Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.

Like this presentation? Why not share!

- RSA ALGORITHM by Shashank Shetty 8654 views
- Rsa authentication manager 8.2 pres... by Zeev Shetach 620 views
- The rsa algorithm JooSeok Song by Information Secur... 678 views
- RSA algorithm by Arpana shree 3437 views
- Rsa Algorithm by Ashik Iqbal 15788 views
- Public Key Cryptography by Gopal Sakarkar 7937 views

1,706 views

Published on

"A Method for Obtaining Digital Signatures and Public-Key Cryptosystems" by R.L. Rivest, A. Shamir, and L. Adleman

No Downloads

Total views

1,706

On SlideShare

0

From Embeds

0

Number of Embeds

4

Shares

0

Downloads

127

Comments

0

Likes

1

No embeds

No notes for slide

- 1. A Method for Obtaining Digital Signatures and Public Key Cryptosystems Rivest, Shamir, Adleman Srilal Buddika
- 2. Ronald L. Rivest, Adi Shamir, and Leonard Adleman Inventers of RSA (1978) 2
- 3. Concept Invented By Diffie and Hellman Diffie-Hellman algorithm (1976) Whitfield Diffie and Martin Hellman 3
- 4. Outline Information Security Public Key Cryptosystems Basic Concept of RSA Digital Signatures Encryption Flow RSA Algorithm Security Analysis Current RSA Stats Conclusion Q&A 4
- 5. Information Security We need information to share/express our ideas Some Information are valuable. Hence we need Protection One of Protection method is “Data Encryption“ Encryption : Transform usable information into a form that renders it unusable by anyone other than an authorized user Decryption : Information that has been encrypted (rendered unusable) can be transformed back into its original usable form by an authorized user, who possesses the cryptographic key Cryptographic key : Specifies the particular transformation of plaintext into ciphertext, or vice versa 5
- 6. Information Security Contd. Encryption Key Algorithm Decryption Cipher Text Plain Text 6
- 7. Public Key Cryptoystems Encryption procedure - E Decryption procedure - D Message - M Cipher text - C Parameters of E kept public Parameters of D kept private Examples 7
- 8. Public Key Cryptosystems Contd. Deciphering the enciphered form of a message M yields M. D(E(M)) = M Both E and D are easy to compute By publicly revealing E, the user does not reveal an easy way to compute D (One-Way Functions) If a message M is first deciphered and then enciphered, M is the result E(D(M)) = M RSA is an algorithm for public-key cryptography 8
- 9. Basic Concepts of RSA RSA do – Encryption/Decryption/Key Generation Two types of Keys Private key (to be kept confidential) Public key (known to everyone) Has the property of D(E(M)) = M The Inverse is also TRUE (digital signatures) E(D(M)) = M 9
- 10. Typical Encryption Scenario 10
- 11. Digital Signatures Proof for verifying the sender (Authentication) Proof that message is not modified by someone other than the sender (Integrity) Preserve non-repudiation (Sender cannot deny sending it) Signature needs to be, – Message-dependant – Signer-dependant 11
- 12. Digital Signatures Contd. • How to do it in RSA – Alice sends a signed message to Bob • Why we need to HASH the message ? – Example : • I have uploaded the “presentation-slides.pdf” on Moodle • Verify your SHA512sum Digest Code with Original value posted at MyLinkedInProfile/Projects 12
- 13. Digital Signatures Contd. Sometimes you don't particularly mind letting the whole world read a message (or would rather they did) yet want to provide a mechanism to prove that you wrote the message. Signing does just this. RSA is slow, but most encryption software using RSA actually encrypts documents with a symmetric cipher like TDEA or AES, and encrypts the key used (sometimes called a "session" key) with RSA, so the slowdown from encrypting the entire document is not that great. If you want to hide the contents of the message, then you take the message and the signature, zip them together and encrypt the whole thing with the public key of the receiver before you send. 13
- 14. Encryption Flow 14
- 15. RSA Algorithm Notations – n is known as the modulus – p & q two large random primes – e is known as the public exponent or encryption exponent – d is known as the secret exponent or decryption exponent Mathematics Related to RSA – Eular’s,Fermat’s and Chinese Remainder Theorems 15
- 16. RSA Algorithm Contd. 1. Choose two random large prime numbers, p and q 2. Compute the product n = p x q 3. Randomly choose the encryption key, e, such that e and (p - 1)(q - 1) are relatively prime 4. Use the extended Euclidean algorithm to compute the decryption key, d, such that e*d ≡ 1 mod (p - 1)(q - 1) ie d = e-1 mod ((p - 1)(q - 1)) * d and n are also relatively prime 16
- 17. RSA Algorithm Contd. Keys – e and n are the public key – d is the private key Important : The two primes, p and q, are no longer needed They should be discarded, but never revealed 17
- 18. RSA Algorithm Contd. Encryption 1. Divide message into numerical blocks smaller than n (with binary data, choose the largest power of 2 less than n) 2. For each block • c = me mod n Decryption 1. For each cipher text block m = cd mod n 18
- 19. RSA Algorithm Contd. RSA Example 1. 2. 3. 4. 5. Select primes: p=17 & q=11 Compute n = pq =17×11=187 ; n=187 Compute ø(n)=(p–1)(q-1)=16×10=160 Select e ; gcd(e,160)=1; choose e=7 Determine d: d*e=1 mod 160 and d < 160 Hence, Value is d=23 since 23×7=161= 10×160+1 6. Publish public key Kpub={7,187} (e,n) 7. Keep secret private key Kpvt={23,17,11} (p,q,d) 19
- 20. RSA Algorithm Contd. message „M‟= 88 (88<187) Encryption: [c = me mod n] • C = 887 mod 187 = 11 C = 11 Decryption: [m = cd mod n] • M = 1123 mod 187 = 88 M = 88 If message is 8888 then ? 20
- 21. Security Analysis In addition to encrypting messages (which ensures privacy), you can authenticate yourself to me (so I know that it is really you who sent the message) Complexity of Factoring large primes is the strength of RSA algorithm Managing Physical Security must be done Don‟t let anyone copy your key or your primes 21
- 22. Current RSA Stats Known Attacks d<N5 Lattice Attack Low public exponent (Coppersmith) Broadcast Attack (Hastad) Related message Attack (Franklin-Reiter) A 768-bit key has been broken A 2048-bit key (RSA Factorial Challenge) Price : 200,000 USD 22
- 23. Conclusion In this Paper, Authors have Invented a new PKCS It‟s a New Methodology of Data Encryption Mechanism (Still valid on IT Industry) Have practically proven it By applying relevant security criteria, it became the best PKCS Authors did not mention about RSA performances under different data loads One of a best research paper among few 23
- 24. Thank You ! 24
- 25. Appendix - I 25
- 26. D-H Concept Yellow paint is already agreed by Alice and Bob 26
- 27. Trapdoor Functions Easy to compute in one direction Difficult to compute in the opposite direction‟ RSA Example Difficulty of Factoring Large Primes 27
- 28. Other Public Key Cryptosystems 28
- 29. Mathematics 29
- 30. Mathematics Contd. 30
- 31. Mathematics Contd. 31
- 32. Digital Signature on RSA 32
- 33. Hash Functions Ex: SHA-1/2 , MD5 … Output code called “Digest” If message is small Padding is used Has Avalanche Effect 33
- 34. Hash Functions Contd. 34
- 35. Avoiding Reblocking (Signed Msgs) Happens when , Signature “n” > Encryption “n” Remedy-1 • • • • Maintain two public key pairs (e, n) Choose a threshold value h. For signature n < h For enciphering n > h Remedy-2 • • • • • Each user has a single public key pair (e, n) Choose a threshold value h. n is where h < n < 2h Message enciphered as a number less than h If ciphertext has a value greater than h, repeatedly re-encipher until it is less than h • Similarly method applies for deciphering. 35
- 36. Appendix - II 36
- 37. Generating Large Primes How to find a really big prime Randomly generate a large odd number b of the size you want Use Solovay and Strassen’s probabilistic algorithm • Select some number a from {0, …, b-1} • gcd(a,b) = 1 and J(a,b) = a(b-1)/2 – If false b is composite. – If true b is prime with a probability of at least ½ 37
- 38. Mathematics Stuffs for RSA Eulers totient function Ф – Ф(n) : gives the number of positive integers less then n which are relatively prime to n. Computing Ф(n) – Ф(n) = Ф(p*q) = Ф(p)* Ф(q) = (p-1)*(q-1) = pq – p – q + 1 = n – (p + q) + 1 38
- 39. Mathematics Stuffs for RSA Contd. Multiplicative Inverse Example – Two relatively prime numbers 5 and 7 1 2 3 4 5 6 7 * 5 = 5 ≡ 5 (Mod 7) * 5 = 10 ≡ 3 (Mod 7) * 5 = 15 ≡ 1 (Mod 7) * 5 = 20 ≡ 6 (Mod 7) * 5 = 25 ≡ 4 (Mod 7) * 5 = 30 ≡ 2 (Mod 7) * 5 = 35 ≡ 0 (Mod 7) Z7 is a cyclic group 39
- 40. Attacks on RSA Lattice Based Attacks on RSA Hastad’s Attack Franklin-Reiter Attack Extension to Wiener’s Attack Hastad’s Attack Given 3 public keys (Ni,ei) with the same ei=3 If a user sent the same message to all 3 public keys => can recover the plaintext 40
- 41. Attacks on RSA Contd. Hastad‟s Attack Receiver 1 c1=me mod N1 User c2=me mod N2 Message: m (N1,e) Receiver 1 (N2,e) c3=me mod N3 Receiver 1 (N3,e) 41
- 42. Attacks on RSA Contd. Franklin-Reiter Attack c1=m1e mod N Bob Message: m1,m2 Alice m2=f(m1) mod N (N,e) c2=m2e mod N 42
- 43. Attacks on RSA Contd. This attack was originally developed by Franklin and Reiter, for the situation when e = 3, with k = 2 messages, with a relation of degree d =1. This result has since been generalized further, so that it applies for any number of messages with a relation of any degree. The value of e is limited to a length of approximately 32 bits due to the complexity of the calculation. This ensures that the attack is effective when e = 216 + 1, which is a popular choice. 43

No public clipboards found for this slide

×
### Save the most important slides with Clipping

Clipping is a handy way to collect and organize the most important slides from a presentation. You can keep your great finds in clipboards organized around topics.

Be the first to comment