Public-key encryption; modular arithmetic

Security in Computing (3rd Edition)

Info icon This preview shows pages 1–2. Sign up to view the full content.

CS 161 Computer Security Fall 2005 Joseph/Tygar/Vazirani/Wagner Notes 10 1 One-way function A one-way function is a fundamental notion in cryptography. It is a function on n bits such that given x it is easy to compute f ( x ) but on input f ( x ) it is hard to recover x (or any other preimage of f ( x ) ). One of the fundamental sources of one-way functions is the remarkable contrast between multiplication, which is fast, and factoring, for which we know only exponential time algorithms. The simplest procedures for factoring a number require an enormous effort if that number is large. Given a number N , one can try dividing it by 1 , 2 ,..., N - 1 in turn, and returning all the factors that emerge. This algorithm requires N - 1 steps. If N is in binary representation, as is customary, then its length is n = d log 2 N e bits, which means that the running time is proportional to 2 n , exponential in the size of the input. One clever simplification is to restrict the possible candidates to just 2 , 3 ,..., N , and for each factor f found in this shortened list, to also note the corresponding factor N / f . As justification, witness that if N = ab for some numbers a and b , then at most one of these numbers can be more than N . The modified procedure requires only N steps, which is proportional to 2 n / 2 but is still exponential. Factoring is one of the most intensely studied problems by algorithmists and number theorists. The best algorithms for this problem take 2 cn 1 / 3 log 2 / 3 n steps. The current record is the factoring of RSA576, a 576 bit challenge by RSA Inc. The factoring of 1024 bit numbers is well beyond the capability of current algorithms. The security of the RSA public key cryptosystem is based on this stark contrast between the hardness of factoring and multiplication. 2 Outline of RSA In the RSA cryptosystem, each user selects a public key ( N , e ) , where N is a product of two large primes P and Q , and e is the encryption exponent (usually e = 3). P and Q are unknown to the rest of the World, and are used by the owner of the key (say Alice), to compute the private key ( N , d ) . Even though d is uniquely defined by the public key ( N , e ) , actually recovering d from ( N , e ) is as hard as factoring N . i.e. given d there is an efficient algorithm to recover P and Q . The encryption function is a permutation on { 0 , 1 ,..., N - 1 } . It is given by E ( m ) = m e mod N . The decryption function is D ( c ) = c d mod N , with the property that D ( E ( m )) = m . i.e. for every m , m e d = m mod N . To establish these properties and understand how to choose d , e we must review modular arithmetic. Before we do that let us make some observations about RSA. First, what makes public key cryptography counter-intuitive is the seeming symmetry between the recepient of the message, Alice, and the eavesdrop- per, Eve. After all, the ciphertext m e mod N together with the public key ( N , e ) uniquely specifies the plaintext m . In principle one could try computing x e mod N for all 0 x N - 1 until one hits upon the ciphertext. However this is prohibitively expensive. RSA breaks the symmetry between Alice and Eve be-
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

Image of page 2
This is the end of the preview. Sign up to access the rest of the document.
  • Fall '05
  • Joseph
  • Computer Security, Prime number, Alice, Greatest common divisor, mod N.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern