Post on 23-Feb-2016
description
transcript
Presented byKatherine Heller
COSC 4765University of WyomingApril 26, 2011
RSA Asymmetric Key Cryptosystem
Image source: PC Dynamics, Inc.
Introduced 1970’s
Whitfield Diffie and Martin Hellman
Known as Public Key Encryption (PKE)
Eliminated need for shared private keys
Asymmetric Key Cryptography
Rivest, Shamir and Adleman
First asymmetric encryption algorithm
Encryption and authentication
Used with DES, SSL, CDPD and PGP
Most widely used asymmetric cipher
RSA
A function (F)+
A plaintext message (m)+
An encryption key (k)=
Ciphertext (c)
Encryption
Two keys: one public (kp)one private (ks)
F(m, kp) = c and F-1(c, ks) = m
F-1(F(m, kp), ks) = m
The RSA Method
Select two large prime numbers: p and q. Find the product, n, of p and q: n = pq. Choose a number, e, which is less than n and
relatively prime to (p-1)(q-1). Find a number d, such that (ed - 1) is evenly
divisible by (p-1)(q-1). e is the public exponent, d is the private
exponent. Public key: (n, e) Private key: (n, d)
The RSA Algorithm
Using real numbers:
p = 5077 and q = 4999
n = pq = 25379923e = 5( p – 1 ) = ( 5077 – 1 ) = 5076( q – 1 ) = ( 4999 – 1 ) = 49985076 * 4998 = 25369848d = 15221909( 5 (15221909) – 1 ) / 25369848 = 3
The RSA Algorithm (2)
What are the keys?
n = 25379923, e = 5 and d = 15221909
Public Key is the pair (n, e) or (25379923, 5)Used to encrypt
Private Key is the pair (n, d) or (25379923, 15221909)
Used to decrypt
Keys
Creating the ciphertextc = me mod n
Decrypting the messagem = cd mod n
Remember, n is really, really huge!
Keys (2)
Larger modulus (n) increases security Large keys Commonly 1024, 2048 and 4096 bits Keys ≥ 2048 bits for extremely
valuable data Difficult to compare to other methods Security comes from how the keys are
generated, as well as key length
Key Sizes
Produces ciphertext without patterns
Very random
Hard to exploit
Larger modulus = greater security
What’s so good about RSA?
Modular exponentiation slows it down
Longer key = slower operations
◦ 2 x modulus ⇒ time for public key ops x 4time for private key ops x 8
time for key generation x 16
◦ Public key ops take O(k2) steps◦ Private key ops take O(k4) steps (where k = number of bits in modulus n)
DES 1000 times faster
But, how fast is it?
The de facto standard for cryptography
Combines authentication with encryption
Allows world-wide use of one system regardless of software or platforms
The Standard
Digital Envelope
LARGE PRIME NUMBERS
100 digits long, or longer (each!)
Factoring very difficult
Security in the mathematical difficulty
Resistant to key search attacks
The “Key” to Security
RSA can still be broken, with the key
Discovering a private key corresponding to its paired public key
“Guessed Plaintext Attack”◦ Guess the message◦ Run the encryption to see if it matches ciphertext
Even so – RSA isn’t going anywhere
And with the key…
RSA Algorithm Demo by Richard Holowczak:http://cisnet.baruch.cuny.edu/holowczak/classes/9444/rsademo/#overview
RSA.com FAQ document:http://www.rsa.com/rsalabs/node.asp?id=2152#
More information:
Coated.com. (2010). GSM Security Encryption Code Hacked. Retrieved April 23, 2011, from Coated.com: http://www.coated.com/gsm-security-encryption-code-hacked-93620004/
Daswani, N., Kern, C., & Kesavan, A. (2007). Foundations of Security: What Every Programmer Needs to Know. Berkeley: Apress.
PC Dynamics, Inc. (2011). File Encryption. Retrieved April 23, 2011, from SafeHouseSoftware.com: http://www.safehousesoftware.com/FileEncryption.aspx
Richard Holowczak, P. (2002, September 12). RSA Demo Applet. Retrieved April 16, 2011, from cisnet.baruch.cuny.edu: http://cisnet.baruch.cuny.edu/holowczak/classes/9444/rsademo/#overview
RSA Laboratories. (2000). RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Version 4.1. Retrieved April 16, 2011, from RSA Laboratories: http://www.rsa.com/rsalabs/node.asp?id=2152#
Welschenbach, M. (2005). Cryptography in C and C++. New York: Apress.
References
Questions?
Image source: Coated.com