Describe the three components of a public-key encryption scheme
- Key generation algorithm: outputs encryption key, decryption key and public params i.e. descriptions of the message space, cipher text space and possible enc/dec key pairs
- Encryption algorithm: receives encryption key and public params; outputs ciphertext
- Decryption algorithm: receives decryption key and public params; outputs original message
What does the acronym RSA represent?
Rivest, Shamir and Adleman
What is a trapdoor one-way function?
Efficient to execute one way, inefficient to execute in the inverse - unless you have the extra information that provides the “trapdoor”, i.e. makes the inverse efficient, too
What idea is RSA encryption based on?
The idea that it’s easy to multiply two large primes, but there is currently no known way to efficiently find the prime factors of a number n that is the product of two large primes
How are the parameters for the RSA encryption scheme set up?
What is the name of the first parameter?
What is made public and what is kept secret?
What is the minimum size of relevant value(s) needed?
The public param for RSA is an integer π (the modulus of the scheme) that is a product of two large primes:
- Generate two large primes p and q of similar size, but with p β q
- Calculate π = pq
Public: π
Secret: p and q
Minimum recommended size for π: 2048 bits long when represented in binary
Describe how to generate the keys for the RSA encryption scheme
Compute ΙΈ(π) = (p - 1)(q - 1)
Encryption key e must be a positive integer coprime to ΙΈ(π) so that e β Z*ΙΈ(π)
Decryption key d is the multiplicative inverse of e in Z*ΙΈ(π)
Describe the RSA encryption and decryption algorithms
(2 steps each)
Assuming our message π is represented as an element of β€π.
Encryption:
- Use the modulus of the scheme, π, and public encryption key π to express E(π, π) = ππ (mod π)
- Use techniques like Square & Multiply to calculate the value of this exponential value
Decryption:
- Use private decryption key π and public parameter π with ciphertext π to express D(π, π ) = ππ (mod π)
- The fastest way to solve this is to split it into two expressions (since π = ππ) in order to use exponent reduction and calculation techniques, ending up with two congruences with π to solve using CRT to find π (mod π)
Use RSA encryption to encrypt the message π = 301.
Then use RSA decryption to decrypt it.
Necessary information:
- The modulus of the scheme and public parameter π = 1457
- The modulus was derived from π = 31 and π = 47
- The public encryption key π = 11
The recipient also knows the private decryption key π = 251.
Encryption:
- Ciphertext π = E(π, π) = 30111 (mod 1457)
- 30111 (mod 1457) β‘ 358 (mod 1457)
Decryption:
- Message π = D(π, π ) = 358251 (mod 1457)
- Knowing π = 31 and π = 47, we will use CRT to compute π β‘ 358251 (mod 31) and π β‘ 358251 (mod 47), which reduce down to π β‘ 22251 (mod 31) and π β‘ 19251 (mod 47) respectively - the result is the message, 301
Appreciate that an an adversary who can factor an RSA modulus π can break RSA
Appreciate that it is not known whether breaking RSA is as hard as the problem of factoring the modulus π
Show that the RSA encryption scheme provides correctness for messages π that are coprime to π
