- RSA ENCRYPTION -

wanderooswarrenAI and Robotics

Nov 21, 2013 (3 years and 4 months ago)

56 views







2010


Group 11


Members:

1.

Tr

n Đăng Khoa


50701155

2.

Tr

n Đinh Công Tráng


50702565

3.

Nguy

n C

nh
Toàn


5
0702519

-

RSA ENCRYPTION
-

TECHNICAL REPORT

The technical report of Group 11 (HCMUT


CSE) for the Cryptography and Network Security
subject’s

assignment

RSA Encryption


Technical

Report

1

|
P a g e


TABLE OF CONTENTS

I.

INTRODUCTION

1.

Assignment
Requirements

2.

Scopes

II.

BACKGROUND

1.

RSA Algorithm

2.

Chinese Remainder Algorithm

III.

TECHNICAL SOLUTIONS

1.

Platform and Development Tools

2.

Design

2.1.

Features

2.2.

Class Diagram

3.

Technical Details

3.1.

Generating Random
Prime Number

3.2.

Extended Euclid

3.3.

Generating
Key Pair

3.4.

Encrypting File

3.5.

Decrypting File

IV.

APPLICATION USAGE

1.

Overview

2.

How to generate a key pair

3.

How to
encrypt and decrypt a file

V.

DISCUSSION AND CONCLUSIONS

1.

Limitations

2.

Future Development

VI.

REFERENCES AND EXTERNAL LINKS



RSA Encryption


Technical

Report

2

|
P a g e


I.

INTRODUCTION

1.

Assignment Requirements

This is the original requirements of the assignment:

In this Programming assignment you will have to implement RSA encryption
in Java/C++. You cannot use from web or in Java. What you can use are:

-

Java has a built
-
in BigInteger class to store big integers you needed for RSA
(such as finding large prime

-

C++

has a library as NTL (Library for doing Number Theory) or GMP (the
GNU Multiple Precision Arithmetic


In other words, you can use
this

big
-
integer implementa
tion to manage your
data and do module operation, methods (gcd, power, finding prime numbers,
and so on). You have to impl
ement these functions yourself:
produce large
random numbers
. S
ome functions provided for random numbers cannot be
used due to its too
ls to get random numbers in java.util.random or
java.security.SecureRandom. Similarly, C++ have rand() numbers. You can use
the random number function provided by Java if implementing random
numbers is methods there are not secure since Linear congruent me
thod is
the default method set for Java's two built enhance security, you are strongly
recommended to implement your own good random number generator.


a.


Main functions

In your own RSA implementation, assume that the large prime numbers are
at least 500 b
its (but could write several functions yourself
)
:



A function to find large prime numbers, when given number of bits as an
input



A function to compute gcd when given two large integers



A function to produce a random encryption key when given the two large
prime numbers used for RSA



A function to compute the decryption key when given the encryption key
e and the two large prime numbers



A function for encryption when given the message an
d encryption key e
and the modulo n



A function for decryption when given the ciphertext and encryption key e
and the modulo n

b.


What you have to submit



Your code that can encrypt a file using RSA, where the
input of your code
is

two files: one file is th
e key for encryption.



Your code that can decrypt a file using RSA, where the
input of your code
is

two files: one file is the ciphertext key for decryption.



A technical report about the assignment. The report will have 20 to 30
pages. The paper should be

in postscript PDF, or WORD format.


RSA Encryption


Technical

Report

3

|
P a g e


2.

Scopes

Based on the requirements, we limit the scope of this project to:



Implement the core module of RSA algorithm

which processes big integer
type
.



Implement our own generating prime algorithm combining Eratosthenes
sieve and Miller
-
Rabin algorithms.



Create GUI (forms) to make it easier to use.

II.

BACKGROUND

1.

RSA Algorithm

RSA (which stands for
R
ivest,
S
hamir and
A
dleman who first publicly
described it) is an algorithm for public
-
key cryptography.


The RSA algorithm
involves in 3 steps: Key Generation, Encryption and
Decryption.

-

Key Generation: this step creates a key pair which contains public and
private key. The public key can be known to everyone and is used for
encrypting messages.

The private key is secretly ke
pt by a person or a
group and is used for decrypting messages which are encrypted by the
public key. Therefore, only a person (or a group) can see the original
message.

-

Encryption:
this step encrypts a message using the public key.


-

Decryption: this step
decrypts a cipher message using the private key.



Besides, in order to implement well with big integers, we need to use some
more al
gorithm
s

to boost up calculation: Chinese Remainder Algorithm.

2.

Chinese Remainder Algorithm

For efficiency many popular cry
pto libraries (like OpenSSL, Java and .NET) use
the following optimization for decryption and signing: The following values
are precomputed and stored as part of the private key:



p

and

q: the primes from the key generation,



,




and



.

These values allow
computing

the exponentiation


more efficiently computed as follows:

RSA Encryption


Technical

Report

4

|
P a g e














(if

m1

<

m2

then some libraries
compute h as

)




This is more efficient than computing


even though
two modular exponentiations have to be computed. The reason is that these
two
modular exponentiations both use a smaller exponent and a smaller
modulus.

III.

TECHNICAL SOLUTIONS

1.

Platform and Development Tools

1.1.

Platform

a.

Language: Java

b.

Operating System: Windows 7

1.2.

Development Tools

a.

IDE: Eclipse

Helios 3.6.2

b.

Plug
-
ins:

MyEclipse

2.

Design

2.1.

Features

-

Generating a key pair (Public / Private)

-

Encrypting a file

-

Decrypting a file

2.2.

Class Diagram

RSA Encryption


Technical

Report

5

|
P a g e



GUI classes


RSA Encryption


Technical

Report

6

|
P a g e



Encrypt / Decrypt Classes

RSA Encryption


Technical

Report

7

|
P a g e



Prime & Key Generator Classes


3.

Technical Details

3.1.

Generating Random Prime Number

There are 3 main steps:



Step 1:
Generate a random BigInteger number with input bits
(keyLength / 2)



Step 2: Use the generated number as the base which is used in
sieving. We sieve the candidate primes from the range of (base;
base + input bits) using the relative small primes arr
ay.



Step 3: After sieving, we loop through each candidate number and
test primality to check if the candidate is probably a prime. If
RSA Encryption


Technical

Report

8

|
P a g e


cannot find the prime from the candidate numbers, we restart the
algorithm from Step 1 with another random base number.

In

order to generate bi
g prime numbers fast, we implement

2
algorithms



Eratosthenes sieve to sieve the searching range of primes



Choose a candidate and check whether it is prime

a.

Eratosthenes sieve

To sieve the composite numbers and retrieve the candidate
pr
imes before testing primality. This step reduces the range of
testing primality.

Input:

base
, an even big integer which is the start
of sieving

Input:

searchLength
, an integer which is the limit
of sieving

Output:

an array
bits
[] in which 1 means composite
and 0 means prime. For saving the space,
bits[]

does
not contain the odd numbers. The real number
corresponding to the bit index in
bits[]

is
calculated as
:

value = base + 2 * index + 1.

Pseudocode:

LOOP: each prime in primes
array:


Find the nearest number from base which is
divisible by the prime


From the found number (start) to
searchLength

(limit), step by the prime and set all bits to 1
(means composite)


b.

Primality Testing (Miller
-
Rabin)

To check a number is a primary or
not, Miller


Rabin Algorithm is
used.

Miller
-
Rabin

algorithm can be written in pseudocode as follows:

Input
:
n

> 3, an odd integer to be tested for
primality;

Input
:
k
, a parameter that determines the accuracy
of the test

Output
:
composite

if
n

is composi
te, otherwise
probably prime

write
n

− 1 as 2
s

d

with
d

odd by factoring powers
of 2 from
n



1

Pseudocode:

LOOP: repeat
k

times:


pick a random integer
a

in the range [2,
n

− 2]

x


a
d

mod
n


if
x

= 1 or
x

=
n

− 1 then do next LOOP

for = 1 ..
s

− 1

x


x
2

mod
n


if
x

= 1 then return
composite

RSA Encryption


Technical

Report

9

|
P a g e



if
x

=
n

− 1 then do next LOOP


return
composite

return
probably prime


3.2.

Extended Euclid

The

extended
Euclid

algorithm

is
an extension to the

Euclidean
algorithm

for finding the

greatest common divisor

(GCD) of
i
ntegers

a

and

b: it also finds the integers

x

and

y

(one of which is
typically negative) in

Bézout's identity


k
,
l

N
|k*
a

+

l*b

= gcd(a,b)

This method computes
expressions of the form

r
i

=

ax
i

+

by
i

for the
remainder in each step

i

of the Euclid

algorithm. Each

modulus

can be
written in terms of the previous two remainders and the
ir whole
quotient as follows:


By substitution, this gives:



The first two values are the initial arguments to the algorithm:



The expression for the last non
-
zero remainder gives the desired
results since this method computes every remainder in ter
ms
of

a

and

b, as desired.


Example
:

Compute the GCD of 120 and 23.

The computation proceeds as follows:



s
d
f
s
f
s

T
h
RSA Encryption


Technical

Report

10

|
P a g e


Th
e last line reads 1

=

120

×

−9

+

23

×

47, which is the required
solution:

x

=

−9 and

y

=

47.


Apply Euclidean algorithm, and let

q
n
(n

starts from 1) be a finite list of
quotients in the division.

i.

Initialize

x
0
,

x
1

as 1, 0, and

y
0
,

y
1

as 0,

1 respectively.

ii.

Then for each i so long as

q
i

is defined,

iii.

Compute

x
i+1

=

x
i−1



q
i
x
i

iv.

