Download Genigraphics Research Poster Template 44x44

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Factorization of polynomials over finite fields wikipedia , lookup

Theoretical computer science wikipedia , lookup

Digital signature wikipedia , lookup

Secure multi-party computation wikipedia , lookup

Secret sharing wikipedia , lookup

Cryptanalysis of the Lorenz cipher wikipedia , lookup

Sieve of Eratosthenes wikipedia , lookup

Commitment scheme wikipedia , lookup

One-time pad wikipedia , lookup

Public-key cryptography wikipedia , lookup

Quantum key distribution wikipedia , lookup

Cryptanalysis wikipedia , lookup

Post-quantum cryptography wikipedia , lookup

Cryptography wikipedia , lookup

History of cryptography wikipedia , lookup

Diffie–Hellman key exchange wikipedia , lookup

Transcript 
How Secure is RSA: Mathematical Approach
By: Rana Khalil, Undergraduate
Supervisor: Dr. Monica Nevins, Professor and Chair
University of Ottawa, Faculty of Science
1
0
2
6
3
9
5
9
2
8
2
9
7
4
1
1
0
5
7
7
2
0
5
4
1
9
6
5
7
3
9
9
1
6
7
5
9
0
0
7
1
6
5
6
7
8
0
8
0
3
8
0
6
6
8
0
3
3
4
1
9
3
3
5
2
1
7
9
0
7
1
1
3
0
7
7
7
9
900
800
Introduction
Methods and Materials
700
600
Cryptography is the art and science of writing in secret
code. With the advent of the Computer Age,
cryptography has become essential in today's economy.
Public key cryptography is based on mathematical
problems that currently admit to no efficient solution. This
in turn has allowed individuals to share secret
communication over insecure channels, such as the
internet, which begs the question: How secure are
public key algorithms? Recently, it was revealed that
the National Security Agency (NSA) has obtained access
to RSA protected information by exploiting some
unknown flaws. In this research we analyze a paper by
Lenstra et al. called "Ron was wrong, Whit is right" which
identifies some of these potential flaws. Our project is to
understand the mathematical theory behind two major
algorithms: RSA and Diffie Hellman, with the probability
of these flaws occurring.
There are infinitely many prime numbers which are
randomly distributed. The prime number theorem states
that for a randomly chosen number N, the probability that
it is prime is 1/ ln (N), i.e. prime numbers are “easy” to
find.
1 2 3 4 5 6 7 8 9 10
12
22
32
42
52
62
72
82
92
13
23
33
43
53
63
73
83
93
14
24
34
44
54
64
74
84
94
15 16
25--26
35 - 36
45 46
55 56
65 - 66
75 - 76
85 - 86
95 96
17
27
37
47
57
67
77
87
97
18
28
38
48
58
68
78
88
98
19
29
39
49
59
69
79
89
99
500
400
300
Symmetric encryption
algorithms work on one
basic principle- the
same key that is used to
encrypt the plaintext is
used to decrypt the
ciphertext.
200
100
0
0
20
30
40
50
60
70
80
90
100
Table 1. Sieve of Eratosthenes from 1 to 100
Discrete Logarithm Problem
Let g and h ∈ Z/pZ. The Discrete Logarithm Problem (DLP) is the
problem of finding an exponent x such that gx ≡ h (mod p)
The number x exists if g is a primitive root for Z/pZ.
Figure 1. DLP example
Note: Exponentiation mod p is random; see Chart 1 for an
example with p=941.
100
150
200
250
300
Chart 1. Distributions of discrete logarithms for g = 641 modulo p = 941
Figure 2. Symmetric Key Cryptography
Public Parameter Creation
A trusted party chooses and publishes a (large) prime p and an integer
g (which is a primitive root for Z/pZ) having large prime order in Z/pZ*.
Private Computations
Alice
Bob
Choose a secret integer a.
Compute A ≡ ga (mod p).
Choose a secret integer b.
Compute B ≡ gb (mod p).
Compute the number Ba (mod p). Compute the number Ab (mod p).
The shared secret key value is Ba ≡ (gb)a ≡ gab ≡ (ga)b ≡ Ab (mod p).
Table 2. Diffie-Hellman key exchange
(II) Asymmetric Cryptography
Asymmetric encryption
and decryption uses
separate keys.
Decryption is done
using the private
(secret) key, while
encryption is done using
the public key.
50
Powers 641i mod 941 for i = 1, 2,......300
Public Exchange of Values
Alice sends A to Bob
A
B
Bob sends B to Alice
Further Private Computations
Alice
Bob
Prime Numbers
11
21
31
41
51
61
71
81
91
(I) Symmetric Cryptography
Symmetric
64 Bit
RSA, DL
70 Bit
Comments
Short term security
80 Bit
1024 Bit
Medium security
