Introduction to Cryptography

OVERVIEW
 Cryptography
 Definition
 Terminology
 History
 Goal and Services
 Types of Cryptography
 Symmetric Key Cryptography
 Asymmetric Key Cryptography
 Hash Functions
CRYPTOGRAPHY
 Definition
 Terminology
 History
 Goal and Services
Cryptography
Definition

Cryptography is the science of using mathematics to encrypt and decrypt data.

Phil Zimmermann

Cryptography is the art and science of keeping messages secure.

Bruce Schneier

The art and science of concealing the messages to introduce secrecy in information
security is recognized as cryptography.
Cryptography
Terminologies
A message is plaintext (sometimes called cleartext). The process of disguising a message in such a way
as to hide its substance is encryption. An encrypted message is ciphertext. The process of turning
ciphertext back into plaintext is decryption.

A cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined
steps that can be followed as a procedure.
Cryptography
Terminology
A cryptosystem is an implementation of cryptographic techniques and their accompanying infrastructure to
provide information security services. A cryptosystem is also referred to as a cipher system. The various
components of a basic cryptosystem are as follows −
Plaintext
Encryption Algorithm
Ciphertext
Decryption Algorithm
Encryption Key
Decryption Key
Cryptography
Terminology
While cryptography is the science of securing data, cryptanalysis is the science of analyzing and
breaking secure communication. Classical cryptanalysis involves an interesting combination of
analytical reasoning, application of mathematical tools, pattern finding, patience, determination,
and luck. Cryptanalysts are also called attackers.
Cryptology embraces both cryptography and cryptanalysis.
 Substitution Method

Caesar Shift Cipher

Encryption Decryption

PLAINTEXT : internet society ghana chapter

CYPHERTEXT : lqwhuqhw vrflhwb jkdqd fkdswhu

Transposition Ciphers are ciphers in which the
plaintext message is rearranged by some means
agree upon by the sender and receiver.
 Transposition Ciphers

Rail fence transposition:

Round and round the mulberry bush the monkey chased the weasel

rudnrudhmlerbsteokyhsdhwae
onadonteubryuhhmnecaeteesl

Becomes:
rudnrudhmlerbsteokyhsdhwaeonadonteubryuhhmnecaeteesl
XOR CIPHER

only reversible binary operation

Convert plain text to ASCII

A DOG = 065 032 068 079 071

Then, convert ASCII to binary

0100 0001, 0100 0100, 0100 1111, 0100 0111

© 2016 Pearson, Inc. Chapter 8 Encryption 11

XOR CIPHER

XOR the ASCII

0100 0001, 0100 0100, 0100 1111, 0100 0111

1111 0111, 1111 0111, 1111 0111, 1111 0111
1011 0110, 1011 0011, 1011 1000, 1011 0000

Result is cipher text.

© 2016 Pearson, Inc. Chapter 8 Encryption 12

Cryptography
Goal and Services

Goal: The primary goal of cryptography is to secure important data on the hard disk or
as it passes through a medium that may not be secure itself. Usually, that medium is a
computer network.

Services: Cryptography can provide the following services:

•Confidentiality (secrecy)
•Integrity (anti-tampering)
•Authentication
•Non-repudiation.
Goal and Services

Confidentiality (secrecy)
•Ensuring that no one can read the message except the intended receiver
•Data is kept secret from those without the proper credentials, even if that
data travels through an insecure medium

Integrity (anti-tampering)
•Assuring the receiver that the received message has not been altered in
any way from the original.
Cryptography
Goal and Services
Authentication
Cryptography can help establish identity for authentication purposes The
process of proving one's identity. (The primary forms of host-to-host
authentication on the Internet today are name-based or address-based,
both of which are notoriously weak.)

Non-repudiation
A mechanism to prove that the sender really sent this message
Types of Cryptography
 Symmetric Key Cryptography
 Asymmetric Key Cryptography
 Hash Functions
Types of Cryptography
Symmetric Key Cryptography
Also known as Secret Key Cryptography or Conventional Cryptography, Symmetric Key
Cryptography is an encryption system in which the sender and receiver of a message share a
single, common key that is used to encrypt and decrypt the message.

