Public-Key Cryptosystems
In the following problems, you will investigate public-key cryptosystems. Your goal, by the end
of the lesson, is to answer this question:
How does a public-key cryptosystem work, specifically the RSA cryptosystem?
In a public-key cryptosystem, an individual
creates a pair of related keys – a public key, which
can be shared with everyone, and a private key,
which is kept secret and is known only to the
individual. The diagram at the right illustrates this
situation, where Alice has created the pair of keys,
Bob uses the public key to send an encrypted message
to Alice, and Alice uses her private key to decrypt the
message. (It is customary in cryptography to use Alice
and Bob as the names of the parties communicating.)
Public-key cryptography can be used in two broad settings – for secret messages, as illustrated
above, and for digital signatures. These two settings can be thought of in terms of many individuals
sending confidential messages to one individual (secret messages), or one individual sending private and
authentic messages to many individuals (digital signatures). Examples of the first situation–many send
secret messages to one–include when many people send their confidential credit card numbers to one
online store, or when embassies abroad send secret messages to their home country’s government. An
example of the second situation–one sends authentic messages to many–is when one person sends
digitally-signed email messages to many people, so that the recipients know that the message is authentic.
In both situations, the one individual uses the private key and the many use the public key.
Both uses of publickey cryptosystems are
illustrated by the icons in the
lower right corner of the email
message window shown at
right, from a popular email
program in 2009. The
instructions given for the padlock icon are to “click to encrypt this message” (using the recipient’s public
key). The instructions for the star-shaped seal icon are to “click to digitally sign this message” (using the
sender’s private key). You will learn about both uses of public-key cryptography in this investigation.
Public-Key Cryptosystems
Page 1 of 6
The idea of public-key cryptography was first
publicly developed in 1976 by Whitfield Diffie and
Martin Hellman, while Hellman was a professor and
Diffie a programmer at Stanford University. James Ellis,
Clifford Cocks, and Malcolm Williamson developed the
idea earlier as part of secret work for a British
intelligence service (GCHQ), but this was not made
Whitfield Diffie and Martin Hellman, authors of
public until the 1990s. In 1977, Ronald L. Rivest, Adi
first published paper on public-key cryptography
Shamir, and Leonard Adleman at the Massachusetts
Institute of Technology developed what is now called the RSA public-key cryptosystem, from the initials
of their last names. The idea of a public-key cryptosystem is considered to be one of the most significant
developments in the history of cryptography. There are now many such cryptosystems in use. In this
investigation, you will study the RSA public-key cryptosystem.
RSA Public-Key Cryptosystem The keys for the RSA public-key cryptosystem are numbers
constructed using large prime numbers and modular arithmetic. The general strategy is shown in the
following diagram. The numbers n and e comprise the public key, known to everyone. The numbers p, q,
and d are the private key. The arrows in the diagram show which numbers are related to others.
RSA Cryptosystem
n
public key
e
prime numbers:
p and q
d
private key
1. In general, either key can be used for encrypting, and then the other is used for decrypting. For the
purposes of learning how the system works and carrying out the first examples, we will assume that
the public key is used to encrypt a message, which is sent and then decrypted using the private key.
Read through the steps below describing how to use the RSA cryptosystem. Discuss with classmates
any step that you do not understand. (In a later problem you will learn why the procedure works. For
now, just make sure you understand what to do at each step.)
Public-Key Cryptosystems
Page 2 of 6
Using the RSA Cryptosystem
Construct the Keys:
•
Choose two prime numbers, p and q.
•
Compute n = pq.
•
Compute r = ( p – 1)(q – 1).
•
Choose a number e (for encrypt) such that e has a multiplicative inverse in Zr.
•
d (for decrypt) is the multiplicative inverse of e in Zr.
•
Publish e and n in a public directory. This is the public encryption key. It is associated with the
individual who constructs the keys, but it can be used by anyone.
•
Keep d secret, along with p and q. This is the private decryption key. It is known only to the
individual who constructs the keys.
Encrypt:
•
Convert the plaintext message, including spaces, to numbers in Zn = {0, 1, …, n – 1}.
•
Raise each number to the power e. Reduce mod n.
Decrypt:
•
Raise each ciphertext number to the power d. Reduce mod n.
•
Convert from numbers back to letters.
2. Practice using the RSA cryptosystem by encrypting, and then decrypting, the message FLEE. For
convenience, use the guidelines and tips given below.
•
First you need to construct the keys, that is, the numbers n, e, and d. To do that, you must choose
two prime numbers, p and q. Normally you would use very large prime numbers to keep the
system secure. However, for this problem, choose p = 3 and q = 11.
•
Convert letters to numbers by converting each letter into the integer 1–26 that represents its place
in the alphabet.
