co-prime to n, there is an integer k such that gk = a mod n.
• For example, 3 is generator of group 5 (Z5 = {1, 2, 3, 4}).

2019-01-17 IT4201 Cryptography and Network Security 29

 ElGamal Cryptosystem: Key Generation…
• Choosing the private key, x: • Example:
• Suppose that n = 17 and g = 6
• The private key x is any number bigger
• Note: 6 is the generator of Z17
than 1 and smaller than n−1.
• Generate a random number for the
• Computing part of the public key, y: private key, x, such that 1 < x < n-1
• x=5
• The value y is computed from the
• Compute the public key, y:
parameters n, g and the private key x as
• y = gx mod n
• y = gx mod n • y = 65 mod 17
• Obtaining Public key: • y=7

• The ElGamal public key consists of the • Thus, the public key is {17, 6, 7}
three parameters n, g, y. • And, private key is {5, 17}

2019-01-17 IT4201 Cryptography and Network Security 30

 ElGamal Cryptosystem: Encipher & Decipher

Encryption Example
• Use the public key (n, g, y) of the • Using the public key {17, 6, 7}
other party to encrypt messages. • K = 10 and plaintext, P < n. P = 13
• Sender represents the plaintext as a • C1 = 610 mod 17
series of numbers modulo n. • C1 = 15
• Randomly generate a number k; • C2 = (13*710) mod 17
Compute two values C1 and C2: • C2 = 9
• C1 = gk mod n
• Send C = C1, C2 = 15, 9.
• C2 = (P*yk) mod n
• Send the ciphertext C = C1, C2

2019-01-17 IT4201 Cryptography and Network Security 31

 ElGamal Cryptosystem: Encipher & Decipher…

Decryption Example
• Two steps to decrypt the ciphertext C • Using the private key {5, 17} and recieved
= C1, C2 using the private key, x: ciphertext C = C1, C2 = 15, 9:
• First calculate (C1)-x mod n
• To get the Plaintext, P
• 15-5 mod 17 = r*155 = 1 (mod 17)
• P = C2 × (C1)-x mod n
• Find r,
• P= [((C1)-x mod n) * C2] mod n • r = 1, 155 mod 17 = 2. No!
• (C1)-x mod n is a modular inverse of (C1)x • r = 2, 2*155 mod 17 = 4. No! …
mod n. It is called decryption factor. • r = 9, 9*155 mod 17 = 1. Yes!
• It can be calculated as: • P = C2 * r mod 11 = 9*9 mod 17
• r* (C1)x = 1 (mod n). Find r. • P = 81 mod 11 = 13!

2019-01-17 IT4201 Cryptography and Network Security 32

 Elliptic Curve Cryptography (ECC)
• Elliptic Curve Cryptography (ECC) is a term used to
describe a suite of cryptographic tools and protocols
whose security is based on special versions of the
discrete logarithm problem.
• It does not use numbers modulo n.
• ECC is based on sets of numbers that are associated
with mathematical objects called elliptic curves.
• An elliptic curve is a set of points on the coordinate
plane satisfying an equation of the form y2 + axy + by
= x3 + cx2 + dx+ e.

2019-01-17 IT4201 Cryptography and Network Security 33

 Hashing Functions
Hash function, cryptographic hashing functions, MAC, digital signatures, SHA, MD5
 Hashing Function
• A hash function H accepts a variable-length block of data as input and
produces a fixed-size hash value .
• It is one way function {0, 1}# -> {0, 1}#
• Easy to compute
• Hard to invert
• E.g., Phone book
• Hash function {0, 1}# -> {0, 1}n
• One way function to a fixed length

2019-01-18 IT4201 Cryptography and Network Security 35

 Hashing Function: Properties
• Preimage resistance
• Given y, it is hard to find an x, such that h(x) = y.

• Second preimage resistance

• Given x and y = h(x), it is hard to find x’  x, such that
h(x) = h (x’).

• Collision resistance
• It is hard to find any x, x’ such that h(x) = h(x’)

• Avalanche effect
• When an input changes slightly, the output changes
significantly

2019-01-18 IT4201 Cryptography and Network Security 36

 Hashing Function: Use Cases
1. Hash table 4

2. Hash chains
1
3. Hash trees
4. Checksums 3 2
• Challenge
Response
Authentication
Mechanism
(CRAM)

2019-01-18 IT4201 Cryptography and Network Security 37

 Hashing Function: Implementations

Message Digest V5 (MD5) Secure Hash Algorithm (SHA-1)

2019-01-18 IT4201 Cryptography and Network Security 38

 Cryptographic Hashing Function
• The kind of hash function needed for
security applications
• It is used to protect data integration
• See the figure to the right
• Block Diagram of Cryptographic Hash
Function; h = H(M)

2019-01-18 IT4201 Cryptography and Network Security 39

 Cryptographic Hashing Function: Apps
1. Message Authentication
2. Digital Signatures
3. Other applications
• One-way password file
• Intrusion detection
• Virus detection
• Psudonumber generator

2019-01-18 IT4201 Cryptography and Network Security 40

 Message Authentication
• It is a mechanism or service used to verify the integrity of a message
• Message authentication assures that data received are exactly as sent (i.e., contain no modification,
insertion, deletion, or replay).
• In message authentication, the hash function value is referred to as a message digest.

b
a

d
c

2019-01-18 IT4201 Cryptography and Network Security 41

 Message Authentication…
• Message authentication is concerned with:
• Protecting the integrity of a message
• Validating identity of originator
• Non-repudiation of origin (dispute resolution)
• Three alternative functions used:
• Message encryption
• Message authentication code (MAC)
• Hash function

