The application of prime numbers to RSA encryption



Similar documents
An Introduction to the RSA Encryption Method

Discrete Mathematics, Chapter 4: Number Theory and Cryptography

Elements of Applied Cryptography Public key encryption

Public Key Cryptography: RSA and Lots of Number Theory

Some practice problems for midterm 2

Number Theory. Proof. Suppose otherwise. Then there would be a finite number n of primes, which we may

RSA Encryption. Tom Davis October 10, 2003

CIS 5371 Cryptography. 8. Encryption --

Public Key Cryptography and RSA. Review: Number Theory Basics

RSA and Primality Testing

ALGEBRAIC APPROACH TO COMPOSITE INTEGER FACTORIZATION

Lecture 13 - Basic Number Theory.

Advanced Cryptography

Principles of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms

Public-key cryptography RSA

Primality Testing and Factorization Methods

Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography

Mathematics of Internet Security. Keeping Eve The Eavesdropper Away From Your Credit Card Information

How To Know If A Message Is From A Person Or A Machine

The Mathematics of the RSA Public-Key Cryptosystem

Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg

Lecture 3: One-Way Encryption, RSA Example

Software Tool for Implementing RSA Algorithm

RSA Attacks. By Abdulaziz Alrasheed and Fatima

1. The RSA algorithm In this chapter, we ll learn how the RSA algorithm works.

Overview of Public-Key Cryptography

Cryptography and Network Security Chapter 9

U.C. Berkeley CS276: Cryptography Handout 0.1 Luca Trevisan January, Notes on Algebra

Lecture 13: Factoring Integers

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

A SOFTWARE COMPARISON OF RSA AND ECC

RSA Question 2. Bob thinks that p and q are primes but p isn t. Then, Bob thinks Φ Bob :=(p-1)(q-1) = φ(n). Is this true?

Math 319 Problem Set #3 Solution 21 February 2002

Cryptography and Network Security

I. GROUPS: BASIC DEFINITIONS AND EXAMPLES

Factoring Algorithms

CSCE 465 Computer & Network Security

Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

Notes on Network Security Prof. Hemant K. Soni

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

Lecture Note 5 PUBLIC-KEY CRYPTOGRAPHY. Sourav Mukhopadhyay

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

Cryptography and Network Security

The science of encryption: prime numbers and mod n arithmetic

CRYPTOGRAPHY IN NETWORK SECURITY

Computing exponents modulo a number: Repeated squaring

CHAPTER 5. Number Theory. 1. Integers and Division. Discussion

Applied Cryptography Public Key Algorithms

Paillier Threshold Encryption Toolbox

Basic Algorithms In Computer Algebra

Digital Signatures. Prof. Zeph Grunschlag

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

The Mathematical Cryptography of the RSA Cryptosystem

CSE Final Project: crypchat Encrypted Chat Program Christopher Durr, Matthew Mooney, Paul Zakas

Integer Factorization using the Quadratic Sieve

8 Primes and Modular Arithmetic

Separable & Secure Data Hiding & Image Encryption Using Hybrid Cryptography

International Journal of Information Technology, Modeling and Computing (IJITMC) Vol.1, No.3,August 2013

Public Key (asymmetric) Cryptography

MATH10040 Chapter 2: Prime and relatively prime numbers

MATH 168: FINAL PROJECT Troels Eriksen. 1 Introduction

Network Security Technology Network Management

Introduction. Digital Signature

WRITING PROOFS. Christopher Heil Georgia Institute of Technology

Theorem3.1.1 Thedivisionalgorithm;theorem2.2.1insection2.2 If m, n Z and n is a positive

Lukasz Pater CMMS Administrator and Developer

Cryptography and Network Security Chapter 10

Computer Science A Cryptography and Data Security. Claude Crépeau

1 Digital Signatures. 1.1 The RSA Function: The eth Power Map on Z n. Crypto: Primitives and Protocols Lecture 6.

An Efficient Data Security in Cloud Computing Using the RSA Encryption Process Algorithm

Factoring integers, Producing primes and the RSA cryptosystem Harish-Chandra Research Institute

