Asymmetric encryption algorithm: a popular explanation of RSA algorithm

0 Introduction

The RSA algorithm is a well-known asymmetric encryption algorithm whose function is to encrypt information. The reason why it is called asymmetric is relative to the symmetric encryption algorithm. In a symmetric encryption algorithm, the keys required for encryption and decryption are the same. For example, in the famous Caesar encryption, the information encryptor takes the three-digit letter for each letter, such as a->d,b-> e. After the recipient receives the ciphertext, take the first three letters of each letter. In asymmetric encryption, both parties in communication each have a different key . The sender sends the encrypted message and its own key, and the receiver uses its own key (private key) and the secret key from the sender after receiving it. The key (public key) decrypts the ciphertext. In other words, as long as the recipient does not reveal his key, no one can decrypt the ciphertext. This is the genius of asymmetric encryption. RSA is the most excellent algorithm among asymmetric encryption algorithms, which will be explained in detail below.

1 Simple mathematics foundation

First, introduce two important equations. Interested students can prove it. It doesn't matter if you don't prove it, just use it if you can. mod means modulo operation.

1. $\left(amodn\right){}^{d}modn=a^{d}modn$
2. For any $x,y$，有$x^{the}modn=x^{and\mathrm{m}\mathrm{o}\mathrm{d}z}modn$, where$n$ represents two prime numbersp, qp, qThe product of$p$$and$$q$ ,$n=pq$ , and$from=(p-1)(q-1)$.

Why introduce these two equations, because the message we usually send can finally be regarded as a 01 string, we can convert this string into a unique decimal integer, such as 1010->10,1111 ->16, then this decimal integer can be used for modulo operation to achieve encryption.

2 RSA algorithm calculation

According to the previous mathematical foundation, we look at the calculation process. Now we have a decimal number mm generated by a message$m$ , then:

1. Choose two large prime numbers $p,q$ , its binary highest bit is generally more than 1024 bits
2. Calculate $n=pq,from=(p-1)(q-1)$
3. Choose an $e$ , content$e<n$ , and$e,z$ relatively prime (no common divisor)
4. Choose $d$ makes$ed-1$ can be divisible by z ($ed-1modz=1$)
5. We will $(n,e)\; is$ called the public key$k_B^{+}$，$(n,d)\; is$ called the private key$k_B^{-}$。

When the sender encrypts, the public key is used, and the encryption result is $c=(m^{e}modn)$, when the recipient decrypts, it receives the ciphertext and public key, and first$c$ take$d$次方，有$c^{d}modn=\left(m^{e}modn\right){}^{d}modn=(m\ast m^{ed-1})modn=m$ , so we restore$m$.

3 Security analysis

Now analyze the security of the RSA algorithm. If the sender’s message is intercepted, the interceptor wants to decrypt but does not have the key, so he intends to use brute force to try out the key $(n,d)$ . This question is equivalent to: Knowing$In$ the case of$n$ , for$n$ decompose prime factors to get$p,q$ . In fact, it is almost impossible to decompose a large prime number that is thousands of digits long. An article onZhihu wrote that the largest integer factor currently known to be cracked is:

1230186684530117755130494958384962720772853569595334792197322452151726400507263657518745202199786469389956474942774063845925192557326303453731548268507917026122142913461670429214311602221240479274737794080665351419597459856902143413
=
33478071698956898786044169848212690817704794983713768568912431388982883793878002287614711652531743087737814467999489
x
36746043666799590428244633799627952632279158164343087642676032283815739666511279233373417143396810270092798736308917

This number has 232 decimal digits and 768 binary digits. The longest RSA key currently cracked is 768 bits. In practical applications, the key length of RSA is 1024 bits and 2048 bits for important occasions. Based on the current computing level of computers, it takes more than 50 years to calculate, so the security of RSA is extremely high.