1. RSA Public-Key Cryptosystem
- The development of public key cryptosystems is the greatest and perhaps the only
true revolution in the entire history of cryptography.
- Symmetric encryption encrypts and decrypts with the same key
- Public key cryptosystems is asymmetric which use two keys one for encryption and
the other for decryption.
- Public key cryptosystems depend on mathematical functions and number theory
rather than substitution.
- Public key cryptosystems have five ingredients.
1. Plaintext is the readable message or text before encryption.
2. Encryption algorithm performs various transformations on the plaintext.
3. Public and private keys one for encryption and one for decryption the
algorithm depends on these keys for transforming text.
4. Ciphertext the encrypted message (the text after encryption).
5. Decryption algorithm retrieves the original message from the ciphertext.
- Public key cryptosystems applications.
1. Encryption/Decryption.
2. Digital Signature the sender signs a message with its private key.
Signing is achieved by a cryptographic algorithm applied to the message or to
a small block of data that is a function of the message.
3. Key exchange.
Two sides cooperate to exchange a session key.
- Prime number is the number that accepts division by itself or one only.
ex., 1, 2, 3, 5, 7, 11…………
- Composite number.
Is the number that accepts division by at least a number that is not one or itself.
Ex. 4 accept division by 2, 9 accept division by 3, 12 accept division by 2,3,4,6
And so on.
Relatively prime
Two numbers x1, x2 are relatively prime if and only if gcd(x1, x2) = 1.
Ex. 12, 25 are relatively prime since gcd (12, 25) = 1.
12, 15 are not relatively prime since gcd (12, 15) = 3.
Prime number factorization
Any composite number consists of a unique factorization of prime numbers.
a = (p1 ^ e1) * (p2 ^ e2) * ……. * (pr ^ er)
Where a is a composite number and p1, p2… are prime number where p1<p2<...<pr
Ex.
4 = 1 * 2^2. ^ stands for power
6 =1*2*3
8 = 1 * 2^3
10 = 1 * 2 * 5
12 = 1 * 2 ^2 * 3
26 = 1 * 2 * 13
60 = 1 * 2^2 * 3 * 5 and so on
2. Modular Arithmetic
we use modular arithmetic to reduce calculating modular powers
# (a + b) % m = [ (a % m) + (b % m) ] % m
# (a * b) % m = [ (a % m) * (b % m) ] % m
Let we formalize the previous notes.
(a + b) % m = [a]m +m [b]m
(a * b) % m = [a]m *m [b]m
Examples
(7 + 6 ) % 4 = 13 % 4 = 1
(7 + 6 ) % 4 = [ (7 % 4) + (6 % 4) ] % 4 = [ 3 + 2 ] % 4 = [ 5 ] % 4 = 1
(7 * 6 ) % 4 = 42 % 4 = 2
(7 * 6 ) % 4 = [ (7 % 4) * (6 % 4) ] % 4 = [ 3 * 2 ] % 4 = [ 6 ] % 4 = 2
(3 ^ 8) % 7 = [ { (3 ^ 2) % 7 } * { (3 ^ 2) % 7 } * { (3 ^ 4) % 7 } ] % 7
(3 ^ 8) % 7 = [ 2 * 2 * 4 ] % 7 = [ 16 ] % 7 = 2
(11 ^ 23) % 187 = [(11^1) % 187 * (11^2) % 187 * (11^4) % 187 * (11^8) % 187 *
(11^8) % 187] % 187
(11 ^ 23) % 187 = [11 * 121 * 55 * 33 * 33] % 187 = 79720245 % 187 = 88
Note that (((M ^ e) % n) ^ d) % n = (M ^ ed) % n
Example
[((5 ^ 2) % 7) ^ 3] % 7 = (5 ^ (2*3)) % 7
(4 ^ 3) % 7 = (5 ^ 6) % 7
64 % 7 = (15625) % 7 ---- 7 * 2232 = 15624
1 = 1
Modulo Inverse
The identity of additive modulo is [0]m
The additive inverse of [m]n is [n – m]m
Ex.
The additive inverse of [1]5 is [5 – 1]5 = [4]5
[1]5 + [4]5 = [0]5 " The identity"
The identity of multiplicative modulo m is [1]m
[m]n have a multiplicative inverse [k]n where [m]n × [k]n = [1]n.
