AJAY KUMAR GARG ENGINEERING COLLEGE, GHAZIABAD

ASSIGNMENT# 2

SUBMITTED TO:SUBMITTED BY:MS. KIRTI SETHPOOJA CHAUDHARY SHREYIMADHAVI SAXENASHIVANI KUNDUSWATI CHAUDHARY

Que:Give the implementation of RSA algorithm.

Ans: Implementation of RSA algorithm.

To generate the encryption and decryption keys, we can proceed as follows.1. Generate randomly two large primes p and q.2. Compute n = p x q and phi (n) = (p 1) x (q 1).3. Choose a number e so that gcd (e, phi(n)) = 1.4. Find the multiplicative inverse of e modulo phi (n), i.e., find d so thate.d = 1 (mod phi(n)).This can be done efficiently using Euclids Extended Algorithm.The encryption public key is KE = (n, e) and the decryption private key is KD = (n, d).The encryption function isE (M) = Me mod n.The decryption function isD (M) = Md mod n. Example: Choose p = 3 and q = 11 Compute n = p * q = 3 * 11 = 33 Compute (n) = (p - 1) * (q - 1) = 2 * 10 = 20 Choose e such that 1 < e < (n) and e and n are coprime. Let e = 7 Compute a value for d such that (d * e) % (n) = 1. One solution is d = 3 [(3 * 7) % 20 = 1] Public key is (e, n) => (7, 33) Private key is (d, n) => (3, 33) The encryption of m = 2 is c = 27 % 33 = 29 The decryption of c = 29 is m = 293 % 33 = 2

Que: Perform encryption and decryption using the RSA algorithm for the following:A) P=3,q=11,e=7,m=5Ans: Given: P=3,q=11,e=7,m=5Now,N=p x q3 x 11= 33 (n) = (p-1) x (q-1) = 2 x 10 = 20Given e=7,Now calculating d, such that,e.d = 1 (mod (n)).7 x d= 1 mod 207 x 3 = 1 mod 20, hence d=3Now,E (M) = Me mod n. = 57 mod 33 = 14D (M) = Md mod n = 143 mod 33 = 5.

B) Given: P=5,q=11,e=3,m=9Now,N=p x q5 x 11= 55 (n) = (p-1) x (q-1) = 4 x 10 = 40Given e=3,Now calculating d, such that,e.d = 1 (mod (n)).3 x d= 1 mod 403 x 27 = 1 mod 40, hence d=27Now,E (M) = Me mod n. = 93 mod 55 = 14D (M) = Md mod n = 1427 mod 55 = 9.

C) Given: p=7,q=11,e=17,m=8Now,N=p x q7 x 11= 77 (n) = (p-1) x (q-1) = 6 x 10 = 60Given e=17,Now calculating d, such that,e.d = 1 (mod (n)).17 x d= 1 mod 6017 x 53 = 1 mod 60, hence d=53Now,E (M) = Me mod n. = 817 mod 77 = 57D (M) = Md mod n = 5753 mod 77 = 8.

D) Given: p=11,q=13,e=11,m=7Now,N=p x q11 x 13= 143 (n) = (p-1) x (q-1) = 10 x 12 = 120Given e=11,Now calculating d, such that,e.d = 1 (mod (n)).11 x d= 1 mod 12011 x 11 = 1 mod 120, hence d=11Now,E (M) = Me mod n. = 711 mod 143 = 106D (M) = Md mod n = 57106 mod 143 = 7

C) E) Given: p=17,q=11,e=7,m=88Now,N=p x q17 x 11= 187 (n) = (p-1) x (q-1) = 16 x 10 = 160Given e=11,Now calculating d, such that,e.d = 1 (mod (n)).7 x d= 1 mod 1607 x 23 = 1 mod 160, hence d=23Now,E (M) = Me mod n. = 887 mod 187 = 11D (M) = Md mod n = 1123 mod 187 = 88

Que: What is RSA algorithm?Ans:RSA is a cryptosystem for public-key encryption, and is widely used for securing sensitive data, particularly when being sent over an insecure network such as the Internet.RSA was first described in 1977 by Ron Rivest, Adi Shamir and Leonard Adleman of the Massachusetts Institute of Technology.Public-key cryptography, also known as asymmetric cryptography, uses two different but mathematically linked keys, one public and one private. The public key can be shared with everyone, whereas the private key must be kept secret. In RSA cryptography, both the public and the private keys can encrypt a message; the opposite key from the one used to encrypt a message is used to decrypt it. This attribute is one reason why RSA has become the most widely used asymmetric algorithm: It provides a method of assuring the confidentiality, integrity, authenticity and non-reputability of electronic communications and data storage.Many protocols like SSH, OpenPGP, S/MIME, and SSL/TLS rely on RSA for encryption and digital signature functions. It is also used in software programs -- browsers are an obvious example, which need to establish a secure connection over an insecure network like the Internet or validate a digital signature. RSA's popularityRSA derives its security from the difficulty of factoring large integers that are the product of two large prime numbers. Multiplying these two numbers is easy, but determining the original prime numbers from the total -- factoring -- is considered infeasible due to the time it would take even using todays super computers.The public and the private key-generation algorithm is the most complex part of RSA cryptography. Two large prime numbers, p and q, are generated using the Rabin-Miller primality test algorithm. A modulus n is calculated by multiplying p and q. This number is used by both the public and private keys and provides the link between them. Its length, usually expressed in bits, is called the key length. The public key consists of the modulus n, and a public exponent, e, which is normally set at 65537, as it's a prime number that is not too large. The e figure doesn't have to be a secretly selected prime number as the public key is shared with everyone. The private key consists of the modulus n and the private exponent d, which is calculated using the Extended Euclidean algorithm to find the multiplicative inverse with respect to the totient of n.An exampleAlice generates her RSA keys by selecting two primes: p=11 and q=13. The modulus n=pq=143. The totient of n (n)=(p1)x(q1)=120. She chooses 7 for her RSA public key e and calculates her RSA private key using the Extended Euclidean Algorithm which gives her 103.

