Comparative Study of Asymmetric Key Cryptographic Algorithms

Transcription

Comparative Study of Asymmetric Key Cryptographic Algorithms
ISSN:2249-5789
Prashant Kumar Arya et al , International Journal of Computer Science & Communication Networks,Vol 5(1),17-21
Comparative Study of Asymmetric Key Cryptographic Algorithms
Prashant Kumar Arya
Research Scholar, Department of
Computer Science, Faculty Of
Technology, Grukula Kangri
Vishwavidyalaya, Haridwar, India
prashantary@gmail.com
Dr Mahendra Singh Aswal
Assistant Professor, Department of
Computer Science,Faculty of
Technology, Grukula Kangri
Vishwavidyalaya, Haridwar, India
mahendra8367@gmail.com
Dr Vinod Kumar
Professor, Department of Computer
Science, Faculty of Technology,
Grukula Kangri Vishwavidyalaya,
Haridwar, India vks_sun@ymail.com
Abstract
Cryptography is one of the main constituents of
computer security. Public cryptography is the art of
protecting information by transforming it (encrypting it)
into an unreadable format, called cipher text. Only
those who possess a secret key can decrypt the message
into plain text. This paper reviews five commonly used
asymmetric key cryptography algorithms namely RSA,
Diffie–Hellman, ElGamal, DSA and ECC and present
their comparative study.
Keywords : Public, assymetric, encryption, security.
1. Introduction
Today security is the challenging aspect in internet and
network application. Cryptography is the study of
mathematical techniques related to various aspects of
information security, such as confidentiality or privacy,
data integrity and entity authentication. It is not the
only means of providing information security, but rather
one set of techniques. Cryptography systems can be
broadly classified into two categories symmetric-key
systems that use a single key used by both sender and
recipient , and public-key systems that use two keys, a
public key known to everyone and a private key that
only the recipient of messages uses. Symmetric /
Private Key algorithms are a class of algorithms for
cryptography that use the same cryptographic keys for
both encryption of plaintext and decryption of cipher
text. The keys may be identical or there may be a
simple transformation to go between the two keys. The
keys, in practice, represent a shared secret between two
or more parties that can be used to maintain a private
information link.
Public-key cryptography, also known as asymmetric
cryptography, refers to a cryptographic algorithm which
requires two separate keys, one of which is secret (or
private) and other one is public. Although different, the
two parts of this key pair are mathematically linked.
The public key is used to encrypt plain text or to verify
a digital signature. whereas the private key is used to
decrypt cipher text or to create a digital signature. The
term "asymmetric" stems from the use of different keys
to perform these opposite functions each being the
inverse of the other – as contrasted with conventional
("symmetric") cryptography which relies on the same
key to perform both. The present paper discusses
various aspects of public-key encryption techniques
with their relative merits and demerits. The description
of various categories of public-key cryptography
techniques is presented in Section 2. Section 3 presents
the comparative study of these algorithms based on
different security aspects. Section 4 concludes the
paper.
2. Public-Key Cryptography
The requirement that both parties have access to the
secret key is one of the main drawbacks of symmetric
key encryption, in comparison to public-key encryption.
There exist many symmetric key encryption algorithms.
Several hundreds of these are proposed over the years
and even though a lot were found not to be secure, there
exist many cryptographically strong ones. The situation
is quite different for asymmetric algorithms. There are
only three major families of public key algorithms
which are of practical relevance. They can be classified
based on their underlying computational problem.
Integer factorization schemes are based on the fact that
it is difficult to factor large integers. The most
prominent representative of this algorithms family is
RSA.
Discrete Logarithm Schemes are based on what is
known as the discrete logarithm problem in finite fields.
The most prominent examples include the DiffieHellman key exchange, Elgamal encryption or the
digital signature algorithm.(DSA).
A generalization of the discrete logarithms algorithms
are elliptic curve (EC) public-key schemes. The most
