SlideShare a Scribd company logo

RSA

aniruddh Tyagi
aniruddh Tyagi
1 of 2
Download to read offline
RSA Cryptosystem 6/8/2002 2:20 PM Outline Euler’s theorem (§10.1.3) RSA cryptosystem (§10.2.3) RSA Cryptosystem Definition Example Bits PCs Memory Security 430 1 128MB Correctness 760 215,000 4GB Algorithms for RSA 1,020 342×106 170GB Modular power (§10.1.4) 1,620 1.6×1015 120TB Modular inverse (§10.1.5) Randomized primality testing (§10.1.6) 6/8/2002 2:20 PM RSA Cryptosystem 1 6/8/2002 2:20 PM RSA Cryptosystem 2 Euler’s Theorem RSA Cryptosystem The multiplicative group for Zn, denoted with Z*n, is the subset of Setup: Example elements of Zn relatively prime with n n = pq, with p and q Setup: The totient function of n, denoted with φ(n), is the size of Z*n primes p = 7, q = 17 Example e relatively prime to n = 7⋅17 = 119 φ(n) = (p − 1) (q − 1) φ(n) = 6⋅16 = 96 Z*10 = { 1, 3, 7, 9 } φ(10) = 4 d inverse of e in Zφ(n) e=5 If p is prime, we have Keys: d = 77 Z*p = {1, 2, …, (p − 1)} φ(p) = p − 1 Public key: KE = (n, e) Keys: Euler’s Theorem public key: (119, 5) Private key: KD = d For each element x of Z*n, we have xφ(n) mod n = 1 private key: 77 Example (n = 10) Encryption: Encryption: 3φ(10) mod 10 = 34 mod 10 = 81 mod 10 = 1 Plaintext M in Zn M = 19 7φ(10) mod 10 = 74 mod 10 = 2401 mod 10 = 1 C = Me mod n C = 195 mod 119 = 66 9φ(10) mod 10 = 94 mod 10 = 6561 mod 10 = 1 Decryption: Decryption: M = Cd mod n C = 6677 mod 119 = 19 6/8/2002 2:20 PM RSA Cryptosystem 3 6/8/2002 2:20 PM RSA Cryptosystem 4 Complete RSA Example Security Setup: Encryption The security of the RSA In 1999, a 512-bit number was cryptosystem is based on the factored in 4 months using the p = 5, q = 11 C = M3 mod 55 widely believed difficulty of following computers: n = 5⋅11 = 55 Decryption factoring large numbers 160 175-400 MHz SGI and Sun φ(n) = 4⋅10 = 40 M = C27 mod 55 The best known factoring algorithm (general number 8 250 MHz SGI Origin e=3 field sieve) takes time 120 300-450 MHz Pentium II d = 27 (3⋅27 = 81 = 2⋅40 + 1) exponential in the number of 4 500 MHz Digital/Compaq bits of the number to be factored Estimated resources needed to M 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 factor a number within one year The RSA challenge, sponsored C 1 8 27 9 15 51 13 17 14 10 11 23 52 49 20 26 18 2 by RSA Security, offers cash Bits PCs Memory M 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 prizes for the factorization of 430 1 128MB C 39 25 21 33 12 19 5 31 48 7 24 50 36 43 22 34 30 16 given large numbers In April 2002, prizes ranged 760 215,000 4GB M 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 C 53 37 29 35 6 3 32 44 45 41 38 42 4 40 46 28 47 54 from $10,000 (576 bits) to 1,020 342×106 170GB $200,000 (2048 bits) 1,620 1.6×1015 120TB 6/8/2002 2:20 PM RSA Cryptosystem 5 6/8/2002 2:20 PM RSA Cryptosystem 6 1
RSA Cryptosystem 6/8/2002 2:20 PM Correctness Algorithmic Issues We show the correctness of Thus, we obtain The implementation of Setup the RSA cryptosystem for the (Me)d mod n = the RSA cryptosystem Generation of random case when the plaintext M Med mod n = requires various numbers with a given does not divide n Mkφ(n) + 1 mod n = number of bits (to generate algorithms Namely, we show that MMkφ(n) mod n = candidates p and q) M (Mφ(n))k mod n = Overall Primality testing (to check (Me)d mod n = M M (Mφ(n) mod n)k mod n = Representation of integers that candidates p and q are Since ed mod φ(n) = 1, there is of arbitrarily large size and M (1)k mod n = prime) an integer k such that arithmetic operations on M mod n = Computation of the GCD (to ed = kφ(n) + 1 them verify that e and φ(n) are Since M does not divide n, by M Encryption relatively prime) Euler’s theorem we have See the book for the proof of Modular power Computation of the correctness in the case when multiplicative inverse (to Mφ(n) mod n = 1 the plaintext M divides n Decryption compute d from e) Modular power 6/8/2002 2:20 PM RSA Cryptosystem 7 6/8/2002 2:20 PM RSA Cryptosystem 8 Modular Power Modular Inverse The repeated squaring Example Theorem Given positive integers a and b, algorithm speeds up the 318 mod 19 (18 = 10010) Given positive integers a the extended Euclid’s algorithm computation of a modular and b, let d be the smallest computes a triplet (d,i,j) such that Q1 = 31 mod 19 = 3 power ap mod n d = gcd(a,b) Q2 = (32 mod 19)30 mod 19 = 9 positive integer such that Write the exponent p in binary d = ia + jb Q3 = (92 mod 19)30 mod 19 = d = ia + jb p = pb − 1 pb − 2 … p1 p0 To test the existence of and 81 mod 19 = 5 for some integers i and j. Start with Q4 = (52 mod 19)31 mod 19 = We have compute the inverse of x ∈ Zn, we Q1 = apb − 1 mod n (25 mod 19)3 mod 19 = execute the extended Euclid’s d = gcd(a,b) algorithm on the input pair (x,n) Repeatedly compute 18 mod 19 = 18 Example Let (d,i,j) be the triplet returned Qi = ((Qi − 1)2 mod n)apb − i mod n Q5 = (182 mod 19)30 mod 19 = a = 21 (324 mod 19) mod 19 = d = ix + jn We obtain b = 15 17⋅19 + 1 mod 19 = 1 Case 1: d = 1 Qb = ap mod n d=3 i is the inverse of x in Zn The repeated squaring p5 − 1 1 0 0 1 0 i = 3, j = −4 Case 2: d > 1 algorithm performs O (log p) 2 p5 − i 3 1 1 3 1 3 = 3⋅21 + (−4)⋅15 = arithmetic operations 63 − 60 = 3 x has no inverse in Zn Qi 3 9 5 18 1 6/8/2002 2:20 PM RSA Cryptosystem 9 6/8/2002 2:20 PM RSA Cryptosystem 10 Pseudoprimality Testing Randomized Primality Testing The number of primes less than or equal to n is about n / ln n Compositeness witness function witness(x, n) with error probability Algorithm RandPrimeTest(n, k) Thus, we expect to find a prime among, O(b) randomly generated q for a random variable x Input integer n,confidence numbers with b bits each parameter k and composite Case 1: n is prime Testing whether a number is prime (primality testing) is believed witness function witness(x,n) witness w(x, n) = false with error probability q to be a hard problem Case 2: n is composite Output an indication of An integer n ≥ 2 is said to be a base-x pseudoprime if witness w(x, n) = false with whether n is composite or prime xn − 1 mod n = 1 (Fermat’s little theorem) probability q < 1 with probability 2−k Composite base-x pseudoprimes are rare: Algorithm RandPrimeTest tests whether n is prime by repeatedly t ← k/log2(1/q) A random 100-bit integer is a composite base-2 pseudoprime with for i ← 1 to t evaluating witness(x, n) probability less than 10-13 A variation of base- x x ← random() The smallest composite base-2 pseudoprime is 341 pseudoprimality provides a if witness(x,n)= true Base-x pseudoprimality testing for an integer n: suitable compositeness witness return “n is composite” Check whether xn − 1 mod n = 1 function for randomized primality return “n is prime” Can be performed efficiently with the repeated squaring algorithm testing (Rabin-Miller algorithm) 6/8/2002 2:20 PM RSA Cryptosystem 11 6/8/2002 2:20 PM RSA Cryptosystem 12 2

