Beruflich Dokumente
Kultur Dokumente
RSA
RSA 1 / 15
Public Key Cryptography
Usually in PKC there are two keys, one is public (encryption key,
known to all) and other is private key (descryption key, known only to
the receiver).
The private key forms the trapdoor.
RSA 2 / 15
Structure of Public key Cryptosystem
RSA 3 / 15
Applications of PKC:
RSA 4 / 15
Common Cryptanalysis of PKC schemes:
RSA 5 / 15
RSA Cryptosystem Designed by Rivest, Shamir, Adleman at MIT in 1977
Bob will generate two primes, say p and q and compute n = pq.
Bob choose e, such that gcd(e, (n)) = gcd(e, (p 1)(q 1)) = 1.
Then Bob computes d such that de 1 mod((n)) (this is possible, why?)
Bob make (e, n) public. This is his public key. His private key is (d, n)
RSA 6 / 15
RSA Cryptosystem Designed by Rivest, Shamir, Adleman at MIT in 1977
Bob will generate two primes, say p and q and compute n = pq.
Bob choose e, such that gcd(e, (n)) = gcd(e, (p 1)(q 1)) = 1.
Then Bob computes d such that de 1 mod((n)) (this is possible, why?)
Bob make (e, n) public. This is his public key. His private key is (d, n)
Suppose Alice want to send the message m to Bob. She will compute
c = me mod(n) and send it to Bob.
RSA 6 / 15
Correctness of RSA
RSA 7 / 15
Example
Let Bob selects p = 17 and q = 11, then n = 17.11 = 187.
He computes (187) = (17 1)(11 1) = 160
and select e = 7 such that gcd(7, 160) = 1.
Then he computes d = 23, such that de 1 mod(160) (how you can do so?)
Then he publish (7, 187) as his public key
and kept (23, 187) as his private key.
Suppose Alice want to send her the message 88(< 187), she will compute
887 mod(187) = 11 and send it to Bob.
RSA 8 / 15
Example
Let Bob selects p = 17 and q = 11, then n = 17.11 = 187.
He computes (187) = (17 1)(11 1) = 160
and select e = 7 such that gcd(7, 160) = 1.
Then he computes d = 23, such that de 1 mod(160) (how you can do so?)
Then he publish (7, 187) as his public key
and kept (23, 187) as his private key.
Suppose Alice want to send her the message 88(< 187), she will compute
887 mod(187) = 11 and send it to Bob.
RSA 8 / 15
Bob on receiving 11, compute 1123 mod(187) = 88 to retrieve the original
message.
RSA 9 / 15
Bob on receiving 11, compute 1123 mod(187) = 88 to retrieve the original
message.
RSA 9 / 15
RSA 10 / 15
Breaking plaintext into blocks
RSA 11 / 15
Example
RSA 12 / 15
Security of RSA
Knowing the public key (e, n), at attacker can try the following:
1 Find descryption key d.
2 Find (n).
3 Find the prime factors p and q.
4 But this can be shown that all three approaches are equivalent, i.e.
Find d Finding (n)
Finding (n) Finding facotrs p and q.
But there is no easy way to find out prime factorization.
RSA 13 / 15
Show that E(m1 , e).E(m2 , e) = E(m1 .m2 , e)
E(m1 .m2 , e) = (m1 m2 )e mod(n) = m1 e mod(n)m2 e mod(n) =
E(m1 , e).E(m2 , e)
RSA 14 / 15
Chosen CipherText Attack on RSA
Under CCA, adversary can get the plaintext corresping to any ciphertext,
except the ciphertext, that he want to decrypt.
Suppose an Adversary is intrested in decryption the ciphertext C ,
corresponding to the message M.
So he is allowed to get plaintext of any ciphertext, except C .
He will query with the ciphertext X = C .2e = M e .2e = (M.2)e . And get
the corresponding plaintext say Y = X d mod(n).
But we already know Y = M.2, get M from Y .
RSA 15 / 15