Add to collection(s) Add to saved
  1. No category
Uploaded by J Y

ESF Malay.ms.en

advertisement 
Translated from Malay to English - www.onlinedoctranslator.com
JQMA14(2) 2018, 81-89
Journal of Quality Measurement and Analysis
Journal of Quality Measurement and Analysis
ESF: A SIMPLE SIMPLE BASED CRYPTOSYSTEM
FACTORING PROBLEMS
(ESF: An Easy Simple Factoring-based Cryptosystem)
EDDIE SHAHRIL ISMAIL, MUHAMMAD ZAFREE ZAHARIDAN & FAIEZA SAMAT
ABSTRACT
In this paper, a new simple and simple ESF public key cryptosystem based on the
factorization problem is introduced. This system is a variation of the famous
cryptosystem RSA (Rivest, Shamir, Adleman) which is still practiced today. This new
cryptosystem has three main advantages compared to RSA. First, it does not require
a very expensive inverse modular operation when generating the secret key. Second,
smaller secret key size and value if the public key and modulus in ESF and RSA are
set. Third, the size of the hidden message is always smaller if the secret key and
modulus in ESF and RSA are fixed. This in turn makes the encryption and decryption
process in the ESF cryptosystem more efficient compared to RSA.
Keywords: cryptography; RSA; factoring problem
ABSTRACT
This paper introduces a new easy and simple ESF public key cryptosystem based on factoring
problem. It is a variation from the novel RSA (Rivest, Shamir, Adleman) cryptosystem which is
until now still practicable. The new proposed cryptosystem possesses three main advantages
over RSA. Firstly, it requires no expensive inverse modular operation during secret key
generation. Secondly, the size and value of the secret key is smaller if one fixes the public key
and modulus in ESF and RSA. Thirdly, the size and value of the ciphertext is always smaller if the
secret key and modulus in ESF and RSA are fixed. Hence, the encryption and decryption
processes in ESF are more efficient compared to RSA.
Keywords: cryptography; RSA; factoring problem
1. Introduction
In this paper, a new public key cryptosystem based on the factorization problem is
introduced. This cryptosystem is a variation of the famous RSA cryptosystem (Rivestet al.
1978) which is still immune and widely practiced. This new cryptosystem is abbreviated
ESF cryptosystem which refers to the English abbreviationEasy Simple Factoring-based
Cryptosystem.The ESF cryptosystem has three main advantages compared to the
original version of RSA. First, it does not require any modular inversion operations
during secret key generation; both, the size of the hidden message (ciphertext) which is
smaller and the third, the encryption process (encryption) and decrypt (decryption) which
is faster compared to RSA. With this heuristically, the ESF cryptosystem is more efficient
than the original version of RSA if developed on any hardware or software platform.
Since the creation of RSA, many variant versions have appeared with various claims of
their respective advantages (Williams 1980; Fiat 1990; Quisquater & Couvreur 1982;
Takagi 1997). This paper only compares the ESF cryptosystem with RSA only because the
original version of RSA still has its security and immunity features intact. This paper
begins with a description of the RSA cryptosystem and
Eddie Shahril Ismail, Muhammad Zafree Zaharidan & Faieza Samat
followed by the proposed ESF cryptosystem. After that the efficiency and immunity analysis of
ESF will be given and then the comparison with RSA will be done. This paper ends with a
discussion and conclusion.
2. RSA cryptosystem
The RSA public key system was the first of its kind created in 1978 and solved the
problem of key storage by the previous secret key system which was stated by Diffie
and Hellman (1976). RSA was developed with its immune core fully dependent on the
problem of factoring large compositional integers which has not been solved until
now because no researcher has succeeded in finding a polynomial time alkhwarizm
even though many efforts have been made in that direction. But the effort did not
seriously impact the integrity of the RSA (Montgomery 1994; Peralta & Okamoto
1996; Lenstra 2000). This factorization problem is one of the oldest problems in the
field of number theory. Now the Alkhwarizmi RSA is shown.
2.1.System parameters
(1) Choose two primespandQ1024-bit in size.
(2) Calculate the modulusn-pqand fi-Euler functions-(n) - (p-1)(Q-1).
Parametersnand-p,Q,-(n)-are called public parameters and secret parameters respectively.
