chapter5-1 - The RSA Cryptosystem and Factoring Integers...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
1 The RSA Cryptosystem and Factoring Integers • Introduction to Public-Key Cryptography • More Number Theory • The RSA Cryptosystem • Primality Testing • Square Roots Modulo n • Factoring Algorithm • Other Attack on RSA • The Rabin Cryptosystem • Semantic Security of RSA
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Public-Key Cryptography • Symmetric-key (or Shared-key) cryptosystems – A secret key is chosen by the sender and the receiver before messages are sent – The decryption rule d K is either the same as the encryption rule e K , or easily derived from e K • Drawback of such cryptosystem – Problem: how to distribute K to Alice & Bob securely – It might be impossible for the sender and the receiver to setup a secret key before communication
Background image of page 2
3 Public-Key Cryptography Basic idea of Asymmetric-key (or public-key) cryptosystems – The receiver makes his/her encryption key K e (called public key ) public. The sender can encrypt the message easily. But the decryption key K d (called private-key ) is very hard to compute from K e . Only the receiver knows K d
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Trapdoor Functions Definition: • A function f: {0,1}* {0,1}* is a trapdoor function iff f(x) is a one-way function such that given some extra information it becomes feasible to find for any y in Img(f) x in X, s.t. y = f(x) • Public key cryptography relies on trapdoor functions
Background image of page 4
5 Trapdoor Functions Factoring integers: f(p,q) = n = pq • Easy: pq • Hard: factoring pq into p and q Root-extraction: f(p,q,e,y)= y e mod pq • Easy: y e mod pq • Hard: given pq, e, and y e mod pq, compute a y' such that y' e = y e mod pq Discrete log problem: f(g,p,x) = g x mod p • Easy: g x mod p • Hard: determine x from p, g, and g x mod p
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 RSA Algorithm Invented in 1978 by Ron Rivest, Adi Shamir and Leonard A dleman Security relies on the difficulty of factoring large composite numbers Published as R L Rivest, A Shamir, L Adleman, " On Digital Signatures and Public Key Cryptosystems ", Communications of the ACM, vol 21 no 2, pp. 120- 126, Feb 1978
Background image of page 6
7 Public-key system: how it works • Everybody selects its own public key P and private key S , and publicizes P • Therefore Alice has ( P a , S a ), and Bob has ( P b , S b ) • Everybody knows P a , P b , … • Suppose Alice wants to send a message to Bob. – Alice encrypts the message with Bob‘s public key P b and sends out – (only) Bob can decrypt the message using his private key S b . Nobody else can
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 RSA cryptosystem • Suppose n=p q , where p and q are big primes • Select a and b , such that a b≡ 1 mod φ ( n ) K =( n,p,q,a,b ), publicize n,b , but keep p,q,a secret • For any x,y Z n , define e K ( x )= x b mod n d K ( y )= y a mod n • Of course, from n,b , it is very difficult to get a (as well as p,q,φ ( n ))
Background image of page 8
9 More number theory For any positive n Z n is a ring φ ( n )= i=1 m ( p i e i - p i e i - 1 ) where n = i=1 m p i e i b Z n has a multiplicative inverse iff gcd( b , n ) = 1 Z n * = { b | b is coprime to n }, then ( Z n * , ) is an abelian group 1. (modulo n ) is associative and commutative 2. 1 is the multiplicative identity 3. Any element b
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 91

chapter5-1 - The RSA Cryptosystem and Factoring Integers...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online