James C. Bradas, Ph.D. Engineering & Analysis Operation 18 June 2009 Public Key Encryption
A Bit of History In mid 1970s, the primary means of encrypting data was via “single-key encryption”. This uses a single mathematical formula or key to encrypt data or messages and requires the sender and receiver to have the key. If you want to share information with multiple users, all have to have the key. The more users, the less secure the key becomes. Whitfield Diffie & Martin Hellman at Stanford University proposed a solution in Asymmetric “Public Key Encryption”. This system was perfected by three MIT students in 1977 – Ronald Rivest, Adi Shamir & Leonard Adleman. Their system has come to be known as RSA Public-Key Cryptography and is now the standard method of data encryption used today. An interesting article on the history of RSA encryption is contained at the website: Inc-Company-History.html RSA Encryption makes use of the properties of Prime Numbers to develop a unique and “break-proof” key for each sender.
ALL Integers Can Be Built From Prime Numbers Prime Numbers are the “Elementary Particles” of Mathematics What Are Prime Numbers? Prime Numbers are numbers divisible only by themselves and 1
The Fundamental Theorem of Arithmetic ANY integer greater than 1 can be written as a UNIQUE product of prime numbers Integer Factorization of 864 A semi-prime number is the product of two (not necessarily distinct) prime numbers (not raised to a power greater than 1) As of September 2008, the largest known semi-prime is: (has over 25 million digits) This number is the square of the largest prime number discovered so far
White Light Spectrometer Colors of the Spectrum Semi-Prime Number Prime Number 1 Prime Number 2 There is no “Integer Factorization Spectrometer” Cryptography, and in particular, RSA Public Key Encryption, makes use of the fact that it is EXTREMELY EASY to multiply two numbers together and EXTREMELY DIFFICULT to factor a semi-prime number into the product of prime numbers. Factoring Semi-Prime Numbers is particularly challenging because there are only TWO unique factors
RSA Uses Prime Numbers RSA Encryption Scheme I choose 2 extremely large prime numbers, p & q*. This number, combined with modular arithmetic and the RSA scheme, provides secure data encryption. If I use 128-bit encryption, then I choose a prime number between 2 & How many prime numbers are there in that range? Gauss’ formula for estimating the number of prime numbers in 2 - N integers How Large Are These Two Prime Numbers? * In reality, much goes into the selection of the prime numbers to be used. They should not be too close together (p-q should not be less than 2n ). If p-1 or q-1 have only small prime factors, n can be factored quickly by Pollard’s p-1 algorithm. There is some art to this. 1/4
RSA Uses Prime Numbers RSA Encryption Scheme I choose 2 extremely large prime numbers, p & q. This number, combined with modular arithmetic and the RSA scheme, provides secure data encryption. If I use 128-bit encryption, then I choose a prime number between 1 & How many prime numbers are there in that range? How Large Are These Two Prime Numbers?
In order to determine p & q, I might use trial & error. In other words, pick a prime number p & divide it into n to see if I get the other prime number q. To get an idea of the size of the problem, suppose I use trial & error. Divide n by each prime number between 2 and Approximate number of prime numbers using 128 bits If my computer operates at Teraflop speed, I can do divisions per second There are primes to try. Number of primes to try Number of tries per second = Size of the Problem Since the universe is only seconds old, it will take a while!
What About Some Sort of a Lookup Table? With 128-bit numbers, there are ~ prime numbers. If I take 2 at a time, there are possible combinations. The number of elementary particles in the visible universe is around. There isn’t enough memory capacity to store all of the prime numbers between 1 and, much less the number of possible combinations available. Because of the number of primes, “table lookup” cannot be done. The encryption algorithm must generate prime numbers “on the fly”. List of semi-prime integers X 1 st Prime2 nd Prime
So What About Faster Computers? Top500 – 2x per year – the 500 fastest known computer systems The Top Three (As of June 2009) TFLOPs ( PFLOPs ) 1059 TFLOPs 825 TFLOPs ( ) IBM Roadrunner LANL Cray XTS DOEs ORNL IBM FZJ in Germany Even with Zettaflop performance, time is still seconds or about 1 billion years. Today # Floating Point Operations Per Second Abbreviation 2007 ~2008
So What About Faster Computers? Top500 – 2x per year – the 500 fastest known computer systems The Top Three (As of June 2009) TFLOPs ( PFLOPs ) 1059 TFLOPs 825 TFLOPs ( ) IBM Roadrunner LANL Cray XTS DOEs ORNL IBM FZJ in Germany by 2019? Even with Zettaflop performance, time is still seconds or about 1 billion years. (That’s a Lotta FLOPS!) Today # Floating Point Operations Per Second Abbreviation by 2030?
