RSA Cryptosystem. Yufei Tao. Department of Computer Science and Engineering Chinese University of Hong Kong. RSA Cryptosystem

Similar documents
The application of prime numbers to RSA encryption

Advanced Cryptography

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

RSA Attacks. By Abdulaziz Alrasheed and Fatima

An Introduction to the RSA Encryption Method

CSCE 465 Computer & Network Security

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Public Key Cryptography: RSA and Lots of Number Theory

CIS 5371 Cryptography. 8. Encryption --

Lecture 13: Factoring Integers

The Mathematics of the RSA Public-Key Cryptosystem

RSA Question 2. Bob thinks that p and q are primes but p isn t. Then, Bob thinks Φ Bob :=(p-1)(q-1) = φ(n). Is this true?

Mathematics of Internet Security. Keeping Eve The Eavesdropper Away From Your Credit Card Information

Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography

Discrete logarithms within computer and network security Prof Bill Buchanan, Edinburgh Napier

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

Cryptography and Network Security Chapter 9

Cryptography and Network Security Chapter 10

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Lecture 17: Re-encryption

Software Tool for Implementing RSA Algorithm

FACTORING LARGE NUMBERS, A GREAT WAY TO SPEND A BIRTHDAY

Discrete Mathematics, Chapter 4: Number Theory and Cryptography

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

Introduction. Digital Signature

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Overview of Public-Key Cryptography

Digital Signatures. Prof. Zeph Grunschlag

RSA Encryption. Tom Davis October 10, 2003

Public Key Cryptography. c Eli Biham - March 30, Public Key Cryptography

Network Security. HIT Shimrit Tzur-David

Digital Signatures. Murat Kantarcioglu. Based on Prof. Li s Slides. Digital Signatures: The Problem

CRYPTOGRAPHY IN NETWORK SECURITY

Symmetric Key cryptosystem

Notes on Network Security Prof. Hemant K. Soni

How To Know If A Message Is From A Person Or A Machine

NETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia

COMP 250 Fall 2012 lecture 2 binary representations Sept. 11, 2012

SECURITY IN NETWORKS

Binary Number System. 16. Binary Numbers. Base 10 digits: Base 2 digits: 0 1

Applied Cryptography Public Key Algorithms

Computing exponents modulo a number: Repeated squaring

Lecture 3: One-Way Encryption, RSA Example

FAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION

Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 Phone: 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Cryptography: RSA and Factoring; Digital Signatures; Ssh

Lukasz Pater CMMS Administrator and Developer

SFWR ENG 4C03 - Computer Networks & Computer Security

Princeton University Computer Science COS 432: Information Security (Fall 2013)

Introduction to Cryptography CS 355

Security in Distributed Systems. Network Security

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

QUANTUM COMPUTERS AND CRYPTOGRAPHY. Mark Zhandry Stanford University

Public Key Cryptography and RSA. Review: Number Theory Basics

Chapter 2 Homework 2-5, 7, 9-11, 13-18, 24. (9x + 2)(mod 26) y 1 1 (x 2)(mod 26) 3(x 2)(mod 26) U : y 1 = 3(20 2)(mod 26) 54(mod 26) 2(mod 26) c

Lecture 6 - Cryptography

Cryptography and Network Security

CS 758: Cryptography / Network Security

A Factoring and Discrete Logarithm based Cryptosystem

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

Cryptography: Authentication, Blind Signatures, and Digital Cash

A SOFTWARE COMPARISON OF RSA AND ECC

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Basic Algorithms In Computer Algebra

Lecture Note 5 PUBLIC-KEY CRYPTOGRAPHY. Sourav Mukhopadhyay

Techniques of Asymmetric File Encryption. Alvin Li Thomas Jefferson High School For Science and Technology Computer Systems Lab

Computer Security: Principles and Practice

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

PGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

THE UNIVERSITY OF TRINIDAD & TOBAGO

Module: Applied Cryptography. Professor Patrick McDaniel Fall CSE543 - Introduction to Computer and Network Security

Number Theory. Proof. Suppose otherwise. Then there would be a finite number n of primes, which we may

1. The RSA algorithm In this chapter, we ll learn how the RSA algorithm works.

Elliptic Curve Cryptography

Practice Questions. CS161 Computer Security, Fall 2008

Software Implementation of Gong-Harn Public-key Cryptosystem and Analysis

An Efficient Data Security in Cloud Computing Using the RSA Encryption Process Algorithm

Verification of the examination results by digital signature

Signature Schemes. CSG 252 Fall Riccardo Pucella

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Some practice problems for midterm 2

Solutions to Problem Set 1

K80TTQ1EP-??,VO.L,XU0H5BY,_71ZVPKOE678_X,N2Y-8HI4VS,,6Z28DDW5N7ADY013

Cryptography Exercises

Network Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)

U.C. Berkeley CS276: Cryptography Handout 0.1 Luca Trevisan January, Notes on Algebra

