Toggle navigation

Cryptography, Information Theory, and Error-Correction. Aiden A. Bruen

Чтение книги онлайн.

Новинки Лучшее Рекомендации

Читать онлайн книгу Cryptography, Information Theory, and Error-Correction - Aiden A. Bruen страница 33

Cryptography, Information Theory, and Error-Correction - Aiden A. Bruen

Скачать книгу

find upper M as there are too many values of r to try. It is a remarkable fact that if there is just a single value of r, say r equals r 0, such that the e Superscript th root of upper C plus r upper N is a whole number lying between 1 and upper N minus 1. To see this, let upper M 1 be any whole number, i.e. a positive integer not necessarily lying between 1 and upper N minus 1 such that upper M 1 Superscript e Baseline equals upper C plus upper N. Then

      (3.1)upper M 1 Superscript e Baseline identical-to upper C left-parenthesis mod upper N right-parenthesis period

      Let d be a decryption index (there may be several). If upper M is the message, then, by definition,

      (3.2)upper M Superscript e Baseline identical-to upper C left-parenthesis mod upper N right-parenthesis period

      Applying d, we have

      (3.3)upper M 1 Superscript e d Baseline identical-to upper M 1 identical-to upper C Superscript d Baseline left-parenthesis mod upper N right-parenthesis

      and

      (3.4)upper M Superscript e d Baseline identical-to upper M identical-to upper C Superscript d Baseline left-parenthesis mod upper N right-parenthesis

      Therefore, upper M identical-to upper M 1 left-parenthesis mod upper N right-parenthesis. In particular, if upper M 1 lies between 1 and upper N minus 1, as does upper M by assumption, then upper M equals upper M 1. In effect, we are saying that the mapping upper M right-arrow upper M Superscript e is 1 to 1 if upper M lies between 1 and upper N minus 1.

      Moreover, it can be shown that if for any positive integer r the eth root of upper C plus r upper N is a whole number v, then the remainder of v upon division by upper N must be upper M (see Chapter 19).

      The recipient Bob, however, can calculate upper M immediately from a formula involving his private key consisting of a “decryption index” d along with two prime numbers p, q. The reason is that upper N is the product of p and q. Bob knows p and q. Anybody else, even knowing upper N, cannot in general determine what the factors p, q are in a reasonable amount of time.

      Eve can try guessing the message without knowing d by guessing r 0. Alternatively, Eve can try guessing p and q from which she can calculate d. In other words, Eve can try to guess the private key and then determine the message.

      We detail some potential weaknesses with public key algorithms such as RSA. However, this algorithm is still a central public key algorithm. Its security, when carefully implemented, seems to still be strong after many years of constant use.

      The encryption exponent e mentioned above must be chosen to have no factors in common with p minus 1 and no factors in common with q minus 1. The reason for assuming this is so that d exists. Another reason is that this condition must be satisfied in order that two different messages get two different encryptions. This comes up in Problem 3.1. We mention also that, for a given

Скачать книгу


e-mail: [email protected]

Яндекс.Метрика