Open in app

Sign in

Write

Sign in

ElGamal Encryption Scheme

Oxbridge Inspire
Oxbridge Inspire
Published in
3 min readJul 5, 2018

This week, we will see the ElGamal encryption scheme; we are considering public key cryptography, so we use public and secret keys to achieve this encryption scheme.

Image sourced via Creative Commons

The ElGamal encryption scheme is run using a cyclic group of order (size) q and with generator g. Recall that the generator of a group is an element from which the whole group can be formed by applying the group operation.

The encryption scheme:

You will recall from a previous tutorial, that an encryption scheme is made up of three algorithms: key generation, encryption and decryption. We will assume the encryption scheme is run between Alice and Bob, where Bob is encrypting a message, m, to send to Alice, who then decrypts it.

Key generation

Alice must generate a public key for herself and an associated secret key that she will use to decrypt the message. She does this by:

  • Randomly selecting an element, x, of the set {0, …, q — 1}.
  • Calculates h= gx.
  • Alice publishes h as her public key and keeps x as her private key.

Encryption

For simplicity, we assume the message (m) to be encrypted is an element of the group. In order to encrypt a message (m) for Alice to decrypt, Bob must encrypt it using Alice’s public key in the following way:

  • Randomly selecting an element, y, of the set {0, …, q — 1}.
  • Calculates c1 = gy.
  • Calculate s= hy. Note that s= gx.y.
  • Calculate c2 = m . s.
  • Bob sends (c1, c2) to Alice.

Decryption

Alice has (c1, c2) and her secret key (x) at her disposal to decrypt the message. She does so as follows:

  • Calculates s = c1x.
  • To decrypt the message she computes m = c2 . s-1.

This is the whole encryption scheme! Simple, no? One reason this scheme is widely used is that it is efficient, there are not many steps to it. It is of particular interest that there are only two exponentiations in the encryption algorithm; minimising the number of exponentiations is a good way to keep the run time of the algorithm down.

Question:

Write a proof that this encryption scheme is correct.
Hint: to do this we need to show that if we follow the three algorithms correctly, the decryption algorithm will always return the original encrypted message.

The solution is at the very end of this article.

This article was written by David Butler, one of the course creators and teachers at Oxbridge Inspire. David is studying for a PhD at the Alan Turing Institute in London.

Oxbridge Inspire delivers innovative STEM education and provides guidance and inspiration to young people wishing to pursue STEM subjects at University and beyond. To find out more about Oxbridge Inspire and the courses and activities we offer, visit our website.

Solution:

Alice computes c2 . s-1. We need to show this is equal to m. We can see this is true by the following.

c2 . s-1 = m . hy . (gxy)-1 = m . gxy . (gxy)-1 = m

We can see that the decryption will always produce the original message.

Security
Encryption
STEM
Mathematics
Tutorial

--

--

Oxbridge Inspire
Oxbridge Inspire

Written by Oxbridge Inspire

31 Followers
Editor for

For ambitious and curious young people who wish to study Science, Technology, Engineering or Maths at University

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams