RSA Prepared by SITI ZAINAH ADNAN If you

  • Slides: 36
Download presentation
RSA Prepared by: SITI ZAINAH ADNAN If you do have any feedback or comment,

RSA Prepared by: SITI ZAINAH ADNAN If you do have any feedback or comment, please feel free to email me at [email protected] com Your cooperation is very much appreciated !

RSA Is a famous implementation of public key protocol. n Deviced by Ronald Rivest,

RSA Is a famous implementation of public key protocol. n Deviced by Ronald Rivest, Adi Shamir and Len Adleman of MIT in 1977. n Algorithm involves multiplication of large (100 digits) prime numbers to produce keys. n Difficult to break the product of two large primes into its two prime factors, hence very secure. n

Number Theory A number of concepts from number theory are essential in the design

Number Theory A number of concepts from number theory are essential in the design of public key cryptography n. Divisors n. Prime Number n. Relatively Prime Number n. Modular Arithmetic n

Divisors We say that b =/ 0 divides a if a = mb for

Divisors We say that b =/ 0 divides a if a = mb for some m, where a, b, and m are integers n That is, b divides a if there is no remainder on division n The notation b|a is commonly used to mean b divides a n Also, if b|a, we say that d is a divisor of a n eg. The positive divisor of 24 are 1, 2, 3, 4, 6, 8, 12, and 24 n

Prime Number An integer p > 1 is a prime number if its only

Prime Number An integer p > 1 is a prime number if its only divisors are 1 and itself n eg. 2 3 5 7 1 13 17 19 23 29 31 37 41 43 47 53… n Any integer a > 1 can be factored in a unique way as n a = p 1 m p 2 m…. pnm where p 1 > p 2 > …. . pn are prime numbers and where each m > 0 eg. n 91 = 7 x 13 11011 = 7 x 112 x 13

Prime Number Therefore, if P is the set of all prime numbers, then any

Prime Number Therefore, if P is the set of all prime numbers, then any positive integer can be written uniquely as the product of all possible prime numbers n eg. 216 = 12 x 18 = (2 x 6) x (2 x 9) = (2 x 3) x (2 x 3) = 2 3 x 32 n

Relative Prime Numbers We will use the notation gcd(a, b) to mean the greatest

Relative Prime Numbers We will use the notation gcd(a, b) to mean the greatest common divisor of a and b n The positive integer is said to be the greatest common divisor of a and b if nc is a divisor of a and of b nany divisor of a and b is a divisor of c n An equivalent definition is the following: n n gcd(a, b) = max[ k, such that k|a and k|b]

Relative Prime Numbers We always take the positive value as the greatest common divisor

Relative Prime Numbers We always take the positive value as the greatest common divisor n It is easy to determine the greatest common divisor of two positive integers if we express each integer as the product of primes n eg. 300 = 22 x 31 x 52 18 = 21 x 32 n Therefore, gcd(18, 300) = 21 x 31 x 50 = 6

Relative Prime Numbers The integers a and b are relatively prime if they have

Relative Prime Numbers The integers a and b are relatively prime if they have no prime factors in common, that is, if their only common factors is 1. n This is equivalent to saying that a and b are relatively prime if gcd(a, b) = 1 n eg. 8 and 15 are relatively prime because the divisors of 8 are 1, 2, 4, and 8, and the divisors of 15 are 1, 3, 5, and 15. So 1 is the only number on both lists n

Modular Arithmetic Given any positive integer n and any integer a, we get a

Modular Arithmetic Given any positive integer n and any integer a, we get a quotient q and a remainder r that obey the following relationship: n a = qn + r 0 < r < n; q = [a/n] where [x] is the largest integer less than or equal to x eg. a = 11; n = 7; 11 = 1 x 7 + 4; n Therefore we can say that r=4 11 = 1 x 7 + 4

RSA - key generation Select p, q n. Calculate n = p x q

RSA - key generation Select p, q n. Calculate n = p x q n. Calculate m = (p-1)(q-1) n. Select integer e n. Calculate d n. Public key = { e, n } n. Private key = { d, n } n Keep p, q, m, and d secret n. Make e and n public n p and q both large prime gcd(e, m) = 1, 1 < e < m de mod m = 1

