RSA algorithm and CRT in program

最新推荐文章于 2022-12-26 16:34:16 发布
最新推荐文章于 2022-12-26 16:34:16 发布
阅读量2k 收藏 1
点赞数
分类专栏: c# 文章标签: rsa crt encryption decryption Extended Euclidean
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/scruffybear/article/details/51830771
版权

Explained the way to compute the RSA encryption and decryption in C sharp program, and also the way to calculate of the private key provided you know the public key, P and Q by using the extended Euclidean algorithm, reference to the Python implementation of RSA.

Testing material with RSA

For understand the using CRT with RSA, refer to this Link. And I am not going to explain the detail as I am not quite familiar with the math in detail myself.

As long as CRT will speed up the computing of RSA, here suppose we have all the detail as Public modulus, Public Exponent, P, Q, DP1, DQ1 and PQ, we use example as below, as I have tested it, it is valid,

0x80 length of public modulus, below is the value.

83934BA65BFC8C67C9394F1AFA9D3F1025BD8DC13B566B364463A6E2F772391C722D070BA4ED2CDC1A46DD58F1C187BA6153472B63FDF568B32D34F4464528E6711BDE6DC27A8EDCD0631014CC5855DBD6DE73B506044B0B0F2F06082AF68F185F1F88804CF9A71B04864453F029701E2E976340911E97C0B7127DDDD07C4AB7

Public Exponent,below is the value

010001

0x40 – length of P, below is the value,

BBC7927F74C2A55E988059F01FF75011A9ED035C1133D1689079E6AADEDDC641FF7949B15795712A4BDC66FD881D33A1A86FA257291BFF9BB9623410F0D16797

0x40– length of Q, below is the value,

B3607464B59AD805B5E46B47E73C59125140F41DD7384281F11092BF8216D5E3A4F02BA06ECEE0E2A0D9EB511B5AEACA26CF2FFEB46F290B5806556BF39199E1

0x40– length of DP1, below is the value,

B4F74D78E5D69C3680F3D93930255095E55454538B048C40A053CA784BD621360376290DEEE147B14270C3147CF3DF8960E14CEB80E3C9BF92B650852F00303B

0x40– length of DQ1, below is the value,

14DD484C9A8F1B4776C3CDF2BC23D9DC76950E9016039640D5106F71552960D1ACD2BED057733AD7418C7781A4A3EBA17DE8259603D8D6365A93CA05D77BFD21

0x40– length of PQ, below is the value,

998F654098C0B83C27D4E55C562FEB9F3774D1B5F850422BDA573973CEBA520614E74527B9CF6D874181741DD3C01E4A488782BC3194EACCA8F6F78661D76C75

Private exponent(d) as below,

4EDD50F0CC1E1A4273386893F137A37F183FFFE19CA175EDB71C4C01AAF3CA0BA4DC1C66FC5A351350A4BD33FCE455687FC19CDD03384B8A902B3E9C542A4C12C812D25464DAB78815D2C8287FFA35949697B83EEEC437F6C92FA22149DDD5336C7A8A10CF165F3EED42F4FBFC362493D7D68C3641A0D36CFA015EBB6188DE81

We use below value as the plain text to encrypt:

004AA63B4EB37767D863C8EF8139E1DE8A04DDD7FC96C8C0897B0094F95736DA28C79B8862F636327CABD310251BB2169F2A9692D5C434B9CE627E88FD3591AED6B693557D60A44F1CA53321B83F9C4EC11CF8F75F46AD39ECD318542299587E1A4638AF03F98C338F0043E2DD917F4C2CC67B490FE7323A25BE480B7BED469E

Encrypted text as below,

6ED55DE6502C37EC2D4AA5B88752EEE88F89F246AE49432B4C02058CFADAB08A716049EDC04BE4CC1B40C889C3F726671A5E5CFD5CAEECAE01DB5FA06B7745DC7DE56818D2D0179F50EAF9C328CAB16303D5D47E30A98F477B9A9C76AE4017568F341944A832A0CF747A8FB93322D884D7F9D0DBE3737C39E44BF0954090ACD2

Can use this link to verify the RSA encryption and decryption result.

