Tag: cryptography

Generating Client/Server Certificates with your own Certification Authority

ssl-certificates

In some of the previous posts, I gave some overview about SSL and how to configure SSL on a local server. To create a secure channel between two sources using TLS protocol, we need certificates which will have the security algorithm. This post will help you to create the certificates using OpenSSL library. I will try to give brief about each command for better understanding:

Open up your bash/terminal/cmd to run these commands. Also, make sure to create a separate directory structure for certificates.

Generate a CA

openssl req -out ca.pem -new -x509

Description : This command is use to create a self signed certificate which can be used as a local CA.

Note: This command will also create the CA key named as “privkey.pem”.

openssl – This specifies that we are going to use OpenSSL library

req – This refer to the certificate request

-out – This specifies the output filename to write to or use the standard default

-x509 – This option outputs a self-signed certificate.

-new – This option is use to specify that its a new certificate request.

Generate a Server Certificate

openssl genrsa -out server.key 1024

Description : This command is use to generate the RSA key which would form the base algorithm for the Certificate.

genrsa – This command is used to generate RSA private key

1024 – This is the key length (You can use others like 2048, 4096 etc.)

openssl req -key server.key -new -out server.req

Description : This command is used to create a certificate request with embedded key generated in the last step

-key – This specifies the file to read private key.

openssl x509 -req -in server.req -CA CA.pem -CAkey privkey.pem -CAserial CAfile.srl -out server.pem

Description: This command is used to sign the server request and create the certificate authorized by local CA.

Note: If you are using OpenSSL certificates for the first time then instead of “CAserial”, you have to use “CAcreateserial” and later you can use the same file created. This serial file is used by CA to keep the index for certificates created.

x509 – The x509 command is a multi purpose certificate utility. It can be used to display certificate information, convert certificates to various forms, sign certificate requests like a “mini CA” or edit certificate trust settings.

-req – by default, a certificate is expected on input. With this option, a certificate request is expected instead.

-CA – This is used to specify the CA certificate to be used.

-CAkey – This is used to specify the CA key to be used.

-CAserial – This is used to specify the serial file to be used.

Generate a Client Certificate

openssl genrsa -out client.key 1024

Description: This command is similar to what we did in server key generation

openssl req -key client.key -new -out client.req

Description: This command is similar to what we did for creating the server certificate request.

openssl x509 -req -in client.req -CA CA.pem -CAkey privkey.pem -CAserial CAfile.srl -out client.pem

Description: This command is similar to what we did for creating the server certificate.

We are done with creating the certificates. Now you can import the certificates to your server and client to setup a secure channel. In later posts, I would give more about the commands in OpenSSL. You can follow up on this link to check the common commands used: OpenSSL Common Commands

Advertisements

RSA (cryptosystem) – Part 3 (Encryption and Decryption)

This is the process of transforming a plaintext message into ciphertext, or vice-versa. The RSA function, for message m and key k is evaluated as follows:

F(m,k)=mkmodn

There are two cases:

  1. Encrypting with the public key, and then decrypting with the private key.
  2. Encrypting with the private key, and then decrypting with the public key.

The two cases above are mirrors. I will explain the first case, the second follows from the first

Encryption: F(m,e)=memodn=c, where m is the message, e is the public key and c is the cipher.

Decryption: F(c,d)=cdmodn=m, where m is the message, d is the private key and c is the cipher.

Example:

Following the example from the previous post:

  1. We choose two distinct prime numbers, such asp=61 and  q=53
  2. Compute n = pq giving n=61.53=3233
  3. Compute the totient of the product as ϕ(n) = lcm(p − 1, q − 1) giving ϕ(3233)= lcm(60,52)=780
  4. Choose any number 1 < e < 780 that is coprime to 780. Choosing a prime number for e leaves us only to check that e is not a divisor of 780.Let e=17
  5. Compute d, the modular multiplicative inverse of e (mod ϕ(n)) yielding,d=413

The public key is (n = 3233, e = 17). For a padded plaintext message m, the encryption function is

c(m) = m17 mod 3233

The private key is (n = 3233, d = 413). For an encrypted ciphertext c, the decryption function is

m(c) = c413 mod 3233

For instance, in order to encrypt m = 65, we calculate

c = 6517 mod 3233 =2790

To decrypt c = 2790, we calculate

m = 2790413 mod 3233 = 65

Please note the whole security of RSA system depends on the selection of p and q for the algorithm. A real world example for p and q could be:

p
12131072439211271897323671531612440428472427633701410925634549312301964373042085619324197365322416866541017057361365214171711713797974299334871062829803541

q
12027524255478748885956220793734512128733387803682075433653899983955179850988797899869146900809131611153346817050832096022160146366346391812470987105415233

and as per the algorithm, you can calculate other parameters.

