RSA Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013.

Slides:



Advertisements
Similar presentations
RSA COSC 201 ST. MARY’S COLLEGE OF MARYLAND FALL 2012 RSA.
Advertisements

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.
Data encryption with big prime numbers
22C:19 Discrete Structures Integers and Modular Arithmetic
Public Key Encryption Algorithm
hap8.html#chap8ex5.
22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.
7. Asymmetric encryption-
1 The RSA Algorithm Supplementary Notes Prepared by Raymond Wong Presented by Raymond Wong.
Attacks on Digital Signature Algorithm: RSA
The Algebra of Encryption CS 6910 Semester Research and Project University of Colorado at Colorado Springs By Cliff McCullough 20 July 2011.
Cryptography Lecture 11: Oct 12. Cryptography AliceBob Cryptography is the study of methods for sending and receiving secret messages. adversary Goal:
CS470, A.SelcukPublic Key Cryptography1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Public Encryption: RSA
Cryptography & Number Theory
CSE 321 Discrete Structures Winter 2008 Lecture 8 Number Theory: Modular Arithmetic.
Introduction to Modern Cryptography Lecture 7 1.RSA Public Key CryptoSystem 2.One way Trapdoor Functions.
Public Key Algorithms 4/17/2017 M. Chatterjee.
ASYMMETRIC CIPHERS.
Lecture 6: Public Key Cryptography
Public Key Model 8. Cryptography part 2.
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.
1 CIS 5371 Cryptography 8. Asymmetric encryption-.
Department of Mathematics and Statistics
1 Network Security Lecture 6 Public Key Algorithms Waleed Ejaz
Great Theoretical Ideas in Computer Science.
HW6 due tomorrow Teams T will get to pick their presentation day in the order Teams T will get to pick their presentation day in the order Teams mostly.
RSA Ramki Thurimella.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Prelude to Public-Key Cryptography Rocky K. C. Chang, February
Cryptography Dec 29. This Lecture In this last lecture for number theory, we will see probably the most important application of number theory in computer.
1 Lecture 9 Public Key Cryptography Public Key Algorithms CIS CIS 5357 Network Security.
Public-Key Cryptography CS110 Fall Conventional Encryption.
Midterm Review Cryptography & Network Security
Implementing RSA Encryption in Java
Improving Encryption Algorithms Betty Huang Computer Systems Lab
Modular Arithmetic with Applications to Cryptography Lecture 47 Section 10.4 Wed, Apr 13, 2005.
Darci Miyashiro Math 480 April 29, 2013
Algebra of RSA codes Yinduo Ma Tong Li. Ron Rivest, Adi Shamir and Leonard Adleman.
RSA and its Mathematics Behind July Topics  Modular Arithmetic  Greatest Common Divisor  Euler’s Identity  RSA algorithm  Security in RSA.
22C:19 Discrete Structures Integers and Modular Arithmetic Fall 2014 Sukumar Ghosh.
1 Network and Computer Security (CS 475) Modular Arithmetic and the RSA Public Key Cryptosystem Jeremy R. Johnson.
Public Key Cryptosystems RSA Diffie-Hellman Department of Computer Engineering Sharif University of Technology 3/8/2006.
Lecture 6.1: Misc. Topics: Number Theory CS 250, Discrete Structures, Fall 2011 Nitesh Saxena.
1 Section Congruences In short, a congruence relation is an equivalence relation on the carrier of an algebra such that the operations of the algebra.
Public Key Cryptosystem Introduced in 1976 by Diffie and Hellman [2] In PKC different keys are used for encryption and decryption 1978: First Two Implementations.
Ch1 - Algorithms with numbers Basic arithmetic Basic arithmetic Addition Addition Multiplication Multiplication Division Division Modular arithmetic Modular.
Introduction to Cryptography Lecture 9. Public – Key Cryptosystems Each participant has a public key and a private key. It should be infeasible to determine.
Great Theoretical Ideas in Computer Science for Some.
Week 4 - Wednesday.  What did we talk about last time?  Finished DES  AES.
Introduction to Number Theory
Great Theoretical Ideas in Computer Science.
Introduction to Elliptic Curve Cryptography CSCI 5857: Encoding and Encryption.
RSA Pubic Key Encryption CSCI 5857: Encoding and Encryption.
Data encryption with big prime numbers DANIEL FREEMAN, SLU.
RSA Cryptosystem Great Theoretical Ideas In Computer Science S. Rudich V. Adamchik CS Spring 2006 Lecture 8Feb. 09, 2006Carnegie Mellon University.
CS/COE 1501 Recitation RSA Encryption/Decryption Extended Euclidean Algorithm Digital Signatures.
Copyright © Zeph Grunschlag, RSA Encryption Zeph Grunschlag.
CPIS 312 Chapter Four: PUBLIC KEY CRYPTO. Index 2 A.Introduction A.1 Asymmetric Key Cryptography- Introduction A.2 General ideas about the Public Key.
Lecture 5 Asymmetric Cryptography. Private-Key Cryptography Traditional private/secret/single key cryptography uses one key Shared by both sender and.
Revision. Cryptography depends on some properties of prime numbers. One of these is that it is rather easy to generate large prime numbers, but much harder.
Public Key Cryptosystem
RSA Slides by Kent Seamons and Tim van der Horst
RSA and El Gamal Cryptosystems
CS/COE 1501 Recitation RSA Encryption/Decryption
Number Theory and Euclidean Algorithm
Analysis of the RSA Encryption Algorithm
Systems Architecture I
Presentation transcript:

RSA Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013

Recap

Recap Number theory o What is a prime number? o What is prime factorization? o What is a GCD? o What does relatively prime mean? What does co-prime mean? o What does congruence mean? o What is the additive inverse of 13 % 17 ? o What is the multiplicative inverse of 7 % 8 ?

Recap: Diffie-Hellman You’re trapped in your spaceship You have enough energy to send a single message to your HQ You have: o HQ’s public DH values g=5, p = … g a = … o Your AES implementation from Labs #1 & 2 o An arbitrary precision calculator How can you construct your message so that it will be safe from eavesdroppers?

Asymmetric Encryption

Public Key Terminology Public Key Private Key Digital Signature You encrypt with a public key, and you decrypt with a private key You sign with a private key, and you verify with a public key

Encryption Algorithm Decryption Algorithm Model for Encryption with Public Key Cryptography AliceBob Plaintext Bob’s Public KeyBob’s Private Key Ciphertext Plaintext

Signing Algorithm Verification Algorithm Model for Digital Signature with Public Key Cryptography AliceBob Plaintext Alice’s Private KeyAlice’s Public Key Ciphertext Plaintext

History of RSA

RSA m = message c = ciphertext e = public exponent d = private exponent n = modulus RSA Encryption o c = m e % n RSA Decryption o m = c d % n

The Math Behind RSA RSA encrypt/decrypt operations are simple The math to get to the point where these operations work is not so simple (at first) o Fermat’s little theorem o Euler’s generalization of Fermat’s little theorem

Fermat’s Little Theorem If o p is prime o a is relatively prime to p (co-prime) Then Fermat’s theorem states o a p-1  1 (mod p) o for all 0 < a < p This serves as the basis for o Fermat’s primality test o Euler’s generalization Pierre de Fermat ( ) Which values of a aren’t co-prime to p?

Application of Fermat’s Little Theorem Compute 2 12 % 11 Compute % 561 (561 is prime)

Euler’s Generalization of Fermat’s Little Theorem Euler said o a phi(n)  1 (mod n) phi(n) o Euler’s totient function  (n) o The number of values less than n which are relatively prime to n Multiplicative group of integers (Z n *) RSA is interested in values of n that are the product of two prime numbers p and q Leonhard Euler ( ) n doesn’t need to be prime a must still be co-prime to n

Computing phi(n) in RSA phi(n) is the number of integers between 0 and n that are co-prime to n When p * q = n, and p and q are prime, what is the phi(n)? Proof (When p * q = n) Observations 1) there are p-1 multiples of q between 1 and n 2) there are q-1 multiples of p between 1 and n These multiples are not co-prime to n Definition: phi(n) = # of values between 0 and n that are co-prime to n phi(n) = # of values between 0 and n minus # of values between 0 and n not co-prime to n phi(n)= [ n – 1] – [(p-1) + (q-1)] = [pq – 1] – (p-1) – (q-1) = pq – p – q + 1 = (p-1)(q-1) (p-1)(q-1) Why not?

