Cryptography: An Art and Science
Sujit Prakash Gujar
[email protected] Institute of Science, Bangalore-12
September 15, 2007.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 1 / 22
Agenda
Motivation
Objectives of Cryptography.Evolution: Need for Mathematical tools in cryptography.Encryption/Decryption: Art and Science.Hard Problems.RSA: Integer Factorization.Conclusions.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 2 / 22
Agenda
MotivationObjectives of Cryptography.
Evolution: Need for Mathematical tools in cryptography.Encryption/Decryption: Art and Science.Hard Problems.RSA: Integer Factorization.Conclusions.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 2 / 22
Agenda
MotivationObjectives of Cryptography.Evolution: Need for Mathematical tools in cryptography.
Encryption/Decryption: Art and Science.Hard Problems.RSA: Integer Factorization.Conclusions.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 2 / 22
Agenda
MotivationObjectives of Cryptography.Evolution: Need for Mathematical tools in cryptography.Encryption/Decryption: Art and Science.
Hard Problems.RSA: Integer Factorization.Conclusions.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 2 / 22
Agenda
MotivationObjectives of Cryptography.Evolution: Need for Mathematical tools in cryptography.Encryption/Decryption: Art and Science.Hard Problems.
RSA: Integer Factorization.Conclusions.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 2 / 22
Agenda
MotivationObjectives of Cryptography.Evolution: Need for Mathematical tools in cryptography.Encryption/Decryption: Art and Science.Hard Problems.RSA: Integer Factorization.
Conclusions.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 2 / 22
Agenda
MotivationObjectives of Cryptography.Evolution: Need for Mathematical tools in cryptography.Encryption/Decryption: Art and Science.Hard Problems.RSA: Integer Factorization.Conclusions.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 2 / 22
Motivation
Colonel wants to convey some military plan of action to LieutenantColonel.
World War I: Zimmermann Telegram.World War II:Famous for cipher breaking.On-line banking.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 3 / 22
Motivation
Colonel wants to convey some military plan of action to LieutenantColonel.World War I: Zimmermann Telegram.
World War II:Famous for cipher breaking.On-line banking.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 3 / 22
Motivation
Colonel wants to convey some military plan of action to LieutenantColonel.World War I: Zimmermann Telegram.World War II:Famous for cipher breaking.
On-line banking.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 3 / 22
Motivation
Colonel wants to convey some military plan of action to LieutenantColonel.World War I: Zimmermann Telegram.World War II:Famous for cipher breaking.On-line banking.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 3 / 22
Objectives of Cryptography
Privacy: CiphersAuthentication: Digital Signatures.Data Integrity: Message DigestNon-repudiation: Digital Signatures.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 4 / 22
Evolution of Cryptography
Steganography: art and science of writing hidden messages.
Demeratus: Wooden Tablet. (440 BC)Substitution Ciphers.Statistical Analysis.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 5 / 22
Evolution of Cryptography
Steganography: art and science of writing hidden messages.Demeratus: Wooden Tablet. (440 BC)
Substitution Ciphers.Statistical Analysis.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 5 / 22
Evolution of Cryptography
Steganography: art and science of writing hidden messages.Demeratus: Wooden Tablet. (440 BC)Substitution Ciphers.
Statistical Analysis.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 5 / 22
Evolution of Cryptography
Steganography: art and science of writing hidden messages.Demeratus: Wooden Tablet. (440 BC)Substitution Ciphers.Statistical Analysis.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 5 / 22
Evolution of CryptographyPolyalphabetic substitution
Vigenere cipher: polyalphabetic substitution.
Enigma.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 6 / 22
Evolution of CryptographyPolyalphabetic substitution
Vigenere cipher: polyalphabetic substitution.Enigma.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 6 / 22
Evolution of CryptographyPolyalphabetic substitution
Vigenere cipher: polyalphabetic substitution.Enigma.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 6 / 22
Evolution of Cryptography
Use of Keys.Secret Algorithms vs. Secret Key Algorithms.Distribution of keys?
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 7 / 22
Evolution of Cryptography
Use of Keys.Secret Algorithms vs. Secret Key Algorithms.Distribution of keys?
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 7 / 22
Evolution of Cryptography
Use of Keys.Secret Algorithms vs. Secret Key Algorithms.Distribution of keys?
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 7 / 22
Cipher: Art and Science
Cipher: an encryption and decryption algorithm.Encryption: Scrambles message data based on key. Mathematically,
E : M ×K → C
E (m, ke) = c
Decryption: recovers message data,only when provided correct key.Mathematically,
D : C ×K → M
D(c, kd) = m
Desirable properties:Easy to encrypt.Difficult to invert without key.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 8 / 22
Some Standard Ciphers
Simple way, c = m ⊕ k, m′ = c ⊕ k = m ⊕ k ⊕ k = m.
Symmetric key cryptosystems, i.e. ke = kd
– Block ciphers: AES,DES,IDEA– Stream ciphers: RC4,FISH,SEAL
Public key cryptosystems, i.e. ke 6= kdRSA,Rabbin,ECC. (Elliptic Curve Cryptosystem)Need of Mathematical Tools, i.e functions which are easy to computeand difficult to invert.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 9 / 22
Some Standard Ciphers
Simple way, c = m ⊕ k, m′ = c ⊕ k = m ⊕ k ⊕ k = m.Symmetric key cryptosystems, i.e. ke = kd
– Block ciphers: AES,DES,IDEA– Stream ciphers: RC4,FISH,SEAL
Public key cryptosystems, i.e. ke 6= kdRSA,Rabbin,ECC. (Elliptic Curve Cryptosystem)Need of Mathematical Tools, i.e functions which are easy to computeand difficult to invert.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 9 / 22
Some Standard Ciphers
Simple way, c = m ⊕ k, m′ = c ⊕ k = m ⊕ k ⊕ k = m.Symmetric key cryptosystems, i.e. ke = kd
– Block ciphers: AES,DES,IDEA
– Stream ciphers: RC4,FISH,SEAL
Public key cryptosystems, i.e. ke 6= kdRSA,Rabbin,ECC. (Elliptic Curve Cryptosystem)Need of Mathematical Tools, i.e functions which are easy to computeand difficult to invert.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 9 / 22
Some Standard Ciphers
Simple way, c = m ⊕ k, m′ = c ⊕ k = m ⊕ k ⊕ k = m.Symmetric key cryptosystems, i.e. ke = kd
– Block ciphers: AES,DES,IDEA– Stream ciphers: RC4,FISH,SEAL
Public key cryptosystems, i.e. ke 6= kdRSA,Rabbin,ECC. (Elliptic Curve Cryptosystem)Need of Mathematical Tools, i.e functions which are easy to computeand difficult to invert.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 9 / 22
Some Standard Ciphers
Simple way, c = m ⊕ k, m′ = c ⊕ k = m ⊕ k ⊕ k = m.Symmetric key cryptosystems, i.e. ke = kd
– Block ciphers: AES,DES,IDEA– Stream ciphers: RC4,FISH,SEAL
Public key cryptosystems, i.e. ke 6= kdRSA,Rabbin,ECC. (Elliptic Curve Cryptosystem)
Need of Mathematical Tools, i.e functions which are easy to computeand difficult to invert.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 9 / 22
Some Standard Ciphers
Simple way, c = m ⊕ k, m′ = c ⊕ k = m ⊕ k ⊕ k = m.Symmetric key cryptosystems, i.e. ke = kd
– Block ciphers: AES,DES,IDEA– Stream ciphers: RC4,FISH,SEAL
Public key cryptosystems, i.e. ke 6= kdRSA,Rabbin,ECC. (Elliptic Curve Cryptosystem)Need of Mathematical Tools, i.e functions which are easy to computeand difficult to invert.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 9 / 22
Preliminaries
We say, a ≡ b mod (n), when n divides (a− b).It is basically a remainder function.84 ≡ 75 mod (9), but in general, we will say 84 ≡ 3 mod (9)
When n = p, some prime, p,Let, Z×p = {1, 2, . . . , p − 1}.
(Z×p ,×p): Multiplicative group.
g ∈ Z×p such that, {g , g2, . . . , gp−1} = Z×
p , then we say g isgenerator.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 10 / 22
Hard Problems
Integer Factorization Problem: (IFP)Given an integer n = p ∗ q, product of two prime numbers, find primefactors, p, q.
Discrete Logarithm Problem (DLP)Let p be the prime number and g be the generator of (Zp)×.If, a = g x mod (p), x is called as discrete logarithm of a.DLP is, given ‘a’ find discrete logarithm of ‘a’ in (Zp)×
i.e. find x s.t. g x mod (p) = a.Diffie-Hellman Problem: (DHP)Let p be the prime number and g be the generator of (Zp)×.Given ga mod (p),gb mod (p), find gab mod (p)
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 11 / 22
Hard Problems
Integer Factorization Problem: (IFP)Given an integer n = p ∗ q, product of two prime numbers, find primefactors, p, q.Discrete Logarithm Problem (DLP)Let p be the prime number and g be the generator of (Zp)×.If, a = g x mod (p), x is called as discrete logarithm of a.DLP is, given ‘a’ find discrete logarithm of ‘a’ in (Zp)×
i.e. find x s.t. g x mod (p) = a.