RSA is very helpful in building secure products and I hope you understood the basic concept of RSA with these posts:

RSA – Part 1

RSA – Part 2

RSA – Part 3

Sources: https://en.wikipedia.org/wiki/RSA_(cryptosystem)

RSA (cryptosystem) – Part 2 (Key Generation Algorithm)

The mathematics described in the previous post is enough to describe RSA and show how it works. RSA is actually a set of two algorithms:

  1. Key Generation: A key generation algorithm.
  2. RSA Function Evaluation: A function F, that takes as input a point x and a key k and produces either an encrypted result or plain text, depending on the input and the key.

Key Generation

The key generation algorithm is the most complex part of RSA. The aim of the key generation algorithm is to generate both the public and the private RSA keys.This has to be done correctly in order to generate secure RSA keys, else it opens up the system for many different attacks (We will talk about the attacks later). I will break down the steps involved to generate keys with the mathematics functions used within that:

  1. Large Prime Number Generation: Two large prime numbers p and q need to be generated. These numbers are very large up to 1024 digits or even 2048 digits. For security purposes, the integers p and q should be chosen at random, and should be similar in magnitude but differ in length by a few digits to make factoring harder.
  2. Modulus: From the two large numbers, a modulus n is generated by multiplying p and q.
  3. Totient: The totient of n, ϕ(n)is calculated.
  4. Public Key: A prime number is calculated from the range [1 , ϕ(n)] that has a greatest common divisor of 1 with ϕ(n).
  5. Private Key: Because the prime in step 4 has a gcd of 1 with ϕ(n), we are able to determine its inverse with respect to modϕ(n).

Let’s see how each step works with an example:

Large Prime Number Generation

RSA security depends on two very large prime numbers that are quite far apart. Generating composite numbers, or even prime numbers that are close together makes RSA totally insecure.

So how to generate large prime numbers? The answer is to pick a large random number and test for primness. If that number fails the prime test, then add 1 and start over again until we have a number that passes a prime test. For testing a big prime number we have many online/offline tools available which are also known as primality test (Example: Rabin-Miller primality test etc.).

Example: In this post, I am not going to show an example with 2 very large prime numbers. For ease of understanding, lets take two prime numbers as:

p=61 and q=53

Modulus

Once we have our two prime numbers, we can generate a modulus very easily:

n=p⋅q

RSA’s main security foundation relies upon the fact that given two large prime numbers, a composite number (in this case n) can very easily be deduced by multiplying the two primes together. But, given just n, there is no known algorithm to efficiently determining n’s prime factors. It is considered a hard problem, many people throughout history had tried and failed to find the solution of this problem.

Example: Compute n = pq giving

n = 61 x 53 = 3233

Totient

With the prime factors of n, the totient can be very quickly calculated:

ϕ(n)=LCM(p−1)⋅(q−1)

 

I talked about Totient in the last post. The reason why the RSA becomes vulnerable if one can determine the prime factors of the modulus is because then one can easily determine the totient.

Example: The actual totient calculation is done by taking in LCM but sometimes we may even use just multiplication of (p-1).(q-1) as per our prime numbers but with large prime numbers taking LCM would be much better.

ϕ(n)= LCM(61-1).(53-1) = 780

Public Key

The public key, normally expressed as e, it is a prime number chosen in the range [1,ϕ(n)]. You may think that 1 is a little small, and yes, I agree, if any small number is chosen, it could lead to security flaws. So in practice, the public key is normally set at 65537. Note that because the public key is prime, it has a high chance of a gcd equal to 1 with ϕ(n). If this is not the case, then we must use another prime number.

An interesting observation: If in practice, the number above is set at 65537, then it is not picked at random; surely this is a problem? Actually, no, it isn’t. As the name implies, this key is public and therefore is shared with everyone. As long as the private key cannot be deduced from the public key, we are secure. The reason why the public key is not randomly chosen in practice is because it is desirable not to have a large number. This is because it is more efficient to encrypt with smaller numbers than larger numbers.

The public key is actually a key pair of the exponent e and the modulus n and is present as follows

(e,n)

Example: Choose any number 1 < e < 780 that is coprime to 780. Choosing a prime number for e leaves us only to check that e is not a divisor of 780.

Let e= 17

Then our public key pair is (17,3233)

Private Key

The public key has a gcd of 1 with ϕ(n), the multiplicative inverse of the public key with respect to ϕ(n) can be efficiently and quickly determined using the Extended Euclidean Algorithm. This multiplicative inverse is the private key(d). So , we have the following equation (one of the most important equations in RSA):

e⋅d=1modϕ(n)

Just like the public key, the private key is also a key pair of the exponent d and modulus n:

(d,n)

One of the absolute fundamental security assumptions behind RSA is that given a public key, one cannot efficiently determine the private key.

Example: Compute d, the modular multiplicative inverse of e (mod λ(n)) :

17⋅d=1modϕ(3233)

d = 413

So the private key pair is (413, 3233)

In the next post, I will give a brief about RSA Function Evaluation and a big example to showcase how RSA works.