AJAY KUMAR GARG ENGINEERING

COLLEGE, GHAZIABAD

ASSIGNMENT# 2
SUBMITTED TO:
MS. KIRTI SETH

SUBMITTED BY:
POOJA CHAUDHARY
SHREYI
MADHAVI SAXENA
SHIVANI KUNDU
SWATI CHAUDHARY

Que:Give the implementation of RSA algorithm.

Ans: Implementation of RSA algorithm.
To generate the encryption and decryption keys, we can proceed as follows.
1. Generate randomly two large primes p and q.
2. Compute n = p x q and phi (n) = (p 1) x (q 1).
3. Choose a number e so that gcd (e, phi(n)) = 1.
4. Find the multiplicative inverse of e modulo phi (n), i.e., find d so that
e.d = 1 (mod phi(n)).
This can be done efficiently using Euclids Extended Algorithm.
The encryption public key is KE = (n, e) and the decryption private key is KD = (n,
d).
The encryption function is
E (M) = Me mod n.
The decryption function is
D (M) = Md mod n.
Example:

Choose p = 3 and q = 11

Compute n = p * q = 3 * 11 = 33
Compute (n) = (p - 1) * (q - 1) = 2 * 10 = 20
Choose e such that 1 < e < (n) and e and n are coprime. Let e = 7
Compute a value for d such that (d * e) % (n) = 1. One solution is d = 3 [(3
* 7) % 20 = 1]
Public key is (e, n) => (7, 33)
Private key is (d, n) => (3, 33)
The encryption of m = 2 is c = 27 % 33 = 29
The decryption of c = 29 is m = 293 % 33 = 2

Que: Perform encryption and decryption using the RSA algorithm for the
following:
A)

P=3,q=11,e=7,m=5
Ans: Given:

P=3,q=11,e=7,m=5

Now,
N=p x q
3 x 11= 33
(n) = (p-1) x (q-1)
= 2 x 10 = 20
Given e=7,
Now calculating d, such that,
e.d = 1 (mod (n)).
7 x d= 1 mod 20
7 x 3 = 1 mod 20, hence d=3
Now,
E (M) = Me mod n.
= 57 mod 33
= 14
D (M) = Md mod n
= 143 mod 33
= 5.
B) Given: P=5,q=11,e=3,m=9
Now,
N=p x q
5 x 11= 55
(n) = (p-1) x (q-1)
= 4 x 10 = 40
Given e=3,
Now calculating d, such that,
e.d = 1 (mod (n)).
3 x d= 1 mod 40
3 x 27 = 1 mod 40, hence d=27

Now,
E (M) = Me mod n.
= 93 mod 55
= 14
D (M) = Md mod n
= 1427 mod 55
= 9.

C) Given: p=7,q=11,e=17,m=8
Now,
N=p x q
7 x 11= 77
(n) = (p-1) x (q-1)
= 6 x 10 = 60
Given e=17,
Now calculating d, such that,
e.d = 1 (mod (n)).
17 x d= 1 mod 60
17 x 53 = 1 mod 60, hence d=53
Now,
E (M) = Me mod n.
= 817 mod 77
= 57
D (M) = Md mod n
= 5753 mod 77
= 8.
D) Given: p=11,q=13,e=11,m=7
Now,
N=p x q
11 x 13= 143
(n) = (p-1) x (q-1)
= 10 x 12 = 120
Given e=11,
Now calculating d, such that,
e.d = 1 (mod (n)).

11 x d= 1 mod 120
11 x 11 = 1 mod 120, hence d=11
Now,
E (M) = Me mod n.
= 711 mod 143
= 106
D (M) = Md mod n
= 57106 mod 143
=7
C) E) Given: p=17,q=11,e=7,m=88
Now,
N=p x q
17 x 11= 187
(n) = (p-1) x (q-1)
= 16 x 10 = 160
Given e=11,
Now calculating d, such that,
e.d = 1 (mod (n)).
7 x d= 1 mod 160
7 x 23 = 1 mod 160, hence d=23
Now,
E (M) = Me mod n.
= 887 mod 187
= 11
D (M) = Md mod n
= 1123 mod 187
= 88

Que: What is RSA algorithm?

