1 / 59

RSA Cryptosystem

RSA Cryptosystem. p-1. 1. = p. Cryptography. Cryptography is the mathematics of devising secure communication systems Cryptanalysis is the mathematics of breaking such systems. RSA Cryptography. Basically unbreakable method for encoding messages. RSA Cryptography. R ivest

ktarango
Download Presentation

RSA Cryptosystem

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. RSA Cryptosystem p-1 1 =p

  2. Cryptography • Cryptography is the mathematics of devising secure communication systems • Cryptanalysis is the mathematics of breaking such systems.

  3. RSA Cryptography Basically unbreakable method for encoding messages

  4. RSA Cryptography Rivest Shamir Adelman (1978)

  5. This is Alice

  6. This is Alice and this is Bob

  7. This is Alice and this is Bob and this is Trudy

  8. Plaintext Encryption Ciphertext Transmission Decryption Message

  9. Plaintext Encryption Eavesdropping Ciphertext Impersonation Transmission Alteration Decryption Message

  10. Pick secret, random primes: p,q “Publish”: n = p*q Pick random e  Z*(n) “Publish”: e Compute d = inverse of e in Z*(n) “ Private Key”: d

  11. p,q random primes, e random  Z*(n) n = p*q e*d = 1 [ mod (n) ] (n,e) is my public key. Use it to send a message to me.

  12. p,q prime, e random  Z*(n) n = p*q e*d = 1 [ mod (n) ] n,e mmm…

  13. p,q prime, e random  Z*(n) n = p*q e*d = 1 [ mod (n) ] n,e m me [mod n]

  14. p,q prime, e random  Z*(n) n = p*q e*d = 1 mod (n) n,e m me (mod n) (me)d =n m

  15. RSA Example  • n = 187=11*17 • e = 7 • S M I L E Y • 19 13 09 12 05 25

  16. RSA Example  • n = 187=11*17 • e = 7 • S M I L E Y • 19 13 09 12 05 25 • 197=145 mod 187 • 137=106 mod 187

  17. RSA Example  • n = 187=11*17 • e = 7 • S M I L E Y • m 19 13 09 12 05 25 • me mod n 145 106 70 177 146 185

  18. RSA Example  • n = 187=11*17 • e = 7 • S M I L E Y • m 19 13 09 12 05 25 • me mod n 145 106 70 177 146 185 me*d mod n

  19. RSA Example  • n = 187=11*17 • e = 7 • S M I L E Y • m 19 13 09 12 05 25 • me mod n 145 106 70 177 146 185 me*d mod n • d = 23

  20. RSA Example  • n = 187=11*17 • e = 7 • S M I L E Y • m 19 13 09 12 05 25 • me mod n 145 106 70 177 146 185 me*d mod n • d = 23 • 14523=19 mod 187

  21. RSA Cryptography • Fast Exponentiation • Extended Euclidean Algorithm • Modular inverses • FLT (Fermat’s Little Theorem) • CRT (Chinese Remainder Theorem)

  22. Fast Exponentiation • How to compute • 19112396 mod 4171 • fast?

  23. Fast Exponentiation • A more lucid example • 350 mod 7 • 50 = 1100102 • 350 = ((((32 *3)2)2)2 *3)2

  24. Fast Exponentiation • A more lucid example • 350 mod 7 • ((((32 *3)2)2)2 *3)2 = ((((2 *3)2)2)2 *3)2 = • (((36)2)2 *3)2 = ((1)2 *3)2 = 32 =2 mod 7

  25. Modular Inverses • Definition • The inverse of e mod n is • d*e = 1 mod n

  26. Modular Inverses • Definition • The inverse of e mod n is • d*e = 1 mod n • Question. • What is the inverse of 3 mod 29?

  27. Modular Inverses • Definition • The inverse of e mod n is • d*e = 1 mod n • Question. • What is the inverse of 4 mod 8?