popular examples include Elliptical Curve DiffieHellman key exchange (ECDH) and Elliptical Curve
Digital Signature Algorithm(ECDSA). There are no
known attacks against any of the schemes if the
parameters, especially the operand and key lengths are
17
ISSN:2249-5789
Prashant Kumar Arya et al , International Journal of Computer Science & Communication Networks,Vol 5(1),17-21
chosen carefully. It is important to note that each of the
three families can be used to provide the main publickey mechanisms of key establishment, nonrepudiation
through digital signatures and encryption data.
2.1 RSA Algorithm
insecure communications channel. This key can then be
used to encrypt subsequent communications using a
symmetric key cipher. The algorithm is itself limited to
the exchange of keys. The Diffie–Hellman key
exchange algorithm depends for its effectiveness on the
difficulty of computing discrete logarithms [3].
2.2.1 Key exchange Algorithm
RSA is a cryptosystem, which is known as one of the
first practicable public-key cryptosystems and is widely
used for secure data transmission. In such a
cryptosystem, the encryption key is public and differs
from the decryption key which is kept secret. In RSA,
this asymmetry is based on the practical difficulty of
factoring the product of two large prime numbers, ie on
the factoring problem. RSA stands for Ron Rivest, Adi
Shamir and Leonard Adleman, who first publicly
described the algorithm in 1977[1].
2.1.1.
RSA Key
Decryption
generation
encryption
Let us assume the A and B want to agree upon a key to
be used for encryption / decrypting messages that would
be exchanged between them . The Diffie-Hellman key
exchange algorithm works as follows [2].
1.
Firstly, A and B agree on two large prime
numbers n and g. These two integers need not
be kept secret. A and B can use an insecure
channel to agree on them .
2.
A chooses another large random number x and
calculates c such that
and
RSA involves a public key and a private key. The public
key can be known by everyone and is used for
encrypting messages. Messages encrypted with the
public key can only be decrypted in a reasonable
amount of time using the private key. The keys for the
RSA algorithm are generated in the following way
c=g x mod n
3.
A sends the number c to B
4.
B independently chooses another large random
integer y and calculate d such that
d=g y mod n
1.
Choose two distinct prime numbers p and q.
2.
Compute n = p*q.
5.
B sends number d to A
3.
Select the public key ( i.e. the encryption key)
e such that it is not factor of (p-1) and (q-1)
6.
A now compute the secreate key K1 as follows
4.
Select the public key ( i.e. the decryption key)
d such that the following equation is true.
(d*e) mod (p-1)*(q-1)=1.
5.
For encryption calculate the cipher text CT
from the plane text PT as follows
CT=PT e mod n
6.
Send CT as the cipher text to the receiver.
7.
For decryption, calculate the plane text PT
from the cipher text CT as follows.
CT d mod n
2.2 Diffie–Hellman Algorithm
The Diffie–Hellman key exchange scheme was first
published by Whitfield Diffie and Martin Hellman in
[1976]. Diffie–Hellman key exchange is a specific
method of exchanging cryptographic keys. This method
allows two parties that have no prior knowledge of each
other to jointly establish a shared secret key over an
K1= d x mod n
7.
B now computes the secret key K2 as follows.
K2=c y mod n
2.3 Digital Signature Algorithm
The Digital Signature Algorithm (DSA) is a Federal
Information Processing Standard for digital signatures.
It was proposed by the National Institute of Standards
and Technology (NIST) in August 1991 for use in their
Digital Signature Standard (DSS) and adopted as FIPS
186 in 1993.
A digital signature algorithm (DSA) typically consists
of three algorithms: A key generation algorithm that
selects a private key uniformly at random from a set of
possible private keys. The algorithm outputs the private
key and a corresponding public key a signing algorithm
that, given a massage and a private key, produces a
signature. A signature verifying algorithm that, gives a
massage, public key and a signature, either accept or
reject the massages clame to authenticity [7].
18
ISSN:2249-5789
Prashant Kumar Arya et al , International Journal of Computer Science & Communication Networks,Vol 5(1),17-21
2.3.1 Key generation
1.
2.
Select a prime q of 160 bits
511+64t
Choose 0≤t≤8, select 2
q/p-1
<p<2
512+64t
3.
Select g in Zp and a=g(p-1)/q mod p.α≠ 1
4.
Select 1≤ a ≤ q-1, compute y= α b mod p.
5.
Public key (p,q, α ,y) private key a
with
2.3.2 Signing

