αλγοριθμος RSA

5/27/2018 RSA

1/24

6

( -

RSA)

5/27/2018 RSA

2/24

- 6 2

1976 ( Diffie-Hellman)

e d, :d(e(m))=m

( e) : e d.

P EncryptionC

DecryptionP

E D

5/27/2018 RSA

3/24

- 6 3

A m B, B E

e

(m). Ee , B. , B, DB , DB (EB(m)).

5/27/2018 RSA

4/24

- 6 4

A B

B

B

A

A

5/27/2018 RSA

5/24

- 6 5

RSA

Rivest,

Shamir, Adleman. K

p, q, N=pq. N 200

( )

p q .

N ( ). , p,q. RSA (FactorizationRSA (Factorization probprob).).

5/27/2018 RSA

6/24

- 6 6

RSA ()

p q, Euler

(N), N.

N=pq, (N)=(p)(q) = (p-1) (q-1)

e

() gcd(e,(N))=1. e.

(extended) ( ), d, 1 < d < (N),

ed=1 (mod ()).( , d e mod ())

(N,e). d.

5/27/2018 RSA

7/24

- 6 7

, a, b,

g, x,y ax+by=g.

( )

(( RSA: a=RSA: a=((),), b=eb=e g=1.g=1. dd y).y).

a b a=kb + r.

A r , a=b b=r

( a b). r 0. ,

g.

,

x,y ( ).

5/27/2018 RSA

8/24

- 6 8

a=1925, b=693

: 1925 = 2 693 + 539 (1)

693 = 1 539 + 154 (2)

539 = 3 154 + 77 (3)

154 = 2 77 (4) , 77 (

). , :

(3) ( (2), (1) ):

69311-19254

6933-693)2-(192546933-5394)5391693(3539154353977

=

===

===

, x=4 y=-11.

5/27/2018 RSA

9/24

- 6 9

RSA

()

m B A, m

m1, m2, , mp,

mi 0 N.

block mi

e N A. T ci :

ci=mie mod N

5/27/2018 RSA

10/24

- 6 10

RSA

()

A c m = cd mod N.

d e

m.

,

d.

5/27/2018 RSA

11/24

- 6 11

RSA Euler: , gcd(m,)=1

k m, :

mk(N)+1 mod N =m mod N (1)

ed 1 (mod ()), k :

ed=k() +1.

:

cid mod N

= mied mod N == mi

k(N)+1 mod N = ( (1))

= mi mod N = mi

)mod(1)( Nm N

5/27/2018 RSA

12/24

- 6 12

RSA 1. p,q p=47, q=59. N=pq=2773.2. ()=4658=2668 e

2668, e=17.

3. , x,y 2668x + 17y=1 ( gcd(2668,17)=1). 17y1 mod (2668).

y=157. d=157.

4. O N e, d

( N e d, p,q -

).5. m=31, :

:

c me (mod )

587 3117 (mod 2773)

6. 587 , d ( ):

:

m cd (mod N)

31 587157 (mod 2773)

5/27/2018 RSA

13/24

- 6 13

RSA Bob Alice, RSA.

?

Alice -p=37 q=73 ( ,

p,q 200 ).

N=pq=2701.

H Alice e (p-1)(q-1) = 3672 = 2592,

36 72. e=77.

Alice d

77d

1(mod 2592). ( e, mod 2592). , d=101.

Alice (e,N)= (77, 2701).

Alice d=101.

5/27/2018 RSA

14/24

- 6 14

Alice

d?

, (N)=2592 e=77.

2592 = 33 77 + 51 77 = 1 51 + 26

51 = 1 26 + 25

26 = 1 25 + 1 25 = 25 1 + 0 -> (,

gcd(2592,77)=1 )

5/27/2018 RSA

15/24

- 6 15

Alice

d? ()

: 1 = 26 - 1 25 =

= 26 - 1 (51 - 1 26) = 26 - 1 51 + 1 26 = 2 26 - 1 51 == 2 (77 - 1 51) - 1 51 = 2 77 - 2 51 - 1 51 = 2 77 - 3 51

= 2 77 - 3 (2592 - 33 77) =

= 2 77 - 3 2592 + 99 77 =

= -3 2592 + 101 77

d=101

5/27/2018 RSA

16/24

- 6 16

Bob I miss you Alice.

Bob ,

:

I M I S S Y O U

08 12 08 18 18 24 14 20

Bob blocks ( RSA ).

0812 0818 1824 1420 ( P1, P2 ,P3, P4)

Bob Ci= Pi77 (mod 2701) block

C1= 81277 = 1744(mod 2701)C2= 818

77 = 321(mod 2701)

C3= 182477 = 656(mod 2701)

C4= 142077 = 2064 (mod 2701)

Bob Alice 1744 0321 0656 2064

RSA

()

5/27/2018 RSA

17/24

- 6 17

, Alice 101, :

1744101 = 812 (mod 2701)

0321101=818 (mod 2701)

0656101=1824 (mod 2701)

2064101=1420 (mod 2701)

,

0812 0818 1824 1420

, :

IM IS SY OU

RSA

()

5/27/2018 RSA

18/24

- 6 18

RSA

- Square and Multiply RSA (

) .

Square-And-Multiply. (

)

.

, ,

( 1) (

0).

5/27/2018 RSA

19/24

- 6 19

5/27/2018 RSA

20/24

- 6 20

RSA Alice m

Bob ,

Bob Alice.

H Alice s = md mod N,

d ( N

).

Bob m s ( m

, RSA!).

Bob,

m = se mod N m=m.

5/27/2018 RSA

21/24

- 6 21

RSA

() ?

s

m!! :

H Alice :

s = md mod N, d ( N

). c= se mod , e Bob ( NB

o Bob).

Alice c. Bob

( s Alice) m.

: ( )

5/27/2018 RSA

22/24

- 6 22

RSA N (),

( p,q). , RSA .

p, q :

p-q , p , p ( q) .

512-bit RSA-155 7

1999 ( ). RSA lab

1024 bits ( ,

bits).

N

5/27/2018 RSA

23/24

- 6 23

(timing attacks):

d ,

( square-and-multiply, 1 ,

0). :

, 0 1

5/27/2018 RSA

24/24

- 6 24

Y Matlab

Internet, OregonUniversity http://islab.oregonstate.edu/koc/ece575/02Project/Kie+Raj/

Documents

αλγοριθμος RSA