Post on 14-Dec-2015
Data SecurityData Security 11
El_Gamal Cryptography
Data SecurityData Security 22
IntroductionIntroduction
El_Gamal is a public-key cryptosystem El_Gamal is a public-key cryptosystem techniquetechnique
was designed by Dr. Taher Elgamal .was designed by Dr. Taher Elgamal .
El_GamalEl_Gamal depends on the one way depends on the one way function, means that the encryption and function, means that the encryption and decryption are done in separate functions.decryption are done in separate functions.
Data SecurityData Security 33
IntroductionIntroduction
The encryption process requires two The encryption process requires two modular exponentiations (extra modular exponentiations (extra time).time).
A disadvantage of El_Gamal encryption is A disadvantage of El_Gamal encryption is that there is message expansion by a that there is message expansion by a factor of 2. That is, the ciphertext is twice factor of 2. That is, the ciphertext is twice as long as the corresponding plaintext.as long as the corresponding plaintext.
Data SecurityData Security 44
Key generationKey generation
Receiver A must do the following:Receiver A must do the following:
1- Generate a large random prime number (p)1- Generate a large random prime number (p)
2- Choose a generator number (a) 2- Choose a generator number (a) {show in slide 7 }{show in slide 7 }
3- Choose an integer (x) less than (p-2) ,as 3- Choose an integer (x) less than (p-2) ,as secretsecret
number.number.
Data SecurityData Security 55
Key generationKey generation
4- 4- Compute (d) whereCompute (d) where
d= ad= axx mod p mod p
5-5- Determine the public key (p, a, d) Determine the public key (p, a, d)
and the private key (x)and the private key (x)
Data SecurityData Security 66
Key generationKey generation
Example :Example :
let p = 11 and a = 2 and x = 5let p = 11 and a = 2 and x = 5
calculate d = 2calculate d = 255 mod 11 = 10 mod 11 = 10
public key = (11 ,2 ,10)public key = (11 ,2 ,10)
private key = (5)private key = (5)
Data SecurityData Security 77
Generator numberGenerator number
How to test (a) generator or not :How to test (a) generator or not :
1- (a) must be between 1 and p-11- (a) must be between 1 and p-1
2- Find Ø = p-12- Find Ø = p-1
3- Find the all factors of Ø {f1,f2,….,fn} – 3- Find the all factors of Ø {f1,f2,….,fn} – { 1 }{ 1 }
Data SecurityData Security 88
Generator numberGenerator number
4- Find {q1,q2,…..,qn} where 4- Find {q1,q2,…..,qn} where
qi = fiqi = fi
for the redundant factors for the redundant factors
qi = fiqi = fifreqfreq
5- (a) generator number if and only if 5- (a) generator number if and only if
wi= awi= a Ø/qi Ø/qi mode p <> 1 , for all qi mode p <> 1 , for all qi
Data SecurityData Security 99
Generator numberGenerator number
Example 1Example 1 : : let p= 11 , a=2 ,test a is generator number let p= 11 , a=2 ,test a is generator number
or not ? or not ? sol:sol: Ø= p-1 = 10 , factors of 10 = {2 , 5}Ø= p-1 = 10 , factors of 10 = {2 , 5} q1 = 2 ,q2 = 5q1 = 2 ,q2 = 5 w1 = 2w1 = 210/210/2 mod 11 = 10 <> 1mod 11 = 10 <> 1 w2 = 2w2 = 210/510/5 mod 11 = 4 <> 1 mod 11 = 4 <> 1 i.e a generator number .i.e a generator number .
Data SecurityData Security 1010
Generator numberGenerator number
Example 2Example 2 : : let p= 11 , a=3 ,test a is generator number let p= 11 , a=3 ,test a is generator number
or not ? or not ? sol:sol: Ø= p-1 = 10 , factors of 10 = {2 , 5}Ø= p-1 = 10 , factors of 10 = {2 , 5} q1 = 2 ,q2 = 5q1 = 2 ,q2 = 5 w1 = 3w1 = 310/210/2 mod 11 = 1== 1mod 11 = 1== 1 w2 = 3w2 = 310/510/5 mod 11 = 9 <> 1 mod 11 = 9 <> 1 i.e a not generator number .i.e a not generator number .
Data SecurityData Security 1111
Generator numberGenerator number
Example 3 :Example 3 : let p= 41 , a=2 ,test a is generator number let p= 41 , a=2 ,test a is generator number
or not ? or not ? sol:sol: Ø= p-1 = 40 , factors of 40 = {2 , 2 , 2, 5}Ø= p-1 = 40 , factors of 40 = {2 , 2 , 2, 5} q1 = 2q1 = 211 = 2 ,q2 = 2 = 2 ,q2 = 222 = 4,q3 = 2 = 4,q3 = 233 = 8 = 8 q4 = 5q4 = 5 w1 = 2w1 = 240/240/2 mod 41 = 0.98 <> 1 mod 41 = 0.98 <> 1 w2 = 2w2 = 240/440/4 mod 41 = 40 <> 1 mod 41 = 40 <> 1
Data SecurityData Security 1212
Generator numberGenerator number
w2 = 2w2 = 240/840/8 mod 41 = 32 <> 1 mod 41 = 32 <> 1
w2 = 2w2 = 240/540/5 mod 41 = 10 <> 1 mod 41 = 10 <> 1
i.e a generator numberi.e a generator number
Data SecurityData Security 1313
Encryption Encryption
Sender B must do the following :Sender B must do the following :
1- Obtain the public key (p , a , d ) from1- Obtain the public key (p , a , d ) from
the receiver A.the receiver A.
