RSA Algorithm

JSS Mahavidyapeetha

Sri Jayachamarajendra College of Engineering (SJCE), Mysore – 570 006

An Autonomous Institute Affiliated to

Visvesvaraya Technological University, Belgaum

“Digital Signature”

Seminar report submitted in partial fulfillment of curriculum prescribed for the

award of the degree of

BACHELOR OF ENGINEERING IN

COMPUTER SCIENCE AND ENGINEERING

By

AnonymouS

(4JC**CS***)

Under the Guidance of

Ms.Bindu A

Assistant Professor,

Department of Computer Science and Engineering,

SJCE, Mysore

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

March 20**

JSS Mahavidyapeetha

Sri Jayachamarajendra College of Engineering (SJCE), Mysore – 570 006

An Autonomous Institute Affiliated to

Visvesvaraya Technological University, Belgaum

CERTIFICATE

This is to certify that the seminar titled “Digital Signature” is presented by Suman

Sanketh Hegde in partial fulfillment of the award of the degree of Bachelor of Engineering in

Computer Science and Engineering of Visvesvaraya Technological University, Belgaum

during the year 20**-20**. It is certified that all corrections / suggestions indicated during

seminar presentation have been incorporated in the report. The seminar report has been approved

as it satisfies the academic requirements in respect of seminar presentation prescribed for

Bachelor of Engineering degree.

Guide Panel Member Head of the Department

Ms. Bindu A H.C. Vijayalaxmi Prof. C. N. Ravikumar

Assistant Professor, Associate Professor, Professor & Head,

Dept of CS & E, Dept of CS & E, Dept of CS & E,

SJCE Mysore SJCE Mysore SJCE Mysore

Place : Mysore

Date : *********

ABSTRACT

Title : DIGITAL SIGNATURE IMPLEMENTATION

A digital signature or digital signature scheme is a mathematical scheme for

demonstrating the authenticity of a digital message or document. A valid digital signature gives a

recipient reason to believe that the message was created by a known sender such that they cannot

deny sending it (authentication and non-repudiation) and that the message was not altered in

transit (integrity). Digital signatures are commonly used for software distribution, financial

transactions, and in other cases where it is important to detect forgery or tampering.

We use RSA algorithm to show the encryption and decryption of the message here in this

document.

Acknowledgement

Apart from the efforts put in by me, the success of this seminar depends

largely on the encouragement and guidelines of many others. I take this opportunity to express

my gratitude to the people who have been and will be instrumental in the successful completion

of this seminar.

I would like to show my greatest appreciation to Ms. Bindu A, Asst. Professor, SJCE. Without

her encouragement and guidelines this seminar report would not have materialized.

The guidance and support received from all the faculty of department / institute and classmates

who contributed, was vital for the success of the seminar. I am grateful for their constant support

and help.

AnonymouS

USN : 4JC**CS***

TABLE OF CONTENTS

1. INTRODUCTION ..............................................................................6

1.1. AIM / OBJECTIVE ………………………………………………………...........6

1.2. EXISTING SYSTEM ……………………………………………………...….…6

1.3. PROPOSED SYSTEM …………………………………………………………..6

1.4. APPLICATIONS ……………………………………………………………...…7

2. PROPOSED SYSTEM………………………………………………......8

3. SYSTEM DESIGN……………………………………………………....12

3.1. TOOLS AND TECHNOLOGY USED ………………………………………....12

3.2. SYSTEM DESIGN ……………………………………………………………...12

3.3. SYSTEM IMPLEMENTATION………………………………………………...15

4. SYSTEM TESTING AND RESULTS………………………………….17

5. CONCLUSION ………………………………………………………….18

6. REFERENCES ………………………………………………………….19

CHAPTER – 1

INTRODUCTION

1.1. Aim of the System :

The goal of the system is to help send the messages from one user to another over a

network without letting other users to access the messages, so that the messages sent

over the network reaches the person it is meant to be without any changes in it. It also

helps keep the message private as it can only be accessed by the person who has the

public key of the sender of the message. It will help the receiver of the message to

identify the sender by the signature used to decrypt it.

1.2. Existing System :

Nowadays the messages sent from one person to another can be encrypted so that it

is not accessed by others. Many service providers such as Google, Yahoo etc provide

security for its users by encrypting the messages sent by its users. But in many peer to

peer sharing of messages, or in sending of messages without using any of the above

service providers, the message will need to be encrypted so as to secure its integrity. For

this purpose we can use any of the many available digital signature algorithms to provide

security to the messages exchanged between the users.

1.3. Proposed System :

In order to provide security to the users, so as to avoid the unauthorized access to the

messages exchanged by the users in any peer to peer websites or any other social

networking websites, we can use different algorithms of encryption to encrypt the

messages that are being exchanged by the users. This helps in securing privacy of the

conversation between the users and also helps in maintaining the integrity of the message

by not allowing unknown parties accessing the message and tampering with it.

