Using examples to explain RSA encryption algorithm to novice

The figure is the inventor of the RSA public key algorithm, from left to right Ron Rivest, Adi Shamir, Leonard Adleman. Photo taken in 1978

RSA encryption algorithm is the most commonly used asymmetric encryption algorithm, CFCA in the certificate service cannot leave it. But a lot of new colleagues don't know much about it, just see a book in which the author uses examples to describe it in a simplified and vivid way, so that advanced mathematical theory can be easily understood. We have collated and rewritten special recommendations for everyone to read, hoping to be helpful to colleagues who have a tight time but want to know about it.
RSA is the first more sophisticated public key algorithm that can be used for both encryption and digital signatures. RSA, named after its three inventor Ron Rivest, Adi Shamir, Leonard Adleman, has withstood years of in-depth cryptanalysis, although the cipher analyst can neither prove nor deny the security of RSA. However, this shows that the algorithm has some credibility, and it has become the most popular public key algorithm at present.
RSA security is based on the difficulty of large number decomposition. Its public and private keys are functions of a pair of large prime numbers (100 to 200 decimal digits or larger). The difficulty of recovering plaintext from a public key and ciphertext is equivalent to decomposing the product of two large primes (which is an accepted mathematical problem).
The RSA's public key, the private key's composition, and the encrypted, decrypted formula are visible in the following table:


Perhaps colleagues for a long time no contact with mathematics, see these formulas unavoidably confused. Don't worry, before we formally explain the RSA encryption algorithm, let's review some basic mathematical concepts, which are used in the following introduction:

First, what is "prime"?
A prime number is an integer that cannot be represented as a product of any other two integers other than the product of itself and 1. For example, 15=3*5, so 15 is not prime, and 12=6*2=4*3, so 12 is not prime. On the other hand, 13 cannot be expressed as a product of any other two integers other than equal to 13*1, so 13 is a prime number. Prime numbers are also called "prime numbers."

Second, what is "Inma" (or "mutual prime")?
The math textbook for primary schools defines Inma as: "The number of conventions is only 1 of two numbers, called Inma." "Two numbers" here refers to the natural number.
There are several types of discriminant methods (not limited to this):
(1) Two prime numbers must be Inma. For example, 2 and 7, 13, and 19.
(2) If a prime number cannot be divisible by another composite, these two numbers are Inma. For example, 3 and 10, 5, and 26.
(3) 1 is not a prime or a composite, it is Inma with any natural number. such as 1 and 9908.
(4) The adjacent two natural numbers are Inma. such as 15 and 16.
(5) The adjacent two odd numbers are Inma. such as 49 and 51.
(6) A large number is a number of two numbers of prime numbers are Inma. such as 97 and 88.
(7) Decimals are prime numbers, and large numbers are not multiples of two number of decimals are Inma. such as 7 and 16.
(8) Two numbers are composite (two number difference and larger), all the quality factor of the decimal, are not the approximate number of large numbers, these two numbers are Inma. such as 357 and 715,357=3x7x17, while 3, 7 and 17 are not 715 of the approximate, the two number is Inma. Wait a minute.

iii. What is modulo exponential operation?
Exponential operations who understand, needless to say, first talk about modulo operations. The modulo operation is an integer operation with an integer m, modulo modulo operation with N, i.e. M mod N. How to do it? Let M be divisible by N, and only take the remainder as the result, it is called modulo operation. For example, mod 3=1;26 mod 6=2;28 mod 2 = 0 and so on.
Modulo exponent operation is to do the exponential operation first, and then do the modulo operation with the result. Such as
OK, now it's time to formally explain the RSA encryption algorithm.
Algorithm Description:
(1) Select a pair of different, large enough prime p,q.
(2) Calculate N=PQ.
(3) Calculate f (n) = (p-1) (q-1), while P, Q strictly confidential, not let anyone know.
(4) Find a number E with F (n) coprime, and 1<e<f (n).
(5) Calculate d, make de≡1 mod f (n). This formula can also be expressed as d≡e-1 mod f (n)
To explain here, ≡ is the symbol of the same remainder in number theory. In the formula, the left side of the ≡ symbol must be the same as the right side of the symbol, which means the results are identical. Obviously, no matter what value f (n), the 1 mod f (n) on the right of the symbol results in 1, and the result of the symbol's left D and E is also equal to 1 after the modulo operation. This needs to calculate the value of D, so that the congruence equation can be set up.
(6) Public key ku= (e,n), private key kr= (D,n).
(7) When encrypting, the plaintext is first transformed into an integer m of 0 to N-1. If the clear text is longer, it can be split into the appropriate group before swapping. Set ciphertext to C, then the encryption process is:.
(8) The decryption process is:.