Ex.
The multiplicative inverse modulo of [5]9 is [k]9 where
[5]9 * [k]9 = [1] 9 = [5 * k] 9 = [1] 9 = [5 * 2] 9 = [1] 9
Then the multiplicative inverse of [5]9 is [2]9
Corollary
If m, k are multiplicative inverses modulo n
Then (m * k) % n = 1 = (m * k) = (z * n + 1) where z is positive integer
Note from the previous example (5 * 2) % 9 = 1
3. Note that nonprimes may don't have multiplicative inverse modulo m
Ex.
[6]9 * [k]9 = [1] 9 [6*k] 9 = [1] 9
We couldn't find k that make the equation (6*k) = z * 9 + 1 true.
Note also that if m and k have multiplicative inverses modulo n
then both m and k must be relatively prime to n
in the previous example both 5 and 2 are relatively prime to n
Ex.
[3]9 * [k]9 = [1] 9
We couldn't find k that make the equation (3*k) = z * 9 + 1 true because 3 is
not relatively prime to 9 since gcd(3 , 9) = 3.
Euler's Totient function
Euler's totient function is denoted by Φ
Φ(N) = how many numbers between 1 and (N – 1) which are relatively prime to N.
And is given by the following rule.
Φ(N) = N * ∏p|n (1 – (1 / p) ) where p runs over all primes that divide N including N
if it is prime
Ex.
Φ(4) = 4 * ( 1 – (1 / 2) ) = 4 – 2 = 2 --- relative prime numbers to 4 is { 1 , 3 }
Φ(5) = 5 * ( 1 – (1 / 5) ) = 5 – 1 = 4 --- { 1 , 2 , 3 , 4 }
Φ(6) = 6 * ( 1 – (1 / 2) ) * ( 1 – (1 / 3) ) = 3 – 1 = 2 --- { 1 , 5 }
Φ(7) = 7 * ( 1 – (1 / 7) ) = 7 – 1 = 6 --- { 1 , 2 , 3 , 4 , 5 , 6 }
Let N be a prime number then its factors is 1, N then
Φ(N) = N * ( 1 – (1 / N ) = N – 1
Also we note from the previous example that prime numbers has and advantage which
are Φ(N) = N – 1 when N is prime.
There is another amazing fact that Φ(N) is also easy to calculate when N has two
prime Numbers. For example if N = p * q where p, q are two prime numbers
Φ(N) = (p – 1) * (q – 1)
Proof:
Since p, q are all the prime factors of N then by applying Euler's Totient function
Φ(N) = Φ(pq) = pq * (1 – (1 / p)) * (1 – (1 / q))
= [p * (1 – (1 / p))] * [q * (1 – (1 / q))]
= [p – 1] * [q – 1]
RSA algorithm requirements
If we have the message is M
Then C = (M ^ e) % n (C is the encrypted message)
And M = (C ^ d) % n
4. Both sender and receiver must know the value of n and the sender knows the value of
e (e may known to any one) and the receiver only must know the value of d.
PK = {e , n} and PK = {d , n}
For the algorithm to be satisfactory as a public key encryption the following
requirements must be met
1. It is possible to find values for e, d, n such that (M ^ ed) % n = M for all M < n
2. It is relatively easy to calculate (M ^ e) % n and (C ^ d) % n.
(Modular Arithmetic)
3. It is infeasible to determine d given e, n.
For (M ^ ed) % n = M to be true e, d must be multiplicative inverses modulo Φ(n)
Then the relation between d, e can be expressed as
(e * d) % Φ(n) = 1 ==== (e * d) = (z * Φ(n)) + 1 == d = (z * Φ(n) + 1) / e
and this is true if and only if e, d are relatively prime to Φ(n)
Why prime numbers in RSA
1. Prime numbers have the property of multiplicative inverses modulo
2. Factoring of the product of two prime numbers is harder than any other
numbers.
3. Φ(n) have a direct rule for the product of two primes
RSA Algorithm
Rivest–Shamir-Adleman algorithm developed at MIT in 1978.
