SEEL 4343

INFORMATION SECURITY
[Module 5 – Public Key Cipher]
Shahidatul Sadiah
Public Key Cipher
• Use public key for encryption and secret key for decryption
asymmetric cipher.
• Based on the mathematical one-way functions. The function
makes encryption easy using the public key but difficult to
reverse. The trapdoor within the one-way function is activated
using the secret key which makes decryption easy.
• RSA (Rivest-Shamir-Adelman)-exponentiation algorithm.
• El-Gamal - discrete logarithm.
RSA – the algorithm
i. Define 2 large prime numbers 𝑝 and 𝑞 and the product is 𝑛 = 𝑝𝑞.

ii. Generate a public/secret key pair 𝐾𝑝 and 𝐾𝑠 by solving

𝐾𝑝 𝐾𝑠 mod 𝑝 − 1 𝑞 − 1 = 1. 𝐾𝑝 is a valid public key choice if
GCD(𝐾𝑝 , (𝑝 − 1)(𝑞 − 1)) = 1.

iii. If 𝐾𝑝 /𝐾𝑠 are an arbitrary public/secret key pair, then 𝐾𝑠 should

never be used as a public key.

iv. To encipher message 𝑚, the cryptogram is 𝑐 = 𝑚𝐾𝑝 mod 𝑛.

v. To decipher cryptogram 𝑐, the message is 𝑚 = 𝑐 𝐾𝑠 mod 𝑛.

RSA – the example (setup)
• Alice want Bob to send information to her encrypted with RSA. So,
Alice must publish her public key, 𝐾𝑝 .

𝑃𝐾
Publish (𝐾𝑝 , 𝑛) repository

i. Choose 2 prime numbers. Take Alice’s public

𝑝 = 3, 𝑞 = 11 key to encrypt the
ii. Calculate the product message and send the
𝑛 = 𝑝𝑞 = 33 information
iii. Calculate 𝑝 − 1 𝑞 − 1
2 × 10 = 20
iv. Choose 𝐾𝑝 and 𝐾𝑠 such that
𝐾𝑝 𝐾𝑠 mod 𝑝 − 1 𝑞 − 1 = 1. The example is
𝐾𝑝 = 3, 𝐾𝑠 = 7 using small prime
numbers for clarity
Check: 21 mod 20 = 1
RSA – the example (encrypt)
• Bob uses Alice’s public key, 𝐾𝑝 , 𝑛 = (3, 33) to encrypt the
information and send the ciphertext to Alice. The information is
one alphabet that is encoded with integer ‘14’.
Knows (𝐾𝑝 ,n)

Send 𝑐 = 5 to Alice

Encrypt the message m=14 with

𝑐 = 𝑚𝐾𝑝 mod 𝑛.
𝑐 = 143 mod 33
= 2744 𝑚𝑜𝑑 33
𝑐=5
 RSA – the example (decrypt)
• Alice uses her secret key 𝐾𝑠 to decrypt the ciphertext sent by Bob.

Received 𝑐 = 5 from Bob

Knows (𝐾𝑝 ,n)