RSA Implementation RSA encrypt RSA decrypt C = Pe mod n P = Cd

RSA Implementation RSA encrypt RSA decrypt C = Pe mod n P = Cd mod n

RSA - example 1 Steps of RSA implementation: 1. Select two prime numbers, p

RSA - example 1 Steps of RSA implementation: 1. Select two prime numbers, p = 7 and q = 17 2. Calculate n = pq = 7 x 17 = 119 3. Calculate m = (7 - 1)(17 - 1) = 6 x 16 = 96 4. Select e such that e is relatively prime to m = 96 and less than m, 1 < e < 96 gcd (e, 96) = 1 96 = 1 x 6 x 16 =1 x 2 x 3 x 8 = 1 x 2 x 3 x 23 = 1 x 24 x 3 Assume that we take the smallest prime number in between of 3 to 96, so e = 5 You also can take other value as long as it fulfils the conditions – it must be relatively prime with 96 and it is less than 96

RSA - example 1 5. Determine d such that de = 1 mod 96

RSA - example 1 5. Determine d such that de = 1 mod 96 and d < 96. de mod m = 1 d x 5 = ( ? X 96) + 1 1 x 96 + 1 = 97 97/5 = 19. 4 2 x 96 + 1 = 192 + 1 = 193/5 = 38. 6 3 x 96 + 1 = 288 + 1 = 289/5 = 57. 8 4 x 96 + 1 = 388 + 1 = 385/5 = 77 Find the value which when the results mod 5 with no remainder The correct value is d = 77, because 77 x 5 = 385 = 4 x 96 + 1 You also can take other value as long as it is a positive integer

RSA - example 1 Therefore, n = 119, m = 96, e = 5,

RSA - example 1 Therefore, n = 119, m = 96, e = 5, d = 77 The resulting keys are: Public key = { e, n } and Private key = { d, n} Public key = {5, 119} and Private key = {77, 119} Assume that P is the plaintext and C is the ciphertext The encryption is C = P 5 mod 119 The decryption is P = C 77 mod 119

RSA - example 1 Public key = { e, n } and Private key

RSA - example 1 Public key = { e, n } and Private key = { d, n} Public key = {5, 119} and Private key = {77, 119} Given P = 4 The encryption is C = P 5 mod 119 C = 45 mod 119 = 1024 mod 119 = 72 The decryption is P = C 77 mod 119 P = 7227 mod 119 =4

RSA - example 2 Steps of RSA implementation: 1. Select two prime numbers, p

RSA - example 2 Steps of RSA implementation: 1. Select two prime numbers, p = 7 and q = 11 2. Calculate n = pq = 7 x 11 = 77 3. Calculate m = (7 - 1)(11 - 1) = 6 x 10 = 60 4. Select e such that e is relatively prime to m = 60 and less than m, 1 < e < 60 gcd (e, 60) = 1 60 = 1 x 10 x 6 =1 x 2 x 5 x 2 x 3 = 1 x 22 x 3 x 5 Assume that we take any prime number in between of 7 to 60, so e = 37 You also can take other value as long as it fulfils the conditions – it must be relatively prime with 60 and it is less than 60

RSA - example 2 5. Determine d such that de = 1 mod 60

RSA - example 2 5. Determine d such that de = 1 mod 60 and d < 60 de mod m = 1 d x 37 = ( ? X 60) + 1 1 x 60 + 1 = 61 2 x 60 + 1 = 121 3 x 60 + 1 = 181 4 x 60 + 1 = 241 5 x 60 + 1 = 301 6 x 60 + 1 = 361 7 x 60 + 1 = 421 8 x 60 + 1 = 481 61/37 = 1. 6 121/37 = 3. 2 181/37 = 4. 8 241/37 = 6. 5 301/37 = 8. 1 361/37 = 9. 7 421/37 = 11. 3 481/37 = 13

RSA - example 2 Find the value which when the results mod 5 with

RSA - example 2 Find the value which when the results mod 5 with no remainder The correct value is d = 13, because 13 x 37 = 481 = 8 x 60 + 1 You also can take other value as long as it is a positive integer

