How does today's popular asymmetric encryption work? This article is intended to provide a mathematical explanation using the example of the RSA encryption system.

The term cryptography today includes several topics, such as information security, encryption, etc. Verifiable use of cryptography occurs for the first time in the third century BC. The parlance "cryptic signs" can still be used today as an example for symbolizing images.

What is asymmetric encryption?

In an asymmetric encryption method, XY generates a private (secret) priv_key key and a public (non-secret) pub_key key. The public key is freely accessible to everyone and serves only to encrypt a message m. However, this encrypted message m 'can now only be decrypted back to the original message m using the private key XY.

How does asymmetric encryption work?

For this purpose, the generation of the keys and the associated conditions must be considered more closely:

First, two (actually very large) primes, eg p = 7 and q = 17 are needed. This computes N = p * q , in this case N = 7 * 17 = 119 . That's almost the public key. For the second part (e), we need the Euler phi-function ( φ (N) ) coupled to the number N prime natural numbers which are smaller than N , they are indicative.

Since N = p * q here is the result of a multiplication of two primes, φ (N) = (p-1) * (q-1), and therefore e, the second part of the public key, must be prime. If e and φ (N) are non-prime, this means there is no number that shares e or φ (N) (except 1). For example, four and five are alien, but four and six are not (the two is a common divisor: 4/2 = 2 = integer = 3 = 6/2. Sharing means the result must be an integer / no comma),

Back to our example:

φ (N) = 6 * 16 = 96, and e = 11 , for example, is prime to φ (N) = 96 , since 11 is a prime, thus has no "true divisors" (except the one) and does not divide 96 either. The public key is thus (e, N) = (11,119) .

And now?

If one now wants to send the message DA encrypted to XY, first the message DA has to be coded into a number format. For this you use eg the simplest form A = 1, B = 2, C = 3, D = .. (Important: Both parties have to agree on a coding!). Thus now the message m = 41 (DA) must be encrypted. For this, we have to calculate m '= (m ^ e mod N). 41 ^ 11 gives 550,329,031,716,248,441 and this enormous number (despite comparatively very small primes and small e) is now calculated modulo 119. This results in 48 (modulo is sharing with the remainder, eg at 100 mod 3 it is even (99/3 = 33)Remainder 1 and thus 1 is the result of 100 mod 3. ).

It remains to be noted that the encrypted message is m'= 48.

But who can decrypt this message?

Decryption works only with the private key of XY. On the one hand, this consists of N = p * q , ie 7 * 17 = 119 . As a reminder, p and q were the two primes used to create the public key. The second part of the private key ( d ) is the inverse of e with respect to mod φ (N). That is, d must satisfy the equation (d * e mod φ (N)) = 1.

In this example (d * 11 mod 96) = 1 . This equation is analogous to d * 11 + k * 96 = 1which can be solved, for example, with the extended Euclidean algorithm. This calculates d = 35 and k = (- 4) . Thus, the private key is (35, 119) .

Now it's time to decrypt!

The encrypted message XY received is m '= 48 . The equation for decryption is m = (m '^ d mod N) , and 48 ^ 35 gives: 69,733,796,196,349,127,882,498,386,212,799,025,430,591,303,459,053,745,733,632. This huge number modulo 119 is now 41 , which decodes (A = 1, B = 2, ...) DA. taaaDA!

Summary

First, two (usually very large) primes are used to compute N = p * q and φ (N) = (p-1) * (q-1) . The primes p and q are now forgotten or thrown away and basically, the security of the RSA encryption is based on the fact that there is no known method that decomposes the number N into its prime factors p and q in real time. For only with φ (N) = (p-1) * (q-1) can both public and private keys be generated or calculated.

After the message is encoded into a number format, the encryption of the message can be calculated by exponentiating the encoded message with the private key and then modulo N (m '= (m ^ e mod N)). The encrypted (cryptic) message m ' can only be reversed or decrypted by exponentiation with the private key d (m = (m' ^ d mod N)).

As early as 1998, Boneh and Venkatesan, at the Eurocrypt conference, considered that the security of RSA encryption could not be equated with factoring N into its prime factors.

Marko Vidrih @cryptomarks.