400 likes | 527 Vues
Engineering & Analysis Operation. Public Key Encryption. James C. Bradas, Ph.D. 18 June 2009. A Bit of History. In mid 1970s, the primary means of encrypting data was via “single-key encryption”. This uses a single mathematical formula or key to encrypt
E N D
Engineering & Analysis Operation Public Key Encryption James C. Bradas, Ph.D. 18 June 2009
A Bit of History • In mid 1970s, the primary means of encrypting data was via “single-key • encryption”. This uses a single mathematical formula or key to encrypt • data or messages and requires the sender and receiver to have the key. If • you want to share information with multiple users, all have to have the key. • The more users, the less secure the key becomes. • Whitfield Diffie & Martin Hellman at Stanford University proposed a solution • in 1976 - Asymmetric “Public Key Encryption”. • This system was perfected by three MIT students in 1977 – Ronald Rivest, • Adi Shamir & Leonard Adleman. Their system has come to be known as • RSA Public-Key Cryptography and is now the standard method of data • encryption used today. • An interesting article on the history of RSA encryption is contained at the • website: http://www.fundinguniverse.com/company-histories/RSA-Security- • Inc-Company-History.html • RSA Encryption makes use of the properties of Prime Numbers to develop a • unique and “break-proof” key for each sender.
What Are Prime Numbers? Prime Numbers are numbers divisible only by themselves and 1 ALL Integers Can Be Built From Prime Numbers Prime Numbers are the “Elementary Particles” of Mathematics
The Fundamental Theorem of Arithmetic ANY integer greater than 1 can be written as a UNIQUE product of prime numbers Integer Factorization of 864 864 32 27 4 8 3 9 2 2 2 2 2 3 3 3 A semi-prime number is the product of two (not necessarily distinct) prime numbers (not raised to a power greater than 1) As of September 2008, the largest known semi-prime is: (has over 25 million digits) This number is the square of the largest prime number discovered so far
There is no “Integer Factorization Spectrometer” White Light Spectrometer Colors of the Spectrum Prime Number 1 Semi-Prime Number Prime Number 2 Cryptography, and in particular, RSA Public Key Encryption, makes use of the fact that it is EXTREMELY EASY to multiply two numbers together and EXTREMELY DIFFICULT to factor a semi-prime number into the product of prime numbers. Factoring Semi-Prime Numbers is particularly challenging because there are only TWO unique factors
RSA Uses Prime Numbers RSA Encryption Scheme I choose 2 extremely large prime numbers, p & q*. This number, combined with modular arithmetic and the RSA scheme, provides secure data encryption. How Large Are These Two Prime Numbers? If I use 128-bit encryption, then I choose a prime number between 2 & How many prime numbers are there in that range? Gauss’ formula for estimating the number of prime numbers in 2 - N integers * In reality, much goes into the selection of the prime numbers to be used. They should not be too close together (p-q should not be less than 2n ). If p-1 or q-1 have only small prime factors, n can be factored quickly by Pollard’s p-1 algorithm. There is some art to this. 1/4
RSA Uses Prime Numbers RSA Encryption Scheme I choose 2 extremely large prime numbers, p & q. This number, combined with modular arithmetic and the RSA scheme, provides secure data encryption. How Large Are These Two Prime Numbers? If I use 128-bit encryption, then I choose a prime number between 1 & How many prime numbers are there in that range?
Size of the Problem Approximate number of prime numbers using 128 bits In order to determine p & q, I might use trial & error. In other words, pick a prime number p & divide it into n to see if I get the other prime number q. To get an idea of the size of the problem, suppose I use trial & error. Divide n by each prime number between 2 and If my computer operates at Teraflop speed, I can do divisions per second There are primes to try. Number of primes to try = Number of tries per second Since the universe is only seconds old, it will take a while!
What About Some Sort of a Lookup Table? List of semi-prime integers 1st Prime 2nd Prime X With 128-bit numbers, there are ~ prime numbers. If I take 2 at a time, there are possible combinations. The number of elementary particles in the visible universe is around . There isn’t enough memory capacity to store all of the prime numbers between 1 and , much less the number of possible combinations available. Because of the number of primes, “table lookup” cannot be done. The encryption algorithm must generate prime numbers “on the fly”.
So What About Faster Computers? Top500 – 2x per year – the 500 fastest known computer systems The Top Three (As of June 2009) 1 2 3 1105 TFLOPs ( 1.105 PFLOPs ) 1059 TFLOPs 825 TFLOPs ( ) IBM Roadrunner System @ LANL Cray XTS Jaguar @ DOEs ORNL IBM BlueGene/P @ FZJ in Germany # Floating Point Operations Per Second Abbreviation 2007 Today ~2008 Even with Zettaflop performance, time is still seconds or about 1 billion years.
So What About Faster Computers? Top500 – 2x per year – the 500 fastest known computer systems The Top Three (As of June 2009) 1 2 3 1105 TFLOPs ( 1.105 PFLOPs ) 1059 TFLOPs 825 TFLOPs ( ) IBM Roadrunner System @ LANL Cray XTS Jaguar @ DOEs ORNL IBM BlueGene/P @ FZJ in Germany # Floating Point Operations Per Second Abbreviation Today by 2019? by 2030? (That’s a Lotta FLOPS!) Even with Zettaflop performance, time is still seconds or about 1 billion years.
