Secure Communication and Public Key Encryption
The "Key" Idea: Remember that A
cryptosystem is a five-tuple
()
where the following conditions are satisfied:
1.
is a finite set of possible plaintexts:
2.
is a finite set of possible ciphertexts:
3.
the keyspace, is the a finite set of possible
keys:
4. For each K
there is and encryption rule e
and a corresponding decryption rule
d
.
Where
e
and d
are functions such that for all M
,d
(e
(M
))
M.
In general we think of cryptosystems as being used for two-way communication between individuals who want to carry on a private dialog. However, this is really not be practical for e-commerce. Consider the basic function of taking a credit card over the Web.
Suppose, however, that it were possible to find a cryptosystem for which
knowing e
, and the general methodology used in its construction, did not lead to an
easy computation of d
, then we could do the following.
Secure One-Way Communication: (eg Web Form)
1. Publish e
for the world to see. Tell the world that, if they want to communicate
securely with you, all they need to is apply e
to the message before transmitting it. This because there is an acceptably
small chance of someone discovering d
hence decoding there message.
2. When I received the encrypted message apply d
which, presumably only I know.
Secure Two-Way Communication:
Assume that we are dealing with a Cryptosystem such that
In addition to
d(e
(M
))
M, we have
e
(d
(C
))
C for all C
.
Given
d(),
it is also very hard to compute
e
().
Suppose that we have two people
P
and
P
who want to communicate securely with each other. Each selects their own "one
way system", K
and K
,
from a Cryptosystem with the above listed properties .
P
and
P
commmunicate as follows:
1.
P
gives e
to
P
and
P
gives e
to
P
.
2. Suppose
P
wants to send message M to
P
.
P
computes C
e
(d
(M
)) and transmits it.
3.
P
computes e
(d
(C
))
e
(d
(e
(d
(M
))))
e
(d
(M
))
M.
Why does this work?
P
knows that the only person who can read the message is
P
, the owner of K
since, presumably
P
, is the only person who knows d
().
P
knows that
P
sent the message since, presumably
P
, is the only person who knows d
().
We are implicitly assuming that the message
P
sees is meaningful.
There are Examples of One Way Cryptosystems:
RSA ( The RSA algorithm was invented in 1978 by Ron Rivest, Adi Shamir, and Leonard Adleman):
1. Begin by choosing
and
to be two very large prime numbers.
2. Next choose
,
,
such that
and
are relatively prime.
3. Referring back to the previous sections, we can find
such that
.
Note that
and
are "symmetric" for two way communication.
4. Here is RSA
is the set of integers between
and
and relatively prime to
.
the keyspace, is the set of pairs
,
as above:
For each K
in
and all M
,
e
(M
))
M
=C and
d
(C
)
C
Note:
d
(e
(M))
M
M
(M
)
M
(1)
M
M
And
d
(e
(M))=M.
Example- Let
and
.
and
.
So
.
Choose
.
Note
Compute
Suppose M
Check
----------------------------------------------------------------------------------------------------------
If your pocket calculator is not working try:
import java.util.*;
import java.math.*;
public class Calcmod {
public static void main(String[] args)
{
try
{
BigInteger p=new BigInteger("48112959837082048697"); //I looked these two primes up (see TOC for this section)
BigInteger q=new BigInteger("36413321723440003717");
BigInteger n=new BigInteger("0");
n=p.multiply(q);
BigInteger pm1qm1= new BigInteger("0");
pm1qm1=(p.subtract(new BigInteger("1"))).multiply(q.subtract(new BigInteger("1")));
System.out.println("n="+n);
System.out.println("(p-1)(q-1)="+pm1qm1);
BigInteger e=new BigInteger("67843189741225"); //Chosen at random, sort of......
BigInteger d=new BigInteger("0");
d=e.modInverse(pm1qm1);
System.out.println("e="+e+" d="+d);
//HELLO=7269767679
BigInteger Message=new BigInteger("7269767679");
System.out.println("Message='HELLO' as decimal ascii= "+Message);
BigInteger code=Message.modPow(e,n);
System.out.println("Message ^e=coded="+code);
BigInteger result=code.modPow(d,n); // Message.modPow(e.multiply(d),n);
System.out.println("Message ^(ed) MOD mod = Message?");
System.out.println(result);
}
catch (Exception ex){ ex.printStackTrace();}
}//main
} //Calcmod
THE OUTPUT
n=1751952685614616185916001760791655006749
(p-1)(q-1)=1751952685614616185831475479231132954336
e=67843189741225
d=346820212054753766339618442769730365753
Message='HELLO' as decimal ascii= 7269767679
Message
^e=coded=195102718882357445246760445462165944439
Message ^(ed) MOD mod = Message?
7269767679
Observation: At first glance there may appear to
be a security opening in RSA. A reasonable question that could be asked is,
while it may be hard to factor
all we really need to do is find
such that
,
so given,
,
is there a way to compute
?
The answer is that it is as "hard" to compute
from
as it is to factor
it self. Here is the argument.
1. For the sake of clarity, set
.
So if we know
and
we can quickly compute
.
Next the important direction.
2. Suppose there was an easy way to compute
from
.
To factor
,
we would then only have to solve the two simultaneous equations.
in two unknowns
and
.
Solving the first equation for p gives.
substituting this into the second equation gives.
or
.
The quadratic formula does the rest.