Article directory
foreword
According to your own learning needs, make a study note.
Reference materials involve a lot, too lazy to write.
There is a class on cryptography in blockchain in various cryptography books and MOOCs.
1. The mathematical basis involved in RSA encryption
-
Euler function φ(n): less than n, greater than 0, and the number of numbers that are prime to n.
If n=p 1 l1 p 2 l2 ……p s ls , then
-
Euler's Theorem: If (a,n) = 1, then a φ(n) mod n = 1.
Deduction of Euler's theorem:
(1) a kφ(n) mod n = 1, if 0<a<n, (a,n) = 1;
(2) a kφ(n)+1 mod n = a, if 0<a<n, (a, n) = 1;
(3) a ed mod n = a, if 0<a<n, (a, n) = 1, ed mod φ(n) = 1;
(4 )(a e mod n) d mod n= a, if 0<a<n, (a,n) = 1, ed mod φ(n) = 1.
2. RSA encryption mechanism
1. The process of RSA encryption in the process of transmitting messages
2. RSA key generation and information encryption process
(1) Randomly generate two large prime numbers p and q (1024 bits each), and calculate n = pq; (
2) Calculate
(3) Randomly generate an integer e that is mutually prime with φ(n), 1<e<φ (n);
(4) Calculate d, satisfying ed mod φ(n) = 1;
(5) Obtain public key <n, e>, private key <n, d>;
(6) For the transfer information M, record m is the plaintext and c is the ciphertext, then
Encryption: c=m e mod n public key: <n,e>;
decryption: m=c d mod n private key: <n,d>.
3. The attacker cracks the logic of the private key
- Clues for an attacker to crack the private key
public key<n,e>
ed mod φ(n) = 1
At this time, as long as φ(n) is known, the extended Euclidean algorithm can be used to solve d: If n=p 1 l1 p 2 l2 ……p s ls , then
-
The key to cracking the private key is to factorize n.
Therefore, when n has only two large prime factors, it is extremely difficult to factorize n.
3. The security of the RSA public key encryption system
-
Selection of parameters
It is generally believed that the value of n=pq in the RSA algorithm is 2048 bits, which is equivalent to 600 decimal integers.
1. Attack method
(1) Common mode attack (extended Euclidean algorithm)
(2) Direct decomposition modulus n attack (Euclidean algorithm)
(3) Timing attack
A timing attack is similar to a thief guessing a password by observing how long someone else turns the dial of a safe. This attack can be used not only to attack RSA, but also to attack any algorithm whose running time is not fixed.
Although timing attacks pose a serious threat, there are some simple and workable solutions:
- constant exponentiation time
- random delay
- hidden
(4) Low index attack (Chinese remainder theorem)
(5) Chosen Ciphertext Attack (CCA)
When conducting a CCA attack, the attacker selects some ciphertexts and obtains the corresponding plaintexts, which are obtained by decrypting with the private key of the target object.
Summarize
Here is only a brief description of the RSA operation ideas.