UNIT III: ASYMMETRIC TECHNIQUES

Principles of Public Key Cryptosystems – The RSA Algorithm – Key Management – Diffie
Hellman Key Exchange – Elliptic Curve Cryptography – Prime fields and binary fields,
Applications, Practical considerations. Cryptography in Embedded Hardware.

3.1 Public key cryptography: Principles of public key cryptosystems:

We will now discuss the radically different public key systems, in which two keys
are used. Public-key cryptography provides a radical departure from all that has gone
before. The development of public-key cryptography is the greatest and perhaps the only
true revolution in the entire history of cryptography. It is asymmetric, involving the use of
two separate keys, in contrast to symmetric encryption, that uses only one key. Anyone
knowing the public key can encrypt messages or verify signatures, but cannot decrypt
messages or create signatures, counter- intuitive though this may seem. The use of
two keys has profound consequences in the areas of confidentiality, key distribution,
and authentication. It works by the clever use of number theory problems that are
easy one way but hard the other. Note that public key schemes are neither more nor
less secure than private key (security depends on the key size for both), nor do they
replace private key schemes (they are too slow to do so), rather they complement them.
Both also have issues with key distribution, requiring the use of some suitable
protocol.
The concept of public-key cryptography evolved from an attempt to attack two of
the most difficult problems associated with symmetric encryption: key distribution and
digital signatures. The first problem is that of key distribution, which under symmetric
encryption requires either (1) that two communicants already share a key, which
somehow has been distributed to them; or (2) the use of a key distribution center. This
seemed to negated the very essence of cryptography: the ability to maintain total
secrecy over your own communication. The second was that of "digital signatures." If
the use of cryptography was to become widespread, not just in military situations but
for commercial and private purposes, then electronic messages and documents would
need the equivalent of signatures used in paper documents.
The idea of public key schemes, and the first practical scheme, which was for key
distribution only, was published in 1976 by Diffie & Hellman. The concept had been
previously described in a classified report in 1970 by James Ellis (UK CESG) - and
subsequently declassified [ELLI99]. Its interesting to note that they discovered RSA
first, then Diffie-Hellman, opposite to the order of public discovery! There is also a
66
claim that the NSA knew of the concept in the mid-60‟s .
Asymmetric algorithms rely on one key for encryption and a different but related
key for decryption. These algorithms have the following important characteristic:
• It is computationally infeasible to determine the decryption key given only
knowledge of the cryptographic algorithm and the encryption key.
In addition, some algorithms, such as RSA, also exhibit the following characteristic:
• Either of the two related keys can be used for encryption, with the other used for
decryption. Anyone knowing the public key can encrypt messages or verify signatures,
but cannot decrypt messages or create signatures, thanks to some clever use of
number theory.

“Public-Key Cryptography”, shows that a public-key encryption scheme has six ingredients:
• Plaintext: the readable message /data fed into the algorithm as input.
• Encryption algorithm: performs various transformations on the plaintext.
• Public and private keys: a pair of keys selected so that if one is used for encryption, the
other is used for decryption. The exact transformations performed by the algorithm
depend on the public or private key that is provided as input.
• Ciphertext: the scrambled message produced as output. It depends on the plaintext and
the key. For a given message, two different keys will produce two different
ciphertexts.
• Decryption algorithm: accepts the ciphertext and matching key and produces the
original plaintext.
Consider the following analogy using padlocked boxes: traditional schemes involve the
sender putting a message in a box and locking it, sending that to the receiver, and
somehow securely also sending them the key to unlock the box. The radical advance
in public key schemes was to turn this around, the receiver sends an unlocked box (their
public key) to the sender, who puts the message in the box and locks it (easy - and
having locked it cannot get at the message), and sends the locked box to the receiver
who can unlock it (also easy), having the (private) key. An attacker would have to
pick the lock on the box (hard).

