This preview shows page 1. Sign up to view the full content.
Unformatted text preview: Next
 first break it into small blocks. Threedigit blocks work nicely in this case. The message is split into six blocks, mi, in which m1 = 688 m2 = 232 m3 = 687 m4 = 966 m5 = 668 m6 = 003 The first block is encrypted as 68879 mod 3337 = 1570 = c1 Performing the same operation on the subsequent blocks generates an encrypted message: c = 1570 2756 2091 2276 2423 158 Decrypting the message requires performing the same exponentiation using the decryption key of 1019, so 15701019 mod 3337 = 688 = m1 The rest of the message can be recovered in this manner. RSA in Hardware
Much has been written on the subject of hardware implementations of RSA [1314, 1474, 1456, 1316, 1485, 874, 1222, 87, 1410, 1409, 1343, 998, 367, 1429, 523, 772]. Good survey articles are [258, 872]. Many different chips perform RSA encryption [1310, 252, 1101, 1317, 874, 69, 737, 594, 1275, 1563, 509, 1223]. A partial list of currently available RSA chips, from [150, 258], is listed in Table 19.3. Not all are available on the open market. Speed of RSA
In hardware, RSA is about 1000 times slower than DES. The fastest VLSI hardware implementation for RSA with a 512bit modulus has a throughput of 64 kilobits per second [258]. There are also chips that perform 1024bit RSA encryption. Currently chips are being planned that will approach 1 megabit per second using a 512bit modulus; they will probably be available in 1995. Manufacturers have also implemented RSA in smart cards; these implementations are slower. In software, DES is about 100 times faster than RSA. These numbers may change slightly as technology changes, but RSA will never approach the speed of symmetric algorithms. Table 19.4 gives sample software speeds of RSA [918]. Software Speedups
RSA encryption goes much faster if you’re smart about choosing a value of e. The three most common choices are 3, 17, and 65537 (216 + 1). (The binary representation of 65537 has only two ones, so it takes only 17 multiplications to exponentiate.) X.509 recommends 65537 [304], PEM recommends 3 [76], and PKCS #1 (see Section 24.14) recommends 3 or 65537 [1345]. There are no security problems with using any of th...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details