Software Tool for Implementing RSA Algorithm

Transcription

1 Software Tool for Implementing RSA Algorithm Adriana Borodzhieva, Plamen Manoilov Rousse University Angel Kanchev, Rousse, Bulgaria Abstract: RSA is one of the most-common used algorithms for public-key cryptography applied for encrypting information in computer-communication systems. Design and operation of a software tool for implementing RSA algorithm are described in the paper. The architecture of the system and modules for generating keys and encrypting / decrypting are presented. The software tool with a friendly graphical user interface is developed in Borland Delphi and it will be applicable to the educational process in the course of Cryptography and Information Security. Keywords: communications, cryptography, RSA algorithm, software tool. 1. INTRODUCTION RSA is an algorithm for public-key cryptography, suitable for signing and encryption. The algorithm RSA was publicly described in 1977 by Rivest, Shamir, and Adleman at Massachusetts Institute of Technology (MIT) [4]. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date implementations. 2. ASYMMETRICAL ALGORITHM RSA Asymmetrical algorithm RSA involves a public key and a private key. The public key can be known to everyone and is used for encrypting messages. Messages encrypted with the public key can only be decrypted using the private key. The keys are generated in the following way [1, 3, 4]: 1. Choose two distinct large random prime numbers p and q. 2. Compute n = pq. The number n is used as the modulus for both the public and private keys. 3. Compute the Euler s function: ϕ( n ) = ( p 1) ( q 1). < e < ϕ n ϕ n share no factors other 4. Choose an integer e such that 1 ( ); e and ( ) than 1 (i.e. e and ϕ ( n) are co-primes); e is released as the public key exponent. 5. Compute d to satisfy the congruence relation de 1 ( mod ϕ( n) ); i.e. ( n) de = 1 + k ϕ for some integer k ; d is kept as the private key exponent. A popular choice for the public exponents is e = = Some applications choose smaller values such as e = 3, 5, 17 or 257 instead. This is done to make encryption and signature verification faster on small devices like smart cards but small public exponents can lead to greater security risks. The public key consists of the modulus n and the public (or encryption) exponent e. The private key consists of the modulus n and the private (or decryption) exponent d which must be kept secret. For efficiency a different form of the private key can be stored: p and q : the primes from the key generation; d mod ( p 1) and mod ( q 1) d ; 804

2 . All parts of the private key must be kept secret in this form. p and q are sensitive since they are the factors of n, and allow computation of d given e. If p and q are not stored in this form of the private key then they are securely deleted along with other intermediate values from key generation. Although this form allows faster decryption and signing by using the Chinese Remainder Theorem, it is considerably less secure since it enables side channel attacks. This is a particular problem if implemented on smart cards, which benefit most from the improved efficiency [4]. The RSA system can be used for encryption / decryption and digital signatures: 1. Encryption and decryption: Suppose Alice wants to send a message m to Bob. 1 q mod ( p) Alice creates the ciphertext c by exponentiating: c = m e mod n, where e and n are Bob's public key. She sends c to Bob. To decrypt, Bob also exponentiates: m = c d mod n ; the relationship between e and d ensures that Bob correctly recovers m. Since only Bob knows d, only Bob can decrypt this message. 2. Digital Signature: Suppose Alice wants to send a message m to Bob in such a way that Bob is assured the message is both authentic, has not been tampered with, and from Alice. Alice creates a digital signature s by exponentiating: s = m d mod n, where d and n are Alice's private key. She sends m and s to Bob. To verify the signature, Bob exponentiates and checks that the message m is recovered: m = s e mod n, where e and n are Alice's public key. Thus encryption and authentication take place without any sharing of private keys: each person uses only another's public key or their own private key. Anyone can send an encrypted message or verify a signed message, but only someone in possession of the correct private key can decrypt or sign a message [2]. 3. DESIGN AND SOFTWARE IMPLEMENTATION OF RSA CRYPTOSYSTEMS Design and operation of a software tool for implementing RSA algorithm are described in the paper. The architecture of the system and modules for generating keys and encrypting/decrypting are presented. The tool with a friendly graphical user interface is developed in Borland Delphi and it will be applicable to the educational process in the course of Cryptography and Information Security. To software products of this type, especially simulators of cryptographic algorithms, the following requirements are claimed: Flexibility of the system in dealing with different types of data; Visualizing the encryption and decryption processes; Storing the processed results. Some specific requirements that extend the functional capabilities and guarantee the facilities for working with the system are specified: Presence of a module for taking out the series of prime numbers this facilitates the user in choosing the numbers Р and Q necessary for determining the keys; Ensuring possibilities for choosing the type the data to be processed binary or hexadecimal; Possibility for selecting the languages of the graphical user interface; Detecting incorrectly filled-in fields; Keeping track of the current results from the system s working. 805

