- Greetings and Felicitations!
- Puzzle of the Day
- Public-Key Cryptography
- Basic idea: 2 keys, one private, one public
- Cryptosystem must satisfy:
- given public key, CI to get private key;
- cipher withstands chosen plaintext attack;
- encryption, decryption computationally feasible [note: commutativity not required]
- Benefits: can give confidentiality or authentication or both

- Use of PKC
- Normally used as key interchange system to exchange secret keys (cheap)
- Then use secret key system (too expensive to use PKC for this)

- RSA
- Provides both authenticity and confidentiality
- Go through algorithm:

Idea:*C*=*M*^{e}**mod***n*,*M*=*C*^{d}**mod***n*, with*ed***mod**PHI(*n*) = 1.

Proof:*M*^{PHI(n)}**mod***n*= 1 [by Fermat's theorem as generalized by Euler]; follows immediately from*ed***mod**PHI(*n*) = 1.

Public key is (*e*,*n*n); private key is*d*. Choose*n*=*pq*; then PHI(*n*) = (*p*-1)(*q*-1). - Example:

*p*= 5,*q*= 7;*n*= 35, PHI(*n*) = (5-1)(7-1) = 24. Pick*d*= 11. Then*de***mod**PHI(*n*) = 1, so choose*e*= 11. To encipher 2,*C*=*M*^{e}**mod***n*= 2^{11}**mod**35 = 2048**mod**35 = 18.*M*=*C*^{d}**mod***n*= 18^{11}**mod**35 = 18. - Example:

*p*= 53,*q*= 61,*n*= 3233, PHI(*n*) = (53-1)(61-1) = 3120. Take*d*= 791; then*e*= 71. Encipher*M*= RENAISSANCE: A = 00, B = 01, ..., Z = 25, blank = 26. Then:

*M*= RE NA IS SA NC Eblank = 1704 1300 0818 1800 1302 0426

*C*= (1704)^{71}**mod**3233 = 3106;*etc*. = 3106 0100 0931 2691 1984 2927

- Authentication:
- validating client (user) identity
- validating server (system) identity
- validating both (mutual authentication)

- Basis
- What you know
- What you have
- What you are

- Passwords
- How UNIX does selection
- Problem: common passwords; Go through Morris and Thompson;
Klein and mine,
*etc*. - May be pass phrases: goal is to make search space as large as possible and distribution as uniform as possible
- Other ways to force good password selection: random, pronounceable, computer-aided selection
- Go through problems, approaches to each, esp. proactive

Send email to cs153@csif.cs.ucdavis.edu.

Department of Computer Science

University of California at Davis

Davis, CA 95616-8562