Comparative Study of Asymmetric Key Cryptographic Algorithms
Transcription
Comparative Study of Asymmetric Key Cryptographic Algorithms
ISSN:2249-5789 Prashant Kumar Arya et al , International Journal of Computer Science & Communication Networks,Vol 5(1),17-21 Comparative Study of Asymmetric Key Cryptographic Algorithms Prashant Kumar Arya Research Scholar, Department of Computer Science, Faculty Of Technology, Grukula Kangri Vishwavidyalaya, Haridwar, India prashantary@gmail.com Dr Mahendra Singh Aswal Assistant Professor, Department of Computer Science,Faculty of Technology, Grukula Kangri Vishwavidyalaya, Haridwar, India mahendra8367@gmail.com Dr Vinod Kumar Professor, Department of Computer Science, Faculty of Technology, Grukula Kangri Vishwavidyalaya, Haridwar, India vks_sun@ymail.com Abstract Cryptography is one of the main constituents of computer security. Public cryptography is the art of protecting information by transforming it (encrypting it) into an unreadable format, called cipher text. Only those who possess a secret key can decrypt the message into plain text. This paper reviews five commonly used asymmetric key cryptography algorithms namely RSA, Diffie–Hellman, ElGamal, DSA and ECC and present their comparative study. Keywords : Public, assymetric, encryption, security. 1. Introduction Today security is the challenging aspect in internet and network application. Cryptography is the study of mathematical techniques related to various aspects of information security, such as confidentiality or privacy, data integrity and entity authentication. It is not the only means of providing information security, but rather one set of techniques. Cryptography systems can be broadly classified into two categories symmetric-key systems that use a single key used by both sender and recipient , and public-key systems that use two keys, a public key known to everyone and a private key that only the recipient of messages uses. Symmetric / Private Key algorithms are a class of algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext and decryption of cipher text. The keys may be identical or there may be a simple transformation to go between the two keys. The keys, in practice, represent a shared secret between two or more parties that can be used to maintain a private information link. Public-key cryptography, also known as asymmetric cryptography, refers to a cryptographic algorithm which requires two separate keys, one of which is secret (or private) and other one is public. Although different, the two parts of this key pair are mathematically linked. The public key is used to encrypt plain text or to verify a digital signature. whereas the private key is used to decrypt cipher text or to create a digital signature. The term "asymmetric" stems from the use of different keys to perform these opposite functions each being the inverse of the other – as contrasted with conventional ("symmetric") cryptography which relies on the same key to perform both. The present paper discusses various aspects of public-key encryption techniques with their relative merits and demerits. The description of various categories of public-key cryptography techniques is presented in Section 2. Section 3 presents the comparative study of these algorithms based on different security aspects. Section 4 concludes the paper. 2. Public-Key Cryptography The requirement that both parties have access to the secret key is one of the main drawbacks of symmetric key encryption, in comparison to public-key encryption. There exist many symmetric key encryption algorithms. Several hundreds of these are proposed over the years and even though a lot were found not to be secure, there exist many cryptographically strong ones. The situation is quite different for asymmetric algorithms. There are only three major families of public key algorithms which are of practical relevance. They can be classified based on their underlying computational problem. Integer factorization schemes are based on the fact that it is difficult to factor large integers. The most prominent representative of this algorithms family is RSA. Discrete Logarithm Schemes are based on what is known as the discrete logarithm problem in finite fields. The most prominent examples include the DiffieHellman key exchange, Elgamal encryption or the digital signature algorithm.