Transcript lecture3.1 - Computer and Information Sciences

Lecture 3.1: Public Key Cryptography I
CS 436/636/736
Spring 2012
Nitesh Saxena
Course Administration
• HW1 posted – due at 11am on Feb 06
– Any questions?
• Regarding programming portion of the
homework
– Submit the whole modified code that you used to
measure timings
– Comment the portions in the code where you
modified the code
• Include a small “readme” for us to understand this
2
Course Administration
• No class this Thursday (Jan 26)
– Giving an invited colloquium seminar in the
Computer Science Department at Brown
University
– However, this will not affect our overall course
schedule and topic coverage
• No office hour on Thursday
– Moved to Tuesday 4-5pm
3
Outline of Today’s Lecture
• Public Key Crypto Overview
• Some Number Theory
4
Recall: Private Key/Public Key Cryptography
• Private Key: Sender and receiver share a
common (private) key
– Encryption and Decryption is done using the
private key
– Also called conventional/shared-key/single-key/
symmetric-key cryptography
• Public Key: Every user has a private key and a
public key
– Encryption is done using the public key and
Decryption using private key
– Also called two-key/asymmetric-key cryptography
5
Private key cryptography revisited.
• Good: Quite efficient (as you’ll see from the HW#2
programming exercise on AES)
• Bad: Key distribution and management is a serious
problem – for N users O(N2) keys are needed
6
Public key cryptography model
• Good: Key management problem potentially simpler
• Bad: Much slower than private key crypto (we’ll see later!)
7
Public Key Encryption
• Two keys:
– public encryption key e
– private decryption key d
•
•
•
•
Encryption easy when e is known
Decryption easy when d is known
Decryption hard when d is not known
We’ll study such public key encryption schemes; first
we need some number theory.
8
Public Key Encryption: Security
Notions
• Very similar to what we studied for private key
encryption
– What’s the difference?
9
Group: Definition
(G,.) (where G is a set and . : GxGG) is said to be a
group if following properties are satisfied:
1. Closure : for any a, b  G, a.b G
2. Associativity : for any a, b, c  G, a.(b.c)=(a.b).c
3. Identity : there is an identity element such that a.e =
e.a = a, for any a  G
4. Inverse : there exists an element a-1 for every a in G,
such that a.a-1 = a-1.a = e
Abelian Group: Group which also satisfies
commutativity , i.e., a.b = b.a
10
Groups: Examples
• Set of all integers with respect to addition -(Z,+)
• Set of all integers with respect to
multiplication (Z,*) – not a group
• Set of all real numbers with respect to
multiplication (R,*)
• Set of all integers modulo m with respect to
modulo addition (Zm, “modular addition”)
11
Divisors
• x divides y (written x | y) if the remainder is 0
when y is divided by x
– 1|8, 2|8, 4|8, 8|8
• The divisors of y are the numbers that divide y
– divisors of 8: {1,2,4,8}
• For every number y
– 1|y
– y|y
12
Prime numbers
• A number is prime if its only divisors are 1 and
itself:
– 2,3,5,7,11,13,17,19, …
• Fundamental theorem of arithmetic:
– For every number x, there is a unique set of
primes {p1, … ,pn} and a unique set of positive
exponents {e1, … ,en} such that
x  p1
e1
* ... *
pn
en
13
Common divisors
• The common divisors of two numbers x,y are
the numbers z such that z|x and z|y
– common divisors of 8 and 12:
• intersection of {1,2,4,8} and {1,2,3,4,6,12}
• = {1,2,4}
• greatest common divisor: gcd(x,y) is the
number z such that
– z is a common divisor of x and y
– no common divisor of x and y is larger than z
• gcd(8,12) = 4
14
Euclidean Algorithm: gcd(r0,r1)
Main idea: If y = ax + b then gcd(x,y) = gcd(x,b)
r0  q1r1  r2
r1  q2 r2  r3
...
rm  2  qm 1rm 1  rm
rm 1  qm rm  0
gcd( r0 , r1 )  gcd( r1 , r2 )  ...  gcd( rm 1 , rm )  rm
15
Example – gcd(15,37)
• 37 = 2 * 15 + 7
• 15 = 2 * 7 + 1
• 7=7*1+0
 gcd(15,37) = 1
16
Relative primes
• x and y are relatively prime if they have no
common divisors, other than 1
• Equivalently, x and y are relatively prime if
gcd(x,y) = 1
– 9 and 14 are relatively prime
– 9 and 15 are not relatively prime
17
Further Reading
• Chapter 4 of Stallings
• Chapter 2.4 of HAC
18