Unit 3: Cryptography

Topics:

Asymmetric Key Algorithms, Digital Signatures and RSA: Introduction, History and Overview of Asymmetric Key
Cryptography, The RSA Algorithm, Symmetric and Asymmetric Cryptography, Digital Signatures, Knapsack and
other Algorithms.

Que. 1: What are applications of RSA algorithm? Explain steps of RSA Algorithm.

The RSA algorithm is a widely used public-key cryptography algorithm that is named after its inventors, Ron Rivest, Adi Shamir, and Leonard Adleman. The algorithm is used to secure communication, digital signatures, and encryption of sensitive data. Here are some specific applications of RSA:

• Secure Communication: RSA is widely used in secure communication protocols, such as SSL/TLS, SSH, and IPSec. These protocols are used to secure communication between two parties and ensure that the data exchanged is kept confidential and protected from any eavesdropping attempts. RSA algorithm is used in these protocols to encrypt the symmetric keys that are used for encrypting and decrypting messages.
• Digital signatures: RSA is also used for creating digital signatures, which can be used to verify the authenticity of digital documents or messages. In this application, the sender of the message creates a digital signature using their private key, and the receiver verifies the signature using the sender’s public key.
• Encryption of sensitive data: RSA is also used for encrypting sensitive data, such as credit card information, passwords, and personal identification information. The encryption ensures that only authorized parties can access the sensitive data, and helps prevent data breaches and identity theft.
• Key exchange: RSA can be used for key exchange between two parties who want to establish a secure communication channel. In this application, the two parties exchange their public keys and use them to derive a shared secret key for encrypting and decrypting messages.
• Software and Data Security: RSA is also used for software and data security applications. In this application, RSA keys are used to authenticate software, and the software is encrypted using the keys. Only authorized users can decrypt and use the software. RSA keys are also used to secure data stored on servers and hard drives.

RSA algorithm is a powerful tool for securing communication, protecting sensitive data, and ensuring the authenticity of digital documents and messages. The algorithm is widely used in many different applications, including secure communication protocols, digital signatures, encryption of sensitive data, key exchange, and software and data security.

Steps of RSA Algorithm:

1. Select two large prime numbers, P and Q.
2. calculate N=PxQ
3. Select the public key (i. e. the encryption key) E such that it is not factor of (P-1) and (Q-1)
4. Select the private key (i.e. the decryption key) D such that the following equation is true:
   • (DxE)mod (P-1)x(Q-1)=1
5. For encryption, calculate the cipher text cr from the plain text PT as follows:
   • CT= PT^E mod N
6. Send CT as the cipher text to the reciver
7. For decryption, calculate the plain text PT from the cipher text CT as follows:
   • PT = CT^D mod N

Also Check : Unit-4-cryptography

Que. 2: Explain Symmetric and Asymmetric Cryptography with diagram.

Cryptography is a method of using advanced mathematical principles in storing and transmitting data in a particular form so that only those whom it is intended can read and process it.

What is Symmetric Cryptography?

Symmetric cryptography is a type of encryption where the same secret key is used for both encryption and decryption of messages. The sender of the message uses a secret key to convert the original message into an unreadable format called ciphertext, which can only be read by someone who has the same secret key. The receiver of the message uses the same secret key to decrypt the ciphertext and recover the original message.

Symmetric cryptography is often used in situations where there is a need for secure communication between two parties. The advantages of symmetric cryptography include its speed and efficiency in encrypting large amounts of data, while its main disadvantage is the need for secure key management. The sender and receiver must agree on a secure way to exchange the secret key before any communication can take place. Additionally, symmetric cryptography is not suitable for applications where there are multiple senders and receivers, as each pair of sender and receiver needs a separate key.

What is Asymmetric Cryptography?

Asymmetric cryptography, also known as public-key cryptography, is a type of encryption where a pair of mathematically related keys are used for encryption and decryption of messages. One key is a public key that can be shared with anyone, while the other key is a private key that should be kept secret by the owner.

When someone wants to send a message to the owner of the public key, they encrypt the message using the public key. Once the message is encrypted, it can only be decrypted using the corresponding private key. The owner of the private key can then decrypt the message and read its contents.

Asymmetric cryptography is often used in situations where there is a need for secure communication between multiple parties. It allows for secure communication without the need for a pre-shared secret key. The advantages of asymmetric cryptography include its ability to securely exchange the public keys without compromising the security of the system. However, asymmetric cryptography can be slower than symmetric cryptography, and it is generally less efficient at encrypting large amounts of data.

