Presentation is loading. Please wait.

Presentation is loading. Please wait.

Public Key Cryptosystems - RSA

Published byWalter Thompson Modified over 6 years ago

Similar presentations

Presentation on theme: "Public Key Cryptosystems - RSA"— Presentation transcript:

1 Public Key Cryptosystems - RSA
Receiver Sender 57 17 p p 41 19 q q Attacker 53 p and q prime p 47 q

2 Public Key Cryptosystems - RSA
Compute numbers n = p*q 2337 323 Receiver Sender 57 17 p p 41 19 q q Attacker 53 p and q prime p 2491 47 q

3 Public Key Cryptosystems - RSA
Choose e prime relative to (p-1)(q-1) 2337 43 323 23 Receiver Sender 57 17 p p 41 19 q q Attacker 53 p and q prime p 2491 41 47 q

4 Public Key Cryptosystems - RSA
Publish <n,e> pair as the public key 2337 43 323 23 Receiver Sender 57 17 p p 41 19 q q Attacker 53 p and q prime p 2491 41 47 q

5 Public Key Cryptosystems - RSA
Find d such that (e*d -1) is divisible by (p-1)(q-1) 1667 2337 43 263 323 23 Receiver Sender 57 17 p p 41 19 q q 2217 Attacker 53 p and q prime p 2491 41 47 q

6 Public Key Cryptosystems - RSA
Keep <d,n> as the private key 1667 2337 43 263 323 23 Receiver Sender 57 17 p p 41 19 q q 2217 Attacker 53 p and q prime p 2491 41 47 q

7 Public Key Cryptosystems - RSA
Toss p and q 1667 2337 43 263 323 23 Receiver Sender 2217 Attacker 2491 41

8 Public Key Cryptosystems - RSA
1667 2337 43 263 323 23 Receiver m43 mod 2337 Sender 2217 Attacker 2491 41

9 Public Key Cryptosystems - RSA
1667 2337 43 263 323 23 Receiver Sender 2217 Attacker (m 43 mod 2337)1667 mod 2337 2491 41

10 Public Key Cryptosystems - RSA, signing
1667 2337 43 263 323 23 Receiver Sender m263 mod 323 2217 Attacker 2491 41

11 Public Key Cryptosystems - RSA, signing
1667 2337 43 263 323 23 Receiver Sender 2217 Attacker (m263 mod 323)23 mod 323 2491 41

12 Public Key Cryptosystems - RSA, exponentiating
55637 25663 mod 78837

13 Public Key Cryptosystems - RSA, exponentiating
55637 25663 mod 78837 Yikes!

14 Public Key Cryptosystems - RSA, exponentiating
55637 25663 mod 78837 Yikes! Rescued by: a x*b y mod p = (a x mod p)*(b y mod p) mod p

15 Public Key Cryptosystems - RSA, exponentiating
55637 25663 mod 78837 2 25663 mod 78837 ... That is, do the modular reduction after each multiplication.

16 Public Key Cryptosystems - RSA, find primes
Probability that a random number n is prime: 1/ln(n) For 100 digit number this is 1/230. Probability that a random number n is prime: 1/ln(n) For 100 digit number this is 1/230. But how to test for being prime? If p is prime and 0 < a < p, then a p-1 = 1 mod p Ex: 3(5-1) = 81 = 1 mod 5 36(29-1) = = 1 mod 29 Pr (p isn't prime but a p-1 = 1 mod p) = 1/

17 Public Key Cryptosystems - RSA, find primes
Probability that a random number n is prime: 1/ln(n) For 100 digit number this is 1/230. But how to test for being prime? Probability that a random number n is prime: 1/ln(n) For 100 digit number this is 1/230. But how to test for being prime? If p is prime and 0 < a < p, then a p-1 = 1 mod p Ex: 3(5-1) = 81 = 1 mod 5 36(29-1) = = 1 mod 29 Pr (p isn't prime but a p-1 = 1 mod p) = 1/

