View
227
Download
0
Category
Preview:
Citation preview
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 1/21
Introduction toComputer Security
Benoit Donnet
Academic Year 2013 - 2014
1
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Agenda
• Chapter 1: Mathematics for Cryptography- Modular Arithmetic- Euclidean Algorithms- Euler's Function- Fermat Theorem- Chinese Remainder Theorem
• Chapter 2: Symmetric Cryptography
• Chapter 3: Asymmetric Cryptography
• Chapter 4: Authentication
• Chapter 5: Key Distribution
2
Cryptography
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 2/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Agenda
3
• Chapter 1: Mathematics for Cryptography- Modular Arithmetic
! Division! Congruence! n Arithmetic
- Euclide Algorithms-
Euler's Function- Fermat's Theorem- Chinese Remainder Theorem
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Division• Let a ! and n !
- a = q ! n + r ! 0 " r < n! q = "a/n#
- r is the remainder - q is the quotient - Examples
! a = 11, n = 7 $ 11 = 1 ! 7 + 4 $ r = 4! a = -11, n = 7 $ -11 = -2 ! 7 + 3 $ r = 3
• If a, n ! and n > 0- a mod n refers to the remainder when a is divided by n
! modulo operator
- a = "a/n# + (a mod n)
4
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 3/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Division (2)
• Modulo example- a = 59; n = 7
! 59 = 8 ! 7 + 3! r = 3, q = 8! 59 mod 7 = 3
5
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Division (3)
• Let a, b, and m ! - b (" 0) divides a if a = m ! b- b is a divisor of a
• Notation: b|a
• Example:- divisors of 24 are 1, 2, 3, 4, 6, 8, 12, 24
6
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 4/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Division (4)
• Properties- if a|1 then a = ±1- if a|b and b|a then a = ±b- any b " 0 divides 0- if b|g and b|h then b|(mg + nh), for any m, n- if a = 0 mod n then n|a
• Demonstrating Prop. 4- if b|g , then g = b ! g 1
- if b|h, then h = b ! h1
- it comes! mg + nh = mgb1 + nbh1 = b ! (mg 1 + nh1 )
7
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Division (5)
• Divisibility criteria- 2|n if n ends with 0, 2, 4, 6, 8- 3|n if the sum of n numbers are divisible by 3- 4|n if last 2 n numbers are divisible by 4
! example: 256,628- 5|n if n ends with 0, 5- 8|n if last 3 n numbers are divisible by 8
! example: 176,072- 9|n if the sum of n numbers are divisible by 9
! example: 37,521
8
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 5/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Congruence
• Two integers, a and b, are said equal modulo n ifn|a-b
• Two integers, a and b, are said congruent modulo n
if a mod n = b mod n- Notation
! a # b mod n- a and b are equivalent in the modulo n class
9
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Congruence (2)
• Congruence examples- 26 # 12 mod 7
! 26 mod 7 = 5! 12 mod 7 = 5
- 21 # -9 mod 10! 21 mod 10 = 1! -9 mod 10 = 1
10
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 6/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Congruence (3)
• Properties- a # b mod n iff n|a-b- a # b mod n iff ca # cb mod cn- a # b mod n iff ac # bc mod n- a # b mod n iff b # a mod n- if a # b mod n, then (a-b) mod n = 0- if a # b mod n, then b # a mod n
! symmetry- if a # b mod n, b # c mod n, then a # c mod n
! transitivity
11
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Congruence (4)
• Examples- 26 # 12 mod 7! (26-12) mod 7 = 14 mod 7 = 0! 12 # 26 mod 7 car 12 mod 7 = 26 mod 7
- 26 # 12 mod 7, 12 # 19 mod 7! 26 # 19 mod 7
! 26 mod 7 = 5! 19 mod 7 = 5
12
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 7/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Congruence (5)• Properties (cont.)
- (x+y) mod n = (x mod n + y mod n) mod n- modular addition- examples
! (54 + 49) mod 15" (54+49) mod 15 = 103 mod 15 = 13" 54 mod 15 = 9" 49 mod 15 = 4" (54 mod 15 + 49 mod 15) = 9 + 4 = 13
! 13 mod 15 = 13!