In this system we use RSA algorithm which was developed by Ron Rivest, Adi

Shamir, and Leonard Adleman at MIT. This algorithm is a type of public key or

asymmetric cryptography. Asymmetric Cryptography involves two related keys, one of

which only the owner knows ie. private key and the other one which anyone can know ie

the public key.

The RSA algorithm involves three steps:

Key Generation

Encryption

Decryption

1.4. Applications :

This will help in providing secure systems for any communications between the end

users who are communicating via messages. It will also help in saving the integrity of

the message by avoiding any third-party interference with the message.

CHAPTER – 2

PROPOSED SYSTEM

A digital signature or digital signature scheme is a mathematical scheme for

demonstrating the authenticity of a digital message or document. A valid digital signature gives a

recipient reason to believe that the message was created by a known sender such that they cannot

deny sending it (authentication and non-repudiation) and that the message was not altered in

transit (integrity). Digital signatures are commonly used for software distribution, financial

transactions, and in other cases where it is important to detect forgery or tampering.

The proposed system will be implemented using RSA algorithm for the purpose of using

digital signature. This system will show how the messages are encrypted and decrypted using the

RSA algorithm.

The RSA algorithm has three main steps:

1.) Key Generation

2.) Encryption

3.) Decryption

1. Key generation

RSA involves a public key and a private key. The public key can be known to everyone and is

used for encrypting messages. Messages encrypted with the public key can only be decrypted in

a reasonable amount of time using the private key. The keys for the RSA algorithm are generated

the following way:

1. Choose two distinct prime numbers p and q.

2. Compute n = p q.

n is used as the modulus for both the public and private keys. Its length, usually

expressed in bits, is the key length.

3. Find the totient of n, φ(n)

φ(n) = φ(p)φ(q), where φ is Euler's totient function.

4. Choose an integer e such that 1 < e < φ(n) and gcd(e, φ(n)) = 1; i.e., e and φ(n)

are coprime.

e is released as the public key exponent.

5. Determine d which satisfies the congruence relation. de ≡ 1(mod φ(n)).

In other words pick d such that de-1 can be evenly divided by (p-1)(q-1),the totient.

This is often computed using the extended Euclidean algorithm. d is kept as the private

key exponent.

By construction, d⋅e ≡ 1 (mod φ(n)). The public key consists of the modulus n and

the public (or encryption) exponent e. The private key consists of the modulus n and the private

(or decryption) exponent d, which must be kept secret. p, q, and φ(n) must also be kept secret

because they can be used to calculate d.

2. Encryption

i. Person A transmits his/her public key (modulus n and exponent e) to person B,

keeping his/her private key secret.

ii. When person B wishes to send a message M to person A, he first converts M to an

integer such that 0<m<n by using agreed upon reversible protocol known as a

padding scheme.

iii. Person B computes, with Person A’s public key information, the cipher text c

corresponding to c ≡ me (mod n).

iv. Person B now sends message "M" in cipher text, or c, to Person A.

3. Decryption

i. Person A recovers m from c by using his/her private key exponent, d, by the

computation m ≡ cd (mod n).

ii. Given m, Person A can recover the original message "M" by reversing the

padding scheme.

This procedure works since

c ≡ me (mod n),

cd ≡(m

e)d (mod n),

cd ≡ m

de (mod n).

By the symmetry property of mods we have that

mde

≡ mde

(mod n).

Since de = 1 + kϕ(n), we can write

mde

≡ m1 + kϕ(n)

(mod n),

mde

≡ m(mk)ϕ(n)

(mod n),

mde

≡ m (mod n).

From Euler's Theorem and the Chinese Remainder Theorem, we can show that

this is true for all m and the original message

cd ≡ m (mod n), is obtained.

RSA algorithm is based on a very simple number-theoretical idea, and yet it has been

able to resist all cryptanalytic attacks. The idea is a clever use of the fact that, while it is easy to

multiply two large primes, it is extremely difficult to factorize their product.

Thus, the product can be publicized and used as the encryption key. The primes

themselves cannot be recovered from the product and are used for decryption. There is no formal

proof whatsoever that factorization is intractable or is intractable in the special case needed for

RSA, and that factorization is needed for the cryptanalysis of the RSA.

RSA algorithm simply capitalizes on the fact that there is no efficient way to factor very

large integers. The security of the whole algorithm relies on that fact. If someone comes up with

an easy way of factoring a large number, then that’s the end of the RSA algorithm. Then any

message encrypted with the RSA algorithm is no more secure.

The security of RSA algorithm depends on the ability of the hacker to factorize numbers. Newer

faster and better methods for factoring numbers are constantly being devised. The current best

for long numbers of the number field sieve. Prime number of a length that was unimaginable a

mere decade ago can now be factored easily. Obviously the larger the number is, the harder it is

to fact and so the better the security of RSA.As theory and computers improve large and larger

keys will have to be used.

