RSA algorithm (i)

Reprint: http://www.ruanyifeng.com/blog/2013/06/rsa_algorithm_part_one.html

Nanyi

Date: June 27, 2013

If you ask me, which algorithm is most important?

I might answer "public key cryptography."

Because it is the cornerstone of computer communication security, to ensure that the encrypted data will not be cracked. You can imagine the consequences of a credit card deal being cracked.

Before I get to the point, let me briefly introduce what is the public key cryptography algorithm.

11 Point History

Until 1976, all encryption methods were of the same pattern:

(1) Party A chooses a certain encryption rule to encrypt the information;

(2) Party B uses the same rule to decrypt the information.

Because encryption and decryption use the same rules ("Keys"), this is referred to as the "Symmetric Encryption Algorithm" (Symmetric-key algorithm).

This encryption mode has one of the biggest weaknesses: Party A must tell party b the encryption rules, otherwise it cannot be decrypted. Saving and passing a key is the most troubling question.

In 1976, two American computer science Whitfield Diffie and Martin Hellman proposed a new idea to complete decryption without passing the key directly. This is referred to as the "Diffie-hellman Key exchange Algorithm". This algorithm inspires other scientists. It is recognized that encryption and decryption can use different rules, as long as there is a corresponding relationship between the two rules, so that the direct transfer of the key is avoided.

This new encryption mode is called an "asymmetric encryption algorithm".

(1) Party B generates two keys (public and private). The public key is public and can be obtained by anyone, and the private key is confidential.

(2) Party A obtains the public key of party B, then uses it to encrypt the information.

(3) Party B obtains the encrypted information, decrypts with the private key.

If the public key encryption information only the private key solution, then as long as the private key does not leak, communication is safe.

In 1977, three mathematicians Rivest, Shamir, and Adleman designed an algorithm that could implement asymmetric encryption. This algorithm is named after their three people, called the RSA algorithm. From then until now, the RSA algorithm has been the most widely used "asymmetric encryption algorithm". It is no exaggeration to say that as long as there is a computer network, there is the RSA algorithm.

This algorithm is very reliable, the longer the key, it is more difficult to crack. According to the already disclosed literature, the longest RSA key currently cracked is 768 bits. In other words, a key that is longer than 768 bits is not cracked (at least not publicly announced). Therefore, it can be considered that the 1024-bit RSA key is basically secure, and the 2048-bit key is extremely secure.

Next, I'll get to the point and explain how the RSA algorithm works. The article is divided into two parts, today is the first part, introduces the four mathematical concepts to be used. As you can see, the RSA algorithm is not difficult, just need a bit of number theory knowledge can be understood.

Second, coprime relations

If two positive integers, except 1, have no other common factor, we call these two numbers a coprime relationship (coprime). For example, 15 and 32 have no common factors, so they are coprime relationships. This means that not prime numbers can also constitute coprime relationships.

With regard to coprime relations, it is not difficult to obtain the following conclusions:

1. Any two prime numbers constitute a coprime relationship, such as 13 and 61.

2. One number is prime, the other is not a multiple of the former, and the two constitute coprime relationships, such as 3 and 10.

3. If the larger of the two numbers is a prime number, the two constitute coprime relationships, such as 97 and 57.

4.1 and any of the natural numbers are coprime relationships, such as 1 and 99.

5. P is an integer greater than 1, then p and p-1 constitute coprime relationships, such as 57 and 56.

6. P is an odd number greater than 1, then p and p-2 constitute coprime relationships, such as 17 and 15.

Three, Euler functions

Consider the following questions:

Any given positive integer n, how many of the positive integers less than or equal to n constitute the coprime relationship? (for example, in 1 to 8, how many numbers and 8 constitute a coprime relationship?) ）

The method for calculating this value is called the Euler function, denoted by φ (n). Between 1 and 8, with 8 forming a coprime relationship is 1, 3, 5, 7, so φ (n) = 4.

The calculation method of φ (n) is not complicated, but in order to get the final formula, it is necessary to discuss it in one step.