Que. 3: What are importance and application of Digital Signatures?

Digital signatures cryptography is an essential tool for securing electronic transactions, and it has many applications across different industries. Here are some of the importance and applications of digital signatures cryptography:

1. Authentication: Digital signatures can be used to verify the identity of the sender of a message, document, or electronic transaction. The recipient can be sure that the message or transaction is authentic and has not been altered during transmission.
2. Non–repudiation: Digital signatures provide a way to ensure that the sender of a message cannot deny sending it. Once a digital signature is attached to a message or transaction, it cannot be repudiated.
3. Integrity: Digital signatures can be used to ensure the integrity of a message or transaction. If a message or transaction is tampered with, the digital signature will be invalidated, alerting the recipient that the message or transaction has been compromised.
4. Legal validity: Digital signatures are legally binding in many countries and can be used to sign legally binding contracts and documents.
5. Security: Digital signatures cryptography provides a high level of security for electronic transactions, ensuring that messages or transactions cannot be intercepted or altered by unauthorized parties.
6. Efficiency: Digital signatures can be used to streamline business processes, eliminating the need for paper-based signatures and reducing administrative costs.

Applications of digital signatures cryptography include:

1. Electronic banking: Digital signatures are used to secure online banking transactions, including money transfers, bill payments, and account management.
2. E-commerce: Digital signatures are used to secure online transactions, including online purchases and payments.
3. Government services: Digital signatures are used to sign and authenticate government documents, including tax forms, passports, and permits.
4. Healthcare: Digital signatures are used to sign and authenticate electronic medical records and prescriptions.
5. Legal services: Digital signatures are used to sign and authenticate legal documents, including contracts, deeds, and wills.

Digital signatures cryptography is a critical component of secure electronic transactions, and its importance and applications cut across various industries. It provides authentication, non-repudiation, integrity, legal validity, security, and efficiency, making it an indispensable tool for securing electronic communication and transactions.

Que. 4: Explain steps of Digital Signatures with diagram.

Digital signatures are a crucial component of modern cryptography and are used to provide authentication, integrity, and non-repudiation for electronic messages and documents. The following are the detailed steps involved in creating and verifying digital signatures:

Creating a Digital Signature:

1. Create the message: The sender creates the message or document that needs to be signed. This can be done using any text editor or word processor.
2. Hash the message: The message is then hashed using a one-way cryptographic hash function. This produces a fixed-length string of characters that uniquely represents the message. The hash function used should be collision-resistant, which means that it should be difficult to find two different messages that produce the same hash value.
3. Sign the hash: The sender signs the hash value using their private key. This produces the digital signature, which is a string of characters that is unique to the message and the sender. The signing process involves encrypting the hash value with the sender’s private key. This ensures that only the sender can create the signature, as they are the only ones who have access to their private key.
4. Attach the signature to the message: The digital signature is then attached to the message or document. This can be done using a software application that supports digital signatures. The signature can be added as a separate attachment or embedded within the document.

Verifying a Digital Signature:

1. Retrieve the message and the signature: The recipient retrieves the message and the attached digital signature. If the signature is embedded within the document, the recipient should extract it using the appropriate software application.
2. Hash the message: The recipient hashes the message using the same hash function that was used by the sender. This produces a hash value that should match the one that was signed by the sender.
3. Decrypt the signature: The recipient decrypts the digital signature using the sender’s public key. This produces the original hash value that was signed by the sender.
4. Compare the hash values: The recipient compares the hash value that was produced by hashing the message with the hash value that was decrypted from the digital signature. If the two values match, then the signature is valid, and the message has not been tampered with. If the hash values do not match, then the signature is invalid, and the message may have been altered or forged.

Que. 5: Explain Knapsack Algorithms in context of security.

Actually, Ralph Merkle and Martin Hellman developed the first algorithm for public-key encryption, called the Knapsack algorithm. It is based on the Knapsack problem. This is actually a simple problem. Given a pile of items, each with different weights, is it possible to put some of them in a bag (i.e. knapsack) in such a way that the knapsack has a certain weight?

That is, if M1, M2, …, Mn are the given values and S is the sum, find out bi so that:
S = b1M1 + b2M2 + … + bnMn
Each bi can be 0 or 1. A 1 indicates that the item is in the knapsack, and a 0 indicates that it is not. A block of plain text equal in length to the number of items in the pile would select the items in the knapsack. The cipher text is the resulting sum. For example, if the knapsack is 1, 7, 8, 12, 14, 20 then the plain text and the resulting cipher text is as shown in Fig.

