Networked and Distributed
Project 10 - Public Key Encryption
Operating Systems
Name _________________________________________________________ Score __________
In this laboratory exercise you will build a simple public key encryption program based
on the RSA algorithm. Once implemented you will build a cryptanalysis tool to hack a
private key given the public key and modulus and then use the hacked key to decode an
encrypted message.
Introduction - In 1976, Rivest, Shamir and Adleman introduced a public key encryption
(PKE) system now known as RSA. It is important to understand the difference between
public (asymmetric) key and private (symmetric) key encryption systems. In the case of
the private key system, the sender and receiver must share the encryption/decryption key
along a private (secure) communication line, because anyone in possession of the key
would be able to decrypt the message. In the case of public key encryption, all
communications between the sender and receiver must be assumed to be open to public
view, including a description of the encryption/decryption algorithm itself. In most PKE
applications the use of the public key system is restricted to exchanging a symmetric key
which can then be used to communicate securely.
Symmetric key cryptosystems are easier to implement and can be made more secure than
PKE cryptosystems. PKE systems are useful for those situations in which the passing of a
private key between sender and receiver is not convenient or practical. The first step in
getting a private message from the sender to the receiver involves the intended receiver
creating a public/private key pair. The receiver passes the public key to the sender who
uses this key to encrypt the message. The encrypted message is sent to the receiver who,
in turn, uses the corresponding private key to decrypt the message. In order for this
system to be of practical value two conditions must be true:
(1) the public and private keys must be different (asymmetric)
(2) the generation of this key pair must be much simpler than the derivation of the
private key given the public key.
Mathematical Background - The public/private key pair (e,d) are used to encrypt and
decrypt messages using modular exponentiation. Given a plaintext message M which
must be less than the magnitude of the modulus n we generate the encrypted message C,
C = Me mod n
(1)
and C is converted back into M by,
M = Cd mod n
(2)
It is important to note that the sender must have both the public key value e and the
modulus n in order to encrypt the message. It is not practical to assume that the value of n
can be kept private because this would mean that the sender and receiver had managed to
communicate privately, negating the purpose of using public key encryption. We will
consider this issue in greater detail in the cryptanalysis section of the laboratory project.
Generation of the Key Pair (e,d) - We start by choosing to values p and q that are
relatively prime and of similar magnitude. This usually means we choose two prime
numbers. For a secure public key encryption these would need to be very large numbers,
but for demonstration purposes we can use smaller values. The product p*q = n, the
modulus. Also from p and q we compute a related value = (p-1)(q-1). The value is
used to derive a value d (private key) from e (public key), in the following way:
Choose e such that 1 < e < and e and have no common factors. In other words the
greatest common divisor between e and is 1.
gcd(e,  

In order to derive the private key we note that,
e d 1 mod 
(4)
which means that e*d - 1 is evenly divisible by (p-1)(q-1).
Key Pair Generation - Download and unzip the application Crypto_GenKeyPair. This
program asks the user to enter two prime numbers p and q. (For now use p = 3593 and
q = 5827). From these it computes the modulus n = p*q and  = (p-1)*(q-1). Next we
are asked to provide a candidate value, e to be used as the public key. The value of e can
have no common factors with  so the program will use the gcd( ) method to verify this.
If necessary the program increments e until gcd(e,) = 1. For now use e= 4201.
Once a valid value for e is found the program calls the method get_d( ) that returns a
private key value d. The important relationship between e and d is given in equation 4.
The method used is somewhat naive in that it starts with d=1 and increments it until the
product e*d satisfies equation 4.
1. Record the values for n, e, and d.
modulus n = _____________________
public key e = _____________________
private key d = _____________________
Message Encryption - Download and unzip the project Crypto_Encoder.zip. Enter a
sample plaintext message.
2. Your sample message. ___________________________________________________
_______________________________________________________________________
This message is converted from characters to ASCII values. Also the spaces are replaced
with X's to keep this demo program simple. The blank character has an ASCII value of
32 and is not contiguous with the range of ASCII values for alphabetic characters.
Finally your sample plaintext message is converted to a long integer array pnum[ ]. In
order to perform the encryption operation defined in equation 1.
To implement equation 1, we need to efficiently compute Me mod n where M, e and n are
large integers. It is not practical to just compute Me and then find the remainder when
divided by n because Me will be a huge number. Instead, we can use an algorithm that
uses the binary encoded value for e to generate modular exponentiation by processing e
one bit at a time.
Note that in this method the public key e is represented by a text string of 1's and 0's.
The values returned by this method are collected in the long integer array cnum[ ]. This is
the ciphertext message.
Now enter the associated private key to recover the plaintext. Note that this time the
exponent used in mod_exp( ) is d rather than e and the base is cnum[ ] rather than pnum[
]. Before continuing, verify that your plaintext message has been recovered without error.
Cryptanalysis - Download and unzip the project Crypto_Cracker.zip. This program uses
the publicly disclosed information, namely the public key and the modulus to find the
private key that matches the public key. To accomplish this the program needs to
complete two tasks:
(1) Factor the modulus into its two prime components
(2) Use p and q to help find a value d which satisfies (e*d - 1) mod ((p-1) (q-1)) = 0
Run the program and enter the values for the public key and modulus from question 1.
3. Did the program find the correct values for p, q and d? ________________________
4. The total number of iterations required to complete the two tasks is collected in the
variable count. What is this count?
______________________
The difficulty in breaking PKE codes is determined by the size of the prime numbers
used to generate the modulus. In the next section we will build a series of PKE key pairs
using successively larger primes and collect iteration counts for cryptanalysis to obtain an
estimate of the complexity of decryption as a function of prime number size.
Use a Google search to find example prime values as specified below, generate key pairs
and then use Crypto_Cracker to find p, q, and the private key. Record the run counts.
p (2 digits) _________
n = __________________________ count ____________
q (2 digits) _________
e = __________________ d = __________________
p (3 digits) _________
n = __________________________ count ____________
q (3 digits) _________
e = __________________ d = __________________
p (4 digits) _________
n = __________________________ count ____________
q (4 digits) _________
e = __________________ d = __________________
p (5 digits) _________
n = __________________________ count ____________
q (5 digits) _________
e = __________________ d = __________________
5. Graph the number of digits in the prime numbers vs. the number of iterations required
to extract the prime factors and private key.