home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Cream of the Crop 20
/
Cream of the Crop 20 (Terry Blount) (1996).iso
/
disk
/
pgpmnu31.zip
/
PKE-RSA.TXT
< prev
next >
Wrap
Text File
|
1996-05-05
|
16KB
|
471 lines
PKE - PUBLIC KEY ENCRYPTION
This paper heavily relies on Bruce Schneier's excellent
book, Applied Cryptography: Protocols, Algorithms and
Source Code in C, cited at the end of the text.
Table of Contents
Introduction
RSA Encryption
A Quick Runthrough
Modular Arithmetic
The Extended Euclid's Algorithm
Fermat's Little Theorem
Euler's Totient Function
The Inner Workings
INTRODUCTION
The first Public Key Encryption algorithm was invented by
Whitfield Diffie and Martin Hellman at Stanford University. They
and independently Ralph Merkle invented the concept in 1976. The
advantage of PKE is that it avoids the problem of securely
transmitting secret keys.
PKE relies on the difficulty of factoring a very large
number. The public and private keys are functions of a pair of
large prime numbers, 100 to 300 digits. Recovering the plaintext
from the keys and the ciphertext is equivalent to factoring the
product of two primes,
n = p * q
or by repeated encryption, which will be explained later, but
mandates that the product (p - 1) * (q - 1) should have no small
factors.
Using a 512 bit value for n gives a number of 154 digits; a
1028 bit value for n gives a number of 308 digits. A 40 digit
number can today be factored in a matter of hours, but it takes a
tenfold increase in computing power to factor a number with each
increase of 10 digits. A 664 bit number of 200 digits takes
10^23 operations to factor (an operation is a complex iteration
of the factoring algorithm, not a simple microcomputer
operation). Assuming a super computer can perform a million
operations per second, and that a network of a million such
computers is assigned the task, it will take 3700 years to factor
the 200 digit number. If n is a 1024 bit number (like the
product of two primes of 512 bits each) that same array of
computers will take 10^10 years to factor the 308 digit number,
and the universe has not yet existed that long.
RSA ENCRYPTION
The RSA algorithm is named after its three inventors, Ron
Rivest, Adi Shamir, and Leonard Adleman, who first introduced the
algorithm in 1978. It is patented.
The Public Key, used to encrypt a message intended for its owner,
consists of two numbers, n and e.
n - the product of two primes, p and q
(p and q must remain secret)
e - a number chosen at random which is relatively prime
to (p-1) * (q-1)
The Secret Key, d, used to decrypt a cyphertext and restore
a message by its owner, is one number, and we will see why it is
in this form in the section on the inner workings.
(d * e) (mod (p-1) * (q-1)) = 1
or
d ≡ e^-1 (mod (p-1) * (q-1))
To encrypt a message m and create a cyphertext c
c = m^e (mod n)
To decrypt a cyphertext c and restore the message m
m = c^d (mod n)
A QUICK RUNTHROUGH
For those already familiar with number theory, This quick
runthrough will demonstrate the mathematics of the RSA algorithm
fro those already familiar with number theory and give others an
initial overview of the procedure. The complete mathematical
framework will be introduced from the ground up following this
quick runthrough.
To generate the public and private keys, choose two large
prime numbers, p and q. Compute the product:
n = p * q
Example: If p = 47 and q = 71
n = p * q = 3337
Then randomly choose the encryption key e, such that e and
(p-1) * (q-1) are relatively prime (have no factors in common).
Finally, use the extended Euclid's algorithm or Euler's totient
function to compute the decryption key d by the inverse modululo
function, such that
d ≡ e^-1 (mod (p - 1) * (q - 1))
and this equation is equivalent to
d * e = (p -1) * (q - 1) * k + 1
Example: If e is chosen to be 79
79 * d = 3220 * k + 1
d ≡ 79^-1 (mod (71 - 1) * (47 - 1))
d ≡ 79^-1 mod 3220 = 1019
Note that d and e are relatively prime. The two primes p
and q are no longer needed. They can be discarded, but should
never be revealed.
To encrypt a message m, first divide it into numerical
blocks such that each block is smaller than n and therefore has a
unique representation modulo n. Choose With binary data, choose
the largest power of 2 less than n. The encrypted message c will
be made up of similarly sized message blocks of about the same
length:
c = m^e mod n
Example: Let's say the message m is 6882326879666683. First
break it into blocks. n is 3337, a four digit number, so three
digit blocks will work nicely in this case. The first block is
encrypted as:
c = 688^79 mod 3337 = 1570
To decrypt a message, take each encrypted block c and compute:
m = c^d mod n
Example: Decrypting the first block requires performing the same
exponentiation using the decryption key of 1019.
m = 1570^1019 mod 3337 = 688
Of course, your calculator can't deal with a number whose
exponent is 1019, but we will see how the exponent can be
partitioned and dealt with in smaller bites.
MODULAR ARITHMETIC
If r equals the remainder of d divided by n, modular
arithmetic expresses this as
d mod n = r or d ≡ r mod n
The first equation is read, "d mod (or modulo) n equals r," and
the second is read, "d is congruent to r mod (or modulo) n."
Example: 1026 mod 7 = 4 or 1026 ≡ 4 mod 7
These equations are equivalent to
1026 / 7 = 146 + 4
If you depart by plane at 7:00pm and arrive at your
destination 9 hours later, what time does your watch say before
setting it to your new time zone?
(7 + 9) mod 12 = 4 Your watch says 4:00am.
Modular arithmetic can be added, subtracted, multiplied and
exponentiated, the equivalent of repeated multiplication. The
ability to manipulate the exponents helps when dealing with the
large exponents we encounter in PKE. There is an example in the
section on the inner workings.
(x + y) mod n = ((x mod n) + (y mod n)) mod n
(x - y) mod n = ((x mod n) - (y mod n)) mod n
(x * y) mod n = ((x mod n) * (y mod n)) mod n
x^3y mod n = ((x^y mod n) * (x^2y mod n)) mod n
One cannot divide congruences in all cases,
16 ≡ 6 mod 10 is not equal to 8 ≡ 3 mod 10.
Any pair of relatively prime integers (having no factors in
common) has the remarkable property that multiples of each can
always be found such that their difference is unity. Stated
another way, there always exists some multiple of an integer, n,
which leave a remainder of one when divided by another integer
prime to it, and the multiplier of n is always a smaller number
than the divisor of the product. For 15 and 11, there exists two
integers x and y, such that
(15 * x) - (11 * y) = 1 or 15 * x = 11 * y + 1
This property brings us to the inverse modulo function.
THE EXTENDED EUCLID'S ALGORITHM
The inverse modulo function is equivalent to finding a
number d, such that
(y * x) mod n = 1 or y * x ≡ 1 mod n
Example: (15 * d) mod 11 = 1 or 15 * d ≡ 1 mod 11
The inverse of a number is that number which multiplied by the
original number gives one as the product. The inverse