This article introduces the basic principles of the RSA encryption algorithm. First, let's understand some basic mathematical knowledge, then understand some basic knowledge of cryptography, and finally understand the RSA encryption algorithm.
1. Basic mathematics knowledge
1.1. What is a "prime number"?
In Baidu Encyclopedia, prime numbers are defined as follows: prime numbers (prime numbers), also known as prime numbers, are infinite. A prime number is defined as a natural number greater than 1 that has no factors other than 1 and itself.
For example: 15=1*15=3*5, so the factors of 15 are 1, 3, 5, 15, so 15 is not a prime number;
13=1*13, so the factors of 13 are 1 and 13, according to the definition 13 is a prime number .
1.2. What is "co-prime number"?
As usual, the explanation of co-prime numbers in Baidu Encyclopedia: co-prime numbers are a concept in mathematics, that is, non-zero natural numbers whose common factor of two or more integers is only 1. Two non-zero natural numbers whose common factor is only 1 are called co-prime numbers.
For example:(1) Two prime numbers must be co-prime numbers. For example, 2 and 7, 13 and 19.
(2) If a prime number cannot divide another composite number, the two numbers are relatively prime numbers. For example, 3 and 10, 5 and 26.
(3) 1 is not a prime number or a composite number, and it is a co-prime number together with any natural number. Such as 1 and 9908.
(4) Two adjacent natural numbers are co-prime numbers. Such as 15 and 16.
(5) Two adjacent odd numbers are co-prime numbers. Such as 49 and 51.
(6) Large numbers are prime numbers and two numbers are co-prime numbers. Such as 97 and 88.
(7) A decimal is a prime number, and two numbers whose large number is not a multiple of the decimal are co-prime numbers. Such as 7 and 16.
(8) Both numbers are composite numbers (the difference between the two numbers is large), and all the prime factors of the decimal are not divisors of the large number. These two numbers are co-prime numbers. Such as 357 and 715, 357=3×7×17, and 3, 7 and 17 are not divisors of 715, these two numbers are co-prime numbers. etc.
1.3. What is "Euler function"?
The explanation of the Euler function in Baidu Encyclopedia: In number theory, for a positive integer n, the Euler function is the number of numbers that are relatively prime to n in positive integers smaller than n (φ(1)=1).
The general formula of the Euler function is:
p1, p2...pn are prime factors of x, prime factors: In number theory, they refer to prime numbers that can divide a given positive integer.
For example: Suppose x=16, then the prime factor of 16 is 2, so φ(16)=16*(1-1/2)=8; then the positive integers smaller than 16 and relatively prime to 16 are: 1 , 3, 5, 7, 9, 11, 13, 15; the number is exactly 8.
1.4. What is "modular exponent operation"?
The modulo operation is an integer operation. There is an integer m, and the modulo operation is performed modulo n, that is, m mod n. When m is divided by n and only the remainder is taken as the result, it is called modulo operation. For example: 10 mod 3 = 1; 6 mod 2 = 0.
Modulo exponent operation is to do exponent operation first, take the result and then do modulo operation. For example:
2. Basic knowledge of cryptography
2.1. What is "plaintext and ciphertext"?
The plaintext is the original data before encryption, and the ciphertext is the result obtained after the cryptographic operation becomes the ciphertext.
A key is a parameter that is entered during the use of a cryptographic algorithm. The same plaintext will produce different ciphertexts under the same encryption algorithm and different key calculations.
Many well-known cryptographic algorithms are public, and the key is an important parameter to determine whether the ciphertext is safe. Usually, the longer the key, the more difficult it is to crack. The method can be easily cracked. The well-known DES algorithm uses a 56-bit key, which is no longer a secure encryption algorithm. The main reason is that the 56-bit key is too short and can be cracked within a few hours. .
Keys are divided into symmetric keys and asymmetric keys.
2.2. What is "symmetric encryption"?
Symmetric keys use the same key in the process of encryption and decryption. Common symmetric encryption algorithms include DES, 3DES, AES, RC5, and RC6.