67
Symmetric vs Public-Key

68
“Public-Key Cryptosystems: Secrecy and Authentication” illustrates the essential elements
of a public-key encryption scheme.
Note that public-key schemes can be used for either secrecy or authentication, or both (as
shown here). There is some source A that produces a message in plaintext X The M
elements of X are letters in some finite alphabet. The message is intended for
destination B. B generates a related pair of keys: a public key, PUb, and a private
key, PRb. PRb is known only to B, whereas PUb is publicly available and therefore
accessible by A. With the message X and the encryption key PUb as input, A forms the
ciphertext Y = E(PUb, X) The intended receiver, in possession of the matching private
key, is able to invert the transformation: X = D(PRb, Y) An adversary, observing Y and
having access to PUb, but not having access to PRb or X, must attempt to recover X
and/or PRb. This provides confidentiality. Can also use a public-key encryption to provide
authentication: Y = E(PRa, X); X = D(PUa, Y) To provide both the authentication function
and confidentiality have a double use of the public-key scheme (as shown here): Z =
E(PUb, E(PRa, X)) X = D(PUa, D(PRb, Z)) In this case, separate key pairs are used
for each of these purposes. The receiver owns and creates secrecy keys, sender
owns and creates authentication keys.

In practice typically DO NOT do this, because of the computational cost of public-key

schemes. Rather encrypt a session key which is then used with a block cipher to
encrypt the actual message, and separately sign a hash of the message as a digital
signature

69
Security of Public Key Schemes
Public key schemes are no more or less secure than private key schemes - in both cases
the size of the key determines the security. As with symmetric encryption, a public-key
encryption scheme is vulnerable to a brute-force attack. The countermeasure is the same:
Use large keys. However, there is a tradeoff to be considered. Public-key systems
depend on the use of some sort of invertible mathematical function. The complexity of
calculating these functions may not scale linearly with the number of bits in the key but
grow more rapidly than that. Thus, the key size must be large enough to make brute-force
attack impractical but small enough for practical encryption and decryption. In practice,
the key sizes that have been proposed do make brute-force attack impractical but
result in encryption/decryption speeds that are too slow for general-purpose use. Instead,
as was mentioned earlier, public-key encryption is currently confined to key management
and signature applications. Another form of attack is to find some way to compute the
private key given the public key. To date, it has not been mathematically proven that
this form of attack is infeasible for a particular public-key algorithm.
Note also that you can't compare key sizes - a 64-bit private key scheme has very roughly
similar security to a 512-bit RSA - both could be broken given sufficient resources.
But with public key schemes at least there is usually a firmer theoretical basis for
determining the security since its based on well-known and well studied number
theory problems.

70
3.2 RSA Algorithm:
RSA is the best known, and by far the most widely used general public key
encryption algorithm, and was first published by Rivest, Shamir & Adleman of MIT in
1978 [RIVE78]. The Rivest-Shamir-Adleman (RSA) scheme has since that time
reigned supreme as the most widely accepted and implemented general-purpose
approach to public-key encryption. It is based on exponentiation in a finite (Galois)
field over integers modulo a prime, using large integers (eg. 1024 bits). Its security is
due to the cost of factoring large numbers.
 Introduced by Rivest, Shamir & Adleman of MIT in 1977

 Best used public-key scheme

 It is a block cipher in which plaintext and ciphertext are integers between 0 to

n-1 for some n.
 Typical size of n is 1024

 RSA makes use of expressions with exponentials

 Security due to cost of factoring large numbers

 Factorization takes o(e log n log log n) operations (hard)

RSA algorithm:
The ingredients of RSA algorithm are as follows:
1. p, q, two prime numbers private, chosen
2. n= pq public, calculated
3. e, with gcd (e , ø(n))=1 , Where 1<e<ø(n) public, chosen

4. d ≡ e-1 mod ø(n) private, calculated

RSA Key generation:
Each user generates a public/private key pair by:
1. Select p , q  p and q are prime numbers , p is not equal to q
2. Calculate n = p * q
3. Calculate ø(n)=(p-1)(q-1)
4. Select integer e
gcd (e , ø(n))=1 , Where 1<e<ø(n)
5. Calculate d

d ≡ e-1 mod ø(n)

6. Public key: KU={e , n}
7. Private key: KR={d , n}
71
 RSA Encryption and
decryption:
 Encryption:
Plaintext:M<n

Ciphertext: C=Me mod

N
 Decryption:
Ciphertext: C

Plaintext: M=Cd
modN

RSA example:
1. Select primes: p=17 &
q=11 2. Compute n = pq
=17×11=187
3. Compute ø(n)=(p–1)(q-1)=16×10=160
4. Select e : gcd (e,160)=1; choose e=7
5. Determine d:

d ≡ e-1 mod ø(n)

d ≡ 7-1 mod 160 = 23 (Using EEA)

6. Publish public key KU={7,187}
7. Private key KR={23,187}
 Given message M = 88
 Encryption:

C = 887 mod 187 = 11

 Decryption:

M = 1123 mod 187 = 88

Computational aspects of RSA:

 Consider two issues in RSA:

o Encryption and decryption
o Key generation
72
 Encryption and decryption:
 Both encryption and decryption in RSA involves raising an integer to an integer
power mod n (exponentiation)
 Another consideration is the efficiency of exponentiation
 RSA makes use of large exponents and fast modular exponentiation algorithm is

used to compute ab mod n.

