(英文)计算机非对称密钥加密
合集下载
相关主题
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
Chapter 4
3
Overview of Asymmetric Key encryption
非对称密钥加密概述
• Important to know who should know which key(s) 重要的是收发双方应该知道哪些密钥而 不需知道哪些密钥 • In general:通常
– Sender encrypts with recipient’s public key 发送者用接收者的公钥加密 – Recipient decrypts with its private key 接收者用自己的私钥解密
Fig 4.7
Chapter 4
The best of both worlds ——digital envelope 两全其美—数字信封
• A encrypts the plain text with symmetric key K1 • Then encrypts K1 with B’s public key K2—Key wrapping • A puts the cipher text and encrypted symmetric key K1 inside a digital envelope and send to B • B decrypts the encrypted symmetric key K1 with its private key K3 and gets K1 • Finally decrypts the cipher text with symmetric key K1 and gets the plain text
Fig 4.1
Chapter 4
5
Asymmetric Key Cryptography 非对称密钥加密
Sender (A) Receiver (B)
Plain text
Cipher text
Netw ork
Cipher text
Plain text
Encrypt with B’s public key
Chapter 4
7
Asymmetric Key Cryptography Example
非对称密钥加密举例
Customer A
Bank’s public key
Customer B
Bank’s public key
Bank’s private key
Bank
Customer C
Bank’s public key
Fig 4.3
Chapter 4
8
RSA Algorithm RSA算法
• By Rivest, Shamir & Adleman of MIT in 1977 • World’s most popular Asymmetric Key Encryption algorithm 世界上最著名的非对称密钥加密算法 • Based on exponentiationin a finite (Galois) field over integers modulo a prime 基于有限域中素数的幂模运算 – nb. exponentiation takes O((log n)3) operations (easy) 幂运算时间复杂度为O((log n)3) (容易) • security due to cost of factoring large numbers 安全保证在于大数的因式分解 – nb. factorization takes O(e log n log log n) operations (hard) 因式分解时间复杂度为O(e log n log log n) (困难)
11
为什么不能公布 p和q的值?
Chapter 4
Example of RSA Algorithm RSA算法举例
Encryption algorithm using the public key
1. Encode the original character using A = 1, B = 2 etc. 2. Raise the number to the power E, here 5. 3. Divide the result by 119 and get the remainder. The resulting number is the cipher text.
Chapter 4
4
Matrix of Keys 密钥矩阵
Key details A should know B should know
A’s private key
A’s public key B’s private key B’s public key
Yes
Yes No Yes
No
Yes Yes Yes
Chapter 4
1
Computer-based Asymmetric Key Encryption 计算机非对称密钥加密
Chapter 4
2
Overview of Asymmetric Key encryption
非对称密钥加密概述
• probably most significant advance in the 3000 year history of cryptography 在3000年密码学历史长河中是一个巨大的进步 • uses two keys – a public & a private key 使用两个密钥—一个公钥和一个私钥 • asymmetric since parties are not equal 非对称是因为通信双方使用的密钥不相同 • complements rather than replaces private key crypto 是对对称密钥加密的补充而不是取代
F F 6 5 6 Result modulo 119 = 41 41
12
Decryption algorithm using the private key
1. Raise the number to the power D, here 77. 2. Divide the result by 119 and get the remainder. The resulting number is the cipher text.
Chapter 4
9
Baidu Nhomakorabea
RSA Algorithm RSA算法
1. Choose two large prime numbers P and Q. 2. Calculate N = P x Q. 3. Select the public key (i.e. the encryption key) E such that it is not a factor of (P – 1) and (Q – 1). 4. Select the private key (i.e. the decryption key) D such that the following equation is true: (D x E) mod (P – 1) x (Q – 1) = 1 5. For encryption, calculate the cipher text CT from the plain text PT as follows: CT = PTE mod N 6. Send CT as the cipher text to the receiver. 7. For decryption, calculate the plain text PT from the cipher text CT as follows: PT = CTD mod N Fig 4.4
Chapter 4
10
RSA Example RSA例子
Select primes: p=17 & q=11 Compute n = pq =17×11=187 Compute (p–1)(q-1)=16×10=160 Select e : gcd(e,160)=1; choose e=7 Determine d: d*e=1 mod 160 and d < 160 Value is d=23 since 23×7=161= 10×160+1 6. Publish public key E={7,187} 7. Keep secret private key D={23,17,11} 1. 2. 3. 4. 5.
Decrypt with B’s private key
Fig 4.2
Chapter 4
6
Asymmetric Key Example 非对称密钥举例
• Consider a bank and its customers 考虑一个银行和其客户之间的交易行为 • Customers encrypt their messages with bank’s public key 客户用银行的公钥加密消息 • Bank decrypts messages with its private key 银行用自己的私钥解密消息
Chapter 4
RSA Example RSA例子
Select primes: p=17 & q=11 Compute n = pq =17×11=187 Compute (p–1)(q-1)=16×10=160 Select e : gcd(e,160)=1; choose e=7 Determine d: de=1 mod 160 and d < 160 Value is d=23 since 23×7=161= 10×160+1 6. Publish public key KU={7,187} 7. Keep secret private key KR={23,17,11} 1. 2. 3. 4. 5.
Size of resulting encrypted text
Key agreement / exchange Number of keys required as compared to the number of participants in the message exchange Usage
3. Decode the original character using 1 = A, 2 = B etc.
4177 Result modulo 119 6 F F B
A
Fig 4.6
Chapter 4
13
Symmetric v/s Asymmetric 对称和非对称的比较
Characteristic Symmetric Key Cryptography Asymmetric Key Cryptography Key used for encryption / decryption Speed of decryption encryption / Same key is used for encryption and decryption Very fast Usually same as or less than the original clear text size A big problem Equals about the square of the number of participants, so scalability is an issue Mainly for encryption and decryption (confidentiality), cannot be used for digital signatures (integrity and nonrepudiation checks) One key used for encryption and another, different key is used for decryption Slower More than the original clear text size No problem at all Same as the number of participants, so scales up quite well Can be used for encryption and decryption (confidentiality) as well as for digital signatures (integrity and non-repudiation checks)