Verify the CRT parameters are valid

The interface of the RSA computing GUI is as below screenshot shows,

RSA_Calculator

Make sure you have the correct version Visual studio to import "System.Numerics" support. as below screenshot,

RSA_Calculator_Numerics


To convert from hex string on the GUI to the byte array, can refer to this Link, by using below methods,

public static byte[] ConvertToByteArray(string value)

Convert all the RSA parameters to the BigIntegers, 

BigInteger P = Program.FromBigEndian(P2);
BigInteger Q = Program.FromBigEndian(Q2);
BigInteger DP = Program.FromBigEndian(DP2);
BigInteger DQ = Program.FromBigEndian(DQ2);
BigInteger InverseQ = Program.FromBigEndian(InverseQ2);
BigInteger E = Program.FromBigEndian(Exponent2);
BigInteger M = Program.FromBigEndian(Modulus2);
BigInteger M1 = BigInteger.Multiply(P, Q); // M = P*Q

Verify M = P*Q

if (M1.CompareTo(M) == 0)
{
    //MessageBox.Show("Modulus is correct!");
}
else
{
    MessageBox.Show("Modulus is not correct as M!=P*Q");
    return;
}

Calculate the private key D,

BigInteger PMinus1 = BigInteger.Subtract(P, BigInteger.One); // P-1
BigInteger QMinus1 = BigInteger.Subtract(Q, BigInteger.One); // Q-1
BigInteger Phi = BigInteger.Multiply(PMinus1, QMinus1);
BigInteger D1 = Program.modinv(E, Phi);
Here the Program.modinv(E, Phi) is to use the Extended Euclidean algorithm to calculate the modular inverse, the result is the private key D, E is the public key, refer to this link. The source code is as below, 

public static BigInteger modinv(BigInteger u, BigInteger v)
{
   BigInteger inv, u1, u3, v1, v3, t1, t3, q;
   BigInteger iter;
   /* Step X1. Initialise */
   u1 = 1;
   u3 = u;
   v1 = 0;
   v3 = v;
   /* Remember odd/even iterations */
   iter = 1;
   /* Step X2. Loop while v3 != 0 */
   while (v3 != 0)
   {
       /* Step X3. Divide and "Subtract" */
       q = u3 / v3;
       t3 = u3 % v3;
       t1 = u1 + q * v1;
       /* Swap */
       u1 = v1; v1 = t1; u3 = v3; v3 = t3;
       iter = -iter;
   }
   /* Make sure u3 = gcd(u,v) == 1 */
   if (u3 != 1)
       return 0;   /* Error: No inverse exists */
       /* Ensure a positive result */
       if (iter < 0)
           inv = v - u1;
       else
           inv = u1;
       return inv;
}

After calculate the private key D, display on the GUI.

Verify the DQ,

BigInteger DQ1 = BigInteger.Remainder(D, QMinus1); // dQ = (1/e) mod (q-1)
if (DQ1.CompareTo(DQ) == 0)
{
    //Console.WriteLine("  DQ Ok :)");
}
else
{
    MessageBox.Show("DQ1 is not correct as dQ = (1/e) mod (q-1)");
    return;
}

Verify DP, 

BigInteger DP1 = BigInteger.Remainder(D, PMinus1); // dP = (1/e) mod (p-1)
if (DP1.CompareTo(DP) == 0)
{
    //Console.WriteLine("  DP Ok :)");
}
else
{
    MessageBox.Show("DP1 is not correct as dP != (1/e) mod (p-1)");
    return;
}

Verify PQ, 

//qInv = (1/q) mod p
BigInteger InverseQ1 = Program.modinv(Q, P);
if (InverseQ1.CompareTo(InverseQ) == 0)
{
   //Console.WriteLine("  qInv = (1/q) mod p Ok :)");
}
else
{
   MessageBox.Show("InverseQ1 is not correct as qInv = (1/q) mod p");
   return;
}

