## CSCI 2824: Lecture 12In this lecture, we will present applications of numbers to cryptography and talk about RSA. ## CryptographyWhat is cryptography? And why is it important? Crypto: So cryptography is the study of techniques for encrypting and decrypting secrets. With the advent of internet and the need to keep communications across networks secret, cryptography has emerged as an important discipline of computer science and a great application of advanced mathematical techniques to the field. ## ExampleImagine Alice and Bob wish to share a secret message between themselves. However, they cannot meet in person in a safe
place to do so. Let us suppose the secret message is
Let us suppose the secret society (or the government) is quite
interested in crashing Alice ## ExampleIn this scenario, let us say that Mr. Ty Coon would like to buy an oil rig in the middle of campus for . So he sends a message to the president of the university: Dear President, I intend to purchase mining rights to the oil reserves underneath your
campus for $100000.56 . Students and faculty can be hired to work in
this rig for a generous salary of I remains yours truly, Mr. Ty Coon How is the president to know that this important message is from Ty Coon himself as opposed to some student playing a prank?
In other words, is there a way that Ty Coon can sign the message so that everyone can ## WebAs commerce over www is widespread, people send money over the internet in the form of credit card numbers and payment instructions to banks. Agreements are digitally signed over the network and people log in to secret networks over VPN. All of these nice things are powered by cryptography. There are two basic types of cryptography: Private Key Cryptography. Public Key Cryptography.
## Private KeyPrivate key cryptography consists of encrypting a message using a secret password . Anyone possessing the password can then decrypt the message. Let us take an example of a very simple and naive private key algorithm using XOR. ## XORWarning: The XOR scheme here is very easily broken. So do not attempt this. Let us encode the message into bit chunks (eg., ascii characters). Example: Show me da money. The ascii codes are S = 83, h = 104,…. Therefore, the message can be represented as: . For simplicity, we can choose the password as a 8 bit string. Example: Each bit ascii character is encrypted as: where denotes bitwise XOR.
Similarly, other letters can be encoded in the same way. To decode, we then XOR the encoded message with the same password .
The main property of XOR that is being used here is for all . Therefore for message and password , However, XOR is very easy to crack. Since it translates every character to a different one: Eg., 'S’ (ascii 83) -> ascii 161, it is in effect a *transposition cipher*. It can be broken by analyzing the relative frequency of coded letters and comparing with frequency in the english language. E is the most commonly used letter, followed by A,O,I, and so on.Another type of attack is called known plaintext attack. Let us say we know the original message and the encrypted version somehow, we can guess the password simply as .
Therefore, XOR is a naive scheme to use. ## DESDES stands for ## Public Key CryptographyPublic key cryptography is very interesting idea that was first invented by British intelligence in the late 60s but kept a secret. It was rediscovered and publicized by Rivest, Shamir and Adelman (RSA) in 1975. Since then it has been a key achievement of number theory in computer science. ## Basic idea behind public key cryptographyOne can imagine a cryptosystem as a lock that protects a secret. Private key cryptography can be thought of as a traditional lock and key system. The key is the password and if one has the key or can forge one, then one can break into the contents of the box by opening the lock. Public key cryptosystems are much more interesting. Imagine a lock with two types of keys: a private key that only one person has access to (ideally) and a public key that anyone can obtain. Imagine the lock as operating in one of two ways: -
If locked with a private key, it can be opened with a public key by anyone. If locked with a public key, it can be opened by a person with a private key.
How can such a scheme help? ## ExampleRecall the secret message Alice wishes to send Bob:
## ExampleSuppose Ty Coon writes the letter:
Is there a way that Ty Coon can sign the message so that everyone can ## RSACan we really simulate private/public keys in practice? Yes. This is where number theory comes to the rescue in the form of the RSA crypto system. Here is the basic idea: Take two large prime numbers . These have to be large: let us say digits. Compute their product: . Also compute . After that destroy . We compute a number that satisfies: such that is not a factor of . Find numbers so that . A fundamental result in number theory says that we can always do so. Finally, we keep and discard . forms the public key and the private key.
Let us illustrate this: Choose and . We have and . Let us choose . We have to find so that . We have and . Verify that . In this case, it is a rather bad coincidence that we have the same public and private key. The private key is . The public key is .
Encryption: Take a message represented as a number from . The encrypted value of is . Example: Using public key and message , we have . To decrypt, we have to compute = . (Ask google if you do not trust me: [http: ## Breaking RSALet us assume that some one has access to the public key . What stops them from finding out , the secret key? After all, . Therefore, by factorizing , we can find and repeat the process for ourselves to compute and . Once is known then the whole scheme goes kaput.
In order to convince you that factoring a large number say digits is hard, your first programming assignment that will be out this monday asks you to try and write a factoring routine that given a number finds a prime factor of . You can use any method to do so. However, if you are clever about this, we will have a class competition and your code may win the competition. :-) ## Combinatorially Hard ProblemsThere are problems in CS which do not have any known algorithms. The class of problems is called NP standing for Non-Deterministic Polynomial Time.
Naive Algorithm
int factor(int n){ int i; for (i = 0; i < n;++i) if (Divides(i,n)) return i; return NO_FACTOR; } Time taken to factor by best known algorithm is roughly . However, does that preclude a clever and faster algorithm? The best known factoring algorithm is the |