Example Description:
In this article, it is not possible to make a rigorous mathematical proof of the correctness of the RSA algorithm, but we can use a simple example to understand how RSA works. For ease of calculation. In the following instance, only the prime p,q of the decimal number is selected, and E, assuming that user a needs to encrypt the plaintext "key" through RSA to pass to User B, the process is as follows:
(1) design public-private key (E,n) and (D,n).
Make p=3,q=11, Draw n=pxq=3x11=33;f (n) = (p-1) (q-1) =2x10=20, Take E=3, (3 and 20 coprime) exd≡1 mod f (n), 3xd≡1 mod 20.
D How to take the value? Can be used to find the method of trial calculation. The results of the trial calculation are shown in the following table:

By trial we find that when d=7, exd≡1 mod f (n) is set up with the remainder equation. Therefore, d=7 can be made. So we can design a pair of public private keys, the encryption key (public key) is: KU = (e,n) = (3,33), the decryption key (private key) is: KR = (d,n) = (7,33).
(2) digital in English.
Digitize the plaintext information and group each block of two digits. It is assumed that the plain English alphabet encodes the values in alphabetical order, i.e.:

The plaintext information for the key after the packet is: 11,05,25.
(3) PlainText Encryption
The User encryption Key (3,33) encrypts digitized plaintext packet information into ciphertext. by C≡me (mod n):

Therefore, the corresponding ciphertext information is: 11,31,16.
（4) Ciphertext decryption.
User B receives the ciphertext and, if it is decrypted, only needs to be computed, namely:

User B obtains the plaintext information as: 11,05,25. It was converted to English according to the code table above, and we got the original "key" after the restoration.
　 　 you see, its principle can be explained in such a simple way!
Of course, the actual use is much more complicated than this, because the RSA algorithm's public key private key length (modulus length) to 1024 or even 2048 bits to ensure security, so, p, Q, E, the choice of public key private key generation, cryptographic decryption Mode index operation has a certain computational procedures, need to rely on the computer high-speed completion.

Finally, briefly discuss the security of RSA

　 　 first, let's explore why RSA passwords are hard to crack.
In RSA cipher applications, public key KU is exposed, i.e. the values of E and n can be obtained by third-party eavesdroppers. The problem with decrypting the RSA cipher is that from the known values of E and N (n equals PQ), the idea is to find the value of D so that the private key can be used to crack the ciphertext. From the formula above: D≡e-1 (mod (p-1) (q-1)) or de≡1 (mod (p-1) (q-1)) we can see. The essence of password cracking is: From the value of the PQ, to find out (p-1) and (q-1). In other words, only the values of P and Q are required, so we can find the value of D and get the private key.
When P and Q are a large prime number, the decomposition factor p and Q from their product PQ is a recognized mathematical problem. For example, when PQ is as large as 1024 bits, no one has yet been able to use any computational tool to complete the decomposition factor task. Therefore, RSA from the proposed to now nearly 20 years, experienced a variety of attacks, gradually accepted by people, generally considered to be one of the best public key scheme at present.
However, although RSA's security relies on the factorization of large numbers, it does not theoretically prove that the difficulty of deciphering RSA is equivalent to the difficulty of large number decomposition. The major flaw of RSA is that it can't theoretically grasp how its secrecy performance is.
In addition, the disadvantages of RSA are: a) to generate a key is cumbersome, by the number of technology constraints, it is difficult to do once a secret. B) packet length is too large, in order to ensure security, n at least more than bits, so that the computational cost is very high, especially slow, more than symmetric cipher algorithm several orders of magnitude, and with the development of large number decomposition technology, this length is still increasing, not conducive to the standardization of data format. Therefore, the use of RSA can only encrypt a small amount of data, a large number of data encryption also rely on symmetric cryptographic algorithms.

Original: http://bank.hexun.com/2009-06-24/118958531.html

Using examples to explain RSA encryption algorithm to novice