Brief introduction to cryptography
with
interactive RSA demo
Hannes Korte
email@hkorte.com
Algorithms & Data Challenges Berlin Meetup 2014-02-27
Substitution ciphers
Caesar cipher
- Very old and very simple
- Shift letters in an alphabet
- Examples with key = 3:
| Plaintext: |
ABCDEFGHIJKLMNOPQRSTUVWXYZ |
| Ciphertext: |
DEFGHIJKLMNOPQRSTUVWXYZABC |
| Plaintext: |
the quick brown fox jumps over the lazy dog |
| Ciphertext: |
QEB NRFZH YOLTK CLU GRJMP LSBO QEB IXWV ALD |
- Vulnerable to frequency analysis attacks
Frequency analysis
The shift in the distribution is the key of a caesar cipher
Substitution ciphers (2)
Vigenère cipher
- First mention in the 16th century
- Combine several Caesar ciphers in sequence
with different shift values
-
| Plaintext: |
ATTACKATDAWN |
| Key: |
LEMONLEMONLE |
| Ciphertext: |
LXFOPVEFRNHR |
- Still vulnerable to frequency analysis attacks:
find out the key length
Kerkhoffs' Principle
“A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.”
Problem of every symmetric cipher:
How to get the key to the recipient?
- Previously shared secret
- Common knowledge: date, etc.
- Codebooks
Asymmetric cryptography!
- Two keys: one is public, one is secret
- the public one for encryption, the secret one for decryption
- One-way function
- Slower than symmetric ciphers
- Usually used to transmit the key of a symmetric cipher
Hybrid cryptosystem
- 1976: Diffie-Hellman key exchange
- 1977: Ron Rivest, Adi Shamir and Leonard Adleman: RSA
- 1984: ElGamal encryption system
RSA key generation
- Choose two distinct prime numbers $p$ and $q$
- Compute $n = pq$
- Compute $\varphi(n) = \varphi(p)\varphi(q) = (p − 1)(q − 1)$
- Choose an integer $e$ such that
$1 < e < \varphi(n)$ and $gcd(e, \varphi(n)) = 1$
-
Compute $d$ as the multiplicative inverse of $e$
| $d$ |
$≡ e^{−1}$ |
$\pmod{\varphi(n)}$ |
| $e d$ |
$≡ 1$ |
$\pmod{\varphi(n)}$ |
RSA trick
- Set message $\,m\,$ such that $\,0 \leq m \lt n$
- Encryption: $\,c = m^e \mod{n}$
- Decryption: $\,m = c^d \mod{n}$
-
| $m$ |
$= (m^e)^d$ |
$\mod{n}$ |
|
$= m^{ed}$ |
$\mod{n}$ |
|
$= m^{1\mod{\varphi(n)}}$ |
$\mod{n}$ |
| $m$ |
$= m$ |
|
RSA encryption
- Get recipient's public key $(n, e) = ($$,\,$$)$
- Set message $\,m =$
-
| $c$ |
$= m^e \mod{n}$ |
|
$=\ $ $\mod{}$ |
|
$=\ $ $\,-\,($$\,\cdot\,$$)$
|
|
$=\ $ $\,-\,$ |
|
$=\ $ |
RSA decryption
- Take recipient's private key $(n, d) = ($$,\,$$)$
- Receive ciphertext $\,c =$
-
| Compute message $\,m'$ |
$= c^d \mod{n}$ |
|
$=\ $ $\mod{}$ |
|
$=\ $ |
RSA decryption
- Take recipient's private key $(n, d) = ($$,\,$$)$
- Receive ciphertext $\,c =$
-
| $m'$ |
$= c^d \mod{n}$ |
|
$=\ $ $\mod{}$ |
|
$=\ $ $\,-\,($$\,\cdot\,$$)$
|
|
$=\ $ $\,-\,$ |
|
$=\ $ |
RSA signing
- Sender:
- Compute the hash $\,h = \text{hash}(m)$
- Compute signature $\,s = h^d \mod{n}$
- Send the signature $s$ together with the (possibly) encrypted message to the recipient
- Recipient:
- Compute the hash $\,h = \text{hash}(m)$
(using the same hash function)
- Reconstruct the hash from the signature $\,h' = s^e \mod{n}$
- Verify that $\,h = h'$
Thanks!
Hannes Korte
email@hkorte.com