The Algorithm use is also known as a secret key algorithm or sometimes called a symmetric
algorithm

A key is a piece of information (a parameter) that determines the functional outp ut of a

cryptographic algorithm or cipher.
Types of Cryptography
Symmetric Key Cryptography
The key for encrypting and decrypting the file had to be known to all the recipients. Else, the message
could not be decrypted by conventional means.
Types of Cryptography
Symmetric Key Cryptography - Examples

Data Encryption Standard (DES)

The Data Encryption Standard was published in 1977 by the US National Bureau of Standards.
DES uses a 56 bit key and maps a 64 bit input block of plaintext onto a 64 bit output block of ciphertext. 56
bits is a rather small key for today's computing power.
Triple DES
Triple DES was the answer to many of the shortcomings of DES. Since it is based on the DES algorithm, it is
very easy to modify existing software to use Triple DES. It also has the advantage of proven reliability and a
longer key length that eliminates many of the shortcut attacks that can be used to reduce the amount of
time it takes to break DES.
Types of Cryptography
Symmetric Key Cryptography - Examples

Advanced Encryption Standard (AES) (RFC3602)

Advanced Encryption Standard (AES) is an encryption standard adopted by the U.S. government. The
standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection
originally published as Rijndael.

Each AES cipher has a 128-bit block size, with key sizes of 128, 192 and 256 bits, respectively. The AES
ciphers have been analyzed extensively and are now used worldwide, as was the case with its predecessor,
the Data Encryption Standard (DES).
Types of Cryptography
Symmetric Key Cryptography

IDEA:- The International Data Encryption Algorithm was developed in 1991.

It uses a 128 bit key to encrypt a 64 bit block of plaintext into a 64 bit block of ciphertext.
IDEA's general structure is very similar to DES, it performs 17 rounds, each round taking 64 bits of
input to produce a 64 bit output, using per-round keys generated from the 128 bit key.
Types of Cryptography
Symmetric Key Cryptography - Examples

Lucifer - Madryga
FEAL - REDOC
LOKI - GOST
CAST - Blowfish
Safer - Crab
RC5 -
Types of Cryptography
Problems with Conventional Cryptography
Key Management

Symmetric-key systems are simpler and faster; their main drawback is that the two parties must
somehow exchange the key in a secure way and keep it secure after that.

Key Management caused nightmare for the parties using the symmetric key cryptography. They were
worried about how to get the keys safely and securely across to all users so that the decryption of the
message would be possible. This gave the chance for third parties to intercept the keys in transit to
decode the top-secret messages. Thus, if the key was compromised, the entire coding system was
compromised and a “Secret” would no longer remain a “Secret”.

This is why the “Public Key Cryptography” came into existence.

Types of Cryptography
Asymmetric Key Cryptography
Asymmetric cryptography , also known as Public-key cryptography, refers to a cryptographic algorithm which
requires two separate keys, one of which is private and one of which is public. The public key is used to
encrypt the message and the private one is used to decrypt the message.
 Types of Cryptography
Asymmetric Key Cryptography
Public Key Cryptography is a very advanced form of cryptography.

Officially, it was invented by Whitfield Diffie and Martin Hellman in 1975.

The basic technique of public key cryptography was first discovered in 1973 by the British Clifford Cocks of
Communications-Electronics Security Group (CESG) of (Government Communications Headquarters - GCHQ)
but this was a secret until 1997.
 Types of Cryptography
Asymmetric Key Cryptography - Examples

Digital Signature Standard (DSS)

Digital Signature Standard (DSS) is the digital signature algorithm (DSA) developed by the U.S. National Security
Agency (NSA) to generate a digital signature for the authentication of electronic documents. DSS was put forth
by the National Institute of Standards and Technology (NIST) in 1994, and has become the United States
government standard for authentication of electronic documents. DSS is specified in Federal Information
Processing Standard (FIPS) 186.
 Types of Cryptography
Asymmetric Key Cryptography - Examples
Algorithm - RSA

RSA (Rivest, Shamir and Adleman who first publicly described it in 1977) is an algorithm for public-key
cryptography. It is the first algorithm known to be suitable for signing as well as encryption, and one of
the first great advances in public key cryptography.

RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long
keys and the use of up-to-date implementations.
Types of Cryptography
Asymmetric Key Cryptography - Examples ElGamal

ElGamal is a public key method that is used in both encryption and digital signing.
The encryption algorithm is similar in nature to the Diffie-Hellman key agreement protocol
It is used in many applications and uses discrete logarithms.
ElGamal encryption is used in the free GNU Privacy Guard software
Hash Functions
What is a Hash Function

A cryptographic hash function is a hash function that

takes an arbitrary block of data and returns a fixed-size
bit string, the cryptographic hash value, such that any
(accidental or intentional) change to the data will (with
very high probability) change the hash value. The data
to be encoded are often called the message, and the
hash value is sometimes called the message digest or
simply digest.
Examples of Hash Function
SHA
The Secure Hash Algorithm (SHA) hash functions are a set of cryptographic hash functions designed by
the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing
Standard.
•SHA stands for Secure Hash Algorithm.
• Because of the successful attacks on MD5, SHA-0 and theoretical attacks on SHA-1, NIST
perceived a need for an alternative, dissimilar cryptographic hash, which became SHA-3.
•In October 2012, the National Institute of Standards and Technology (NIST) chose the Keccak
algorithm as the new SHA-3 standard.
 Block vs
Stream
Ciphers
block ciphers process messages into blocks, each of which is then en/decrypted
like a substitution on very big characters
64-bits or more
stream ciphers process messages a bit or byte at a time when en/decrypting
many current ciphers are block ciphers
hence are focus of course
Block Cipher
Principles

block ciphers look like an extremely large substitution

would need table of 264 entries for a 64-bit block
arbitrary reversible substitution cipher for a large block size is not practical
64-bit general substitution block cipher, key size 264!
most symmetric block ciphers are based on a Feistel Cipher Structure
needed since must be able to decrypt ciphertext to recover messages efficiently
6-1 INTRODUCTION

The Data Encryption Standard (DES) is a symmetric-key block cipher

published by the National Institute of Standards and Technology (NIST).
 6.1.2 Overview

DES is a block cipher, as shown in Figure 6.1.

Figure 6.1 Encryption and decryption with DES

6-2 DES STRUCTURE

The encryption process is made of two permutations (P-boxes), which we

call initial and final permutations, and sixteen Feistel rounds.
6-2 Continue

Figure 6.2 General structure of DES

6.2.1 Initial and Final Permutations

Figure 6.3 Initial and final permutation steps in DES

6.2.1 Continue

Table 6.1 Initial and final permutation tables

 6.2.1 Continued

Note
The initial and final permutations are straight P-boxes that are inverses
of each other.
They have no cryptography significance in DES.
 6.2.2 Rounds

DES uses 16 rounds. Each round of DES is a Feistel cipher.

Figure 6.4
A round in DES
(encryption site)
 6.2.2 Continued

DES Function
The heart of DES is the DES function. The DES function applies a 48-bit key to
the rightmost 32 bits to produce a 32-bit output.

Figure 6.5
DES function
 6.2.2 Continue

Expansion P-box
Since RI−1 is a 32-bit input and KI is a 48-bit key, we first need to expand RI−1 to
48 bits.

Figure 6.6 Expansion permutation

 6.2.2 Continue

Although the relationship between the input and output can be defined
mathematically, DES uses Table 6.2 to define this P-box.

Table 6.6 Expansion P-box table

 6.2.2 Continue

Whitener (XOR)
After the expansion permutation, DES uses the XOR operation on the expanded
right section and the round key. Note that both the right section and the key are
48-bits in length. Also note that the round key is used only in this operation.
 6.2.2 Continue

S-Boxes
The S-boxes do the real mixing (confusion). DES uses 8 S-boxes, each with a 6-
bit input and a 4-bit output. See Figure 6.7.

Figure 6.7 S-boxes

6.2.2 Continue

Figure 6.8 S-box rule

 6.2.2 Continue

Table 6.3 shows the permutation for S-box 1. For the rest of the boxes see the
textbook.

Table 6.3 S-box 1

 6.2.3 Cipher and Reverse Cipher

Using mixers and swappers, we can create the cipher and reverse cipher, each
having 16 rounds.

First Approach
To achieve this goal, one approach is to make the last round (round 16)
different from the others; it has only a mixer and no swapper.

