INSTITUTE OF ENGINEERING & TECHNOLOGY, ALWAR

Cryptography &
Rsa
Submitted toMr. Mohit Khandelwal

Submitted ByCharchit Taneja

CSE A Batch
11EIACS026

What is Cryptography?

Cryptography derived its name

from a Greek word called
Kryptos which
means Hidden Secrets.
Cryptography is the practice and
study of hiding information. It
is the Art or
Science of converting a plain
intelligible
data
into
an
unintelligible data and again
retransforming that message
into its original form.
It
provides
Confidentiality,
Integrity, Accuracy.

What is Encryption /
Decryption

Encryption

The process of converting plain text into an unintelligible format

(cipher text) is called Encryption.

Decryption

The process of converting cipher text into a plain text is called

Decryption.

Private-Key Cryptography

traditional private/secret/single key

cryptography uses one key

shared by both sender and receiver

if this key is disclosed communications are

compromised

also is symmetric, parties are equal

hence does not protect sender from receiver

forging a message & claiming is sent by sender

Public-Key Cryptography

probably most significant advance in the 3000

year history of cryptography

uses two keys a public & a private key

asymmetric since parties are not equal

uses clever application of number theoretic

concepts to function

complements rather than replaces private key

crypto

Public-Key Cryptography

public-key/two-key/asymmetric
cryptography involves the use of two keys:

a public-key, which may be known by anybody,

and can be used to encrypt messages, and
verify signatures

a private-key, known only to the recipient, used

to decrypt messages, and sign (create)
signatures

is asymmetric because

those who encrypt messages or verify signatures

cannot decrypt messages or create signatures

Public-Key Cryptography

Public-Key Applications

can classify uses into 3 categories:

encryption/decryption (provide secrecy)

digital signatures (provide authentication)

key exchange (of session keys)

some algorithms are suitable for all uses, others

are specific to one

RSA Key Setup

each user generates a public/private key pair by:

selecting two large primes at random - p, q

computing their system modulus N=p.q

note (N)=(p-1)(q-1)

selecting at random the encryption key e

where 1<e<(N), gcd(e,(N))=1

solve following equation to find decryption key d

e.d=1 mod (N) and 0dN

publish their public encryption key: KU={e,N}

keep secret private decryption key: KR={d,p,q}

RSA Example
1.

Select primes: p=17 & q=11

2.

Compute n = pq =1711=187

3.

Compute (n)=(p1)(q-1)=1610=160

4.

Select e : gcd(e,160)=1; choose e=7

5.

Determine d: de=1 mod 160 and d < 160

Value is d=23 since 237=161= 10160+1

6.

Publish public key KU={7,187}

7.

Keep secret private key KR={23,17,11}

10

RSA Example cont

sample RSA encryption/decryption is:

given message M = 88 (nb. 88<187)

encryption:
C = 887 mod 187 = 11

decryption:
M = 1123 mod 187 = 88

11

RSA Key Generation

users of RSA must:

determine two primes at random - p, q

select either e or d and compute the other

primes p,q must not be easily derived from

modulus N=p.q

means must be sufficiently large

typically guess and use probabilistic test

exponents e, d are inverses, so use Inverse

algorithm to compute the other

12

RSA Security

three approaches to attacking RSA:

brute force key search (infeasible given size of

numbers)

mathematical attacks (based on difficulty of

computing (N), by factoring modulus N)

timing attacks (on running of decryption)

13

14

Question and Answer

Session

15

Q1. How Large a Modulus

(Key) Should be Used in
RSA?

Ans.
The best size for an RSA modulus depends on
one's security needs. The larger the modulus,
the greater the security, but also the slower the
RSA operations. One should choose a modulus
length upon consideration, first, of one's
security needs, such as the value of the
protected data and how long it needs to be
protected, and, second, of how powerful one's
potential enemies are.

16

Q2 In relation to DES, chaining is used because:

(Note: more than one answer is correct.)

1) In electronic code book mode of working one,

or more, blocks of data may be tampered with in
transmission and the receiver be unaware of the
fact.
2) Chaining, in addition to secrecy, provides
integrity of data.
3) A greater degree of secrecy is provided.
4) Encryption is achieved more rapidly.

17

18
Correct Answers:
Chaining, in addition to secrecy, provides
integrity of data

In electronic code book mode of working one,

or more, blocks of data may be tampered with
in transmission and the receiver be unaware of
the fact

Q3 Select the answer/s that correctly

apply to an RSA digital signature.

19

1) A digital signature provides a message digest.

2) A digital signature proves to a recipient that the
authentic.

sender is

3) A digital signature ensures that a message is correctly

encrypted.
4) A digital signature facilitates non-repudiation.

20
Correct Answers:
A digital signature facilitates non-repudiation.

A digital signature proves to a recipient that the sender is

authentic.

21
Q4 A certificate, in the RSA system, indicates to the
receiving party that the sender's public key used to
encrypt a message is in fact genuine.

1) True
2) False

22
Correct Answer:
True
A certificate indicates that the public key used to encrypt
a message is bona fide and issued by a Certification
Authority. This prevents encryption using someone else's
public key.

23
Q5 Two security threats that E-commerce must guard against are that
an eavesdropper may _____ Internet communication to obtain _____
information which may then be used by a third party to make _____
purchases. Secondly, a bogus site may be used to obtain _____
without providing any goods or services.

