UNIVERSITY OF BIELSKO- BIALA AKADEMIA TECHNICZNO-HUMANISTYCZNA Faculty of Mechanical Engineering and Computer Science
Safety in Information Technology ( Prof. dr hab. inż. Mikołaj Karpiński) Editor: Georg Schön, Asymmetric Cryptography – RSA (Rivest, Shamir, Adleman) Subject:
Safety in IT Why asymmetric cryptography? Problems with symmetric cryptography: (Managment and distribution of keys) Problems with symmetric cryptography: (Managment and distribution of keys) –Sender and recipient need to exchange secret key. –n participants require n(n −1)/2 keys (6* 10^8 user in 2002 means approx. 1,8*10^17 keys) –Central distributor indicates high effort and is insecure with resprect to trustworthyness (knows everything) Georg Schön (University of Erlangen - Nürnberg) Public-key procedure!! ( only decription key or private key needs to be secure) >> to find the private key out of the public key is impossible (state of the art – but quantum computers?).
Safety in IT Asymmetric communication Georg Schön (University of Erlangen - Nürnberg) AliceBob !Public keys are accessible for everyone! E Message transfer Decripts with his private key UU E Encrypts with Bob´s public key
Safety in IT Public key index Georg Schön (University of Erlangen - Nürnberg) AliceBob NamePublic key Bob Paul Alice No secure keys for the exchange necessary! But: How to make sure the public key is not replaced by a third person? >> (Public key indexes use digital signatures!)
Safety in IT RSA cipher Invented by Ron Rivest, Adi Shamir and Len Adleman Invented by Ron Rivest, Adi Shamir and Len Adleman –Ist security makes use of the difficulty to decompound large numbers in prime factors! Georg Schön (University of Erlangen - Nürnberg) A prime number (or a prime) is a natural number greater than 1 that has no positive divisors other than 1 and itself. ( A prime number (or a prime) is a natural number greater than 1 that has no positive divisors other than 1 and itself. ( 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37…)
Safety in IT Prime multiplication Georg Schön (University of Erlangen - Nürnberg) Decimal length: 232Bit length: 768 Current PCs can quickly factor numbers with about “80 digits”. Therefore, practical RSA implementations must use moduli with at least “300 digits” to achieve sufficient security!
Safety in IT Mathematic background 1. The modulo operator 1. The modulo operator 2. Euler´s totient function 2. Euler´s totient function 3. Euler-Fermat theorem 3. Euler-Fermat theorem Georg Schön (University of Erlangen - Nürnberg) DivisorRest
Safety in IT φ Euler’s totient function φ of an integer returns how many positive integers a are coprime and smaller than N. Euler´s totient function Georg Schön (University of Erlangen - Nürnberg) Phi of N is the quantity of positive integers a where:
Safety in IT Euler-Fermat theorem Is a cyclic function (results repeat themselves) Is a cyclic function (results repeat themselves) Example: N = 10 Example: N = 10 a = 3>>>>> a = 3>>>>> a = 7>>>>> a = 7>>>>> No further explanation. Georg Schön (University of Erlangen - Nürnberg)
Safety in IT Key generation Georg Schön (University of Erlangen - Nürnberg) 1.Choose two primes and with 2.Calculate their product: 3.Calculate the value of Euler’s totient function of >>>>> 3 and 7 >>>>> 21 = 3*7 >>>>> 12 = (3-1)*(7-1) Determine D and E: D*E 1 mod 12 (eg. Compound number 1, 13, 25, 37, 49, 61, 73, 85,...) 85 = 5 * 17 (D=5, E=17) (N,E – private key; N,D – public key) For defining D, E also see: extended Euclidean algorithm!
Safety in IT Encryption/Decryption The message that is to be send, shall be 9 The message that is to be send, shall be 9 The user with key E (as encrypt) reckons: 9 E =9 5 = mod 21 Sender transmits encrypted message (18) to the receiver, who uses his private key D to decrypt the message and reckons: 18 D =18 17 = mod 21 (origin message) The user with key E (as encrypt) reckons: 9 E =9 5 = mod 21 Sender transmits encrypted message (18) to the receiver, who uses his private key D to decrypt the message and reckons: 18 D =18 17 = mod 21 (origin message) Georg Schön (University of Erlangen - Nürnberg)
Safety in Information Technology ( Prof. dr hab. inż. Mikołaj Karpiński)