256 Bit
3072 Bit
High security
Table 4. Key lengths and Security Levels
Results
Flaw: In the Lenstra et al. paper it was mentioned that
among 4.7 million 1024-bit RSA moduli collected, more
than 12500 have a single prime factor in common! This
flaw allows for easy factorization of n.
Analysis: By the prime number theorem, there are
approximately 2504 primes that are less than 2510.
Therefore, the odds that two people randomly choose at
least one prime factor in common is
P=1−
2504 −2
2504
2
= 1 − 1−
1
2503
2
≈
1
2502
However, if we sample M ( = 4.7 million) different N, then
the odds that two of these N’s share at least one common
factor is approximately,
1 − 1 −𝑃
𝑀 𝑀 −1
2
≈
𝑀 𝑀 −1
2
P≈
243
2502
1
≈ 2459 ≈ 0
Figure 3. Asymmetric Key Cryptography
Alice
Bob
Key Creation
Choose secret primes p and q.
Choose encryption exponent e with
gcd( e, (p – 1)(q – 1)) = 1
Publish N (= pq) and e.
Encryption
Choose plaintext m.
Use Alice's public key (N, e) to
compute c ≡ me (mod N)
Send ciphertext c to Bob.
Decryption
Compute d satisfying
ed ≡ 1 (mod (p – 1)(q -1)).
Compute m' ≡ cd (mod N).
Then m' equals the plaintext m.
Table 3. RSA key creation, encryption, and decryption
Conclusion
In conclusion, the mathematics behind RSA is still very solid.
The major flaw detected by Lenstra et al. seems to be an
implementation error not a mathematical error. For further
research refer to [2], [3] & [4].
First and foremost, I would like to thank God for giving me the
opportunity to participate in this research. I would also like to
thank UROP for providing me with the funding and resources
to complete my research. Lastly, special thanks to Dr. Monica
Nevins for taking time out of her very busy schedule to teach
me about the fascinating world of cryptography!
10941738641570527421809707322040357612003732945449205990913842131476349984288934784717997257891267332497625752899781833797076537244027146743531593354333897
Contact
Rana Khalil
University of Ottawa, Undergraduate Research Opportunity Program (UROP)
[email protected]
References
References:
1. Hoffstein, J. , Pipher, J. , Silverman, J. H. , (2008). An Introduction to Mathematical Cryptography. New York, NY: Springer Science+Business
Media.
2. Mironov, I. (2012, May 15) . Factoring RSA Moduli. Part I. . Retrieved from windowsontheory.org/2012/05/15/979/
3. Mironov, I. (2012, May 17) . Factoring RSA Moduli. Part II. . Retrieved from windowsontheory.org/2012/05/17/factoring-rsa-moduli-part-ii/
4. Lenstra, A. K., Hughes J. P., Augier, M., Bos, J. W., Kleinjung T. & Wacher, C. (2012). Ron was wrong, Whit is right, 064. Retrieved from
eprint.iacr.org/2012/064.pdf
5. Survivability and Information Assurance (n.d.). Retrieved March 16, 2014, from
http://people.ubuntu.com/~duanedesign/SurvivabilityandInformationAssuranceCurriculum/02everything/02everything.html#AEN379
1
0
6
6
0
3
4
8
8
3
8
0
1
6
8
4
5
4
8
2
0
9
2
7
2
2
0
3
6
0
0
1
2
8
7
8
6
7
9
2
0
7
9
5
8
5
7
5
9
8
9
2
9
1
5
2
2
2
7
0
6
0
8
2
3
7
1
9
3
0
6
2
8
0
8
6
4
3
Related documents
Here - UMD MATH
Here - UMD MATH
Problem Set 8 The getting is
Problem Set 8 The getting is
Cryptography issues – elliptic curves
Cryptography issues – elliptic curves
Lecture 9
Lecture 9
Pythagoras Pythagoras A right triangle, such as shown in the figure
Pythagoras Pythagoras A right triangle, such as shown in the figure
(pdf)
(pdf)
Name: Math 111 - Midterm 1 Review Problems
Name: Math 111 - Midterm 1 Review Problems
TEST #2 Directions: Solve five of the following eight problems: three
TEST #2 Directions: Solve five of the following eight problems: three
SOLUTIONS TO THE SECOND PROBLEM SHEET FOR
SOLUTIONS TO THE SECOND PROBLEM SHEET FOR
Cryptography and Coding Theory
Cryptography and Coding Theory
Evening Homework Problems - University of Nebraska–Lincoln
Evening Homework Problems - University of Nebraska–Lincoln
Prime Factorization prime_factorization_2
Prime Factorization prime_factorization_2
Homework 3
Homework 3
QuestionFile3Cryptography
QuestionFile3Cryptography
RSA System setup and test
RSA System setup and test
Understanding Cryptography
Understanding Cryptography
ModernCrypto2015-Session4-v7
ModernCrypto2015-Session4-v7
Still Image Compression
Still Image Compression