Chapter - Four

Public Key Cryptography

1
 Outline
• Asymmetric Encryption
• Public and Private Keys
• Public Key Cryptography and RSA
• RSA Security
• The Diffie-Hellman algorithm for exchanging session keys
• Socket Programming using TCP
• Diffie-Hellman key exchange application using Java

2
 Asymmetric Encryption

• When data is encrypted with

one key, the other key must
Encrypt Decrypt
be used to decrypt the data
– And vice versa

Decrypt Encrypt

3
 Public and Private Keys
• With asymmetric encryption each user can be assigned a
key pair: a private and public key

Private key is Public key is

known only to given away to
owner the world

4
 Public and Private keys…

• Anything encrypted with the

private key can only be
decrypted with the public
Encrypt
key
• And vice versa
• Since the private key is
known only to the owner,
this is very powerful…
• Overcomes the problem of Decrypt
looking for secured channel.

5
 Public Key Cryptography…

Public key Cryptography

• One of the encryption or decryption key is made public
depends on the use of the key.
 If Abe wants to send a confidential message to Selam
 He encrypts the message using Selam’s public key
 Send the message
 Selam will then decode it using her own private key
 On the other hand, if Selam needs to make sure that a message
sent by Abe really comes from him, how can she make that?

6
 Public Key Cryptography…

• Using digital signature

 Abe has to first encrypt a digital signature using his private key.
 Then encrypt the message (signature included) with Selam’s
public key.
 Send the encrypted message to Selam.
 Selam decrypts the message using her private key.
 Selam then decrypts the signature using Abe’s public key.
 If successful, she insures that it comes from Abe.

7
 Public Key Cryptography…
• Party A, if wanting to communicate confidentially with party B, can
encrypt a message using B’s publicly available key.
• Such a communication would only be decipherable by B as only B
would have access to the corresponding private key.

Party A wants to send a message to Party B

8
 Public Key Cryptography…
• Party A, if wanting to send an authenticated message to party B,
would encrypt the message with A’s own private key.
• Since this message would only be decipherable with A’s public key,
that would establish the authenticity of the message — meaning that
A was indeed the source of the message.
Party A wants to send a message to Party B

9
 Public Key Cryptography…
• The communication link shows how public-key encryption can be
used to provide both confidentiality and authentication at the same
time.
– Confidentiality means that we want to protect a message from eavesdroppers.
– Authentication means that the recipient needs a guarantee as to the identity of
the sender.

10
 Public Key Cryptography…

• A’s public and private keys are designated PUA and PRA.
• B’s public and private keys are designated PUB and PRB.
• As shown above, let’s say that A wants to send a message M to B with
both authentication and confidentiality.
• The processing steps undertaken by A to convert M into its encrypted
form C that can be placed on the wire are:
C = E (PUB, E (PRA, M))
– where E() stands for encryption.
• The processing steps undertaken by B to recover M from C are
M = D(PUA, D(PRB, C))
– where D() stands for decryption.
11
 Public Key Cryptography…
• The sender A encrypting his/her message with its own private
key PRA provides authentication.

• This step constitutes A putting his/her digital signature on the

message.

– Instead of applying the private key to the entire message, a sender may
also “sign” a message by applying his/her private key to just a small block
of data that is derived from the message to be sent.

• The sender A further encrypting his/her message with the

receiver’s public key PUB provides confidentiality.

12
 Public Key Cryptography: classification
• We can classify the use of public-key cryptosystems into
three categories:
• Encryption/decryption: The sender encrypts a message with
the recipient's public key.
• Digital signature: The sender "signs" a message with its private
key.
– Signing is achieved by a cryptographic algorithm applied to the
message or to a small block of data that is a function of the message.
• Key exchange: Two sides cooperate to exchange a session
key.
– Several different approaches are possible, involving the private key(s)
of one or both parties.
• Digital Certificate: Used to authenticate web servers, users,
13
software, etc…
 Public Key Cryptography and RSA
RSA

• RSA is from Rivesh, Shamir and Aldermen

• Principle: No mathematical method is yet known to efficiently find
the prime factors of large numbers.
• In RSA, the private and public keys are constructed from very large
prime numbers (consists of hundred of decimal digits) One of the
keys can be made public.
• Breaking RSA is equivalent to finding the prime factors: this is
know to be computationally infeasible. (NP-hard)
• It is only the person who has produced the keys from the prime
number can easily decrypt the messages.
14
 Asymmetric RSA

