Presentation is loading. Please wait.

Presentation is loading. Please wait.

RSA Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013.

Published byDortha Taylor Modified over 9 years ago

Similar presentations

Presentation on theme: "RSA Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013."— Presentation transcript:

1 RSA Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013

2 Recap

3 Recap Number theory o What is a prime number? o What is prime factorization? o What is a GCD? o What does relatively prime mean? What does co-prime mean? o What does congruence mean? o What is the additive inverse of 13 % 17 ? o What is the multiplicative inverse of 7 % 8 ?

4 Recap: Diffie-Hellman You’re trapped in your spaceship You have enough energy to send a single message to your HQ You have: o HQ’s public DH values g=5, p = 875498279345… g a = 32477230478… o Your AES implementation from Labs #1 & 2 o An arbitrary precision calculator How can you construct your message so that it will be safe from eavesdroppers?

5 Asymmetric Encryption

6 Public Key Terminology Public Key Private Key Digital Signature You encrypt with a public key, and you decrypt with a private key You sign with a private key, and you verify with a public key

7 Encryption Algorithm Decryption Algorithm Model for Encryption with Public Key Cryptography AliceBob Plaintext Bob’s Public KeyBob’s Private Key Ciphertext Plaintext

8 Signing Algorithm Verification Algorithm Model for Digital Signature with Public Key Cryptography AliceBob Plaintext Alice’s Private KeyAlice’s Public Key Ciphertext Plaintext

9 History of RSA

10 RSA m = message c = ciphertext e = public exponent d = private exponent n = modulus RSA Encryption o c = m e % n RSA Decryption o m = c d % n

11 The Math Behind RSA RSA encrypt/decrypt operations are simple The math to get to the point where these operations work is not so simple (at first) o Fermat’s little theorem o Euler’s generalization of Fermat’s little theorem

12 Fermat’s Little Theorem If o p is prime o a is relatively prime to p (co-prime) Then Fermat’s theorem states o a p-1  1 (mod p) o for all 0 < a < p This serves as the basis for o Fermat’s primality test o Euler’s generalization Pierre de Fermat (1601-1655) Which values of a aren’t co-prime to p?

13 Application of Fermat’s Little Theorem Compute 2 12 % 11 Compute 2 565 % 561 (561 is prime)

14 Euler’s Generalization of Fermat’s Little Theorem Euler said o a phi(n)  1 (mod n) phi(n) o Euler’s totient function  (n) o The number of values less than n which are relatively prime to n Multiplicative group of integers (Z n *) RSA is interested in values of n that are the product of two prime numbers p and q Leonhard Euler (1707-1783) n doesn’t need to be prime a must still be co-prime to n

15 Computing phi(n) in RSA phi(n) is the number of integers between 0 and n that are co-prime to n When p * q = n, and p and q are prime, what is the phi(n)? Proof (When p * q = n) Observations 1) there are p-1 multiples of q between 1 and n 2) there are q-1 multiples of p between 1 and n These multiples are not co-prime to n Definition: phi(n) = # of values between 0 and n that are co-prime to n phi(n) = # of values between 0 and n minus # of values between 0 and n not co-prime to n phi(n)= [ n – 1] – [(p-1) + (q-1)] = [pq – 1] – (p-1) – (q-1) = pq – p – q + 1 = (p-1)(q-1) (p-1)(q-1) Why not?

16 RSA Euler said: a phi(n)  1 (mod n) o m (p-1)(q-1)  1 (mod n) Notice: m (p-1)(q-1) * m  m (p-1)(q-1)+1  m (mod n) o m phi(n)+1  m (mod n) Let e*d = k*phi(n) + 1 o Then e*d  1 (mod phi(n)) o Therefore m ed  m k*phi(n)+1  m phi(n) *m phi(n) *… * m  m (mod n) RSA Encryption o m e = c (mod n) RSA Decryption o c d = m (mod n)

17 Steps for RSA Encryption Why is RSA Secure? Hard to factor large numbers Hard to compute d without phi(n) Discrete logs are hard (m d % n) Given signature, hard to find d

18 RSA Usage

19 How do we get p, q, e, & d? What is p? o How do we get it? What is q? o How do we get it? What is e? o How do we get it? o What is the relationship of e and (p-1)(q-1)? What is d? o How do we get it?

20 Multiplicative Inverses Use the extended Euclidean algorithm o Based on the fact that GCD can be defined recursively If x > y, then GCD(x,y) = (recursively) GCD(y, x-y) Also if x > y, then GCD(x,y) = (recursively) GCD(y, x%y) o GCD can also be used as follows: Suppose ax + by = gcd(x,y) If x is the modulus, and gcd (x,y) = 1 o Then ax + by = 1 and b is y -1

21 Extended Euclidean algorithm GCD (120, 23) 120 / 23 = 5 r 5 23 / 5 = 4 r 3 5 / 3 = 1 r 2 3 / 2 = 1 r 1 2 / 1 = 2 r 0 1 / 0 GCD is 1, 120 and 23 are co-prime GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23(1) + 5(-4) 5 / 3 = 1 r 2=> 2 = 5(1) + 3(-1) 3 / 2 = 1 r 1=> 1 = 3(1) + 2(-1) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2) Notice the first line is a sum of products involving 120 and 23. We can derive a formula for each remainder to be a sum of products of 120,23.