2- Choose an integer k such that :2- Choose an integer k such that :
1 < k < p-2 1 < k < p-2
Data SecurityData Security 1414
EncryptionEncryption
3- Represent the plaintext as an integer m 3- Represent the plaintext as an integer m where where 0 < m < p-1 0 < m < p-1
4- compute (y) as follows :4- compute (y) as follows :
y = ay = akk mod p mod p
5- compute (z) as follows :5- compute (z) as follows :
z = (dz = (dkk * m ) mod p * m ) mod p
Data SecurityData Security 1515
EncryptionEncryption
6- Find the ciphertext (C) as follows :6- Find the ciphertext (C) as follows :
C= ( y , z )C= ( y , z )
7- The sender B send C to The receiver A .7- The sender B send C to The receiver A .
Data SecurityData Security 1616
DecryptionDecryption
Receiver A must do the following :Receiver A must do the following :
1- Obtain the ciphertext (C) from B .1- Obtain the ciphertext (C) from B .
2- compute (r) as follows :2- compute (r) as follows : r = yr = yp-1-xp-1-x mod p mod p
3- Recover the plaintext as follows:3- Recover the plaintext as follows: m = ( r * z ) mod p m = ( r * z ) mod p
Data SecurityData Security 1717
ExampleExample
Let p = 11 and a generator number = 2Let p = 11 and a generator number = 2
and select integer number x = 5and select integer number x = 5
calculate d = 2calculate d = 255 mod 11 = 10 mod 11 = 10
Then Then
public key = ( 11 , 2 , 10)public key = ( 11 , 2 , 10)
private key = (5)private key = (5)
Data SecurityData Security 1818
ExampleExample
Plaintext = AgePlaintext = Age
Represent the plaintext as integer value as Represent the plaintext as integer value as follows:follows:
The new plaintext = ( 1 7 5 )The new plaintext = ( 1 7 5 )
Data SecurityData Security 1919
ExampleExample
Encryption (sender):Encryption (sender):
y = ay = akk mod p , z = (d mod p , z = (dkk * m ) mod p * m ) mod p
Choose an random integer value k = 6Choose an random integer value k = 6
yyAA = 2 = 266 mod 11 = 9 mod 11 = 9
zzAA = (10 = (1066*1) mod 11 = 1*1) mod 11 = 1
Data SecurityData Security 2020
ExampleExample
Choose an random integer value k = 4Choose an random integer value k = 4 yygg = 2 = 244 mod 11 = 5 mod 11 = 5 zzgg = (10 = (1044*7) mod 11 = 7*7) mod 11 = 7
Choose an random integer value k = 7Choose an random integer value k = 7 yyee = 2 = 277 mod 11 = 7 mod 11 = 7 zzee = (10 = (1077*5) mod 11 = 6*5) mod 11 = 6
Ciphertext = (9,1) (5,7) (7,6) Ciphertext = (9,1) (5,7) (7,6)
The sender B send the ciphertext to the receiver A.The sender B send the ciphertext to the receiver A.
Data SecurityData Security 2121
ExampleExample
The receiver decrypt the ciphertext as follows :The receiver decrypt the ciphertext as follows :
Compute (r) and (m) whereCompute (r) and (m) where
r = yr = yp-1-xp-1-x mod p , m = ( r * z ) mod p mod p , m = ( r * z ) mod p
r1= 9r1= 911-1-511-1-5 mod 11 = 1 mod 11 = 1
m1= (1*1) mod 11= 1m1= (1*1) mod 11= 1
Data SecurityData Security 2222
ExampleExample
r1= 5r1= 511-1-511-1-5 mod 11 = 1 mod 11 = 1
m2 = ( 1 * 7 ) mod 11 = 7m2 = ( 1 * 7 ) mod 11 = 7
r1= 7r1= 711-1-511-1-5 mod 11 = 10 mod 11 = 10
m3 = ( 10 * 6 ) mod 11 = 5m3 = ( 10 * 6 ) mod 11 = 5
Data SecurityData Security 2323
ExampleExample
The receiver find the plaintext ( 1 7 5 )The receiver find the plaintext ( 1 7 5 )
Convert the plaintext to letters = AgeConvert the plaintext to letters = Age
Data SecurityData Security 2424
End End
For more information about For more information about EL_Gamal cryptosystem please visit :EL_Gamal cryptosystem please visit :
http://en.wikipedia.org/wiki/Taher_ElGamalhttp://en.wikipedia.org/wiki/Taher_ElGamal