Diffie-Hellman key exchange is a protocol in which two users can securely exchange a secret key over a public network. You will use OpenSSL to perform a Diffie-Hellman key exchange with the lecturer.
RSA is a widely used public key cryptography, where once a key pair is generated, a message is encrypted with:
C = Me mod n
and decrypted with:
M = Cd mod n
While the public value e can be small, for security d should be large. This presents a performance problem for decryption as raising a large number C to a large power d takes a long time with a computer. Therefore a performance optimization commonly used in implementations of RSA is split the modular exponentation of decryption into two steps where the exponents are much smaller than d. This performance optimization does not (theoretically) reduce the security of the scheme. To use this performance optimization, when generating a key pair several additional values are also generated and stored in the private key. The private key values are listed on slide 18 of the Public Key Cryptography lecture slides. The steps for decrypting using the performance optimization of RSA are listed on slide 6 of the RSA Acoustic Cryptanalysis lecture slides. (Also see the Hints in the steps below)
You will use OpenSSL to generate your own RSA key pair, and solve a small RSA problem by hand (or with a calculator/computer) to illustrate the performance optimization.
This homework is assessed. You need to use OpenSSL, as well as manual calculations, to perform the following steps. I will test using OpenSSL version 1.0.1 14 Mar 2012. In files/text below, replace ID with your actual student ID.
The following steps are performed with OpenSSL. Follow my examples for using OpenSSL with RSA, Diffie-Hellman and AES encryption. (Note you don't have to perform all the steps on the examples, only those steps as required by the tasks below).
The decrypted file, e.g. ID-manual-rsa.txt, contains 4 fields: your ID, someone's RSA public key (e and n) and the ciphertext (c) value created using that persons public key. Using the values of e, n and c in the file, do the following manually (e.g. with paper, calculator, software; not using OpenSSL):
Important hints when using RSA performance optimization: when you find p and q, make sure p is greater than q. Also if you use bc or another calculator to calculate a mod, then it may return a negative number. But modular arithmetic used in RSA does not use negative numbers. Therefore if you get a negative number, then convert it to positive by adding the modulus. For example, in mod 10, -3 would be converted to -3 + 10 = 7.
You are done!
Make sure you use the exact file names as given in the instructions (replacing ID with your actual student ID). Marking of the submissions will be automatic, and the file names must be as expected otherwise your submissions will be ignored. Do not use uppercase in file names.
For the two "manual" text files submitted on Moodle, make sure they only have lines of the format parameter=value. There should be no spaces and no other lines added to the provided files.
Three files must be submitted on Moodle:
Do not submit any other files and do no zip/archive the files.
Also, you must save (and keep secret) the following files (but do NOT submit them):
Losing these files will result in penalty in later homeworks.
You should also save all other files you created just in case you made a mistake.
OpenSSL is available on several operating systems. It is usually installed by default on Linux (e.g. Ubuntu) and Mac OSX. I suggest you use either of these (as opposed to Windows) since I also include examples of command line utilities that will be used in addition to OpenSSL. If you don't have Ubuntu or OSX on your own computer you can try the following:
For the manual tasks (not using OpenSSL) you can still use software. On Linux/OSX I suggest using bc as the calculator. Also to factor large numbers you can use the command factor on the command line.
Grades can be seen below. 2 marks for submitting RSA public key, 4 marks for finding the correct values of the RSA private key and 4 marks for finding the correct values of the RSA message. Several people made a typo or small mistake in submissions leading to 1 mark penalty. Others gave wrong answers (especially for qinv, h, d and m). You should have checked the message M that you found be encrypting it with the provided e and n; if it gave the provided C then you confirm that your M is correct. So those that submitted a wrong M received a penalty of 3 marks.
For those that didn't obtain full marks of 10, you can see my comments in the files named ID-comments-private.txt and ID-comments-decrypt.txt at the same location as your DH files:
ict.siit.tu.ac.th/~uID/private/
Make sure you keep your private keys. Especially for RSA, as a subsequent homework will require it.