(42 + 52) mod 15" (42+52) mod 15 = 94 mod 15 = 4" 42 mod 15 = 12" 52 mod 15 = 7" (42 mod 15 + 52 mod 15) = 12 + 7 = 19
! 19 mod 15 = 4
13
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Congruence (6)• Properties (cont.)
- (x ! y) mod n = (x mod n ! y mod n) mod n- modular multiplication- examples
! (49!
54) mod 15" (49 ! 54) mod 15 = 2646 mod 15 = 6" 49 mod 15 = 4" 54 mod 15 = 9
" (49 mod 15 ! 54 mod 15) = 9 * 4 = 36! 36 mod 15 = 6
! (42 ! 52) mod 15" (42 ! 52) mod 15 = 2184 mod 15 = 9" 42 mod 15 = 12" 52 mod 15 = 7
" (42 mod 15 ! 52 mod 15) = 12 * 7 = 84! 84 mod 15 = 9
14
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 8/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Congruence (7)
• Properties (cont.)- it is possible to extend the modular multiplication- (a ! b ! c) mod n
! = ((a mod n) ! (b mod n) ! (c mod n)) mod n! = (((a mod n) ! (b mod n) mod n) ! c mod n)) mod n
- (a ! b ! c ! d) mod n!
= ((a mod n) ! (b mod n) ! (c mod n) ! (d mod n)) mod n- (a ! b ! c ! d ! e) mod n- etc.
15
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Congruence (8)
• Example: (42 ! 56 ! 98 ! 108) mod 15
• Brute force approach- (42 ! 56 ! 98 ! 108) mod 15 = 234,893,568 mod 15 = 3
• Smart approach, v.1- 42 mod 15 = 12- 56 mod 15 = 11- 98 mod 15 = 8- 108 mod 15 = 3
16
} (12 ! 11 ! 8 ! 3) mod 15 =
3168 mod 15 = 3
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 9/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Congruence (9)
17
• Smart approach, v.21. (42 ! 56) mod 15
! ((42 mod 15) ! (56 mod 15)) mod 15 = (12 ! 11) mod 15 = 12
2. (42 ! 56 ! 98) mod 15! (12 ! 98) mod 15 = ((12 mod 15) ! (98 mod 15)) mod 15! (12 ! 8) mod 15 = 6
3. (42 ! 56 ! 98 ! 108) mod 15! (6 ! 108) mod 15 = ((6 mod 15) ! (108 mod 15)) mod 15! (6 ! 3) mod 15 = 3
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Congruence (10)
18
• Modular exponentiation- how to quickly compute be mod m?
! right-to-left binary algorithm
• Right-to-left binary algorithm
- convert e into binary notation
- be can also be rewritten
-
the solution becomes
be = b
Pn−1
i=0 ai·2
i
=n−1Y
i=0
(b2i
)ai
be mod m =
n−1Y
i=0
(b2i
)aimod m
e =
n−1X
i=0
ai · 2i
with ai ∈ {0, 1}, for 0 ≤ i < n − 1 and an−1 = 1
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 10/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Congruence (11)
19
• Example: 541 mod 9
• Brute force approach
- 541 mod 9- 45,474,735,088,646,411,895,751,953,125 mod 9 = 2
• Right-to-left binary approach- write 41 in binary
! 41 = 32 + 8 + 1 = 101001! 541 = 532 ! 58 ! 51
- compute various exponents!
5
1
mod 9 = 5 mod 9 = 5! 52 mod 9! (51 ! 51) mod 9 = (5 ! 5) mod 9 = 25 mod 9 = 7
! 54 mod 9! (52 ! 52) mod 9 = ((52 mod 9) ! (52 mod 9)) mod 9! 49 mod 9 = 4
32 16 8 4 2 1
1 0 1 0 0 1
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Congruence (12)
20
! 58 mod 9! (54 ! 54) mod 9 = (54 mod 9 ! 54 mod 9) mod 9! (4 ! 4) mod 9 = 7
! 516 mod 9! (58 ! 58) mod 9 = (58 mod 9 ! 58 mod 9) mod 9! (7 ! 7) mod 9 = 4
! 532 mod 9! (516 ! 516) mod 9 = (516 mod 9 ! 516 mod 9) mod 9! (4 ! 4) mod 9 = 7
- it comes! 541 mod 9
! (532 ! 58 ! 51) mod 9! (7 ! 7 ! 5) mod 9!
