210 likes | 423 Views
RSA Asymmetric Key Cryptosystem. Presented by Katherine Heller COSC 4765 University of Wyoming April 26, 2011. Asymmetric Key Cryptography. Introduced 1970’s Whitfield Diffie and Martin Hellman Known as Public Key Encryption (PKE) Eliminated need for shared private keys. RSA.
E N D
RSA Asymmetric Key Cryptosystem Presented by Katherine Heller COSC 4765 University of Wyoming April 26, 2011 Image source: PC Dynamics, Inc.
Asymmetric Key Cryptography • Introduced 1970’s • Whitfield Diffie and Martin Hellman • Known as Public Key Encryption (PKE) • Eliminated need for shared private keys
RSA • Rivest, Shamir and Adleman • First asymmetric encryption algorithm • Encryption and authentication • Used with DES, SSL, CDPD and PGP • Most widely used asymmetric cipher
Encryption A function (F) + A plaintext message (m) + An encryption key (k) = Ciphertext (c)
The RSA Method • Two keys: one public (kp) one private (ks) • F(m, kp) = c and F-1(c, ks) = m • F-1(F(m, kp), ks) = m
The RSA Algorithm • Select two large prime numbers: pand q. • Find the product, n, of p and q: n = pq. • Choose a number, e, which is less than n and relatively prime to (p-1)(q-1). • Find a number d, such that (ed - 1) is evenly divisible by (p-1)(q-1). • e is the public exponent, dis the private exponent. • Public key: (n, e) • Private key: (n, d)
The RSA Algorithm (2) Using real numbers: p= 5077 and q = 4999 n= pq = 25379923 e= 5 ( p– 1 ) = ( 5077 – 1 ) = 5076 ( q– 1 ) = ( 4999 – 1 ) = 4998 5076 * 4998 = 25369848 d = 15221909 ( 5 (15221909) – 1 ) / 25369848 = 3
Keys What are the keys? n = 25379923, e= 5 and d= 15221909 Public Key is the pair (n, e) or (25379923, 5) Used to encrypt Private Key is the pair (n, d) or (25379923, 15221909) Used to decrypt
Keys (2) • Creating the ciphertext c = me mod n • Decrypting the message m = cd mod n Remember, n is really, really huge!
Key Sizes • Larger modulus (n) increases security • Large keys • Commonly 1024, 2048 and 4096 bits • Keys ≥ 2048 bits for extremely valuable data • Difficult to compare to other methods • Security comes from how the keys are generated, as well as key length
What’s so good about RSA? • Produces ciphertext without patterns • Very random • Hard to exploit • Larger modulus = greater security
But, how fast is it? • Modular exponentiation slows it down • Longer key = slower operations • 2 x modulus ⇒ time for public key ops x 4 time for private key ops x 8 time for key generation x 16 • Public key ops take O(k2) steps • Private key ops take O(k4) steps (where k = number of bits in modulus n) • DES 1000 times faster
The Standard • The de facto standard for cryptography • Combines authentication with encryption • Allows world-wide use of one system regardless of software or platforms
The “Key” to Security • LARGE PRIME NUMBERS • 100 digits long, or longer (each!) • Factoring very difficult • Security in the mathematical difficulty • Resistant to key search attacks
And with the key… • RSA can still be broken, with the key • Discovering a private key corresponding to its paired public key • “Guessed Plaintext Attack” • Guess the message • Run the encryption to see if it matches ciphertext • Even so – RSA isn’t going anywhere
More information: RSA Algorithm Demo by Richard Holowczak: http://cisnet.baruch.cuny.edu/holowczak/ classes/9444/rsademo/#overview RSA.com FAQ document: http://www.rsa.com/rsalabs/node.asp?id=2152#
References • Coated.com. (2010). GSM Security Encryption Code Hacked. Retrieved April 23, 2011, from Coated.com: http://www.coated.com/gsm-security-encryption-code-hacked-93620004/ • Daswani, N., Kern, C., & Kesavan, A. (2007). Foundations of Security: What Every Programmer Needs to Know. Berkeley: Apress. • PC Dynamics, Inc. (2011). File Encryption. Retrieved April 23, 2011, from SafeHouseSoftware.com: http://www.safehousesoftware.com/FileEncryption.aspx • Richard Holowczak, P. (2002, September 12). RSA Demo Applet. Retrieved April 16, 2011, from cisnet.baruch.cuny.edu: http://cisnet.baruch.cuny.edu/holowczak/classes/9444/rsademo/#overview • RSA Laboratories. (2000). RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Version 4.1. Retrieved April 16, 2011, from RSA Laboratories: http://www.rsa.com/rsalabs/node.asp?id=2152# • Welschenbach, M. (2005). Cryptography in C and C++. New York: Apress.
Questions? Image source: Coated.com