1. Presented by Katherine Heller COSC 4765 University of Wyoming April 26, 2011 Image source: PC Dynamics, Inc.

2.  Introduced 1970’s  Whitfield Diffie and Martin Hellman  Known as Public Key Encryption (PKE)  Eliminated need for shared private keys

3.  Rivest, Shamir and Adleman  First asymmetric encryption algorithm  Encryption and authentication  Used with DES, SSL, CDPD and PGP  Most widely used asymmetric cipher

4. A function (F) + A plaintext message (m) + An encryption key (k) = Ciphertext (c)

5.  Two keys: one public (k p ) one private (k s )  F(m, k p ) = c and F -1 (c, k s ) = m  F -1 (F(m, k p ), k s ) = m

6.  Select two large prime numbers: p and q.  Find the product, n, of p and q: n = pq.  Choose a number, e, which is less than n and relatively prime to (p-1)(q-1).  Find a number d, such that (ed - 1) is evenly divisible by (p-1)(q-1).  e is the public exponent, d is the private exponent.  Public key: (n, e)  Private key: (n, d)

7. Using real numbers: p = 5077 and q = 4999 n = pq = 25379923 e = 5 ( p – 1 ) = ( 5077 – 1 ) = 5076 ( q – 1 ) = ( 4999 – 1 ) = 4998 5076 * 4998 = 25369848 d = 15221909 ( 5 (15221909) – 1 ) / 25369848 = 3

8. What are the keys? n = 25379923, e = 5 and d = 15221909 Public Key is the pair (n, e) or (25379923, 5) Used to encrypt Private Key is the pair (n, d) or (25379923, 15221909) Used to decrypt

9.  Creating the ciphertext c = m e mod n  Decrypting the message m = c d mod n Remember, n is really, really huge!

10.  Larger modulus (n) increases security  Large keys  Commonly 1024, 2048 and 4096 bits  Keys ≥ 2048 bits for extremely valuable data  Difficult to compare to other methods  Security comes from how the keys are generated, as well as key length

11.  Produces ciphertext without patterns  Very random  Hard to exploit  Larger modulus = greater security

12.  Modular exponentiation slows it down  Longer key = slower operations ◦ 2 x modulus ⇒ time for public key ops x 4 time for private key ops x 8 time for key generation x 16 ◦ Public key ops take O(k 2 ) steps ◦ Private key ops take O(k 4 ) steps (where k = number of bits in modulus n)  DES 1000 times faster

13.  The de facto standard for cryptography  Combines authentication with encryption  Allows world-wide use of one system regardless of software or platforms

15.  LARGE PRIME NUMBERS  100 digits long, or longer (each!)  Factoring very difficult  Security in the mathematical difficulty  Resistant to key search attacks

16.  RSA can still be broken, with the key  Discovering a private key corresponding to its paired public key  “Guessed Plaintext Attack” ◦ Guess the message ◦ Run the encryption to see if it matches ciphertext  Even so – RSA isn’t going anywhere

17. RSA Algorithm Demo by Richard Holowczak: http://cisnet.baruch.cuny.edu/holowczak/ classes/9444/rsademo/#overview RSA.com FAQ document: http://www.rsa.com/rsalabs/node.asp?id =2152#

18.  Coated.com. (2010). GSM Security Encryption Code Hacked. Retrieved April 23, 2011, from Coated.com: http://www.coated.com/gsm-security-encryption-code- hacked-93620004/  Daswani, N., Kern, C., & Kesavan, A. (2007). Foundations of Security: What Every Programmer Needs to Know. Berkeley: Apress.  PC Dynamics, Inc. (2011). File Encryption. Retrieved April 23, 2011, from SafeHouseSoftware.com: http://www.safehousesoftware.com/FileEncryption.aspx  Richard Holowczak, P. (2002, September 12). RSA Demo Applet. Retrieved April 16, 2011, from cisnet.baruch.cuny.edu: http://cisnet.baruch.cuny.edu/holowczak/classes/9444/rsademo/#overview  RSA Laboratories. (2000). RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Version 4.1. Retrieved April 16, 2011, from RSA Laboratories: http://www.rsa.com/rsalabs/node.asp?id=2152#  Welschenbach, M. (2005). Cryptography in C and C++. New York: Apress.

19. Questions? Image source: Coated.com