•
Encrypt (and decrypt) one letter at a time.
•
Do not convert ciphertext numbers into ciphertext letters. You have finished encrypting when you
have the ciphertext numbers.
Discuss and resolve any difficulties with your classmates as you encrypt and decrypt the message
FLEE.
3. In this problem, you will use the RSA cryptosystem to send and receive secret messages. Working
with your teacher, form a team with at least one of your classmates and choose a name for your team.
Your team should choose one of the public encryption keys listed in the public key directory shown
Public-Key Cryptosystems
Page 3 of 6
below. Write your team name next to your public key on a copy of the Public Key Directory. Your
teacher will hand each group their corresponding private key. Thus, each team has their own pair of
keys – a public key and the associated private key.
Public Key Directory
Name
n
85
55
161
95
91
65
35
e
13
23
19
31
29
29
13
a. Verify that the private key you are given is valid.
(That is, verify that p and q are prime, n = pq, and e and d are multiplicative inverses in Zr.)
b. Your team should use the RSA cryptosystem to encrypt and send at least one single-word secret
message to another team.
(Important: As per the RSA cryptosystem, you use the target team’s public key to encrypt the
message that you are sending. You will find their key in the Public Key Directory above, once it
is completed in your class. Then you will use your own private key to decrypt any messages that
you receive – see Part c.)
c. Decrypt any messages you receive.
d. Based on this public-key cryptosystem, answer and discuss the following questions.
i.
Can any team send any other team a secret encrypted message? What information do you
need to encrypt a secret message so that only the target team can read it?
ii. Once you encrypt a secret message to a target team, can any other team decrypt it and read
the message?
Analyze the RSA Public-Key Cryptosystem Now that you know how the RSA cryptosystem works,
consider two important questions: Why does it work? and Why is it secure? These questions will be the
focus of the next few problems.
4. Why Does the RSA Cryptosystem Work? For this or any other cryptosystem to work, the
decrypting process must undo the encrypting process so that you get back to the original message. In
the case of the RSA system, you encrypt by raising to the power e (mod n), and you decrypt by
raising to the power d (mod n), and this gets you back to the original message. So, for a number, that
is, a message, M, (Me)d  M mod n. This works because of a special case of Euler’s Theorem (which
was proven by the Swiss mathematician Leonard Euler (1701–1783) using Fermat’s Little Theorem.)
Take a look at Euler’s Theorem:
Public-Key Cryptosystems
Page 4 of 6
Euler’s Theorem (special case)
(Me)d  M mod n, where p and q are prime numbers, n = pq, r = (p – 1)(q – 1), and e and d are
multiplicative inverses mod r.
a. Consider the following values:
p=3
i.
q = 11
e=7
d=3
Verify that these numbers satisfy the conditions of Euler’s Theorem.
ii. Choose several values of M and verify that Euler’s Theorem is true in this case.
b. Choose two different (small) prime numbers and check that Euler’s Theorem works for a few
values of M.
5. Why Is the RSA Cryptosystem Secure? Now you know how the RSA cryptosystem works and why
it works. But why is it secure? The security of the RSA cryptosystem depends on the fact that
multiplying two large prime numbers is easy, while factoring the product to recover the two prime
numbers is difficult.
a. Look back at the diagram illustrating the RSA cryptosystem on page 2. Suppose you want to
“break the code.” To do so, you need to find d, the private decryption key. Everyone knows n and
e, since these comprise the public key. Suppose you could figure out what p and q are. Describe
how you can find d if you know p, q, and e.
b. You saw in Part a that you can break the code if you can find d, and you can find d if you know p
and q. Of course, p and q are supposed to be secret. However, everyone knows n, since n is part
of the public key, and n = pq. So now, in order to break the code, the question becomes, “Can you
find p and q if you know the product of p and q?” Try answering this question for some sample
values of the product pq.
i.
Suppose pq = 35. What are p and q?
ii. Suppose pq = 77. Find p and q.
iii. Suppose pq = 221. Find p and q.
iv. Suppose pq = 3,431. Find p and q.
You can see that finding p and q gets more difficult as the product pq gets larger. In real
applications of RSA, such as using a credit card to buy a book online, the key may include a
product that contains 100 or more digits! The point is that it is very difficult to factor a large
product into its prime factors. That’s what keeps a secret message secret when you use RSA
public-key encryption.
Public-Key Cryptosystems
Page 5 of 6
Summary
In this task you learned about public-key cryptosystems, in particular the RSA cryptosystem.
a. Explain in general how a public-key cryptosystem works.
b. Describe the RSA encryption process.
c. Describe the RSA decryption process.
d. Explain generally why the RSA cryptosystem works.
e. Explain generally why the RSA cryptosystem is secure.
Public-Key Cryptosystems
Page 6 of 6