Skip to main content

Public Key Cryptography

Public key cryptography is a cryptographic scheme that uses two keys, a public key and a private key. It is used for signature, key exchange and etc.

The security is ensured by using the difficulty of the calculation. For example, given xx, it is easy to compute yy such that y=f(x)y=f(x), but it is difficult to compute xx from yy.

RSA

RSA is a cryptosystem that relies on the difficulty of prime factorization. It is easy to compute the composite number n=pqn = pq for two primes p,qp, q, but it is difficult to compute the factors q,pq, p from nn.

Algorithm

This section explains the algorithm used to exchange messages securely using RSA. Let Alice be the receiver of the message and Bob be the sender.

Key Generation

Alice generates a key by doing the following:

  1. Choose two large prime numbers p,qp, q and compute N=pqN = pq.
  2. Choose a natural number ee such that gcd((p1)(q1),e)=1\gcd((p-1)(q-1), e) = 1.
  3. Find dd such that ed1(mod(p1)(q1))ed \equiv 1 \pmod{(p-1)(q-1)}.
  4. Let keyp=(N,e)key_p = (N, e) be the public key and keys=dkey_s = d be the private key.

Encryption

Bob takes keyp=(N,e)key_p = (N,e) and the plaintext M0,1,2,,N1M \in {0,1,2, \dots , N-1} as inputs and find the ciphertext:

C=Me(modN)C = M^e \pmod N

Decryption

Alice finds MM' from keys=dkey_s = d and CC as follows.

MCd(modN)M' \equiv C^d \pmod N

Here M=MM = M', so we can recover the message.

Signature Algorithm

A signature can satisfy the authentication and non-repudiation requirements of security.

Authentication: Certificates that the signer is a valid signer.

Non-requdiation: The signer cannot deny the signature later.

Signature

Signed by: Alice, Received by: Bob

  1. Alice creates a public key keyp=(N,e)key_p = (N, e) and a private key keys=dkey_s = d.
  2. Alice computes the signature σeMd(modN)\sigma^e\equiv M^d\pmod N for the message M0,,N1M \in {0,\dots,N-1} and sends (M,σ)(M, \sigma) to Bob.
  3. Bob uses the received (M,σ)(M, \sigma) and the public key (N,e)(N,e) to verify that σeM(modN)\sigma^e\equiv M\pmod N is true, and accepts if it is, or rejects otherwise.

From properties of the RSA cipher:

σe=(Md)e=MedM(modN)\sigma^e = (M^d)^e = M^{ed} \equiv M \pmod N