Discrete Mathematics 2003

Lecture 38, 23-October-2003

Introduction
Last lecture we looked at public key encryption In public key encryption there are 2 types of keys a private key & a public key The private key is kept by the receiver The public key is announced by the receiver to anyone who wants it (e.g. the sender of the message or anyone else!) Thus there are no security issues associated with the distribution of keys When A wants to send a message to B, A encrypts the message using Bs public key B decrypts the message using their private key
1

The RSA Algorithm

1. 2. 3. 4. 5. The most common public key encryption method in use today is the RSA algorithm In RSA, keys are generated as follows: A key centre (which generates & distributes keys) chooses 2 distinct large prime nos p & q, and multiplies them: n = pq The number m = (p 1)(q 1) is then calculated A natural number x (between 1 and m) is chosen so that x & m are coprime Then the centre computes an integer y so that xy = 1 mod m The participant gets the nos x & n as their public key, & y & n as their private key 2

Sending a Message with RSA

Once a participant has their public & private keys, they receive a message as follows: 1. The sender converts the message to bits, breaks it into substrings of the same length, then each substring (which is an integer a that must be < n) is encrypted using C = ax mod n. C is the ciphertext note the formula uses the receivers public key, which is freely available. 2. The receiver then deciphers C back to a plaintext character P by P = C y mod n. This formula requires knowledge of the private key, which is known only to the receiver. 3

Discrete Mathematics 2003

Lecture 38, 23-October-2003

Example of Sending a Message with RSA

Last lecture we showed that a valid pair of keys for RSA is x = 3 & n = 33 (public key), and y = 7 & n = 33 (private key) Note that the numbers used in this example are much smaller than they would be if we were encrypting information in a practical situation Example: Use the above keys to encrypt the message g (i.e. 7), & show the correct message is recovered after decryption
4

Why does the RSA Method Work?

The theoretical basis that ensures the RSA method always works comes from an area of mathematics known as number theory (which is the study of properties of integers) Note that the process we described for generating keys has to be followed closely For example, we stated that it was necessary to start with 2 distinct prime nos p & q, & multiply them to obtain the number n that appears in both the public and private keys: n = pq 5

RSA with non-Prime Starting Nos

What happens if p & q are not both prime? Suppose we generate keys with p = 3 & q = 8 (note that q is not prime) Then x = 3 & n = 24 (public), and y = 5 & n = 24 (private) are suitable keys If the message is the number 3, it is recovered by the receiver as the number 3 (as wed expect) However, the message 2 is recovered as 8 Similarly, the message 6 is recovered as 0 So the RSA method doesnt necessarily work with non-prime values of p & q 6

Discrete Mathematics 2003

Lecture 38, 23-October-2003

Message Security with RSA

A message sent using RSA can be deciphered by an intruder if they are able to determine (e.g. guess) the number y in the private key In the earlier example, y was 7, and this would be guessed easily with a trial-and-error approach In practice, though, very large nos are used for x & y (at least tens of digits), so a trial-and-error approach to finding y would take months or years, even with the fastest available computers So an intruder is very unlikely to guess y
7

Message Security with RSA (cont)

The other way to break the cipher (other than by stealing y) is to find the original prime nos p & q on which the public & private keys were based Since n = pq, and the value of n is publically available (in the public key), the cipher will be broken if we can factor n into constituent primes While this may sound fairly easy, it is actually very difficult to find factors of large nos (and it is suggested n has at least 200-300 decimal digits) To illustrate this difficulty, the RSA Security Co. offers prizes of $10,000 to $200,000 (US) for factoring certain nos, of length 174 to 617 digits 8

Become Rich by Factoring Numbers

For example, you can earn $10,000 by factoring 188198812920607963838697239461650439807 163563379417382700763356422988859715234 665485319060606504743045317388011303396 716199692321205734031879550656996221305 168759307650257059 (which has 174 digits) The company offers these prizes to encourage research into computational number theory and the practical difficulty of factoring large integers Given the magnitude of the prizes, it is clearly no easy task to factor large numbers, even with the latest computers 9

Discrete Mathematics 2003

Lecture 38, 23-October-2003

Public Key Encryption Advantages

The major advantage of public key encryption over secret key encryption is the number of keys An individual can communicate securely with any number of other people with just 2 keys So, for 1 million people to communicate securely, just 2 million keys are needed This contrasts with secret key encryption, which needed half-a-trillion keys (250,000 times more) As well, unlike secret key encryption, there isnt the need to find a secure way to distribute keys, since only the public key needs to be distributed and this can be known to anyone 10

Public Key Encryption Disadvantages

The disadvantage of the public key method is the time taken to implement the algorithm (i.e. to encrypt and decrypt messages) This is because of the very large numbers needed in the public and private keys So public key encryption is not recommended for large amounts of text Next lecture well look at an approach that combines the advantages of secret key & public key encryption in a single method 11