RSA - example 2 Therefore, n = 77, m = 60, e = 37,

RSA - example 2 Therefore, n = 77, m = 60, e = 37, d = 13 The resulting keys are: Public key = { e, n } and Private key = { d, n} Public key = {37, 77} and Private key = {13, 77} Assume that P is the plaintext and C is the ciphertext The encryption is C = P 37 mod 77 The decryption is P = C 13 mod 77

RSA - example 2 Public key = { e, n } and Private key

RSA - example 2 Public key = { e, n } and Private key = { d, n} Public key = {37, 77} and Private key = {13, 77} Given P = 5 The encryption is C = P 37 mod 77 C = 537 mod 77 = 1024 mod 77 = 47 The decryption is P = C 77 mod 119 P = 4713 mod 77 =5

RSA - example 3 Steps of RSA implementation: 1. Select two prime numbers, p

RSA - example 3 Steps of RSA implementation: 1. Select two prime numbers, p = 3 and q = 11 2. Calculate n = pq = 3 x 11 = 33 3. Calculate m = (3 - 1)(11 - 1) = 2 x 10 = 20 4. Select e such that e is relatively prime to m = 20 and less than m, 1 < e < 20 gcd (e, 20) = 1 20 = 1 x 2 x 10 =1 x 2 x 2 x 5 = 1 x 22 x 5 Assume that we take the smallest prime number in between of 2, 5 to 20, so e = 3 You also can take other value as long as it fulfils the conditions – it must be relatively prime with 20 and it is less than 20

RSA - example 3 5. Determine d such that de = 1 mod 20

RSA - example 3 5. Determine d such that de = 1 mod 20 and d < 20 de mod m = 1 d x 3 = ( ? X 20) + 1 1 x 20 + 1 = 21 2 x 20 + 1 = 41 21/3 = 7 41/3 = 13. 6 Find the value which when the results mod 3 with no remainder The correct value is d = 7, because 7 x 3 = 21 = 1 x 20 + 1 You also can take other value as long as it is a positive integer

RSA - example 3 Therefore, n = 33, m = 20, e = 3,

RSA - example 3 Therefore, n = 33, m = 20, e = 3, d = 7 The resulting keys are: Public key = { e, n } and Private key = { d, n} Public key = {3, 33} and Private key = {7, 33} Assume that P is the plaintext and C is the ciphertext The encryption is C = P 3 mod 33 The decryption is P = C 7 mod 33

RSA - example 3 Public key = { e, n } and Private key

RSA - example 3 Public key = { e, n } and Private key = { d, n} Public key = {3, 33} and Private key = {7, 33} Given P = 6 The encryption is C = P 3 mod 33 C = 63 mod 33 = 216 mod 33 = 18 The decryption is P = C 7 mod 33 P = 187 mod 33 =6

RSA - example 4 Steps of RSA implementation: 1. Select two prime numbers, p

RSA - example 4 Steps of RSA implementation: 1. Select two prime numbers, p = 5 and q = 11 2. Calculate n = pq = 5 x 11 = 55 3. Calculate m = (5 - 1)(11 - 1) = 4 x 10 = 40 4. Select e such that e is relatively prime to m = 40 and less than m, 1 < e < 40 gcd (e, 40) = 1 40 = 1 x 4 x 10 =1 x 2 x 2 x 2 x 5 = 1 x 23 x 5 Assume that we take the smallest prime number in between of 2, 5 to 40, so e = 3 You also can take other value as long as it fulfils the conditions – it must be relatively prime with 40 and it is less than 40

RSA - example 4 5. Determine d such that de = 1 mod 40

RSA - example 4 5. Determine d such that de = 1 mod 40 and d < 40 de mod m = 1 d x 3 = ( ? X 40) + 1 1 x 40 + 1 = 41 2 x 40 + 1 = 81 41/3 = 13. 6 121/3 = 27 Find the value which when the results mod 3 with no remainder The correct value is d = 27, because 27 x 3 = 81 = 2 x 40 + 1 You also can take other value as long as it is a positive integer