Network Security. Omer Rana

SIMS 255 Foundations of Software Design. Complexity and NP-completeness

Alternative machine models

Number Theory and Cryptography using PARI/GP

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

Lecture 9: Application of Cryptography

Principles of Network Security

1 Digital Signatures. 1.1 The RSA Function: The eth Power Map on Z n. Crypto: Primitives and Protocols Lecture 6.

Message Authentication Codes

Shor s algorithm and secret sharing

Introduction to Encryption

Transcription:

Yufei Tao Department of Computer Science and Engineering Chinese University of Hong Kong

In this lecture, we will discuss the RSA cryptosystem, which is widely adopted as a way to encrypt a message, or digitally sign a message. Let us start with encryption.

Encryption Consider that Alice wants to send Bob a message m over the Internet. Let us consider m in its binary form, namely, m is a sequence of 0 s and 1 s, and therefore, can also be regarded as a (perhaps very big) integer. As m needs to be delivered over a public network, it may be intercepted by a hacker. Our goal is to encrypt m into another integer C so that It is very difficult for the hacker to infer m from C. It is very easy for Bob to restore m from C. C is therefore called a ciphertext.

Encryption RSA achieves the above in three steps. Preparation: Bob prepares certain information that will be used by others to encrypt the messages to him. This step is carried out only once, namely, the same information will be used forever. Encryption: Alice encrypts her message m for Bob into a ciphertext C. Decryption: Bob converts C back to m.

Preparation Bob carries out the following: 1 Choose two large prime numbers p and q randomly. 2 Let n = pq. 3 Let φ = (p 1)(q 1). 4 Choose a large number e [2, φ 1] that is co-prime to φ. 5 Compute d [2, φ 1] such that e d = 1 (mod φ) There is a unique such d. Furthermore, d must be co-prime to φ. 6 Announce to the whole word the pair (e, n), which is his public key. 7 Keep the pair (d, n) secret to himself, which is his private key.

Example 1 Choose p = 23 and q = 37. 2 n = pq = 851. 3 φ = 792. 4 Choose a number e = 85 that is co-prime to φ. 5 Compute d = 205 such that e d = 1 (mod 792) 6 Announce to the public key (85, 851). 7 Keep the private key (205, 851).

Encryption Knowing the public key (e, n) of Bob, Alice wants to send a message m n to Bob. She converts m to C as follows: C = m e (mod n) Example From the previous slide, Bob s public key is (85, 851). Assume that m = 583. Then: Alice sends C to Bob. C = 583 85 (mod 851) = 395

Decryption Using his private key (d, n), Bob recovers m from C as follows: m = C d (mod n) The above equation is guaranteed to hold. Example In preparation, Bob has obtained his private key is (205, 851) (which he keeps secret). So he calculates: m = 596 205 (mod 851) = 583 namely, the message from Alice.

How to break RSA? 1 Factor n back into p and q. 2 Obtain φ. Once this is done, essentially the entire preparation carried out by Bob has been revealed. So the following steps become trivial. 3 Compute d from e and φ. 4 Convert C using d and n back into m. In our earlier example, the encryption can be easily broken because it is trivial to factor n = 851 into p = 23 and q = 37. However, this is because both p and q are small.

The presumed security of RSA is based on the following hypothesis: Assumption When primes p and q are big, it is computationally intractable to factor n = pq. In practice, p and q should both be, for example, 1024 bits long. WARNING The best factorization algorithm known today requires excessively long time (e.g., a month) to factor a large n even on the fastest computer. However, nobody has ever proved that the hypothesis is correct. Even worse, nobody has ever proved that factoring n is the fastest way to break RSA. In other words, there may exist a clever algorithm (for either factoring n or breaking RSA in a different manner) that remains undiscovered yet. Once found, RSA algorithm will become insecure, and therefore, obsolete.

Digital Signature Now consider that Bob wants to send a message m to Alice. He does not mind if a hacker can see the message, but he wants to make sure that m is not altered. Or equivalently, he wants Alice to be able to detect whether the message she receives has ever been changed by a hacker along its delivery.

Digital Signature Bob does the following: 1 Using his privacy key (d, e), compute S = m d (mod n) 2 Send Alice the pair (m, S). S is often referred to as the signature. Alice, after receiving (m, S), does the following: 1 Using Bob s public key (e, n), compute m = S e (mod n) 2 m has not been altered if and only if m = m.

Example Recall that Bob has private key (205, 851), and public key (85, 851). Suppose that he wants to send Alice a message m = 672. He does the following: 1 Calculate S = 672 205 (mod 851) = 339 2 Send Alice the pair (672, 339).

Example (cont.) After receiving (672, 339), Alice does the following using Bob s public key (85, 851): 1 Calculate m = 339 85 (mod 851) = 672 2 Since m = m, Alice believes that m has not been altered.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information