The RSA Algorithm Content • Review of Encryption • RSA • An RSA example 3 Review of Encryption RSA • By Rivest, Shamir & Adleman of MIT in 1977 • Best known & widely used public-key scheme • Uses large integers (eg. 1024 bits) • Security due to cost of factoring large numbers Features: • It is the easiest to understand as well as the most popular to implement • RSA obtains its security from the difficulty of factoring large numbers. RSA Key Generation M PU. Key PR. Key {e,N} {d,N} C=Me mod N, where 0≤M<N Policy : C M=Cd mod N M Factoring a number is relatively hard compared to multiplying the factors together to generate the number RSA Works with • Euler’s Totient Function • Greatest Common Divisor • Euclid’s Algorithm • Extended Euclid’s Algorithm • Fermat’s Little Theorem RSA Key Setup • Generate a public/private key pair: 1. Generate two large distinct primes p and q 2. Compute n = pq and φ(n) = (p − 1)(q − 1) 3. Select an e(randomly),1 <e< φ, relatively prime to φ. large primes φ(n) Unique factorization Euler’s totient function : ϕ(n) is the number of positive integers less than n which are relatively prime to n. • ϕ(n) is the number of a ∈ {1, 2, . . . , n − 1} with gcd(a, n) = 1. ►ϕ(1) = 1. ►If p is a prime number, then ϕ(p) = p − 1. relatively prime to φ ► a, b ∈ N are relatively prime if gcd(a, b) = 1. ► Fermat Test RSA Key Setup (continue) • An RSA example • An RSA example (continue) • RSA Use • To encrypt a message M the sender: ▫ obtains public key of recipient PU={e,N} ▫ computes: C=Me mod N, where 0≤M<N • To decrypt the ciphertext C the owner: ▫ uses their private key PR={d,p,q} ▫ computes: M=Cd mod N 14 How Fast is RSA? • By comparison, DES and other block ciphers are much faster than RSA. • In software, DES is generally at least 100 times as fast as RSA. • In hardware, DES is between 1,000 and 10,000 times as fast, depending on the implementation. Mathematical Theorems Greatest Common Divisor • Euclid’s Algorithm • Euclid’s algorithm is based on the theorem gcd(a, b) = gcd(b, a mod b) for any nonnegative integer a and any positive integer b. • For example, gcd(55, 22) = gcd(22, 55 mod 22) = gcd(22, 11) = 11. • The algorithm is Euclid(a, b) 1 if b = 0 2 then return a 3 else return Euclid(b, a mod b) • Euclid(30, 21) = Euclid(21, 9) = Euclid(9, 3) = Euclid(3, 0) = 3. Extended Euclid’s Algorithm • Extended Euclid’s Algorithm 1= -5a+9b 9b-1=5a (9b-1) is a multiple of (a) d=9 RSA Security • three approaches to attacking RSA: ▫ brute force key search (infeasible given size of numbers) ▫ mathematical attacks (based on difficulty of computing ø(N), by factoring modulus N) ▫ timing attacks (on running of decryption)