(DSA). A generalization of the discrete logarithms algorithms are elliptic curve (EC) public-key schemes. The most popular examples include Elliptical Curve DiffieHellman key exchange (ECDH) and Elliptical Curve Digital Signature Algorithm(ECDSA). There are no known attacks against any of the schemes if the parameters, especially the operand and key lengths are 17 ISSN:2249-5789 Prashant Kumar Arya et al , International Journal of Computer Science & Communication Networks,Vol 5(1),17-21 chosen carefully. It is important to note that each of the three families can be used to provide the main publickey mechanisms of key establishment, nonrepudiation through digital signatures and encryption data. 2.1 RSA Algorithm insecure communications channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher. The algorithm is itself limited to the exchange of keys. The Diffie–Hellman key exchange algorithm depends for its effectiveness on the difficulty of computing discrete logarithms [3]. 2.2.1 Key exchange Algorithm RSA is a cryptosystem, which is known as one of the first practicable public-key cryptosystems and is widely used for secure data transmission. In such a cryptosystem, the encryption key is public and differs from the decryption key which is kept secret. In RSA, this asymmetry is based on the practical difficulty of factoring the product of two large prime numbers, ie on the factoring problem. RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman, who first publicly described the algorithm in 1977[1]. 2.1.1. RSA Key Decryption generation encryption Let us assume the A and B want to agree upon a key to be used for encryption / decrypting messages that would be exchanged between them . The Diffie-Hellman key exchange algorithm works as follows [2]. 1. Firstly, A and B agree on two large prime numbers n and g. These two integers need not be kept secret. A and B can use an insecure channel to agree on them . 2. A chooses another large random number x and calculates c such that and RSA involves a public key and a private key. The public key can be known by everyone and is used for encrypting messages. Messages encrypted with the public key can only be decrypted in a reasonable amount of time using the private key. The keys for the RSA algorithm are generated in the following way c=g x mod n 3. A sends the number c to B 4. B independently chooses another large random integer y and calculate d such that d=g y mod n 1. Choose two distinct prime numbers p and q. 2. Compute n = p*q. 5. B sends number d to A 3. Select the public key ( i.e. the encryption key) e such that it is not factor of (p-1) and (q-1) 6. A now compute the secreate key K1 as follows 4. Select the public key ( i.e. the decryption key) d such that the following equation is true. (d*e) mod (p-1)*(q-1)=1. 5. For encryption calculate the cipher text CT from the plane text PT as follows CT=PT e mod n 6. Send CT as the cipher text to the receiver. 7. For decryption, calculate the plane text PT from the cipher text CT as follows. CT d mod n 2.2 Diffie–Hellman Algorithm The Diffie–Hellman key exchange scheme was first published by Whitfield Diffie and Martin Hellman in [1976]. Diffie–Hellman key exchange is a specific method of exchanging cryptographic keys. This method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an K1= d x mod n 7. B now computes the secret key K2 as follows. K2=c y mod n 2.3 Digital Signature Algorithm The Digital Signature Algorithm (DSA) is a Federal Information Processing Standard for digital signatures. It was proposed by the National Institute of Standards and Technology (NIST) in August 1991 for use in their Digital Signature Standard (DSS) and adopted as FIPS 186 in 1993. A digital signature algorithm (DSA) typically consists of three algorithms: A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key a signing algorithm that, given a massage and a private key, produces a signature. A signature verifying algorithm that, gives a massage, public key and a signature, either accept or reject the massages clame to authenticity [7]. 18 ISSN:2249-5789 Prashant Kumar Arya et al , International Journal of Computer Science & Communication Networks,Vol 5(1),17-21 2.3.1 Key generation 1. 2. Select a prime q of 160 bits 511+64t Choose 0≤t≤8, select 2 q/p-1 <p<2 512+64t 3. Select g in Zp and a=g(p-1)/q mod p.α≠ 1 4. Select 1≤ a ≤ q-1, compute y= α b mod p. 5. Public key (p,q, α ,y) private key a with 2.3.2 Signing Select a random integer k, 0<k< q. Compute r= (α k mod p) mod q. Compute k-1 mod q. compute s=k-1*(h(m)+ar) mod q. Signature=(r,s). 2.3.3. Verification : 2. A chooses a random x from {1............(q-1)} 3. A computes h=gx 4. A publishes h along with the description of G,q,g as her public key. Alice retains x as her private key which must be kept secret. 2.4.2 ElGamal Key Encryption The encryption algorithm works as follows: to encrypt a message m to A under her public key ,(G,q,g.h). 1. B chooses a random y from {1.........,(q-1)} then calculates c1 =gy 2. B calculates the shared secret s=hy 3. B converts his secret message m into m' an element of G 4. B calculates . c2=m'.s 5. B sends the ciphertext (c1, c2 )= (gy ,m'.hy) =( gy ,m'.(gx )y) to A. 1. Verify 0<r<q and 0<s<q, if not, invalid. 2. Compute w=s-1 mod q and h(m). 3. Compute u1=w*h(m) mod q. u2=r*w mod q. 4. Compute v=(α u1yu2 mod p)mod q. Note that one can easily find hy if one knows m'. Therefore, a new y is generated for every message to improve security. For this reason, y is also called an ephemeral key. 5. Valid if v=r. 2.4.3 ElGamal Decryption 2.4 ElGamal Algorithm In cryptography, the ElGamal encryption system is an asymmetric key encryption algorithm for public-key cryptography which is based on the Diffie–Hellman key exchange. It was described by Taher Elgamal in 1984. ElGamal encryption is used in the free GNU Privacy Guard software, recent versions of PGP, and other cryptosystems. The Digital Signature Algorithm is a variant of the ElGamal signature scheme, which should not be confused with ElGamal encryption. ElGamal encryption can be defined over any cyclic group G Its security depends upon the difficulty of a certain problem in G related to computing discrete logarithms The ElGamal is a public key algorithm, which can be used for both digital signature as well as encryption. Its security is based on the difficulty of computing discrete logarithms in a finite field. ElGamal encryption consists of three components: the key generator, the encryption algorithm, and the decryption algorithm [2]. 2.4.1 ElGamal Key generation The key generator works as follows: 1. A generates an efficient description of a multiplicative cyclic group G of q order with generator g. A a discussion on the required properties of this group is given below. The decryption algorithm works as follows: to decrypt a ciphertext (c1,c2 ) with her private key x, 1. A calculates the shared secret s=c1x 2. A then computes m'=c2.s-1 is converted back into the plaintext message m , where s -1 is inverse of s in the group . (E.g. modular multiplicative inverse if G is a subgroups of a multiplicative group of integers modulo n). The decryption algorithm produces the intended message, since c2.s-1=m'.hy.(gxy)-1=m'.gxy .g-xy =m' 2.5 Elliptic Curve Cryptography Algorithm Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. The use of elliptic curves in cryptography was suggested independently by Neal Koblitz and Victor S. Miller in 1985. Elliptic curve cryptography algorithms entered wide use in 2004 to 2005. The algorithm was approved by NIST in 2006. Let E be an elliptic curve over finite field Fp . Let p be a point on E(Fp ) and suppose that P 19 ISSN:2249-5789 Prashant Kumar Arya et al , International Journal of Computer Science & Communication Networks,Vol 5(1),17-21 has prime order n. then the cyclic subgroup E(Fp ) generated P is <P>={ ∞,P, 2P, 3P, 4P...........(n-1)P}.The prime P , the equation of the Elliptic curve E, and the point P and its order n are the public domain parameter. A private key is an integer d that is selected uniformly at random from the range [1,(n-1)] and the corresponding public key is Q=d*P [4], [5]. 2.5.1 Key pair generation Input Elliptic curve domain parameter (p,E,P,n) Output Public key Q and private key d. 1. Select d =R[1,(n-1)] 2. Compute Q=d*P. 3.Return (Q,d) The first task is to encode the plane text message m to be sent as an x-y point Pm. It is the point Pm that will be encrypted as cipher text and subsequently decrypted. To encrypt and send a message Pm to B, A Chosses a random positive intger k and produces the the cipher text Cm ={K*P, Pm + k*Q}, where Q is B's public key. The sender transmits the point C1=k*P and C2=Pm+K*q to the recipent. To decrypt the cipher text, B multiplies by the first point in the pair by B's secret key and subtract the result from the second point as Pm+k*q-d(k*P)=Pm+k(d*P)-d(kP)=Pm.. 1. Compute Pm =C2-d*C1 2. Compute ( Pm ). 3. Comparative Study All three of the established public-key algorithms families are based on number theoretic functions. One of their distinguishing feature is that they require arithmetic with very long operands and keys. Not surprisingly, the longer the operand and keys, the more secure the algorithm become. In order to compare different algorithms, one often considers the security level. An algorithms is said to have a “secure level of n bit ” if the best known attack requires 2n steps. This is a quite natural definition because symmetric algorithms with a security level of n have a key of length of n bit. Table 1 show recommended bit length for public key algorithms for the four security levels 80, 128, 192, and 256 bit. We see from the table the RSA-like schemes and discrete logarithms schemes require very long operands and keys. The key length of elliptical key schemes is significantly smaller, and hence require less computing power. The advantages and disadvantages of each algorithm are also pointed out in the table 1.