18 Public Key Cryptosystems - RSA, find primes
Probability that a random number n is prime: 1/ln(n) For 100 digit number this is 1/230. But how to test for being prime? If p is prime and 0 < a < p, then a p-1 = 1 mod p Ex: 3(5-1) = 81 = 1 mod 5 36(29-1) = = 1 mod 29 Probability that a random number n is prime: 1/ln(n) For 100 digit number this is 1/230. But how to test for being prime? If p is prime and 0 < a < p, then a p-1 = 1 mod p Ex: 3(5-1) = 81 = 1 mod 5 36(29-1) = = 1 mod 29 Pr (p isn't prime but a p-1 = 1 mod p) = 1/

19 Public Key Cryptosystems - RSA, find primes
Probability that a random number n is prime: 1/ln(n) For 100 digit number this is 1/230. But how to test for being prime? If p is prime and 0 < a < p, then a p-1 = 1 mod p Ex: 3(5-1) = 81 = 1 mod 5 36(29-1) = = 1 mod 29 Pr (p isn't prime but a p-1 = 1 mod p) = 1/ (See Probability that a random number n is prime: 1/ln(n) For 100 digit number this is 1/230. But how to test for being prime? If p is prime and 0 < a < p, then a p-1 = 1 mod p Ex: 3(5-1) = 81 = 1 mod 5 36(29-1) = = 1 mod 29 Pr (p isn't prime but a p-1 = 1 mod p) = 1/

20 Public Key Cryptosystems - RSA, find primes
But we need some help to use the above - Define: trivial square roots of 1 mod p : 1 mod p and -1 mod p 1 mod p mod p Fact 1: If p is prime, there are no non-trivial square roots of 1 mod p Let x be a square root of 1 mod p. Then x2 = 1 mod p. Or, (x-1)(x+1) = 0 mod p. But x-1 and x+1 are divisible by prime p. Hence, the product cannot be divisible by p. Therefore x other than -1 or 1 does not exist. p p-1 Probability that a random number n is prime: 1/ln(n) For 100 digit number this is 1/230. But how to test for being prime? If p is prime and 0 < a < p, then a p-1 = 1 mod p Ex: 3(5-1) = 81 = 1 mod 5 36(29-1) = = 1 mod 29 Pr (p isn't prime but a p-1 = 1 mod p) = 1/

21 Public Key Cryptosystems - RSA, find primes
Fact 2: If p is prime, the exponent p-1 is an even number Probability that a random number n is prime: 1/ln(n) For 100 digit number this is 1/230. But how to test for being prime? If p is prime and 0 < a < p, then a p-1 = 1 mod p Ex: 3(5-1) = 81 = 1 mod 5 36(29-1) = = 1 mod 29 Pr (p isn't prime but a p-1 = 1 mod p) = 1/

22 Public Key Cryptosystems - RSA, find primes
Fact 2: If p is prime, the exponent p-1 is an even number Fact 3: If p is not prime then the probability that there is a square root of a p-1 mod p that is neither 1 mod p nor -1 mod p is not greater than 1/4, assuming a is an integer chosen randomly between 1 and p-1. Probability that a random number n is prime: 1/ln(n) For 100 digit number this is 1/230. But how to test for being prime? If p is prime and 0 < a < p, then a p-1 = 1 mod p Ex: 3(5-1) = 81 = 1 mod 5 36(29-1) = = 1 mod 29 Pr (p isn't prime but a p-1 = 1 mod p) = 1/

23 Public Key Cryptosystems - RSA, find primes
Fact 2: If p is prime, the exponent p-1 is an even number Fact 3: If p is not prime then the probability that there is a square root of a p-1 mod p that is neither 1 mod p nor -1 mod p is not greater than 1/4, assuming a is an integer chosen randomly between 0 and p-1. An algorithm to test p for being a prime number: If p is even, return false (p is not prime) Repeat the following at most 100 times: Choose a random integer a such that 0 ≤ a < p. If some square root of a p-1 mod p is neither 1 mod p nor -1 mod p then return false (p is not prime). Return probably (p is prime with probability of error) Probability that a random number n is prime: 1/ln(n) For 100 digit number this is 1/230. But how to test for being prime? If p is prime and 0 < a < p, then a p-1 = 1 mod p Ex: 3(5-1) = 81 = 1 mod 5 36(29-1) = = 1 mod 29 Pr (p isn't prime but a p-1 = 1 mod p) = 1/