 Variable c is not needed. It is included for explanatory purposes. The value of c
is the value of the exponent.

Key generation:
 Users of RSA must:
o Determine two primes at random - p, q
o Select either e or d and compute the other
 Primes p , q must not be easily derived from modulus n=p . q
o Means must be sufficiently large
 Exponents e, d are inverses, so use inverse algorithm to compute the other
(Extended Euclid‟s algorithm)

RSA security:
 Three approaches to attacking RSA:
o Brute force key search (trying all possible private keys)
o Mathematical attacks (factoring the product of two primes)
o Timing attacks (depends on running of decryption algorithm)
 Factoring problem:
o Factor n into its two prime factors p and q. Calculate of ø(n) and find d
o Determine ø(n) directly and compute d
o Determine d directly, without first determining ø(n)
 Have seen slow improvements over the years
o As of aug-99 best is 512 bit with GNFS
 Biggest improvement comes from improved algorithm
o “quadratic sieve” to “generalized number field sieve”
 Ensure p, q of similar size and matching other constraints
 The threat to larger key sizes is twofold: the continuous increase in
73
computing power and the continuing refinement of factoring problems.

74
 Timing attack:
 Attacker can determine a private key by keeping track of how long a computer
takes to decipher the message.
o Attack may be from completely unexpected direction
o And it may be a ciphertext only attack
 Exploit timing variations in operations using fast modular exponentiation algorithm
o Eg. Multiplying by small vs large number
 If the observed time to execute the decryption algorithm is always slow
when the particular iteration is slow with a bit 1, then it is assumed to be 1.
 If the observed time for the entire algorithm is fast, then this bit is assumed to be 0.
 Countermeasures:
o Constant exponentiation time  ensure that all exponentiations take the
same amount of time before returning a result.
o Randomdelay  better performance can be achieved by adding a random
delay to the exponentiation algorithm to confuse the timing attack.
o Blinding  multiply the ciphertext by random number before
performing exponentiation. This process prevents the attacker from
knowing what ciphertext bits are being processes inside the computer
and therefore prevents the bit by bit analysis essential to the timing
attack.

3.3 Key management - Diffie Hellman Key exchange

The first published public-key algorithm appeared in the seminal paper by Diffie and Hellman
that defined public-key cryptography and is generally referred to as Diffie-Hellman key
exchange. The concept had been previously described in a classified report in 1970 by
Williamson and subsequently declassified in 1987. The purpose of the algorithm is to enable
two users to securely exchange a key that can then be used for subsequent encryption of
messages. The algorithm itself is limited to the exchange of secret values. A number of
commercial products employ this key exchange technique.
The purpose of the algorithm is to enable two users to securely exchange a key that can then
be used for subsequent encryption of messages. The algorithm itself is limited to the exchange
of secret values, which depends on the value of the public/private keys of the participants. The
Diffie-Hellman algorithm uses exponentiation in a finite field and depends for its effectiveness

75
on the difficulty of computing discrete logarithms.

76
 In the Diffie-Hellman key exchange algorithm, there are two publicly known numbers: a
prime number q and an integer a that is a primitive root of q. The prime q and primitive root a
can be common to all using some instance of the D-H scheme. Note that the primitive root a is
a number whose powers successively generate all the elements mod q. Users Alice and Bob
choose random secrets x's, and then "protect" them using exponentiation to create their public
y's. For an attacker monitoring the exchange of the y's to recover either of the x's, they'd need
to solve the discrete logarithm problem, which is hard.
The actual key exchange for either party consists of raising the others "public key' to
power of their private key. The resulting number (or as much of as is necessary) is used as the
key for a block cipher or other private key scheme. For an attacker to obtain the same value
they need at least one of the secret numbers, which means solving a discrete log, which is
computationally infeasible given large enough numbers. Note that if Alice and Bob subsequently
communicate, they will have the same key as before, unless they choose new public-keys.