3 Moreover, the software products must guarantee: Convenience for working with the system; A friendly graphical user interface (GUI); Control over the user s operations by means of well-chosen dialog. The system consists of three main modules (Fig. 1) for generating the couple of keys; for encrypting and decrypting the data A module for generating the keys The major part of RSA algorithm is realized on the basis of this module, namely creating the public and the secret keys. This is done after entering two numbers P and Q that must satisfy the following conditions: The numbers must be primes, i.e. their divisors are only 1 and the number itself; The numbers P and Q must be positive and fulfil the requirement 1 < P, Q 300; The numbers P and Q must be different, P Q. Fig. 1: Architecture of the designed system The system verifies automatically whether the input numbers satisfy all conditions above to guarantee the correctness of the created couple of keys. The restriction the numbers P and Q not to exceed 300 is imposed with the purpose of preventing possible errors that can arise in the subsequent working of the program since the obtained numbers are extremely large. With violating one of these requirements, the system produces the corresponding message for an error and the user is asked to enter correct number. In aid of the users, the software product shows all primes in the range [0, 300] when pushing the button Show primes, Fig. 2. The fields for the generated couple of keys (public and private) are located in the section Crypto keys. Below the fields where the values of P and Q are entered the value of Euler s function PHI (φ(n)) is taken out. This field and the fields for the keys are forbidden for user s access. Only the system has access to these fields and manipulates their values. In this way the certainty is increased and the possibilities for entering incorrect values are reduced to 0, Fig

4 3.2. A module for encrypting This module uses the generated public key to encrypt the information located in the field Plain Text. If a couple of keys is not generated, the program produces an error message and the process of encrypting is interrupted. After pushing the button Encrypt the verification for availability of keys is done and the contents of the field Plain Text are analyzed. If any irregularity is found, the user is informed. A possible reason for generating an error is an empty field. The symbols Space and Enter are distinguished by the system and are encrypted / decrypted correctly. Another possible reason for interrupting the encryption is if the number of input symbols exceeds This requirement is imposed since the processes of encryption and decryption are delayed considerably when the number of symbols is great. It reduces the system to getting to sleep, especially when P and Q are greater and the subsequent calculations become complicated. The number of the symbols is shown below the text areas. The time necessary for encryption of the corresponding information is displayed. Fig. 2: GUI of RSA simulator Besides entering the information for encrypting by hand, the product allows working with text files (.txt) by selecting the option Import Plain Text from menu File. After specifying the file for processing its contents are written out in the field Plain Text and its name against Input file. A verification of text validity is done. A possibility for saving the encrypted text is added in menu File ( Save Cipher Text ). The results are kept only in text files (.txt). 807

5 The simulator has the possibility for encrypting data in binary or hexadecimal form. The choice of the data type is done in the field Visualisation, by the options HEX mode and BIN mode. The hexadecimal representation is chosen by default, Fig A module for decrypting This module uses the generated private key for decrypting the data in the field Cipher Text. After pushing the button Decrypt the system analyzes the field where the encrypted information is located. For lack of input data an error message is produced and the process of decrypting is stopped. If input data is available it is verified whether it conforms to the corresponding chosen option for binary or hexadecimal representation. If any inconformity is found an error message is generated. Except using encrypted information generated by the system during its work, a possibility for importing encrypted information from a text file (.txt) is implemented by selecting the option Import Cipher Text from menu File. Since incorrect encrypted data can be entered such verification is imposed before starting the veritable decrypting. The option Save Decrypt Text can be chosen from menu File also. It allows the user to save the results from decryption in a text file (.txt). The number of symbols of the encrypted information is restricted to If the number of the symbols is close to and the generated keys on the basis of the greatest values for P and Q ( 300) the time necessary for decrypting is more than 6 minutes depending on the information type. The software tool has a well-working algorithm for tracking the current state of the process. At any time of working, the user has the chance to follow the state of the system. It can be done from the field Status. Thence it can be followed whether the encrypting and decrypting are done successfully or any errors are found during this process and errors type. One of the possible errors is Error encrypting string data. It is generated in the cases when n = P.Q is less than the number that will be encrypted. A screenshot from running the RSA simulator is given in Fig. 2. The choice of numbers P and Q, and the results from generating the public and private keys are shown. The processes of encrypting and decrypting of an example text are illustrated also Additional capabilities of the implemented system The program has a graphical user interface in English and Bulgarian. The language can be selected from menu Settings Language. English is used by default. The option Crypto Model can be chosen from menu View. It illustrates the diagram where RSA encrypting is applied thoroughly, Fig. 3. Since this asymmetrical algorithm can not claim for a great response time it is not preferable to encrypt а large quantity of data. One of its functions is to assure the secure propagation of the secret key in a symmetrical cryptosystem. RSA Model can be chosen from the other option in the menu. A block-diagram of RSA is appeared at the display. It shows the conditions and the stages necessary to pass through the public and private keys generating. It can be of help for better visualization idea when this system is studied. The block-diagram is a preferable tool for representing algorithms of a similar type since its comprehension and analyzing is much easier than the mathematical formulae and relationships. The diagram is translated into Bulgarian and English, and is visualized depending on the selected language. 808

6 Fig. 3: Crypto model applications of RSA 4. RESULTS, DISCUSSIONS, CONCLUSIONS A software tool with a friendly graphical user interface for implementing the asymmetrical algorithm RSA is created. It receives the input data in binary and hexadecimal form. The values of the parameters P and Q can be in the range from 0 to 300. The architecture of the system and modules for generating keys and encrypting / decrypting are presented. The tool will be applicable to the educational process in the course of Cryptography and Information Security. 5. REFERENCES [1] Menezes, A., Oorschot, P. van, Vanstone, S. (1996) Handbook of Applied Cryptography. CRC Press. [2] RSA Laboratories, RSA Laboratories Frequently Asked Questions about Today s Cryptography, Version , [3] [4] 809