FACTORING LARGE NUMBERS, A GREAT WAY TO SPEND A BIRTHDAY

Java Coding Ground With Security Editor

Applications of Fermat s Little Theorem and Congruences

Lecture 6 - Cryptography

Module: Applied Cryptography. Professor Patrick McDaniel Fall CSE543 - Introduction to Computer and Network Security

FACTORING. n = fall in the arithmetic sequence

Symmetric Key cryptosystem

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

7! Cryptographic Techniques! A Brief Introduction

Today s Topics. Primes & Greatest Common Divisors

Homework until Test #2

QUANTUM COMPUTERS AND CRYPTOGRAPHY. Mark Zhandry Stanford University

Factoring Algorithms

Factoring. Factoring 1

Number Theory and the RSA Public Key Cryptosystem

Digital signatures. Informal properties

Computer Security: Principles and Practice

Number Theory and Cryptography using PARI/GP

Number Theory: A Mathemythical Approach. Student Resources. Printed Version

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

CS 758: Cryptography / Network Security

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

8 Divisibility and prime numbers

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

Transcription:

The application of prime numbers to RSA encryption Prime number definition: Let us begin with the definition of a prime number p The number p, which is a member of the set of natural numbers N, is considered to be prime if and only if the number p has exactly two divisors: 1 and p It is important to note that the number one (1) is not considered a prime because it only has one divisor Numbers that are not prime are defined as composite From this definition, we can see that a prime number can never be even, since it would have the divisor of 2 Of course, the only exception to that rule is the prime number 2, which has no other divisors but itself Therefore, we can extend the definition to say that every prime number greater than 2 must be odd From the above definition, we can also see that a prime number can never end in 0 or 5, since such numbers would have divisors of 5 Primality testing: Given an integer N, we want to find the factors of N If no such factors of N exist, then we can state that N is a prime number The most complete solution to this problem is to perform an exhaustive search over all possible factors This is called the full trial division algorithm and it is defined below: Given a composite integer n, trial division consists of trialdividing n by every prime number less than or equal to If a number is found which divides evenly into n, that number is a factor of n (Wikipedia) 1 of 9

Let us take two large prime integers p and q If we take the composite integer pq, we now have a very large composite, called a semi-prime, with only two large prime divisors: p and q This creates an integer factorization problem of trying to find large prime divisors of an even larger composite number This problem is at the heart of cryptography and we will explore it in more detail RSA Algorithm: This assumption forms the base of the Rivest- Shamir-Adleman algorithm, also known as the RSA algorithm This algorithm is used to encrypt messages that are sent between two parties Let us call one party a sender, and the other a receiver First, the receiver runs the RSA Algorithm to generate a public key and a private key The public key is used by the sender to encrypt the message, and the private key is used by the receiver to decrypt the message The algorithm below will create a private key consisting of two integers: 1 Choose two distinct large random prime numbers p and q 2 Compute o is used as the modulus for both the public and private keys 3 Compute the totient: 4 Choose an integer e such that, and e and are coprime o e is released as the public key exponent 5 Compute d to satisfy the congruence relation ; ie 2 of 9

o for some integer k d is kept as the private key exponent (Wikipedia) Now, we show the application of this algorithm: Encryption Alice transmits her public key to Bob and keeps the private key secret Bob then wishes to send message M to Alice He first turns M into a number < by using an agreed-upon reversible protocol known as a padding scheme He then computes the ciphertext corresponding to: Bob then transmits to Alice Decryption Alice can recover from by using her private key exponent by the following computation: Given, she can recover the original message M (Wikipedia) 3 of 9

As you can see, if you could factor n into p and q, you can easily find d by solving the congruence: Example: Let s pick P = 7, Q = 19 This means N = P * Q = 133 Let m= (P-1) * (Q-1) = 6 * 18 = 108 Now, we need to find an integer e, that is coprime to m e = 2 => gcd(e, 108) = 2 (no) e = 3 => gcd(e, 108) = 3 (no) e = 4 => gcd(e, 108) = 4 (no) e = 5 => gcd(e, 108) = 1 (yes!) Now, we find d, such that d * e = 1 (mod m) This means a number s exists for which de 1 = m * s From this formula, we can get d = (m * s + 1) / e s = 0, d = (108 * 0 + 1 ) / 5 = 1/5 (no) s = 1, d = (108 * 1 + 1 ) / 5 = 109/5 (no) s = 2, d = (108 * 2 + 1 ) / 5 = 217/5 (no) s = 2, d = (108 * 3 + 1 ) / 5 = 325/5 = 65 (yes!) The public key is defined as {n,e} = {133, 5} The private key is defined as {n, d} = {133, 65} Encryption Example: Suppose Alice has a public key of {133,5} and a private key of {133,65} She transmits the public key to Bob 4 of 9