Select a random integer k, 0<k< q.

Compute r= (α k mod p) mod q.

Compute k-1 mod q.

compute s=k-1*(h(m)+ar) mod q.

Signature=(r,s).
2.3.3. Verification :
2.
A chooses a random x from {1............(q-1)}
3.
A computes h=gx
4.
A publishes h along with the description of
G,q,g as her public key. Alice retains x as her
private key which must be kept secret.
2.4.2 ElGamal Key Encryption
The encryption algorithm works as follows: to encrypt a
message m to A under her public key ,(G,q,g.h).
1.
B chooses a random y from {1.........,(q-1)}
then calculates c1 =gy
2.
B calculates the shared secret s=hy
3.
B converts his secret message m into m' an
element of G
4.
B calculates . c2=m'.s
5.
B sends the ciphertext (c1, c2 )= (gy ,m'.hy) =(
gy ,m'.(gx )y) to A.
1. Verify 0<r<q and 0<s<q, if not, invalid.
2. Compute w=s-1 mod q and h(m).
3. Compute u1=w*h(m) mod q. u2=r*w mod q.
4. Compute v=(α u1yu2 mod p)mod q.
Note that one can easily find hy if one knows m'.
Therefore, a new y is generated for every message to
improve security. For this reason, y is also called an
ephemeral key.
5. Valid if v=r.
2.4.3 ElGamal Decryption
2.4 ElGamal Algorithm
In cryptography, the ElGamal encryption system is an
asymmetric key encryption algorithm for public-key
cryptography which is based on the Diffie–Hellman key
exchange. It was described by Taher Elgamal in 1984.
ElGamal encryption is used in the free GNU Privacy
Guard software, recent versions of PGP, and other
cryptosystems. The Digital Signature Algorithm is a
variant of the ElGamal signature scheme, which should
not be confused with ElGamal encryption. ElGamal
encryption can be defined over any cyclic group G Its
security depends upon the difficulty of a certain
problem in G related to computing discrete logarithms
The ElGamal is a public key algorithm, which can be
used for both digital signature as well as encryption. Its
security is based on the difficulty of computing discrete
logarithms in a finite field.
ElGamal encryption consists of three components: the
key generator, the encryption algorithm, and the
decryption algorithm [2].
2.4.1 ElGamal Key generation
The key generator works as follows:
1.
A generates an efficient description of a
multiplicative cyclic group G of q order with
generator g. A a discussion on the required
properties of this group is given below.
The decryption algorithm works as follows: to decrypt a
ciphertext (c1,c2 ) with her private key x,
1.
A calculates the shared secret s=c1x
2.
A then computes m'=c2.s-1 is converted back
into the plaintext message m , where s -1 is
inverse of s in the group . (E.g. modular
multiplicative inverse if G is a subgroups of a
multiplicative group of integers modulo n).
The decryption algorithm produces the intended
message, since
c2.s-1=m'.hy.(gxy)-1=m'.gxy .g-xy =m'
2.5 Elliptic Curve Cryptography Algorithm
Elliptic curve cryptography (ECC) is an approach to
public-key cryptography based on the algebraic
structure of elliptic curves over finite fields. The use of
elliptic curves in cryptography was suggested
independently by Neal Koblitz and Victor S. Miller in
1985. Elliptic curve cryptography algorithms entered
wide use in 2004 to 2005. The algorithm was approved
by NIST in 2006. Let E be an elliptic curve over finite
field Fp . Let p be a point on E(Fp ) and suppose that P
19
ISSN:2249-5789
Prashant Kumar Arya et al , International Journal of Computer Science & Communication Networks,Vol 5(1),17-21
has prime order n. then the cyclic subgroup E(Fp )
generated P is <P>={ ∞,P, 2P, 3P, 4P...........(n-1)P}.The
prime P , the equation of the Elliptic curve E, and the
point P and its order n are the public domain parameter.
A private key is an integer d that is selected uniformly
at random from the range [1,(n-1)] and the
corresponding public key is Q=d*P [4], [5].
2.5.1 Key pair generation
Input Elliptic curve domain parameter (p,E,P,n)
Output Public key Q and private key d.
1. Select d =R[1,(n-1)]
2. Compute Q=d*P.
3.Return (Q,d)
The first task is to encode the plane text message m to
be sent as an x-y point Pm. It is the point Pm that will be
encrypted as cipher text and subsequently decrypted. To
encrypt and send a message Pm to B, A Chosses a
random positive intger k and produces the the cipher
text Cm ={K*P, Pm + k*Q}, where Q is B's public key.
The sender transmits the point C1=k*P and
C2=Pm+K*q to the recipent. To decrypt the cipher text,
B multiplies by the first point in the pair by B's secret
key and subtract the result from the second point as
Pm+k*q-d(k*P)=Pm+k(d*P)-d(kP)=Pm..
1.
Compute Pm =C2-d*C1
2. Compute ( Pm ).
3. Comparative Study
All three of the established public-key algorithms
families are based on number theoretic functions. One
of their distinguishing feature is that they require
arithmetic with very long operands and keys. Not
surprisingly, the longer the operand and keys, the more
secure the algorithm become. In order to compare
different algorithms, one often considers the security
level. An algorithms is said to have a “secure level of n
bit ” if the best known attack requires 2n steps. This is a
quite natural definition because symmetric algorithms
with a security level of n have a key of length of n bit.
Table 1 show recommended bit length for public key
