Title: Writing program in C++ or Java to implement RSA algorithm for key generation and cipher verification.

Objective: To study,
1. Public key algorithm.
2. RSA algorithm
3. Concept of Public key and Private Key.

Theory:

Public Key Algorithm:

Asymmetric algorithms rely on one key for encryption and a different but related key for decryption. These algorithms have the following important characteristics:

• It is computationally infeasible to determine the decryption key given only knowledge of the cryptographic algorithm and the encryption key.

In addition, some algorithms, such as RSA, also exhibit the following characteristics:

• Either of the two related keys can be used for encryption, with the other used for decryption. A public key encryption scheme has six ingredients:

• Plaintext: This is readable message or data that is fed into the algorithm as input.

• Encryption algorithm: The encryption algorithm performs various transformations on the plaintext.

• Public and private key: This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption. The exact transformations performed by the algorithm depend on the public or private key that is provided as input.

• Cipher text: This is the scrambled message produced as output. It depends on the plaintext and the key. For a given message, two different keys will produce two different cipher texts.

• Decryption algorithm: This algorithm accepts the ciphertext and the matching key and produces the original plaintext. [pic]
The essential steps are as the following:
1. Each user generates a pair of keys to be used for the encryption and decryption of messages. 2. Each user places one of the two keys in a public register or the other accessible file. This is the public key. The companion key is kept private. As...

...you understand by symmetric key cryptography? What are the main advantages and disadvantages of symmetric key cryptography? 13.21 What is publickey encryption? In what way is it different from private key encryption? Why is it important in E-Commerce? 13.22 What are the main differences between DES based encryption and RSA based encryption? Is it possible to combine these two systems? If so explain how? 13.23 Given two prime numbers 23 and 41 design a RSA system. Explain with an example how it works. letter + 6 ) and
13.24
What is a digital signature? Why is it necessary in E-Commerce? What are the necessary conditions a hash function used in digital signature should satisfy?
13.25
Give a block diagram of a system for transmitting a signed purchase order from business 1 to business 2.
13.26
What is a certifying authority? Why is a certifying authority required in ECommerce? How does a certifying authority performs its tasks?
13.27
What types of electronic payment systems are required in E-Commerce? Why are there different types of payment systems? Explain the necessary characteristics of each type of payment system and give an example each of where it is used.
13.28
Explain SET protocol used in credit card transactions. What is the main interesting aspect of SET protocol which gives confidence to customers transacting business using the...

...A
Term Paper
On
RSA
Subject: Information System and Cyber Laws
Bachelor of Technology
In
Computer Science & Engineering
Session: 2012-13
Submitted to: Submitted by:
Ms. Shruti Saxena Arpit Varshney
Roll No.1012210026
Group: 61
SHRI RAMSWAROOP MEMORIAL Group OF
PROFESSIONAL COLLEGES, LUCKNOW
Affiliated to
G.B. TECHNICAL UNIVERSITY, LUCKNOW
INTRODUCTION
*RSA is an algorithm for public-key cryptography that is based on the presumed difficulty of factoring large integers, the factoring problem.
* RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman, who first publicly described the algorithm in 1977.
* Clifford Cocks, an English mathematician, had developed an equivalent system in 1973, but it was classified until 1997
* The RSA scheme is a block cipher in which the plain text and cipher text are integers between 0 and n-1 for some n.
* A Typical size of n is 1024 bits or 309 decimal digits.
* This is a publickey encryption scheme.
* In this scheme two pairs of integers {e, n} and {d, n} are used. First of them i.e. {e.n} is called the RSApublickey and the other one i.e. {d, n} is called the RSA secret key.
* The sender uses the...

...
PublicKey Infrastructure
(PKI)
TS5130 System Development Theory and Practice
June 16, 2007
Table of Contents
Purpose and Function: 7
How PKI Works: 9
Table of Figures
Figure 1: Required Key and Certificate Management Services 8
Figure 2: How PKI Works 10
Abstract
This paper is intended to show the importance using a PublicKey Infrastructure (PKI). PKI is a broad subject matter and is constantly evolving to meet the growing demands of the business world. This paper will address PKI at a relatively high-level and will not include details regarding the underlying cryptography (Weise, 2001). This paper will cover the history behind PKI, why we should us PKI, its purposes and functions how PKI works.
Introduction
With today’s security threat of hackers, spammers and viruses infecting computers, PKI is an essential component of an overall security strategy that must work in concert with other security mechanisms, business practices, and risk management efforts to help protect vital information (Weise, 2001). The Internet isn’t the only area of security that needs PKI, e-mail systems need...