• The RSA algorithm

- Used for both public key encryption and digital signatures.
- Security is based on the difficulty of factoring large integers.
• Major Activities
- Key Generation
- Encryption
- Digital signature
- Decryption
- Signature verification
15
 Asymmetric RSA
Key Generation Algorithm

1. Generate two large random primes, p and q

2. Compute n = pq and (φ) phi = (p-1)(q-1)
3. Choose an integer e, 1 < e < φ, such that gcd(e, phi) = 1
4. Compute the secret exponent d, 1 < d < φ, such that
d = e-1 mod φ , i.e. φ divides (ed-1)
5. The public key is (n, e) and the private key is (n, d).
 Keep all the values d, p, q and φ secret
 n is known as the modulus
 e is known as the public exponent or encryption exponent
 d is known as the secret exponent or decryption exponent.
16
 Asymmetric RSA
Encryption and Decryption
Encryption
• Sender A does the following
- Obtains the recipient B's public key (n, e)
- Represents the plaintext message as a positive integer m
- Computes the ciphertext c = me mod n
- Sends the ciphertext c to B

Decryption
• Recipient B does the following
- Uses his private key (n, d) to compute m = cd mod n
- Extracts the plaintext from the message representative m 17
 Asymmetric RSA
Digital signature and signature verification
Digital signature
• Sender A does the following
- Creates a message digest of the information to be sent
- Represents this digest as an integer m between 0 and n - 1
- Uses his/her private key (n, d) to compute the signature
s = md mod n.
- Sends this signature s to the recipient, B.
Signature verification
• Recipient B does the following
- Uses sender A's public key (n, e) to compute integer v = se mod n
- Extracts the message digest from this integer
- Independently computes the message digest of the information that has been
signed
18
- If both message digests are identical, the signature is valid
 Asymmetric RSA
Key Generation example
1. Select primes p=11, q=3.
2. n = pq = 11*3 = 33
phi = (p-1)(q-1) = 10*2 = 20
3. Choose e=3
Check gcd(e, p-1) = gcd(3, 10) = 1 (i.e. 3 and 10 are relatively
prime - have no common factors except 1) and check gcd(e, q-1) =
gcd(3, 2) = 1,
therefore gcd(e, phi) = gcd(e, (p-1)(q-1)) = gcd(3, 20) = 1
4. Compute d (1<d<phi) such that d = e-1 mod phi = 3-1 mod 20
i.e. find a value for d such that phi divides ed-1 (20 divides 3d-1)
Simple testing (d = 2, 3 ...) gives d = 7
Check: ed-1 = 3*7 - 1 = 20, which is divisible by phi (20).
5. Public key = (n, e) = (33, 3)
Private key = (n, d) = (33, 7)
19
 Asymmetric RSA
Encryption and Decryption example

• Given
Public key = (n, e) = (33, 3)
Private key = (n, d) = (33, 7)

Encryption
• Now say we want to encrypt the message m = 7
- c = me mod n = 73 mod 33 = 343 mod 33 = 13
- Hence the ciphertext c = 13

Decryption
• To check decryption we compute
- m = cd mod n = 137 mod 33 = 7
20
 RSA algorithm example

Typical values of e are 3, 17, and 65537 (=216+1)

21
 RSA Example - Key Setup

1. Select primes: p=17 & q=11

2. Calculate n = pq =17 x 11=187
3. Calculate ø(n)=(p–1)(q-1)=16x10=160
4. Select e: gcd(e,160)=1; choose e=7
5. Determine d: de=1 mod 160 and d < 160
Value is d=23 since 160 divides 7x23-1
6. Publish public key PU={7,187}
7. Keep secret private key PR={23,187}

22
 RSA Example 3 - En/Decryption

sample RSA encryption/decryption is:

given message M = 88 (nb. 88<187)
encryption:
C = 887 mod 187 = 11
decryption:
M = 1123 mod 187 = 88

23
 RSA
Algorithm
Summary

24
 The Security of RSA

• Approaches to attack the RSA algorithm are:

• Brute force: This involves trying all possible private keys.