Note
In the first approach, there is no swapper in the last round.
Figure 6.9 DES cipher and reverse cipher for the first approach
6.2.3 Continued

Algorithm 6.1 Pseudocode for DES cipher

6.2.3 Continued

Algorithm 6.1 Pseudocode for DES cipher (Continued)

6.2.3 Continued

Algorithm 6.1 Pseudocode for DES cipher (Continued)

6.53
6.2.3 Continued

Algorithm 6.1 Pseudocode for DES cipher (Continued)

 6.2.3 Continued

Alternative Approach
We can make all 16 rounds the same by including one swapper to the 16th
round and add an extra swapper after that (two swappers cancel the effect of
each other).

Key Generation
The round-key generator creates sixteen 48-bit keys out of a 56-bit cipher key.
6.2.3 Continued

Figure 6.10
Key generation
6.2.3 Continued

Table 6.12 Parity-bit drop table

Table 6.13 Number of bits shifts

6.57
6.2.3 Continued

Table 6.14 Key-compression table

6.58
6.2.3 Continued

Algorithm 6.2 Algorithm for round-key generation

6.59
6.2.3 Continued

Algorithm 6.2 Algorithm for round-key generation (Continue)

6.60
 RSA Cryptosystem

 RSA is an algorithm for public-key cryptography.

 RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman(the
publishers of the algorithm)
 The RSA cryptosystem assumes that multiplying two numbers is a
simple process.
 But factoring the products back into the original two numbers is quite
difficult to do computationally.
 The difficulty increases as we use larger and larger numbers.
 Introduction

 The system works on a public and private key system. The public key is made
available to everyone.
 With this key a user can encrypt data but cannot decrypt it.
 The only person who can decrypt it is the one who possesses the private key.
 It is theoretically extremely difficult to generate the private key from the public
key.
 This makes the RSA algorithm a very popular choice in data encryption
 Key Generation Algorithm

 Choose two large random prime integers: Take p and q

 Compute n and φ(n):

n = pq and φ(n) = (p-1)(q-1)

 Choose an odd public exponent e, 1 < e < φ(n) such that: gcd(e, φ(n)) = 1

 Compute the private exponent d, 1 < d < φ(n) such that: ed ≡ 1 (mod φ(n))
 Key Generation Algorithm

 The public key is (n, e) and the private key is (n, d)

 The values of p, q and φ(n) are private.

 e is the public or encryption exponent.

 d is the private or decryption exponent.

Figure 30.24 RSA

30.65
 Encryption & Decryption

Encryption
The encryption operation in the RSA cryptosystem is exponentiation to the e
th power modulo n:
c = ENCRYPT (m) = me mod n
The input m is the message.
The output c is the resulting cipher text.
Decryption
The decryption operation is exponentiation to the d th power modulo n:
The message m can be found form the cipher text C by the equation
m = DECRYPT (c) = Cd mod n
 Key Pair Generation

Example
Take Primes:
p = 5, q = 11
Compute n:
n = pq = 55
Compute φ(n):
φ(n) = (p-1)(q-1)=40
Choose Public exponent e = 3:
Check gcd(3,40)=1
Compute Private exponent d:
d = 1/3 mod 20 = 7
Message Encryption Decryption
M M2 mod n M3 mod n C2 mod n C6 mod n C 7 mod n

0 0 0 0 0 0

1 1 1 1 1 1

2 4 8 9 14 2

3 9 27 14 49 3

4 16 9 26 31 4

5 25 15 5 15 5

6 36 51 16 26 6

7 39 13 4 9 7

8 9 17 14 49 8

9 26 14 31 36 9
 Implementation

 This technique is widely being used on the

internet, military, government sites in addition to banks and other financial
institutions.