1) interrupt; some; fraudulent; money

2) intercept; some; free; money
3) intercept; confidential; fraudulent; money
4) intercept; confidential; multiple; details

24
Correct Answer
Intercept; confidential; fraudulent; money

25
Q6 Asymmetric Encryption: Why can a message
encrypted with the Public Key only be decrypted with the
receiver's appropriate Private Key?
1.

Not true, the message can also be decrypted with the Public Key.

2. A so called "one way function with back door" is applied for the encryption.
3. The Public Key contains a special function which is used to encrypt the
message and which can only be reversed by the appropriate Private Key.
4. The encrypted message contains the function for decryption which identifies
the Private Key.

Correct Answer

26

A so called "one way function with back door" is

applied for the encryption
An one-way function is a function which a computer can calculate
quickly, but whose reversal would last months or years. An oneway function with back door can be reversed with the help of a
couple of additional information (the back door), but scarcely
without this information. The information for the back door is
contained in the private Key.

27
Q7 Which is the largest disadvantage of the symmetric
Encryption?

1. More complex and therefore more time-consuming calculations.

2. Problem of the secure transmission of the Secret Key.
3. Less secure encryption function.
4. Isn't used any more.

Correct Answer

28

Problem of the secure transmission of the Secret Key.

There is only one key in the symmetrical encryption, this must be

known by both sender and recipient and this key is sufficient to
decrypt the secret message. Therefore it must be exchanged
between sender and receiver in such a manner that an unauthorized
person can in no case take possession of it.

29
Q8 _________ ciphers can be categorized into two broad categories:
monoalphabetic and polyalphabetic.

A) Substitution
B) Transposition
C) either (a) or (b)
D) neither (a) nor (b

30
Correct Answer
B) Substitution

31
Q9 The _______ cipher is the simplest monoalphabetic cipher. It
uses modular arithmetic with a modulus of 26.

A)
B)
C)
D)

transposition
additive
shift
none of the above

32

Correct Answer
Shift

The Ceaser Cipher is a type of shift cipher. Shift Ciphers work by

using the modulo operator to encrypt and decrypt messages. The
Shift Cipher has a key K, which is an integer from 0 to 25. We will
only share this key with people that we want to see our message.

33
Q10 A(n) ______ is a keyless substitution cipher with N
inputs and M outputs that uses a formula to define the
relationship between the input stream and the output stream.
A)
B)
C)
D)

S-box
P-box
T-box
none of the above

Correct Answer

34

S-Box

S-box (substitution-box) is a basic component of symmetric key

algorithms which performs substitution. In block ciphers, they are
typically used to obscure the relationship between the key and the
cipher text Shannon's property of confusion.

35
Q11 A modern cipher is usually a complex _____cipher made
of a combination of different simple ciphers.

A)
B)
C)
D)

round
circle
square
none of the above

36

Correct Answer

Round

37
Q12 The DES function has _______ components.
A)
B)
C)
D)

2
3
4
5

38

Correct Answer
3

39
Q13 The _________ attack can endanger the security of the
Diffie-Hellman method if two parties are not authenticated to each
other.
A)
B)
C)
D)

man-in-the-middle
cipher text attack
plaintext attack
none of the above

40

Correct Answer
Man-in-the-middle

41

Q14 How do you use RSA for both authentication and

secrecy?

42
Correct Answer
RSA is based upon public key/private key concept. For
authentication one can encrypt the hash (MD5/SHA) of the data with
his private key. This is known as digital signature. And secrecy is
achieved by encrypting the data with the public key of the target
user. Generally we don't use RSA for encryption because of key size
(1024 bits). Rather a symmetric session key (128/256 bit) is
established between communicating parties and is used for
encryption.

43

Q15 Can we do the project in ENCRYPTION AND

DECRYPTION as a operating system project? If yes how can we
use the concepts?

44

Correct Answer
Yes we can. All the information will be stored in encrypted
form in memory. During fetching, it must be first decrypted
by operating system and then can be read.

45

Q16 What is tamper-resistant hardware?

46
Correct Answer
Ensuring that various cryptographic keys are provided by
their intended users, and only for their intended purposes,
temper resistant hardware is introduced.
An example temper resistant device is your "SMART CARD".
You have to physically possess the device and also have to
possess the PIN or the password to use it.

47

Q27 What is probabilistic encryption?

48
Correct Answer
Probabilistic encryption, developed by Goldwasser and
Micali [GM84], is a design approach for encryption where a
message is encrypted into one of many possible cipher texts
(not just a single cipher text as in deterministic encryption).
This is done in such a way that it is provably as hard to obtain
partial information about the message from the cipher text as
it is to solve some hard problem

49

Q18 What are special signature schemes?

50
Since the time Diffie and Hellman introduced the concept of digital signatures many
signature schemes have been proposed in cryptographic literature. These schemes
can be categorized as either conventional digital signature schemes (for example,
RSA and DSA) or special signature schemes depending on their security features. In
a conventional signature scheme (the original model defined by Diffie and
Hellman), we generally assume the following situation:
1) The signer knows the contents of the message that he has signed.
2) Anyone who knows the public key of the signer can verify the correctness of the
signature at any time without any consent or input from the signer. (Digital
signature schemes with this property are called self-authenticating signature
schemes.)
3) The security of the signature schemes is based on certain complexity-theoretic
assumptions.

51

Thank You