• Mathematical attacks: There are several approaches, all

equivalent in effort to factoring the product of two primes.
– Factor n into its two prime factors. This enables calculation of ø(n)
= (p-1) x (q-1), which, in turn, enables determination of d = e-1
(mod ø(n)).

– Determine ø(n) directly, without first determining p and q. Again,

this enables determination of d = e-1 (mod ø(n)).

– Determine d directly, without first determining ø(n).

25
 Speed of RSA
• In hardware, RSA is about 1000 times slower
than DES.

• Manufacturers have also implemented RSA in

smart cards; these implementations are slower.

• In software, DES is about 100 times faster than

RSA.

26
The Diffie-Hellman Algorithm for generating
a shared secret session key

• The first public key scheme was invented by Diffie and

Hellman.
• Though it could not be used to send messages, it could
establish secret keys for use in secret key
cryptosystems.
• An eavesdropper “tapping the line” would be unable to
determine what the generated key was.

27
Diffie-Hellman Key Exchange Algorithm
• a public-key distribution scheme
– cannot be used to exchange an arbitrary message
– rather it can establish a common key
– known only to the two participants
• value of key depends on the participants (and their
private and public key information)
• based on exponentiation in a finite field (modulo a
prime or a polynomial) - easy
• security relies on the difficulty of computing discrete
logarithms (similar to factoring) – hard

28
The Diffie-Hellman Algorithm for generating
a shared secret session key
• The pair of numbers (q, α) is public.
• This pair of numbers may be used for several runs of the
protocol.
• These two numbers may even stay the same for a large
number of users for a long period of time.
• Subsequently, A and B use the algorithm described below
to calculate their public keys that are then made available
by each party to the other:
– We will denote A’s and B’s private keys by XA and XB.
– And their public keys by YA and YB.
– In other words, X stands for private and Y for public.
29
The Diffie-Hellman Algorithm for generating
a shared secret session key
• A selects a random number XA from the set {1, 2, . . . , q − 2}
to serve as his/her private key.
• A then calculates a public-key integer YA that is guaranteed to
exist:
YA = αXA mod q
• A makes the public key YA available to B.
• Similarly, B selects a random number XB from the set
{1, 2, . . . , q − 2} to serve as his/her private key.
• B then calculates an integer YB that serves his/her public key:
YB = αXB mod q
• B makes the public-key YB available to A. 30
The Diffie-Hellman Algorithm for generating
a shared secret session key
• A now calculates the secret key K from his/her private
key XA and B’s public key YB :

K = (YB)XA mod q

• B carries out a similar calculation for locally generating

the shared secret key K from his/her private key XB
and A’s public key YA :

K = (YA)XB mod q

31
 Diffie-Hellman Key Exchange

• shared session key for users A & B is KAB:

xA.xB
KAB = α mod q
x
= yA B mod q (which B can compute)
xA
= yB mod q (which A can compute)
• KAB is used as session key in private-key encryption
scheme between Alice and Bob
• if Alice and Bob subsequently communicate, they will
have the same key as before, unless they choose new
public-keys

32
 Diffie-Hellman Example
• users Alice & Bob who wish to swap keys:
• agree on prime q=353 and α=3
• select random secret keys:
– A chooses xA=97, B chooses xB=233
• compute public keys:
97
– yA=3 mod 353 = 40 (Alice)
233
– yB=3 mod 353 = 248 (Bob)
• compute shared session key as:
xA 97
KAB= yB mod 353 = 248 mod 353= 160 (Alice)
xB 233
KAB= yA mod 353 = 40 mod 353= 160 (Bob)
33
 The Diffie-Hellman Algorithm with key
exchange

• The seemingly magical thing about the DH protocol is

that:
– an eavesdropper having access to the public keys for both A
and B would still not be able to figure out the secret key K.
– it allows two parties A and B to create a shared secret K
without either party having to send it directly to the other.

34
 The Diffie-Hellman Algorithm Security

• The difficulty of determining the secret shared key K from the

publicly available q, α , YA, and YB is sometimes referred to as
the Computational Diffie-Hellman Assumption.

• Is this enough to compute the K value? No! In order to compute

K, the eavesdropper must do either of two things:
– Raise αXA to the XB power (mod q), which he cannot do because
he does not know XB, or
– Raise αXB to the XA power (mod q), which he cannot do because
he does not know XA.