Recommended

Ruby Supercomputing - Using The GPU For Massive Performance Speedup v1.1
Ruby Supercomputing - Using The GPU For Massive Performance Speedup v1.1Ruby Supercomputing - Using The GPU For Massive Performance Speedup v1.1
Ruby Supercomputing - Using The GPU For Massive Performance Speedup v1.1Preston Lee
 
Gdc2011 direct x 11 rendering in battlefield 3
Gdc2011 direct x 11 rendering in battlefield 3Gdc2011 direct x 11 rendering in battlefield 3
Gdc2011 direct x 11 rendering in battlefield 3drandom
 
Cutoff frequency
Cutoff frequencyCutoff frequency
Cutoff frequencysarahgolfinger
 
Single shot multiboxdetectors
Single shot multiboxdetectorsSingle shot multiboxdetectors
Single shot multiboxdetectors지현 백
 
December 7, Projects
December 7, ProjectsDecember 7, Projects
December 7, ProjectsUniversity of Colorado at Boulder
 
Cd Simon
Cd SimonCd Simon
Cd SimonManuel Mañas
 
Single shot multiboxdetectors
Single shot multiboxdetectorsSingle shot multiboxdetectors
Single shot multiboxdetectors지현 백
 
Chapter14
Chapter14Chapter14
Chapter14shervin shokri
 

Recommended

Ruby Supercomputing - Using The GPU For Massive Performance Speedup v1.1
Ruby Supercomputing - Using The GPU For Massive Performance Speedup v1.1Ruby Supercomputing - Using The GPU For Massive Performance Speedup v1.1
Ruby Supercomputing - Using The GPU For Massive Performance Speedup v1.1Preston Lee
 
Gdc2011 direct x 11 rendering in battlefield 3
Gdc2011 direct x 11 rendering in battlefield 3Gdc2011 direct x 11 rendering in battlefield 3
Gdc2011 direct x 11 rendering in battlefield 3drandom
 
Cutoff frequency
Cutoff frequencyCutoff frequency
Cutoff frequencysarahgolfinger
 
Single shot multiboxdetectors
Single shot multiboxdetectorsSingle shot multiboxdetectors
Single shot multiboxdetectors지현 백
 
December 7, Projects
December 7, ProjectsDecember 7, Projects
December 7, ProjectsUniversity of Colorado at Boulder
 
Cd Simon
Cd SimonCd Simon
Cd SimonManuel Mañas
 
Single shot multiboxdetectors
Single shot multiboxdetectorsSingle shot multiboxdetectors
Single shot multiboxdetectors지현 백
 