2019-01-18 IT4201 Cryptography and Network Security 42

 Message Authentication Requirements
The following attacks can be identified
• Disclosure: Release of message contents
• Traffic analysis: Discovery of the pattern of traffic between parties
• Masquerade: Insertion of messages into the network from a fraudulent source
• Content modification:
• Sequence modification:
• Timing modification: Delay or replay of messages
• Source repudiation: Denial of transmission of message by source
• Destination repudiation: Denial of receipt of message by destination.
• By authenticating messages, we can protect the above mentioned attacks

2019-01-18 IT4201 Cryptography and Network Security 43

 Message Authentication Code (MAC)
• MAC is also known as keyed hash function
• MACs are used between two parties that share a secret key to authenticate information exchanged between
those parties.

2019-01-18 IT4201 Cryptography and Network Security 44

 Message Authentication Code (MAC)…
• Generated by an algorithm that creates a small fixed-sized block
• Depending on both message and some key
• Like encryption though need not be reversible
• Appended to message as a signature. Note that MAC is not a digital signature.
• Receiver performs same computation on message and checks it matches the MAC
• Provides assurance that message is unaltered and comes from sender

Key:
M= input message
C = MAC function
K = shared secret key

2019-01-18 IT4201 Cryptography and Network Security 45

 MAC Properties and Requirements
• A MAC is a cryptographic checksum, MAC = CK(M)
• Condenses a variable-length message M using a secret key K to a fixed-sized
authenticator.
• It is a many-to-one function
• Potentially many messages have same MAC
• But finding these needs to be very difficult
• Requirements:
1. Knowing a message and MAC, is infeasible to find another message with the same MAC
2. MACs should be uniformly distributed
3. MAC should depend equally on all bits of the message

2019-01-18 IT4201 Cryptography and Network Security 46

 Digital Signatures
• Have looked at message authentication
• but does not address issues of lack of trust
• Digital signatures provide the ability to:
• Verify author, date & time of signature
• Authenticate message contents
• Be verified by third parties to resolve disputes
• Hence include authentication function with additional capabilities

2019-01-18 IT4201 Cryptography and Network Security 47

 Digital Signature Properties
• Must depend on the message signed
• Must use information unique to sender
• To prevent both forgery and denial
• Must be relatively easy to produce
• Must be relatively easy to recognize & verify
• Be computationally infeasible to forge
• With new message for existing digital signature
• With fraudulent digital signature for given message
• Be practical save digital signature in storage

2019-01-18 IT4201 Cryptography and Network Security 48

 Direct Digital Signatures
• Involve only sender & receiver
• Assumed receiver has sender’s public-key
• Digital signature made by sender signing entire message or hash with
private-key
• Can encrypt using receivers public-key
• Important that sign first then encrypt message & signature
• Security depends on sender’s private-key

2019-01-18 IT4201 Cryptography and Network Security 49

 Arbitrated Digital Signatures
• Involves use of arbiter A
• Validates any signed message
• Then dated and sent to recipient
• Requires suitable level of trust in arbiter
• Can be implemented with either private or public-key algorithms
• Arbiter may or may not see message

2019-01-18 IT4201 Cryptography and Network Security 50

 Hash Functions
Simple Hash Functions
• There are several proposals for simple functions
• They are based on XOR of message blocks
• Not secure since can manipulate any message and either not change hash or
change hash also
• Need a stronger cryptographic function
The Famous Hash Functions
• MD5
• SHA

2019-01-18 IT4201 Cryptography and Network Security 51

 SHA-1: SHA-1 Logic
1. Append padding bits: pad message so its length is 448 mod 512
2. Append length: append a 64-bit length value to message
3. Initialize MD buffer: initialise 5-word (160-bit) buffer (A,B,C,D,E) to
(67452301, efcdab89, 98badcfe, 10325476, c3d2e1f0)
4. Process message in 512-bit (16-word) blocks:
• Expand 16 words into 80 words by mixing & shifting
• Use 4 rounds of 20 bit operations on message block & buffer
• Add output to input to form new buffer value
5. Output: output hash value is the final buffer value

2019-01-18 IT4201 Cryptography and Network Security 52

 SHA-1 Compression Function
• Each round has 20 steps which replaces the 5 buffer words thus:
(A,B,C,D,E) <-(E+f(t,B,C,D)+S5(A)+Wt+Kt),A,S30(B),C,D)

• A,B,C,D,E refer to the 5 words of the buffer

• t is the step number, 0 t 79
• f(t,B,C,D) is nonlinear function for round
• Wt is derived from the message block

• Kt is an additive constant value

• Sk is circular left shift by k bits

2019-01-18 IT4201 Cryptography and Network Security 53

 SHA-1 Compression Function…
General Structure of Secure Hash Code

2019-01-18 IT4201 Cryptography and Network Security 54

 SHA-1 Compression Function…

2019-01-18 IT4201 Cryptography and Network Security 55

 SHA-1 Compression Function…

2019-01-18 IT4201 Cryptography and Network Security 56

 SHA-1: 80-word Input Sequence
• Wt=S1(Wt-16Wt-14 Wt-8 Wt-3)

2019-01-18 IT4201 Cryptography and Network Security 57

 SHA vs MD5

2019-01-18 IT4201 Cryptography and Network Security 58

 The End ☺
View publication stats