Ans:RSA is a cryptosystem for public-key encryption, and is widely used for
securing sensitive data, particularly when being sent over an insecure network such
as the Internet.

RSA was first described in 1977 by Ron Rivest, Adi Shamir and Leonard Adleman
of the Massachusetts Institute of Technology.
Public-key cryptography, also known as asymmetric cryptography, uses two
different but mathematically linked keys, one public and one private.
The public key can be shared with everyone, whereas the private key must be kept
secret.
In RSA cryptography, both the public and the private keys can encrypt a message;
the opposite key from the one used to encrypt a message is used to decrypt it. This
attribute is one reason why RSA has become the most widely used asymmetric
algorithm: It provides a method of assuring the confidentiality, integrity,
authenticity and non-reputability of electronic communications and data storage.
Many protocols like SSH, OpenPGP, S/MIME, and SSL/TLS rely on RSA for
encryption and digital signature functions. It is also used in software programs -browsers are an obvious example, which need to establish a secure connection over
an insecure network like the Internet or validate a digital signature.
RSA's popularity
RSA derives its security from the difficulty of factoring large integers that are the
product of two large prime numbers. Multiplying these two numbers is easy, but
determining the original prime numbers from the total -- factoring -- is considered
infeasible due to the time it would take even using todays super computers.
The public and the private key-generation algorithm is the most complex part of
RSA cryptography.
Two large prime numbers, p and q, are generated using the Rabin-Miller primality
test algorithm. A modulus n is calculated by multiplying p and q. This number is
used by both the public and private keys and provides the link between them. Its
length, usually expressed in bits, is called the key length.
The public key consists of the modulus n, and a public exponent, e, which is
normally set at 65537, as it's a prime number that is not too large. The e figure
doesn't have to be a secretly selected prime number as the public key is shared

with everyone. The private key consists of the modulus n and the private exponent
d, which is calculated using the Extended Euclidean algorithm to find the
multiplicative inverse with respect to the totient of n.
An example
Alice generates her RSA keys by selecting two primes: p=11 and q=13. The
modulus n=pq=143. The totient of n (n)=(p1)x(q1)=120. She chooses 7 for
her RSA public key e and calculates her RSA private key using the Extended
Euclidean Algorithm which gives her 103.

Bob wants to send Alice an encrypted message M so he obtains her RSA public key
(n, e) which in this example is (143, 7). His plaintext message is just the number 9
and is encrypted into ciphertext C as follows:
Me mod n = 97 mod 143 = 48 = C
When Alice receives Bobs message she decrypts it by using her RSA private key
(d, n) as follows:
Cd mod n = 48103 mod 143 = 9 = M
To use RSA keys to digitally sign a message, Alice would create a hash or message
digest of her message to Bob, encrypt the hash value with her RSA private key and
add it to the message. Bob can then verify that the message has been sent by Alice
and has not been altered by decrypting the hash value with her public key. If this
value matches the hash of the original message, then only Alice could have sent it
(authentication and non-repudiation) and the message is exactly as she wrote it
(integrity). Alice could, of course, encrypt her message with Bobs RSA public key
(confidentiality) before sending it to Bob.
A digital certificate contains information that identifies the certificate's owner and
also contains the owner's public key. Certificates are signed by the certificate
authority that issues them, and can simplify the process of obtaining public keys
and verifying the owner.

Que : Discuss the security of RSA.

