 So, again, this is our RSA encryption, decryption, and the other part, which is a bit hard to remember, but you should, and it would have helped you solve that part C of the first exam question is the key generation. Now, with RSA, the security comes from using large numbers, not from using small numbers like in the exam. Of course, we can break that. It's using large numbers. And therefore, we need software to do the encryption and decryption for us, and also importantly to generate the keys. With symmetric key ciphers, there's a shared secret key. How do you generate a key for a symmetric key cipher? Random. Okay? You and I, we want to use AES to encrypt our data between us. We both need the same key. So what may happen is I choose a random number, 256-bit key, a 256-bit random number. I generate it using some software, OpenSSL. I give you that random number, and that's the key that we will use. It's a shared secret key between the two users. But with public key crypto, the keys are generated according to some algorithm, not a random number. So with RSA, here's the algorithm. So we can use OpenSSL to generate these keys. And again, the idea is that every user has a pair of keys, public and private key. So you generate your own pair. I'll show you how to do that with OpenSSL. And there are some notes on this I'll point to on the website, so I'll just go direct to the command. We can zoom in. We can use different software to generate the keys. And this is just one way to use OpenSSL to generate a public, or in this case, a public private key pair, the operation GenP key. We're using the algorithm RSA. There are other algorithms that we can use for this one, just RSA. And then we don't have to, but in this case, I'll specify two key options. It continues across the next line, dash P key OPT, an option for the key. We can specify some optional parameters. The first optional parameter is the key length. With RSA, the key length is really the length of N, the modulus N. So I specify I want N to be 2048 bits. All right, we may have seen in the slides, there are three typical values for N. In common use, 1,024 bits, 2,048 and 4,096. The larger value, the more secure, but the slower it is to encrypt and decrypt. The second option is the public exponent. I specify in this case, the public exponent E to be three. So I can choose the value of E. If I don't give these options, OpenSSL will choose default values. And from memory, I think the default public exponent is 65,537. It's a common value, and it's probably best to use that compared to three. But I'll just use it as a different example here, three. And I can't remember the default size, maybe it's 1,024. Everyone watch and see how long it takes. So I'm going to generate my key pair, right, almost instantaneously. It took a bit of time when you see some dots and so on. It takes some time because what just happened then was my computer chose two primes, P and Q, such that when those two multiplied together, we got a 2,048 bit number N. Then it selected some value E, well, that was already selected, three. But it calculated D, which is the multiplicative inverse of E in the mod of the torsion of N. So these steps were performed by OpenSSL in that case. And we get a public and private key. Let's look at the values. It was saved in a file called privkey.pm. PM's just the format commonly used. So my key pair is saved in this file. It's 1,704 bytes long. Let's look at the contents. Should we have a quiz next week on the contents of this file? I think you should be able to do this. You can try it at home. Zoom out. Try again. There's my key pair. Now, we need to explain the format of this. I generated the key pair. We'll see the detailed values in a moment. But what OpenSSL does by default in this format of the output is it encodes the values into some form that can be printed on the screen. And for example, included on a web page. So this is not encrypted. This is what we say is encoded. In the same way that we have ASCII encoding, to encode our different characters into some decimal or some binary value, we can have different encodings. And this is one encoding called base64 encoding that takes some binary values and encodes them using, I think it's one of 64 different characters. And that's the combination here. So it makes no sense here. But that's all the information needed. Because a decoder will find the original values. So often you'll see, not private keys, but when we look at public keys, you'll see some encoding like this, say attached to the bottom of an email or on a web page. Let's look at the actual values. Let's decode this. And the way to do it, OpenSSL has an option. We can output it in some nice-to-view text format. Take our input private key and produce an output in a text format, and so I can scroll through or pipe it into less. Gives us the original form, and we scroll down. Then it gives us end. And now it gives us the human-friendly form, a little bit more human-friendly than the first one. It gives us the private key, the modulus, n. There's the value of n. It's 2,048 bits, but it's represented in hexadecimal here. So if you convert, you'll get this as a 2,048-bit number. The public exponent, e. So e is 3 in decimal. The private exponent, d, is the next value. Don't look at this, because this is private for me. Again, another large number. So this value is the secret value that it should be specific to you and not shared with anyone else. It's just a demo in this case. So really, we have three values, e, d, and n. D must be kept private. So e and n, we make public. But for performance reasons for the implementation, we also store some other intermediate values. So we just really need e, d, and n, but OpenSSL and other software store some other values to help the speed up the encryption and decryption. So we see prime 1 and prime 2. Recall, what happens in the key generation is that we have a prime p, a prime q. We multiply together to get n. This is p and q. I don't know which order. It doesn't matter. There are two prime numbers here. So they are our large primes. Again, must be kept private, because if someone else knows these primes, then they can easily break anything encrypted using your public key. And then some other intermediate values are stored. It's not so important for you to know about these. There's two other exponents, some other coefficient. Again, just for implementation purposes, those values, which are stored in your key, are listed here on one of the slides. You can go back and check that. But there's a modulus n, the public exponent e, the private exponent d, the three values that we always think of, where we often write that the public key is e and n, modulus and public exponent. The private key is d and n, private exponent and the modulus. The remaining values are there for speeding up the encryption and encryption when we use these keys, the two primes and these other exponents and coefficient. Not so important to remember or worry about these. They should be kept secret. When you have them, you shouldn't show anyone else what the values are. Otherwise they can defeat the RSA. So really the public values that you can tell anyone else, n and e, the other values are kept private or secret. So I have a private key. Your next homework task is to generate your own keys, key pairs, and we'll need to exchange some values and do some encryption and authentication using those key pairs. So the private key, from that, we can extract the public values only. So the values in the file so far are all of these. We can extract just n and e. And the way to do so with OpenSSL, we can extract just the public values. We take our input private key, which contains all values, and output to some file, I'll call pubkey, and specify to just output the public values so that we hide or don't display any of the private values. So our private key contains all values, privkey.pm, public key contains just n and e. And what you'll do in your homework is once you generate these, the public key you can then tell anyone else. You can send anyone this file, for example, attach it at the bottom of an email, put it on a web page, because it contains your public values. And we can look at them, output into some text format. So take my public key, specify it's a public key coming in, and display the output as text. And just so we can scroll through or pipe into less. And here's the encoded format of my public key. So if you want to attach your public key to your email, when you send someone an email, you can attach just this encoded form, because software will be able to decode it. But here are the actual values, the public key 2048 bit modulus in hexadecimal, and the exponent e, e equals three. So the two public values of n and e. That's all we'll attempt to cover today, because no one's too concerned. So next week, we'll move on to the next topic. There's another algorithm for public key crypto, Diffie-Hellman that we need to cover, and then authentication. Focused so far on confidentiality, encrypting messages so no one can see the contents. But another key part of security is making sure that we can confirm who did the message come from. You receive a message, did it come from Steve or someone pretending to be Steve? Like a masquerade attack. So we need techniques to confirm that. And we will use public key cryptography again to do that, as well as some other techniques. So that's the next topic.