Bob wants to send Alice an encrypted message M so he obtains her RSA public key (n, e) which in this example is (143, 7). His plaintext message is just the number 9 and is encrypted into ciphertext C as follows:Me mod n = 97 mod 143 = 48 = CWhen Alice receives Bobs message she decrypts it by using her RSA private key (d, n) as follows:Cd mod n = 48103 mod 143 = 9 = MTo use RSA keys to digitally sign a message, Alice would create a hash or message digest of her message to Bob, encrypt the hash value with her RSA private key and add it to the message. Bob can then verify that the message has been sent by Alice and has not been altered by decrypting the hash value with her public key. If this value matches the hash of the original message, then only Alice could have sent it (authentication and non-repudiation) and the message is exactly as she wrote it (integrity). Alice could, of course, encrypt her message with Bobs RSA public key (confidentiality) before sending it to Bob. A digital certificate contains information that identifies the certificate's owner and also contains the owner's public key. Certificates are signed by the certificate authority that issues them, and can simplify the process of obtaining public keys and verifying the owner.Que : Discuss the security of RSA.Ans: Security of RSA:As discussed, the security of RSA relies on the computational difficulty of factoring large integers. As computing power increases and more efficient factoring algorithms are discovered, the ability to factor larger and larger numbers also increases. Encryption strength is directly tied to key size, and doubling key length delivers an exponential increase in strength, although it does impair performance. RSA keys are typically 1024- or 2048-bits long, but experts believe that 1024-bit keys could be broken in the near future, which is why government and industry are moving to a minimum key length of 2048-bits. Barring an unforeseen breakthrough in quantum computing, it should be many years before longer keys are required, but elliptic curve cryptography is gaining favor with many security experts as an alternative to RSA for implementing public-key cryptography. It can create faster, smaller and more efficient cryptographic keys. Much of todays hardware and software is ECC-ready and its popularity is likely to grow as it can deliver equivalent security with lower computing power and battery resource usage, making it more suitable for mobile apps than RSA. Finally, a team of researchers which included Adi Shamir, a co-inventor of RSA, has successfully determined a 4096-bit RSA key using acoustic cryptanalysis, however any encryption algorithm is vulnerable to this type of attack.

Que: Discuss the attacks on RSA.Ans :Attacks on RSA Two Categories of Attacks On RSA

1)Mathematical Attacks on RSA: Mathematical attacks focus on attacking the underlying structure of RSA function. The first intuitive attack is the attempt to factor the modulus N. Because knowing the factorization of N, one may easily obtain M(N), from which d can be determined by d = 1/e mod M(N).a)Elementary attacksGenerally speaking, Elementary attacks revealed blatant misuse of RSA. One common example of such misuse would be choosing common modulus N to serve multiple users. Lets assume the same N is used by all users, and Alice is sending a message M to Bob, which has been encrypted by the RSA function, C = M^(eb) mod N. It looks like Marvin can not decrypt C since he does not know db.b) Small Private Key attacksTo improve the RSA decryption performance in the matter of running-time, Alice might tend to use a small value of da, rather than a large random number. A small private key indeed will improve performance dramatically, but unfortunately, a attack posed by M.Wiener [5] shows that a small d leads to a total collapse of RSA cryptosystem. This break of RSA is base on Wieners Theorem, which in general provides a lower constraint for d. Wiener has proved that Marvin may efficiently find d when d < 1/3 N^(1/4).In addition to his success in RSA-attack, Wiener also discovered a number of techniques that enable fast decryption and are not susceptible to his attack.Two sample techniques are illustrated as the following.Choosing large public key: Replacing e by e, where e= e + t M(N) for some large t. When e is sufficient large, i.e. e>N^0.5, then Weiners attack can not be mounted regardless of how small d is.Using Chinese Remainder Theorem: Suppose one chooses d such that both dp = d mod (p 1) and dq = d mod (q 1) are small, then a fast decryption of C can be carried out as follows: first compute Mp = C^dp mod p and Mq = C^dq mod q. Then use the CRT to compute the unique value MZ satisfying M = Mp mod p and M = Mq mod q. The resulting M satisfies M = C ^ d mod N as required. Thepoint is that the attack by Wieners Theorem does not apply here because the value of d mod M(N) can be large.c) Small Public Key AttacksSimilar to the private key preferences, to reduce encryption time, it is customary to use a small public key (e), but unlike the previous situation, attacks on small e turn out to be much less effective. The most powerful attacks on small e are based on Coppersmiths Theorem [3]. This theorem provides an algorithm for efficiently finding all roots of N that are less than x = N^(1/d). For brevity reason, we will bypass the details of Coppersmiths Theorem, rather focus on its impact. One example of applications based on this theorem is known as Hastads Broadcast Attack[4].

2)Hastads Broadcast AttackSuppose Bob wishes to send an encrypted message M to a number of parties P1; P2;; Pk. Each party has its own RSA key, < Ni, ei >. Hastad showed that a linear-padding to M prior to encryption is insecure, and further more, by eavesdropping Marvin learns Ci = fi (M)^ei mod Ni for i = 1..k, if enough parties are involved, Marvin can recover the plaintext Mi from all the ciphertext [4]. His discovery stands on the mathematical analysis on solving system of equations: gi (M) = 0 mod Ni (1). He proved that a system of univariate equations modulo relatively prime composites, such as (1), could be efficiently solved if sufficiently many such equations are provided.