(49 mod 9 ! 5 mod 9) mod 9! (4 ! 5) mod 9! 2
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 11/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet 21
• The “modulo n” operator maps all integers
(negatives and positives) that are congruent modulo
n in the set {0, 1, ..., n-1}- residue class modulo n- mathematical notation: n
• One can label the residue classes (mod n) as [0],[1], ..., [n-1], where
- [r] = {a: a ! , a # r mod n}
• Examples for n=4- [0] = {..., -16, -12, -8, -4, 0, 4, 8, 12, 16, ...}- [1] = {..., -15, -11, -7, -3, 1, 5, 9, 13, 17, ...}- [2] = {..., -14, -10, -6, -2, 2, 6, 10, 14, 18, ...}- [3] = {..., -13, -9, -5, -1, 3, 7, 11, 15, 19, ...}
n Arithmetic
INFO0045 - ULg - 2013/2014 - Benoit Donnet
• Properties of modular arithmetic in n
- commutativity! (w + x) mod n = (x + w) mod n! (w ! x) mod n = (x ! w) mod n
- associativity! [(w + x) + y] mod n = [w + (x + y)] mod n! [(w ! x) ! y] mod n = [w ! (x ! y)] mod n
- distributivity! [w ! (x + y)] mod n = [(w ! x) + (w ! y)] mod n
- identity! (0 + w) mod n = w mod n! (1 ! w) mod n = w mod n
- additive inverse (-w)! for each w ! n, % z such that w + z # 0 mod n
22
n Arithmetic (2)
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 12/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
• Properties of modular arithmetic in n (cont.)-
addition! (a + b) # (a + c) mod n $ b # c mod n! example: (5 + 23) # (5 + 7) mod 8 $ 23 # 7 mod 8
- multiplication! if a and n relatively prime, then a ! b # a ! c mod n $ b # c
mod n! the condition must be satisfied otherwise, the property does
not hold
! example:" 6 ! 3 " 6 ! 7 mod 8" but 3 !7 mod 8
23
n Arithmetic (2)
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Agenda
24
• Chapter 1: Mathematics for Cryptography- Modular Arithmetic- Euclidean Algorithms
! gcd! Extended Euclidean Algorithm! Equation
- Euler's Function- Fermat's Theorem- Chinese Remainder Theorem
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 13/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
GCD
• Greatest Common Divisor
• Let c ! , c = gcd(a, b) if - c is a divisor of a and b- any divisor of a and b is a divisor of c
• Equivalent definition- gcd(a, b) = max{k, such that k|a and k|b}
• The gcd must be a positive- gcd(a, b) = gcd(a, -b) = gcd(-a, b) = gcd(-a, -b)- gcd(a, b) = gcd(|a|, |b|)
25
INFO0045 - ULg - 2013/2014 - Benoit Donnet
GCD (2)
• Interesting use of gcd- two integers are relatively prime if their only common
factor is 1- let a and c be relatively prime
! (a, c) = 1! gcd(a, c) = 1
26
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 14/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
GCD (3)
• Euclidean algorithm for finding the gcd
27
gcd(int a, int b){if(b == 0)return a;
else
return gcd(b, a mod b);}//end gcd()
INFO0045 - ULg - 2013/2014 - Benoit Donnet
GCD (4)
• Example: gcd(1970, 1066)
28
Step a b call
1 1066 1970 mod 1066 = 904 gcd(1066, 904)
2 904 1066 mod 904 = 162 gcd(904, 162)
3 162 904 mod 162 = 94 gcd(162, 94)
4 94 162 mod 94 = 68 gcd(94, 68)
a few recursive calls later ...
