Cryptography

Lowell High School Research Class

1.Private Key Cryptography

Suppose that Alice and Bob are in physical contact with each other and want to set up

a way to communicate when they're far away fromeach other that's secure,in the sense

that an eavesdropper Eve won't be able to understand their messages if she intercepts

them.Alice and Bob can agree on a secret code before parting,which they can use to

encode and decode messages.

Caesar encryption:A basic way of generating secret codes is Caesar encryption.

This was used by Julius Caesar (the rst Roman emperor,who lived from 100 BC to

44 BC) to communicate with his generals.Alice and Bob agree on a number n between

1 and 26,and before one of them sends a message,he or she encodes it by replacing

each letter with the letter that is n letters in the alphabet after it,wrapping around

the letters at the end of the alphabet to the beginning of the alphabet.For example,if

n = 3 then D becomes G,and Z becomes C.The recipient of a message then replaces

each letter of a message that he or she received with the letter that is n letters before

it,in order to decode the message.

Exercise 1:Find a partner.Agree on a number n.If you are the older partner,

encrypt the word\red"using Caesar encryption with the number n,and pass it to

your partner.If you are the younger partner,encrypt the word\blue"and pass it to

your partner.Then decrypt the message that your partner gives you.

Caesar encryption is inadequate.Why?One reason is that there are only 26 possible

choices of n,so that Eve can try decoding the message with each of them and soon

nd the value of n that works.Another problem which applies even to analogs of

Caesar encryption with many more choices of n (for example,involving the replace-

ment chunks of letters instead of individual letters) is that certain letters and chunks

of letters appear much more often than others in the English language (and indeed

any language),and an eavesdropper can use frequency analysis to considerably narrow

down the possible values of n.

One-time pad:A better approach than simple Caesar encryption is the use of a one-

time pad.In this approach,before parting,Alice and Bob create two copies of the same

book,which contains a very long list of randomly generated numbers ranging from 1

to 26.Then before one of them sends a message to the other,he or she encrypts each

letter of his or her message using Caesar encryption with a value of n that varies:to

encode the n

th

letter of a message,they use Caesar encryption with n equal to the n

th

number in the book.

1

2

Exercise 2:Decode\RYK"assuming that it has been encoded with the one time pad

\3,2,25."

Important:Alice and Bob shouldn't use part of the pad more than once,otherwise

Eve can use frequency analysis.Instead,the method is for a sender of a message to

cross out the numbers of the book that he or she used,and for the recipient of the mes-

sage to cross out the part of the pad that the sender used,and for a subsequent sender

to start afresh with the rst numbers of the book that have not been used previously.

As long as no part of the pad is used more than once,and the numbers are random,

Eve cannot break the code without getting access to a copy of the book.

2.Public Key Cryptography

Problem:A customer purchases books on Amazon's website,he or she often enters

their credit card numbers,expiration dates and card security codes (the last of which

are three digit numbers on the backs of credit cards) into the website.When these

pieces of information are sent to Amazon,they go through many computers that are

not owned by Amazon.The owners of these computers could potentially take the

Amazon customer's credit card information and use it to buy things for themselves

without the permission of the credit card owner.

In order to guard against this outcome,it's necessary for the message to be

encrypted.However,Amazon has never met with its customers in person and so it

appears that Amazon and a customer can't share a one time pad with one another to

establish a code to use to communicate with...

Suppose that Alice runs Amazon's credit card processing unit and that Bob is an

Amazon customer.Somewhat surprisingly,Bob can securely transmit his credit card

information to Alice despite the fact that they've never met!One way of doing this

is via Die Hellman key exchange.This is not the method used by Amazon,but the

methods used by Amazon are similar in spirit.In order to place it in context,we will

discuss an important arithmetic fact.

Preliminaries for Die Hellman:

Since we'll frequently be referring to\remainder upon division by p,"and p will

be xed,we will abbreviate the phrase as\remainder."

A fundamental property concerning remainders,which we will use,is that mul-

tiplying two numbers m and n and then taking their remainder gives the same result

as taking the remainders of m and n,multiplying them together,and then taking the

remainder of the result.

3

This is a generalization of the case of p = 10,which is familiar.In the case p = 10,

the remainder of a number is its rightmost digit,and the fundamental property men-

tioned above is that the units digit of a product of two numbers m and n is the same

as the units digit of the product of the units digits of m and n.For example,if you

multiply 26 and 32 you get 26 32 = 832,which has the same nal digit as the product

6 2 = 12 of the nal digits of 26 and 32.