algorithms for the four security levels 80, 128, 192, and
256 bit. We see from the table the RSA-like schemes
and discrete logarithms schemes require very long
operands and keys. The key length of elliptical key
schemes is significantly smaller, and hence require less
computing power. The advantages and disadvantages
of each algorithm are also pointed out in the table
1.[6], [7], [8]
4. Conclusion
2.5.2 Elliptic Curve Encryption
Input
: Elliptic curve domain parameter (p,E,P,n),
public key Q, plane text m
Output
: Cipher text Cm
1. Represent the plane text m as a point
Pm in E (Fp).
2. Select k [1,(n-1)].
3. Compute C1=k*p
4. Compute C2=Pm+K*q.
5. Return (C1,C2).
2.5.3 Elliptical Curve Decryption
Input : Elliptic curve domain parameter (p,E,P,n),
private key d, Cipher text Cp.
Output : Plane Text m.
The paper reviews asymmetric key algorithms RSA ,
DSA, ECC, Diffie-Hellman and ElGamal. RSA is the
most widely used public key technology today but the
use of more simpler connected devices and demand for
higher level of security will make continued reliance
on RSA more challenging over time. These trends
highlight a clear need for an efficient public key
cryptosystem that can lower the capacity threshold for
small devices to perform strong cryptography and
increase a server's capacity to handle the secure
communication. The RSA keys will need to grow to
2048 bits. ECC is an efficient alternative of RSA as a
mean of improving SSL performance without restoring
to expensive special purpose hardware. Compared to its
traditional counterparts, ECC offers the same level of
security using much smaller keys .This results in faster
computations and saving in memory power and band
width that are especially important in constrained
environment, e.g. mobile phones, PDA's and smart
cards. ECC offers equal security for a far smaller key
size, thereby reducing processing overhead[8].
It looks though public-key schemes can provide all
functions required by modern security protocols., but
20
ISSN:2249-5789
Prashant Kumar Arya et al , International Journal of Computer Science & Communication Networks,Vol 5(1),17-21
International Conference on Intelligent Network
Computing(ICINC 2010), pp V2-475-V2-478.
the major drawback in practice is that encryption of
data is extremely slow- with public key algorithms.
Many block and stream ciphers can encrypt about one
hundred to one thousand times faster than public key
algorithms. Thus somewhat ironically, public key
cryptography is rarely used for actual encryption of
data. On the other hand, symmetric algorithms are poor
at providing non-repudiation and key establishment
functionality. In order to use the best of both worlds,
most practical protocols are hybrid protocols which
incorporate both symmetric and public key algorithms.
example include the SSL/TLS protocols that is
commonly used for secure web connection, or IPsec,
the security part of the Internet communication
protocol.
[4] Vivak Kapoor, Vivak Sonny Abraham, Ramesh Singh,
“Elliptic Curve Cryptography”, ACM Ubiquity Volume 9,
Issuse 20, May 2008 .
[5] P. K. Shau, Dr. R. K. Chhotray, Dr. Gunamani Jena, Dr. S
Pattnaik, “An Implementation of Elliptic Curve
Cryptography”, International Journal of Engineering Research
and Technology(IJERT) ISNN: 2278-0181, Vol 2 Issue 1,
January 2013.
[6] Swadeep Singh, Anupriya Garg, Anshul Sachdeva,
“Comparision of Cryptograpic Algorithms ECC and RSA”,
International
Journal
of
Computer
Science
and
Communication Engineering (IJCSC), Special issue on
“Recent Advances in Engineering & Technology” NCRAET2013, ISSN 2319-7080.
5. References
[1] William Stalling, “Cryptography and Network Security
Principal and Practice”, Third Edition, Pearson 2006.
[7] S Nithya, Dr E. George, Pankaj Raj, “Survey on
Asymmetric key Cryptography Algorithms”, Journal of
Advanced Computing Technologies (ISSN: 2347-2804)
Volume NO. 2 Issue No. 1, Febuary 2014.
[2] Atul Kahate, “Cryptography and Network Security”, Tata
McGraw Hill Education Private Limited, Seventh Edition
2009.
[3] Himanshu Gupta, Dr Vinod Kumar Sharma, “ Multiphase
Encryption: A New Concept in Modern Cryptography”,
Algorithm
Family
Crypto
system
Integer
factorization
RSA
[8] Christof Paar, Jan Pelzl, Understanding Cryptography,
Sprigner, ISBN 978-3-642-04100-6, 2010, page no. 170-172.
Security Level( in bit)
80
128 192
and
Advantage
Disadvantage
256
1024 307 7680
2
15360 Only intended user can read Many secret key encryption
the message using their private methods that is significantly
key.
faster
than
any
current
available
public-key
encryption.
Discrete logarithm DH
1024 307 7680
2
15360 The shared key (i.e the secret) Lack of authentication.
is never itself transmitted over
the channel.
Discrete logarithm DSA
1024 307 7680
2
15360 It is used for authentication and The security of private key
integrity.
depends entirely on the security
of the computer.
Discrete logarithm ElGamal 1024 307 7680
2
15360 The same planetext gives a The need for randomness and
different ciphertext(with near slower speed and has long
certainly ) each time it is ciphertext.
encrypted.
Elliptic Curves
512
ECC
160
256 384
Short key is faster and requires It is more expensive and it
less computing power.
shortens the life time of
batteries.
Table 1
21