Ans: Security of RSA:
As discussed, the security of RSA relies on the computational difficulty of
factoring large integers. As computing power increases and more efficient factoring
algorithms are discovered, the ability to factor larger and larger numbers also
increases.
Encryption strength is directly tied to key size, and doubling key length delivers
an exponential increase in strength, although it does impair performance. RSA keys
are typically 1024- or 2048-bits long, but experts believe that 1024-bit keys could
be broken in the near future, which is why government and industry are moving to
a minimum key length of 2048-bits.
Barring an unforeseen breakthrough in quantum computing, it should be many
years before longer keys are required, but elliptic curve cryptography is gaining
favor with many security experts as an alternative to RSA for implementing publickey cryptography. It can create faster, smaller and more efficient cryptographic
keys. Much of todays hardware and software is ECC-ready and its popularity is
likely to grow as it can deliver equivalent security with lower computing power
and battery resource usage, making it more suitable for mobile apps than RSA.
Finally, a team of researchers which included Adi Shamir, a co-inventor of RSA,
has successfully determined a 4096-bit RSA key using acoustic cryptanalysis,
however any encryption algorithm is vulnerable to this type of attack.
Que: Discuss the attacks on RSA.
Ans :Attacks on RSA

Two Categories of Attacks On RSA

1)Mathematical Attacks on RSA: Mathematical attacks focus on attacking the
underlying structure of RSA function. The first intuitive attack is the attempt to
factor the modulus N. Because knowing the factorization of N, one may easily
obtain M(N), from which d can be determined by d = 1/e mod M(N).
a)Elementary attacks

Generally speaking, Elementary attacks revealed blatant misuse of RSA. One

common example of such misuse would be choosing common modulus N to serve
multiple users. Lets assume the same N is used by all users, and Alice is sending a
message M to Bob, which has been encrypted by the RSA function, C = M^(eb)
mod N. It looks like Marvin can not decrypt C since he does not know db.
b) Small Private Key attacks
To improve the RSA decryption performance in the matter of running-time, Alice
might tend to use a small value of da, rather than a large random number. A small
private key indeed will improve performance dramatically, but unfortunately, a
attack posed by M.Wiener [5] shows that a small d leads to a total collapse of RSA
cryptosystem. This break of RSA is base on Wieners Theorem, which in general
provides a lower constraint for d. Wiener has proved that Marvin may efficiently
find d when d < 1/3 N^(1/4).
In addition to his success in RSA-attack, Wiener also discovered a number of
techniques that enable fast decryption and are not susceptible to his attack.
Two sample techniques are illustrated as the following.
Choosing large public key: Replacing e by e, where e= e + t M(N) for some
large t. When e is sufficient large, i.e. e>N^0.5, then Weiners attack can not be
mounted regardless of how small d is.
Using Chinese Remainder Theorem: Suppose one chooses d such that both dp =
d mod (p 1) and dq = d mod (q 1) are small, then a fast decryption of C can be
carried out as follows: first compute Mp = C^dp mod p and Mq = C^dq mod q.
Then use the CRT to compute the unique value MZ satisfying M = Mp mod p
and M = Mq mod q. The resulting M satisfies M = C ^ d mod N as required. The
point is that the attack by Wieners Theorem does not apply here because the
value of d mod M(N) can be large.
c) Small Public Key Attacks
Similar to the private key preferences, to reduce encryption time, it is customary to
use a small public key (e), but unlike the previous situation, attacks on small e turn
out to be much less effective. The most powerful attacks on small e are based on
Coppersmiths Theorem [3]. This theorem provides an algorithm for efficiently
finding all roots of N that are less than x = N^(1/d). For brevity reason, we will
bypass the details of Coppersmiths Theorem, rather focus on its impact. One
example of applications based on this theorem is known as Hastads Broadcast
Attack[4].
2)Hastads Broadcast Attack
Suppose Bob wishes to send an encrypted message M to a number of parties P1;
P2;; Pk. Each party has its own RSA key, < Ni, ei >. Hastad showed that a
linear-padding to M prior to encryption is insecure, and further more, by

eavesdropping Marvin learns Ci = fi (M)^ei mod Ni for i = 1..k, if enough parties

are involved, Marvin can recover the plaintext Mi from all the ciphertext [4]. His
discovery stands on the mathematical analysis on solving system of equations: gi
(M) = 0 mod Ni (1). He proved that a system of univariate equations modulo
relatively prime composites, such as (1), could be efficiently solved if sufficiently
many such equations are provided.