Chapter14
Chapter14Chapter14
Chapter14shervin shokri
 
DDS-20m
DDS-20mDDS-20m
DDS-20mPDX Web & Design
 
Unit7 jwfiles
Unit7 jwfilesUnit7 jwfiles
Unit7 jwfilesmrecedu
 
Breaking the wall
Breaking the wallBreaking the wall
Breaking the wallTaras Kalapun
 
19 algorithms-and-complexity-110627100203-phpapp02
19 algorithms-and-complexity-110627100203-phpapp0219 algorithms-and-complexity-110627100203-phpapp02
19 algorithms-and-complexity-110627100203-phpapp02Muhammad Aslam
 
C Language Unit-7
C Language Unit-7C Language Unit-7
C Language Unit-7kasaragadda srinivasrao
 
Xsl Tand X Path Quick Reference
Xsl Tand X Path Quick ReferenceXsl Tand X Path Quick Reference
Xsl Tand X Path Quick ReferenceLiquidHub
 
Presentacion en ATLAS Calorimetry Calibration Workshop,"Clustering of very lo...
Presentacion en ATLAS Calorimetry Calibration Workshop,"Clustering of very lo...Presentacion en ATLAS Calorimetry Calibration Workshop,"Clustering of very lo...
Presentacion en ATLAS Calorimetry Calibration Workshop,"Clustering of very lo...CARMEN IGLESIAS
 
Extreme dxt compression
Extreme dxt compressionExtreme dxt compression
Extreme dxt compressionAtaceyhun Çelik
 
NAS EP Algorithm
NAS EP Algorithm NAS EP Algorithm
NAS EP Algorithm Jongsu "Liam" Kim
 
Learn How to Master Solr1 4
Learn How to Master Solr1 4Learn How to Master Solr1 4
Learn How to Master Solr1 4Lucidworks (Archived)
 
DIGITAL IMAGE PROCESSING - Day 4 Image Transform
DIGITAL IMAGE PROCESSING - Day 4 Image TransformDIGITAL IMAGE PROCESSING - Day 4 Image Transform
DIGITAL IMAGE PROCESSING - Day 4 Image Transformvijayanand Kandaswamy
 
Mark 20121024
Mark 20121024Mark 20121024
Mark 20121024ChengChin Chiang
 
Class 17: Golden Sneezewort
Class 17: Golden SneezewortClass 17: Golden Sneezewort
Class 17: Golden SneezewortDavid Evans
 
Bioastronautics: Space Exploration and its Effects on the Human Body Course S...
Bioastronautics: Space Exploration and its Effects on the Human Body Course S...Bioastronautics: Space Exploration and its Effects on the Human Body Course S...
Bioastronautics: Space Exploration and its Effects on the Human Body Course S...Jim Jenkins
 
Fundamentals Of Space Systems & Space Subsystems course sampler
Fundamentals Of Space Systems & Space Subsystems course samplerFundamentals Of Space Systems & Space Subsystems course sampler
Fundamentals Of Space Systems & Space Subsystems course samplerJim Jenkins
 
Pakistani Chat Rooms,Chat-room,GupshupCorner-SatelliteLEC1,
Pakistani Chat Rooms,Chat-room,GupshupCorner-SatelliteLEC1,Pakistani Chat Rooms,Chat-room,GupshupCorner-SatelliteLEC1,
Pakistani Chat Rooms,Chat-room,GupshupCorner-SatelliteLEC1,Saira Honey
 
ATI's Quantitative Methods course: Bridging Project Management and System Eng...
ATI's Quantitative Methods course: Bridging Project Management and System Eng...ATI's Quantitative Methods course: Bridging Project Management and System Eng...
ATI's Quantitative Methods course: Bridging Project Management and System Eng...Jim Jenkins
 
intro_dgital_TV
intro_dgital_TVintro_dgital_TV
intro_dgital_TVaniruddh Tyagi
 
fundamentals_satellite_communication_part_1
fundamentals_satellite_communication_part_1fundamentals_satellite_communication_part_1
fundamentals_satellite_communication_part_1aniruddh Tyagi
 
Space power systems
Space power systemsSpace power systems
Space power systemsJim Jenkins
 
Fundamentals of Engineering Probability Visualization Techniques & MatLab Cas...
Fundamentals of Engineering Probability Visualization Techniques & MatLab Cas...Fundamentals of Engineering Probability Visualization Techniques & MatLab Cas...
Fundamentals of Engineering Probability Visualization Techniques & MatLab Cas...Jim Jenkins
 
quantization
quantizationquantization
quantizationaniruddh Tyagi
 

More Related Content

What's hot

Unit7 jwfiles
Unit7 jwfilesUnit7 jwfiles
Unit7 jwfilesmrecedu
 
19 algorithms-and-complexity-110627100203-phpapp02
19 algorithms-and-complexity-110627100203-phpapp0219 algorithms-and-complexity-110627100203-phpapp02
19 algorithms-and-complexity-110627100203-phpapp02Muhammad Aslam
 
Xsl Tand X Path Quick Reference
Xsl Tand X Path Quick ReferenceXsl Tand X Path Quick Reference
Xsl Tand X Path Quick ReferenceLiquidHub
 
Presentacion en ATLAS Calorimetry Calibration Workshop,"Clustering of very lo...
Presentacion en ATLAS Calorimetry Calibration Workshop,"Clustering of very lo...Presentacion en ATLAS Calorimetry Calibration Workshop,"Clustering of very lo...
Presentacion en ATLAS Calorimetry Calibration Workshop,"Clustering of very lo...CARMEN IGLESIAS
 