The simplest, and original, implementation of the protocol uses the multiplicative group
of integers modulo p, where p is prime and g is primitive root mod p. Here is an
example of the protocol, with non-secret values and secret values:

77
 1. Alice and Bob agree to use a prime number p=23 and base g=5.
2. Alice chooses a secret integer a=6, then sends Bob A = ga mod p
o A = 56 mod 23
o A = 15,625 mod 23
o A=8

3. Bob chooses a secret integer b=15, then sends Alice B = gb mod p

o B = 515 mod 23
o B = 30,517,578,125 mod 23
o B = 19
4. Alice computes s = B a mod p
o s = 196 mod23
o s = 47,045,881 mod 23
o s=2

5. Bob computes s = A b mod p

o s = 815 mod 23
o s = 35,184,372,088,832 mod 23
o s=2

6. Alice and Bob now share a secret: s = 2. This is because 6*15 is the same as
15*6. So somebody who had known both these private integers might also
have calculated s as follows:
o s = 56*15 mod

23 o s = 515*6
mod 23 o s = 590
mod 23
o s=
807,793,566,946,316,088,741,610,050,849,573,099,185,363,389,551,639,55
6,884,765,625 mod 23
o s=2

Both Alice and Bob have arrived at the same value, because (ga)b and (gb)a are equal
mod p. Note that only a, b and gab = gba mod p are kept secret. All the other values –
p, g, ga mod p, and gb mod p – are sent in the clear. Once Alice and Bob compute the
shared secret they can use it as an encryption key, known only to them, for sending
messages across the same open communications channel. Of course, much larger
values of a, b, and p would be needed to make this example secure, since it is easy to

78
try all the possible values of gab mod
23. There are only 23 possible integers as the result of mod 23. If p were a prime of at
least 300 digits, and a and b were at least 100 digits long, then even the best
algorithms known today could not find a given only g, p, gb mod p and ga mod p,
even using all of mankind's computing power. The problem is known as the discrete
logarithm problem. Note that g need not be large at all, and in practice is usually
either 2 or 5.

Here's a more general description of the protocol:

1. Alice and Bob agree on a finite cyclic group G and a generating element g in
G. (This is usually done long before the rest of the protocol; g is assumed to
be known by all attackers.) We will write the group G multiplicatively.
2. Alice picks a random natural number a and sends ga to Bob.
3. Bob picks a random natural number b and sends gb to Alice.
4. Alice computes (gb)a.
5. Bob computes (ga)b.

Both Alice and Bob are now in possession of the group element gab, which can serve
as the shared secret key. The values of (gb)a and (ga)b are the same because groups
are power associative.

3.5 Elliptic curve arithmetic-Elliptic curve cryptography:

A major issue with the use of Public-Key Cryptography, is the size of numbers used, and
hence keys being stored. Recently, an alternate approach has emerged, elliptic curve
cryptography (ECC), which performs the computations using elliptic curve arithmetic
instead of integer or polynomial arithmetic. Already, ECC is showing up in standardization
efforts, including the IEEE P1363 Standard for Public-Key Cryptography. The principal
attraction of ECC, compared to RSA, is that it appears to offer equal security for a far
smaller key size, thereby reducing processing overhead. Although the theory of ECC has
been around for some time, it is only recently that products have begun to appear and that
there has been sustained cryptanalytic interest in probing for weaknesses. Accordingly,
the confidence level in ECC is not yet as high as that in RSA.
An elliptic curve is defined by an equation in two variables, with coefficients. For
cryptography, the variables and coefficients are restricted to elements in a finite field,
which results in the definition of a finite abelian group. Before looking at this, we first look at
elliptic curves in which the variables and coefficients are real numbers. This case is
79
 perhaps easier to visualize.
Elliptic curves are not ellipses. They are so named because they are described by cubic
equations, similar to those used for calculating the circumference of an ellipse. For our
purpose, we can consider cubic equations for elliptic curves of the form shown here. Also
included in the definition of an elliptic curve is a single element denoted O and called the
point at infinity or the zero point. Now, consider the set of points E(a, b) consisting of all of
the points (x, y) that satisfy this equation together with the element O. Using a different
value of the pair (a, b) results in a different set E(a, b). See text for detailed rules of
addition and relation to zero point O. Can derive an algebraic interpretation of addition,
based on computing gradient of tangent and then solving for intersection with curve. There
is also an algebraic description of additions over elliptic curves

