Detailed explanation of RSA algorithm

Time:2021-3-21

What is RSA

In the previous article, we talked about AES algorithm. AES algorithm is a symmetric encryption algorithm. In this paper, we will introduce a very common asymmetric encryption algorithm RSA.

Asymmetric encryption algorithm, also known as public key cryptography algorithm, encrypts and decrypts plaintext ciphertext by generating public and private keys. RSA’s name comes from the initials of its three developers, Ron Rivest, ADI Shamir and Leonard Adleman.

RSA company patented RSA algorithm in 1983.

RSA encryption

RSA encryption can be expressed by the following formula:

Detailed explanation of RSA algorithm

Through the formula, we can know that the ciphertext of RSA is obtained through the E power of plaintext and the mod operation of n. This encryption process only uses factorial and modular operations, which is very simple and clear.

Simple is the best, which may be the reason why RSA algorithm is so universal.

If we know e and N, we can get the ciphertext, so we call the combination of E and N public key, which can be expressed as {e, n}.

How to choose E and N is a complex mathematical process, which we will talk about later.

Decryption of RSA

Let’s first look at the RSA decryption formula:

Detailed explanation of RSA algorithm

From the formula, we can see that the plaintext is obtained by taking the D power of ciphertext and modulus n. Here n and encrypted n are the same number.

The combination of D and N is represented as the private key {D, n}.

N. Generated e, D

After knowing the principle of RSA encryption and decryption, we will discuss how to generate N, e and D in the process of encryption and decryption.

The generation process is as follows:

1. Generate n

The formula for generating n is as follows:

Detailed explanation of RSA algorithm

P and Q are two large prime numbers. If they are too small, they are easy to be deciphered. If they are too large, they will affect the calculation speed. Generally, the size of P and Q is 1024 bits. These two numbers are generated by pseudo-random number generator. Pseudo random number generator can’t generate prime number directly, it is obtained by repeated retries.

2. Find L

L is an intermediate number. Like P and Q, it will not appear in RSA encryption and decryption process.

The calculation formula of L is as follows:

Detailed explanation of RSA algorithm

L is the least common multiple of P-1 and Q-1

3. Find E

E is the public key used for encryption. E is a number larger than 1 and smaller than L. And E and l must be coprime. Only the coprime of E and l can calculate the value of D.

Detailed explanation of RSA algorithm

Here e is also generated by pseudo-random number generator.

When we find e and N, our public key is generated.

4. Find D

The formula for calculating D is as follows:

Detailed explanation of RSA algorithm

Cracking RSA

If you want to crack RSA, for the password cracker, he knows the public key {e, n} and the ciphertext

Detailed explanation of RSA algorithm

Is it possible to find the unknown variable plaintext directly through the three known variables?

The solution is actually a discrete logarithm problem. At present, there is no efficient method to find the discrete logarithm. It can be said that it is very difficult.

So is it possible to get the D in the key by brute force?

At present, in RSA algorithm, the length of P and Q is generally more than 1024 bits, the length of n is more than 2048 bits, and the length of E and D is almost the same as that of N. it is very difficult to brutally crack 2048 bits of D.

According to the formula:

Detailed explanation of RSA algorithm

It can be seen that if the cracker knows the value of L, then it can easily find D. And l is calculated by P and Q, so P and Q must be kept secret, otherwise it is the same as password leakage.

Because n = P * q, P and Q are prime numbers, and N is known, can we get P and Q by prime factorization?

At present, there is no efficient algorithm for large integer factorization, so RSA algorithm is still very safe, but once there is such an algorithm, RSA will be easily broken.

So the official recommendation: 1024 bit RSA algorithm should not be used for new purposes. 2048 bit RSA algorithm can be used in 2030, 4096 bit algorithm can be used in 2031.

For more tutorials, please refer to flydean’s blog