Chapter 9
RSA Algorithm
ciphertext = plaintext block ^e mod n M or the plaintext block = ciphertext^d mod n
Key distribution
how to have secure communication in general without having to trust a KDC with your key
digital signatures
how to verify that a message comes intact from the claimed sender
A one-way function
is one that maps a domain into a range such that every function value has a unique inverse, with the condition that the calc of the function is easy, whereas the calc of the inverse is infeasible
Which of public-key cryptosystems' categories can the Diffie-Hellman Algo be used for
only key exchange not digital sig or encryption/decrypt
Which of the public key cryptosystem's categories can the DSS Aglo be used for
only the digital signature not the encrypt/decrypt or key exchange
a practical public-key scheme depends on a
suitable trap-door won-way funciton
t or f: the defense against the brute-force approach for RSA is to use a large key space
true
Asymmetric Keys
two related keys, a public key and a private key that are used to perform complementary operations, such as encryption and decryption or signature generation and signature verification
key exchange
two sides cooperate to exchange a session key
digital signture forces the sender to
"sign" a message w/ its private key
Conditions which algorithms for the public-key requirements must fulfill
-It is computationally easy for a party B to generate a pair (public-key PUb, private key PRb) -It is computationally easy for a sender A, knowing the public key and the message to be encrypted, to generate the corresponding ciphertext -It is computationally easy for the receiver B to decrypt the resulting ciphertext using the private key to recover the original message -It is computationally infeasible for an adversary, knowing the public key, to determine the private key -It is computationally infeasible for an adversary, knowing the public key and a ciphertext, to recover the original message -The two keys can be applied in either order -trap-door one-way function
Public-Key Cryptanalysis
-probable-message attack -brute-force -find some way to compute the private key given the public key
two of the most difficult problems associated with symmetric encryption: (these are what the concept of public-key cryptography evolved from)
1. Key distribution 2. Digital signatures
Public Key (Asymmetric) Cryptography Algorithm
A cryptographic algorithm that uses two related keys (private key and private key). The two keys have the property that deriving the private key from the public key is computationally unfeasible.
Elliptic curve algo can be used for which of public key cryptosystems' categories
ALL
RSA Algorithm can be used for which of public-key cryptosystems' categories
ALL (encrypt/decrypt, digital sig, key exchange)
T/F public-key encryption is more secure from cryptanalysis than symmetric encryption
FALSE
true or false: asymmetric encryption can be used for confidentiality but not for authentication
FALSE
countermeasures to brute force attack of public-key enryption
It is computationally easy for a party B to generate a pair (public-key PUb, private key PRb) It is computationally easy for a sender A, knowing the public key and the message to be encrypted, to generate the corresponding ciphertext It is computationally easy for the receiver B to decrypt the resulting ciphertext using the private key to recover the original message It is computationally infeasible for an adversary, knowing the public key, to determine the private key It is computationally infeasible for an adversary, knowing the public key and a ciphertext, to recover the original message The two keys can be applied in either order
RSA Scheme (Rivest-Shamir-Adleman)
The most widely used general-purpose approach to public-key encryption - is a cipher where the plaintext and ciphertext are integers between 0 and n-1 for some n -makes use of an expression with exponentials -plaintext is encrypted in blocks with each block having a binary value less than some num n -both sender and reciever must know value of n - the sender knows the value of e (the power the plaintext block is raised) and the receiver knows the value of d
public key certificate
a digital document issued and digitally signed by the private key of a Certification Authority that binds the name of a subscriber to a public key. The certificate indicates that the subscriber identified in the certificate has sole control and access to the corresponding private key.
a trap door one way funciton is
a family of invertible functions
Public Key Infrastructure (PKI)
a set of policies, processes, server platforms, software and workstations used for the purpose of administering certificates and public-private key pairs, including the ability to issue, maintain, and revoke public key certificates.
Chosen ciphertext attack
an attack in which the adversary chooses a number of ciphertexts and is then given the corresponding plaintexts, decrypted with the target's private key. Thus, the adversary could select a plaintext, encrypt it with the target's public key, and then be able to get the plaintext back by having it decrypted with the private key
a public-key encryption scheme is vulnerable to a
brute force attack
public key cryptosystems can be classified into three categories:
1. encryption/decryption 2. digital signature 3. key exchange
Public-Key Encryption need two things to work:
1. one algo for encryption and a related algo for decryption with a pair of keys, one for encryption and one for decryption 2. the sender and receiver must each have one of the matched pair of keys (not the same one)
Public-key Encryption need three things for security:
1. one of the two keys must be kept secret 2. it must be impossible or at least impractical to decipher a mesage if one of the keys is kept secret 3. knowledge of the algorithm plus one of the keys plus samples of ciphertext must be insufficient to determine the other key
public key encryption scheme has six ingredients:
1. plaintext 2. encryption algorithm 3. public key 4. private key 5. ciphertext 6. decryption algorithm
Three requirements for RSA Algo:
1. possible to find values of e, d, n such that M^(ed) mod n = M for all M<n 2.
conventional encryption need these 3 things for security:
1. secret key 2. must be impossible or impractical to decipher a message if the key is kept secret 3. knowledge of the algo plus samples of ciphertext must be insufficient to determine the key
conventional encryption need these two things to work:
1. the same algo and key for both encryption and decryption 2. the sender and receiver must share the algorithm and the key