DIGITAL IMAGE PROCESSING - Day 4 Image Transform
DIGITAL IMAGE PROCESSING - Day 4 Image TransformDIGITAL IMAGE PROCESSING - Day 4 Image Transform
DIGITAL IMAGE PROCESSING - Day 4 Image Transformvijayanand Kandaswamy
 
Class 17: Golden Sneezewort
Class 17: Golden SneezewortClass 17: Golden Sneezewort
Class 17: Golden SneezewortDavid Evans
 

What's hot (13)

DDS-20m
DDS-20mDDS-20m
DDS-20m
 
Unit7 jwfiles
Unit7 jwfilesUnit7 jwfiles
Unit7 jwfiles
 
Breaking the wall
Breaking the wallBreaking the wall
Breaking the wall
 
19 algorithms-and-complexity-110627100203-phpapp02
19 algorithms-and-complexity-110627100203-phpapp0219 algorithms-and-complexity-110627100203-phpapp02
19 algorithms-and-complexity-110627100203-phpapp02
 
C Language Unit-7
C Language Unit-7C Language Unit-7
C Language Unit-7
 
Xsl Tand X Path Quick Reference
Xsl Tand X Path Quick ReferenceXsl Tand X Path Quick Reference
Xsl Tand X Path Quick Reference
 
Presentacion en ATLAS Calorimetry Calibration Workshop,"Clustering of very lo...
Presentacion en ATLAS Calorimetry Calibration Workshop,"Clustering of very lo...Presentacion en ATLAS Calorimetry Calibration Workshop,"Clustering of very lo...
Presentacion en ATLAS Calorimetry Calibration Workshop,"Clustering of very lo...
 
Extreme dxt compression
Extreme dxt compressionExtreme dxt compression
Extreme dxt compression
 
NAS EP Algorithm
NAS EP Algorithm NAS EP Algorithm
NAS EP Algorithm
 
Learn How to Master Solr1 4
Learn How to Master Solr1 4Learn How to Master Solr1 4
Learn How to Master Solr1 4
 
DIGITAL IMAGE PROCESSING - Day 4 Image Transform
DIGITAL IMAGE PROCESSING - Day 4 Image TransformDIGITAL IMAGE PROCESSING - Day 4 Image Transform
DIGITAL IMAGE PROCESSING - Day 4 Image Transform
 
Mark 20121024
Mark 20121024Mark 20121024
Mark 20121024
 
Class 17: Golden Sneezewort
Class 17: Golden SneezewortClass 17: Golden Sneezewort
Class 17: Golden Sneezewort
 

Viewers also liked

Bioastronautics: Space Exploration and its Effects on the Human Body Course S...
Bioastronautics: Space Exploration and its Effects on the Human Body Course S...Bioastronautics: Space Exploration and its Effects on the Human Body Course S...
Bioastronautics: Space Exploration and its Effects on the Human Body Course S...Jim Jenkins
 
Fundamentals Of Space Systems & Space Subsystems course sampler
Fundamentals Of Space Systems & Space Subsystems course samplerFundamentals Of Space Systems & Space Subsystems course sampler
Fundamentals Of Space Systems & Space Subsystems course samplerJim Jenkins
 
Pakistani Chat Rooms,Chat-room,GupshupCorner-SatelliteLEC1,
Pakistani Chat Rooms,Chat-room,GupshupCorner-SatelliteLEC1,Pakistani Chat Rooms,Chat-room,GupshupCorner-SatelliteLEC1,
Pakistani Chat Rooms,Chat-room,GupshupCorner-SatelliteLEC1,Saira Honey
 
ATI's Quantitative Methods course: Bridging Project Management and System Eng...
ATI's Quantitative Methods course: Bridging Project Management and System Eng...ATI's Quantitative Methods course: Bridging Project Management and System Eng...
ATI's Quantitative Methods course: Bridging Project Management and System Eng...Jim Jenkins
 
fundamentals_satellite_communication_part_1
fundamentals_satellite_communication_part_1fundamentals_satellite_communication_part_1
fundamentals_satellite_communication_part_1aniruddh Tyagi
 
Space power systems
Space power systemsSpace power systems
Space power systemsJim Jenkins
 
Fundamentals of Engineering Probability Visualization Techniques & MatLab Cas...
Fundamentals of Engineering Probability Visualization Techniques & MatLab Cas...Fundamentals of Engineering Probability Visualization Techniques & MatLab Cas...
Fundamentals of Engineering Probability Visualization Techniques & MatLab Cas...Jim Jenkins
 
Teknologi Pita Lebar 4G LTE
Teknologi Pita Lebar 4G LTETeknologi Pita Lebar 4G LTE
Teknologi Pita Lebar 4G LTEHazim Ahmadi
 
video_compression_2004
video_compression_2004video_compression_2004
video_compression_2004aniruddh Tyagi
 
ATI Systems Engineering - The People Dimension Professional Development Techn...
ATI Systems Engineering - The People Dimension Professional Development Techn...ATI Systems Engineering - The People Dimension Professional Development Techn...
ATI Systems Engineering - The People Dimension Professional Development Techn...Jim Jenkins
 
ATI's Total Systems Engineering Development & Management technical training c...
ATI's Total Systems Engineering Development & Management technical training c...ATI's Total Systems Engineering Development & Management technical training c...
ATI's Total Systems Engineering Development & Management technical training c...Jim Jenkins
 
