In yesterday's article, we talked about the RSA algorithm. The fundamental principle of the RSA algorithm, there are two core primes p and q, they are obtained by multiplying a number n. Since p and q are very difficult to reverse from the decomposition of n, p and q so just big enough, RSA algorithm can not be cracked in the current computer skills.
Now, before you pause, turn on Baidu or Google, search tutorial RSA algorithm. Casual look 10.
You will find that these tutorials without exception, are saying: enough to find two large prime numbers p and q. But they will not tell you how to find.
In the current system of mathematics, a prime number is to find out, rather than generating out. There is not a perfect formula of general term can generate prime numbers. We can do a quick check of a number is not a prime number, but we still can not directly generate a prime number.
So the question is, RSA algorithm when generating the key, the number two quality needed in the end is how come?
When we use the algorithm to generate 2048 bit RSA keys, two prime numbers p and q we need to find, and they each are 1024bit. 1024bit figure how much? Its minimum value, maximum. If you count from the smallest figure starts to count the maximum number per second you can count 100 million numbers, you need to count
570044753571256946895391042233962688235025678254156066950247593726955466151385601004275993538836681954338260654082297557264046704764131857219835840434659197037569423594829671728507799344387665269701556798848952843855120124119935570376436804099528276139492994306780499238797710357939232321 number of years to complete.
Such a large range of digital inside, so you find two prime numbers. You say, this TM how to find?
So, Python this rsa library, which is what the gods used algorithms to quickly find the two prime numbers? So I went to read its source code. The results scared me a cold sweat.
Generate keys using rsa.newkeys () function, so I first found this function in rsa / key.py file:
Look at 758-762 OK, here it is determined by several parameters poolsize core CPU, If my four core CPU, it can also open four process to find a prime number. But we can skip this code, because in yesterday's article inside, we did not specify poolsize parameters, so it uses the default value of 1. So the first line of code to run 767, to generate p and q by gen_keys function.
We look gen_keys function:
It can be seen at line 714, generated by function find_p_q p and q, and here if we are 2048bit key words, p and q are 1024bit.
We look find_p_q function:
This function is very long, but mostly in the validation of p and q generated meets the requirements (not equal, and the difference is large enough to be), if you do not meet the requirements to try again. So the real core of the code is only the first 613 lines and 615 lines. Genprime_func function is invoked here by the parameter passed in. And this is rsa.prime.getprime genprime_func function we get on line 764 newkeys function.
Now we are entering /rsa/prime.py file, read the source code getprime function:
This code is actually very simple. In line 162 first determines the bit number to generate a prime number not less than 3. Then the orgasm:
while True:
integer = rsa.randnum.read_random_odd_int(nbits)
# Test for primeness
if is_prime(integer):
return integer
开一个死循环,调用read_random_odd_int不停获取nbit的奇数,然后,使用is_prime判断它是不是质数,如果是,返回这个数。如果不是质数,继续随机生成一个 nbit 的奇数,再判断它是不是质数。
这 TM 在逗我?在死循环里面随机生成奇数,然后判断是不是质数,不是就重试直到随机到一个质数为止?
在2{1024}到2{1025}-1这么大的范围里面随机选奇数?这要选多少年才碰得上两个质数啊?
为了解决这个疑惑,我们来看一下素数定理。
对于正实数x,定义π(x)为素数计数函数,亦即不大于x的素数个数。数学家找到了一些函数来估计π(x)的增长:
在x足够大时,可以使用这个公司估算出不大于x的质数的个数。
那么我们来看看,在2{1024}到2{1025}-1的范围中,质数的密度是多少:
质数的密度竟然高达0.14%!那么随机选一个数字,不是质数的概率是99.86%。我们来计算一下,如果随机选10000个数字,即使在不考虑奇偶性的情况下:
也就是说,在随机10000个数字里面,不出现质数的概率是一千万分之一。出现质数的概率超过99.9999%
而用 Python 循环10000次,并不需要多长时间。所以,rsa 库里面的这个算法,竟然没什么问题!!
最后,大家有兴趣可以看看prime.py中的is_prime函数,用于快速判断一个数是不是质数。还有randnum.py中的read_random_odd_int用于随机生成一个计数,代码都很简单,相信你能学到不少东西。
以上内容都是我自己的一些感想,分享出来欢迎大家指正,顺便求一波关注
