Embed Size (px)
DESCRIPTION
Engineering & Analysis Operation-Part2. Public Key Encryption. James C. Bradas, Ph.D. 18 June 2009. Private Key. Alice. Public Key. Private Key. ( n , d ). Public Key. ( n , e ). Let’s Try An Example to See How This Works RSA Public Key Encryption Scheme. - PowerPoint PPT Presentation
Citation preview
James C. Bradas, Ph.D.
Engineering & Analysis Operation-Part2Engineering & Analysis Operation-Part2
18 June 2009
Public Key Encryption
Alice
Private Key
Public Key
1. Select two large prime numbers, p & q
)1)(1( qp
2. Compute their product – the “modulus” n:
3. Compute the “totient”
( n , e )Public Key
( n , d )Private Key
Let’s Try An Example to See How This WorksRSA Public Key Encryption Scheme
4. Choose e, 1 < e < such that greatest common divisor (gcd) ( e , = 1
e is the “public key exponent”
( Common choices are e = 3, 17 & 65537 )
5. Compute d such that )(mod1 ed
Alice
Private Key
Public Key
Let’s Try An Example to See How This WorksRSA Public Key Encryption Scheme
1. Select two large prime numbers, p & q
)1)(1( qp
2. Compute their product – the “modulus” n:
3. Compute the “totient”
( n , e )Public Key
( n , d )Private Key
For this example, we’ll use small prime numbers – the principal is exactly the same….
4. Choose e, 1 < e < such that greatest common divisor (gcd) ( e , = 1
e is the “public key exponent”
( Common choices are e = 3, 17 & 65537 )
5. Compute d such that )(mod1 ed
Alice
Private Key
Public Key
Let’s Try An Example to See How This WorksRSA Public Key Encryption Scheme
1. Select two large prime numbers, p & q
)1)(1( qp
2. Compute their product – the “modulus” n:
3. Compute the “totient”
( n , e )Public Key
( n , d )Private Key
let p = 11, q = 3
4. Choose e, 1 < e < such that greatest common divisor (gcd) ( e , = 1
e is the “public key exponent”
( Common choices are e = 3, 17 & 65537 )
5. Compute d such that )(mod1 ed
Alice
Private Key
Public Key
Let’s Try An Example to See How This WorksRSA Public Key Encryption Scheme
1. Select two large prime numbers, p & q
)1)(1( qp
2. Compute their product – the “modulus” n:
3. Compute the “totient”
( 33 , e )Public Key
( 33 , d )Private Key
let p = 11, q = 3
n = 11 x 3 = 33
4. Choose e, 1 < e < such that greatest common divisor (gcd) ( e , = 1
e is the “public key exponent”
( Common choices are e = 3, 17 & 65537 )
5. Compute d such that )(mod1 ed
Alice
Private Key
Public Key
Let’s Try An Example to See How This WorksRSA Public Key Encryption Scheme
1. Select two large prime numbers, p & q
)1)(1( qp
2. Compute their product – the “modulus” n:
3. Compute the “totient”
( 33 , e )Public Key
( 33 , d )Private Key
let p = 11, q = 3
n = 11 x 3 = 33
20210)13)(111( 4. Choose e, 1 < e < such that greatest common divisor (gcd) ( e , = 1
e is the “public key exponent”
( Common choices are e = 3, 17 & 65537 )
5. Compute d such that )(mod1 ed
Alice
Private Key
Public Key
Let’s Try An Example to See How This WorksRSA Public Key Encryption Scheme
1. Select two large prime numbers, p & q
)1)(1( qp
2. Compute their product – the “modulus” n:
3. Compute the “totient”
( 33 , 3 )Public Key
( 33 , d )Private Key
let p = 11, q = 3
n = 11 x 3 = 33
20210)13)(111( 4. Choose e, 1 < e < such that greatest common divisor (gcd) ( e , = 1
e is the “public key exponent”
( Common choices are e = 3, 17 & 65537 )
5. Compute d such that )(mod1 ed
Alice
Private Key
Public Key
Let’s Try An Example to See How This WorksRSA Public Key Encryption Scheme
1. Select two large prime numbers, p & q
)1)(1( qp
2. Compute their product – the “modulus” n:
3. Compute the “totient”
( 33 , 3 )Public Key
( 33 , d )Private Key
let p = 11, q = 3
n = 11 x 3 = 33
20210)13)(111( 4. Choose e, 1 < e < such that greatest common divisor (gcd) ( e , = 1
e is the “public key exponent”
( Common choices are e = 3, 17 & 65537 )
5. Compute d such that )(mod1 ed
120
121
20
173 7
20
13 )20(mod13
d
kd
d
Check
Alice
Private Key
Public Key
Let’s Try An Example to See How This WorksRSA Public Key Encryption Scheme
1. Select two large prime numbers, p & q
)1)(1( qp
2. Compute their product – the “modulus” n:
3. Compute the “totient”
4. Choose e, 1 < e < such that greatest common divisor (gcd) ( e , = 1
e is the “public key exponent”
( Common choices are e = 3, 17 & 65537 )
5. Compute d such that )(mod1 ed
( 33 , 3 )Public Key
( 33 , 7 )Private Key
let p = 11, q = 3
n = 11 x 3 = 33
20210)13)(111(
120
121
20
173 7
20
13 )20(mod13
d
kd
d
Check
Alice
Private Key
Public Key
Let’s Try An Example to See How This WorksRSA Public Key Encryption Scheme
1. Select two large prime numbers, p & q
)1)(1( qp
2. Compute their product – the “modulus” n:
3. Compute the “totient”
4. Choose e, 1 < e < such that greatest common divisor (gcd) ( e , = 1
e is the “public key exponent”
( Common choices are e = 3, 17 & 65537 )
5. Compute d such that )(mod1 ed
( 33 , 3 )Public Key
( 33 , 7 )Private Key
let p = 11, q = 3
n = 11 x 3 = 33
20210)13)(111(
120
121
20
173 7
20
13 )20(mod13
d
kd
d
Check
)(modnmc eTherefore, we want to encrypt m = 7
( 33 , 3 )Public Key
n e
Suppose Bob Wants to Send Alice the Letter “Z”
Let’s say that in the agreed-upon reversible padding scheme, “Z” equals the number 7.Alice Bob
“Z”
)33(mod73c
n
yINTny is a solution to )(modnyx
Recall
)33(mod713
13
13
330343
1033343
33
34333343
)33(mod343
)33(mod7
3
3
c
INT
c
c
So….
...) 393939.10(10
... 393939.1033
343
INT
so
1033
330
33
34313
Check
)(modnmc eAlice Bob
Bob sends c = 13 to Alice
“Z”
13
)33(mod73
c
c
After Computing
Alice Bob
( 33 , 7 )Private Key
nd
)(modncm d
7
,
7
)33(mod4693)33(mod131919
)33(mod13)33(mod2197)33(mod2197
)33(mod13)33(mod13)33(mod13
)33(mod131313
33by divided 13 ofRemainder
)33(mod13
33
33
7
7
m
Therefore
m
Alice Receives “13”
Alice Bob
( 33 , 7 )Private Key
nd
)(modncm d
7
,
7
)33(mod4693)33(mod131919
)33(mod13)33(mod2197)33(mod2197
)33(mod13)33(mod13)33(mod13
)33(mod131313
33by divided 13 ofRemainder
)33(mod13
33
33
7
7
m
Therefore
m
Alice Receives “13”
ReversiblePaddingScheme
ReversiblePaddingScheme
Alice Bob
( 33 , 7 )Private Key
nd
)(modncm d
7
,
7
)33(mod4693)33(mod131919
)33(mod13)33(mod2197)33(mod2197
)33(mod13)33(mod13)33(mod13
)33(mod131313
33by divided 13 ofRemainder
)33(mod13
33
33
7
7
m
Therefore
m
ReversiblePaddingScheme
ReversiblePaddingScheme “Z”
“Z”
Alice Bob
Bob’s Message)(modnmc e
M m
M
)(modncm d
Encrypt
Decrypt
Private Key
Public Key
How does this Work?
So What’s Going On Here?
Some more properties we need to know
If )(mod11 nba )(mod22 nba and
))(mod()( 2121 nbbaa
))(mod()( 2121 nbbaa aaa 21
bbb 21)(mod22 nba
)(mod'' nba
onsoand
nba
nbbaa
nbbaa
)(mod
)(mod
)(mod''
33
22
let
)(mod
)(mod
nba
Then
nba
If
dd
)(mod)(mod
)(mod)(mod
21
21
nbnb
nbnb Then
)(modnba
… and more properties
Fermat’s Little Theorem: If p is a prime number, then for ANY integer a,
will be evenly divisible by p.aa p
)(mod paa p
)(mod11 pa p
or
)(mod1
,
)( na
then
ntocoprimeisaIf
n
Euler’s Theorem (An Extension of Fermat’s Little Theorem)
gcd(a,n)=1
Φ(n) = (p-1)(q-1)is Euler’s “Totient”
Here’s What I Want to Prove
)(modnmc e
)(modncm d
I can recover m via
pqn)1)(1( qp
)(mod1 ed
1.