RSA encryption and decryption

By using the C# function to encrypt and decrypt, there will be length restriction, 1024 bit length key may only encrypt 117 bytes material, refer to this link (Modulus size - 11. (11 bytes is the minimum padding possible.)). ,

rsa.ImportParameters(Program.key);
byte[] encoded = rsa.Encrypt(input, false);
//   byte[] encoded = rsa.Decrypt(input, false);

instead I am using the BigInteger calculation, but not sure it will work in all the case, but at least it works at my example material above,

BigInteger c = Program.FromBigEndian(input);
BigInteger m = BigInteger.ModPow(c, D, M); //decrypt
//BigInteger c = BigInteger.ModPow(m, E, M); //encrypt if it is encryption, it will like this line..

byte[] Plaintext = ConvertToByteArray(m.ToString("X"));

if (Plaintext[0] == 0x0)
{
    byte[] newPlaintext = new byte[Plaintext.Length - 1]; //remove the first 0x00
    Array.Copy(Plaintext, 1, newPlaintext, 0, Plaintext.Length - 1);
    result_txt.Text = ByteArrayToHex(newPlaintext);  //remove first 0
}
else
{
    result_txt.Text = ByteArrayToHex(Plaintext);
}

String, Array, BigInteger convert in process

As above mentioned, to convert from hex string on the GUI to the byte array, can refer to this Link, by using below methods,

public static byte[] ConvertToByteArray(string value)
After converted to byte array, then converted to BigInteger, here if the highest bit is 1, needs to add 0x00 at the beginning to prevent the negative value, and we can see there is Array.Reverse() function call, it seems Microsoft BigInteger is LittleEndian, 

public static BigInteger FromBigEndian(byte[] p)
{
    Array.Reverse(p);
    if (p[p.Length - 1] > 127)
    {
       Array.Resize(ref p, p.Length + 1);  //this is to prevent the negative value.
       p[p.Length - 1] = 0;
    }
    return new BigInteger(p);
}

It is much easier to convert from BigInteger to the hex string and display on the GUI, 

byte[] C = ConvertToByteArray(c.ToString("X"));
result_txt.Text = ByteArrayToHex(C);

RSA compute in Python

There is Python program available online to calculate RSA, refer to this Link, and source code download from Here. The software screenshot is as below,

RSA_Calculator_Python




Reference:

1, RSA Algorithm in Wiki

2, Extended Euclidean algorithm in Wiki

3, Using the CRT with RSA

4, Finding the modular inverse  

5,  RSACryptoServiceProvider.Encrypt Method (Byte[], Boolean)

6, Big number equation calculation

7, how-to-calculate-d-for-rsa-encryption-from-p-q-and-e

8,  http://www.di-mgt.com.au/euclidean.html#extendedeuclidean

9, http://www.di-mgt.com.au/crt_rsa.html

10, Why is RSAParameters Modulus not equal product of P and Q?

11, Mapping RSA Encryption Parameters from CRT (Chinese remainder theorem) to .NET format

12, RSA: Private key calculation with Extended Euclidean Algorithm

13, RSA Encryption Problem [Size of payload data]

