RSA Algorithm

Objective
• RSA Encryption and Decryption
• Key setup
• Algorithm
• Example
• Strength and weakness of RSA algorithm
• Security
 RSA
 by Rivest, Shamir & Adleman of MIT in 1977
 best known & widely used public-key scheme
 based on exponentiation in a finite (Galois) field over
integers modulo a prime
 nb. exponentiation takes O((log n)3) operations (easy)
 uses large integers (eg. 1024 bits)
 security due to cost of factoring large numbers
 nb. factorization takes O(e log n log log n) operations (hard)
 RSA En/decryption
• to encrypt a message M the sender:
– obtains public key of recipient PU={e,n}
– computes: C = Me mod n, where 0≤M<n
• to decrypt the ciphertext C the owner:
– uses their private key PR={d,n}
– computes: M = Cd mod n
• note that the message M must be smaller than
the modulus n (block if needed)
 RSA Key Setup
• each user generates a public/private key pair by:
• selecting two large primes at random: p, q
• computing their system modulus n=p.q
– note ø(n)=(p-1)(q-1)
• selecting at random the encryption key e
– where 1<e<ø(n), gcd(e,ø(n))=1
• solve following equation to find decryption key d
– e.d=1 mod ø(n) and 0≤d≤n
• publish their public encryption key: PU={e,n}
• keep secret private decryption key: PR={d,n}
 The RSA Algorithm
• Pick two large (100 digit) primes p and q.
• Let n = pq
• Select a relatively small integer d that is prime to
(p-1)(q-1)
• Find e, the multiplicative inverse of d mod (p-1)(q-1)
• (d,n) is the public key. To encrypt M, compute
– En(M) = Me(mod n)
• (e,n) is the private key. To decrypt C, compute
– De(C) = Cd(mod n)
 Why RSA Works
• because of Euler's Theorem:
– aø(n)mod n = 1 where gcd(a,n)=1
• in RSA have:
– n=p.q
– ø(n)=(p-1)(q-1)
– carefully chose e & d to be inverses mod ø(n)
– hence e.d=1+k.ø(n) for some k
• hence :
Cd = Me.d = M1+k.ø(n) = M1.(Mø(n))k
= M1.(1)k = M1 = M mod n
 RSA Example - Key Setup
1. Select primes: p=17 & q=11
2. Calculate n = pq =17 x 11=187
3. Calculate ø(n)=(p–1)(q-1)=16x10=160
4. Select e: gcd(e,160)=1; choose e=7
5. Determine d: de=1 mod 160 and d < 160
Value is d=23 since 23x7=161= 10x160+1
6. Publish public key PU={7,187}
7. Keep secret private key PR={23,187}
 RSA Example - En/Decryption
sample RSA encryption/decryption is:
given message M = 88 (nb. 88<187)
encryption:
C = 887 mod 187 = 11
decryption:
M = 1123 mod 187 = 88
 RSA example
• Let p = 11, q = 13
• n = pq = 143
• (p-1)(q-1) = 120 = 3 x 23 x 5
• Possible d: 7, 11, 13, 17, … (let’s use 7)
• Find e: e*7 = 1(mod 120) = 103
• Public key: (7, 143)
• Private key: (103, 143)
• En(42) = 427 (mod 143) = 81
• De(81) = 81103(mod 143) = 42
 Strengths of RSA
• No prior communication needed
• Highly secure (for large enough keys)
• Well-understood
• Allows both encryption and signing
 Weaknesses of RSA
• Large keys needed (1024 bits is current
standard)
• Relatively slow
– Not suitable for very large messages
• Public keys must still be distributed safely.
 Security of RSA
• The security of RSA is dependent on the
assumption that it’s difficult to generate the
private key d from the public key e and the
modulus n.
• Equivalent to integer factorization problem.
– This is how we got e and d in the first place.
• Factoring is thought to be computationally
hard.
– No proof, though!
 Summary
• have considered:
– RSA Algorithm
– Strength , Weakness and Security