Of course, no one actually tries every prime number by brute force. There are algorithms that make it possible to make a reasonable “guess” based on the value of the number to be factored. However, given the sheer number of prime numbers, the task of finding the correct two prime numbers is still quite formidable. A number of semi-prime numbers published by RSA in 1991 (54) have been successfully factored (12) by networked computers. However, it took months to factor just one semi-prime number. There is still no computer system/algorithm that can factor semi-prime numbers quickly (days – hours – minutes) which would put RSA encryption at risk.
So Now That We’ve Convinced Ourselves About the Viability of Prime Numbers, Let’s Look At How RSA Works
First, we need some basic modular arithmetic Two numbers a & b are congruent modulo n if their difference ( a – b ) is an integer multiple of n (the integer can be positive or negative). We can write this as: or So, for example: Other Examples “a” divided by “n” is equal to some integer x “n” + “b”. “b” is the remainder
Note: the sign is NOT the same thing as an “=“ sign. In our example, replace “25” by “x”. What values of x make the statement true? So, the following are all true:
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n insert expression for x
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n
For RSA Encryption, we will be performing the following calculation: I claim that and y are congruent modulo n k is an integer
Bottom Line…. To solve for x given the expression Proposed solution: This means, divide y by n and find the remainder. x is the remainder. Example: I want to solve for x given:
Alice Bob Meet Alice & Bob Alice & Bob want to send secure messages to one another without fear of their messages being read by a third party Using RSA PKE, each person creates a “Public Key” and a “Private Key” Their Public Key is sent to any party that wishes to send them a message Their Private Key is kept to themselves Public Key Private Key
Private Key Alice Public Key Private Key ( n , d ) Public Key ( n , e ) RSA Public Key Encryption Scheme Alice Creates Her Public & Private Key 1. Select two large prime numbers, p & q 2. Compute their product – the “modulus” n: 3. Compute Euler’s “totient” F 4. Choose e, 1 < e < F such that the greatest common divisor (gcd) ( e , F ) = 1 e is the “public key exponent” ( Common choices are e = 3, 17 & 65537 ) 5. Compute d such that d is the “private key exponent”
Alice Private Key ( n , d ) Public Key ( n , e ) So Where’s the Secret? The public knows this The public DOESN’T know this Because Alice doesn’t publish the values of p & q – an eavesdropper can’t determine and thus can’t determine the correct value of d which is needed for message decryption
Alice Bob “M” Bob wishes to send a message to Alice Public Key ( n , e ) Private Key ( n , d )
Alice Bob “M” Bob wishes to send a message to Alice Public Key ( n , e ) Alice sends her public key to Bob and keeps her private key secret Private Key ( n , d )
Alice Bob “M” Bob wishes to send a message to Alice Public Key ( n , e ) Alice sends her public key to Bob and keeps her private key secret Public Key ( n , e ) Private Key ( n , d )
Alice Bob “M” Bob wishes to send a message to Alice Public Key ( n , e ) Alice sends her public key to Bob and keeps her private key secret Public Key ( n , e ) Private Key ( n , d ) Bob first turns his message M into an integer m (or series of integers) where 0 < m < n by using an agreed-upon reversible protocol known as a padding scheme. He then computes the cipher text c (for each integer in his message) via the following:
Alice Bob “M” Bob wishes to send a message to Alice Public Key ( n , e ) Alice sends her public key to Bob and keeps her private key secret Public Key ( n , e ) Private Key ( n , d ) Bob first turns his message M into an integer m (or series of integers) where 0 < m < n by using an agreed-upon reversible protocol known as a padding scheme. He then computes the cipher text c (for each character in his message) via the following: Bob sends each “c” in the now-encrypted message to Alice.
Alice Bob Private Key ( n , d ) Public Key ( n , e ) “c”? Alice Receives Bob’s Encrypted Message
Alice Bob Private Key ( n , d ) Public Key ( n , e ) “c”? Alice Receives Bob’s Encrypted Message Alice uses her Private Key and reverse padding scheme to decrypt Bob’s message
Alice Bob Private Key ( n , d ) Public Key ( n , e ) “c”? Alice Receives Bob’s Encrypted Message Alice uses her Private Key and reverse padding scheme to decrypt Bob’s message
Alice Bob Private Key ( n , d ) Public Key ( n , e ) “c”? Alice Receives Bob’s Encrypted Message Alice uses her Private Key and reverse padding scheme to decrypt Bob’s message m Reverse Padding Scheme
Alice Bob Private Key ( n , d ) Public Key ( n , e ) “M” Alice Receives Bob’s Encrypted Message Alice uses her Private Key and reverse padding scheme to decrypt Bob’s message m Reverse Padding Scheme M Alice Recovers Bob’s Original Message “M”
Private Key Alice Bob Public Key Public Key M Sending Information from “B” to “A” – “Bob” and “Alice” Via RSA Public Key Encryption In Summary Bob’s Message M M m Alice’s Public Key Encrypted Message Alice’s Private Key ( n , d ) Bob’s Message is Recovered Reverse Padding Scheme M