RSA algorithm Notes

Note: Just notes, there may be incorrect places

RSA is the most widely used asymmetric encryption algorithm, that is, the public key, the key two parts, the public key is used for encryption, the private key is used to decrypt. The public key is public.

The reliability of RSA algorithm is based on mathematical puzzles: it is difficult to do factorization on large numbers.

There is currently no fast algorithm to solve the computational power of the current computer, which takes a long time. The greater the number, the longer it takes, and the more secure the RSA algorithm is.

RSA algorithm is usually used to encrypt a symmetric encryption algorithm (such as AES, DES) key, the actual data encryption and decryption process using symmetric encryption algorithm because of the large number of decryption operations .

Public key, key generation process:

1, found two relatively large prime numbers p, q

2, calculate their product n,n=pxq.

The number of bits in the actual binary representation of n is the RSA key length,1024-bit RSA key, which means that N has 1024 bits. The greater the n the more secure, the largest number to be decomposed by 2010 is 768 bits, but the longer the key, the greater the decryption operation, so in order to balance the current usually the key is between 1024 and 2048 bits.

3. Select an integer E

This integer needs to satisfy the condition:

1<e<φ (n), φ (n) is a Euler function, such as if n=8, then φ (n) = 4.

E and φ (n) coprime

In practice, E does not calculate, only a fixed prime number is selected, usually a prime number of 65537.

4, calculate the integer d,d to E for φ (n) of the modulo inverse element

5, the public key is N, E, the private key is N, D

Use public key, key plus decryption:

1. Use the public key (N, e) to encrypt:

If the integer that needs to be encrypted is M, and m<n, the result of the encryption is:

C= (M^e)%n,^ represents a exponentiation operation, such as 2^3=2*2*2,% for modulo operations, such as 5%3=2

2. Use key (N, D) to decrypt:

Original integer m= (c^d)%n

Example:

1, choose two prime number p=61,q=53

2. Calculating Product n=pxq=61*53=3233

3. Select Integer e=17

4, calculate the integer to be d=2753

5. Get the Public key (3233,17), private key (3233,2753)

6, the integer m=65 encryption:

c=(m^e)%n= (65^17)%3233=2790

7. Decryption:

m=(c^d)%n= (2790^2735)%3233=65

It can be seen from the example that the decryption process is computationally expensive, for example, if the 2790^2735 is calculated directly, the CPU requirements are high and the computation is time consuming. the actual use of the two number is larger than now, the direct operation is not appropriate. But (c^d)%n This kind of operation is called modulo exponentiation operation (Modular exponentiation), there are some optimization methods, which are faster than the direct operation of memory, but still have a small amount of computation.

In practice, the following three numbers of Exponent1, Exponent2, CO exponent and the private key are usually recalculated tooptimize the decryption process, although this decryption is CPU-intensive.

Because the public key is public, the public key is actually stored in the private key.

For example, to view a private key generated by OpenSSL:

Generate a 1024-bit RSA private key, saved in PEM format:

OpenSSL genpkey-out key.pem-algorithm RSA

To view the contents of a private key:

OpenSSL pkey-in Key.pem-text-noout

Output:

Private-key: (1024x768 bit)

Modulus:

00:BD:C0:10:AE:26:12:C3:82:2C:56:D1:BB:26:42:

38:47:3D:CA:C5:AE:A4:C8:DE:27:4F:A1:61:E5:F3:

2E:CE:D7:48:62:20:1F:76:47:C2:CF:6B:43:D2:B4:

B6:B4:EB:21:21:D6:F4:D8:C8:09:AB:CD:C5:CE:65:

48:56:43:D6:D2:F4:0C:E4:66:EF:34:33:BD:9D:1D:

D3:23:AF:39:63:51:4C:B5:88:EA:B5:92:7E:4E:E0:

6F:CD:50:7F:06:49:EA:DC:80:59:12:D4:59:86:6E:

79:a5:b7:d9:c0:b0:c8:cd:12:4b:6c:49:7e:33:5f:

B4:f7:6b:37:8e:18:42:3c:ed

publicexponent:65537 (0x10001)

Privateexponent:

3F:4F:D5:80:F5:ED:2E:D4:C1:4C:9A:A0:32:4C:C8:

10:65:3A:C2:28:DA:8C:B7:2B:30:B3:AD:41:97:99:

97:A4:57:5F:7E:4E:61:1D:E2:8F:68:BF:F1:8F:20:

A3:4F:0C:F8:08:8C:1B:C4:EB:0D:2B:14:84:20:61:

39:7F:5B:2E:E6:84:87:2F:0F:E1:B2:A6:EC:6A:19:

33:C7:44:C9:86:CA:66:9D:AD:D4:A3:70:F2:A7:99:

DA:FE:1A:C2:8E:21:01:BB:4D:14:48:16:67:D0:59:

4A:25:0A:0C:2C:73:3A:47:05:D6:DE:B9:D1:A5:67:

B8:98:03:fe:e9:ae:3d:75

PRIME1:

00:ED:CA:A8:AF:62:70:84:C2:53:BF:6E:61:CD:AC:

24:7E:4C:CD:16:28:F3:F0:B8:10:BB:B5:9F:F5:49:

FD:98:E7:28:44:D4:82:8C:9C:14:69:07:79:49:0E:

B8:FD:8D:0C:D8:74:5A:06:F3:8C:9F:F4:39:F2:57:

ce:31:57:50:9f

Prime2:

00:CC:47:AB:3B:77:12:E9:43:9F:CD:61:BA:05:22:

83:89:D1:B4:F5:97:32:7C:4D:FF:63:03:D4:DF:CB:

1C:9B:4A:88:AA:A7:E9:8E:92:66:3F:2C:34:B7:B3:

F0:EC:86:00:30:D9:01:17:34:96:7C:35:C9:C1:8B:

87:80:35:8a:f3

Exponent1:

37:08:02:b7:ec:21:3c:28:38:f7:81:95:32:e3:16:

E2:FF:E5:2A:AE:B9:9D:C9:0B:5E:55:AF:3A:36:30:

71:75:75:B5:50:35:12:53:80:C9:B9:C8:10:E7:4E:

5A:A7:8D:04:7F:10:E2:B0:F4:A7:83:FE:F1:1D:EF:

03:2e:40:e3

Exponent2:

00:8a:21:70:24:ce:98:88:08:c5:16:e0:9d:23:79:

Ba:0e:48:32:1f:da:f4:35:5f:9c:70:3c:98:06:17:

D6:A9:1F:16:18:A7:5F:E3:9B:14:EE:64:9A:E5:19:

14:B1:2A:CF:18:38:B4:67:17:95:26:3A:4C:C9:C5:

ea:83:04:31:87

Coefficient:

6E:09:3A:C8:DD:44:2E:1C:E0:E3:E7:A3:44:7E:C3:

56:FE:6C:A9:22:44:11:63:92:91:90:80:F4:86:6E:

E5:03:C0:EA:2E:C1:83:8C:5B:74:82:8B:5D:22:6E:

6F:2B:9C:D2:84:29:60:12:DC:06:3A:5F:65:BD:66:

6a:aa:fb:d9

The contents represent meaning:

Source (Http://stackoverflow.com/questions/22078801/creating-pem-pfx-from-private-modulus)

Rsaprivatekey:: = SEQUENCE {

Version version,

Modulus INTEGER,--N

Publicexponent INTEGER,--E

Privateexponent INTEGER,--D

Prime1 INTEGER,--p

Prime2 INTEGER,--Q

Exponent1 INTEGER,--D mod (p-1)

Exponent2 INTEGER,--D mod (q-1)

Coefficient INTEGER,--(Inverse of q) mod p

Otherprimeinfos Otherprimeinfos OPTIONAL

}

Reference:

Principles of RSA Algorithm (i.) http://www.ruanyifeng.com/blog/2013/06/rsa_algorithm_part_one.html

Principles of RSA Algorithm (II.) http://www.ruanyifeng.com/blog/2013/07/rsa_algorithm_part_two.html

wiki: http://en.wikipedia.org/wiki/RSA_ (cryptosystem)

exponent1, Exponent2, coexponent effects: http://www.di-mgt.com.au/crt_rsa.html

RSA key Generation Speed reference: Https://wiki.strongswan.org/projects/strongswan/wiki/PublicKeySpeed

Modulo power operation Modular exponentiation : http://en.wikipedia.org/wiki/Modular_exponentiation

RSA algorithm Notes