 Also it is being used for Disk encryption

Safe transformation of E-mail Authentication process
Electronic Commerce
 Limitation of RSA

Though so far RSA has not been broken but certain attention must be given in
the following cases
Not using small primes.
( because N could be easily factorised)
Not using primes that are very close.
(root of N will reveal how close they are)
Two people must not use the same N.
(if the two public exponents are co-prime, then the message may be retrieved)
Message should not be observable of e th power.
(if the value of e is very small, then it is easy to find m)
 Basic idea about IDEA…
 Here Plain text is of 64 bit.
 Key is of 128 bit. And it is divided in 52 sub keys (how?? Thhat we will see in
next slide.)
 Cipher text is also as same as plain text in size that is of 64 bit.
 Number of identical rounds are 8 where in each round 6 keys are used.
 Like this 48 keys and in last round another 4 keys (6 * 8 = 48 + 4 =52 total) are
being used in both the encryption and decryption process.
 Design issue

 The design philosophy behind the algorithm is one of “ mixing operation from
different algebraic groups”
 Lets take a look which different operations are used.
 1) XOR
 2) Addition
 3) Multiplication
 Key generation process
 First of all we will see how these 52 keys are generated.
 The 128 bit key is divided into 8 sub parts that is 16 bits each.
 Then the 128 bit key is cyclically shifted to the left by 25 position, so by doing
this we will have one new 128 bit key.
 Now similarly as above it is divided into 8 sub blocks and will be used in next
round.
 The same process is performed 9 times ans 56 keys are generated from which
the first 52keys will be used.
 So likewise from K1 to K52 keys are generated.
Sequence of operation in one round
 1) Multiply P1 and K1
 2) Add P2 and second K2
 3) Add P3 and third K3
 4) Multiply P4 and K4
 5) Step 1 ⊕ step 3
 6) Step 2 ⊕ step 4
 7) Multiply step 5 with K5
Sequence of operation in one round
 8) Add result of step 6 and step 7
 9) Multiply result of step 8 with K6.
 10) Add result of step 7 and step 9.
 11) XOR result of steps 1 and step 9.
 12) XOR result of steps 3 and step 9.
 13) XOR result of steps 2 and step 10.
 14) XOR result of steps 4 and step 10.

 Same operations are performed in 8 rounds…

Sequence of operation in last round
 1) Multiply P1 with K49.
 2) Add P2 and K50.
 3) Add P3 and K51.
 4) Multiply P4 and K52.
 Encyption

 First of all 64 bit plain text is divided into 4 16-bit parts and they are taken as
an input in first round.
 At the end of the first encryption round four 16-bit values are produced which
are used as input to the second encryption round
 The process is repeated in each of the subsequent 8 encryption rounds
 Note that in 9th round we have to use only 4 key( K49, K50, K51,K52) and have
to perform different operation as guided in previous slide.
 Decryption

 The computational process used for decryption of the ciphertext is essentially

the same as that used for encryption
 The only difference is that each of the 52 16-bit key sub-blocks used for
decryption is the inverse of the key sub-block used during encryption
 Do remember that the sub blocks must be used in reverse order than of the
encryption round.
 Applications of IDEA

 Today, there are hundreds of IDEA-based security solutions available in

many market areas, ranging from Financial Services, and Broadcasting
to Government
 The IDEA algorithm can easily be combined in any encryption software.
Data encryption can be used to protect data transmission and storage.
 Typical fields are:
 Audio and video data for cable TV, video conferencing, distance
learning
 Sensitive financial and commercial data
 Email via public networks
 Smart cards
 What is Quantum Cryptography?

 Quantum Cryptography is an effort to allow two users of a common

communication channel to create a body of shared and secret information. This
information, which generally takes the form of a random string of bits, can then be
used as a conventional secret key for secure communication.
 The Heisenberg Uncertainty principle and quantum entanglement can be
exploited in as system of secure communication often referred to as “quantum
Cryptography”.
 QUANTUM CRYPTOGRAPHY
 Key distribution
 Eavesdropping

 Detecting eavesdropping

 Noise

 Error correction

 Privacy Amplification

 Encryption
 KEY DISTRIBUTION

 Alice and Bob first agree on two representations for ones and zeroes
 One for each basis used, {,} and {, }.
 This agreement can be done in public
 Define

1= 0=
1= 0=
KEY DISTRIBUTION
Properties of Quantum Information
 KEY DISTRIBUTION - BB84
1. Alice sends a sequence of photons to Bob.
Each photon in a state with polarization corresponding to 1 or 0, but
with randomly chosen basis.
2. Bob measures the state of the photons he receives, with each state
measured with respect to randomly chosen basis.
3. Alice and Bob communicates via an open channel. For each
photon, they reveal which basis was used for encoding and
decoding respectively. All photons which has been encoded and
decoded with the same basis are kept, while all those where the
basis don't agree are discarded
 ENCRYPTION
 Key of same size as the plaintext
 Used as a one-time-pad

