Department of Computer Science

SRI VENKATESWARA UNIVERSITY

Tirupati 517502.
Phone: 9948501387 cheboluharikrishna@gmail.com

Seminar Report
On

NETWORK SECURITY

MASTER OF COMPUTER APPLICATIONS

By CH.HARI KRISHNA

PUBLIC KEY CRYPTOGRAPHY

1. INTRODUCTION TO CRYPTOGRAPHY: For the first few decades of their existence, computer networks were primarily used by university researches for sending email and by corporate employees for sharing printers. Under this condition, security did not get a lot of attention. But now, as millions of ordinary peoples are using networks for banking, shopping, and filling their tax returns, network security is looming on the horizon as potentially massive problem. The art of devising chippers (cryptography) and breaking them (cryptanalysis) is collectively known as cryptology. Cryptology is derived from Greek kriptos logos meaning hidden word. Cryptography deals with Science and study of secret writing Study of techniques and applications that on the existence of difficult problems Widely used for information security Cryptanalysis deals with Study of how to compromise (defeat) cryptographic mechanisms

2. SECURITY: Security is a broad topic and covers a multitude of sins. In its simplest form, it is concerned with making sure that nosy people cannot read, or worse yet, modify messages intended for other recipients. It is concerned with people trying to access remote services that they are not authorized to use. It also deals with the problems of legitimate message being captured and replayed, and with people trying to deny that they sent certain messages.

3. TYPES OF CRYPTOGRAPHIC_TECHIQUES: Cryptographic techniques are two types. They are Symmetric key cryptographic Asymmetric key cryptographic 1. Symmetric key cryptographic: Symmetric key cryptographic is also known as secret key cryptographic technique. In symmetric cryptography, the sender and receiver of a message know and use the same secret key; the sender uses the secret key to encrypt the message, and the receiver uses the same secret key to decrypt the message. This method is known as secret key cryptography.

2:Public key cryptography:

Public-key cryptosystems have two primary uses, encryption and digital signatures. In their system, each person gets a pair of keys, one called the public key and the other called the private key. The public key is published, while the private key is kept secret. The need for the sender and receiver to share secret information is eliminated, all communications involve only public keys, and no private key is ever transmitted or shared.

In this system, it is no longer necessary to trust the security of some means of communications. The only requirement is that public keys be associated with their users in a trusted (authenticated) manner (for instance, in a trusted directory). Anyone can send a confidential message by just using public information, but the message can only be decrypted with a private key, which is in the sole possession of the intended recipient. Furthermore, public-key cryptography can be used not only for privacy (encryption), but also for authentication (digital signatures) and other various techniques. In a public-key cryptosystem, the private key is always linked mathematically to the public key. Therefore, it is always possible to attack a public-key system by deriving the private key from the public key. Typically, the defense against this

is to make the problem of deriving the private key from the public key as difficult as possible. For instance, some public-key cryptosystems are designed such that deriving the private key from the public key requires the attacker to factor a large number, it this case it is computationally infeasible to perform the derivation. This is the idea behind the RSA public-key cryptosystem. In public key cryptography we use two keys. The public key is used for encryption and the private key is used for decryption. For this cryptography we use several algorithms. They are RSA, DH and etc. EX:

4. RSA ALGORITHM; Due to potential advantages of public key cryptography, many researchers are hard at work, and some algorithms have already been published. A group at M.I.T, called RSA algorithm, discovered one good method.

The keys for the RSA algorithm are generated the following way: Choose two distinct large random prime numbers p and q 2. Compute o is used as the modulus for both the public and private keys
1.

3. 4.

5.

Compute the totient: . Choose an integer e such that , and e and share no factors other than 1 (i.e. e and are coprime) o e is released as the public key exponent Compute d to satisfy the congruence relation , i.e., for some integer k.
o

d is kept as the private key exponent

Notes on the above steps:

Step 1: Numbers can be probabilistically for primality. Step 3: changed in PKCS#1v2.0to , where lcm is the least common multiple, instead of . Step 4: A popular choice for the public exponents is = 216 + 1 =65537. Some applications choose smaller values such as = 3, 5, 17 or 257 instead. This is done to make encryption and signature verification faster on small devices like smart cards but small public exponents can lead to greater security risks.