“Example of Elliptic Curves”, illustrates the geometric interpretation of elliptic curve

addition, as follows: If three points on an elliptic curve lie on a straight line, their sum is O.
hence define addition as:
1. O serves as the additive identity. Thus O = –O; for any point P on the elliptic curve, P
+ O = P. In what follows, we assume P <> O and Q <> O.
2. The negative of a point P is the point with the same x coordinate but the negative of
the y coordinate; that is, if P = (x, y), then –P = (x, –y). These two points can be
joined by a vertical line & that P + (–P) = P – P = O.
3. To add two points P and Q with different x coordinates, draw a straight line between
them and find the third point of intersection R. There is a unique point R that is the point
of intersection (unless the line is tangent to the curve at either P or Q, in which case we
take R = P or R = Q, respectively). To form a group structure, we need to define addition
on these three points as follows: P + Q = –R. ie. P + Q to be the mirror image (with
respect to the x axis) of the third point of intersection as shown on slide.

80
 4. The geometric interpretation of the preceding item also applies to two points, P and –
P, with the same x coordinate. The points are joined by a vertical line, which can be
viewed as also intersecting the curve at the infinity point. We therefore have P + (–P)
= O, consistent with item (2).
5. To double a point Q, draw the tangent line and find the other point of intersection S. Then Q
+Q
= 2Q = –S.
With the preceding list of rules, it can be shown that the set E(a, b) is an abelian group.

Elliptic Curve Cryptography uses addition as an analog of modulo multiply, and

repeated addition as an analog of modulo exponentiation. The “hard” problem is the elliptic
curve logarithm problem.
Consider the group E23(9, 17). This is the group defined by the equation y2 mod 23 = (x3 + 9x +
17) mod
23. What is the discrete logarithm k of Q = (4, 5) to the base P = (16, 5)? The brute-force
method is to compute multiples of P until Q is found. Thus P = (16, 5); 2P = (20, 20); 3P = (14,
14); 4P = (19, 20); 5P
= (13, 10); 6P = (7, 3); 7P = (8, 7); 8P = (12, 17) ; 9P = (4, 5). Because 9P = (4, 5) = Q, the
discrete
logarithm Q = (4, 5) to the base P = (16, 5) is k = 9. In a real application, k would be so large as
to make the brute-force approach infeasible.

ECC Diffie-Hellman

 can do key exchange analogous to D-H

 users select a suitable curve Eq(a,b)
 select base point G=(x1,y1)
 with large order n s.t. nG=O
 A & B select private keys nA<n, nB<n
 compute public keys: PA=nAG, PB=nBG
 compute shared key: K=nAPB, K=nBPA
 same since K=nAnBG
 attacker would need to find k, hard
Here the elliptic curve analog of Diffie-Hellman key exchange, which is a close analogy given
elliptic curve multiplication equates to modulo exponentiation. Key exchange using elliptic
curves can be done in the following manner. First pick a large integer q, which is either a prime
number p or an integer of the form 2m and elliptic curve parameters a and b. This defines the
elliptic group of points Eq(a, b). Next, pick a base point G = (x1, y1) in Eq(a, b) whose order is a
81
very large value n. The order n of a point G on an elliptic curve is the smallest positive integer n
such that nG = O. So Eq(a, b) and G are parameters of the cryptosystem known to all
participants. A key exchange between users A and B can then be accomplished as shown. To
break this scheme, an attacker would need to be able to compute k given G and kG, which is
assumed hard.

ECC Encryption/Decryption

 several alternatives, will consider simplest

 must first encode any message M as a point on the elliptic curve Pm
 select suitable curve & point G as in D-H
 each user chooses private key nA<n
 and computes public key PA=nAG
 to encrypt Pm : Cm={kG, Pm+kPb}, k random
 decrypt Cm compute:
Pm+kPb–nB(kG) = Pm+k(nBG)–nB(kG) = Pm
Several approaches to encryption/decryption using elliptic curves have been analyzed in the
literature. This one is an analog of the ElGamal public-key encryption algorithm. The sender
must first encode any message M as a point on the elliptic curve P m (there are relatively
straightforward techniques for this). Note that the ciphertext is a pair of points on the elliptic
curve. The sender masks the message using random k, but also sends along a “clue” allowing
the receiver who know the private-key to recover k and hence the message. For an attacker to
recover the message, the attacker would have to compute k given G and kG, which is
assumed hard.

