ASYMMETRIC KEY ENCRYPTION AND KEY EXCHANGE

Unlike symmetric key encryption algorithm, asymmetric key cipher algorithm uses two keys. Either of the two related keys can be used for encryption, with the other used for decryption. A public-key encryption scheme has six component Plaintext Encryption algorithm Public key & Private key Ciphertext This is the readable message or data that is fed into the algorithm as input. The encryption algorithm performs various transformations on the plaintext. This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption. The exact transformations performed by the algorithm depend on the public or private key that is provided as input. This is the scrambled message produced as output. It depends on the plaintext and the key. For a given message, two different keys will produce two different ciphertexts. This algorithm accepts the ciphertext and the matching key and produces the original plaintext.

Decryption algorithm

The essential steps are the following. a. Each user generates a pair of keys to be used for the encryption and decryption of messages. b. Each user places one of the two keys in a public register or other accessible file. This is the public key. The companion key is kept private. c. If user A wishes to send a confidential message to user B, user A encrypts the message using user Bs public key. d. When user B receives the message, he decrypts it using his private key. No other recipient can decrypt the message because only user B knows its own private key. The use of public-key cryptosystems into three categories a. Encryption /decryption: The sender encrypts a message with the recipients public key. 1

b. Digital signature: The sender signs a message with its private key. Signing is achieved by a cryptographic algorithm applied to the message or to a small block of data that is a function of the message. c. Key exchange: Two sides cooperate to exchange a session key. Several different approaches are possible, involving the private key(s) of one or both parties. ASYMETRIC KEY CIPHER ALGORITHM Knapsack Cryptosystem Merkle and Hellman has device the public-key cryptography, knapsack cryptosystem. The idea behind this algorithm is that, if we told which elements, from a predefined set of numbers, are in a knapsack, we can easily calculate the sum of the numbers. But if we told the sum, it is difficult to say which elements are in the knapsack. Algorithm Suppose we are given two vectors of length k, a = [a1, a2, a3, ak] and x = [x1, x2, x3, xk]. Here a vector is the predefined set and the vector x is a binary vector, in which xi, is only 0 or 1, this defines which elements of a are to be dropped in the knapsack. The sum of elements in the knapsack is calculated as follows: Sum = knapsackSum (a, x) = a1x1 + a2x2 + a3x3 + + akxk If vectors a and x is known then it is easy to calculate Sum. However, if Sum and vector a is known then the vector x is very difficult compute. Superincreasing vector It is easy to compute Sum and vector x, if each elements i of vector a is superincreasing. i.e. ai a1 + a2 + a3 + + ai-1 . The algorithm for computing of sum and vector a, is shown below.
KNAPSACKSUM(A, X) 1. S = 0 2. FOR I = 1 TO K 3. S = S + A[I] X[I] 4. RETURN SUM INVKNAPSACKSUM( SUM, A) 1. FOR I = K DOWN TO 1 2. IF SUM A[I] 3. X[I] = 1 4. SUM = SUM A[I] 5. ELSE 6. X[I] = 0

7. RETURN X

Working of algorithm Let us see how two user can send a secret message to each other using knapsack cryptosystem. The knapsack cipher system the follows the following phases. a. Key generation phase includes generation of the keys. For key generation the following steps are done. 1. Create a super-increasing vector b = [b1, b2, b3, bk] 2. Choose an integer n, such that n > b1 + b2 + b3 + + bk 3. Choose an integer r that is relatively prime with n and 1 r n-1 4. Compute a temporary vector t = [t1, t2, t3, tk], such that ti = r X bi mod n. 5. Do permutation on vector t, then a = permute(t) 6. Public key is [a] and private key is [n, r, b]. b. Encryption uses the KNAPSACKSUM(a, previously. c. Decryption does the following computation 1. Compute Sum = Sum X r-1 mod n 2. x = INVKNAPSACKSUM(Sum, b) 3. x = permute(x) RSA RSA is named after the three inventors - Ron Rivest, Adi Shamir, and Leonard Adleman Key generation The two keys are generate as follows a. Choose two random large prime numbers, P and Q. b. Compute N = P X Q c. Choose E, such that E and (P 1)(Q 1) are relatively prime d. Choose D, such that E X D 1 mod (P 1)(Q 1). Here [E, N] and [D, N] are public key and private key respectively. Encryption Before the encryption the plaintext be of M bits, is divided into smaller blocks. The size of the block is smaller than N. if P and Q are L bits long, then N will 2 X L bits long, so the size of sub blocks of M will be less than 2 X L bits. 3 x) algorithm, discuss

