ComSec作业三
- 1、证明RSA算法的加密和解密互逆
- 2、Perform encryption and decryption using the RSA algorithm, as in Figure 9.5, for the following:
- 3、In a public-key system using RSA, you intercept the ciphertext C = 20 sent to user whose public key is e=13, n=77. What is the plaintext M?
- 4、In an RSA system, the public key of a given user is e=65, n=2881.What is the private key of this user?
1、证明RSA算法的加密和解密互逆
证明如下:
∵
e
d
≡
1
(
m
o
d
λ
(
n
)
)
ed \equiv 1 \pmod {\lambda (n)}
ed≡1(modλ(n))
∴ e d = k λ ( n ) + 1 ed=k\lambda(n)+1 ed=kλ(n)+1
∴ λ ( n ) = L C M ( p − 1 , q − 1 ) \lambda(n)=LCM(p-1,q-1) λ(n)=LCM(p−1,q−1)
∴ p − 1 ∣ λ ( n ) , q − 1 ∣ λ ( n ) , 即 λ ( n ) = k ′ ( p − 1 ) p-1|\lambda(n),q-1|\lambda(n),即\lambda(n)=k'(p-1) p−1∣λ(n),q−1∣λ(n),即λ(n)=k′(p−1)
∴ e d = k k ′ ( p − 1 ) + 1 ed=kk'(p-1)+1 ed=kk′(p−1)+1
∵ a p − 1 ≡ 1 ( m o d p ) , ( a p − 1 ) k ≡ 1 ( m o d p ) a^{p-1}\equiv 1 \pmod p,(a^{p-1})^k\equiv 1 \pmod p ap−1≡1(modp),(ap−1)k≡1(modp)
∴ m e d − 1 ≡ 1 m o d p m^{ed-1} \equiv 1 \mod p med−1≡1modp
∴ m e d ≡ m m o d p m^{ed} \equiv m \mod p med≡mmodp
同理: m e d ≡ m m o d q m^{ed} \equiv m \mod q med≡mmodq
{ m e d ≡ m m o d p m e d ≡ m m o d q \left \{ \begin{array}{c} m^{ed} \equiv m \mod p \\ m^{ed} \equiv m \mod q \end{array} \right. {med≡mmodpmed≡mmodq
∴ m e d ≡ m m o d ( p q ) m^{ed} \equiv m \mod (pq) med≡mmod(pq)
即∴ m e d ≡ m m o d n m^{ed} \equiv m \mod n med≡mmodn
(想想CRT,这里就是一个简单的道理:两个互素的数能被某个数整除,则这个数是不是至少是它们两个的积)
故 m = m e d m o d n = c d m o d n m=m^{ed} \mod n =c^d \mod n m=medmodn=cdmodn,反过来也有 c = c e d m o d n = m e m o d n c=c^{ed} \mod n =m^e \mod n c=cedmodn=memodn
2、Perform encryption and decryption using the RSA algorithm, as in Figure 9.5, for the following:
a : p = 3 ; q = 7 ; e = 5 ; M = 10 a:p=3;q=7;e=5;M=10 a:p=3;q=7;e=5;M=10
解:
n = p q = 12 n=pq=12 n=pq=12
故密文为: C = M e m o d n = 19 C=M^e \mod n=19 C=Memodn=19
又 ϕ ( n ) = ( p − 1 ) ( q − 1 ) = 12 \phi (n)=(p-1)(q-1)=12 ϕ(n)=(p−1)(q−1)=12
e d ≡ 1 m o d ϕ ( n ) ed \equiv 1 \mod \phi(n) ed≡1modϕ(n)
由egcd算法的: d = 5 d=5 d=5
所以解密为: M = C d m o d n = 10 M=C^d \mod n =10 M=Cdmodn=10
b : p = 5 ; q = 13 ; e = 5 ; M = 8 b:p=5;q=13;e=5;M=8 b:p=5;q=13;e=5;M=8
解:
n = p q = 65 n=pq=65 n=pq=65
故密文为: C = M e m o d n = 8 C=M^e \mod n=8 C=Memodn=8
又 ϕ ( n ) = ( p − 1 ) ( q − 1 ) = 48 \phi (n)=(p-1)(q-1)=48 ϕ(n)=(p−1)(q−1)=48