24 } Public Key Cryptosystems - RSA, find primes
Can always express integer p-1 as 2 bm for some odd number m Ex: 428 = 2 2 *107 Here is the 2 b (b = 2) Here is the odd number (m = 107) Instead of finding the square root of a p-1 mod p, write p-1 = 2bm then check whether a m = 1 mod p. If so, there are no non-trivial square roots. Otherwise check whether a m21 = 1 mod p. If so and if the square root of the left side is a m mod p which, if not equal to -1 mod p, must be a non-trivial root of unity of a m21 mod p and therefore a m2b mod p. If a m21 ≠ 1 mod p then repeat for a m22 and so on, possibly up to a m2b. } } (See

25 Public Key Cryptosystems - RSA, picking d and e
Choose e first, then find p and q so (p-1) and (q-1) are relatively prime to e RSA is no less secure if e is always the same and small Popular values for e are 3 and 65537 For e = 3, though, must pad message or else ciphertext = plaintext Choose p ≡ 2 mod 3 so p-1 = 1 mod 3 So, choose random odd number, multiply by 3 and add 2, then test for primality

Download ppt "Public Key Cryptosystems - RSA"

Similar presentations

RSA COSC 201 ST. MARY’S COLLEGE OF MARYLAND FALL 2012 RSA.

RSA COSC 201 ST. MARY’S COLLEGE OF MARYLAND FALL 2012 RSA.
Public Key Cryptosystems - RSA Receiver Sender Eavesdroppe r 175753411947 p q p q p q p and q prime.

Public Key Cryptosystems - RSA Receiver Sender Eavesdroppe r p q p q p q p and q prime.
Public Key Encryption Algorithm

Public Key Encryption Algorithm
Primality Testing By Ho, Ching Hei Cheung, Wai Kwok.

Primality Testing By Ho, Ching Hei Cheung, Wai Kwok.
7. Asymmetric encryption-

7. Asymmetric encryption-
15-251 Great Theoretical Ideas in Computer Science.

Great Theoretical Ideas in Computer Science.
Session 4 Asymmetric ciphers.

Session 4 Asymmetric ciphers.
The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.

The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.
Cryptography Lecture 11: Oct 12. Cryptography AliceBob Cryptography is the study of methods for sending and receiving secret messages. adversary Goal:

Cryptography Lecture 11: Oct 12. Cryptography AliceBob Cryptography is the study of methods for sending and receiving secret messages. adversary Goal:
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Theory I Algorithm Design and Analysis (9 – Randomized algorithms) Prof. Dr. Th. Ottmann.

Theory I Algorithm Design and Analysis (9 – Randomized algorithms) Prof. Dr. Th. Ottmann.
Public Key Algorithms 4/17/2017 M. Chatterjee.

Public Key Algorithms 4/17/2017 M. Chatterjee.
CPE5021 Advanced Network Security --- Advanced Cryptography: RSA and its implementation --- Lecture 1.1 Last lecture we saw the data encryption standard.

CPE5021 Advanced Network Security --- Advanced Cryptography: RSA and its implementation --- Lecture 1.1 Last lecture we saw the data encryption standard.
Lecture 6: Public Key Cryptography

Lecture 6: Public Key Cryptography
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.
The RSA Algorithm Based on the idea that factorization of integers into their prime factors is hard. ★ n=p . q, where p and q are distinct primes Proposed.

The RSA Algorithm Based on the idea that factorization of integers into their prime factors is hard. ★ n=p . q, where p and q are distinct primes Proposed.
 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.

 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.
1 CIS 5371 Cryptography 8. Asymmetric encryption-.

1 CIS 5371 Cryptography 8. Asymmetric encryption-.
Quadratic Residuosity and Two Distinct Prime Factor ZK Protocols By Stephen Hall.

Quadratic Residuosity and Two Distinct Prime Factor ZK Protocols By Stephen Hall.
The RSA Algorithm Rocky K. C. Chang, March 2014 1.

The RSA Algorithm Rocky K. C. Chang, March

Similar presentations

Ads by Google