Embed Size (px)
DESCRIPTION
Mid-term Review. Network Security. Secure channel. SSL (and many others:incl. IPSEC) Shared key establishing Trusted party (Kerberos, etc. - to be covered) Public key methods. Diffie-Hellman. RSA N=pq; ed 1 (mod (N)) Public: e,N; Private: d,N Encrypt M: CM e mod N - PowerPoint PPT Presentation
Citation preview
Mid-term Review
Network Security
Secure channel
SSL (and many others:incl. IPSEC)
Shared key establishingTrusted party (Kerberos, etc. - to be covered)
Public key methods
Public Key techniques
Diffie-Hellman RSAN=pq; ed 1 (mod (N))Public:e,N;Private:d,N
Encrypt M: CMemodN
Decrypt C: MCdmodN
Sign M: S Mdmod N
Verify S: Se M (modN)
Alice Boba b
p, g
magamod p mbgbmod p
ma mb
mbamod p ma
bmod p=gabmod p=
shared secret key!•Discrete log:
•Given y,p,b
•Find x: bxmod p = y
?
•Factoring:
•Given N=pq
•Find p,q
Discrete log based schemes
DH, DSS (El-Gamal); Elliptic Curves Cryptography (ECC)
Why modulus (p) is so large?Have not seen attacks on it (yet!)
Factoring based
RSA
Square Roots (=factoring)Rabin (Encryption,Signature)
Fiat-Shamir (ID scheme, Signature)
World mod N
How many objects?|Z*
N|= (N); for all z Z*
N, z (N) mod N=1
If N=pq, then (N)= (p-1)(q-1)[If N=p, then (N)= p-1]
Blum integers: N=pq, pq3 (mod 4)
Thenx(p+1)/4 mod p= y; y2x(p+1)/2x(p-1)/2 x±x mod p
Chinese Remainder Theorem (CRT)
Given y2=x mod p; z2=x mod q; N=pq;Find s: s2=x mod N
More generally:Given a,A, b,B;Find x: x=a mod A, x=b mod B
Let u, v be s.t. uA=1 mod B, vB=1 modAThen x=uAb+vBa[indeed: x mod A = uAb+vBa = vBa = a;
x mod B = uAb+vBa = uAb = b]
How to find u,v?
Extended GCD
Euclid’s GCD algorithm(greatest common divisor):gcd(a,b) = gcd( b, a mod b) =…= gcd(a’,b’)=ca’=ib’+c, … , ax+by=c
If gcd(a,b)=1: ax=1 mod b
Summary
RSAGiven p,q; Can compute (N), for N=pq;
With Extended gcd, can compute e, d = 1/e mod (N);
[ gcd(e, (N)) must be 1 ]
RabinUsing Blum integers can compute SQRT mod p,q
Using CRT can combine them to SQRT mod N
Efficiency for all
Exponentiation: Repetitive Squaring
bA mod N takes 1.5 lg A long multiplications
Cost of multiplication quadratic in length
Optimization: mod N mod p + mod q +CRT
Watch out!
Attacks on factoring
(N), N => factoring (quadratic equation)
Trick: obtain x, s.t. x=0 mod p, x0 mod q
gcd(x, N)=p
SQRTmodN => Factoring
vy2mod N; zSQRTmodN(v)
If z ±y, then x y-z
Computing mod p + mod q + CRTRandom error mod p (or mod q) => factoring
Later in the courseCrypto
Hashing• MD5, SHA• MAC
Symmetric ciphers• DES, AES/Rijndael, RC-4• Modes of operation (for block ciphers)
SystemsIPSec - security on another levelKerberos - key distribution (symmetric crypto)Firewalls, IDS, etc.
