150 likes | 295 Views
Public Encryption: RSA. Jerzy Wojdy ł o Department of Mathematics Southeast Missouri State University. Symmetric Cryptosystem. A symmetric cryptosystem is a five-tuple ( P , C , K , E , D ), where the following are satisfied: P is a finite set of possible plaintexts .
E N D
Public Encryption: RSA Jerzy Wojdyło Department of Mathematics Southeast Missouri State University
Symmetric Cryptosystem A symmetric cryptosystem is a five-tuple (P,C,K,E,D), where the following are satisfied: • P is a finite set of possible plaintexts. • C isa finite set of possible ciphertexts. • K, the key space, is a finite set of possible keys • KK, EKE (encryption rule), DKD (decryption rule). Each EK: PC and DK: CP are functions such that xP, DK(EK(x)) = x. (the same key in encryption and decryption) RSA, Jerzy Wojdylo, 9/21/01
Asymmetric Cryptosystem • One key for encryption (public key) • DIFFERENT key for decryption (private key) • Decryption key CANNOT be deduced from the encryption key RSA, Jerzy Wojdylo, 9/21/01
Pierre de Fermat (1601-1665) • Fermat’s Little Theorem Let p be prime, a Z+, not a multiple of p. Then a p-1 1 (mod p). RSA, Jerzy Wojdylo, 9/21/01
Leonard Euler (1707 – 1783) • Euler’s “phi” function : Z + Z + nZ+, (n) = |{z[1,n]: gcd(z, n) = 1}| . • Examples: (2) = 1, (6) = 2, (7) = 6, (30) = 8 RSA, Jerzy Wojdylo, 9/21/01
Leonard Euler (1707 – 1783) • Properties of the function : • If p is a prime, then (p) = p – 1. • If p is a prime and kZ+, then (pk) = pk – pk-1. • a, bZ+, if gcd(a, b) = 1, then (ab) = (a)(b). RSA, Jerzy Wojdylo, 9/21/01
Leonard Euler (1707 – 1783) • Euler’s Theorem a, nZ+, if gcd(a, n)=1 then a (n) 1 (mod n). • Fermat’s Little Theorem Let p be prime, aZ+, a not a multiple of p. Thena p-1 1 (mod p). RSA, Jerzy Wojdylo, 9/21/01
RSA (public key encryption) • Ron Rivest, Adi Shamir, Leonard Adleman, “A Method for Obtaining Digital Signatures and Public Key Cryptosystems”, Communications of the ACM, Vol. 21, no. 2, February 1978, 120-126. • REVOLUTION! • RSA cipher, RSA Security, www.rsa.com RSA, Jerzy Wojdylo, 9/21/01
RSA (public key encryption) • Alice wants Bob to send her a message. She: • selects two (large) primes p, q, TOP SECRET, • computes n = pq and (n) = (p-1)(q-1), (n) also TOP SECRET, • selects an integer e, 1 < e < (n), such that gcd(e, (n)) = 1, • computes d, such that ed 1 (mod (n)), d also TOP SECRET, • gives public key (e, n), keeps private key (d, n). RSA, Jerzy Wojdylo, 9/21/01
RSA (public key encryption) • RSA in action • Bob wants to send plaintext P, 0 < P < n. Encryption: E(e, n)(P) = C = Pe (mod n). Bob sends ciphertext C. • Alice receives C. Decryption: D(d, n)(C) = Cd (mod n) = P (ha!) RSA, Jerzy Wojdylo, 9/21/01
RSA (public key encryption) • Does it work? • Yes! D(d, n)(C) = D(d, n)(P e) = (P e)d= P ed= = P k(n)+1 = ed 1 (mod (n)) = (P(n))k P P (mod n). Euler’s Theorema (n) 1 (mod n). RSA, Jerzy Wojdylo, 9/21/01
RSA (public key encryption) • Example: p = 997, q = 991, n = 988027, (n) = 986040, e = 13, d = 303397. • P = RSA = 181901 • Encryption: E(e, n)(P) = C = Pe (mod n) = = 18190113 (mod 988027) = 941080. • Decryption: D(d, n)(C) = Cd (mod n) = = 941080303397 (mod 988027) = 181901. RSA, Jerzy Wojdylo, 9/21/01
RSA (public key encryption) • Is it secure? • Yes, if p and q are large primes (over 150 decimal digits each). • Factoring is a HARD problem, no known polynomial time algorithm. • http://www.rsa.com/rsalabs/node.asp?id=2092 • RSA is much slower than DES or AES. RSA, Jerzy Wojdylo, 9/21/01
RSA (public key encryption) • Alice’s Signature • Alice encrypts her signature S using her private key: E(d, n)(S) = T = Sd (mod n) and sends T to Bob. • Bob decrypts T using Alice’s public key to authenticate her message: D(d, n)(T) = Td (mod n) = S. RSA, Jerzy Wojdylo, 9/21/01