Presentation is loading. Please wait.

Presentation is loading. Please wait.

RSA Cryptosystem Great Theoretical Ideas In Computer Science S. Rudich V. Adamchik CS 15-251 Spring 2006 Lecture 8Feb. 09, 2006Carnegie Mellon University.

Published byGiles Sanders Modified over 8 years ago

Similar presentations

Presentation on theme: "RSA Cryptosystem Great Theoretical Ideas In Computer Science S. Rudich V. Adamchik CS 15-251 Spring 2006 Lecture 8Feb. 09, 2006Carnegie Mellon University."— Presentation transcript:

1

2 RSA Cryptosystem Great Theoretical Ideas In Computer Science S. Rudich V. Adamchik CS 15-251 Spring 2006 Lecture 8Feb. 09, 2006Carnegie Mellon University p-1 =p=p 1

3 Cryptography Cryptography is the mathematics of devising secure communication systems Cryptanalysis is the mathematics of breaking such systems.

4 RSA Cryptography Basically unbreakable method for encoding messages

5 RSA Cryptography Rivest Shamir Adelman (1978)

6 This is Alice

7 and this is Bob

8 This is Alice and this is Bob and this is Trudy

9 Plaintext Encryption Ciphertext Transmission Decryption Message

10 Plaintext Encryption Eavesdropping Ciphertext Impersonation Transmission Alteration Decryption Message

11 Pick secret, random primes: p,q “Publish”: n = p*q Pick random e  Z *  (n) “Publish”: e Compute d = inverse of e in Z *  (n) “ Private Key”: d

12 (n,e) is my public key. Use it to send a message to me. p,q random primes, e random  Z *  (n) n = p*q e*d = 1 [ mod  (n) ]

13 n,e p,q prime, e random  Z *  (n) n = p*q e*d = 1 [ mod  (n) ] mmm …

14 n,e p,q prime, e random  Z *  (n) n = p*q e*d = 1 [ mod  (n) ] m m e [mod n]

15 n,e p,q prime, e random  Z *  (n) n = p*q e*d = 1 mod  (n) m m e (mod n) (m e ) d = n m

16 RSA Example n = 187=11*17 e = 7 S M I L E Y 19 13 09 12 05 25

17 RSA Example n = 187=11*17 e = 7 S M I L E Y 19 13 09 12 05 25 19 7 =145 mod 187 13 7 =106 mod 187

18 RSA Example n = 187=11*17 e = 7 S M I L E Y m 19 13 09 12 05 25 m e mod n 145 106 70 177 146 185

19 RSA Example n = 187=11*17 e = 7 S M I L E Y m 19 13 09 12 05 25 m e mod n 145 106 70 177 146 185 m e*d mod n

20 RSA Example n = 187=11*17 e = 7 S M I L E Y m 19 13 09 12 05 25 m e mod n 145 106 70 177 146 185 m e*d mod n d = 23

21 RSA Example n = 187=11*17 e = 7 S M I L E Y m 19 13 09 12 05 25 m e mod n 145 106 70 177 146 185 m e*d mod n d = 23 145 23 =19 mod 187

22 RSA Cryptography Fast Exponentiation Extended Euclidean Algorithm Modular inverses FLT (Fermat’s Little Theorem) CRT (Chinese Remainder Theorem)

23 Fast Exponentiation How to compute 1911 2396 mod 4171 fast?

24 Fast Exponentiation A more lucid example 3 50 mod 7 50 = 110010 2 3 50 = ((((3 2 *3) 2 ) 2 ) 2 *3) 2

25 Fast Exponentiation A more lucid example 3 50 mod 7 ((((3 2 *3) 2 ) 2 ) 2 *3) 2 = ((((2 *3) 2 ) 2 ) 2 *3) 2 = (((36) 2 ) 2 *3) 2 = ((1) 2 *3) 2 = 3 2 =2 mod 7