Steps 4 and 5 can be performed with the Extended Euclidean Algorithm, see modular arithmetic. The public key consists of the modulus and the public (or encryption) exponent. The private key consists of the modulus and the private (or decryption) exponent which must be kept secret.

For efficiency a different form of the private key can be stored: o and : the primes from the key generation, o and , o .

All parts of the private key must be kept secret in this form. and are sensitive since they are the factors of , and allow computation of given . If and are not stored in this form of the private key then they are securely deleted along with other intermediate values from key generation. Although this form allows faster decryption and signing by using the Chinese Remainder Theorem, it is considerably less secure since it enables side channel attacks. This is a particular problem if implemented on smart cards, which benefit most from the improved efficiency. (Start with y = xe(modn) and let the card decrypt that. So it computes yd(mod p) or yd(mod q) whose results give some value z. Now, induce an error in one of the computations. Then gcd(z x,n) will reveal p or q.)

Encryption Alice transmits her public key to Bob and keeps the private key secret. Bob then wishes to send message M to Alice. He first turns M into a number < by using an agreed-upon reversible protocol known as a padding scheme. He then computes the cipher text corresponding to: This can be done quickly using the method of exponentiation by squaring. Bob then transmits to Alice. Decryption Alice can recover from by using her private key exponent by the following computation: Given , she can recover the original message M. The above decryption procedure works because: .

Now, since , . The last congruence follows from Eulers theorem. This shows that we get the original message back: . A working example Here is an example of RSA encryption and decryption. The parameters used here are artificially small, but one can also use OpenSSL to generate and examine a real key pair. 1. Choose two prime numbers p = 61 and q = 53 2. Compute n = 61 * 53 = 3233
3. 4.

Compute the totient. Choose e > 1 coprime to 3120 e = 17

5.

Compute such that e.g., by computing the modular multiplicative inverse of e modulo : d = 2753 since 17 * 2753 = 46801 = 1 + 15 * 3120.

The public key is (n = 3233, e = 17). For a padded message the encryption function is:

The private key is (n = 3233, d = 2753). The decryption function is: For example, to encrypt m = 123, we calculate To decrypt c = 855, we calculate

Privacy using Public Cryptography:

Recipients Public Key Recipients Private Key

Clear Text

Originator

Encrypt

Cipher Text

Recipient

Decrypt

Clear Text

Now let us see if we can solve the problem of establishing a secure channel between A and B, who have never had any previous contact. Both As encryption key, E (A), and Bs encryption key, E (B), are assumed to be in a publicly readable file. (Basically, all users of the network are expected to publish their encryption keys as soon as they become network users.) Now A takes his first message, P, computes E (B) (P), and sends it to B. B then decrypts it by applying his secret key D (B) (i.e., he computed D (B) (E (B)(P)))=P). No one else can read the encrypted message, E (B)(P), because the encryption system is assumed strong and because it is too difficult to derive D (B) from the publicly known E (B). A and B can now communicate securely. Disadvantages of public key cryptography: 1. This cryptography is computationally intensive.

2. 100 time slower then private key cryptography.

Applications: 1. Secure e-mail and other communication. 2. Secure www transactions. Consumer merchant purchases. Online banking 3. business-to-business transactions. References

N. Ferguson; B. Schneier (2003). Practical Cryptography. J. Katz; Y. Lindell (2007). Introduction to Modern Cryptography. http://www.infosecwriters.com/text_resources/pdf/Public_Ke y_Cryptography_AMS.pdf.

5: Conclusion:
Thus we use different types of algorithms to establish security services in different services mechanisms. We use either private key cryptography or public key cryptography according to requirements. If we want to send messages quickly we use private key algorithms. If we want to send messages secretly we use public key algorithms.