 Ensures the crypto text to be absolutely unbreakable

 ADVANTAGES:
 The biggest advantage of public key cryptography is the
secure nature of the private key. In fact, it never needs to
be transmitted or revealed to anyone.
 It enables the use of digital certificates and digital
timestamps, which is a very secure
technique of signature authorization.
BIO METRICS
• A biometric is defined as a unique,
measurable, biological characteristic for
recognizing or verifying the identity of a
human being.
• Statistically analyzing these biological
characteristics is known as the science of
biometrics.
BIOMETRICS
• Biometric technologies for security includes recognition of
• Faces
• Fingerprints
• Voice
• Signature strokes
• Iris and retina scans
• Keystroke patterns
• Ear shape
• DNA
• Body odor
• Gait.
BIOMETRICS
BIO METRICS

• Biometric identification consists of two stages

Enrollment
Verification/identification
ENROLLMENT

• In enrollment stage, a sample of the biometric is

acquired.
• In order to decrease the high dimensionality ,a
feature extraction phase is applied and form a template
of the biometric.
VERIFICATION

• In verification phase, these features are compared

with the previously generated biometric template.
BIOMETRIC ENCRYPTION

• Biometric Encryption is a process that securely binds a PIN or

a cryptographic key to a biometric, so that
neither the key nor the biometric can be retrieved from the
stored template.
• The key is re-created only if the correct live biometric sample
is presented on verification.
• Two phases
ENROLLMENT
VERIFICATION
 ENROLLMENT

Randomly generated key

01011001…01

Biometric Image Biometric Template

100110100010… BE binding
algorithm
………………010

110011001011…
……………..110

Biometrically-encrypted key is stored

 VERIFICATION

Biometrically-encrypted key

110011001011…
……………..110

Fresh Biometric Image Fresh Biometric Template

101100101010… BE retrieval
………………000 algorithm

01011001…01
Key retrieved
 CRYPTANALYSIS

•Cryptanalysis is the science of cracking codes and decoding secrets.

• It is used to
–violate authentication schemes,
– break cryptographic protocols,
– find and correct weaknesses in encryption algorithms
 TYPES of ATTACKS

•Ciphertext only attacks

•Known plaintext attacks
•Chosen plaintext attacks
•Chosen ciphertext attacks
•Man-in-the-middle attacks
•Side channel attacks
•Brute force attacks
•Birthday attacks
brute force attack

•A brute force attack involves trying all possible keys until hitting on
the one that results in plaintext.
 Ciphertext Only Attack

•A ciphertext only attack (COA) is a case in which only the encrypted

message is available for attack, but because the language is known a
frequency analysis could be attempted.
•In this situation the attacker does not know anything about the
contents of the message, and must work from ciphertext only.
 Known Plaintext Attack

•In a known plaintext attack (KPA) both the plaintext and matching
ciphertext are available for use in discovering the key
 Chosen Plaintext Attack

•A chosen plaintext attack (CPA) occurs when the attacker gains

access to the target encryption device -if, for example, it is left
unattended.
•The attacker then runs various pieces of plaintext though the device
for encryption.
•This is compared to the plaintext to attempt to derive the key
 Chosen Ciphertext Attack

•In a chosen ciphertext attack (CCA), the cryptanalyst can choose

different cipher texts to be decrypted and has access to the decrypted
plaintext
 Man-in-the-Middle Attack

•Cryptographic communications and key exchange protocols are

susceptible to an attack in which the attacker is able to place himself
on the communication line between two parties.
•In this "man-in-the-middle attack" the attacker is able to position
himself to intercept the key exchange between two parties. He
performs his own key exchange with each.
•Then, with both parties thinking they have set up a secure channel,
the attacker decrypts any communications with the proper key, and
encrypts them with the other key for sending to the other party.
•The parties think that they are communicating securely, but in fact
the adversary is reading everything.
 Side Channel Attacks

•Side channel attacks are a type of attacks based on implementation

details such as timing, power, and radiation emissions.

•By carefully measuring the amount of time required to perform

private key operations, attackers may be able to find fixed Diffie-
Hellman exponents, factor RSA keys, and break other cryptosystems