UNIVERSITY OF BIELSKO- UNIVERSITY OF BIELSKO-
BIALA BIALA
AKADEMIA TECHNICZNO- HUMANISTYCZNA
Faculty of Mechanical Engineering
and Computer Science
Safety in Information Safety in Information
Technology Technology
((Prof. dr hab. inż. Mikołaj Karpiński)Prof. dr hab. inż. Mikołaj Karpiński)
Editor: Georg Schön, 10.11.2011
Asymmetric Cryptography –
RSA (Rivest, Shamir, Adleman)
Subject:
Safety Safety
inin
ITIT
Why asymmetric Why asymmetric
cryptography?
cryptography?
Problems with symmetric cryptography: Problems with symmetric cryptography:
(Managment and distribution of keys) (Managment and distribution of keys)
– Sender and recipient need to exchange secret key. Sender and recipient need to exchange secret key.
– n participants require n participants require n n ( ( n − n − 1) 1) / / 2 keys 2 keys
(6* 10^8 user in 2002 means approx. 1,8*10^17 keys) (6* 10^8 user in 2002 means approx. 1,8*10^17 keys) – Central distributor indicates high effort and is insecure Central distributor indicates high effort and is insecure
with resprect to trustworthyness (knows everything) with resprect to trustworthyness (knows everything)
Public-key procedure!! ( only decription key or private key needs to be secure) >> to find the private key out of the public key is impossible (state of the art – but quantum computers?).
Safety Safety
inin
ITIT
Asymmetric Asymmetric
communication communication
Alice Bob
!Public keys are accessible for everyone!
Message transfer E
Decripts with his private key
U U
E
Encrypts with Bob´s public key
Safety Safety
inin
ITIT
Public key index Public key index
Alice Bob
Name Public key
Bob 13121311235912753192375134123 Paul 84228349645098236102631135768 Alice 54628291982624638121025032510
No secure keys for the exchange necessary!
But: How to make sure the public key is not replaced by a third person?
>> (Public key indexes use digital signatures!)
Safety Safety
inin
ITIT
RSA cipher RSA cipher
Invented by Ron Invented by Ron R R ivest, Adi ivest, Adi S S hamir hamir and Len
and Len A A dleman dleman
– Ist security makes use of the difficulty to Ist security makes use of the difficulty to decompound large numbers in prime
decompound large numbers in prime factors!
factors!
A prime number (or a prime) is a natural A prime number (or a prime) is a natural number greater than 1 that has no positive number greater than 1 that has no positive divisors other than 1 and itself.
divisors other than 1 and itself.
(2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37…) (
Safety Safety
inin
ITIT
Prime multiplication Prime multiplication
1230186684530117755130494958384962720772853569595334792197 3224521517264005072636575187452021997864693899564749427740 6384592519255732630345373154826850791702612214291346167042 9214311602221240479274737794080665351419597459856902143413
Decimal length: 232 Bit length: 768
Current PCs can quickly factor numbers with about “80 digits”.
Therefore, practical RSA implementations must use moduli with at least “300 digits”
to achieve sufficient security!
Safety Safety
inin
ITIT
Mathematic background Mathematic background
1. The modulo operator 1. The modulo operator
2. Euler´s totient function 2. Euler´s totient function
3. Euler-Fermat theorem 3. Euler-Fermat theorem
5 mod
3 18
Divisor
Rest
Safety Safety
inin
ITIT
Euler’s totient function φ of an integer returns how many positive integers φ a are coprime and smaller than N.
Euler´s totient function Euler´s totient function
Phi of N is the quantity of positive integers a where:
Phi of N is the quantity of positive integers a where:
Safety Safety
inin
ITIT
Euler-Fermat theorem Euler-Fermat theorem
Is a cyclic function (results repeat themselves) Is a cyclic function (results repeat themselves)
Example: N = 10 Example: N = 10
a = 3
a = 3 >>>>>>>>>>
a = 7
a = 7 >>>>>>>>>>
No further explanation.
No further explanation.
Safety Safety
inin
ITIT
Key generation Key generation
1. Choose two primes and with 2. Calculate their product:
3. Calculate the value of Euler’s totient function of
>>>>> 3 and 7
>>>>> 21 = 3*7
>>>>> 12 = (3-1)*(7-1)
Determine D and E: D*E 1 mod 12
(eg. Compound number 1, 13, 25, 37, 49, 61, 73, 85, ...) 85 = 5 * 17 (D=5, E=17)
(N,E – private key; N,D – public key) For defining D, E also see:
extended Euclidean algorithm!
Safety Safety
inin
ITIT
Encryption/Decryption Encryption/Decryption
The message that is to be send, shall be 9 The message that is to be send, shall be 9
The user with key The user with key E E (as encrypt) reckons: (as encrypt) reckons:
9 9
EE=9 =9
55=59049 18 mod 21 =59049 18 mod 21
Sender transmits encrypted message (18) to the Sender transmits encrypted message (18) to the receiver, who uses his private key
receiver, who uses his private key D D to decrypt the to decrypt the message and reckons:
message and reckons:
18 18
DD=18 =18
1717=2185911559738696531968 9 mod 21 =2185911559738696531968 9 mod 21 (origin message)
(origin message)
Safety in Information Safety in Information
Technology Technology
((Prof. dr hab. inż. Mikołaj Karpiński)Prof. dr hab. inż. Mikołaj Karpiński)