35
 The Diffie-Hellman Algorithm Security

• Even if you accept the security of DH on the basis of the diffi-

culty of solving the discrete logarithm problem, the DH protocol
possesses a number of vulnerabilities.
• If interested, see the publication “Security Issues in the Diffie-
Hellman Key Agreement Protocol” by Raymond and Stiglic for a
list of these vulnerabilities.
• One of the most serious vulnerabilities of DH is man-in-the-
middle attack.

36
 Processes communication
Process: program running
within a host.
• within same host, two Client process: process that
processes communicate initiates communication
using inter-process Server process: process that
communication (defined by waits to be contacted
OS).
• processes in different hosts
communicate by
exchanging messages

37
 Sockets
host or host or
• process sends/receives client server
messages to/from its socket
controlled by
• socket analogous to door app developer
process process
– sending process gives message
out door socket socket
TCP with TCP with
– sending process relies on buffers, Internet buffers,
transport infrastructure on variables variables
other side of door which brings
message to socket at receiving
process controlled
by OS

38
 Addressing processes
• to receive messages, • identifier includes both IP
process must have address and port numbers
identifier associated with process on
• host device has unique 32- host.
bit IP address • Example port numbers:
• Q: does IP address of – HTTP server: 80
host on which process runs – Mail server: 25
suffice for identifying the
• to send HTTP message to a
process?
web server with IP
– A: No, many processes address:217.110.45.12, we
can be running on same use:
host

– 217.110.45.12:80 39
 Socket Addresses

 process-to-process  a transport-layer protocol needs a

delivery needs two pair of socket addresses:
addresses:  the client socket address and
 IP address and  the server socket address
 port number at
each end  the IP header contains the IP
address; the UDP or TCP header
 the combination of an IP contains the port number
address and a port
number is called a socket
address

40
 Some of the well-known ports used by TCP and UDP
Port Protocol Description
7 Echo Echoes a received datagram back to the sender
9 Discard Discards any datagram that is received
11 Users Active users
13 Daytime Returns the date and the time
17 Quote Returns a quote of the day
19 Chargen Returns a string of characters
20 FTP, Data File Transfer Protocol (data connection)
21 FTP, Control File Transfer Protocol (control connection)
23 TELNET Terminal Network
25 SMTP Simple Mail Transfer Protocol
53 DNS Domain Name Server
67 BOOTP Bootstrap Protocol
79 Finger Lookup information about a user
80 HTTP Hypertext Transfer Protocol
41
111 RPC Remote Procedure Call
 Java Sockets Java’s .net package
provides two classes:
Server ServerSocket(1234) Socket – for implementing
a client

ServerSocket – for
implementing a server

Output/write stream Client

Input/read stream

Socket(“128.250.22.134”, 1234)
42
It can be host_name like “hen.aait.edu.et”
 Socket programming
Goal: learn how to build client/server application that communicate using
sockets

Socket API
socket
• introduced in BSD4.1 UNIX,
1981 a host-local,
application-created,
• explicitly created, used, released
OS-controlled interface (a
by apps
“door”) into which
• client/server paradigm application process can
both send and
• two types of transport service receive messages to/from
via socket API: another application process
– reliable, byte stream-oriented
TCP
– unreliable datagram UDP
43
 Socket programming using TCP
Client must contact server
• server process must first be running
• server must create socket (door) that welcomes client’s contact

Client contacts server by:

• creating client-local TCP socket
• specifying IP address, port number of server process
• When client creates socket: client TCP establishes connection to server
TCP
• When contacted by client, server TCP creates new socket for server
process to communicate with client
– allows server to talk with multiple clients
– source port numbers used to distinguish clients
44
 Client/server socket interaction: TCP
Server Client
(running on hostid)
create socket,
port=x, for
incoming request:
ServerSocket servSock =new
ServerSocket(x)

wait for incoming

TCP create socket,
connection setup connect to hostid, port=x
connection request
Socket link = Socket clientSocket = new
servSock.accept() Socket(h,x)

send request using

read request from clientSocket
servSock

write reply to
servSock
read reply from
clientSocket
close
servSock
close 45
clientSocket
 Stream terminology
keyboard monitor

• A stream is a sequence of
characters that flow into or out
of a process.

inFromUser
input
stream

Client
Process
process
• An input stream is attached to
some input source for the
process, e.g., keyboard or
socket.

inFromServer
outToServer
output input
stream stream

• An output stream is attached to

an output source, e.g., monitor client TCP
clientSocket
or socket. socket TCP
socket

to network from network

46
Introducing the java.net Package

47
Main classes in java.net

48
 Server-Socket programming
• The java.net package provides ServerSocket and
DatagramSocket objects for servers at the TCP/IP
socket level.