26 Modular Inverses Definition The inverse of e mod n is d*e = 1 mod n

27 Modular Inverses Definition The inverse of e mod n is d*e = 1 mod n Question. What is the inverse of 3 mod 29?

28 Modular Inverses Definition The inverse of e mod n is d*e = 1 mod n Question. What is the inverse of 4 mod 8?

29 Modular Inverses Definition The inverse of e mod n is d*e = 1 mod n Theorem. e has an inverse mod n iff GCD(e,n)=1

30 Modular Inverses Theorem. e has an inverse mod n iff GCD(e,n)=1 Proof. By the EEA 1 = a*e + b*n

31 Extended Euclidean Algorithm The algorithm works the same as the regular Euclidean algorithm, except it keeps track of more details. It computes x and y such that GCD(a,b) = a*x + b*y

32 Extended Euclidean Algorithm Application. Recall the Die Hard movie. Willis and Jackson are supposed to disarm a bomb by measuring exactly 4 gallons of water using only 3 and 5-gallons containers. GCD(3,5) = 2*3 + (-1)*5

33 Extended Euclidean Algorithm a = b*q 1 + r 1 b = r 1 *q 2 + r 2 … r k-1 = r k *q k+1 +0

34 Exponential Inverses How to find d? m e*d = m (mod n)

35 Fermat Little Theorem If a does not divide p and p is prime a p-1 = 1 (mod p) a p = a (mod p)

36 Fermat Little Theorem a p-1 = 1 (mod p) Compute 9 100 mod 17

37 Fermat Little Theorem a p-1 = 1 (mod p) Compute 9 100 = 9 16*6+4 9 16 = 1 mod 17 9 100 = 9 4 = 16 mod 17

38 Exponential Inverses FLT: a p-1 = 1 (mod p) Exercise. m 3*d = m (mod 11)

39 Exponential Inverses FLT: a p-1 = 1 (mod p) Exercise. m 3*d = m (mod 11) Wrong d: 3*d = 1 (mod 11)

40 Exponential Inverses FLT: a p-1 = 1 (mod p) Exercise. m 3*d = m (mod 11) 3*d = 1 (mod 10) m 1 + 10*k = m (mod 11)

41 Exponential Inverses How to find d? m e*d = m (mod n) We found that d must be inverse of e mod (n-1) m 1 +k*(n-1) = m (mod n)

42 Exponential Inverses m e*d = m (mod n) We found that d must be inverse of e mod (n-1) d*e = 1 (mod n-1) This idea will make trivial to decrypt messages…

43 RSA uses n = p*q a product of two primes

44 Exponential Inverses Theorem. e, p and q are primes and GCD(e, (p-1)(q-1)) = 1 Then exponential inverse of e is the inverse of e mod (p-1)(q-1) d*e = 1 mod (p-1)(q-1)

45 Exponential Inverses Theorem. d*e = 1 mod (p-1)(q-1) Example. Let n = 5*7. Find d. m d*5 = m (mod n)

46 Exponential Inverses Theorem. d*e = 1 mod (p-1)(q-1) Example. Let n = 5*13. Find d. m d*5 = m (mod n) d*5 = 1 mod (4*12) d = 29 m 145 = m (mod 65)

47 Exponential Inverses Theorem. d*e = 1 mod (p-1)(q-1) Example. m 145 = m (mod 65) Modulo 5: m 145 = m 4*36+1 =m (mod 5) Modulo 13: m 145 = m 12*12+1 =m (mod 13)

48 Exponential Inverses Theorem. d*e = 1 mod (p-1)(q-1) Proof. m d*e = m 1 + k(p-1)(q-1) (mod n) The system of congruences: m d*e = m (mod p) m d*e = m (mod q)

49 Chinese Remainder Theorem Theorem. GCD(p, q) = 1 x = a (mod p) x = b (mod q) The system has a unique solution mod (p*q)

50 n,e p,q prime, e random  Z *  (n) n = p*q e*d = 1 [ mod  (n) ] m m e [mod n] (m e ) d = n m

51 1. select two large primes p, q 2. compute n=p*q and  (n) 3. choose odd e relatively prime to  (n) 4. use EEA to find d from e*d=1 mod  (n)