Public parameters will be stored in a public directory for anyone to access while secret
parameters need to be stored neatly without public knowledge.
2.2.Key generation
(1) Choose a public keye--x:1-x--(n), st-x,-(n)--1-.
(2) Compute the secret keyd-e-1mode-(n).
The symbol 'pst' denotes the greatest common divisor.
Integerecalled public keys and stored in a shared public directorynwhile integersdcalled
the secret key and must be carefully kept for the recipient's knowledge only.
2.3.Difficult phase
For example a secret messagem--y:1-y-n, ppt-y,n--1-want to send The sender counts
c-memoden.
Hidden messagecwill be sent directly to the recipient.
2.4.Decryption phase
Now the recipient gets the hidden messagecsent. To retrieve the encrypted
message, the receiver calculates
cd-mmoden.
82
ESF: A simple simple cryptosystem based on the factorization problem
Confidential messagemwill be recovered.
Proposal 2.1.Consider an RSA system. If all parameters-p,Q,n,-(n)-and
key-e,d-is selected and conditionally generated in RSA, then the encrypted message will be
recovered in the RSA decryption phase.
Proof.Note that, since
d-e-1mode-(n)
then there exists an integerksuch that
de-1-k-(n).
Next,
cd--m
--dm
e
-m-m-(n)--m-1-
1-k-(n)
k
k
-mmoden
whichm-(n)-1 modncoincides with Euler's Theorem (Rosen 2000). -
Hastad (1986) in his paper proved that the use of public key exponentsewhich is
low along with other conditions will cause confidential messages to be obtained by
the enemy. He used lattice theory (Durfee 2002) as the main tool in his proof which
is now the basis for the development of post-quantum cryptography today.
Wiener (1990) in his article proves the use of secret exponentsd-n0.25
a low one also results in a secret message being easily obtained by the enemy. He
used a continued fraction attack (Rosen 2000) by exploiting the mathematical
relationship between exponentsebyd. Coppersmithet al. (1996) further introduced a
new class of attacks by proving that if there is a polynomial relationship between the
secret messages with the exponential condition of the public keyeand the same RSA
modulus is used then the secret messages can be calculated algebraically.
Coppersmith (1997) also proved with a low RSA exponent, the RSA modulusn-pqcan
factored if (1/ 4) log2n-prime bitpknown. Boneh and Durfee (1999)
show the limitd-n0.25not strong and prove ifd-n0.292then the system
not safe and conjecture that limitd-n0.5can be achieved. Boneh (1999) commented and
concluded RSA attacks starting in 1979 and stated that all the attacks can be avoided and
are not dangerous if the implementation of RSA is done neatly and carefully.
3. Cryptosystem ESF
Introduced the ESF cryptosystem whose construction base relies heavily on the problem of
factoring large compositional integers like the original version of RSA.
83
Eddie Shahril Ismail, Muhammad Zafree Zaharidan & Faieza Samat
3.1.System parameters
(1) Choose two primespandQ1024-bit in size and assumep-Q.
(2) Calculate the modulusn-pq.
(3) Find integersrandswhichRsis the simplest form of the fraction (p-1) (Q-1).
(4) Calculate-which--s(p-1) -1-r(Q-1) -1.
Parametersnand-p,Q,r,s,--are called public parameters and secret parameters respectively.
Public parameters will be stored in a public directory for anyone to access while secret
parameters need to be stored neatly without public knowledge.
3.2.Key generation
(1) Find integersuwhichudivide-.
(2) Count integersvwhichuv--.
Integerucalled public keys and stored in a shared public directorynwhile integersvcalled
the secret key and must be carefully kept for the recipient's knowledge only.
3.3.Difficult phase
For example a secret messagem--y:1-y-n, ppt-y,n--1-want to send, then the following process is
done: Calculate
c-mumoden.
Hidden messagecwill be sent directly to the recipient.
3.4.Decryption phase
Now the recipient gets the hidden messagecsent. To retrieve the encrypted message,
the recipient performs the following process: Compute
cv-mmoden.
Confidential messagemwill be recovered.
Evidence towards validitycv-mmodenis the brainchild of a function that
defined by Lin and Chen (1999) and Linet al. (1998) and has been used by Aunet al. (2001) who
proposed a development variation of the RSA cryptographic scheme.