10 2 0
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 15/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Extended Euclide
• There exists an extension to the Euclideanalgorithm
- it not only finds the gcd- but also two additional integers, x and y, satisfying
! ax + by = gcd(a, b)! Bezout's identity
• When a et b are relatively prime- x is the multiplicative inverse of a mod b- y is the multiplicative inverse of b mod a
• Extended Euclidean Algorithm
29
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Extended Euclide (2)
• The algorithm
30
extended_euclidean(int a, int b){x = 0; y = 1;lastx = 1; lasty = 0;
while(b ! 0)quotient = a div b;(a, b) = (b, a mod b);(x, lastx) = (lastx-quotient*x, x);(y, lasty) = (lasty-quotient*y, y);
return (lastx, lasty);}//end extended_euclidean()
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 16/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Extended Euclide (3)
• Example: find x, y such that 53x + 30y = 1
31
quotient a b x lastx y lasty
/ 53 30 0 1 1 0
1 30 23 1 0 -1 1
1 23 7 -1 1 2 -1
3 7 2 4 -1 -7 2
3 2 1 -13 4 23 -7
2 1 0 30 -13 -53 23
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Equation• Euclide allows us to solve equations of the form
- ax # b mod n
• How to solve?- algorithm
32
equation(a, b, n){(d, x', y') = extended_euclidean(a, n);
if(d|b)x0 = (x' " (b/d)) mod nfor i=0 until d-1 write (x0 + i " (n/d)) mod n
else
write "no solution"
}//end equation()
last value of 'a'
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 17/21
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 18/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Euler's Function
35
• Euler's Totient Function- $(n)- number of integers between 0 and n-1 that are prime with
n
• It also corresponds to the number of elementshaving an inverse in the class modulo n
• By convention- $(0) = 0-
$(1) = 1• Example
- $(8) = 4! because 1, 3, 5, 7 are prime with 8
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Euler's Function (2)
36
!"" #" $" %" &" '" ("
!"
"
#"
$"
%"
&"
'"
("
!
" ! #
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 19/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Euler's Function (3)
37
• A few theorems about $(n)
- an integer p is prime iff ! $(p) = p-1
- if n and m ! 0 and relatively prime! then $(n ! m) = $(n) ! $(m)
- if p is prime and n=pk
! then $(n) = pk ! (1 - 1/p)=pk - pk-1 ! example
! n = 9! #(9) = #(32) = 32 ! (1 - 1/3) = 9 ! 2/3 = 6
- si n = p ! q, p et q premiers! alors $(n) = (p-1) ! (q-1)
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Agenda
38
• Chapter 1: Mathematics for Cryptography- Modular Arithmetic- Euclidean Algorithms- Euler's Function- Fermat's Theorem- Chinese Remainder Theorem
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 20/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Fermat
39
• Little Fermat's Theorem- If m is prime and gcd(a, m) = 1
! then am-1 # 1 mod m
• One can generalise Fermat's theorem with Euler'sfunction
- If gcd(a, m) = 1! then a$(m) # 1 mod m
• Application to modular inverse- if gcd(a, m) = 1
! the multiplicative inverse of a in the modulo class m isa$(m)-1
! a$(m)-1 # a-1 mod m! in the particular case in which m is prime
! a-1 # am-2 mod m
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Agenda
40
• Chapter 1: Mathematics for Cryptography- Modular Arithmetic- Euclidean Algorithms- Euler's Function- Fermat's Theorem- Chinese Remainder Theorem
8/12/2019 Crypto Chap1
http://slidepdf.com/reader/full/crypto-chap1 21/21
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Chinese Remainder
• Let m1 , m2 , ..., mr , all positive integers and
relatively prime two by two. Then, the congruencesystem:
41
x ≡ a1 mod m1
x ≡ a2 mod m2
. . .
x ≡ ar mod mr
gives a unique solution x mod M = m1 ×m2 × . . .×mr :
x = a1M 1y1 + a2M 2y2 + . . . + arM ryrwith M i = M
mi
and yiM i ≡ 1 mod mi
Chinese Remainder (2)• Example
x ≡ 1 mod 3
x ≡ 2 mod 5
x ≡ 3 mod 7
Let M = 3 × 5 × 7 = 105. We have
M 1 = 105
3 = 35 y1 × 35 ≡ 1 mod 3 y1 = 2
M 2 = 105
5 = 21 y2 × 21 ≡ 1 mod 5 y2 = 1
M 3 = 105
7 = 15 y3 × 15 ≡ 1 mod 7 y3 = 1
It comes
x ≡ 1 × 35 × 2 + 2 × 21 × 1 + 3 × 15 × 1 ≡ 157 ≡ 52 mod 105
Recommended