foreword

According to your own learning needs, make a study note.
Reference materials involve a lot, too lazy to write.
There is a class on cryptography in blockchain in various cryptography books and MOOCs.

1. The mathematical basis involved in RSA encryption

Euler function φ(n): less than n, greater than 0, and the number of numbers that are prime to n.

If n=p ₁^l1 p ₂^l2 ……p _s^ls , then
Euler's Theorem: If (a,n) = 1, then a ^φ(n) mod n = 1.

Deduction of Euler's theorem:
(1) a ^kφ(n) mod n = 1, if 0<a<n, (a,n) = 1;
(2) a ^kφ(n)+1 mod n = a, if 0<a<n, (a, n) = 1;
(3) a ^ed mod n = a, if 0<a<n, (a, n) = 1, ed mod φ(n) = 1;
(4 )(a ^e mod n) ^d mod n= a, if 0<a<n, (a,n) = 1, ed mod φ(n) = 1.

2. RSA encryption mechanism

1. The process of RSA encryption in the process of transmitting messages

insert image description here

2. RSA key generation and information encryption process

(1) Randomly generate two large prime numbers p and q (1024 bits each), and calculate n = pq; (
2) Calculate
insert image description here
(3) Randomly generate an integer e that is mutually prime with φ(n), 1<e<φ (n);
(4) Calculate d, satisfying ed mod φ(n) = 1;
(5) Obtain public key <n, e>, private key <n, d>;
(6) For the transfer information M, record m is the plaintext and c is the ciphertext, then

Encryption: c=m ^e mod n public key: <n,e>;
decryption: m=c ^d mod n private key: <n,d>.

3. The attacker cracks the logic of the private key

Clues for an attacker to crack the private key

public key<n,e>
ed mod φ(n) = 1

At this time, as long as φ(n) is known, the extended Euclidean algorithm can be used to solve d: If n=p ₁^l1 p ₂^l2 ……p _s^ls , then insert image description here

The key to cracking the private key is to factorize n.

Therefore, when n has only two large prime factors, it is extremely difficult to factorize n.

3. The security of the RSA public key encryption system

Selection of parameters

It is generally believed that the value of n=pq in the RSA algorithm is 2048 bits, which is equivalent to 600 decimal integers.

1. Attack method

(1) Common mode attack (extended Euclidean algorithm)

(2) Direct decomposition modulus n attack (Euclidean algorithm)

(3) Timing attack

A timing attack is similar to a thief guessing a password by observing how long someone else turns the dial of a safe. This attack can be used not only to attack RSA, but also to attack any algorithm whose running time is not fixed.

Although timing attacks pose a serious threat, there are some simple and workable solutions:

constant exponentiation time
random delay
hidden

(4) Low index attack (Chinese remainder theorem)

(5) Chosen Ciphertext Attack (CCA)

When conducting a CCA attack, the attacker selects some ciphertexts and obtains the corresponding plaintexts, which are obtained by decrypting with the private key of the target object.

Summarize

Here is only a brief description of the RSA operation ideas.

RSA cryptosystem

Article directory