Title: 1978?????????????Rivest?Shamir? Adleman (RSA) ???????
1?????????RSA
???????????? 1978?????????????Rivest?Shamir?
Adleman (RSA) ??????? ???????????????????,??
?????????????? Encryption RSA
?????,??????????
??????,????????(Public
Key)?????? Decryption RSA ?????,??????????
?(Private Key)????????
2?????????RSA
1. ??? 2 ???? p ? q (??100??),? N p q 2.
???Ø(N)(p-1)(q-1),?? 1 ??Ø(N)??? e
Ø(N)?Eulers Totient??,????N????? 3. (e,N)
????????? ???? C Me mod N 4.
??? 1 ?? d,?? e d mod Ø(N) 1 5. d
?????????(???????????) ???? M
Cd mod N
? RSA???????????????? ? ?????N?????P?Q???,?????
3RSA ???- ??
- 1. ??? p5 , q11 ?? N p q 5 x 11 55
- 2. ???? 1 ?? ( p-1 ) x ( q-1 ) ( 5-1 )( 11-1
) - 4 x 10 40
- ??? e7
- 3. ( e, N) (7,55) ?????????
- 4. ??? 1 ?? d7 ??????,
- ?? e d ? 1 mod 40 ( 7 x 23 ? 1 mod 40 )
- ??? M 53
- ?? C Me mod N 537 mod 55 37
- ?? M Cd mod N 3723 mod 55 53
4RSA ???????- Fermats Little Theorem
If p is a prime, and a is not a multiple of p,
then Fermats little theorem says ap-1 mod p 1
Ex. 26 mod 7 1
??(Fermat)?? ?p????(a,p)??,? ap-1 mod
p 1
5RSA ???????- Eulers Theorem
If gcd(a,n)1, then
Euler???? ?a,n??,? aØ(n) mod n 1
where ?() called Euler phi function.
It is the number of positive integers less than n
that are relatively prime to n. If n is a
prime, ?(n)n-1. If npq, where p and q are
prime, then ?(n)(p-1)(q-1)
?? Ø(P) P-1 ?P??? Ø(N) Ø(PQ)
Ø(P)Ø(Q) (P-1)(Q-1)
6RSA ???????
C E(M) Me mod n M D(C) Cd mod n
Cd(Me)dMed mod n since ed 1 mod (p-1)(q-1) so
Med Ma(p-1)(q-1)1 MMa(p-1)(q-1) MMa?(n) mod
n According to Eulers Theorem, we get M1M
7RSA ?????
Key Generation Select p, q p and
q both prime Calculate np?q calculate
F(n)(p-1)(q-1) Select integer e
gcd(F(n), e)11ltelt F(n) Calculate d
de-1 mod F(n) Public key
e, n Private key
d
??????
8RSA ?????-??
Key Generation Select p 5, q 11 Calculate
np?q 55 calculate F(n)(p-1)(q-1)
41040 Select integer e 7 Calculate d 23
7231 mod 40 Public key
e 7, n 55 Private key
d 23
9RSA ?????
Encryption Plaintext Mlt n
M53 Ciphertext CMe mod n
C537 mod 55
37
Decryption Ciphertext C
C37 Plaintext MCd mod n
M3723 mod 55
53
10??????
The problem is finding an x such that 1 (a x)
mod n This is also written as a-1 mod n x Note
a-1 mod n x has a unique solution if a and n are
relatively prime. If a and n are not relatively
prime, then a-1 mod n x has no solution. Ex.
The inverse of 5, modulo 14, is 3. 2 has no
inverse modulo 14.
11??????????
Method 1 Using Eulers Theorem x a-1 mod n ?
ax mod n 1 ? xa?(n)-1 mod n If gcd(a,n)1,
then a?(n) mod n1 Ex. What is the inverse of 5,
modulo 7 ? 56-1 mod 7 55 mod 7 3 ??
?(n) is not always known
12??????????
Method 2 Using Extended Euclidean Algorithm
Euclidean Algorithm ? Find gcd (a,n) Let
r0n, r1a, we get r0r1g1r2 , r1r2g2r3 , . .
. , rj-2rj-1gj-1rj , . . ., rm-4rm-3gm-3rm-2,
rm-3rm-2gm-2rm-1, rm-2rm-1gm-1rm, rm-1rmgm
13??????????
We can find gcd(a, n) sa tn, where s and t
are integers. If gcd(a,n)1, we get sa tn 1.
We can find s and t by using
rmgcd(a,n)rm-2-rm-1gm-1 Because rm-1 rm-3
rm-2gm-2 so gcd(a,n) rm-2 - (rm-3
rm-2gm-2)gm-1 (1gm-1gm-2 )rm-2 g m-1rm-3 and
so on.
satn 1 ? sa tn mod n1 ? sa mod n1 ? s
a-1 mod n
14???? (digital signature)??
- A ???????????????,????
- ????
- A ?????????? B
- B ?? A ?????? A ?????????,
- ?????????????,??????,
- ?????????? A ???
15RSA????
??
S Md mod n S 3723 mod 55 53
??
M Se mod n 37 537 mod 55
16RSA ???????????
1.???
UA
UB
???? (eA, NA)
(eB, NB) ???? dA
dB
????UA????M????UB
17RSA ???????????
?? C MeB mod NB
?? S MdA mod NA
UB
UA
?? M CdB mod NB
?? M SeA mod NA
18RSA ???????????
2.???
If NA lt NB
C
UB
UA
?? S MdA mod NA
?? S CdB mod NB
?? M SeA mod NA
?? C SeB mod NB