Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Method for Obtaining Digital Signatures and Public-key Cryptosystems

Published byDarleen Hodge Modified over 9 years ago

Similar presentations

Presentation on theme: "A Method for Obtaining Digital Signatures and Public-key Cryptosystems"— Presentation transcript:

1 A Method for Obtaining Digital Signatures and Public-key Cryptosystems
R.L Rivest, A. Shamir, L. Adleman Presented by Wesley Varela

2 Ronald L. Rivest, Adi Shamir, and Leonard Adleman
Inventers of RSA

3 OUTLINE Introduction The Basic Idea of RSA A Small Example (Simple)
The Big Hairy Math Stuff A Better Example Known Weaknesses

4 Introduction “The era of “electronic mail” [10] may soon be upon us”

5 Why Encryption ?? What uses ??

6 So Bad People Don’t Do Bad Things

7 Public vs. Private Key Cryptosystems
Encryption and decryption keys can be derived from each other The key must be securely delivered to the person(s) who need to decrypt or encrypt messages Person(s) receiving the key must be trustworthy More useable in single-user enviroments Public Key More secure and easier to use Encryption keys are publicly available Digital signatures

8 RSA – The Basic Idea Properties of RSA
Encrypting a plaintext message M gives the ciphertext. Deciphering the ciphertext returns M. D(E(M)) = M The inverse is also true (digital signatures). E(D(M)) = M The encryption key (E) and decryption key (D) are easily computed E is publicly available but does not compromise the cryptosystem.

9 Basic Definitions you can’t live without
Trap-door one-way functions: easily computed in one direction but not the other, unless the decryption key is known Trap-door one-way permutations: Every message is ciphertext from some message and every ciphertext is a permissible message.

10 A Small Example Assume we have two people Oliver Katie
Encryption Key Eo Decryption Key Do Katie Encryption Key Ek Decryption Key Dk

11 Oliver sends a message to Katie
Ek(M) = ciphertext Sends the ciphertext to Katie Katie receives the message and response Dk(C) = plaintext Eo(M2) = ciphertext Sends the ciphertext to Oliver Oliver receives the return ciphertext Do(C2) = plaintext

12 Signatures Oliver sends a message to Katie Katie receives the message
Do(M) = Signature Ek(Signature) = Ciphertext Sends the ciphertext to Katie Katie receives the message Dk(C) = Signature Eo(Signature) = plaintext Has the pair (Signature, Plaintext)

13 Big Hairy Math Stuff Eo = (E(e, m) mod n ) + some algorithm
Do = (D(d, m) mod n ) + some algorithm d and e are exponents. m is the message n is the product of 2 very large primes

14 Why Use Primes for p & q? They have no non-trivial factors
It makes it even harder to find Ф(n) No algorithm to easily factor large numbers Everything that’s cool has the word prime attached to it. Prime rib Prime time Optimus Prime Prime Directive

15 Eulers totient function Ф
Ф(n) - gives the number of positive integers less then n which are relatively prime to n.

16 Computing Ф(n) Ф(n) = Ф(p*q) = Ф(p)* Ф(q) = (p-1)*(q-1)

17 Selecting “d” d should be relatively prime to Ф(n)
Select d to be a prime larger than max(p,q) “since d is relatively prime to Ф(n), it has a multiplicative inverse e in the ring of integers modulo Ф(n)”

18 Multiplicative Inverse Example
Two relatively prime numbers 5 and 7 1 * 5 = 5 ≡ 5 (Mod 7) 2 * 5 = 10 ≡ 3 (Mod 7) 3 * 5 = 15 ≡ 1 (Mod 7) 4 * 5 = 20 ≡ 6 (Mod 7) 5 * 5 = 25 ≡ 4 (Mod 7) 6 * 5 = 30 ≡ 2 (Mod 7) 7 * 5 = 35 ≡ 0 (Mod 7) Z7 is a cyclic group

19 Computing e from d Using the Extended Euclidian Algorithm
We find e such that e*d ≡ 1 (modФ(n))

20 The following theorem from Euler and Fermat will be useful
MФ(n) ≡ 1 (mod n)

21 “since d is relatively prime to Ф(n), it has a multiplicative inverse e in the ring of integers modulo Ф(n)” e*d ≡ 1 (mod Ф(n)) MФ(n) ≡ 1 (mod n) (Me)d = Med = MkФ(n) +1 = MkФ(n) * M1 = (MФ(n))k * M ≡ 1K * M = M

22 ALL about M Choosing how to represent your message M is very important. One method (ASCII) hello world m < n

23 Computing Me mod n Represent e as a binary number
ekek-1…e1e0 = 5 = 101 C = 1 For(i=k, i>=0; i--){ C = (C*C) mod n if(ei = 1) C = (C * M) mod n } At most 2*log2(e) + 2*log2(e)

24 Primarily Testing How to find a really big prime
Randomly generate a large odd number b of the size you want Use Solovay and Strassen’s probabilistic algorithm Select some number a from {0, …, b-1} gcd(a,b) = 1 and J(a,b) = a(b-1)/2 If false b is composite. If true b is prime with a probability of at least ½

25 Factoring Factoring (n) Computing (Ф(n)) Computing d

26 “512-bit number RSA-155 was factored in seven months during 1999 ”
Faster Computers? Pick a bigger prime. “RSA Laboratories currently recommends key sizes of 1024 bits for corporate use and 2048 bits for extremely valuable keys like the root key pair used by a certifying authority. Several recent standards specify a 1024-bit minimum for corporate use. Less valuable information may well be encrypted using a 768-bit key” “512-bit number RSA-155 was factored in seven months during 1999 ”

27 Known Weaknesses d<N.5 Lattice Attack
Low public exponent (Coppersmith) Broadcast Attack (Hastad) Related message Attack (Franklin-Reiter)

28 Provable Is RSA provably secure?

29 Physical Security Don’t let anyone copy your key or your primes

Download ppt "A Method for Obtaining Digital Signatures and Public-key Cryptosystems"

Similar presentations

CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.
Public Key Encryption Algorithm

Public Key Encryption Algorithm
Primality Testing By Ho, Ching Hei Cheung, Wai Kwok.

Primality Testing By Ho, Ching Hei Cheung, Wai Kwok.
hap8.html#chap8ex5.

hap8.html#chap8ex5.
7. Asymmetric encryption-

7. Asymmetric encryption-
Session 4 Asymmetric ciphers.

Session 4 Asymmetric ciphers.
95-712 OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.

OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.
and Factoring Integers (I)

and Factoring Integers (I)
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
RSA ( Rivest, Shamir, Adleman) Public Key Cryptosystem

RSA ( Rivest, Shamir, Adleman) Public Key Cryptosystem
Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.

Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.
The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.

The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
and Factoring Integers

and Factoring Integers
Public Encryption: RSA

Public Encryption: RSA
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Theory I Algorithm Design and Analysis (9 – Randomized algorithms) Prof. Dr. Th. Ottmann.

Theory I Algorithm Design and Analysis (9 – Randomized algorithms) Prof. Dr. Th. Ottmann.
RSA Encryption William Lu. RSA Background  Basic technique first discovered in 1973 by Clifford Cocks of CESG (part of British GCHQ)  Invented in 1977.

RSA Encryption William Lu. RSA Background  Basic technique first discovered in 1973 by Clifford Cocks of CESG (part of British GCHQ)  Invented in 1977.
Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.

Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.
Public Key Algorithms 4/17/2017 M. Chatterjee.

Public Key Algorithms 4/17/2017 M. Chatterjee.

Similar presentations

Ads by Google