ADVANCED NETWORK SECURITY

Lecture 7 – Public Key/Asymmetric Cryptography

M UHAMMAD Z ESHAN Q URASHI

D EPARTMENT OF C OMPUTER S CIENCE
F UUAST,I SLAMABAD
Background
Traditional private/secret/single key cryptography uses one key shared by both sender and
receiver
If this key is disclosed all communications are compromised
Also is symmetric, parties are equal, hence does not protect sender from receiver forging a
message & claiming is sent by sender

07-Jan-20 ADVANCED NETWORK SECURITY 2

Public Key Cryptography
Probably most significant advance in the 3000 year history of cryptography
Uses two keys – a public & a private key
Asymmetric since keys are not the same
Uses clever application of number theoretic concepts to function
Complements rather than replaces private key crypto

07-Jan-20 ADVANCED NETWORK SECURITY 3

Public-key/two-key/asymmetric cryptography involves the use of two keys:
◦ a public-key, which may be known by anybody, and can be used to encrypt messages, and verify
signatures
◦ a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures

Is asymmetric because
◦ Keys that encrypt messages or verify signatures cannot decrypt messages or create
signatures

07-Jan-20 ADVANCED NETWORK SECURITY 4

Public Key Encryption/Decryption

07-Jan-20 ADVANCED NETWORK SECURITY 5

Why Public Key Crypto
Developed to address two key issues:
◦ Key distribution – how to have secure communications in general without having to trust a KDC with
your key

◦ Digital signatures – how to verify a message comes intact from the claimed sender

◦ Can also be used for secrecy or confidentiality for encryption/decryption

07-Jan-20 ADVANCED NETWORK SECURITY 6

Public Key Crypto Characteristics
Public-Key algorithms rely on two keys with the characteristics that it is:
◦ Computationally infeasible to find decryption (private) key knowing only algorithm & encryption
(public) key

◦ Either of the two related keys can be used for encryption, with the other used for decryption (in
some schemes)

07-Jan-20 ADVANCED NETWORK SECURITY 7

Public Key Cryptosystem

07-Jan-20 ADVANCED NETWORK SECURITY 8

Some Schemes/Algorithsm & History
Some algorithms
◦ Diffie-Hellman, 1976, key-exchange based on discrete logs
◦ Merkle-Hellman, 1978, based on “knapsack problem”
◦ McEliece, 1978, based on algebraic coding theory
◦ RSA, 1978, based on factoring
◦ Rabin, 1979, security can be reduced to factoring
◦ ElGamal, 1985, based on discrete logs
◦ Blum-Goldwasser, 1985, based on quadratic residues
◦ Elliptic curves, 1985, discrete logs over Elliptic curves
◦ Chor-Rivest, 1988, based on knapsack problem
◦ NTRU, 1996, based on Lattices
◦ XTR, 2000, based on discrete logs of a particular field

07-Jan-20 ADVANCED NETWORK SECURITY 9

Diffie-Hellman Key Exchange
First public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of
public key concepts
◦ The concept was secretly proposed in 1970

A practical method for exchange of a secret key in public environments

Creates a common secret key using public communications
Used in a number of commercial products

07-Jan-20 ADVANCED NETWORK SECURITY 10

Diffie-Hellman Key Exchange
Bob
Alice A
Public Parameters: B
large prime q
Choose a secret XA primitive root a
Choose a secret XB
XA
Compute YA = a mod q
Send YA

XB
Compute YB = a mod q
Send YB
Shared Key Nobody can calculate k given
X q, a, YA, and YB Shared Key
KAB = YB A
KAB = YA XB
XBXA
=a mod q XAXB
=a mod q

07-Jan-20 ADVANCED NETWORK SECURITY 11

Diffie-Hellman Setup
All users agree on global parameters:
◦ large prime integer or polynomial q
◦ a being a primitive root of q
each user (eg. A) generates their keys
◦ chooses a secret key (number): xA < q
xA
◦ compute their public key: yA = a mod q
each user publish their public key yA

07-Jan-20 ADVANCED NETWORK SECURITY 12

Diffie-Hellman Key Exchange
shared session
x x
key for users A & B is KAB:
KAB = a A. B mod q
xB
= yA mod q (which B can compute)
x
= yB A mod q (which A can compute)
KAB is used as session key in private-key encryption scheme
between Alice and Bob
if Alice and Bob subsequently communicate, they will have the same
key as before, unless they choose new public-keys
attacker needs an x, must solve discrete log

07-Jan-20 ADVANCED NETWORK SECURITY 13

DH Example
users Alice & Bob who wish generate a common key using DH:
Agree on prime q=353 and a=3
Select random secret keys:
◦ A chooses xA=97, B chooses xB=233
compute
97
respective public keys:
◦ yA=3 mod 353 = 40 (Alice)
233
◦ yB=3 mod 353 = 248 (Bob)
compute shared
x
session key as:
97
◦ KAB= yB A mod 353 = 248 = 160 (Alice)
x 233
◦ KAB= yA B mod 353 = 40 = 160 (Bob)

07-Jan-20 ADVANCED NETWORK SECURITY 14

Brute Force on DH
Attacker interest is in
97
◦ yA=3 mod 353 = 40 (Alice)
233
◦ yB=3 mod 353 = 248 (Bob)

Attacker can determine them by solving

3a mod 353 = 40 or the equation 3b mod 353 = 248
The brute-force approach is to calculate powers of 3 modulo 353, stopping when the
result equals either 40 or 248. The desired answer is reached with the exponent value of
97, which provides 397 mod 353 = 40.
With larger numbers, the problem becomes impractical.