The basic idea behind the knapsack algorithm is to create a set of numbers that can be used as a private key for encryption. This set of numbers is derived from a superincreasing sequence of integers, which is a sequence where each number is greater than the sum of all the previous numbers in the sequence. This superincreasing sequence of numbers is then combined with a multiplier and a modulus to create a public key, which can be shared with others for encryption purposes.

To encrypt a message using the knapsack algorithm, the message is converted into binary format, and each binary digit is multiplied by a corresponding element of the superincreasing sequence. The resulting values are then added together to create the encrypted message.

Que. 6: Explain DSA Asymmetric Key Algorithms.

Digital Signatures Algorithm is a FIPS (Federal Information Processing Standard) for digital signatures. It was proposed in 1991 and globally standardized in 1994 by the National Institute of Standards and Technology (NIST).

DSA Algorithm provides three benefits, which are as follows:

• Message Authentication: You can verify the origin of the sender using the right key combination.
• Integrity Verification: You cannot tamper with the message since it will prevent the bundle from being decrypted altogether.
• Non-repudiation: The sender cannot claim they never sent the message if verifies the signature.

The DSA cycle follows these three main steps to complete the process:

• Key Generation: The process relies on the concept of modular exponentiation to obtain private (x) and public (y) keys that satisfy the mathematical conditions of 0 < x < q and y = gx mod p. Where q is a prime divisor, p is a prime number, and g satisfies these g**q mod p = 1 and g = h**((p–1)/q) mod p conditions. Thus creating private and public key packages {p,q,g,x} and {p,q,g,y}.
• Signature Generation: A hashing algorithm generates a message digest, which is passed as an input to a signing function to create two variable outputs, r and s, packaged as signature {r,s} such that the message and these variables are sent as a bundle to the receiver.
• Signature Verification: The process uses the hashing function to output the digest and incorporates variable s with other parameters from the key generation step to produce the verification component v. The verification function compares the calculated variable v against parameter r from the {M,s,r} bundle.

The DSA algorithm makes use of the following variables:

p = A prime number of length L bits. L = A multiple of 64 between 512 and 1024 (i.e. L = 512 or 576 or 640 or … 1024). In the original standard, p was always 512 bits long. This led to a lot of technical critisism, and was changed by NIST.
q = A 160-bit prime factor of (p – 1).
g = h^{(p – 1) / q} mod p, where h is a number less than (p – 1) such that h^{(p – 1) / q} mod p is greater than 1. x = A number less than q.
y = g^x mod p.
H = Message-digest algorithm (usually SHA-1). The first three variables, p, q and g are public in nature, and can be sent across an insecure network freely. The private key is x, whereas the corresponding public key is y.

Advantages of DSA :

• Highly Robust: DSA is highly robust in the security and stability aspect compared to alternative signature verification algorithms.
• Better Speed: The key generation is much faster compared to the RSA algorithm and such.
• Less Storage: DSA requires less storage space to work its entire cycle.
• Patent Free: When NIST released it, it was patent-free to enable its global use free of cost.

Disadvantages of DSA :

• Limited Key Length: DSA has limited key lengths, which limit its use in specific applications.
• Rigid Key Management: Key management is rigid and requires specific key lengths.
• Limited Digital Certificate Support: DSA does not support certificates, which limits its use in specific applications.
• Incremental signature algorithm: DSA is not an incremental signature algorithm, meaning it cannot be updated or changed once a signature is generated.
• Relatively new: DSA is a relatively new algorithm and has not been extensively studied or vetted like some of the more established algorithms.
• Impact on storage and transmission: DSA signatures can be larger than signatures created with other algorithms, which can impact storage and transmission efficiency.

Example :

Let us assume that the sender wants to sign a message m and send the signed message to the receiver. Then, the following steps take place.
(a) The sender generates a random number k, which is less than q.
(b) The sender now calculates:
● r = (g^k mod p) mod q
● s = (k^–1 (H(m) + xr)) mod q
The values r and s are the signatures of the sender. The sender sends these values to the receiver.
To verify the signature, the receiver calculates:
(c) w = s^–1 mod q
u1 = (H(m) * w) mod q
u2 = (rw) mod q
v = ((g^u1 * y^u2) mod p) mod q
If v = r, the signature is said to be verified. Otherwise, it is rejected.