[6], [7], [8] 4. Conclusion 2.5.2 Elliptic Curve Encryption Input : Elliptic curve domain parameter (p,E,P,n), public key Q, plane text m Output : Cipher text Cm 1. Represent the plane text m as a point Pm in E (Fp). 2. Select k [1,(n-1)]. 3. Compute C1=k*p 4. Compute C2=Pm+K*q. 5. Return (C1,C2). 2.5.3 Elliptical Curve Decryption Input : Elliptic curve domain parameter (p,E,P,n), private key d, Cipher text Cp. Output : Plane Text m. The paper reviews asymmetric key algorithms RSA , DSA, ECC, Diffie-Hellman and ElGamal. RSA is the most widely used public key technology today but the use of more simpler connected devices and demand for higher level of security will make continued reliance on RSA more challenging over time. These trends highlight a clear need for an efficient public key cryptosystem that can lower the capacity threshold for small devices to perform strong cryptography and increase a server's capacity to handle the secure communication. The RSA keys will need to grow to 2048 bits. ECC is an efficient alternative of RSA as a mean of improving SSL performance without restoring to expensive special purpose hardware. Compared to its traditional counterparts, ECC offers the same level of security using much smaller keys .This results in faster computations and saving in memory power and band width that are especially important in constrained environment, e.g. mobile phones, PDA's and smart cards. ECC offers equal security for a far smaller key size, thereby reducing processing overhead[8]. It looks though public-key schemes can provide all functions required by modern security protocols., but 20 ISSN:2249-5789 Prashant Kumar Arya et al , International Journal of Computer Science & Communication Networks,Vol 5(1),17-21 International Conference on Intelligent Network Computing(ICINC 2010), pp V2-475-V2-478. the major drawback in practice is that encryption of data is extremely slow- with public key algorithms. Many block and stream ciphers can encrypt about one hundred to one thousand times faster than public key algorithms. Thus somewhat ironically, public key cryptography is rarely used for actual encryption of data. On the other hand, symmetric algorithms are poor at providing non-repudiation and key establishment functionality. In order to use the best of both worlds, most practical protocols are hybrid protocols which incorporate both symmetric and public key algorithms. example include the SSL/TLS protocols that is commonly used for secure web connection, or IPsec, the security part of the Internet communication protocol. [4] Vivak Kapoor, Vivak Sonny Abraham, Ramesh Singh, “Elliptic Curve Cryptography”, ACM Ubiquity Volume 9, Issuse 20, May 2008 . [5] P. K. Shau, Dr. R. K. Chhotray, Dr. Gunamani Jena, Dr. S Pattnaik, “An Implementation of Elliptic Curve Cryptography”, International Journal of Engineering Research and Technology(IJERT) ISNN: 2278-0181, Vol 2 Issue 1, January 2013. [6] Swadeep Singh, Anupriya Garg, Anshul Sachdeva, “Comparision of Cryptograpic Algorithms ECC and RSA”, International Journal of Computer Science and Communication Engineering (IJCSC), Special issue on “Recent Advances in Engineering & Technology” NCRAET2013, ISSN 2319-7080. 5. References [1] William Stalling, “Cryptography and Network Security Principal and Practice”, Third Edition, Pearson 2006. [7] S Nithya, Dr E. George, Pankaj Raj, “Survey on Asymmetric key Cryptography Algorithms”, Journal of Advanced Computing Technologies (ISSN: 2347-2804) Volume NO. 2 Issue No. 1, Febuary 2014. [2] Atul Kahate, “Cryptography and Network Security”, Tata McGraw Hill Education Private Limited, Seventh Edition 2009. [3] Himanshu Gupta, Dr Vinod Kumar Sharma, “ Multiphase Encryption: A New Concept in Modern Cryptography”, Algorithm Family Crypto system Integer factorization RSA [8] Christof Paar, Jan Pelzl, Understanding Cryptography, Sprigner, ISBN 978-3-642-04100-6, 2010, page no. 170-172. Security Level( in bit) 80 128 192 and Advantage Disadvantage 256 1024 307 7680 2 15360 Only intended user can read Many secret key encryption the message using their private methods that is significantly key. faster than any current available public-key encryption. Discrete logarithm DH 1024 307 7680 2 15360 The shared key (i.e the secret) Lack of authentication. is never itself transmitted over the channel. Discrete logarithm DSA 1024 307 7680 2 15360 It is used for authentication and The security of private key integrity. depends entirely on the security of the computer. Discrete logarithm ElGamal 1024 307 7680 2 15360 The same planetext gives a The need for randomness and different ciphertext(with near slower speed and has long certainly ) each time it is ciphertext. encrypted. Elliptic Curves 512 ECC 160 256 384 Short key is faster and requires It is more expensive and it less computing power. shortens the life time of batteries. Table 1 21