ATI's Systems Engineering - Requirements technical training course sampler
ATI's Systems Engineering - Requirements technical training course samplerATI's Systems Engineering - Requirements technical training course sampler
ATI's Systems Engineering - Requirements technical training course samplerJim Jenkins
 
Spacecraft RF Communications Course Sampler
Spacecraft RF Communications Course SamplerSpacecraft RF Communications Course Sampler
Spacecraft RF Communications Course SamplerJim Jenkins
 
Applied Physical Oceanography And Modeling
Applied Physical Oceanography And ModelingApplied Physical Oceanography And Modeling
Applied Physical Oceanography And ModelingJim Jenkins
 
Total systems engineering_development_management_course_sampler
Total systems engineering_development_management_course_samplerTotal systems engineering_development_management_course_sampler
Total systems engineering_development_management_course_samplerJim Jenkins
 

Viewers also liked (20)

Bioastronautics: Space Exploration and its Effects on the Human Body Course S...
Bioastronautics: Space Exploration and its Effects on the Human Body Course S...Bioastronautics: Space Exploration and its Effects on the Human Body Course S...
Bioastronautics: Space Exploration and its Effects on the Human Body Course S...
 
Fundamentals Of Space Systems & Space Subsystems course sampler
Fundamentals Of Space Systems & Space Subsystems course samplerFundamentals Of Space Systems & Space Subsystems course sampler
Fundamentals Of Space Systems & Space Subsystems course sampler
 
Pakistani Chat Rooms,Chat-room,GupshupCorner-SatelliteLEC1,
Pakistani Chat Rooms,Chat-room,GupshupCorner-SatelliteLEC1,Pakistani Chat Rooms,Chat-room,GupshupCorner-SatelliteLEC1,
Pakistani Chat Rooms,Chat-room,GupshupCorner-SatelliteLEC1,
 
ATI's Quantitative Methods course: Bridging Project Management and System Eng...
ATI's Quantitative Methods course: Bridging Project Management and System Eng...ATI's Quantitative Methods course: Bridging Project Management and System Eng...
ATI's Quantitative Methods course: Bridging Project Management and System Eng...
 
intro_dgital_TV
intro_dgital_TVintro_dgital_TV
intro_dgital_TV
 
fundamentals_satellite_communication_part_1
fundamentals_satellite_communication_part_1fundamentals_satellite_communication_part_1
fundamentals_satellite_communication_part_1
 
Space power systems
Space power systemsSpace power systems
Space power systems
 
Fundamentals of Engineering Probability Visualization Techniques & MatLab Cas...
Fundamentals of Engineering Probability Visualization Techniques & MatLab Cas...Fundamentals of Engineering Probability Visualization Techniques & MatLab Cas...
Fundamentals of Engineering Probability Visualization Techniques & MatLab Cas...
 
quantization
quantizationquantization
quantization
 
Teknologi Pita Lebar 4G LTE
Teknologi Pita Lebar 4G LTETeknologi Pita Lebar 4G LTE
Teknologi Pita Lebar 4G LTE
 
video_compression_2004
video_compression_2004video_compression_2004
video_compression_2004
 
IntrRSCode
IntrRSCodeIntrRSCode
IntrRSCode
 
ATI Systems Engineering - The People Dimension Professional Development Techn...
ATI Systems Engineering - The People Dimension Professional Development Techn...ATI Systems Engineering - The People Dimension Professional Development Techn...
ATI Systems Engineering - The People Dimension Professional Development Techn...
 
ATI's Total Systems Engineering Development & Management technical training c...
ATI's Total Systems Engineering Development & Management technical training c...ATI's Total Systems Engineering Development & Management technical training c...
ATI's Total Systems Engineering Development & Management technical training c...
 
ATI's Systems Engineering - Requirements technical training course sampler
ATI's Systems Engineering - Requirements technical training course samplerATI's Systems Engineering - Requirements technical training course sampler
ATI's Systems Engineering - Requirements technical training course sampler
 
euler theorm
euler theormeuler theorm
euler theorm
 
Spacecraft RF Communications Course Sampler
Spacecraft RF Communications Course SamplerSpacecraft RF Communications Course Sampler
Spacecraft RF Communications Course Sampler
 
Applied Physical Oceanography And Modeling
Applied Physical Oceanography And ModelingApplied Physical Oceanography And Modeling
Applied Physical Oceanography And Modeling
 
mpeg4
mpeg4mpeg4
mpeg4
 
Total systems engineering_development_management_course_sampler
Total systems engineering_development_management_course_samplerTotal systems engineering_development_management_course_sampler
Total systems engineering_development_management_course_sampler
 

Similar to RSA

Asymmetric Cryptography.pptx
Asymmetric Cryptography.pptxAsymmetric Cryptography.pptx
Asymmetric Cryptography.pptxdiaa46
 
Chapter 06 rsa cryptosystem
Chapter 06 rsa cryptosystemChapter 06 rsa cryptosystem
Chapter 06 rsa cryptosystemAnkur Choudhary
 
Data Mining With A Simulated Annealing Based Fuzzy Classification System
Data Mining With A Simulated Annealing Based Fuzzy Classification SystemData Mining With A Simulated Annealing Based Fuzzy Classification System
Data Mining With A Simulated Annealing Based Fuzzy Classification SystemJamie (Taka) Wang
 