Let Ci is the cipher block of ith block of plaintext. And it is computed as follows Ci = MiE mod N Decryption Mi = CiD mod N Since, CiD = (MiE)D = MiED = Mik(P 1)(Q 1) + 1 = Mi Mi k(P 1)(Q 1) = Mi x 1 = Mi So Mi mod N = Mi, because N > Mi. ElGamel The ElGamal scheme can be used for both digital signatures and encryption; it gets its security from the difficulty of calculating discrete logarithms in a finite field. Key generation The two keys are generate as follows a. choose a prime number, P b. Choose two random numbers, G and X, such that both G < P and X < P. c. compute Y, such that Y = GX mod P The public key is [Y, G, P]. Both G and P can be shared among a group of users. The private key is X Encryption To encrypt message M, first choose a random K, such that K is relatively prime to P - 1. Then compute A = GK mod P B = YKM mod P The pair, A and B, is the ciphertext. Note that the ciphertext is twice the size of the plaintext. Decryption To decrypt A and B, compute M = B/AX mod P Since AX GKX (mod P), and B/AX YKM/AX GXKM/GXK M (mod P), this all works. 4

Signature

To verify a signature, confirm that YAAB mod P = GM mod P

Demerit a. If anybody ever recovers the random number k that is used, he can recover the private key, x. b. If anybody ever gets two messages signed or encrypted using the same k, even if he doesnt know what it is, he can recover x. KEY EXCHANGE ALGORITHM Deffie Hellman Key exchange Diffie-Hellman was the first public-key algorithm ever invented, way back in 1976. It cannot be used to encrypt and decrypt messages. Algorithm 1. Alice and Bob agree on a large prime, n and g, such that g is primitive mod n. These two integers dont have to be secret; Alice and Bob can agree to them over some insecure channel. 2. Alice chooses a random large integer x and compute = gx mod n 3. Alice sends to Bob 4. Bob also chooses a random large integer y and compute = gy mod n. 5. Bob sends to Alice. 6. Alice computes k = x mod n 7. Bob computes k = y mod n Both k and k are equal to gxy mod n. No one listening on the channel can compute that value; they only know n, g, , and . Unless they can compute the discrete logarithm and recover x or y, they do not solve the problem. So, k is the secret key that both Alice and Bob computed independently. The choice of g and n can have a substantial impact on the security of this system. The number (n - 1)/2 should also be a prime. Demerits 5

Man-in-the-Middle Attack
Suppose that Trudy wants to read messages that are being sent between Alice and Bob, where Alice and Bob use the Diffie-Hellman key exchange. 1. Trudy chooses an exponent t, it can compute = gt mod n because g and n is publicly known. 2. then Trudy intercepts and and sends to both Alice and Bob. 3. Alice believes came from Bob, and Bob believes came from Alice. 4. Now Trudy computes KA = (gx)tmod p and KB = (gy)t mod p . 5. Alice, also compute KA = (gt)xmod p. Similarly, Bob computes KB = (gt)ymod p. 6. when Aliceb sends a message to Bob (encrypted with KA) ,Trudy can intercept it, decrypt it and re-encrypt it (or encrypt a different message) with KB before sending it on to Bob. In this manner, Trudy can read (and alter, if she so desires) all messages between Alice and Bob, and neither Alice nor Bob will suspect that there is any problem. Key Exchange without Exchanging Keys If Alice wants to communicate with Bob, 1. she retrieve Bobs public key and generate their shared secret key. 2. She encrypt a message with that key and send it to Bob. 3. Bob would retrieve Alices public key to generate the shared secret key. 4. Each pair of users would have a unique secret key, and no prior communication between users is required. The public keys have to be certified to prevent spoofing attacks and should be changed regularly, but otherwise this is a pretty clever idea. Symmetric is fast and efficient. Sym have problem with key exchange