  28. Modular Inverses • Definition • The inverse of e mod n is • d*e = 1 mod n • Theorem. • e has an inverse mod n iff GCD(e,n)=1

  29. Modular Inverses • Theorem. • e has an inverse mod n iff GCD(e,n)=1 • Proof. • By the EEA • 1 = a*e + b*n

  30. Extended Euclidean Algorithm • The algorithm works the same as the regular Euclidean algorithm, except it keeps track of more details. • It computes x and y such that • GCD(a,b) = a*x + b*y

  31. Extended Euclidean Algorithm • Application. • Recall the Die Hardmovie. Willis and Jackson are supposed to disarm a bomb by measuring exactly 4 gallons of water using only 3 and 5-gallons containers. • GCD(3,5) = 2*3 + (-1)*5

  32. Extended Euclidean Algorithm • a = b*q1 + r1 • b = r1*q2 + r2 • … • rk-1 = rk*qk+1+0

  33. Exponential Inverses • How to find d? • me*d = m (mod n)

  34. Fermat Little Theorem • If a does not divide p and p is prime • ap-1 = 1 (mod p) • ap = a (mod p)

  35. Fermat Little Theoremap-1 = 1 (mod p) • Compute • 9100 mod 17

  36. Fermat Little Theoremap-1 = 1 (mod p) • Compute • 9100 = 916*6+4 • 916 = 1 mod 17 • 9100 = 94 = 16 mod 17

  37. Exponential Inverses • FLT: • ap-1 = 1 (mod p) • Exercise. • m3*d = m (mod 11)

  38. Exponential Inverses • FLT: • ap-1 = 1 (mod p) • Exercise. • m3*d = m (mod 11) • Wrong d: 3*d = 1 (mod 11)

  39. Exponential Inverses • FLT: • ap-1 = 1 (mod p) • Exercise. • m3*d = m (mod 11) • 3*d = 1 (mod 10) • m1 + 10*k = m (mod 11)

  40. Exponential Inverses • How to find d? • me*d = m (mod n) • We found that d must be inverse of e mod (n-1) • m1 +k*(n-1) = m (mod n)

  41. Exponential Inverses • me*d = m (mod n) • We found that d must be inverse of e mod (n-1) • d*e = 1 (mod n-1) • This idea will make trivial to decrypt messages…

  42. RSA uses n = p*q a product of two primes

  43. Exponential Inverses • Theorem. • e, p and q are primes and • GCD(e, (p-1)(q-1)) = 1 • Then exponential inverse of e is the inverse of e mod (p-1)(q-1) • d*e = 1 mod (p-1)(q-1)

  44. Exponential Inverses • Theorem. • d*e = 1 mod (p-1)(q-1) • Example. • Let n = 5*7. Find d. • md*5 = m (mod n)

  45. Exponential Inverses • Theorem. • d*e = 1 mod (p-1)(q-1) • Example. • Let n = 5*13. Find d. • md*5 = m (mod n) • d*5 = 1 mod (4*12) • d = 29 • m145= m (mod 65)

  46. Exponential Inverses • Theorem. • d*e = 1 mod (p-1)(q-1) • Example. • m145= m (mod 65) • Modulo 5: • m145= m4*36+1 =m (mod 5) • Modulo 13: • m145= m12*12+1 =m (mod 13)

  47. Exponential Inverses • Theorem. • d*e = 1 mod (p-1)(q-1) • Proof. • md*e = m1 + k(p-1)(q-1) (mod n) • The system of congruences: • md*e = m (mod p) • md*e = m (mod q)

  48. Chinese Remainder Theorem • Theorem. • GCD(p, q) = 1 • x = a (mod p) • x = b (mod q) • The system has a unique solution • mod (p*q)

  49. p,q prime, e random  Z*(n) n = p*q e*d = 1 [ mod (n) ] n,e m me [mod n] (me)d =n m

  50. 1. select two large primes p, q 2. compute n=p*q and (n) 3. choose odd e relatively prime to (n) 4. use EEA to find d from e*d=1 mod (n)

More Related