Public Key Cryptography and Digital Signatures. Curt Jones CDA 5505 April 12, 2005

Transcription

1 Public Key Cryptography and Digital Signatures Curt Jones CDA 5505 April 12, 2005

2 Public Key Cryptography - What is public key cryptography? Public key cryptography is a form of cryptography which allows secure communications between users without the need for a previously agreed upon secret encryption/decryption key. It is also known as asymmetric key cryptography.

3 Public Key Cryptography - Why do we need it? One difficulty in using symmetric key cryptography is key exchange. Public key cryptography allows a user to create a public key/private key pair that can be used to securely communicate with other users without the need for a previously agreed upon key. The public key is published so that any user can use it to encrypt a message. This message can only be decrypted using the matching private key, which is not shared with any other user.

4 Public Key Cryptography - How it works A public key cryptographic system must meet three requirements: 1. D(E(P)) = P. The decryption algorithm, D, applied to the encrypted plaintext, E(P), returns the unencrypted plaintext, P. If this property did not hold, the recipient could not decrypt the cyphertext they received.

5 Public Key Cryptography - How it works 2. Determining D from E is extremely difficult. D and E must be related, since D reverses the actions of E. Because E is known to the public it must be virtually impossible to determine D given E. Public key algorithms rely on various difficult mathematical problems, such as factorization of large numbers, to insure that this is as hard as possible.

6 Public Key Cryptography - How it works 3. E cannot be broken by a chosen plaintext attack. Since the encryption key is known to the public, an attacker can encrypt any, and as many, plaintext messages as they like. The output from the encryption algorithm must be sufficiently random that knowledge of a given encrypted message does not reveal information about any other encrypted messages.

7 Public Key Cryptography - Some Public Key Algorithms Diffie-Hellman 1976 RSA Merkle-Hellman El Gamal Elliptic curve Paillier cryptosystem

8 Public Key Cryptography - RSA Key Generation 1. Choose two large prime numbers, p and q. 2. Compute N, where n = p * q. 3. Compute z, where z = (p-1) * (q-1). 4. Choose a number d, such that d is co-prime to z. 5. Find e such that e * d = 1 (mod z). Publish N (the modulus) and e (the public exponent) as the public key. Retain N (the modulus) and d (the private exponent) as the private key.

9 Public Key Cryptography - RSA - use To encrypt and send a plaintext message, the message is converted to a number n by a predetermined padding scheme. The number n is then encrypted by computing c = n e (mod N). The cyphertext value c is then sent to the holder of the private key. To decrypt the message, the private key holder computes n = c d (mod N). The plaintext message can be recovered by running n through the inverse of the original padding function.

10 Public Key Cryptography - Problems Authentication In symmetric key encryption, the ability to properly encrypt a message strongly implies that the sender is who they claim to be, since only they (and the recipient) should be in possession of the key. In public key encryption, the encryption key is not secret, so the ability to encrypt a message provides no information about the identity of the sender. The use of a public key infrastructure can help insure that all parties involved in communications are who they claim to be.

11 Public Key Cryptography - Problems Computational Complexity Public key algorithms rely on difficult to solve mathematical problems for their security. Because of this, they require more computing power, and thus more time, to encrypt and decrypt messages than symmetric key algorithms.

12 Public Key Cryptography - Uses Though Public key algorithms can be used for secure communication, due to their much higher computational overhead than symmetric key algorithms they are, in practice, generally used to communicate a key which is then used by a symmetric key communication system. Public key encryption is also used in the creation of digital signatures.

13 Digital Signatures - What is a digital signature? A digital signature is the electronic equivalent of a physical signature. It is used to authenticate the identity of the signer. It has the additional advantage of being able to verify that the signed message is unchanged since the time it was signed.

14 Digital Signatures - Requirements of a digital signature To be useful, a digital signature must meet three conditions: 1. The receiver can verify the identity of the sender. 2. The sender cannot repudiate the contents of the message. 3. The receiver cannot create or alter a signed message.

15 Digital Signatures - Types of Digital Signatures Symmetric Key Public Key/Asymmetric Key Message Digests/Hash Functions

16 Digital Signatures - Symmetric Key Signatures Using symmetric key cryptography for digital signatures requires a trusted Central Authority(CA). Each user shares a unique secret key with CA. To digitally sign a message Alice encrypts the message and the identity of the intended recipient (Bob) and sends it to CA. CA decrypts the message using Alice's key to verify authenticity. Continued>

17 Digital Signatures - Symmetric Key Signatures Once Alice's message is verified, CA encrypts it and the identity of the sender with its own secret key (not known to Alice or Bob). This encrypted message and the plaintext of the original message are then encrypted with Bob's key and forwarded to Bob. Bob can then decrypt this message, read the plaintext, and keep the message encrypted with the CA's key. Should a dispute arise, the CA can decrypt this saved message and verify its authenticity.

18 Digital Signatures - Symmetric Key Signatures - Problems The main drawback of symmetric key signatures is the need for a trusted central authority to maintain the keys for each user. Since the CA has everyone's key, and all messages must pass through them if they are to be signed, the CA has access to everyones information. In practice there is no group that inspires this level of trust among the entire population.

19 Digital Signatures - Public Key/asymmetric Key A public key algorithm, such as RSA, with the property that E(D(P)) = P (in addition to the required D(E(P)) = P) can be used to digitally sign a message. If Alice creates a message E B (D A (P)) and sends it to Bob, Bob can then apply D B to recover D A (P), which could only have been generated by Alice, since only she know her private key. Bob can now apply E A to recover the plaintext message.

20 Digital Signatures - Public Key/asymmetric Key - Problems If someones private key is compromised, there is no longer any assurance that they created the original message. If someone changes their key, the new encryption key will no longer decrypt an old signed message, making it appear that a validly signed message is fake.

21 Digital Signatures - Hash Functions and Message Digests A cryptographic hash function has the following properties: Takes an arbitrary length input. Returns a fixed length output. Is a one way function. Is collision free. The output is called a Message Digest.

22 Digital Signatures - Hash Functions and Message Digests A message digest can be used without further processing as a digital fingerprint to verify the integrity of a message or file. A message digest can also be digitally signed and transmitted along with the input it was created from. This allows the recipient to verify both the integrity and authenticity of the message. This method does not encrypt the message itself.

23 Public Key Cryptography and Digital Signatures Questions?

24 References Computer Networks, 4 th edition, Andrew S. Tanenbaum (2003), Prentice Hall PTR. Practical Cryptography, Niels Ferguson and Bruce Schneier (2003), Wiley Publishing, Inc. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems, R. Rivest, A. Shamir, L. Adleman, Communications of the ACM, Vol. 21 (2), 1978, pages