Bob wishes to send the message M = 6, which is some arbitrary code Bob must encode his message into ciphertext c, from the following formula: In this case, c = 6^5 (mod 133) We calculate this to c = 62 Alice receives the cipher-text c = 62 She uses the following formula to decipher the text: M = C d % n = 62 65 % 133 = 62 * 62 64 % 133 = 62 * (62 2 ) 32 % 133 = 62 * 3844 32 % 133 = 62 * (3844 % 133) 32 % 133 = 62 * 120 32 % 133 We now repeat the sequence of operations that reduced 62 65 to 120 32 to reduce the exponent down to 1 = 62 * 36 16 % 133 = 62 * 99 8 % 133 = 62 * 92 4 % 133 = 62 * 85 2 % 133 = 62 * 43 % 133 = 2666 % 133 = 6 As we can see, 6 is the correct message 5 of 9

However, the semi-prime n = 133 can be quickly deduced to 133=7*19, making P=7,Q=19 obvious to any attacker One can even use the trial division methodology for obtaining the prime numbers for such small n Now, if p and q are known, then we can quickly deduce d from the following formula: This means there exists an integer s for which ed -1 = (p-1)*(q-1) * s D = [(p-1)*(q-1)*s + 1] / e = [(7-1) * (19-1) * s + 1] / e = [6 * 18 * s + 1 ] /5 s = 2, d = (108 * 3 + 1 ) / 5 = 325/5 = 65 (yes!) And, as a result, d is found to be 65 by any malicious attacker As we just showed, it is extremely important that we choose large enough p and q to make a factorization attack very expensive The goal is to make the factorization of n too computationally intensive and thus render that attack impractical A good rule of thumb is to use p, q such that n is represented as a 1024 bit binary number Impracticality of large semi-prime factorization: Let us first define the function O(n) as a description of how the size of input data affects a particular algorithm s usage of computing power As an example, consider the Trial division algorithm In the worst-case scenario, the algorithm will perform divisor tests on all prime integers up to sqrt(n) Thus one could say that this will run in O(sqrt(n)) time 6 of 9

The current best operating time is still not within the domain of polynomial time For reference, in 2005, a team of scientists in Germany factored a 200 decimal digit number into two primes That factorization took several months of computer time on 80 top of the line computers It is estimated to be equivalent to more than 55 years of computational power¹ Relation between Φ(n) and n: If we are given Φ(n) and n, we can immediately deduce p and q We know that, and As a result, we can easily solve this system of equations for p,q Therefore, it is imperative to destroy all intermediary calculations during the development of the private key This includes p and q Conclusion: In this paper we have shown the definition of a prime number We then tested the primality of a sample integer by using the trial division method Next, we explained the RSA algorithm and showed the application of encryption/decryption Finally, we explored the impracticality of a n-factorization attack on the algorithm and stressed the importance of destroying everything but the public key and private key 7 of 9

References: 1) F Bahr, M Boehm, J Franke, T Kleinjung rsa200 May 9 2005 http://wwwcrypto-worldcom/announcements/rsa200txt 2) Wikipedia http://enwikipediaorg/wiki/prime_number http://enwikipediaorg/wiki/rsa http://enwikipediaorg/wiki/integer_factorization 8 of 9

Proof of RSA: The decryption procedure works because first Now, and, and hence which can also be written as and for proper values of and If is not a multiple of then and are coprime because is prime; so by Fermat's little theorem and therefore, using the first expression for, If instead is a multiple of, then Using the second expression for, we similarly conclude that Since and are distinct prime numbers, they are relatively prime to each other, so the fact that both primes divide m ed m implies their product divides m ed m, which means Thus, (Wikipedia) 9 of 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information