1 Traditional cryptography and public key cryptography
Public key algorithms are based on mathematical functions rather than substitution and permutation, and public key cryptography is asymmetric.
Existing public key cryptography methods require a large amount of computation, so it seems unlikely that traditional cryptography will be outlawed.
Talking back to the key distribution center in traditional cryptography is very troublesome, but using public key cryptography to implement key distribution is very simple. Is the market, the use of public key cryptography also requires some form of protocol, which usually involves a central agent, and which involves processes that are neither simpler nor more efficient than those in traditional cryptography.
2 Basic principles of public key cryptography
The concept of public key cryptography is to solve two of the most difficult problems in traditional cryptography:
- key distribution
- digital signature
Public key cryptography relies on the encryption key being related to the encryption key but not the same as the decryption key:
- Determining the decryption key based solely on the cryptographic algorithm and the encryption key is computationally infeasible. (The decryption key cannot be calculated from the encryption key)
In addition, some algorithms, such as RSA, have the following characteristics:
- Either one of the keys can be used to encrypt and the other to reveal
Public key cryptography has 6 components:
- Plaintext: Input to the algorithm
- Encryption Algorithms: Encryption algorithms perform various transformations on plaintext
- Public and private keys: the input to the algorithm, one of the keys is used for encryption and the other is used for decryption
- Ciphertext: the output of the algorithm
- Decryption Algorithm: This algorithm accepts the ciphertext and the corresponding key and produces the original plaintext
Its main steps are:
Each user generates a bunch of keys, which are used to encrypt and decrypt information
Each user stores one of the keys in a public register (is it better to translate into memory? That means everyone can access it) or other accessible files, the key is called the public key
If Bob wants to send a message to Alice, Bob encrypts the message with Alice's public key
After Alice receives the message, the Courage private key decrypts the message.
Since only Alice knows her own private key, no other recipient can decrypt the message
When Alice the recipient encrypts the message with her private key, sends the sender Bob, who then decrypts the message with the public key. So only Alice can encrypt the message (since only Alice has the private key). The entire encrypted message is a digital signature. This message can be used to authenticate the data source and data integrity (mainly used to let the peer know that the private key is indeed saved with me). Of course, in order to verify the integrity of the data source and data, it is necessary to send plaintext and ciphertext at the same time when sending information, and Bob will use it to decrypt and compare the plaintext after receiving it. This process can only guarantee that the information is not modified, but cannot prevent eavesdropping (because the information is in plaintext). The solution is to encrypt the data with your own private key, and then encrypt it again with the public key of the opposite end, and send the two ciphertexts at the same time.
The applications of public key cryptosystems can be divided into three categories:
- Encryption/Decryption: The sender encrypts the message with the receiver's public key.
- Digital Signature: The sender signs (also encrypts) the information using its private key. The signature can be generated by encrypting the entire message or by encrypting a small data block of the message, where the small data block is a function of the entire message
- Key exchange: The two communicating parties exchange session keys. Used to exchange legacy keys.
Public key cryptography is:
- RSA: either
- Elliptic Curve: Any
- Diffie-Hellman: can only be used for key exchange
- DSS: can only be used for digital signatures
Requirements that public key cryptography should meet:
- B generates a bunch of keys: a public key and a private key. This is computationally easy
- Knowing the public key and the message M to be encrypted, it is computationally easy for the sender Alice to generate the developed ciphertext
- It is computationally easy for the receiver Bob to decrypt the received ciphertext using madness. The recovered plaintext is computationally easy.
- It is always computationally infeasible for an attacker to determine the private key
- With the public key and the ciphertext C, it is computationally infeasible for an attacker to recover the plaintext M.
- The order of encryption and decryption functions can be swapped. That is to say: \(M=D[PU_b,E(PR_B,M)]=D[PR_b,E(PU_b,M)]\) (this may not be satisfied)
public key cryptanalysis
Like symmetric ciphers, public-key ciphers are vulnerable to exhaustive attacks, and the solution is to use long keys. What is used for medicine constitution is some kind of mathematical function that can be used. The complexity of calculating the function value may not be a linear function of the key length, but a function that grows faster than a linear function. Therefore, in order to resist an exhaustive attack, the key must be Long enough, and the key must be short enough to facilitate encryption and jimming. In practice, the proposed key length is indeed resistant to exhaustive attacks, but it also makes encryption and decryption faster, so public key cryptography is currently limited to key exchange and signature.
There is also a supply form that is unique to public key systems. This attack is essentially an exhaustive message attack: Assuming that the message to be sent is a 56-bit DES key, the attacker can encrypt all possible keys with the public key, and match the transmitted key, so that any message can be decrypted. Therefore, this attack can be transformed into an exhaustive attack on a 56-bit key, no matter how long the key of the public key system is. The way to combat this attack is to append a random number to the message to be sent.
3 RSA encryption algorithm
3.1 Algorithm
The process of the RSA algorithm is:
- Two prime numbers \(p\) , \(q\) ,
- Calculate \(n=p \times q\) , because \(p\) , \(q\) are prime numbers, so according to the Euler function, there are a total of coprime numbers less than \(n\) : \( \phi(n)=(p-1)(q-1)\)
- Pick a private key: pick a \(e\) , which needs to satisfy \(gcd(\phi(n),e)=1;1<e<\phi(n)\)
- Calculate the public key: then according to \(d \equiv e^{-1} (mod \ \phi(n))\)
The private key is: \(\{d,n\}\) , the public key is: \(\{e,n\}\) . And the data to be encrypted needs to be smaller than \(n\) (because, to \( mod\ n\) )
Encryption process: plaintext group \(M\) , ciphertext group \(C\)
- Encryption: \(C=M^e\ mod \ n\)
. Decryption: \(M=C^d\ mod\ n=(M^e)^d\ mod \ n = M^{e\times d} \mod\n\)
Prove:
First prove:
. . look behind
3.2 Algorithm optimization
Exponentiation operation: one multiplication at a time, optimized to half multiplication, such as \(3^13\) , yes, optimized to: \((3^6)^2 \times 2\) , then \(2^6 \) can be solved recursively using this method.
Selection of public key \(e\) : If \(e\) is selected to be small, it is vulnerable to simple attacks.
Operation of the private key:
3.3 RSA Security
There are five ways to attack the RSA algorithm:
- brute force attack
- Mathematical attack, which refers to an attempt to decompose the product of two prime numbers
- Timing attacks, relying on the running time of the decryption algorithm
- Hardware-failure-based attacks: This method applies processor failures during signature generation
- Chosen-ciphertext attack: exploits the properties of the RSA algorithm
There are three main types of mathematical attacks:
- Decompose \(n\) into two prime factors, so that \(\phi(n)\) can be calculated, so that \(e\) can be calculated according to \(d\ )
- Guess the value of \(\phi(n)\) directly
- Determine directly \(d\)