SWE3002 – Information and

System Security
Module 3
MODULE –3: Elementary Cryptography

Number theory fundamentals

Principles of public key crypto systems
RSA algorithm
Diffie Hellman Key exchange
Need of public key cryptography
 To address 2 key issues
 1. Key distribution
 How to have secure communications in general without
having to trust a KDC with your key
 2. Digital signature
 How to verify a message comes intact from the claimed
sender
Principles of public key crypto systems
 public-key/two-key/asymmetric cryptography involves the use of
two keys:
 a public-key, which may be known by anybody, and can be
used to encrypt messages, and verify signatures
 a related private-key, known only to the recipient, used to
decrypt messages, and sign (create) signatures
 Infeasible to determine private key from public
 Asymmetric because
 those who encrypt messages or verify signatures cannot decrypt
messages or create signatures
Public key crypto systems
 A public-key encryption scheme has 6 ingredients
 Plaintext: This is the readable message or data that is fed
into the algorithm as input.
 Encryption algorithm: The encryption algorithm performs
various transformations on the plaintext.
 Public and private keys: This is a pair of keys that have
been selected so that if one is used for encryption, the
other is used for decryption.
Public key crypto systems

 Exact transformations performed by the algorithm

depend on public or private key that is provided as
input.
 Ciphertext: This is the encrypted message produced as
output. It depends on the plaintext and the key.
 For a given message, two different keys will produce two
different ciphertexts.
 Decryption algorithm: This algorithm accepts ciphertext
and matching key and produces original plaintext.
Symmetric VS Public key
Public key Cryptography
Public key crypto systems
 The essential steps are the following.
 1. Each user generates a pair of keys for encryption and
decryption of messages.
 2. Each user places one of the 2 keys in a public register
or other accessible file. This is public key. The
companion key is kept private.
 3. If Bob wishes to send a confidential message to Alice,
Bob encrypts the message using Alice’s public key.
Public key crypto systems
 When Alice receives the message, she decrypts it using
her private key. No other recipient can decrypt the
message because only Alice knows Alice’s private key.
 With this approach, all participants have access to
public keys, and private keys are generated locally by
each participant and therefore need never be
distributed.
 As long as a user’s private key remains protected and
secret, incoming communication is secure. At any time,
a system can change its private key and publish the
companion public key to replace its old public key.
Public key cryptosystem : Confidentiality
Public key cryptosystem : Confidentiality
 There is some source A that produces a message in plaintext, X = [X1, X2, …, XM].
 The M elements of X are letters in some finite alphabet.
 The message is intended for destination B.
 B generates a related pair of keys: a public key, PUb, and a private key, PRb .
 PRb is known only to B, whereas PUb is publicly available and therefore
accessible by A.
 With message X and the encryption key PUb as input,
 A forms the ciphertext Y = [Y1, Y2, …, YN]:
 Y = E(PRb , X)
 The intended receiver, in possession of the matching private key, is able to
invert the transformation:
 X = D(PRb ,Y)
Public key cryptosystem : Authentication
Public key cryptosystem : Authentication

 Here, A prepares a message to B and encrypts it using

A’s private key before transmitting it.
 B can decrypt the message using A’s public key.
 As the message was encrypted using A’s private key,
only A could have prepared the message.
 Entire encrypted message serves as a digital signature.
 In addition, it is impossible to alter the message without
access to A’s private key, so the message is
authenticated both in terms of source and in terms of
data integrity.
Public key cryptosystem : Authentication
and Secrecy
Public key cryptosystem : Authentication
and Secrecy
 It is possible to provide both the authentication function and
confidentiality by a double use of the public-key scheme (Figure
below):
 Z = E(PUb , E(PRa,X)) and X = D(PUa, D(PRb,Z))
 Here we begin by encrypting a message, using the sender’s private
key and this provides digital signature.
 Next, we encrypt again, using the receiver’s public key.
 The final ciphertext can be decrypted only by intended receiver,
who alone has the matching private key.
 Thus, confidentiality is provided.
Applications for Public-Key Cryptosystems
Public-key systems are characterized by
cryptographic algorithms with 2 keys, one is
private and one is public.
Depending on the application, the sender uses
either the sender’s private key or receiver’s
public key, or both, to perform some type of
cryptographic function.
Applications for Public-Key Cryptosystems

 We can use 3 kinds of public-key cryptosystems.

 Encryption/decryption: The sender encrypts a message with the
recipient’s public key, and recipient decrypts message with
recipient’s private key.
 Digital signature: Sender “signs” a message with its private key.
Signing is done by a cryptographic algorithm applied to message
or to a small block of data that is a function of the message.
 Key exchange: 2 sides cooperate to exchange a session key, which
is a secret key for symmetric encryption generated for use for a
transaction (or session) and valid for a short period of time.
 Some algorithms are suitable for all three applications, whereas
others can be used only for one or two of these applications.
Applications for Public-Key Cryptosystems