



Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
RSA Algorithm for distributed operating system.
Typology: Study notes
1 / 6
This page cannot be seen from the preview
Don't miss anything!




RSA is an algorithm used by modern computers to encrypt and decrypt messages. It is an asymmetric cryptographic algorithm. Asymmetric means that there are two different keys. This is also called public key cryptography, because one of them can be given to everyone. The other key must be kept private. It is based on the fact that finding the factors of an integer is hard (the factoring problem). RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman, who first publicly described it in 1978. A user of RSA creates and then publishes the product of two large prime numbers, along with an auxiliary value, as their public key. The prime factors must be kept secret. Anyone can use the public key to encrypt a message, but with currently published methods, if the public key is large enough, only someone with knowledge of the prime factors can feasibly decode the message.
Introduced at the time when the era of electronic email was expected to soon arise, RSA implemented two important ideas:
1. Public-key encryption. This idea omits the need for a \courier" to deliver keys to recipients over another secure channel before transmitting the originally-intended message. In RSA, encryption keys are public, while the decryption keys are not, so only the person with the correct decryption key can decipher an encrypted message. Everyone has their own encryption and decryption keys. The keys must be made in such a way that the decryption key may not be easily deduced from the public encryption key. 2. Digital signatures. The receiver may need to verify that a transmitted message actually originated from the sender (signature), and didn't just come from there (authentication). This is done using the sender's decryption key, and the signature can later be varied by anyone, using the corresponding public encryption key. Signatures therefore cannot be forged. Also, no signer can later deny having signed the message.
This is not only useful for electronic mail, but for other electronic transactions and transmissions, such as fund transfers. The security of the RSA algorithm has so far been validated, since no known attempts to break it have yet been successful, mostly due to the difficulty of factoring large numbers n = pq, where
P and q are large prime numbers.
The algorithm capitalizes on the fact that there is no efficient way to factor very large (100-200 digit) numbers.
Using an encryption key (e,n), the algorithm is as follows:
The encryption key (e,n) is made public. The decryption key (d,n) is kept private by the user.
How to Determine Appropriate Values for e, d, and n
For complete assurance that the message originated form a sender, and was not just sent through him by a third party who may have used the same encryption key (that of the receiver), we need a digital signature to come with the message. This has obvious implications of importance in real-life applications.
Bob wants to send a private message to Alice. To sign the document, we pull a clever little trick, all assuming that the RSA algorithm is quick and reliable, mostly due to property (c). We decrypt a message with Bob's key, allowed by properties (a) and (b), which assert that every message is the ciphertext of another message, and that every ciphertext can be interpreted as a message. Formally,
DB(M) = S : (3)
Then we encrypt S with Alice's encryption key.
EA(S) = EA(DB(M)) (4)
This way, we can assure only she can decrypt the document. When she does, she gets the signature by DA(EA(DB(M)) = S. She now knows the message came from Bob, since only his decryption key could compute the signature. The message need not be sent separately, since Alice can deduce it from the signature itself by using Bob's publicly available encryption key, formally EB (S) = EB(DB(M)) = M.
Since S depends on M, and the encrypted transmission Bob sent depends on S, we have a transmission that depends on both the message and the signature, so both can be deduced from the transmitted document.
This brilliantly assures the message could not be modified (if needed to be presented to, say, a \judge"), since a modified M in the form of M0 would have to generate a signature S0 = DB(M0) as well, which is impossible, since she does not known DB by property (d).
So not only does Alice possess proof that Bob signed the message and indeed sent it, but she also cannot modify M nor forge a signature for any other message.
Now, say an \intruder" attempted to lie and tell you he was from the public file? This is not a problem in RSA, since \signatures' are used. A signature just needs to assure it came from the public file (PF) itself. Every time a user joins a network, everybody gets a securely sent copy of the most recently updated
PF, which is stored on their system, and they never have to look it up. Anyone trying to send a message pretending to be in the public file would not have the appropriate signature, and would be singled out as an \intruder". He would also never receive the PF, since he never joined it.
The RSA algorithm is indeed among the strongest, but can it withstand anything? Certainly nothing can withstand the test of time. In fact, no encryption technique is even perfectly secure from an attack by a realistic cryptanalyst. Methods such as brute-force are simple but lengthy and may crack a message, but not likely an entire encryption scheme. We must also consider a probabilistic approach, meaning there's always a chance someone may get the one key out of a million". So far, we don't know how to prove whether an encryption scheme is unbreakable. If we cannot prove it, we will at least see if someone can break the code. This is how the NBS standard and RSA were essentially certified. Despite years of attempts, no one has been known to crack either algorithm. Such a resistance to attack makes RSA secure in practice.
Factoring large numbers is not provably hard, but no algorithms exists today to factor a 200-digit number in a reasonable amount of time. Fermat and Legendre have both contributed to this field by developing factoring algorithms, though factoring is still an age-old math problem. This is precisely what has partially certified" RSA as secure.
To show that RSA is secure, we will consider how a cryptanalyst may try to obtain the decryption key from the public encryption key, and not how an intruder may attempt to steal" the decryption key.
This should be taken care of as one would protect their money, through physical security methods. The authors of RSA provide an example: the encryption device (which could be, say, a set of integrated chips within a computer), would be separate from the rest of the system. It would generate encryption and decryption keys, but would not print out the decryption key,