Diffie-Hellman Problem: (DHP)Let p be the prime number and g be the generator of (Zp)×.Given ga mod (p),gb mod (p), find gab mod (p)
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 11 / 22
Hard Problems
Integer Factorization Problem: (IFP)Given an integer n = p ∗ q, product of two prime numbers, find primefactors, p, q.Discrete Logarithm Problem (DLP)Let p be the prime number and g be the generator of (Zp)×.If, a = g x mod (p), x is called as discrete logarithm of a.DLP is, given ‘a’ find discrete logarithm of ‘a’ in (Zp)×
i.e. find x s.t. g x mod (p) = a.Diffie-Hellman Problem: (DHP)Let p be the prime number and g be the generator of (Zp)×.Given ga mod (p),gb mod (p), find gab mod (p)
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 11 / 22
RSA
RSA Cryptosystem consists Three Primitives:
Key Generation Encryption Decryption
Key Generation1 Choose, p and q, two large primes.2 Calculate: n = p ∗ q. φ(n) = (p − 1) ∗ (q − 1).3 Choose e such that g.c.d of e and φ(n) is 1.4 Calculate d such that ed ≡ 1 mod (φ(n)).
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 12 / 22
RSA: Key Generation
If g.c.d of a and b is 1, there exists unique x and y such that
ax + by = 1.
Let, a = e, b = φ(n). Then, x will be required d .And this can be calculated using Extended Euclidian Algorithm.(e, n) is called public key or encryption key.(d , n) is called private key or decryption key.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 13 / 22
RSA Contd...
Let, (e, n) be public key of A and (d , n) corresponding private key.Message m, is such that 1 ≤ m ≤ n
EncryptionWhen B want to send a m to A,he will sendc ≡ me mod (n)
DecryptionAfter receiving c,A will retrieve message back usingm′ ≡ cdmod(n)
m′ ≡ cd
≡ (me)d mod (n)
≡ m(ed) mod (n)
When, n = p ∗ q, from Number Theory, we haveax = a(x+φ(n)−1) mod (n)m′ ≡ m mod (n).
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 14 / 22
Cracking RSA
Look at Key generation. If somebody solves IFP, he can easily deducedecryption key.Note: But, given public key, if someboy can deduce private keydoesn’t implay he can factor n. i.e.Solving IFP ⇒ Cracking RSAReverse may not be true.Rabin Cryptosystem: As hard as IFP.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 15 / 22
Factoring number
Naive algorithm: Try all numbers 1 to√
n.Time complexity: O(
√n)
Suppose, x2 ≡ y2 mod n and x 6≡ ±y mod (n)⇒ n divides (x2 − y2) i.e. either (x + y) or (x − y).Who will give such x and y?
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 16 / 22
Factoring numberDixton,quadratic sieving,number field sieving
Choose B, set of known prime numbers.Choose randomly, x1, x2, . . . , xk , s.t. p(xi ) ≡ x2
i mod (n) factorscompletely using primes in B.Find {y1 . . . , yl} ⊆ {x1, x2, . . . , xk}, such that
l∏i=1
y2i ≡
l∏i=1
p(yi ) mod (n)
and, RHS of the above equation is square.Quadratic Sieving. Time Complexity: O
(exp(2
√2√
log n log log n)).
Number Field Sieving. Time Complexity:O
(exp(c ∗ (log n)1/3(log log n)2/3)
).
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 17 / 22
Elliptic curve cryptosystems
y2 = x3 + ax + b.Consider, set of all integer pair (x,y) s.t.
y2 = x3 + ax + b mod (p),
where p is prime.Group.We can use DLP.Till date, Time complexity: O
(exp(c(log n)1/2(log log n)1/2)
).
1024 bit RSA security ≡ 168 bit ECC security.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 18 / 22
Conclusions
Need of Mathematical functions in cryptography.Hard Problems.RSA CryptosystemInteger Factoring.Elliptic Curve Cryptosystems.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 19 / 22
References
“Applied Cryptography”, (2nd Ed.) by Bruce Schneier.“Handbook of Applied Cryptography”, by Alfred Menezes, Paul vanOorschot and Scott Vanstone.“The Code Book”, by Simon Singh.
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 20 / 22
Questions?
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 21 / 22
Thank You!!!
Sujit Prakash Gujar (CSA, IISc) Cryptography: An Art and Science September 15, 2007. 22 / 22