RSA Euler said: a phi(n)  1 (mod n) o m (p-1)(q-1)  1 (mod n) Notice: m (p-1)(q-1) * m  m (p-1)(q-1)+1  m (mod n) o m phi(n)+1  m (mod n) Let e*d = k*phi(n) + 1 o Then e*d  1 (mod phi(n)) o Therefore m ed  m k*phi(n)+1  m phi(n) *m phi(n) *… * m  m (mod n) RSA Encryption o m e = c (mod n) RSA Decryption o c d = m (mod n)

Steps for RSA Encryption Why is RSA Secure? Hard to factor large numbers Hard to compute d without phi(n) Discrete logs are hard (m d % n) Given signature, hard to find d

RSA Usage

How do we get p, q, e, & d? What is p? o How do we get it? What is q? o How do we get it? What is e? o How do we get it? o What is the relationship of e and (p-1)(q-1)? What is d? o How do we get it?

Multiplicative Inverses Use the extended Euclidean algorithm o Based on the fact that GCD can be defined recursively If x > y, then GCD(x,y) = (recursively) GCD(y, x-y) Also if x > y, then GCD(x,y) = (recursively) GCD(y, x%y) o GCD can also be used as follows: Suppose ax + by = gcd(x,y) If x is the modulus, and gcd (x,y) = 1 o Then ax + by = 1 and b is y -1

Extended Euclidean algorithm GCD (120, 23) 120 / 23 = 5 r 5 23 / 5 = 4 r 3 5 / 3 = 1 r 2 3 / 2 = 1 r 1 2 / 1 = 2 r 0 1 / 0 GCD is 1, 120 and 23 are co-prime GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23(1) + 5(-4) 5 / 3 = 1 r 2=> 2 = 5(1) + 3(-1) 3 / 2 = 1 r 1=> 1 = 3(1) + 2(-1) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2) Notice the first line is a sum of products involving 120 and 23. We can derive a formula for each remainder to be a sum of products of 120,23.

Extended Euclidean algorithm GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23(1) + 5(-4) 5 / 3 = 1 r 2=> 2 = 5(1) + 3(-1) 3 / 2 = 1 r 1=> 1 = 3(1) + 2(-1) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2) GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23 + [120(1) + 23(-5)] (-4) = 23 + (120(-4) + 23(20)) = 23(21) + 120(-4) 5 / 3 = 1 r 2=> 2 = 5(1) + 3(-1) 3 / 2 = 1 r 1=> 1 = 3(1) + 2(-1) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2)

Extended Euclidean algorithm GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23(21) + 120(-4) 5 / 3 = 1 r 2=> 2 = 5(1) + 3(-1) 3 / 2 = 1 r 1=> 1 = 3(1) + 2(-1) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2) GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23(21) + 120(-4) 5 / 3 = 1 r 2=> 2 = [120(1)+23(-5)] + [23(21)+120(-4)](-1) = 120(5) + 23(-26) 3 / 2 = 1 r 1=> 1 = 3(1) + 2(-1) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2)

Extended Euclidean algorithm GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23(21) + 120(-4) 5 / 3 = 1 r 2=> 2 = 120(5) + 23(-26) 3 / 2 = 1 r 1=> 1 = 3(1) + 2(-1) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2) GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23(21) + 120(-4) 5 / 3 = 1 r 2=> 2 = 120(5) + 23(-26) 3 / 2 = 1 r 1=> 1 = [23(21) + 120(-4)] + [120(5) + 23(-26)](-1) = 23(47) + 120(-9) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2) Notice that 1 = 23* (-9) means that 47 is the multiplicative inverse of 23 (mod 120)

Computing “d” For RSA, calculate GCD(phi(n), e) to find d using extended Euclidean algorithm (see handout on Lab #4 page) o Manual iterative method for the exam o Use the table method in your lab For RSA, the GCD(phi(n),e) will result in an equation of the form o 1 = e*d + phi(n)*k o Where d or k is negative If d is negative convert it to an equivalent positive number (mod n) using phi(n) + d

Computing RSA Keys Example p=17 q=11 n=? phi(n)=? e=7 d=?

Applications for Public Key Cryptosystems

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.