If you have not registered, please follow this link: NEW USER

RSA Encryption

Encryption has been used to exchange information between two parties and keep that information from a third party. The problem with classical symmetric encryption is that the key used to encrypt the information must be distributed to the people who are supposed to be able to read the message before they can decrypt it. When a lot of messages are to be exchanged, lots of keys must be distributed which can be a logistical problem. Computers can efficiently encrypt and decrypt messages with symmetric ciphers.

In 1976, Whitfield Diffie along with Martin Hellman discovered public key cryptography and purposed the Diffie-Hellman key exchange which is still a commonly used key exchange.

In 1977, Ron Rivest, Adi Shamir, and Leonard Aldeman at MIT publicized the algorithm named from the initials of the three inventors. The algorithm is based on the fact that it is easy to multiply two large prime numbers together to get a product but it is very difficult to reverse the process. Given the product, it is difficult to calculate what two prime numbers were multiplied together initially.

In 1991, Senate Bill 266 was introduced by the US government. This anti-crime bill had a measure in it requiring all encryption software must have a back door in it to allow the government to obtain the plaintext of voice, data and other communications when authorized by law. This bill prompted Phil Zimmerman to develop Pretty Good Privacy (PGP). In the pgpguide.1st in PGP 1.0 was the following:

*The 17 Apr 1991 New York Times reports on an unsettling US Senate proposal that is part of a counterterrorism bill. If this nonbinding resolution became real law, it would force manufacturers of secure communications equipment to insert special "trap doors" in their products, so that the Government can read anyone's encrypted messages. It reads: "It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall insure that communications systems permit the Government to obtain the plain text contents of voice, data, and other communications when appropriately authorized by law."*

The problem with public key encryption systems with includes RSA is that they are computationally intensive and runs slowly as compared to symmetric key ciphers when dealing with large pieces of data. PGP utilized the RSA public key/private key system to exchange the symmetric key securely. The gist of a public key/private key system is that the key you want to exchange is encrypted with the recipient’s public key and the only way to decrypt the key is to have the corresponding private key. Knowing the public key does not help someone in trying to decrypt the message. PGP uses the RSA public key system to encrypt the session key that the rest of the message is encrypted with. RSA can run fairly quickly with the small amount of data that makes up the session key. So the message is encrypted with the IDEA cipher using a randomly generated key. The key is encrypted with the public key of the recipient using RSA. The recipient receives the message and uses his private RSA key to decrypt what the IDEA key was and that is used to decrypt the message itself.

*I was involved in the porting of PGP to A/UX (Apple’s Unix) and so I thought a puzzle based on a simplified RSA would be interesting for my contribution to the TOM Creative Group puzzle.*

*The RSA algorithm in detail*

*RSA involves a public key and a private key. The public key can be known by everyone and be used to encrypt messages being sent to the recipient who uses the private key to decrypt the message. The keys for the RSA algorithm are generated the following way:*

*Choose two large prime numbers**p**and**q**Compute**n**=**pq**Compute the totient**φ(n) = (p-1)(q-1)*this is used to find the modular multiplicative inverse of one of the exponents*Choose an integer**e**such that 1 < e < φ(n) and**e**and phi(n) are coprime (share no common factors other than 1) and frequently is chosen as**3**or**17**or 65537**.**Compute**d**such that 1 < d <φ(n) and ed ≡ 1 mod φ(n) (*To compute the value for d, use the Extended Euclidean Algorithm this is known as modular inversion.)- The public key is (
*n,e*) and the private key is (*n,d*). The values of*p*,*q*, and φ(n) should be kept secret.

∙ *n* is known as the modulus

∙ *e* is known as the public exponent or encryption exponent

∙ *d* is known as the private exponent or decryption exponent

This "classic" description is not exactly how it is implemented in real life as it is insecure.

ENCRYPTION:

Divide the message into blocks such that the bit-string of the message can be viewed as a 200-digit number lets say. Call that block, m.

Compute and send the encrypted message c ≣ m^e (mod n)

DECRYPTION:

Compute c raised to the d power ≣ c^d ≣(m^e)^d ≣ m^ed ≣ m^kø(n) +1 ≣ m^kø(n) * m ≣ 1*m ≣ m (modulo n)

A very simple example of RSA encryption

This example can be done using a calculator or by hand.