Proposal 3.1.Consider the ESF system. If all parameters-p,Q,n,r,s,--and keys
-u,v-is selected and generated according to the conditions in the ESF, then the encrypted message will be
recovered in the decryption phase of the ESF.
Proof.Note that, since--s(p-1) -1-r(Q-1) -1 then
84
ESF: A simple simple cryptosystem based on the factorization problem
p-1 andQ-1 divide--1.
From Fermat's Theorem (Rosen 2000) there exists an integersandrsuch that
m--ms(p-1)-1--mp-1-m-1sm-mmodep
s
and
m--mr(Q-1)-1--mQ-1-m-1rm-mmodeQ
r
whichmdo not dividepandQ. Next becausepandQrelatively prime, then
m--mmodepq
or equivalent tocv-m--mmodepq-mmoden. 4. Efficiency and Immunity Analysis
In both RSA and ESF systems, the only public parameter that can be accessed by civilians or even
adversaries is the modulusn-pqand the recipient's public key, ieeandu.As long as there is no
a polynomial time algorithm that can factor large integersninto prime divisorspandQ
then the secret keydandvstill remains difficult to obtain though
with knowledgeeandu,further guaranteeing the integrity and immunity of these two systems.
Note that to calculate the secret keydin RSA systems, modular inversion is
required. However, it has been known that this operation is very expensive and
demands a long period of time to implement. Compared to the ESF system, the
secret key calculationvonly requires division operations that are very efficient to
implement. However, integer searchesuthat itself needs to be refined. To determine
the valueu,one of the ways is to find factors or divisors-. Also note the integersalways odd. Search for divisors-if--fgwhich
f,g1024-bit sized primes are bound to be difficult because they revert to problems
that intractable factoring by size-is now 2048-bit. However, the modulus--r(Q-1) -1-s(
p-1) -1 is only around 1024-bits in size if
rqorsp.Hence the divisor-easy to find. In addition,--uv
whichu,vis not prime then finding the divisor is not as difficult a problem
factorization which is one of the oldest problems in number theory.
In the decryption process to recover the original message, the recipient in RSA and
Each ESF needs to calculatemedmodenandm-moden.Assumingm,n
the same is used in both systems, it can be shown that the calculation in ESF is
faster. This is true when--edas shown in the following theorem.
85
Eddie Shahril Ismail, Muhammad Zafree Zaharidan & Faieza Samat
Theorem 4.1.Consider the RSA and ESF systems. If-e,d-and-u,v-are each public-
secret key pair then uv---ed.
Proof.Note that the public-secret key pair in RSA satisfies
ed-1-k-(n) -1-k(p-1)(Q-1)
whichkpositive integer,n-pqandp,Qprime withp-Qas well as-is the fi-Euler function. The
public-secret key pair in the ESF satisfies
uv---r(Q-1) -1-s(p-1) -1
whichp,Qprime andRsis the simplest fraction of (p-1) (Q-1). Thus obtained r-p-1 andsQ-1. Next, foundr(Q-1) - (p-1)(Q-1) -k(p-1)(Q-1) becausek a positive integer which in
turn givesr(Q-1) -1-k(p-1)(Q-1) -1 and finally obtained that--ed. -
Now given a numerical comparison of the product of public key and secret key
between RSA and ESF as in Table 1 whenu-e.
Table 1: Numerical comparison of public and secret key product between RSA and ESF for some
prime number pairspandQ
RSA
Prime number
p
Q
e
d
27449
17389
9178189
357949381
48611
37813
70693897
53441
42073
58237
ESF
ed
uv--
u
v
3285327071251009
9178189
13
119316457
919020673
64969152797932681
70693897
13
919020661
380299
1405205539
534398261276161
380299
739
281040961
3413
2922077
149025941
435465274599457
2922077
17
49675309
59359
3581
44587
106253203
4737511562161
44587
2383
106250821
64453
52919
59
1705335469
70549
3571
281
41976061
28903991 1705335527 49291002724388257 28903991
149381 41976341
6270467794921
149381
Based on Table 1, it is evident that the valueuv--is always smaller than the valueed. In
the encryption process, the sender calculatesmemodenandmumodenrespectively
in RSA and ESF. From Theorem 4.1, it is obtained thatuv-edand if set u-eorv-dthen
obtainedv-doru-e.Mathematically, if this happens then the process of encrypting or
decrypting in ESF is faster compared to
RSA. Meanwhile the message size is hidden,cdepends on the sizemeormu. Ifme,mu-n
then the sizecin ESF is smaller compared to RSA and this
true if takenv-dand hence the decryption process in ESF is more efficient compared
to RSA. Notice whenv-dthene-u.This gives
me-mu,i.e. RSA hidden message size is larger than ESF. The ratio of RSA and ESF
hidden message sizes is given by
86
ESF: A simple simple cryptosystem based on the factorization problem
me -md
mu
-1
1-k(p-1)(Q-1)--
-1-k(p1)(Q- 1)-v-1- ---m
d
-mk(p-1)-r,
- --mk(Q-1)-s,
d-v-Q-1
d-v-p-1.