Establishing a stream server involves five steps:

1- Create a new Socket with port number.
2- Set a Socket connect for a client using the accept()
method.
3- Create inputstream and outputstream objects.
4- Process stream data.
5- Close the streams. 49
 Lab: Server -Socket source code
import java.io.*;
import java.net.*;
public class Server {
private static ServerSocket servSock;
private static final int PORT=1234;
public static void main(String[] args) throws
IOException {
System.out.println("Openning port.....");
while(true)
{
listenSocket();
}
50
}
 Lab: Server-Socket source code …
public static void listenSocket() {
try {
Create servSock=new ServerSocket(PORT);
server socket
at port 1234 } catch(IOException e) {
System.out.println("Unable to create
socket with port no:1234!");
System.exit(-1); }
Socket link=null;
try {
Create socket link=servSock.accept();
connection
with the client } catch(IOException e){
System.out.println("Accept failed:
Port 1234");
} 51
 Lab: Server-Socket source code …
try {
Create input BufferedReader in=new BufferedReader(new
stream, attached
to socket
InputStreamReader(link.getInputStream(
)));

PrintWriter out=new
Create output
stream, attached PrintWriter(link.getOutputStream(),tru
to socket e);
int numMessages=0;
Read in line
from socket String message=in.readLine();
while(!message.equals("close")) {
System.out.println("Message
recieved.");
numMessages ++;
52
 Lab: Server-Socket source code…
Write out line out.println("Message" + numMessages+ ":"
to socket + message);
message=in.readLine();
}
}

catch(IOException e)
{
System.out.println("Message is not
recieved");

End of while loop, }

loop back and wait for
another client connection }
}
53
 Client-Socket Programming

• Establishing a stream client involves four

steps:

1- Create a new Socket with a server IP address and

port number.
2- Create input stream and output stream objects.
3- Process stream data and
4- Close the streams.

54
 Lab: Client-Socket Programming
import java.io.*;
import java.net.*;
public class Client {
private static InetAddress host;
private static final int PORT=1234;
public static void main(String[] args) throws
IOException {
Server is try {
local host=InetAddress.getLocalHost();
}
catch(UnknownHostException e)
{
System.out.println("Host id not found!");
System.exit(-1);
}
listenSocket();
}
55
 Lab: Client-Socket Programming
public static void listenSocket() {
Socket link=null;
Create try {
client socket, link=new Socket(host,PORT);}
connect to server
catch(IOException e){
System.out.println("Unable to connect");
System.exit(-1);}
Create try {
input stream
attached to socket BufferedReader in=new BufferedReader(new
InputStreamReader(link.getInputStream()));
Create PrintWriter out=new
output stream PrintWriter(link.getOutputStream(),true);
attached to socket
BufferedReader userentry=new
Create BufferedReader(new
input stream for InputStreamReader(System.in));
user entry

String message, response;

56
 Client-Socket Programming …
do {
System.out.print("Enter message:");
message=userentry.readLine();
out.println(message);
response=in.readLine();
System.out.println("\nSERVER>" + response);
} while(!message.equals("close"));
}
catch(IOException e)
{
System.out.println("Message is not sent.");
}
}
}
57
 DIFFIE–HELLMAN KEY EXCHANGE
APPLICATION
• You now know everything you need to know to set up a
line of communication between computers using Java.
• Hence, I will now show you a couple of programs called:
– DiffieHellmanServer and
– DiffieHellmanClient,
– which set up a connection with each other and establish a
secret key over an unsecure line.
• Here is the code for the server side.