Exercise 3:Verify the fundamental property for p = 10,m= 39 and n = 33 by using

the multiplication algorithm.Verify the fundamental property for p = 7,m = 13 and

n = 23.

Homework:Convince yourself that the fundamental property is always true.

A special case of the fundamental property that we will use below is that the

remainder of g

k

is the same as that of (the remainder of g) to the k

th

power.

The fundamental property can be thought of as saying that a number and its

remainder are interchangeable in the context of computing remainders,so we need not

distinguish between the two,and will not do so below.

Die Hellman key exchange

In the procedure below,\Alice"is really\Alice's computer"and\Bob"is really\Bob's

computer."The procedure is as follows:

(1) Alice and Bob agree on a large ( 300 digit) prime p and a number g less than

p,such that g has about 300 digits.

(2) Alice randomly generates a number a and Bob randomly generates a number b,

each less than p and about 300 digits long.Alice and Bob keep these numbers

secret.

(3) Alice and Bob's shared secret will be the remainder of g

ab

.Because the remain-

der of g

ab

is in the range of 300 digits,it's big enough to use as a one-time pad

to transmit credit card information.

But how can Alice and Bob compute the remainder of g

ab

without communi-

cating a and b to one another and risking that an eavesdropper Eve intercepts

them and so can gure out the remainder of g

ab

herself?

(4) Alice computes the remainder of g

a

and sends it to Bob.Bob computes the

remainder of g

b

and sends it to Alice.

4

(5) As discussed later in this section,Eve cannot infer a from the remainder of g

a

or b from the remainder of g

b

in a reasonable amount of time,so a and b remain

secret in the previous step.

(6) Alice computes the remainder of (g

b

)

a

and Bob computes the remainder of (g

a

)

b

.

(7) Since (g

b

)

a

= g

ba

= g

ab

= (g

a

)

b

,in the previous step,Alice and Bob each com-

puted the remainder of g

ab

.This is their shared secret.

It is not immediately obvious that it is computationally feasible for Alice and Bob to

carry out the procedure,but using some basic ideas fromcomputer science and number

theory,it is in fact possible to program modern computers to carry out the above steps

in a reasonable amount of time.

An Example:For concreteness,here is an example,albeit one with g,p,a and b

much smaller than 300 digits:

(1) Suppose that p = 107 and g = 53,and that Alice chooses a = 102 and Bob

chooses b = 39.

(2) Alice computes the remainder of 53

102

,which is 16,and sends it to Bob.

(3) Bob computes the remainder of 53

39

,which is 13,and sends it to Alice.

(4) Alice computes the remainder of 13

102

,which is 40.

(5) Bob computes the remainder of 16

39

,which is 40.

(6) Thus,Alice and Bob have shared a secret:namely,the number\40".

Security of the Die Hellman Key Exchange

Eve has access to each of g,p,and the remainders of g

a

and g

b

.The only known

way for Eve to discover Alice and Bob's shared secret (the remainder of g

ab

is to gure

out at least one of a and b.The problem of nding b if you know g;p,and the re-

mainder of g

b

is known as the discrete log problem.The only known method of solving

the discrete log problem is to compute the remainders of g

k

for k 2 f1;2;3;:::g un-

til one hits on a value of k that gives a remainder that's the same as the remainder of g

b

.

In the numerical example above,it is feasible for Eve to do this.She only needs

to try the 106 values of k that are less than p = 107,and this doesn't take very long.

However,if p is 300 digits long,then there are nearly 10

300

values of k to check.Even

if Eve had access to all of the computers in the world,she couldn't nish doing this

before the heat death of the universe.Thus,Alice and Bob can be assured that Eve is

unable to eavesdrop.

The above remarks assume that there is no way of nding b other than trial and

error.Though it is widely believed that there is no faster way,nobody has been able

5

prove that this is the case.

More signicantly,the above remarks also assume that the computers that are used

operate based on the same principles that today's computers do.There is a theoretical

type of computer called a quantum computer that utilizes phenomena from quantum

mechanics to carry out computations.In 1994,Peter Shor proved that a quantum

computer that is large enough to do Alice and Bob's calculations in a reasonable

amount of time could also solve the discrete log problem in a comparable amount

of time.So the creation of a quantum computer of size comparable to our current

computers would render the Die-Hellman key exchange insecure.

Prepared by Jonah Sinick,who can be reached at jsinick@gmail.com

## Σχόλια 0

Συνδεθείτε για να κοινοποιήσετε σχόλιο