RSA algorithm basics-> practice

RSA algorithm basics-> practice

 

Created:
Article attributes: original
Article submitted: watercloud (watercloud_at_xfocus.org)

RSA algorithm basics-> practice

Let's talk about the practice process of studying RSA by yourself. If you are familiar with RSA, you don't have to waste time here.

<1> Basics

The RSA algorithm is very simple and is outlined as follows:
Find two prime numbers: p and q.
N = p * q
Take t = (1) * (q-1)
Take any number E, which must meet e <t and E and T (that is, the maximum public factor is 1)
Take D * E % T = 1

In this way, three numbers are obtained: n d e.

Set the number of messages to M (M <n)
Set c = (M ** d) % N to get the encrypted message C
Set M = (C ** e) % N to M = m to decrypt C.
Note: ** indicates the power. The values of D and E in the preceding two formulas can be exchanged.

In symmetric encryption:
The numbers n d constitute the public key, which can tell others;
The numbers n e constitute the private key, and E is kept by itself, so that no one can know it.
The information sent to others is encrypted by E. As long as someone else can unlock D, it proves that the information is sent by you and forms a signature mechanism.
D encryption is used when others send you information, so that only those with e can decrypt it.

The security of RSA lies in that there is no effective way to break down a large number of N.
Therefore, e cannot be obtained when n d is known, and n e is also known.
Obtain D.

<2> practice

Next, let's take a look at the actual operations:
Find two prime numbers:
P = 47
Q = 59
This way
N = p * q = 2773
T = (p-1) * (q-1) = 2668
Take E = 63, meet e <t and E and T
You can use Perl to obtain the number of D with full master E * D % T = 1:
C:/temp> Perl-e "foreach $ I (1 .. 9999) {print ($ I), last if $ I * 63% 2668 = 1 }"
847
That is, D = 847

Ultimately, we get the key
N = 2773
D = 847
E = 63

Take a look at the message m = 244

Encryption:

C = m ** d % N = 244 * 847% 2773
Calculate with the Perl big number:
C:/temp> Perl-mbigint-e "Print 244 ** 847% 2773"
465
That is, encrypt m with D to obtain the encrypted information c = 465

Decryption:

We can use e to decrypt the encrypted C and restore M:
M = C ** E % N = 465 ** 63% 2773:
C:/temp> Perl-mbigint-e "Print 465 ** 63% 2773"
244
E is used to decrypt C and then get M = 244. The value is equal to the original information M.

<3> string Encryption

By integrating the above process, we can implement an example of string encryption and decryption.
Each time the ASCII value of one character in the string is calculated as m, the output is encrypted and hexadecimal.
The number of strings, represented in 3 bytes, such as 01f

The Code is as follows:

#! /Usr/bin/perl-W
# Testing program compiled by RSA computing process Learning Program
# Watercloud 2003-8-12
#
Use strict;
Use math: bigint;

My % rsa_core = (n = & gt; 2773, E = & gt; 63, D = & gt; 847); # P = 47, q = 59

My $ n = new math: bigint ($ rsa_core {n });
My $ e = new math: bigint ($ rsa_core {e });
My $ d = new math: bigint ($ rsa_core {d });

Print "n = $ n d = $ d e = $ E/N ";

Sub rsa_encrypt
{
My $ r_mess = shift @_;
My ($ C, $ I, $ M, $ C, $ cmess );

For ($ I = 0; $ I <length ($ r_mess); $ I ++)
{
$ C = ord (substr ($ r_mess, $ I, 1 ));
$ M = Math: bigint-> New ($ C );
$ C = $ M-> copy (); $ C-> bmodpow ($ D, $ N );
$ C = sprintf "% 03x", $ C;
$ Cmess. = $ C;
}
Return/$ cmess;
}

Sub rsa_decrypt
{
My $ r_mess = shift @_;
My ($ C, $ I, $ M, $ C, $ dmess );

For ($ I = 0; $ I <length ($ r_mess); $ I + = 3)
{
$ C = substr ($ r_mess, $ I, 3 );
$ C = hex ($ C );
$ M = Math: bigint-> New ($ C );
$ C = $ M-> copy (); $ C-> bmodpow ($ E, $ N );
$ C = CHR ($ C );
$ Dmess. = $ C;
}
Return/$ dmess;
}

My $ mess = "RSA Wahaha ~~~ ";
$ Mess = $ argv [0] If @ argv> = 1;
Print "original string:", $ mess, "/N ";

My $ r_cmess = rsa_encrypt (/$ mess );
Print "encrypted string:", $ r_cmess, "/N ";

My $ r_dmess = rsa_decrypt ($ r_cmess );
Print "decryption string:", $ r_dmess, "/N ";

# EOF

Test:
C:/temp> Perl rsa-test.pl.
N = 2773 d = 847 E = 63
Original string: RSA Wahaha ~~~
Encrypted string: 5cb6cd6bc58a7709470aa74a0aa74a0aa74a6c70a46c70a46c70a4
Decryption string: RSA Wahaha ~~~

C:/temp> Perl rsa-test.pl security focus (xfocus)
N = 2773 d = 847 E = 63
Original string: security focus (xfocus)
Encrypted string: 3393ec12f0a466e0aa9510d025d7ba0712dc3369f47d51c325d67b
Decryption string: security focus (xfocus)

<4> Improvement

As mentioned above, the security of RSA comes from n which is large enough. The N used in the test is very small and cannot guarantee security at all,
We can use tools such as rsakit and rsatool to obtain sufficient N and d e.
Through the tool, we get 1024-Bit n and d e to test:

N = bytes
Bytes
Bytes
Bc511951

D = 0x10001

E = Signature
Bytes
Bytes
1965

Set Original information
M = 0x11111111111122222222222233333333333

The execution of such a large number depends on the large number computing database. It is very easy to use Perl for computation:

A) use d to encrypt M as follows:
C = m ** d % N:
C:/temp> Perl-mbigint-e "$ x = Math: bigint-> bmodpow (0x11111111111122222222222233
333333333, 0x10001, 0x328c74784df31119c526d18098ebebb943b0032b599cee13cc2bce7b5f
Bytes
Bytes
0438941d2ed173cca50e114705d7e2bc511951); print $ X-> as_hex"
Bytes
Bytes
Bytes
F1834580c3f6d90898

That is, after M is encrypted with D, the information is:
C = example
Bytes
Bytes
F1834580c3f6d90898

B) use e to decrypt C as follows:

M = C ** E % N:
C:/temp> Perl-mbigint-e "$ x = Math: bigint-> bmodpow (0x17b287be418c69ecd7c39227ab
Bytes
Bytes
Bytes, 0xe760a
Bytes
Bytes
Bytes
592d2b1965, large
Bytes
Bytes
D2ed173cca50e114705d7e2bc511951); print $ X-> as_hex"
Zero X 11111111111122222222222233333333333
(It takes about 5 seconds for my P4 1.6g instance)

The decrypted m with E is 0x11111111111122222222222233333333333 = m.

C) general implementation of RSA
RSA is concise and elegant, but its computing speed is relatively slow. Generally, RSA is not directly used in encryption to encrypt all information,
The most common scenario is to randomly generate a symmetric encryption key, encrypt the information using the symmetric encryption algorithm, and then use
RSA encrypts the encryption key.

Finally, it must be noted that the N with less than 1024 bits has been proved unsafe.
Do not use RSA with less than 1024 bits. It is best to use 2048 bits.

Watercloud [at] xfocus.org
2005-2-21