RSA - example 4 Therefore, n = 55, m = 40, e = 3,

RSA - example 4 Therefore, n = 55, m = 40, e = 3, d = 27 The resulting keys are: Public key = { e, n } and Private key = { d, n} Public key = {3, 55} and Private key = {27, 55} Assume that P is the plaintext and C is the ciphertext The encryption is C = P 3 mod 55 The decryption is P = C 27 mod 55

RSA - example 4 Public key = { e, n } and Private key

RSA - example 4 Public key = { e, n } and Private key = { d, n} Public key = {3, 55} and Private key = {27, 55} Given P = 4 The encryption is C = P 3 mod 55 C = 43 mod 55 = 64 mod 55 =9 The decryption is P = C 27 mod 55 P = 927 mod 55 =4

RSA - example 5 Steps of RSA implementation: 1. Select two prime numbers, p

RSA - example 5 Steps of RSA implementation: 1. Select two prime numbers, p = 11 and q = 17 2. Calculate n = pq = 11 x 17 = 187 3. Calculate m = (11 - 1)(17 - 1) = 10 x 16 = 160 4. Select e such that e is relatively prime to m = 160 and less than m, 1 < e < 160 gcd (e, 160) = 1 160 = 1 x 10 x 16 = 1 x 2 x 10 x 2 x 8 =1 x 2 x 2 x 5 x 2 x 2 x 2 = 1 x 26 x 5 Assume that we take the smallest prime number in between of 2, 5 to 160, so e = 3 You also can take other value as long as it fulfils the conditions – it must be relatively prime with 160 and it is less than 160

RSA - example 5 5. Determine d such that de = 1 mod 160

RSA - example 5 5. Determine d such that de = 1 mod 160 and d < 160 de mod m = 1 d x 3 = ( ? X 160) + 1 1 x 160 + 1 = 161 2 x 160 + 1 = 321 161/3 = 53. 6 321/3 = 107 Find the value which when the results mod 3 with no remainder The correct value is d = 107, because 107 x 3 = 321 = 2 x 160 + 1 You also can take other value as long as it is a positive integer

RSA - example 5 Therefore, n = 187, m = 160, e = 3,

RSA - example 5 Therefore, n = 187, m = 160, e = 3, d = 107 The resulting keys are: Public key = { e, n } and Private key = { d, n} Public key = {3, 187} and Private key = {107, 187} Assume that P is the plaintext and C is the ciphertext The encryption is C = P 3 mod 187 The decryption is P = C 107 mod 187

RSA - example 5 Public key = {3, 187} and Private key = {107,

RSA - example 5 Public key = {3, 187} and Private key = {107, 187} Given P = 7 The encryption is C = P 3 mod 187 C = 73 mod 187 = 343 mod 187 = 156 The decryption is P = C 107 mod 187 P = 156107 mod 187 =7

RSA of trap-door function A trap-door function is a function that is easy to

RSA of trap-door function A trap-door function is a function that is easy to compute ‘forwards’ but hard to compute ‘backwards’ n Specifically, it should be fairly cheap to compute the output given the input, but computationally infeasible to recover the input given the output n It is also called as a one-way-function is one that maps a domain into a range such that every function value has a unique inverse, with the condition that the calculation of the function is easy whereas the calculation of the inverse is infeasible n

How secure is your RSA ? With the knowledge of Public key = {3,

How secure is your RSA ? With the knowledge of Public key = {3, 187} and ciphertext, C = 156, how to recover the plaintext, P ? n The decryption is P = Cd mod 187 P = 156 d mod 187 Actually there are infinite possibility of d that we can try to recover the plaintext. Such condition make RSA very secure because the it is computationally expensive to do brute-force analysis (trying all the possible key) n

How secure is your RSA ? In 1977, RSA inventors offered a $100 reward

How secure is your RSA ? In 1977, RSA inventors offered a $100 reward for the return of a plaintext sentences, an event they predicted might not occur for some 40 quadrillion years with the public key length of 129 decimal digits or around 428 bits n In April 1994, a group working over the Internet claimed the prize after only eight months of work n