The algorithm
Key generation
Select two large prime numbers p,q and p ≠ q. ----- p,q (private, chosen)
Calculate n = p * q ----- n (public, calculated)
Calculate Φ(n) = (p - 1) * (q - 1) -----
Select integer e which is relatively prime with Φ (n) gcd(e, Φ(n)) = 1;
1<e< Φ(n) ------ e (public, chosen)
calculate d where de % Φ(n) = 1 i.e. d = (z * Φ(n) + 1) / e -- d (private, calculated)
Public key {e, n}
Private Key {d, n}
Encryption
Let M to be the plain text given M<n
Ciphertext C = (M ^ e) % n ----- public key {e, n}
Decryption
Ciphertext C
Plaintext M = (C ^ d) % n ------- private key {d, n}
5. Example
Let the plain text is 88 encrypt it with RSA
1. Select two primes p = 17 , q = 11.
2. Calculate n = pq = 17 * 11 = 187.
3. Calculate Φ(n) = (p - 1)*(q - 1) = 16*10 = 160.
4. Select e which is relatively prime with Φ(n) and e < Φ(n)
let we choose e = 7.
5. Calculate d = ( 1 + z * Φ(n) ) / e = ( 1 + 160 ) / 7 = 23 let z = 1
6. Public key { 7,187 }
7. Private key { 23, 187 }
Encryption with public key {7, 187}
Cipher text = (88^7) % 187 = 11
Decryption with private key {23, 187}
Given the ciphertext is 11
Plaintext M = ( 11 ^ 23 ) % 187 = 88
Cryptanalysis
References
Cryptography and Network Security Principles and Practices,
Fourth Edition By William Stallings
Good Luck
With my best wishes
Farag Zakaria Safy Saad
farag_cs2005@yahoo.com
![Modular Arithmetic
we use modular arithmetic to reduce calculating modular powers
# (a + b) % m = [ (a % m) + (b % m) ] % m
# (a * b) % m = [ (a % m) * (b % m) ] % m
Let we formalize the previous notes.
(a + b) % m = [a]m +m [b]m
(a * b) % m = [a]m *m [b]m
Examples
(7 + 6 ) % 4 = 13 % 4 = 1
(7 + 6 ) % 4 = [ (7 % 4) + (6 % 4) ] % 4 = [ 3 + 2 ] % 4 = [ 5 ] % 4 = 1
(7 * 6 ) % 4 = 42 % 4 = 2
(7 * 6 ) % 4 = [ (7 % 4) * (6 % 4) ] % 4 = [ 3 * 2 ] % 4 = [ 6 ] % 4 = 2
(3 ^ 8) % 7 = [ { (3 ^ 2) % 7 } * { (3 ^ 2) % 7 } * { (3 ^ 4) % 7 } ] % 7
(3 ^ 8) % 7 = [ 2 * 2 * 4 ] % 7 = [ 16 ] % 7 = 2
(11 ^ 23) % 187 = [(11^1) % 187 * (11^2) % 187 * (11^4) % 187 * (11^8) % 187 *
(11^8) % 187] % 187
(11 ^ 23) % 187 = [11 * 121 * 55 * 33 * 33] % 187 = 79720245 % 187 = 88
Note that (((M ^ e) % n) ^ d) % n = (M ^ ed) % n
Example
[((5 ^ 2) % 7) ^ 3] % 7 = (5 ^ (2*3)) % 7
(4 ^ 3) % 7 = (5 ^ 6) % 7
64 % 7 = (15625) % 7 ---- 7 * 2232 = 15624
1 = 1
Modulo Inverse
The identity of additive modulo is [0]m
The additive inverse of [m]n is [n – m]m
Ex.
The additive inverse of [1]5 is [5 – 1]5 = [4]5
[1]5 + [4]5 = [0]5 " The identity"
The identity of multiplicative modulo m is [1]m
[m]n have a multiplicative inverse [k]n where [m]n × [k]n = [1]n.
Ex.
The multiplicative inverse modulo of [5]9 is [k]9 where
[5]9 * [k]9 = [1] 9 = [5 * k] 9 = [1] 9 = [5 * 2] 9 = [1] 9
Then the multiplicative inverse of [5]9 is [2]9
Corollary
If m, k are multiplicative inverses modulo n
Then (m * k) % n = 1 = (m * k) = (z * n + 1) where z is positive integer
Note from the previous example (5 * 2) % 9 = 1](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)