Current location - Quotes Website - Personality signature - Implementation method of rsa\des algorithm in java
Implementation method of rsa\des algorithm in java
Rsa encryption and decryption algorithm

This algorithm appears in 1978, which is the first algorithm that can be used for data encryption.

It can also be used in digital signature algorithm. Easy to understand and operate, and very popular. calculate

The name of the law is named after the inventors: Ron Livingstone, Adi Chamil and.

Leonard Aderman. However, the security of RSA has not been proved theoretically.

The security of RSA depends on the decomposition of large numbers. Both public key and private key are big prime numbers.

(greater than 100 decimal places). Presumably, from a key and ciphertext

The difficulty of inferring plaintext is equivalent to decomposing the product of two large prime numbers.

Generation of key pair: select two large prime numbers, P and Q, and calculate:

n = p * q

Then randomly select the encryption key e, which needs e and (p- 1) * (q- 1).

Mutual quality. Finally, the decryption key d is calculated by Euclid algorithm, which meets the following requirements.

e * d = 1(mod(p- 1)*(q- 1))

Where n and d are also coprime. Sum of the number e

N is the public key and d is the private key. The two prime numbers P and Q are no longer needed and should be discarded.

Nobody knows. When encrypting information m (binary representation), first divide m into equal-length data.

Block m 1, m2, ..., mi, block length s, where 2 s.

The ciphertext should be:

Ci = mi^e (modern) (a)

When decrypting, the following calculations are performed:

Mi = ci^d (modern) (b)

RSA can be used for digital signature, and the scheme is to sign with formulas (a) and (b).

Type verification. In the specific operation, factors such as safety and large amount of M information are considered. Generally speaking, it is the first one.

Do hash operation.

Security of RSA.

The security of RSA depends on the decomposition of large numbers, but it has not been clear whether it is equivalent to the decomposition of large numbers.

Theoretically, because there is no proof to crack RSA, it is necessary to decompose large numbers. The existence of hypothesis

An algorithm that does not need to decompose large numbers can definitely be modified into a large number decomposition algorithm. At present,

Some variant algorithms of RSA have been proved to be equivalent to large number decomposition. Inverse decomposition n is the most obvious.

However, the attack method. Now, people have been able to decompose more than 140 decimal prime numbers. Therefore,

Depending on the specific application, the modulus n must be larger.

Speed of RSA:

Because of calculating large numbers, the fastest case of RSA is slower than DES 100 times, regardless of

Whether it is software implementation or hardware implementation. Speed has always been RSA's shortcoming. Generally speaking, it is only used for a small amount of data.

Encryption.

Selected ciphertext attack of RSA;

RSA is vulnerable to selective ciphertext attacks. Attackers usually disguise some kind of information.

(Blind), signed by the entity that owns the private key. Then, after calculation, it can get the letters it wants.

Rest. In fact, all attacks take advantage of the same weakness, which is the fact that power protection.

Multiplication structure with input:

(XM) d = x d * m d model n

As mentioned earlier, this inherent problem comes from the most useful feature of public key cryptosystem.

-Everyone can use the public key. However, this problem cannot be solved algorithmically, and the main measures are as follows.

Two: one is to adopt a good public key protocol to ensure that the entity is not related to other entities in the process of work.

Decrypt the generated information at will, and don't sign the information you know nothing about; The other is never.

When signing random documents sent by strangers, one-way HashFunction is used first.

Hash documents or use different signature algorithms at the same time. Several nos are mentioned in.

The same type of attack method.

Common mode attack of RSA.

If there are modules in the system, but different people have different E and D, the system will be dangerous.

Yes The most common situation is that the same information is encrypted with different public keys, which are modular and mutual.

Quality, then you can recover the information without the private key. Let p be plaintext and two encryption keys.

For e 1 and e2, the modulus * * * is n, then:

C1= p e1module number

C2 = P^e2 Modern

If the cryptanalyst knows n, e 1, e2, C 1 and C2, he can get p.

Because e 1 and e2 are coprime, R and S can be found by Euclidean algorithm, which satisfies:

r * e 1 + s * e2 = 1

Assuming that R is negative, it is necessary to calculate C 1 (- 1) by Euclid algorithm, then

(c 1^(- 1))^(-r)* c2^s = p modn

In addition, there are several other ways to attack by using common mode. In short, if we know the given modulus,

A pair of e and d is helpful for the attacker to decompose the modulus and calculate the others.

Paired e' and d' without the need to decompose the modulus. There is only one solution, and that is not to enjoy it.

Modulus n.

Small exponent attack of RSA. It's improved.

The suggestion of RSA speed is to make the public key e take a smaller value, which will make encryption easy to realize and speed up.

It has improved. But it is not safe to do so, and the way to deal with it is to take larger values for e and d.

RSA algorithm is the first algorithm that can be used for both encryption and digital signature, and it is also easy to understand and operate.

RSA is the most widely studied public key algorithm, and it has been nearly twenty years since it was put forward.

The test of this kind of attack is gradually accepted by people and is generally considered as one of the best public key schemes at present.

The security of RSA depends on the factorization of large numbers, but it has not been proved theoretically that RSA is difficult to decipher.

Degree is equivalent to the difficulty of large number decomposition. That is, one of RSA's major defects is that it can't grasp its confidentiality in theory.

How is it possible? Most cryptographers tend to think that factorization is not an NPC problem.

The disadvantages of RSA mainly include:

A) It is very troublesome to generate the key, which is limited by the prime number generation technology and difficult to complete at one time.

A secret. B) The packet length is too long. To ensure security, n should be at least 600 bits.

Above, the operation cost is very high, especially the speed is slow, which is several orders of magnitude slower than the symmetric cryptographic algorithm;

And with the development of large number decomposition technology, this length is still increasing, which is not conducive to the standardization of data formats.

At present, set (Secure Electronic Transaction) protocol requires CA to adopt 2048-bit length.

Other entities use a key of 1024 bits.

References:

/bbs/PrintPost.asp? ThreadID=465

CRC encryption and decryption algorithm

http://www.bouncycastle.org/