DeepStochLog: Neural Stochastic Logic Programming
DeepStochLog: Neural Stochastic Logic ProgrammingDeepStochLog: Neural Stochastic Logic Programming
DeepStochLog: Neural Stochastic Logic ProgrammingThomas Winters
 
Analysis of Short RSA Secret Exponent d
Analysis of Short RSA Secret Exponent dAnalysis of Short RSA Secret Exponent d
Analysis of Short RSA Secret Exponent dDharmalingam Ganesan
 
The Mathematics of RSA Encryption
The Mathematics of RSA EncryptionThe Mathematics of RSA Encryption
The Mathematics of RSA EncryptionNathan F. Dunn
 
Deep dive into rsa
Deep dive into rsaDeep dive into rsa
Deep dive into rsaBill GU
 
Homomorphic Encryption
Homomorphic EncryptionHomomorphic Encryption
Homomorphic EncryptionGöktuğ Serez
 
RSA Algorithm.ppt
RSA Algorithm.pptRSA Algorithm.ppt
RSA Algorithm.pptArchanaT30
 
Security of RSA and Integer Factorization
Security of RSA and Integer FactorizationSecurity of RSA and Integer Factorization
Security of RSA and Integer FactorizationDharmalingam Ganesan
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Codemotion
 
On the Secrecy of RSA Private Keys
On the Secrecy of RSA Private KeysOn the Secrecy of RSA Private Keys
On the Secrecy of RSA Private KeysDharmalingam Ganesan
 
CNIT 141: 10. RSA
CNIT 141: 10. RSACNIT 141: 10. RSA
CNIT 141: 10. RSASam Bowne
 

Similar to RSA (20)

Asymmetric Cryptography.pptx
Asymmetric Cryptography.pptxAsymmetric Cryptography.pptx
Asymmetric Cryptography.pptx
 
Chapter 06 rsa cryptosystem
Chapter 06 rsa cryptosystemChapter 06 rsa cryptosystem
Chapter 06 rsa cryptosystem
 
rsa-1
rsa-1rsa-1
rsa-1
 
rsa-1
rsa-1rsa-1
rsa-1
 
rsa-1
rsa-1rsa-1
rsa-1
 
Data Mining With A Simulated Annealing Based Fuzzy Classification System
Data Mining With A Simulated Annealing Based Fuzzy Classification SystemData Mining With A Simulated Annealing Based Fuzzy Classification System
Data Mining With A Simulated Annealing Based Fuzzy Classification System
 
DeepStochLog: Neural Stochastic Logic Programming
DeepStochLog: Neural Stochastic Logic ProgrammingDeepStochLog: Neural Stochastic Logic Programming
DeepStochLog: Neural Stochastic Logic Programming
 
Analysis of Short RSA Secret Exponent d
Analysis of Short RSA Secret Exponent dAnalysis of Short RSA Secret Exponent d
Analysis of Short RSA Secret Exponent d
 
The Mathematics of RSA Encryption
The Mathematics of RSA EncryptionThe Mathematics of RSA Encryption
The Mathematics of RSA Encryption
 
Deep dive into rsa
Deep dive into rsaDeep dive into rsa
Deep dive into rsa
 
Homomorphic Encryption
Homomorphic EncryptionHomomorphic Encryption
Homomorphic Encryption
 
Rsa documentation
Rsa documentationRsa documentation
Rsa documentation
 
RSA Algorithm.ppt
RSA Algorithm.pptRSA Algorithm.ppt
RSA Algorithm.ppt
 
Security of RSA and Integer Factorization
Security of RSA and Integer FactorizationSecurity of RSA and Integer Factorization
Security of RSA and Integer Factorization
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...
 
On the Secrecy of RSA Private Keys
On the Secrecy of RSA Private KeysOn the Secrecy of RSA Private Keys
On the Secrecy of RSA Private Keys
 
CNIT 141: 10. RSA
CNIT 141: 10. RSACNIT 141: 10. RSA
CNIT 141: 10. RSA
 
RSA cracking puzzle
RSA cracking puzzleRSA cracking puzzle
RSA cracking puzzle
 
Ntewrok secuirty cs7
Ntewrok secuirty cs7Ntewrok secuirty cs7
Ntewrok secuirty cs7
 
Paper_KST
Paper_KSTPaper_KST
Paper_KST
 

More from aniruddh Tyagi

whitepaper_mpeg-if_understanding_mpeg4
whitepaper_mpeg-if_understanding_mpeg4whitepaper_mpeg-if_understanding_mpeg4
whitepaper_mpeg-if_understanding_mpeg4aniruddh Tyagi
 
BUC BLOCK UP CONVERTER
BUC BLOCK UP CONVERTERBUC BLOCK UP CONVERTER
BUC BLOCK UP CONVERTERaniruddh Tyagi
 
Discrete cosine transform
Discrete cosine transformDiscrete cosine transform
Discrete cosine transformaniruddh Tyagi
 
EBU_DVB_S2 READY TO LIFT OFF
EBU_DVB_S2 READY TO LIFT OFFEBU_DVB_S2 READY TO LIFT OFF
EBU_DVB_S2 READY TO LIFT OFFaniruddh Tyagi
 
ADVANCED DVB-C,DVB-S STB DEMOD
ADVANCED DVB-C,DVB-S STB DEMODADVANCED DVB-C,DVB-S STB DEMOD
ADVANCED DVB-C,DVB-S STB DEMODaniruddh Tyagi
 
haffman coding DCT transform
haffman coding DCT transformhaffman coding DCT transform
haffman coding DCT transformaniruddh Tyagi
 
art_sklar7_reed-solomon
art_sklar7_reed-solomonart_sklar7_reed-solomon
art_sklar7_reed-solomonaniruddh Tyagi
 

More from aniruddh Tyagi (20)

whitepaper_mpeg-if_understanding_mpeg4
whitepaper_mpeg-if_understanding_mpeg4whitepaper_mpeg-if_understanding_mpeg4
whitepaper_mpeg-if_understanding_mpeg4
 
BUC BLOCK UP CONVERTER
BUC BLOCK UP CONVERTERBUC BLOCK UP CONVERTER
BUC BLOCK UP CONVERTER
 
digital_set_top_box2
digital_set_top_box2digital_set_top_box2
digital_set_top_box2
 
Discrete cosine transform
Discrete cosine transformDiscrete cosine transform
Discrete cosine transform
 
DCT
DCTDCT
DCT
 
EBU_DVB_S2 READY TO LIFT OFF
EBU_DVB_S2 READY TO LIFT OFFEBU_DVB_S2 READY TO LIFT OFF
EBU_DVB_S2 READY TO LIFT OFF
 
ADVANCED DVB-C,DVB-S STB DEMOD
ADVANCED DVB-C,DVB-S STB DEMODADVANCED DVB-C,DVB-S STB DEMOD
ADVANCED DVB-C,DVB-S STB DEMOD
 
DVB_Arch
DVB_ArchDVB_Arch
DVB_Arch
 
haffman coding DCT transform
haffman coding DCT transformhaffman coding DCT transform
haffman coding DCT transform
 
Classification
ClassificationClassification
Classification
 
tyagi 's doc
tyagi 's doctyagi 's doc
tyagi 's doc
 
quantization_PCM
quantization_PCMquantization_PCM
quantization_PCM
 
ECMG & EMMG protocol
ECMG & EMMG protocolECMG & EMMG protocol
ECMG & EMMG protocol
 
7015567A
7015567A7015567A
7015567A
 
Basic of BISS
Basic of BISSBasic of BISS
Basic of BISS
 
art_sklar7_reed-solomon
art_sklar7_reed-solomonart_sklar7_reed-solomon
art_sklar7_reed-solomon
 
DVBSimulcrypt2
DVBSimulcrypt2DVBSimulcrypt2
DVBSimulcrypt2
 
en_302769v010101v
en_302769v010101ven_302769v010101v
en_302769v010101v
 
Euler formula
Euler formulaEuler formula
Euler formula
 
video compression
video compressionvideo compression
video compression
 

RSA

  • 1. RSA Cryptosystem 6/8/2002 2:20 PM Outline Euler’s theorem (§10.1.3) RSA cryptosystem (§10.2.3) RSA Cryptosystem Definition Example Bits PCs Memory Security 430 1 128MB Correctness 760 215,000 4GB Algorithms for RSA 1,020 342×106 170GB Modular power (§10.1.4) 1,620 1.6×1015 120TB Modular inverse (§10.1.5) Randomized primality testing (§10.1.6) 6/8/2002 2:20 PM RSA Cryptosystem 1 6/8/2002 2:20 PM RSA Cryptosystem 2 Euler’s Theorem RSA Cryptosystem The multiplicative group for Zn, denoted with Z*n, is the subset of Setup: Example elements of Zn relatively prime with n n = pq, with p and q Setup: The totient function of n, denoted with φ(n), is the size of Z*n primes p = 7, q = 17 Example e relatively prime to n = 7⋅17 = 119 φ(n) = (p − 1) (q − 1) φ(n) = 6⋅16 = 96 Z*10 = { 1, 3, 7, 9 } φ(10) = 4 d inverse of e in Zφ(n) e=5 If p is prime, we have Keys: d = 77 Z*p = {1, 2, …, (p − 1)} φ(p) = p − 1 Public key: KE = (n, e) Keys: Euler’s Theorem public key: (119, 5) Private key: KD = d For each element x of Z*n, we have xφ(n) mod n = 1 private key: 77 Example (n = 10) Encryption: Encryption: 3φ(10) mod 10 = 34 mod 10 = 81 mod 10 = 1 Plaintext M in Zn M = 19 7φ(10) mod 10 = 74 mod 10 = 2401 mod 10 = 1 C = Me mod n C = 195 mod 119 = 66 9φ(10) mod 10 = 94 mod 10 = 6561 mod 10 = 1 Decryption: Decryption: M = Cd mod n C = 6677 mod 119 = 19 6/8/2002 2:20 PM RSA Cryptosystem 3 6/8/2002 2:20 PM RSA Cryptosystem 4 Complete RSA Example Security Setup: Encryption The security of the RSA In 1999, a 512-bit number was cryptosystem is based on the factored in 4 months using the p = 5, q = 11 C = M3 mod 55 widely believed difficulty of following computers: n = 5⋅11 = 55 Decryption factoring large numbers 160 175-400 MHz SGI and Sun φ(n) = 4⋅10 = 40 M = C27 mod 55 The best known factoring algorithm (general number 8 250 MHz SGI Origin e=3 field sieve) takes time 120 300-450 MHz Pentium II d = 27 (3⋅27 = 81 = 2⋅40 + 1) exponential in the number of 4 500 MHz Digital/Compaq bits of the number to be factored Estimated resources needed to M 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 factor a number within one year The RSA challenge, sponsored C 1 8 27 9 15 51 13 17 14 10 11 23 52 49 20 26 18 2 by RSA Security, offers cash Bits PCs Memory M 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 prizes for the factorization of 430 1 128MB C 39 25 21 33 12 19 5 31 48 7 24 50 36 43 22 34 30 16 given large numbers In April 2002, prizes ranged 760 215,000 4GB M 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 C 53 37 29 35 6 3 32 44 45 41 38 42 4 40 46 28 47 54 from $10,000 (576 bits) to 1,020 342×106 170GB $200,000 (2048 bits) 1,620 1.6×1015 120TB 6/8/2002 2:20 PM RSA Cryptosystem 5 6/8/2002 2:20 PM RSA Cryptosystem 6 1
  • 2. RSA Cryptosystem 6/8/2002 2:20 PM Correctness Algorithmic Issues We show the correctness of Thus, we obtain The implementation of Setup the RSA cryptosystem for the (Me)d mod n = the RSA cryptosystem Generation of random case when the plaintext M Med mod n = requires various numbers with a given does not divide n Mkφ(n) + 1 mod n = number of bits (to generate algorithms Namely, we show that MMkφ(n) mod n = candidates p and q) M (Mφ(n))k mod n = Overall Primality testing (to check (Me)d mod n = M M (Mφ(n) mod n)k mod n = Representation of integers that candidates p and q are Since ed mod φ(n) = 1, there is of arbitrarily large size and M (1)k mod n = prime) an integer k such that arithmetic operations on M mod n = Computation of the GCD (to ed = kφ(n) + 1 them verify that e and φ(n) are Since M does not divide n, by M Encryption relatively prime) Euler’s theorem we have See the book for the proof of Modular power Computation of the correctness in the case when multiplicative inverse (to Mφ(n) mod n = 1 the plaintext M divides n Decryption compute d from e) Modular power 6/8/2002 2:20 PM RSA Cryptosystem 7 6/8/2002 2:20 PM RSA Cryptosystem 8 Modular Power Modular Inverse The repeated squaring Example Theorem Given positive integers a and b, algorithm speeds up the 318 mod 19 (18 = 10010) Given positive integers a the extended Euclid’s algorithm computation of a modular and b, let d be the smallest computes a triplet (d,i,j) such that Q1 = 31 mod 19 = 3 power ap mod n d = gcd(a,b) Q2 = (32 mod 19)30 mod 19 = 9 positive integer such that Write the exponent p in binary d = ia + jb Q3 = (92 mod 19)30 mod 19 = d = ia + jb p = pb − 1 pb − 2 … p1 p0 To test the existence of and 81 mod 19 = 5 for some integers i and j. Start with Q4 = (52 mod 19)31 mod 19 = We have compute the inverse of x ∈ Zn, we Q1 = apb − 1 mod n (25 mod 19)3 mod 19 = execute the extended Euclid’s d = gcd(a,b) algorithm on the input pair (x,n) Repeatedly compute 18 mod 19 = 18 Example Let (d,i,j) be the triplet returned Qi = ((Qi − 1)2 mod n)apb − i mod n Q5 = (182 mod 19)30 mod 19 = a = 21 (324 mod 19) mod 19 = d = ix + jn We obtain b = 15 17⋅19 + 1 mod 19 = 1 Case 1: d = 1 Qb = ap mod n d=3 i is the inverse of x in Zn The repeated squaring p5 − 1 1 0 0 1 0 i = 3, j = −4 Case 2: d > 1 algorithm performs O (log p) 2 p5 − i 3 1 1 3 1 3 = 3⋅21 + (−4)⋅15 = arithmetic operations 63 − 60 = 3 x has no inverse in Zn Qi 3 9 5 18 1 6/8/2002 2:20 PM RSA Cryptosystem 9 6/8/2002 2:20 PM RSA Cryptosystem 10 Pseudoprimality Testing Randomized Primality Testing The number of primes less than or equal to n is about n / ln n Compositeness witness function witness(x, n) with error probability Algorithm RandPrimeTest(n, k) Thus, we expect to find a prime among, O(b) randomly generated q for a random variable x Input integer n,confidence numbers with b bits each parameter k and composite Case 1: n is prime Testing whether a number is prime (primality testing) is believed witness function witness(x,n) witness w(x, n) = false with error probability q to be a hard problem Case 2: n is composite Output an indication of An integer n ≥ 2 is said to be a base-x pseudoprime if witness w(x, n) = false with whether n is composite or prime xn − 1 mod n = 1 (Fermat’s little theorem) probability q < 1 with probability 2−k Composite base-x pseudoprimes are rare: Algorithm RandPrimeTest tests whether n is prime by repeatedly t ← k/log2(1/q) A random 100-bit integer is a composite base-2 pseudoprime with for i ← 1 to t evaluating witness(x, n) probability less than 10-13 A variation of base- x x ← random() The smallest composite base-2 pseudoprime is 341 pseudoprimality provides a if witness(x,n)= true Base-x pseudoprimality testing for an integer n: suitable compositeness witness return “n is composite” Check whether xn − 1 mod n = 1 function for randomized primality return “n is prime” Can be performed efficiently with the repeated squaring algorithm testing (Rabin-Miller algorithm) 6/8/2002 2:20 PM RSA Cryptosystem 11 6/8/2002 2:20 PM RSA Cryptosystem 12 2