Chapter 12: Cryptography
MAT 320 Spring 2008
Cryptography: Basic Ideas
We want to encode information so that
no one other than the intended recipient
can decode it.
Essentially we have two functions: an
encoding function E, and a decoding
function, D.
Two Functions
If x is a message (and it’s not hard to
express messages as numbers), then E(x)
should be the encoded message
Once the message is received, D(E(x)) is
the original message x
So E and D are inverse functions
Options
One option is to keep both functions
secret
The advantage of this method is that if
unintended recipients do not know your
functions, they should be unable to
decode your message
The disadvantage of this method is that
the more people who know your
functions, the less able you will be to
keep them secret
Personal Keys
In a more advanced system, each person
has their own functions.
Anne has her functions E
Anne
and D
Anne
Bob has his functions E
Bob
and D
Bob
The problem with this method is that so
far, Anne and Bob can only send
messages to themselves, not to each
other
Public Keys
To fix this problem, we make everyone’s E
function
public
.
So anyone can encode a message using
anyone else’s key.
However, we need to keep the D
functions
private
, or else our information
could be stolen.
How It Works
Anne wants to send a message to Bob.
Anne knows E
Bob
, so she sends
E
Bob
(message) to Bob
Only Bob knows D
Bob
, so only Bob can
compute D
Bob
(E
Bob
(message)) = message
Signatures
Another advantage of a public

key is the
ability to “sign” messages.
Suppose that the bank receives an encoded
message claiming to be from Anne.
Anyone can send
E
Bank
(message) to the Bank.
But only Anne can send
E
Bank
(
D
Anne
(message))
The bank knows
D
Bank
and
E
Anne
, so they can
decode the message by applying these
functions
Troubles
The main problem that comes up with
public

key cryptography is that we need
to make sure that it’s very difficult to
figure out how the D function works from
knowing how the E function works.
One method that accomplishes this is RSA
cryptography.
Intermission
Lemma 12.1
(Limited Cancelling)
Lemma 12.2
(Fermat’s Little Theorem)
How RSA Works
Let p and q be distinct primes. Let n =
pq
.
In practice, we let p and q be quite large,
with hundreds of digits. It is difficult to
factor large numbers,
even by computer
,
and if someone were able to factor n,
they would be able to break our code.
Go ahead and choose primes now. For
purposes that will become clear soon,
make sure that n is at least 270,000.
Again, in practice, n is much, much larger.
How RSA Works, continued
Let k = (p
–
1)(q
–
1), and choose d so that
(d, k) = 1.
Using Bezout’s Theorem, find e so that
de
1 (mod k)
The numbers e and n are made public,
and the number d is kept private.
The encoding function is E(x) = x
e
mod n
The decoding function is D(x) = x
d
mod n
Let’s Try It
Following the example on your handout, enter
your numbers p, q, n, and k into
Mathematica
.
Choose a number d so that (d, k) = 1. You may
have to try a few times to get a d that works.
Once you find a value of d, use the
ExtendedGCD
command to find e so that
ed
1 (mod k).
If
Mathematica
gives you a negative value of e,
add k to it (since we’re working mod k, this will be
congruent)
Sending Messages
First we need to convert our message to
numbers. Converting the entire message to a
single number would make our calculations
difficult, so instead we break it up into blocks.
Using A = 01, B = 02, …, Z = 26, break your
message into 3

letter blocks and convert them to
numbers.
Now you see why we needed to have n be at least
270,000.
Add extra zeros to the end of your message if it
doesn’t break up evenly into three

letter blocks.
Encoding
Now we are ready to plug these numbers
into our encoding function.
When x and d are large, computing x
d
,
dividing it by n, and computing the
remainder is very time consuming.
However, there are many computational
shortcuts Mathematica can use, including
the PowerMod command.
PowerMod[x,d,n] computes x
d
mod n
One More Proof
In order to convince ourselves that RSA
always works, we need to prove this
theorem:
Theorem 12.3
(RSA Works!)
Let p and q be distinct primes, and let
n = pq and k = (p
–
1)(q
–
1). If d and e
are chosen so that (d, k) = 1 and ed
1
(mod k), then for all integers x, x
ed
x
(mod n).
Comments 0
Log in to post a comment