1 / 22

RSA & F actoring I ntegers

RSA & F actoring I ntegers. By: Mike Neumiller & Brian Yarbrough. Integer Factorization. Reducing an integer into its prime components Useful for code breaking RSA uses a semi-prime number to encrypt data Semi-prime number : a number made by the multiplication of two prime numbers. RSA.

harlan
Download Presentation

RSA & F actoring I ntegers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. RSA & Factoring Integers By: Mike Neumiller & Brian Yarbrough

  2. Integer Factorization • Reducing an integer into its prime components • Useful for code breaking • RSA uses a semi-prime number to encrypt data Semi-prime number: a number made by the multiplication of two prime numbers

  3. RSA • Public Key Cryptosystem • Currently used key sizes: 1024 bits to 4096 bits • Many versions have been cracked already • Largest of which is the 768 bit version (RSA-768) • RSA-1024 expected to be cracked in the near future

  4. Key Generation – Public Key • Public key consists of a semi-prime, n, made from two large prime numbers and an exponent, e. • Steps to find n and e: • Pick two distinct primes, p and q of similar bit-length • Calculate n = p * q • Compute φ(n) = (p – 1)(q – 1) • Pick an integer e that is coprime with φ(n), such that 1 < e < φ(n) • Encryption is c ≡ me (mod n)

  5. Key Generation – Private Key • Private key consists of mod n, and an exponent, d. • Use e, n and φ(n)) to create the private key. • d ≡ e-1 (mod φ(n)) • or find d given d⋅e ≡ 1 (mod φ(n)) • Decode using m ≡ cd (mod n)

  6. How Do We Break It? • Private key consists of: • mod n and d • n is known, so mod n is known, thus d is all we have to find. • d is created using: • φ(n) and e • e is known, so φ(n) is all we have to find now. • φ(n) = (p – 1) (q – 1) • So now we only need to find p and q • n = p * q • p and q are both primes, so use Integer Factorization!

  7. Factoring Integers – The Simple Solution • Trial Division • Easily understood, but laborious for the computer. • Repeatedly try to divide a number by increasingly larger primes until the full factorization has been found. • Similar to the way most humans would probably approach the problem.

  8. Example Code for Trial Division

  9. int main(int argc, char * argv[]) { unsigned long n = 1; if (argc <= 1) { cout << "Please specify a number to factor: "; cin >> n; cout << endl; } else { n = atol(argv[1]); } cout << "Using Trial Division to calculate the prime factors of “ << n << "...\n" << endl; vector<unsigned int> factors = trial_division(n); cout << "Factors found to be: "; for (unsigned int i = 0; i < factors.size(); ++i) { if (i > 0) { cout << ", "; } cout << factors[i]; } cout << endl; return 0; }

  10. std::vector<unsigned int> trial_division(unsigned long n) { std::vector<unsigned int> factors; if (n == 1) { factors.push_back(1); return factors; } std::vector<unsigned long> primes = prime_sieve(sqrt(n) + 1); for (unsigned int i = 0; i < primes.size(); ++i) { if (primes[i] * primes[i] > n) { break; } while (n % primes[i] == 0) { factors.push_back(primes[i]); n /= primes[i]; } } if (n > 1) { factors.push_back(n); } return factors; }

  11. std::vector<unsigned long> prime_sieve(unsigned long max) { std::vector<bool> is_prime; std::vector<unsigned long> primes; is_prime.resize(max + 1, true); for (unsigned long i = 2; i <= max; ++i) { if (!is_prime[i]) { continue; } primes.push_back(i); for (unsigned long j = i * i; j <= max; j += i) { is_prime[j] = false; } } return primes; }

  12. Factoring Integers – The Parallel Solutions • Quadratic Sieve (QS) • Factored RSA-129 on April 2, 1994 • 2GB of data was collected over 8 monthsusing computers distributed across the internet. • Processing of the collected data took another45 hours on Bellcore’sMasPar supercomputer. • Was fastest known method for traditionalcomputers until the Number Field Sievewas discovered.

  13. Factoring Integers – The Parallel Solutions • Number Field Sieve (NFS) • Fastest known method for factoring • Factored RSA-130 on April 10, 1996 • All RSA numbers to be factored since have been done with NFS. • Factored RSA-768 (232 digits) on December 12, 2009 after more than 2 years of calculations using a state-of-the-art distributed implementation of NFS.

  14. Example - RSA-768 Factored • RSA-768 = 1230186684530117755130494958384962720772853569595334792197 3224521517264005072636575187452021997864693899564749427740 6384592519255732630345373154826850791702612214291346167042 9214311602221240479274737794080665351419597459856902143413 • When factored, RSA-768 = 3347807169895689878604416984821269081770479498371376856891 2431388982883793878002287614711652531743087737814467999489 × 3674604366679959042824463379962795263227915816434308764267 6032283815739666511279233373417143396810270092798736308917

  15. Factoring Integers – The Quantum Solution • Shor’s Algorithm • Formulated in 1994 by Peter Shor. • Has already been shown to work • Factored 15 in 2001 and again in 2012 • Factored 21 in 2012 • Runs in polynomial time • Substantially faster than all of our current methods!

  16. Comparing Runtimes Trial Division O Number Field Sieve (NFS) O Shor’s Algorithm O((log N)3)

  17. Requirements for Shor’s Algorithm • The number must be odd • If the number is even, you can always divide by 2 until you get an odd number and then run Shor’s Algorithm. • The number must be a composite number • This can be tested by simply checking if the number is already a prime • The number must not be a power of a prime • This is checked for by checking the square, cubic, …, k-roots of N where k ≤ log2(n)

  18. How Shor’s Algorithm Works • Consists of two parts • A reduction of the factoring problem to the problem of order-finding problem. • This part simply turns the factoring problem into the problem of find the period of a function. • This part can be done on a classical computer! • A quantum algorithm to solve the order-finding problem. • This part finds the period using the Quantum Fourier transform. • This part is responsible for the incredible speedup of Shor’s Algorithm compared to our current methods.

  19. Integer Factorization Algorithms (Recap) • Trial Division • Easily understood, but laborious for the computer. • Quadratic Sieve (QS) • Factored RSA-129 on April 2, 1994 after more than 8 months of calculations. • Second fastest known method for traditional computers. • Number Field Sieve (NFS) • Fastest known method for factoring. • Factored RSA-768 (232 digits) on December 12, 2009 after more than 2 years of calculations. • Shor’s Algorithm • Bad news for the RSA encryption if we get a quantum computer of capable of running it for large numbers.

  20. Questions?

More Related