First case

If n=1, then φ (1) = 1. Because 1 and any number (including itself) constitute a coprime relationship.

The second case

If n is a prime number, then φ (n) =n-1. Because prime numbers and each number less than it, constitute a coprime relationship. For example, 5 and 1, 2, 3, 4 constitute coprime relationship.

The third case

If n is a secondary of a prime number, that is, n = p^k (P is prime, and K is an integer greater than or equal to 1), the

For example φ (8) =φ (2^3) =2^3-2^2 = 8-4 = 4.

This is because only if a number does not contain prime numbers p, it is possible to coprime with N. The number of p^ (K-1), which contains prime numbers p, is 1XP, 2XP, 3xp 、...、 p^ (k-1) XP, which is removed and the remainder is the number of n coprime.

The above formula can also be written in the following form:

As you can see, the second case above is the exception to k=1.

Fourth case

If n can be decomposed into the product of an integer of two coprime,

n = p1xp2

The

φ (n) =φ (P1P2) =φ (p1) φ (p2)

The Euler function of the product is equal to the product of the Euler function of each factor. For example, φ (56) =φ (8X7) =φ (8) xφ (7) =4x6=24.

The proof of this article is to use the "Chinese remainder theorem", which does not unfold here, only a simple idea: if A and P1 coprime (A<P1), B and P2 coprime (B<P2), C and P1p2 coprime (C<P1P2), then C and the number pair (A, b) is one by one correspondence. Since the value of a is φ (p1) possible, the value of B has φ (P2) possible, then the number of pairs (A, B) has φ (p1) φ (p2) is possible, and the value of C has φ (p1p2) species possible, so φ (p1p2) is equal to φ (p1) φ (p2).

Fifth case

Because any positive integer greater than 1 can be written as a series of primes.

According to the conclusion of article 4th, we get

In accordance with the conclusions of article 3rd, we can obtain

It is equal to

This is the general formula for the Euler function. For example, the Euler function of 1323, the calculation process is as follows:

Four, Euler theorem

The use of Euler's function lies in Euler's theorem. "Euler's theorem" refers to:

If two positive integers a and n coprime, then the Euler function φ (n) of n allows the following equation to be established:

In other words, A's φ (n) is the remainder of n except for 1. Alternatively, the φ (n) of a has minus 1, which can be divisible by N. For example, 3 and 7 coprime, and 7 Euler's function φ (7) equals 6, so 3 6 (729) minus 1, which can be divisible by 7 (728/7=104).

The proof of Euler's theorem is more complex, and is omitted here. We just have to remember its conclusion.

Euler's theorem can greatly simplify some operations. For example, 7 and 10 coprime, according to Euler's theorem,

It is known that φ (10) is equal to 4, so it is definitely 1 to get 7 4 times times the number of bits at once.

Therefore, 7 of the arbitrary number of single-digit (for example, 7 of the 222-square), mental arithmetic can be calculated.

There is a special case for Euler's theorem.

Suppose that a positive integer A and a prime number p coprime, because the φ (p) of prime number P equals p-1, then Euler's theorem can be written

This is the famous Fermat theorem. It is a special case of Euler's theorem.

Euler's theorem is the core of RSA algorithm. By understanding this theorem, RSA can be understood.

Five, modulo inverse elements

There is one last concept left:

If two positive integers a and n coprime, then the integer b must be found, so that ab-1 is divisible by n, or the remainder of AB is divided by n is 1.

At this point, B is called a "modulo inverse element".

For example, 3 and 11 coprime, then 3 of the modulo inverse element is 4, because (3x4) 1 can be divisible by 11. Obviously, there is more than one modulo inverse element, and the integer multiples of 4 plus minus 11 are 3 modulo inverse element {..., -18,-7,4,15,26,...}, that is, if B is a modulo inverse element, then b+kn is a modulo inverse element.

Euler's theorem can be used to prove that the modulo inverse element must exist.

As you can see, A's φ (n)-1 Times Square, is a modulo inverse element.

RSA algorithm (i)