Of course, no one actually tries every prime number by brute force. There are algorithms that make it possible to make a reasonable “guess” based on the value of the number to be factored. However, given the sheer number of prime numbers, the task of finding the correct two prime numbers is still quite formidable. A number of semi-prime numbers published by RSA in 1991 (54) have been successfully factored (12) by networked computers. However, it took months to factor just one semi-prime number. There is still no computer system/algorithm that can factor semi-prime numbers quickly (days – hours – minutes) which would put RSA encryption at risk.
So Now That We’ve Convinced Ourselves About the Viability of Prime Numbers, Let’s Look At How RSA Works
First, we need some basic modular arithmetic Two numbers a & b are congruent modulo n if their difference ( a – b ) is an integer multiple of n (the integer can be positive or negative). We can write this as: So, for example: Other Examples “a” divided by “n” is equal to some integer x “n” + “b”. “b” is the remainder or
Note: the sign is NOT the same thing as an “=“ sign. In our example, replace “25” by “x”. What values of x make the statement true? So, the following are all true:
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n insert expression for x
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n k is an integer
To solve for x given the expression This means, divide y by n and find the remainder. x is the remainder. Example: I want to solve for x given: Bottom Line…. Proposed solution:
Alice Bob Public Key Private Key Meet Alice & Bob Alice & Bob want to send secure messages to one another without fear of their messages being read by a third party Using RSA PKE, each person creates a “Public Key” and a “Private Key” Their Public Key is sent to any party that wishes to send them a message Their Private Key is kept to themselves
Alice Private Key Public Key RSA Public Key Encryption Scheme Alice Creates Her Public & Private Key 1. Select two large prime numbers, p & q 2. Compute their product – the “modulus” n: 3. Compute Euler’s “totient” 4. Choose e, 1 < e < such that the greatest common divisor (gcd) ( e, = 1 e is the “public key exponent” ( Common choices are e = 3, 17 & ) 5. Compute d such that ( n, e ) Public Key ( n, d ) Private Key d is the “private key exponent”
Alice ( n, e ) Public Key ( n, d ) Private Key So Where’s the Secret? Because Alice doesn’t publish the values of p & q – an eavesdropper can’t determine and thus can’t determine the correct value of d which is needed for message decryption The public knows this The public DOESN’T know this
Alice Bob Bob wishes to send a message to Alice ( n, e ) Public Key ( n, d ) Private Key “M”
Alice Bob Alice sends her public key to Bob and keeps her private key secret Bob wishes to send a message to Alice ( n, e ) Public Key ( n, d ) Private Key “M”
Alice Bob Alice sends her public key to Bob and keeps her private key secret Bob wishes to send a message to Alice ( n, e ) Public Key ( n, d ) Private Key ( n, e ) Public Key “M”
Alice Bob Alice sends her public key to Bob and keeps her private key secret Bob wishes to send a message to Alice Bob first turns his message M into an integer m (or series of integers) where 0 < m < n by using an agreed-upon reversible protocol known as a padding scheme. He then computes the cipher text c (for each integer in his message) via the following: ( n, e ) Public Key ( n, d ) Private Key ( n, e ) Public Key “M”
Alice Bob Alice sends her public key to Bob and keeps her private key secret Bob wishes to send a message to Alice Bob first turns his message M into an integer m (or series of integers) where 0 < m < n by using an agreed-upon reversible protocol known as a padding scheme. He then computes the cipher text c (for each character in his message) via the following: Bob sends each “c” in the now-encrypted message to Alice. ( n, e ) Public Key ( n, d ) Private Key ( n, e ) Public Key “M”
Alice Bob Alice Receives Bob’s Encrypted Message ( n, e ) Public Key ( n, d ) Private Key “c”?
Alice Bob Alice uses her Private Key and reverse padding scheme to decrypt Bob’s message Alice Receives Bob’s Encrypted Message ( n, e ) Public Key ( n, d ) Private Key “c”?
Alice Bob Alice uses her Private Key and reverse padding scheme to decrypt Bob’s message Alice Receives Bob’s Encrypted Message ( n, e ) Public Key ( n, d ) Private Key “c”?
Alice Bob Alice uses her Private Key and reverse padding scheme to decrypt Bob’s message Alice Receives Bob’s Encrypted Message ( n, e ) Public Key ( n, d ) Private Key Reverse Padding Scheme m “c”?
Alice Bob Alice uses her Private Key and reverse padding scheme to decrypt Bob’s message Alice Receives Bob’s Encrypted Message ( n, e ) Public Key ( n, d ) Private Key Reverse Padding Scheme m M Alice Recovers Bob’s Original Message “M” “M”
Reverse Padding Scheme Alice Bob Sending Information from “B” to “A” – “Bob” and “Alice” Via RSA Public Key Encryption Encrypted Message Bob’s Message M m M Alice’s Public Key M M Bob’s Message is Recovered Private Key Public Key In Summary ( n, d ) Alice’s Private Key