ECC Security
The security of ECC depends on how difficult it is to determine k given kP and P. This is
referred to as the elliptic curve logarithm problem. The fastest known technique for taking the
elliptic curve logarithm is known as the Pollard rho method. Compared to factoring integers or
polynomials, can use much smaller numbers for equivalent levels of security.
 relies on elliptic curve logarithm problem
 fastest method is “Pollard rho method”
 compared to factoring, can use much smaller key sizes than with RSA etc

82
  for equivalent key lengths computations are roughly equivalent
 hence for similar security ECC offers significant computational advantages

3.6 Prime fields and binary fields, Applications, Practical

Considerations. Cryptography in Embedded Hardware

PRIMALITY TESTING:
 An integer p> 1 is a prime number if and only if its only divisors are + 1 and + p.
 Eg. 2,3,5,7 are prime
 4,6,8,9,10 are not prime
 list of prime number less than 200 is:
o 2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71 73 79 83 89 97 101 103
107 109 113 127 131 137 139 149 151 157 163 167 173 179 181 191 193 197

199

EXAMPLE:

83
FERMAT PRIMALITY TEST:

MILLER – RABIN PRIMALITY TEST:

EXAMPLES:

SOLOVAY – STRASSEN PRIMALITY TEST:

84
 EXAMPLE:

Factorin
g: The basic method of dividing an integer n by all primes p≤√𝑛 is too
much slow for most purposes.

It works well when n is the product of two primes that are very close
together. But if the two primes are randomly selected it won’t work
that much efficiently. There are some more modern methodologies
for factoring. They are as follows:

Factoring Algorithm:

85
Choosing of B values:

Quadratic Sieve Methodology:

Universal Exponent Factorization Method:

Exponent Factorization Method:

Fermat theorem and Euler’s theorem
Two theorems that play important roles in public-key cryptography are Fermat’s
theorem and Euler’s theorem.
Fermat’s Theorem Fermat’s theorem states the following: If P is prime and is a positive
integer not divisible by , then
An alternative form of Fermat’s theorem is also useful: If is prime and is a positive
integer, then

Note that the first form of the theorem requires that be relatively prime to p, but this form
does not.

EULER’S Theorem Euler’s theorem states that for every and that are relatively prime:

EULER’S Theorem

Euler’s theorem states that for every and that are relatively prime:
Which completes the proof? This is the same line of reasoning applied to the proof
of Fermat’s theorem.
 PART-A
1. What is the purpose of the State array?
2. Write down the purpose of the S-Boxes in DES.
3. Define: Diffusion
4. What do you mean by differential cryptanalysis?
5. What is the difference between diffusion and confusion?
6. What is the difference between differential and linear cryptanalysis?
7. What is a meet-in-the-middle attack?
8. What primitive operations are used in Blowfish?
9. Perform encryption and decryption using RSA alg. For the following. P=7; q=11; e=17; M=8.
10. Define: Replay attack
11. List out the parameters of AES
12. Distinguish between differential and linear cryptanalysis
13. Write down the difference between the public key and
private key Cryptosystems
14. What is the difference between Rijndael and AES?
15. User A & B exchange the key using Diffie Hellman alg. Assume á=5 q=11 XA=2 XB=3. Find YA,YB, K.
16. Define short notes on triple DES.
17. What is the need of AES?
18. What is meant by Avalanche effect in DES?
19. State the significance of blinding in RSA.
20. What is an elliptic curve?
21. Define elliptic curve mathematical process.Apr/May 2023
22. Predict differences between Conventional Encryption and Public-Key Encryption.
Apr/May 2023
 PART B&C

1. Write the difference between Conventional Encryption and Public-Key Encryption?

2. Explain the properties of modular arithmetic operation.
3. Make use of an RSA expression with exponentials and write its properties.
4. State and derive
Fermat’s theorem
Euler’s theorem.
5. Explain the possible attacks and service present in cryptography.
6. Explain Discrete Logarithms in detail.
7. Describe the mathematical foundations of RSA algorithm. Perform encryption
decryption for the following. P=17, q=7 , e=5, n=119, message=”6”. Use Extended
Euclid’s algorithm to find the private key.
8. Users Alice and Bob use the Diffie Hellman Key exchange technique with a common prime
q=83 and a primitive root α =5.
i) If Alice has a private key X A = 6, what is Alice’s public key Y A.
ii) If Bob has a private key X B =10, what is Bob’s public key Y B ?
iii) What is the shared secret key?

9. In a public-key system using RSA, you intercept the cipher text C = 10 sent to a user whose
public key is e = 5, n = 35. What is the plaintext M? Apr/May 2023
10. Illustrate the application of cryptography in Embedded Hardware. Apr/May 2023