Encryption Algorithms: Difference between revisions
Line 65: | Line 65: | ||
RSA also enables us to make digital signitures. |
RSA also enables us to make digital signitures. |
||
Let ''(e,n)'' and ''d'' be your public and your private key and let ''m'' be a message or a hash value of a message which you want to send to Bob. You can sign the message by computing |
Let ''(e,n)'' and ''d'' be your public and your private key and let ''m'' be a message or a [[hash value]] of a message which you want to send to Bob. You can sign the message by computing |
||
<center>''sig = m<sup>d</sup> mod n ''</center> |
<center>''sig = m<sup>d</sup> mod n ''</center> |
||
send the message with the signature (m,sig) to Bob. |
send the message with the signature (m,sig) to Bob. |
Revision as of 11:00, 1 February 2005
Symmetric Cryptography
What is it?
follows soon...
DES a symmetric encryption algorithm
follows soon...
Asymmetric Cryptography
What is it?
The concept of Asymetric Cryptography, also called Public Key Cryptography, was described for the first time by Whitfield Diffie and Martin Hellman in 1976. In contrast to the Symmetric Cryptography in which we have the same secret key for encryption and decryption, we now have one public key eP (ecncryption key) and one private key dP (decryption key) for each person P . While the public key eP can be published to the whole world the private key dP is to be treaten as a secret and only the person P knows it. An important characteristic of such a crypto system is that it is computationally infeasible to determine the private key given the corresponding public key.
The idea of Public Key Cryptography can be visualised like a mailbox. Generally the address of someone is public and everybody can send him a letter, but only the reciever owns the key for opening the mailbox and reading the letters. Remember that Symmetric Cryptography works like a safe. For instance assume that Alice wants to send a message m to Bob. She encrypts the plaintext m with Bob's public key e , computes the ciphertext c=f(m,e) and sends c to him. Now Bob can decrypt the recieved cipher c with his private key d and computes the plaintext m=f'(c,d).
The biggest advantage of Asymetric Cryptography is the enormously reduced effort for the key management. Imagine a company with 100 staffers gets a new employee Bob and you have to offer Bob the possibility to communicate securely to each other person. Using a symmetric crypto system means that you must create 100 new keys and distribute them. With a asymetric system you only have to create the key pair (eP,dP) , publish eBob and tell Bob his private key dBob .
A disadvantage is the velocity. Comparing DES and RSA the most popular representatives of both worlds, we get that DES is at least 100 times as fast in software and between 1,000 and 10,000 times as fast in hardware. Generally we can say that asymetric algorithms are significant slower than symmetric algorithms.
A solution for this are Hybride Systems which work as follows:
- First asymmetric cryptography is used for the key exchange of a session key ks .
- Then symmetric cryptography is used for encryption and decryption of the data with the exchanged key ks.
So these method offers the comfortable key management as well as the velocity.
RSA an asymmetric encryption algorithm
The RSA Algorithm was invented by R.Rivest,A.Shamir and L.Adleman in 1978 while they were attempting to show that Public Key Cryptography is impossible.
How does it work?
RSA is based on the following fact:
Let n=pq be the product of 2 primes p,q (p≠q). Then for every natural number m<n and for every natural number k we have
The function φ is called the Euler phi function, where φ(n) is the number of positive integers less than n that are relatively prime to n (a positive integers a is relativly prime to n if the greatest common divisor of a and n is 1).
If you want, look in below listed cryptography-books for more details of number theory. There you also find the necessary information for proving the above statement. The focus of this site is just to present and not to deduce the basic statements used by RSA.
Preparation work
Since RSA is an asymetric encryption algorithm we need a public key e and a private key d for each Person. This is done by ...
- searching big primes p,q
- computing n=pq
- computing φ(n)=(p-1)(q-1)
- choosing a number e which is relatively prime to φ(n)
- computing d with ed≡1 mod φ(n) (that is when ed=k(p-1)(q-1)+1 and k is a integer)
- forgetting p,q,φ(n) (or keeping this numbers secret!!)
- giving d to the person as a private (secret) key
- publishing e and n
Encryption with RSA
Suppose that you want to encrypt a message m and send the cipher to Bob who has the public key (e,n).
- Compute the cipher
- Send the cipher c to Bob
- Bob can decrypt the cipher c with his private key d by computing
If the message is too long that is if m≥n you have to encrypt m blockwhisely. That means that you decompose m to smaller messageblocks mi with mi<n for all i and encrypt them block by block.
Digital Signatures with RSA
RSA also enables us to make digital signitures. Let (e,n) and d be your public and your private key and let m be a message or a hash value of a message which you want to send to Bob. You can sign the message by computing
send the message with the signature (m,sig) to Bob. He can verify the signature sig with your public key (e,n) by computing
Final Remarks
The secureness of RSA depends on the keylength. Today one should use a length with at least 1024 bit for the modulus n=pq( a number with approx. 300 decimal digits). By the way, have a look at the RSA factoring challenge. There you can get money for factoring numbers. Up to now the largest factored number is RSA-576 a 576 bit number and it was factored on december 3, 2003. The factorization was led by the german researchers Jens Franke und Thorsten Kleinjung from the Pure Mathematics Institute at Bonn University.
Considering RSA as a Trapdoor One Way Function we know that its trapdoors are the private key d, p and q the prime factors of n and φ(n). It can be shown easily that knowing one of these informations you can deduce the others. But it has not been prooved yet that there is no other trapdoor information for this Algorithm.