14, Signing a byte array of 128 bytes with RSA in C sharp

15, Bad length in RSACryptoserviceProvider 

16, Converting Hex String To Corresponding Byte Array Using C#

Below references are for the Python implement RSA computing,

17, http://nmichaels.org/rsa.py

18, https://pypi.python.org/pypi/rsa#downloads

19, https://stuvel.eu/python-rsa-doc/usage.html#key-size-requirements

20, https://bitbucket.org/nmichaels/rsatool/src

21, https://pypi.python.org/pypi/pycrypto

scruffybear
关注
专栏目录
java远程计算机终止,java - javax.net.ssl.SSLHandshakeException:远程主机终止了握手 - 堆栈内存溢出...
weixin_34933151的博客
07-28 7533
我已经使用以下命令在Java信任库(cacerts)中安装了证书:keytool-导入-文件“ C:\\ Users \\ kdursoji \\ Downloads \\ ZscalerRootCertificate-154478.crt” -keystore“ C:\\ Program Files \\ Java \\ jre-9.0.4 \\ lib \\ security \\ cacer...
给Jenkins加https证书
游侠之魂的专栏
08-18 3138
一、步骤详解 1.生成CA私钥 openssl genrsa -out CA/cakey.pem2048 2.使用CA私钥生成CA证书 openssl req -new -x509 -key CA/cakey.pem-out cacert.pem (需指定一个密码) 3.生成服务器私钥 openssl genrsa -out CA/private/server.key2048 4.生成服务器证书请求文件 openssl req -new -key CA/private/ser...
RSA_ALGORITHM
02-17
小组成员: ZAINAB SOHAIB(63726) AYESHA SIDDIQUI(63652) 赛义德·阿萨德·阿里·卡兹米(63610) 汉莎·萨勒姆(63712) 项目:密码系统 项目详情: 我们开发了一种加密系统,在其中使用了两种方法来执行文本的加密和解密。 第一个是MD5加密/解密,第二个是RSA加密/解密。 MD5由Ronald Rivest于1991年设计,以取代较早的哈希函数MD4 [4],并于1992年指定为RFC 1321。 这种MD5算法在世界上非常普遍。 它是一个哈希函数,可产生128位哈希值。 由于MD5最初被开发为用作加密哈希函数,因此据说它具有广泛的脆弱性。 该方法仍然可以用作校验和以证明数据完整性。 它适用于各种非加密目的,例如,用于确定分区数据库中特定密钥的分区。 MD5由Ronald Rivest于1991年设计,以替代较早的哈希函数MD
RSA Algorithm
weixin_33890499的博客
11-09 174
Parameters: p , q (private, chosen) n=p*q (public, calculated) e (public, chosen) d (private, calculated) e*d mod=1. =(p-1)*(q-1); 转载于:https://www.cnblog...
RSA algorithm
littlecjx
07-10 671
RSA is the most important encryption algorithm,which is a Public-key algorithm. It was put forward by Ron Rivest, Adi Shamir and Len Adleman in 1977. The content of ARS algorithm is demonstrate by the
Error Correction coding——mathematical methods and algorithms
03-10
List of Program Files xxxi List of Laboratory Exercises XXXii List of Algorithms d V List of Figures XI List of Tables xlii List of Boxes Xliii Part I Introduction and Foundations 1 A Context for ...
svn使用
热门推荐
万维网
07-26 1万+
TortoiseSVN • 你是否在一个团队中工作?• 是否发生过这样的情况: 当你在修改一个文件时,其他人也在修改这个文件?而你是否因此丢失过自己所作的修改呢?• 是否曾经保存完一个修改,然后又想把个文件恢复到修改以前的状态?是否曾经希望能够看到一个文件以前某个时间点的状态?
[密码学复习]Cryptography
Azhang_的博客
11-30 4467