Therefore the ratio of hidden message size between RSA and ESF is given bymk(p-1)-r:1
ormk(Q-1)-s:1 ifd-Q-1 ord-p-1.
Table 2 shows a comparison of the decryption time between the RSA and ESF
systems and found that the decryption time of ESF is faster (using the platform
Python 3.7 Intel Core i5-6200U 2.3GHz 8GB RAM)from RSA by setting the public key
valuee-uin RSA and ESF.
Table 2: Numerical comparison of decryption time (in seconds) between RSA and ESF for several pairs
Prime numberpandQ
p
Q
Time
Time
e=u
message,m
23154364635423
0.01696
0.01565
0.01396
0.01548
3
decrypt
(RSA)
decrypt
(ESF)
10000002403
99999999947
10000004039
99999999977
54225323643641
536947
99999999769
100000000003
178757776758779
402090
0.01562
0.01544
69999994741
20000000089
69999999997
20000003767
434908456335809
16667059
12423145
55635234
0.01562
0.01495
0.01545
0.01217
29999999993
30000000001
32634708817173109
93565
0.01401
0.01067
451346952449
451346953807
180277939908872862493
0.01411
0.01319
851346952429
571346952353
851346955379
571346954771
224796937887937931
54406223557239248186507
7654
3
3563254232553
0.01496
0.01496
0.01096
0.01181
381346952381
381346957919
8931292883
94762452
0.01302
0.01169
5. Discussion and Conclusion
In this study, a new version of RSA named ESF is introduced. The significant difference
between ESF and other RSA variations is that ESF is very similar to RSA with the only
difference being in the method of generating public and secret keys while other RSA
variations are significantly different in the encryption and decryption process. However, the
algorithmic structure of the encryption and decryption process in ESF is similar to that in RSA
and this is the reason why the comparison of ESF is only done with RSA and not with other
RSA variants.
The RSA public key and secret key are generated through the relationshiped-1-k(p-1)(Q-1) which
p,Qis a 1024-bit prime number andkis an integer. For implementation
practically, the prime size must be at least 512-bit so that the adversary's attack strategy
always fails. In this equation, only valuesewhich is known to the enemy while the prime
valuep,Qcan only be known if there is a polynomial time alkhwarizmi for
solve the modulus factorizationn-pq.Cost to find valuedneed surgery
modular inversion is expensive when implemented in computer hardware.
In ESF, the public key and the secret key are related through an equation uv---r(Q1) -1-s(p-1) -1 whichr,sis an integer withr/s- (p-1) / (Q-1)
is in the simplest form of fractions and only valuesuknown to the enemy. To
determine the valuev,modular inverse operation is not required but only through
decomposition-to its prime factorization only.
87
Eddie Shahril Ismail, Muhammad Zafree Zaharidan & Faieza Samat
It is further proved thatuv-ed.If setu-ethen obtainedv-dand this clearly shows the
process of decrypting ESF takes less time than RSA while ifv-dthen obtainedu-eand
this clearly shows again that the encryption process time of ESF is faster compared
to RSA. In this case, size
ESF hidden message is also smaller than RSA by a ratio of 1:mk(p-1)-r or
1:mk(Q-1)-s.In conclusion, the ESF scheme is more efficient compared to RSA or in other
words ESF is simpler and simpler referring to the key size, the size of the secret message
or the hidden message which is much smaller and the encryption or decryption time is
shorter.