Send 𝑐 = 5 to Alice

Alice’s secret key 𝐾𝑠 =7. Encrypt the message m=14 with

She decrypt the ciphertext c=5 𝑐 = 𝑚𝐾𝑝 mod 𝑛.
with 𝑚 = 𝑐 𝐾𝑠 mod 𝑛. 𝑐 = 143 mod 33
𝑚 = 57 mod 33 = 2744 𝑚𝑜𝑑 33
= 78125 𝑚𝑜𝑑 33 𝑐=5
𝑚 = 14
Security of RSA
• The security of the RSA algorithm lies in the difficulty of factoring
the product of two large prime numbers.
• If the size of the prime numbers are 216 bits, the product of the
two prime numbers are close to double of that.
• Large primes : 48619, 76213, 76231, 98953.
• Product of large primes :
48619 × 76213 = 3 705 399 847
76231 × 98953 = 7 543 286 143
• Factoring 3 705 399 847 is hard because the two numbers are
coprime, but there is an easy way to do it which is called a
trapdoor. The trapdoor for RSA algorithm is based on Euler’s
Totient theory.
Attack on RSA
• Assume an attacker knows the ciphertext (c = 337), the public key
(𝐾𝑝 = 413, n = 629) that is used to create c
• The attacker might attempt to determine a value for m that
satisfies m*413 mod 629 = 337
• No known way to easily compute m given 𝐾𝑝 , n, and c
• Brute-force search for m is infeasible (if m is large)
• The attacker might also attempt to determine a value for 𝐾𝑠
• No known way to easily compute 𝐾𝑠 given 𝐾𝑝 and n
• Brute-force search for 𝐾𝑠 is infeasible (if 𝐾𝑠 and n are large)
• In general, it is believed that the most efficient way to attack RSA
is to factor n, the modulus
• Factoring n results in p and q
• With 𝐾𝑝 , n, p, and q the extended Euclidean algorithm can be used
to compute 𝐾𝑠
• Factoring integers is widely believed to be an intractable problem
Question Example
Dexter wants to set up his own public and private keys. He chooses
𝑝 = 23 and 𝑞 = 19 with 𝐾𝑝 = 283. Find 𝐾𝑠 .

Hint: 𝐾𝑝 𝐾𝑠 mod 𝑝 − 1 𝑞 − 1 = 1. Brute force.

Other approach:
𝐾𝑠 is the multiplicative inverse of 𝐾𝑝 . Do not use brute force, use
extended Euclidean algorithm.
Euclidean algorithm
• Use to check the co-prime (GCD=1) of two numbers.
• Example: Find the GCD of 10857 and 25415

25415 mod 10857 = 3701

10857 mod 3701 = 3455

3701 mod 3455 = 246

3455 mod 246 = 11

11 mod 4 = 3

4 mod 3 = 1 (GCD)
Euclidean Algorithm – another example

• Find the GCD of 2856 and 1320

2856 mod 1320 = 216

1320 mod 216 = 24 (GCD)

216 mod 24 = 0

The two numbers are not co-prime.

 Multiplicative Inverse
• The multiplicative inverse of 𝑎 mod 𝑛 is an integer 𝑥 such that
𝑎𝑥 mod 𝑛 = 1. If such an 𝑥 exists, then it is unique and 𝑎 is said to
be invertible, or a unit; the inverse of 𝑎 is denotes by 𝑎−1 .
• Let’s see another example: Find GCD(53,576).

576 mod 53 = 46 Can be seen as

53 mod 46 = 7
46 mod 7 = 4 576 – 10*53 = 46
7 mod 4 = 3 53 – 1*46 = 7
46 – 6*7 = 4
4 mod 3 = 1(GCD)
7 – 1*4 = 3
4 – 1*3 = 1

We can find the multiplicative inverse of 576 in mod 53 by solving d in

576*d mod 53 = 1
Extended Euclidean Algorithm

576 – 10*53 = 46
53 – 1*46 = 7
46 – 6*7 = 4
7 – 1*4 = 3 1 = 4 – 1*3 = 4 – 1(7 – 1*4) = -1*7 + 2*4
4 – 1*3 = 1
-1*7 + 2*4 = -1*7 + 2*(46 – 6*7) = 2*46 + (-13*7)

2*46 + (-13*7) = 2*46 + (-13* (53 – 1*46))

= (-13*53)+(15*46)

(-13*53)+(15*46)=(-13*53)+(15*(576 – 10*53))
= (15*576) + (-163*53)
=1
576*15 mod 53 = 1
El-Gamal Encryption – the algorithm

i. Define primitive element a and prime number where 𝑎 < 𝑛 and the
GCD(𝑎, 𝑛) = 1.

ii. If 𝑘𝑠 is the secret key, then the public key is 𝑘𝑝 = 𝑎𝑘𝑠 mod 𝑛.

iii. To encrypt message 𝑚 , generate a random seed 𝑟 , and calculate 𝑘𝑝 𝑟 =

(𝑎𝑘𝑠 )𝑟 mod 𝑛 and the cryptogram 𝑐 = 𝑚(𝑘𝑝 )𝑟 mod 𝑛.

iv. The function generator is 𝑎𝑟 mod 𝑛 that is transmitted together with the
cryptogram 𝑐.

v. To decipher, the function generator and the secret key are used to obtain 𝑘𝑝 𝑟 =
(𝑎𝑟 )𝑘𝑠 mod 𝑛 while the plaintext is deciphered by solving 𝑐 = 𝑚(𝑘𝑝 )𝑟 mod 𝑛.
El-Gamal Encryption – The example (setup)
• Alice want Bob to send information to her encrypted with El-
Gamal. So, Alice must send Bob her public keys.