整合 Week 2对称加密 Two requirements: A strong encryption algorithm A secret key known only to participants. 1. 有三部分构成: 1.加密算法 2.可能使用的密钥数量:数量越大越安全 3.text文本的处理:分为stream ciphers整段传输和block ciphers, 将文本切成固定块大小传输 2. 密码攻击有以下几种: Ciphertext only, Known plaintext, Ch
中国剩余定理CRTRSA中的运用
08-13
中国剩余定理 (孙子定理) chinese remainder theorem在飞对称加密 RSA加密中加速的运用
RSA-CRT 使用中国剩余定理CRTRSA算法进行解密
qq_43589852的博客
11-06 8659
使用中国剩余定理CRT以及欧拉定理对RSA进行解密,可以提高RSA算法解密的速度。本文介绍了使用中国剩余定理CRTRSA算法进行解密的流程
rsa-crt算法有快速幂和robin-miller算法,精简的py语言实现代码
weixin_35756690的博客
12-26 235
RSA-CRT 算法是用于加速 RSA 密钥的模幂运算的一种方法。这种方法通过使用 Chinese Remainder Theorem(中国剩余定理)来减少计算量,从而提高效率。 下面是 RSA-CRT 算法的 Python 代码实现: defrsa_crt(m: int, d: int, p: int, q: int, dp: int, dq: int) -> int: qinv ...
RSA中的中国剩余定理(CRT)和多素数(multi-prime)
Network/Storage/Linux Kernel
03-23 1万+
RSA的中国剩余定理(CRT)和多素数(multi-prime) 写了个代码,方便计算大数运算: git@github.com:mrpre/bn_tool.git 本片中的运算都可以使用这个工具进行计算。 传统方式计算RSA公钥私钥 RSA公钥私钥生成 两个大素数p,q,计算n = p*q 计算phi(n),因为p,q是素数,所以phi(n) = (p-1)*(q-1) 随机取...
rsa-crt算法,带时间记录,效率分析,可视化交互的尽可能精简的py语言实现代码...
weixin_35751194的博客
12-26 208
RSA-CRT (RSA Chinese Remainder Theorem) 算法是一种用于加速 RSA 密钥解密的算法。 下面是一个可视化交互的、使用 Python 语言实现的 RSA-CRT 算法的简短代码示例: ```python import time def rsa_crt(c, d, p, q): # 计算 p、q 的欧拉函数值 phi_p = p - 1 p...
rsa-crt算法高效率,多注释,带时间记录,尽可能少的行数的c语言实现代码
weixin_35755434的博客
12-26 137
以下是 RSA-CRT 算法的 C 语言实现代码,带有注释和时间记录功能,尽可能简洁: #include <stdio.h> #include <stdlib.h> #include <time.h> // 计算 (a * b) % m long long mulmod(long long a, long long b, long long m) { lon...
rsa-crt算法高效率,多注释,带时间记录,图形化交互的c语言实现代码
weixin_42588672的博客
12-26 96
RSA-CRT 算法是一种用于加密和解密的算法,可以用来保护数据的安全性。 下面是一个使用 C 语言实现 RSA-CRT 算法的代码,注释很详细,并且带有时间记录和图形化交互的功能: ``` #include <stdio.h> #include <stdlib.h> #include <string.h> #include <time.h> #in...
rsa-crt算法超高效率很高级的精简py语言实现的完整代码
weixin_35756637的博客
12-26 137
RSA-CRT (Rivest–Shamir–Adleman with Chinese Remainder Theorem) 是一种用于解决数字签名问题的算法。它的高效率来自于利用中国剩余定理进行快速幂计算。 下面是一个使用 Python 语言实现 RSA-CRT 算法的完整代码示例: def rsa_crt(c, dp, dq, p, q): # 计算模 p 和模 q 的幂次 m...
RSA1024的CRT模式
最新发布
05-17
RSA1024是一种公钥加密算法,CRT模式是一种优化RSA算法的方法。CRT模式可以将RSA算法中的模数分解为两个质数的乘积,从而加快加解密的速度。 具体来说,CRT模式将RSA算法中的模数n分解为p和q的乘积,即n = p*q。然后根据欧拉函数φ(n) = (p-1)*(q-1)计算出d和e,其中e是公钥指数,d是私钥指数。接下来,将d和e分别表示为dP、dQ、qInv的CRT表示形式,即dP ≡ d mod (p-1),dQ ≡ d mod (q-1),qInv ≡ q^(-1) mod p。这样,在加解密过程中,可以利用CRT表示形式对指数进行分解,从而加速计算。 具体的加解密过程如下: 加密: 1. 获取公钥e和模数n 2. 将明文m转换为一个整数M,使M < n 3. 计算密文C = M^e mod n 解密: 1. 获取私钥dP、dQ、qInv和模数n 2. 将密文C分别计算出Cp = C^dP mod p和Cq = C^dQ mod q 3. 计算出mp = Cq*qInv mod p 4. 计算出mq = Cp*pInv mod q,其中pInv是p的乘法逆元 5. 计算出明文m = (mp*q + mq*p) mod n 这样,利用CRT模式进行加解密可以减少重复计算,从而提高RSA算法的速度。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值