22 Extended Euclidean algorithm GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23(1) + 5(-4) 5 / 3 = 1 r 2=> 2 = 5(1) + 3(-1) 3 / 2 = 1 r 1=> 1 = 3(1) + 2(-1) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2) GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23 + [120(1) + 23(-5)] (-4) = 23 + (120(-4) + 23(20)) = 23(21) + 120(-4) 5 / 3 = 1 r 2=> 2 = 5(1) + 3(-1) 3 / 2 = 1 r 1=> 1 = 3(1) + 2(-1) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2)

23 Extended Euclidean algorithm GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23(21) + 120(-4) 5 / 3 = 1 r 2=> 2 = 5(1) + 3(-1) 3 / 2 = 1 r 1=> 1 = 3(1) + 2(-1) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2) GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23(21) + 120(-4) 5 / 3 = 1 r 2=> 2 = [120(1)+23(-5)] + [23(21)+120(-4)](-1) = 120(5) + 23(-26) 3 / 2 = 1 r 1=> 1 = 3(1) + 2(-1) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2)

24 Extended Euclidean algorithm GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23(21) + 120(-4) 5 / 3 = 1 r 2=> 2 = 120(5) + 23(-26) 3 / 2 = 1 r 1=> 1 = 3(1) + 2(-1) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2) GCD (120, 23) 120 / 23 = 5 r 5=> 5 = 120(1) + 23(-5) 23 / 5 = 4 r 3=> 3 = 23(21) + 120(-4) 5 / 3 = 1 r 2=> 2 = 120(5) + 23(-26) 3 / 2 = 1 r 1=> 1 = [23(21) + 120(-4)] + [120(5) + 23(-26)](-1) = 23(47) + 120(-9) 2 / 1 = 2 r 0=> 0 = 2(1) + 1(-2) Notice that 1 = 23*47 + 120(-9) means that 47 is the multiplicative inverse of 23 (mod 120)

25 Computing “d” For RSA, calculate GCD(phi(n), e) to find d using extended Euclidean algorithm (see handout on Lab #4 page) o Manual iterative method for the exam o Use the table method in your lab For RSA, the GCD(phi(n),e) will result in an equation of the form o 1 = e*d + phi(n)*k o Where d or k is negative If d is negative convert it to an equivalent positive number (mod n) using phi(n) + d

26 Computing RSA Keys Example p=17 q=11 n=? phi(n)=? e=7 d=?

27 Applications for Public Key Cryptosystems

Download ppt "RSA Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013."

Similar presentations

RSA COSC 201 ST. MARY’S COLLEGE OF MARYLAND FALL 2012 RSA.

RSA COSC 201 ST. MARY’S COLLEGE OF MARYLAND FALL 2012 RSA.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.
Data encryption with big prime numbers

Data encryption with big prime numbers
22C:19 Discrete Structures Integers and Modular Arithmetic

22C:19 Discrete Structures Integers and Modular Arithmetic
Public Key Encryption Algorithm

Public Key Encryption Algorithm
hap8.html#chap8ex5.

hap8.html#chap8ex5.
22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.

22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.
7. Asymmetric encryption-

7. Asymmetric encryption-
1 The RSA Algorithm Supplementary Notes Prepared by Raymond Wong Presented by Raymond Wong.

1 The RSA Algorithm Supplementary Notes Prepared by Raymond Wong Presented by Raymond Wong.
Attacks on Digital Signature Algorithm: RSA

Attacks on Digital Signature Algorithm: RSA
The Algebra of Encryption CS 6910 Semester Research and Project University of Colorado at Colorado Springs By Cliff McCullough 20 July 2011.

The Algebra of Encryption CS 6910 Semester Research and Project University of Colorado at Colorado Springs By Cliff McCullough 20 July 2011.
Cryptography Lecture 11: Oct 12. Cryptography AliceBob Cryptography is the study of methods for sending and receiving secret messages. adversary Goal:

Cryptography Lecture 11: Oct 12. Cryptography AliceBob Cryptography is the study of methods for sending and receiving secret messages. adversary Goal:
CS470, A.SelcukPublic Key Cryptography1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukPublic Key Cryptography1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Public Encryption: RSA

Public Encryption: RSA
Cryptography & Number Theory

Cryptography & Number Theory
CSE 321 Discrete Structures Winter 2008 Lecture 8 Number Theory: Modular Arithmetic.

CSE 321 Discrete Structures Winter 2008 Lecture 8 Number Theory: Modular Arithmetic.
Introduction to Modern Cryptography Lecture 7 1.RSA Public Key CryptoSystem 2.One way Trapdoor Functions.

Introduction to Modern Cryptography Lecture 7 1.RSA Public Key CryptoSystem 2.One way Trapdoor Functions.
Public Key Algorithms 4/17/2017 M. Chatterjee.

Public Key Algorithms 4/17/2017 M. Chatterjee.
ASYMMETRIC CIPHERS.

ASYMMETRIC CIPHERS.

Similar presentations

Ads by Google