Send her Public Keys (𝑎, 𝑛, 𝐾𝑝 )

i. Choose 𝑎 = 2, 𝑛 = 29 and 𝐾𝑠 = 5. Take Alice’s public

Then, calculate 𝐾𝑝 = 𝑎𝐾𝑠 mod 𝑛 = keys to encrypt the
25 mod 29 = 3. message and send the
ii. Send the public keys as (𝑎, 𝑛, 𝐾𝑝 ) = information
2,29,3
iii. Keep the 𝐾𝑠 for decryption.

The example is
using small prime
numbers for clarity
El-Gamal – the example (encrypt)
• Bob uses Alice’s public key,(𝑎, 𝑛, 𝐾𝑝 ) = (2,29,3) to encrypt the
information and send the ciphertext to Alice. The information is
one alphabet that is encoded with integer ‘6’.
Knows (𝑎, 𝑛, 𝐾𝑝 )

Send (𝑎𝑟 mod 𝑛, 𝑐)= (16,22) to Alice

i. Choose 𝑟 = 4 and compute

𝑘𝑝 𝑟 mod 𝑛 = 34 mod 29 = 23
ii. Compute function generator
𝑎𝑟 mod 𝑛 = 24 mod 29 = 16
iii. Encrypt the message m=6
with 𝑐 = 𝑚(𝑘𝑝 )𝑟 mod 𝑛.
𝑐 = 6(23) mod 29
= 138 𝑚𝑜𝑑 29
𝑐 = 22
iv. Send (𝑎𝑟 mod 𝑛, 𝑐) to Alice
 El-Gamal – the example (decrypt)
• Alice uses her secret key 𝐾𝑠 to decrypt the ciphertext sent by Bob.

Received (𝑎𝑟 mod 𝑛, 𝑐)= (16,22) from Bob

Knows (𝐾𝑝 ,n)

Send (𝑎𝑟 mod 𝑛, 𝑐)= (16,22) to Alice

i. Choose 𝑟 = 4 and compute

i. Alice’s secret key 𝐾𝑠 =5. 𝑘𝑝 𝑟 mod 𝑛 = 34 mod 29 = 23
ii. Compute (𝑎𝑟 )𝐾𝑠 mod 𝑛 = ii. Compute function generator
165 𝑚𝑜𝑑 29 = 400 mod 29 = 𝑎𝑟 mod 𝑛 = 24 mod 29 = 16
23. iii. Encrypt the message m=6
iii. solving 𝑐 = 𝑚(𝑘𝑝 )𝑟 mod 𝑛 to with 𝑐 = 𝑚(𝑘𝑝 )𝑟 mod 𝑛.
decrypt the message. 𝑐 = 6(23) mod 29
22 = 𝑚 23 mod 29 = 138 𝑚𝑜𝑑 29
The inverse of 23 is 24 in mod 29. 𝑐 = 22
22(24) mod 29 = 528 mod 29 = 6 iv. Send (𝑎𝑟 mod 𝑛, 𝑐) to Alice
𝑚=6
Security of El-Gamal Encryption

• The security of the El-Gamal algorithm lies in the difficulty of

evaluating the discrete logarithm.
• Example: 𝑐 = 𝑚𝑎𝑘𝑑 mod 𝑛
• If 𝑐, 𝑎𝑘 , 𝑛 is known, it is desired to find 𝑑 that will determine 𝑚.
Summary

• A user generates a public-key/private-key pair:

• The public key is made public
• The private key is kept secret
• Senders encrypt a message with the receiver’s public key
• Only the user that generated the key pair knows the private key
and can perform decryption
• Therefore, with PKC, we can communicate securely with someone
you have never communicated with before.