07-Jan-20 ADVANCED NETWORK SECURITY 15

 Man-in-the-middle Attack
Attacker B
A
1.Generates two random private keys XD1 and
XD2 and then computing the corresponding public
2. Alice transmits YA to Bob keys YD1 and YD2

3. intercepts YA and transmits YD1 to Bob

pretending to be Alice. Attacker also calculates
K2 = (YA )^ XD2 mod q 4. Bob receives YD1 and
7. Alice receives YD2 and calculates K1=(YD1 )^ XB mod q
calculates K2=(YD2 )^ XA
mod q 5. Bob transmits YB to Alice
6. Intercepts YB and transmits YD2 to Alice
pretending to be Bob. He also calculates
K1=(YB )^ XD1 mod q

Attacker can eavesdrop and modify messages

07-Jan-20 ADVANCED NETWORK SECURITY 16

Some Math – Prime Factorization
to factor a number n is to write it as a product of other numbers: n = a × b × c
note that factoring a number is relatively hard compared to multiplying the factors together
to generate the number
the prime factorisation of a number n is when its written as a product of primes
◦ eg. 91=7×13 ; 3600=24×32×52

07-Jan-20 ADVANCED NETWORK SECURITY 17

Relatively Prime Numbers & GCD
two numbers a,b are relatively prime if they have no common divisors apart from 1
◦ eg. 8 & 15 are relatively prime since factors of 8 are 1,2,4,8 and of 15 are 1,3,5,15 and 1 is the only
common factor

conversely we can determine the greatest common divisor by comparing their prime
factorizations and using least powers
◦ 300 = 22×31×52
◦ 18 = 21×32 hence
◦ GCD(18,300)=21×31×50=6

07-Jan-20 ADVANCED NETWORK SECURITY 18

Euler Totient Function - ø(n)
For a given positive integer n, how many smaller positive integers, relative to it, are
prime?

when doing arithmetic modulo n

complete set of residues is: 0..n-1
reduced set of residues is those numbers (residues) which are relatively prime to n
◦ eg for n = 10,
◦ complete set of residues is {0,1,2,3,4,5,6,7,8,9}
◦ reduced set of residues is {1,3,7,9}
number of elements in reduced set of residues is called the Euler Totient Function
ø(n)

07-Jan-20 ADVANCED NETWORK SECURITY 19

Euler Totient Function - ø(n)
to compute ø(n) need to count number of elements to be excluded
For Prime numbers:
◦ for p (p prime) ø(p) = p-1
◦ for p.q (p,q prime) ø(p.q) = (p-1)(q-1)

eg.
◦ ø(37) = 36
◦ ø(21) = (3–1)×(7–1) = 2×6 = 12

Ø(27) = ??
Ø(189) = ??

07-Jan-20 ADVANCED NETWORK SECURITY 20

RSA
by Rivest, Shamir & Adleman of MIT in 1977
best known & widely used public-key scheme
uses large integers (eg. 1024 bits)

07-Jan-20 ADVANCED NETWORK SECURITY 21

RSA Key Setup
each user generates a public/private key pair by:
selecting two large primes at random: p,q
computing their system modulus N = p.q
◦ note ø(N)=(p-1)(q-1)
selecting at random, the encryption key e
◦ where 1<e<ø(N), gcd(e,ø(N))=1
solve following equation to find decryption key d
◦ e.d=1 mod ø(N) and 0≤d≤N
publish their public encryption key: KU={e,N}
keep secret private decryption key: KR={d,p,q}

07-Jan-20 ADVANCED NETWORK SECURITY 22

RSA Encryption/Decryption
To encrypt a message M the sender:
◦ obtains public key of recipient KU={e,N}
◦ computes: C=Me mod N, where 0≤M<N

to decrypt the ciphertext C the owner:

◦ uses their private key KR={d,p,q}
◦ computes: M=Cd mod N

note that the message M must be smaller than the modulus N (block if needed)

07-Jan-20 ADVANCED NETWORK SECURITY 23

 RSA Example
1. Select primes: p = 17 & q = 11
2. Compute n = pq = 17×11 = 187
3. Compute ø(n)=(p–1)(q-1)= 16×10 = 160
4. Select e : gcd(e,160) = 1; choose e = 7
5. Determine d: d.e = 1 mod 160 and d < 160; d = 23 since 23×7 = 161
6. Publish public key KU={7,187}
7. Keep secret private key KR={23,17,11}

given message M = 88 (88<187)

encryption:
C = 887 mod 187 = 11 decryption: M = 1123 mod 187 = 88

07-Jan-20 ADVANCED NETWORK SECURITY 24

Why RSA Works
◦ Since e.d = 1 mod ø(N)
◦ As, C = Me mod N
◦ And, M = Cd mod N
◦ So M = (Me)d mod N
◦ Thus, M = M1 mod N = M

07-Jan-20 ADVANCED NETWORK SECURITY 25

Assignment
Demo time: Max. 30 minutes Demo of Major operations Save reports at home

1. Firewall – IPtables, Microsoft, Untangle, Baracuda WAF, ModSecurity WAF

2. IDS – Snort, Bro
3. Vulnerability Scanner: OpenVAS, Nessus, W3af, Nmap, Arachni
4. System Exploitation: Metasploit
5. Information Gathering: Google Hacking Database (GHDB), Maltego
6. Social Engineering: Social Engineering Toolkit (SET)
7. Password Cracking (at least 2): Cain, John the Ripper, L0phtCrack

07-Jan-20 ADVANCED NETWORK SECURITY 26