The disadvantage in using extremely long keys is the computational overhead involved in

encryption/decryption. This will only become a problem if a new factoring technique emerges

that requires keys of such lengths to be used that necessary key length increase much faster than

the increasing average speed of computers utilizing the RSA algorithm.

DISADVANTAGES OF RSA

RSA is a highly secure algorithm, provided the keys are generated properly, the only way

to attack is to perform a brute- force attack on the modulus. This attack can be simply defeated

by increasing the key size.

However this approach can lead to a number of problems:

Increased processing time – Decryption time increases approximately eight fold

times as key sizes double.

Increased key storage requirement – Key storage requires significant amount of

memory for storage.

Furthermore, key generation is complex and time consuming. Time increases considerably as the

key size increases.

Three possible approaches to attacking the RSA algorithm are as follows:

Brute force: This involves trying all possible private keys.

Mathematical attacks: There are several approaches, all equivalent in effect to factoring

the product of two primes.

Timing attacks: This depends on the running time of the decryption algorithm.

CHAPTER – 3

SYSTEM DESIGN

3.1. Tools and Technology Used :

The tools and technologies used in the implementation of RSA algorithm are C, a

compiler such as Borland C or turbo C, and Dosbox to run turbo c in a 64-bit system.

3.2. System Design :

A digital signature scheme typically consists of three algorithms:

A key generation algorithm that selects a private key uniformly at random from a set of

possible private keys. The algorithm outputs the private key and a corresponding public key.

A signing algorithm that, given a message and a private key, produces a signature.

A signature verifying algorithm that, given a message, public key and a signature, either

accepts or rejects the message's claim to authenticity.

Two main properties are required. First, a signature generated from a fixed message and

fixed private key should verify the authenticity of that message by using the corresponding

public key. Secondly, it should be computationally infeasible to generate a valid signature for a

party who does not possess the private key.

To create RSA signature keys, generate an RSA key pair containing a modulus N that is the

product of two large primes, along with integers e and d such that e d ≡ 1 (mod φ(N)), where φ is

the Euler phi-function. The signer's public key consists of N and e, and the signer's secret key

contains d.

To sign a message m, the signer computes σ ≡ md (mod N). To verify, the receiver checks that

σe ≡ m (mod N).

As noted earlier, this basic scheme is not very secure. To prevent attacks, one can first apply

a cryptographic hash function to the message m and then apply the RSA algorithm described

above to the result. This approach can be proven secure in the so-called random oracle model.

Most early signature schemes were of a similar type: they involve the use of a trapdoor

permutation, such as the RSA function, or in the case of the Rabin signature scheme, computing

square modulo composite n. A trapdoor permutation family is a family of permutations, specified

by a parameter, that is easy to compute in the forward direction, but is difficult to compute in the

reverse direction without already knowing the private key. However, for every parameter there is

a "trapdoor" (private key) which when known, easily decrypts the message. Trapdoor

permutations can be viewed as public-key encryption systems, where the parameter is the public

key and the trapdoor is the secret key, and where encrypting corresponds to computing the

forward direction of the permutation, while decrypting corresponds to the reverse direction.

Trapdoor permutations can also be viewed as digital signature schemes, where computing the

reverse direction with the secret key is thought of as signing, and computing the forward

direction is done to verify signatures. Because of this correspondence, digital signatures are often

described as based on public-key cryptosystems, where signing is equivalent to decryption and

verification is equivalent to encryption, but this is not the only way digital signatures are

computed.

Used directly, this type of signature scheme is vulnerable to a key-only existential forgery attack.

To create a forgery, the attacker picks a random signature σ and uses the verification procedure

to determine the message m corresponding to that signature. In practice, however, this type of

signature is not used directly, but rather, the message to be signed is first hashed to produce a

short digest that is then signed. This forgery attack, then, only produces the hash function output

that corresponds to σ, but not a message that leads to that value, which does not lead to an attack.

In the random oracle model, this hash-then-sign form of signature is existentially unforgeable,

even against a chosen-message attack.

There are several reasons to sign such a hash (or message digest) instead of the whole document.

For efficiency: The signature will be much shorter and thus save time since hashing is

generally much faster than signing in practice.

For compatibility: Messages are typically bit strings, but some signature schemes operate

on other domains (such as, in the case of RSA, numbers modulo a composite number N). A

hash function can be used to convert an arbitrary input into the proper format.

For integrity: Without the hash function, the text "to be signed" may have to be split

(separated) in blocks small enough for the signature scheme to act on them directly.

However, the receiver of the signed blocks is not able to recognize if all the blocks are

present and in the appropriate order.

