m = c d mod n：m = c d mod n

《m = c d mod n：m = c d mod n》由会员上传分享，免费在线阅读，更多相关内容在教育资源-天天文库。

1、Cryptography&NetworkSecurityRSAAlgorithmRonRivest,AdiShamirandLenAdleman,whoinventeditin1977UsedforbothpublickeyencryptionanddigitalsignaturesPlaintextisencryptedinblocks,eachblockhavingabinaryvaluelessthansomenumbern.Blocksize<=log2(n);,theblocksizeisibits,where2i

2、C=MemodnM=Cdmodn=(Me)dmodn=MedmodnpublickeyofKU={e,n}privatekeyofKR={d,n}RequirementsItispossibletofindvaluesofe,d,nsuchthatMed=MmodnforallM

3、ventwoprimenumbersp&qandtwointegersnandmsuchthatn=pqand0

4、=1modΦ(n)d=e-1modΦ(n)Thatis,eanddaremultiplicativeinversesmodΦ(n).Equivalently,gcd(Φ(n),d)=1.IngredientsofRSAp,q,twoprimenumbers(private,chosen)n=pq(public,calculated)e,withgcd(Φ(n),e)=1;1

5、ndthepublickeyconsistsof{e,n}.SupposethatuserAhaspublisheditspublickeyandthatuserBwishestosendthemessageMtoA.ThenBcalculatesC=MemodnandtransmitsC.Onreceiptofthisciphertext,userAdecryptsbycalculatingM=Cdmodn.Selecttwoprimenumbers,p=17andq=11.Calculaten=pq=17x11=187.Calculat

6、eΦ(n)=(p-1)(q-1)=16x10=160.SelectesuchthateisrelativelyprimetoΦ(n)=160andlessthanΦ(n)wechoosee=7.Determinedsuchthatde=1(mod160)andd<160.Thecorrectvalueisd=23,because23x7=161=160+1;dcanbecalculatedusingtheextendedEuclid'salgorithmRSAisuschslowerthanDES&OtherSymmetricCryptos

7、ystemsTheSecurityofRSAFourpossibleapproachestoattackingtheRSAalgorithm:Bruteforce:Thisinvolvestryingallpossibleprivatekeys.Mathematicalattacks:Thereareseveralapproaches,allequivalentinefforttofactoringtheproductoftwoprimes.Timingattacks:Thesedependontherunningtimeofthedecr

8、yptionalgorithm.Chosenciphertextattacks:ThistypeofattackexploitspropertiesoftheRSAalgorit