Compute

y
i+1

=

y
i−1



q
i
y
i

v.

Repeat the above after
incrementing

i

by 1.

The answers are the second
-
to
-
last of

xn

and

yn.


The

Extended Euclid

algorithm can be written in pseudocode as
follows
:

function

extended_gcd(a, b)


x := 0 lastx := 1


y := 1 lasty := 0

while

b ≠ 0


quotient := a
di
v

b



{a, b} = {b, a
mod

b}


{x, lastx} = {lastx
-

quotient*x, x}


{y, lasty} = {lasty
-

quotient*y, y}

return

{lastx, lasty, a}


3.3.

Generating Key Pair

A key

pair

used for RSA algorithm include
s

Public Key

and

Private Key
.
It
(assum
e

the key is
i
-
bit
,
i
>=
500) is generated as

the

follow
ing

way:



Step 1:
Generating two prime p, q with i
/2 bit
s



Step 2:
Compute

n = p*
q, if n does not
equal

to

i
-
bit,

go back
to
step 2



Step 3: Compute


(n) = (p


1)*(q
-
1)



Step 4:
Select e such that e is relatively prime to

(n) and less
than

(n)



Step 5:
Determine d such that de = 1 (mod

(n)) and d <

(n)
.
d
can be calculated using the extended Euclid's algorithm.

After step 5, we have two key
s
. The

Public Key is
(
e, n
)

and the

Private
Key
is

(
d, n
)
.

3.4.

Encrypting File

To encrypt a file, we have to read it as a byte array and divide the
array into the blocks which have the same size in bytes. The size of
RSA Encryption


Technical

Report

11

|
P a g e


the blocks (
size
block
)
is

determined by the length of the input key
(length
in
put
) so: size
block

< length
input
.
We find the largest block size,
which still meets the requirement, so the encrypted output file will be
smallest.

After determining the block size, we loop

through

each block of the
input file and use the public key to enc
rypt it and write to an output
file:



The process is described in steps as follows:



Step 1:
Determine the block size with the length of the input
key.



Step 2: Loop through each byte block and encrypt it.



Step 3: Store the encrypted block (now has the
same size with
the input key) into an output file.



Step 4: Repeat step 2 until reaching the end of the input file.

3.5.

Decrypting File

This process is nearly the same as encrypting but using the private
key, which is held by a receiver:



Step 1: Read file as by
tes and retrieve a BigInteger number.



Step 2: Use the private key (d, n) to compute the original block




Step 3: Concatenate the output string with the block



Step 4: Repeat step 1 until reaching the end of the output file.

IV.

APPLICATION USAGE

1.

Overview


1
-

Generate Key
-
Pair View

RSA Encryption


Technical

Report

12

|
P a g e




2
-

Encrypt
-
Decrypt View


2.

How to generate a key pair

-

Choose an output folder

-

Enter input bits

-

Click
Generate

button

3.

How to encrypt and decrypt a file

-

Choose an input file

-

Choose a key file (Public or Private)

-

Choose an output
folder

-

Choose
Encrypt

or
Decrypt

-

Click
Start

button

V.

DISCUSSION AND CONCLUSIONS

1.

Limitation
s

a.

Performance Issues

In summary, there are 2 main features of the application:

-

Generating a key pair
:

Key Length

Time

512 bits

< 1s

1024 bits

5s


2び

坨敮 来ge牡rin朠the k敹ep慩爠w楴h 潶o爠1〲4 bit猬⁴h攠慰p汩l慴i潮 h慳a
愠p敲f潲浡nc攠楳獵攮e

-

Encrypt / Decrypt a file
: The running time is always less than 1
second;

however the output file size is about 2
-
3 times greater than the
original’s. The reason is

that we store BigInteger numbers to the file
(
using ObjectOutputStream.
writeObject
()
).

b.

Secured Key Pair

RSA Encryption


Technical

Report

13

|
P a g e


The key
-
pair in this version is stored as plain
-
text file which can be read
easily by a text editor. It does not ensure the security issue.

2.

Future Deve
lopment

a.

Fix all limitations

-

For more practical, generating key pair should be less than 2 seconds.
We can optimize the implementation of the algorithm such as limit
using BigInteger’s operation.

-

Reducing the output file size is feasible. We can process all

output and
input as bytes instead of archiving BigInteger numbers.

-

Key Pair

should be encoded by PKCS#8 (
Private

Key) and X.509 (
Public

Key).

VI.

REFERENCES AND EXTERNAL LINKS

1.

RSA algorithm
-

http://en.wikipedia.org/wiki/RSA

2.

PKCS
-

http://en.wikipedia.org/wiki/PKCS

3.

X.509
-

http://en.wikipedia.org/wiki/X.509

4.

Generating Prime
-

http://en.wikipedia.org/wiki/Generating_primes

5.

Cryptography and Network Security 4
th

Edition
-

2005