An Example to show the working of RSA algorithm

Section1. Generating Public and Private Keys

First, before any transmission happens, the Server calculates its public and secret keys. Here

is how.

1.1) pick two prime numbers, we'll pick p = 3 and q = 11

1.2) calculate n = p * q = 3 * 11 = 33

1.3) calculate z = ( p - 1 ) * ( q - 1 ) = ( 3 - 1 ) * ( 11 - 1 ) = 20

1.4) choose a prime number k, such that k is co-prime to z, i.e, z is not divisible by k. We

have several choices for k: 7, 11, 13, 17, 19. Let's pick k=7 (smaller k, "less math").

1.5) So, the numbers n = 33 and k = 7 become the Server's public key.

1.6) Now, still done in advance of any transmission, the Server has to calculate it's secret

key. Here is how.

1.7) k * j = 1 ( mod z )

1.8) 7 * j = 1 ( mod 20 )

1.9) ( 7 * j ) / 20 = ? with the remainder of 1 (the "?" here means: "something, but don't wory

about it"; we are only interested in the remainder). Since we selected (on purpose) to work

with small numbers, we can easily conclude that 21 / 20 gives "something" with the

remainder of 1. So, 7 * j = 21, and j = 3. This is our secret key. We MUST NOT give this

key away.

Now, after the Server has done the above preparatory calculations in advance, we can begin

our message transmission from our Browser to the Server. First, the Browser requests from

the Server, the Server's public key, which the Server obliges, i.e., it sends n=33 and k=7 back

to the Browser. Now, we said that the Browser has a Plain message P=14, and it wants to

encrypt it, before sending it to the Server. Here is how the encryption happens on the

Browser.

Section 2. Encrypting the message Here is the encryption math that Browser executes.

2.1) P ^ k = E ( mod n )

"^" means "to the power of"

P is the Plain message we want to encrypt

n and k are Server's public key (see Section 1)

E is our Encrypted message we want to generate

After plugging in the values, this equation is solved as follows:

2.2) 14 ^ 7 = E ( mod 33 )

This equation in English says: raise 14 to the power of 7, divide this by 33, giving the

remainder of E.

2.3) 105413504 / 33 = 3194348.606

2.4) 3194348 * 33 = 10541348

2.5) E = 105413504 - 10541348 = 20

So, our Encrypted message is E=20. This is now the value that the Browser is going to send

to the Server. When the Server receives this message, it then proceeds to Decrypt it, as

follows.

Section 3. Decrypting the Message

Here is the decryption math the Server executes to recover the original Plain text message

which the Browser started with.

3.1) E ^ j = P ( mod n)

E is the Encrypted message just received

j is the Server's secret key

P is the Plain message we are trying to recover

n is Server's public key (well part of; remember that Server's public key was calculated in

Section 1 as consisting of two numbers: n=33 and k=7).

After plugging in the values:

3.2) 20 ^ 3 = P ( mod 33 )

3.3) 8000 / 33 = ? with the remainder of P. So to calculate this remainder, we do:

3.4) 8000 / 33 = 242.424242...

3.5) 242 * 33 = 7986

3.6) P = 8000 - 7986 = 14, which is exactly the Plain text message that the Browser started

with!

3.3 System Implementation

#include<stdio.h>

#include<conio.h>

#include<math.h>

void main()

{

double p,q,n,m,e,k,z,d1,c1,c2,y;

double d,l,x,c,d2;

clrscr();

printf("The P,Q Primary values:");

scanf("%lf%lf",&p,&q);

n=p*q;

printf("N value is %lf",n);

k=(p-1)*(q-1);

printf("\n K(n) value is:%lf",k);

printf("\n Enter the Integer which is relative to the prime to the K(n)");

scanf("%lf",&e);

d2=pow(e,-1);

d=fmod(d2,k);

printf("%lf",&d);

printf("\n Enter the plain text number ");

scanf("%lf",&m);

d1=pow(m,e);

c=fmod(d1,n);

printf("\n Encryption of the plain text:%lf\n",c);

c2=pow(d1,d);

x=fmod(c2,n);

printf("\n Decryption of the plain text: %lf\n",x);

getch();

}

CHAPTER 4

SYSTEM TESTING AND RESULTS

CHAPTER – 5

CONCLUSION

This paper shows a method of implementing the RSA algorithm in order to provide

security and maintain integrity of a message that is exchanged between two users. The above

algorithm allows a user to identify the message, whether it was sent from a trusted party or not.

The RSA algorithm is based on the fact that it is far more difficult to factorize a product of two

primes than it is to multiply the two primes. Factoring n is the best known attack against RSA to

date. It cannot guarantee 100% security, only added protection.

REFERENCES

1. www.wikipedia.org -Digital_signature.

2. www.wikipedia.org -RSA_(algorithm)

3. Cryptography And Network Security by Behrouz A.Forouzan and Debdeep

Mukhopadhyay