
<div style="text-align: center;">
    <h1>ElGamal Encryption: Theory, Properties, and Applications</h1>
    <p style="text-align: center;">Ahmed Almalki</p>
    <time>May 15, 2023</time>
    <br>
    <a href="https://github.com/asajm/ElGamal-Encryption">https://github.com/asajm/ElGamal-Encryption</a>
</div>
<hr>

## Introduction

ElGamal encryption, devised by Taher ElGamal in 1985, is a public-key cryptosystem based on the Diffie–Hellman key exchange. It’s among the earliest of cryptosystems that are theoretically secure against ciphertext attacks. In this project, we will discuss the theoretical background of ElGamal encryption, its importance and applications, and provide some examples and computations.


## Theoretical Background

ElGamal encryption depends on the difficulty of finding discrete logarithms within a cyclic group. In cyclic groups, every element has an inverse, and the product of any two elements is also an element of the group. ElGamal encryption provides a secure way to transmit encrypted messages over an unsecured channel. The scheme involves key generation, encryption, and decryption processes.

### Key Generation

The key generation process involves selecting a cyclic group and a generator for that group. Let's consider a finite cyclic group $G=\mathbb{Z_p^*}$ of order $p$, where $p$ is a large prime number. The generator $g$ of $G$ is a randomly chosen element. Each user generates their key pair consisting of a private key, $x$ (randomly selected from $\{1,2,...,p-1\}$), and a corresponding public key, $y = g^x \mod p$.

### Encryption

To encrypt a message $m$ using the recipient's public key ($y$), the sender randomly selects a value $k$ from $\{1,2,...,p-1\}$. The ciphertext consists of two parts: $c_1 = g^k \mod p$ and $c_2 = m \cdot y^k \mod p$.

### Decryption

The recipient uses their private key ($x$) to decrypt the ciphertext. By computing the secret key $S = (C_1^x)^{-1} \mod p$, the original message can be retrieved as $m = C_2 \cdot S \mod p$.

### Alice/Bob Scenario

1. Alice selects a large prime number $p$ and a generator $g$ of the group $\mathbb{Z}^*_p$.
2. Alice selects a private key $x$ (randomly selected from $\{1,2,...,p-1\}$) and computes $y = g^x\bmod p$.
3. Alice sends the public key $(p,g,y)$ to Bob.
4. Bob has a senstive message $m$ that is to be shared with Alice via an insecure channel.
5. Bob selects a random integer $r$ (from $\{1,2,...,p-1\}$) and computes $C_1 = g^r\mod p$ and $C_2 = m\cdot y^r\mod p$.
5. Bob sends the ciphertext consists of two parts: $(C_1, C_2)$ to Alice.
6. Alice computes the shared secret $S = (C_1^x)^{-1}\mod p$, the senstive message can be retrieved as $m = C_2\cdot S\mod p$.

## Importance/Applications of ElGamal Encryption

ElGamal encryption has significant importance within the field of cryptography and mathematics. It provides a practical implementation of public-key cryptography, which revolutionized secure communication. The scheme's reliance on the discrete logarithm problem forms the basis for various cryptographic protocols and algorithms.

### Applications

Similar to other public key systems, the ElGamal cryptosystem is commonly employed within a hybrid cryptosystem framework. In this approach, the message is typically encrypted using a symmetric cryptosystem, while ElGamal is specifically utilized to encrypt solely the symmetric key.

* **Secure Communication:** Public key cryptosystems are commonly used to provide secure communication over insecure channels.
* **Digital Signature:** Public key cryptosystems are used for generating and verifying digital signatures. 

## Example and Computation
Here's an example implementation of ElGamal encryption in Python:

In [100]:
import random

# Key Generation
def generate_keys(p):
    # Select a large prime p
    # Find a generator g of the cyclic group Z_p*
    while True:
        g = random.randint(2, p - 1)
        if pow(g, (p - 1) // 2, p) != 1 and pow(g, p - 1, p) == 1:
            break
    
    x = random.randint(1, p - 1)
    y = pow(g, x, p)
    
    return x, (g, p, y)

# Encryption
def encrypt(public_key, message):
    g, p, y = public_key
    k = random.randint(1, p - 1)
    c1 = pow(g, k, p)
    c2 = (pow(y, k, p) * message) % p
    return c1, c2

# Decryption
def decrypt(private_key, ciphertext):
    x = private_key
    c1, c2 = ciphertext
    s = pow(c1, x, p)
    s_inv = pow(s, -1, p)
    original_message = (c2 * s_inv) % p
    return original_message

# Example usage
p = 23  # A prime number
private_key, public_key = generate_keys(p)

message = 9  # The message to be encrypted

ciphertext = encrypt(public_key, message)
decrypted_message = decrypt(private_key, ciphertext)

print("Original message:", message)
print("ciphertext message:", ciphertext)
print("Decrypted message:", decrypted_message)

Original message: 9
ciphertext message: (6, 16)
Decrypted message: 9


## References
* Taher Elgamal, "A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," IEEE Transactions on Information Theory, vol. 31, no. 4, pp. 469-472, July 1985.
* Boneh, D., Shoup, V. A Graduate Course in Applied Cryptography. Version 0.6. Available at: https://toc.cryptobook.us/book.pdf.