The proposed ESF system can only be extended using two secret keysvand-which
is generated through the Diophantine equation,uv-----byu,-is
the corresponding public key. The encryption process then produces a hidden message
-c -m moden,c -m moden-and the decryption process produces the original message,mthrough
1
u
2
-
c1vc-2-mmodenwhichnis the modulus of the ESF system. This expansion has advantages and
its shortcomings, among which the key generation will be more efficient but the size of the
hidden message will be doubled from the previous system. However, this extension has
many other benefits that can be explored as future research.
Appreciation
The authors express their gratitude to Universiti Kebangsaan Malaysia for their support
and grant of research fund GUP-2017-089 for this research.
Reference
Aun HG, Abu-Hasan Y. & Ismail ES 2001. A multi-RSA cryptosystem.Journal of Technology35(C): 61-70. Boneh D. 1999.
Twenty years of attacks on the RSA cryptosystem.Notices of the American Mathematical Society
(AMS)46(2): 203-213.
Boneh D. & Durfee G. 1999. Cryptanalysis of RSA with private keydless thann0.292.Proceedings Advances in
Cryptology-EUROCRYPT'99, LNCS 1592,Springer-Verlag, Berlin, pp. 1-11.
Coppersmith D. 1997. Small solutions to polynomial equations and low exponent RSA vulnerabilities.Journal of
Cryptology10: 233-260.
Coppersmith D., Franklin M., Patarin J. & Reiter M. 1996. Low exponent RSA with related messages.
Proceedings Advances in Cryptology-EUROCRYPT'96, LNCS 1070Springer-Verlag, Berlin, pp. 1-9. Diffie W. &
Hellman M. 1976. New directions in cryptography.IEEE Transactions on Information Theory22(6):
644-654.
Durfee G. 2002. Cryptanalysis of RSA using algebraic and lattice methods. PhD Thesis. Stanford University. Fiat
A. 1990. Batch RSA.Proceedings Advances in Cryptology-CRYPT0'89, LNCS 435Springer-Verlag, Berlin,
pp. 175-185.
Hastad J. 1986. On using RSA with low exponent in a public key network.Proceedings Advances in Cryptology-
CRYPTO'85, LNCS 218Springer-Verlag, Berlin, pp. 403-408.
Lenstra AK 2000. Integer factoring.Design, Codes and Cryptography19: 101-128.
Lin HF & Chen CY 1999. An extended RSA based generalized group oriented signature scheme. Unpublished.
Lin HF, Hu CY, Chang CC & Chen CY 1998. Sharing a secret using RSA cryptosystem.Proceedings ICS98
Taipei, pp. 1490-1493.
Montgomery PL 1994. A survey of modern integer factorization algorithms.Quarterly7(4): 337-365. Peralta R. &
Okamoto E. 1996. Faster factoring of integers of a special form.IEEE Trans. FundamentalsE79-A
(4): 489-493.
Quisquater J.-J. & Couvreur C. 1982. Fast decipherment algorithm for RSA public-key cryptosystem.Electronics
Letters18: 905-907.
Rivest RL, Shamir A. & Adleman L. 1978. A method for obtaining digital signatures and public-key
cryptosystems.Communications of the ACM21(2): 120-126.
Rosen KH 2000.Elementary Number Theory. Ed. the 4th. New York: Addison Wesley Longman.
88
ESF: A simple simple cryptosystem based on the factorization problem
Takagi T. 1997. Fast RSA-type cryptosystem usingn-adic expansion.Proceedings Advances in CryptologyCRYPTO'97, LNCS 1294 Springer-Verlag, Berlin, pp. 372-384.
Williams HC 1980. A modification of the RSA public-key encryption procedure.IEEE Transactions on
Information Theory26(6): 726-729.
Wiener MJ 1990. Cryptanalysis of short RSA secret exponents.IEEE Transactions on Information Theory36(3):
553-558.
School of Mathematical Sciences
Faculty of Science and Technology
Universiti Kebangsaan Malaysia
43600 UKM Bangi
Selangor DE, MALAYSIA
Email: esbi@ukm.edu.my*
*
Author to contact
89
Related documents
rsa
rsa
MATH 360 Mathematics of Information Security
MATH 360 Mathematics of Information Security
Name of RSA Area: Health Law and Policy
Name of RSA Area: Health Law and Policy
Download
advertisement