Transcript RSA - Southern Oregon University

RSA
Rivest, Shamir and Adleman
1978 - 1979
Rivest
Shamir
Adleman
Security
Depends on the difficulty of factoring really
large numbers.
Key Pair
• Choose 2 random large (300 to 600 digits) prime
numbers, p and q.
• p and q should be of equal length
• Compute
n = pq
• Randomly choose e such that
e and (p – 1)(q – 1)
are relatively prime
• Compute d such that
ed = 1 mod ((p – 1)(q - 1))
Keys
• e is the encryption key
• d is the decryption key
d = e-1 mod ((p – 1)(q – 1))
• e and n are the public key
• d is the private key
• Throw p and q away (securely)
Message Preparation
• The message m must be divided into blocks
smaller than n.
• For 2048 bit keys message blocks should be
around 1024 bytes.
• Pad with zeros
Encryption
• Message block mi
• Cipher text ci
ci = mi e mod
n
Decryption
• Message block mi
• Cipher text ci
mi = ci d mod
n
Common Public Keys
• 3, 17, and 65537 (216 + 1)
• 11, 1001, 10000000000000001
• Remember the security depends on factoring
n=pq
Computation
• 600 digits raised to 600 digits is a lot of
multiplication!
• Montgomery’s method depends on the binary
representation of e.
• Using all of the tricks RSA is about 10,000 to
100,000 times more computationally
intensive than DES or AES