The advantage of the symmetric key is that the calculation speed is fast. The disadvantage is that the key needs to be shared at both ends of the communication, so that each other can know what the key is before the other party can decrypt it correctly. If all clients share the same key, then this key is Like a master key, everyone’s ciphertext can be cracked with one key. If each client and server maintain a separate key, then the server needs to manage thousands of keys.
2.3. What is "asymmetric encryption"?
Asymmetric encryption is also known as public key encryption. The server will generate a pair of keys. One private key is stored on the server and only you know it. The other is the public key. The public key can be freely released for anyone to use. The ciphertext of the client's plaintext encrypted with the public key needs to be decrypted with the private key.
Asymmetric keys use different keys in the process of encryption and decryption. Encryption and decryption are asymmetrical, so it is called asymmetric encryption. Compared with symmetric key encryption, asymmetric encryption does not need to share the key between the client and the server. As long as the private key is not sent to any user, even if the public key is intercepted on the Internet, it cannot be decrypted and can only be stolen. public key is useless. The common asymmetric encryption is the RSA encryption algorithm.
3. RSA encryption algorithm
Before talking about algorithm theory, let's give a simple example. The protagonists' names are Alice, Bob and Eve. The RSA algorithm is asymmetric encryption, so there will be two keys.
Alice wants to design a public key, which is made public so that everyone can copy this key and use it to encrypt messages sent to herself. But this key must not be able to unlock the encrypted information. This is the public key. So this step requires an irreversible function operation, which can only be encrypted but not decrypted. This can be realized by the modulo operation we mentioned earlier.
At the same time, Alice herself has to have a key, which is not public. And this key can unlock the information encrypted by her public key. This is the private key.
The public key given by Alice is obtained by multiplying two relatively large prime numbers p and q to obtain a larger number N. p and q must be kept secret, and only Alice knows it, and cannot tell others, but the product N is public, and anyone can know it, that is, the generated public key.
Anyone who sends a message to Alice needs to use N to encrypt. The encryption process still uses modulo calculation, and the modulus is N. The mathematical process guarantees that this modulo operation is irreversible, so even if Eve knows this N, it is useless.
Alice's decryption process: Alice does not need N for decryption, but uses the values of p and q (no one else knows p and q, only Alice knows). The modulus in another modulo operation that Alice did privately, this value is (p-1)*(q-1).
Below, summarize the process of the RSA algorithm:
the key steps of the algorithm
first give a table:
Process description:
(1) Select a pair of different, large enough prime numbers p, q, and keep p, q secret so that no one can know.
(2) Calculate N = pq;
(3) Calculate f(N) = (p-1)(q-1); (
4) Find a number e that is relatively prime to f(n), and 1<e<f (N);
(5) Calculate d,
(6) Then, public key (e, N), private key (d, N)
for example:
(1) Randomly select two unequal prime numbers p=3,q =11,
(2) Randomly select an integer e from 1 ~ (p-1)(q-1), and it must be coprime with (p-1)(q-1) (the greatest common divisor is 1) (
p -1) (q-1)=2*10= 20, which is relatively prime to 20, randomly choose a 3;
N = 3*11=33; e = 3;
public key (e,N)=(3,33) ;
(3)
≡ is a symbol for congruence in number theory. In the formula, the left side of the ≡ symbol must be congruent with the right side of the symbol, that is, the result of the modulo operation on both sides is the same. Obviously, no matter what value f(n) takes, the result of 1 mod f(n) on the right side of the symbol is equal to 1; the result of the modulo operation of the product of d and e on the left side of the symbol must also be equal to 1. e×d≡1 mod f(n)
Exhaustive method to solve d:
solve d = 7; private key (d, N) = (7, 33);
(4) Encryption: Assume that the ciphertext to be encrypted is m = 5;
C = 26;
(5) Similarly, use the private key to decrypt only m = 5; the difficulty here lies in understanding the calculation method of the congruence. (A separate article will be written to explain the calculation of congruence in detail.)
The security of RSA depends on the factorization of large numbers, but it has not been theoretically proved that the difficulty of deciphering RSA is equivalent to the difficulty of factoring large numbers. That is, the major defect of RSA is that it cannot theoretically grasp its confidentiality performance.