52 1. Sending message m e = c (mod n) 2. Reading message c d = m (mod n)

53 RSA example 1.p = 61, q = 53 2.n = 3233,  (n) = 60*52 = 3120 3.e = 37 (there are many to choose from) 4.EEA: 1 = (-3)*3120+253*37 d = 253 Public key (3233, 37) Private key 253

54 RSA example Public key (3233, 37) Private key 253 Send: c = m 37 mod 3233 Read: m = c 253 mod 3233

55 Authentication How Alice can be sure that that the message came from Bob?

56 Authentication How Alice can be sure that that the message came from Bob? Bob can encode his signature using d S d (mod n) Alice will read the signature using e S d*e =S (mod n)

57 Cracking RSA In 1977 Rivest, Shamir and Adleman published 129 key number (452 bits) and promised $100 to the first person who factor it

58 Cracking RSA Team from Bellcore and MIT solved (in 1993-1994) this by using 1600 computers (over the internet) within 8 months. THE MAGIC WORDS ARE SQUEAMISH OSSIFRAGE

59 Cracking RSA The current record: RSA-674: Nov., 2005

60 Study Bee Fast Exponentiation EEA Modular inverses FLT CRT

Download ppt "RSA Cryptosystem Great Theoretical Ideas In Computer Science S. Rudich V. Adamchik CS 15-251 Spring 2006 Lecture 8Feb. 09, 2006Carnegie Mellon University."

Similar presentations

RSA COSC 201 ST. MARY’S COLLEGE OF MARYLAND FALL 2012 RSA.

RSA COSC 201 ST. MARY’S COLLEGE OF MARYLAND FALL 2012 RSA.
Asymmetric-Key Cryptography

Asymmetric-Key Cryptography
CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.
22C:19 Discrete Structures Integers and Modular Arithmetic

22C:19 Discrete Structures Integers and Modular Arithmetic
Public Key Encryption Algorithm

Public Key Encryption Algorithm
22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.

22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.
7. Asymmetric encryption-

7. Asymmetric encryption-
15-251 Great Theoretical Ideas in Computer Science.

Great Theoretical Ideas in Computer Science.
95-712 OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.

OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Attacks on Digital Signature Algorithm: RSA

Attacks on Digital Signature Algorithm: RSA
RSA ( Rivest, Shamir, Adleman) Public Key Cryptosystem

RSA ( Rivest, Shamir, Adleman) Public Key Cryptosystem
Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.

Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Cryptography Lecture 11: Oct 12. Cryptography AliceBob Cryptography is the study of methods for sending and receiving secret messages. adversary Goal:

Cryptography Lecture 11: Oct 12. Cryptography AliceBob Cryptography is the study of methods for sending and receiving secret messages. adversary Goal:
Public Key Cryptography

Public Key Cryptography
Public Encryption: RSA

Public Encryption: RSA
CSE 321 Discrete Structures Winter 2008 Lecture 8 Number Theory: Modular Arithmetic.

CSE 321 Discrete Structures Winter 2008 Lecture 8 Number Theory: Modular Arithmetic.
RSA Encryption William Lu. RSA Background  Basic technique first discovered in 1973 by Clifford Cocks of CESG (part of British GCHQ)  Invented in 1977.

RSA Encryption William Lu. RSA Background  Basic technique first discovered in 1973 by Clifford Cocks of CESG (part of British GCHQ)  Invented in 1977.
Public Key Algorithms 4/17/2017 M. Chatterjee.

Public Key Algorithms 4/17/2017 M. Chatterjee.
“RSA”. RSA  by Rivest, Shamir & Adleman of MIT in 1977  best known & widely used public-key scheme  RSA is a block cipher, plain & cipher text are.

“RSA”. RSA  by Rivest, Shamir & Adleman of MIT in 1977  best known & widely used public-key scheme  RSA is a block cipher, plain & cipher text are.
Codes, Ciphers, and Cryptography-RSA Encryption

Codes, Ciphers, and Cryptography-RSA Encryption

Similar presentations

Ads by Google