58
 DIFFIE–HELLMAN KEY EXCHANGE
APPLICATION
Here is the code for the server side
import java.security.*;
import java.math.*;
import java.net.*;
import java.io.*;
public class DHServer {
public static void main(String[] args) throws
IOException {
//Start by listening on port 11111
ServerSocket ss=new ServerSocket(11111);
//Wait for a connection
Socket link=ss.accept();

59
 DIFFIE–HELLMAN KEY EXCHANGE
APPLICATION
Here is the code for the server side
//Open input and output streams on the socket
BufferedReader in=new BufferedReader(new
InputStreamReader(link.getInputStream()));
PrintStream out=new
PrintStream(link.getOutputStream());
//Get q, a, ya values from client
BigInteger q=new BigInteger(in.readLine());
BigInteger a=new BigInteger(in.readLine());
BigInteger ya=new BigInteger(in.readLine());

60
 DIFFIE–HELLMAN KEY EXCHANGE
APPLICATION
Here is the code for the server side
//Produce your own secret exponent
SecureRandom sr=new SecureRandom();
BigInteger xb=new BigInteger(q.bitLength()-1,sr);
//Raise a to this power
BigInteger yb=a.modPow(xb,q);
//Send this to client
out.println(yb);

61
 DIFFIE–HELLMAN KEY EXCHANGE
APPLICATION
Here is the code for the server side
//Raise ya to xb power-this is the secret key
BigInteger key=ya.modPow(xb,q);
System.out.println (“The secret key with
“+link.getInetAddress().toString()+”
is:\n”+key);
int c=System.in.read();
}
}

62
 DIFFIE–HELLMAN KEY EXCHANGE
APPLICATION
Here is the code for the client side
import java.security.*;
import java.math.*;
import java.net.*;
import java.io.*;
public class DHClient {
public static int keyLength=1024;
static BufferedReader userentry=new
BufferedReader(new
InputStreamReader(System.in));
public static void main(String[] args) throws
IOException {

63
 DIFFIE–HELLMAN KEY EXCHANGE
APPLICATION
Here is the code for the client side
//Generate a secure random prime number
1 – 0.1n
SecureRandom sr=new SecureRandom();
BigInteger q=new BigInteger(keyLength,10,sr);

//Generate your secret exponent

BigInteger a=new BigInteger(keyLength-1,sr);
BigInteger xa=new BigInteger(keyLength-1,sr);
//Raise a to this power
BigInteger ya=a.modPow(xa,q);

64
 DIFFIE–HELLMAN KEY EXCHANGE
APPLICATION
Here is the code for the client side
//Open a connection with a server waiting for info
System.out.println(“Enter host name or IP address of
server:”);
String host=userentry.readLine();

//Server should be listening on port 11111

Socket link=new Socket(host,11111);
//Open input and output streams on the socket
BufferedReader in=new BufferedReader(new
InputStreamReader(link.getInputStream()));
PrintStream out=new
PrintStream(link.getOutputStream());
65
 DIFFIE–HELLMAN KEY EXCHANGE
APPLICATION
Here is the code for the client side
//Send the values q, a, y to server
out.println(q);
out.println(a);
out.println(ya);
//Get the yb value from server
BigInteger yb=new BigInteger(in.readLine());
//Raise yb to xa power-this is the secret key
BigInteger key=yb.modPow(xa,q);
System.out.println(“The secret key is:\n”+key);
userentry.readLine();
}
} 66
 DIFFIE–HELLMAN KEY EXCHANGE
APPLICATION
• Here is a sample run of the server (which was started first) and
the client (started second on the same machine).
Server:
The secret key with 127.0.0.1/11111 is:

1211419963660692479726684061017152728828106062950284
4880493816079792128909711913425221065203246229296289
1922747491048206193399895329992974775306801608746591
380045157193684890104045145268490861949829288679666
6467115884377850464401842001426751458626226056258177
02885752446509603402778647138069775001533301

67
 DIFFIE–HELLMAN KEY EXCHANGE
APPLICATION
Client:
Enter host name or IP address of server:
127.0.0.1
The secret key is:

121141996366069247972668406101715272882810606295028
4880493816079792128909711913425221065203246229296289
1922747491048206193399895329992974775306801608746591
7380045157193684890104045145268490861949829288679666
0646711588437785046440184200142675145862622605625817
602885752446509603402778647138069775001533301

68