2.
3.
Given:
Then:
If:
)(mod
)(mod
nba
nba
dd
)(modnmc e
Let’s raise c to the d power and use
)(mod
)(mod)(
nmc
nmcedd
ded
Here’s The Details
)(mod
nba
FormtheHasWhich
Start With:
)(mod
)(mod)(
nmc
nmcedd
ded
Here’s The Details
)(mod1 Now, ed
ked 1 means,Which
)(modnmc e)(mod
nba
FormtheHasWhich
)(mod
)(mod)(
nmc
nmcedd
ded
ked 1 So,
)(mod)(mod 1 nmnmc kedd kk mmm1
Here’s The Details
)(mod1 Now, ed
ked 1 means,Which
)(modnmc e)(mod
nba
FormtheHasWhich
)(mod
)(mod)(
nmc
nmcedd
ded
)(mod1 Now, ed
ked 1 means,Which
ked 1 So,
)(mod)(mod)(mod 1 nmmnmnmc kkedd kk mmm1
Here’s The Details
)(modnmc e)(mod
nba
FormtheHasWhich
)(mod
)(mod)(
nmc
nmcedd
ded
)(mod1 Now, ed
ked 1 means,Which
ked 1 So,
)(mod)(mod)(mod 1 nmmnmnmc kkedd kk mmm1
)(mod1)( nm n
Now, recall that
Here’s The Details
Euler’s Theorem
)(modnmc e)(mod
nba
FormtheHasWhich
)(mod
)(mod
)(mod1)(mod
)(mod1)(mod))(mod1)((mod
))(mod)((mod)(mod)(mod
nmc
nm
nnm
nnmnnm
nmnmnmmnmc
d
kk
kkedd
Here’s The Details(cont’d)
)(modncm d
Here’s The Details(cont’d)
)(mod
)(mod
)(mod1)(mod
)(mod1)(mod))(mod1)((mod
))(mod)((mod)(mod)(mod
nmc
nm
nnm
nnmnnm
nmnmnmmnmc
d
kk
kkedd
Which Can Be Written
)(modncm d
Here’s The Details(cont’d)
Which is What I Wanted to Prove
)(mod
)(mod
)(mod1)(mod
)(mod1)(mod))(mod1)((mod
))(mod)((mod)(mod)(mod
nmc
nm
nnm
nnmnnm
nmnmnmmnmc
d
kk
kkedd
)(modncm d
knba
nba
)(mod
knbaab
nab
)(
)(mod
Except for the change in sign, the two terms are equivalent.
This is because:
Here’s The Details(cont’d)
Which is What I Wanted to Prove
)(mod
)(mod
)(mod1)(mod
)(mod1)(mod))(mod1)((mod
))(mod)((mod)(mod)(mod
nmc
nm
nnm
nnmnnm
nmnmnmmnmc
d
kk
kkedd
So, Where Does RSA Encryption Stand?
• For now, RSA PKE is still secure
• In 1991, RSA Laboratories published 54 large semiprimes (numbers
with exactly two prime factors) and issued cash prizes for successful
factorization.
• According to Wikepedia, 12 of the 54 listed numbers had been factored
by March 2008
• The RSA challenge officially ended in 2007
• Fastest Published Integer Factorization Algorithms:
General Number Field Sieve
Quadratic Sieve
• Development of a large Q-Bit Quantum Computer MIGHT make RSA
vulnerable, although this is not certain
• Fundamental breakthroughs in Number Theory (such as solving the
Riemann Hypothesis) still required before RSA becomes vulnerable
"The whole of e-commerce depends on prime numbers. I have
described the primes as atoms: what mathematicians are
missing is a kind of mathematical prime spectrometer.
Chemists have a machine that, if you give it a molecule, will tell
you the atoms that it is built from. Mathematicians haven't
invented a mathematical version of this. That is what we are
after. If the Riemann hypothesis is true, it won't produce a
prime number spectrometer. But the proof should give us more
understanding of how the primes work, and therefore the proof
might be translated into something that might produce this
prime spectrometer. If it does, it will bring the whole of e-
commerce to its knees, overnight. So there are very big
implications." - Marcus du Sautoy (“The Music of the Primes”)
Questions