...message
Prevents others from viewing the message
Provides confidentiality protection
Question 2
This occurs when a parent network provides filtering for traffic before it enters the child network to which individual and business customers connect.
upstream filtering
firewall filtering
edge device filtering
defensive filtering
1 points
Question 3
To reduce risk of vulnerability, some VPNs use rekeying processes. This particular type of rekeying triggers when a specific amount of traffic is transmitted.
election rekeying
volume rekeying
idle rekeying
time rekeying
Question 4
________, a sub-set of asymmetric cryptography, is based on key pairs.
digital certificate
multi-factor authentication
ciphertext
publickey cryptography
Question 5
A hacker captures and retransmits authentication packets against the same server in order to gain interactive or session access to a system. This describes which type of attack?
Replay
Insertion
Buffer overflow
Hijacking
Question 6
What is an advantage of VPN tunnel mode?
Encapsulates protocol headers only
Encapsulates packet payloads only
Encapsulates protocol headers and packet payloads
Does not encapsulate any part of the packet
Question 7
A ________ allows an organization to know and control the pathway of their transmissions.
client-to-server VPN
trusted...

...The RSA Algorithm
Evgeny Milanov 3 June 2009
In 1978, Ron Rivest, Adi Shamir, and Leonard Adleman introduced a cryptographic algorithm, which was essentially to replace the less secure National Bureau of Standards (NBS) algorithm. Most importantly, RSA implements a public-key cryptosystem, as well as digital signatures. RSA is motivated by the published works of Diﬃe and Hellman from several years before, who described the idea of such an algorithm, but never truly developed it. Introduced at the time when the era of electronic email was expected to soon arise, RSA implemented two important ideas: 1. Public-key encryption. This idea omits the need for a “courier” to deliver keys to recipients over another secure channel before transmitting the originally-intended message. In RSA, encryption keys are public, while the decryption keys are not, so only the person with the correct decryption key can decipher an encrypted message. Everyone has their own encryption and decryption keys. The keys must be made in such a way that the decryption key may not be easily deduced from the public encryption key. 2. Digital signatures. The receiver may need to verify that a transmitted message actually originated from the sender...

...PublicKey Infrastructure (PKI)
PublicKey Infrastructure (PKI) is a security architecture that has been introduced to provide an increasedlevel of confidence for exchanging information over an increasingly insecure Internet.
PKI may involve the use of methods, technologies and techniques that together provide a secure infrastructure. PKI involves the use of a publickey and private key pair for authentication and proof of content. A PKI infrastructure is expected to offer its users the following benefits:
• certainty of the quality of information sent and received electronically
• certainty of the source and destination of that information
• assurance of the time and timing of that information (providing the source of time is known)
• certainty of the privacy of that information
• assurance that the information may be introduced as evidence in a court or law
These facilities are delivered using a mathematical technique called publickey cryptography, which uses a pair of related cryptographic keys to verify the identity of the sender (signing) and/or to ensure privacy (encryption).
How the PublicKey Cryptography concept works
Publickey cryptography uses a pair of mathematically related cryptographic keys. If one key is used to encrypt...

...1) How does the publickey cryptography work? Explain in detail?
1. Public-key, what it is
Public-key refers to a cryptographic mechanism. It has been named public-key to differentiate it from the traditional and more intuitive cryptographic mechanism known as: symmetric-key, shared secret, secret-key and also called private-key.
Symmetric-key cryptography is a mechanism by which the same key is used for both encrypting and decrypting; it is more intuitive because of its similarity with what you expect to use for locking and unlocking a door: the same key. This characteristic requires sophisticated mechanisms to securely distribute the secret-key to both parties2.
Public-key on the other hand, introduces another concept involving key pairs: one for encrypting, the other for decrypting. This concept, as you will see below, is very clever and attractive, and provides a great deal of advantages over symmetric-key:
• Simplified key distribution
• Digital Signature
• Long-term encryption
However, it is important to note that symmetric-key still plays a major role in the implementation of a Public-key Infrastructure or PKI.
1.1 A...

...
Public-Key Infrastructure
RFC 2822 (Internet Security Glossary) defines public-key infrastructure (PKI) as the set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke digital certificates based on asymmetric cryptography. The principal objective for developing a PKI is to enable secure, convenient, and efficient acquisition of publickeys. The Internet Engineering Task Force (IETF) PublicKey Infrastructure X.509 (PKIX) working group has been the driving force behind setting up a formal (and generic) model based on X.509 that is suitable for deploying a certificate-based architecture on the Internet. This section describes the PKIX model.
[pic]
Figure 14.7 shows the interrelationship among the key elements of the PKIX model. These elements are
• End entity:
o A generic term used to denote end users, devices (e.g., servers, routers), or any other entity that can be identified in the subject field of a publickey certificate. End entities typically consume and/or support PKI-related services.
o
• Certification authority (CA):
o The issuer of certificates and (usually) certificate revocation lists (CRLs). It may also support a variety of administrative functions, although these are often delegated to one or more Registration...