- Choose p=41 and q=53
- n=pq =41*53=2173 and ø(n) = (p-1)(q-1)=(40)(52)=2080
- choose e=623 which is >1 and coprime to ø(n)=2080 ie they have no common factors
- compute d such that ed ≡ 1 mod(ø(n))

or d = e^{-1}mod ø(n)

or find d such that ø(n) divides (ed – 1)

or find d such that 20 divides 3d – 1 - The answer is 207 for d

There is a algorithm to generate the multiplicative inverse given the ø(N). This is called the Euler ø-function

The easiest way to do this is to:

Begin by writing down a 3X2 array (called A) where the first row of A consists of the modulus and the number to invert; the second and third rows consist of the rows of the (2X2) identity matrix. In our situation, the modulus we want to use if the ø(n). The following steps are performed until the last element of the top row is zero.

- The greatest integer multiplier (m) of the [1,2]- element of the array is found, such that the product is less than the [1,1] element of the array. Then A[1,1] - m*A[1,2] is computed.
- It is only necessary to carry two columns' worth of information. Thus A[1,1] can be replaced by A[1,2], and A[1,2] by the quatity computed in 1 above.
- The same process is carried out for the second and third rows: computing A[j,1] - m*A[j,2], replacing A[j,1] by A[j,2], and A[j,2] by the previous computation (j = 2,3).
- Once A[1,2] becomes zero, the desired inverse is the value of A[3,1].

The calculation to compute the inverse of 623 (mod 2080) is as follows (from the above algorithm)

m | 3 | 2 | 1 | 20 | 10 | ||

A[1,*] | 2080 | 623 | 211 | 201 | 10 | 1 | 0 |

A[2,*] | 1 | 0 | 1 | -2 | 3 | -62 | |

A[3,*] | 0 | 1 | -3 | 7 | -10 | 207 |

Thus the required inverse is 207. (This is what you would need to plug in on the site as the answer).

623 * 207 (Mod 2080) is 128961 (Mod 2080) which is 1 because 2080 divides into 128961 62 times with a remainder of 1.

Now to use this, to encrypt a message, we take the message, raise it to the power of the encryption exponent and reduce it modulus n

Now for a very simple example: choose p=17, q=23, then pq=n=391, compute the ø(n) = (17-1)(23-1) = (16)(22)=352

Choose the encryption exponent to be 29. Publish 29 and 391 and now calculate the secrete decryption exponent.

m | 12 | 7 | 4 | ||

A[1,*] | 352 | 29 | 4 | 1 | 0 |

A[2,*] | 1 | 0 | 1 | -7 | |

A[3,*] | 0 | 1 | -12 | 85 |

So 85 is our calculated decryption exponent

29*85 (mod 352) = 2465 (mod 352) = 7*352 +1 = 1 The answer you would plug in on the site is 85

Now one more time ultra simple:

lets choose p=5 and q = 17, then pq = 85, (4)(16) = 64, choose e to be 3

m | 21 | 3 | ||

A[1,*] | 64 | 3 | 1 | 0 |

A[2,*] | 1 | 0 | 1 | |

A[3,*] | 0 | 1 | -21 |

So our answer is -21 which we add to the modulus 64 to get 43 as our exponent.

43 * 3 = 129 and 129 (mod 64) = 2*64 +1 = 1 (mod 64).

so lets encrypt the number 5 (wolfram alpha is a great site to help with this)

5 ^ 3 (mod 85) = 40 to the encrypted message would be 40.

to decrypt,

40 ^ 43 (mod 85) = 5 (which is our original message).

I hope this gives you an idea on how the RSA encryption works.

If you decide you want to try this cache, you will need to register with my site by following the link at the top of the page. This registration is needed to link your geocaching log name with a unique puzzle. You will be given a choice of 10 puzzles that have not been used to pick from.. You will then be asked to "log in" again with the geocaching name and you will be presented with your unique puzzle ( the modulus and the public encryption key e) and prompted to enter the private key (d) which you will have to calculate. If you enter the correct private key for that puzzle, you will be shown the coordinates for the cache and be allowed to log the cache. If you enter the wrong private key, you will be allowed to continue trying. If anyone logs the cache without first calculating the correct private key (and everyone will have theor own unique modulus and encryption key), your log will be deleted.