e d ≡ 1 m o d ϕ ( n ) ed \equiv 1 \mod \phi(n) ed≡1modϕ(n)
由egcd算法的: d = 29 d=29 d=29
所以解密为: M = C d m o d n = 8 M=C^d \mod n =8 M=Cdmodn=8
c : p = 7 ; q = 17 ; e = 11 ; M = 11 c:p=7;q=17;e=11;M=11 c:p=7;q=17;e=11;M=11
解:
n = p q = 119 n=pq=119 n=pq=119
故密文为: C = M e m o d n = 114 C=M^e \mod n=114 C=Memodn=114
又 ϕ ( n ) = ( p − 1 ) ( q − 1 ) = 96 \phi (n)=(p-1)(q-1)=96 ϕ(n)=(p−1)(q−1)=96
e d ≡ 1 m o d ϕ ( n ) ed \equiv 1 \mod \phi(n) ed≡1modϕ(n)
由egcd算法的: d = 35 d=35 d=35
所以解密为: M = C d m o d n = 11 M=C^d \mod n =11 M=Cdmodn=11
d : p = 7 ; q = 13 ; e = 11 ; M = 2 d:p=7;q=13;e=11;M=2 d:p=7;q=13;e=11;M=2
解:
n = p q = 91 n=pq=91 n=pq=91
故密文为: C = M e m o d n = 46 C=M^e \mod n=46 C=Memodn=46
又 ϕ ( n ) = ( p − 1 ) ( q − 1 ) = 72 \phi (n)=(p-1)(q-1)=72 ϕ(n)=(p−1)(q−1)=72
e d ≡ 1 m o d ϕ ( n ) ed \equiv 1 \mod \phi(n) ed≡1modϕ(n)
由egcd算法的: d = 59 d=59 d=59
所以解密为: M = C d m o d n = 2 M=C^d \mod n =2 M=Cdmodn=2
e : p = 17 ; q = 23 ; e = 9 ; M = 7 e:p=17;q=23;e=9;M=7 e:p=17;q=23;e=9;M=7
解:
n = p q = 391 n=pq=391 n=pq=391
故密文为: C = M e m o d n = 61 C=M^e \mod n=61 C=Memodn=61
又 ϕ ( n ) = ( p − 1 ) ( q − 1 ) = 352 \phi (n)=(p-1)(q-1)=352 ϕ(n)=(p−1)(q−1)=352
e d ≡ 1 m o d ϕ ( n ) ed \equiv 1 \mod \phi(n) ed≡1modϕ(n)
由egcd算法的: d = 313 d=313 d=313
所以解密为: M = C d m o d n = 7 M=C^d \mod n =7 M=Cdmodn=7
3、In a public-key system using RSA, you intercept the ciphertext C = 20 sent to user whose public key is e=13, n=77. What is the plaintext M?
解:
n = 77 = p q = 7 ∗ 11 n=77=pq=7*11 n=77=pq=7∗11
∴ ϕ ( n ) = ( p − 1 ) ( q − 1 ) = 60 \phi (n)=(p-1)(q-1)=60 ϕ(n)=(p−1)(q−1)=60
∵ e d ≡ 1 m o d λ ( n ) ed \equiv 1 \mod {\lambda (n)} ed≡1modλ(n)
由egcd算法得: d = 37 d=37 d=37
故明文为: M = C d m o d n = 2 0 37 m o d 77 M=C^d \mod n =20^{37} \mod 77 M=Cdmodn=2037mod77
由CRT得:
{ 2 0 37 m o d 7 2 0 37 m o d 11 \left \{ \begin{array}{c} 20^{37} \mod 7 \\ 20^{37} \mod 11 \end{array} \right. {2037mod72037mod11 = { 2 0 1 m o d 7 = 6 2 0 7 m o d 11 = ( − 2 ) 7 m o d 11 = 4 \left \{ \begin{array}{c} 20^{1} \mod 7 = 6 \\ 20^{7} \mod 11 = (-2)^{7} \mod 11 = 4\end{array} \right. {201mod7=6207mod11=(−2)7mod11=4
故 { M ≡ 6 m o d 7 M ≡ 4 m o d 11 \left \{ \begin{array}{c} M \equiv 6 \mod 7 \\ M \equiv 4 \mod 11 \end{array} \right. {M≡6mod7M≡4mod11
由egcd算法得: 7 ∗ 8 ≡ 1 m o d 11 , 11 ∗ 2 ≡ 1 m o d 7 7*8 \equiv 1 \mod 11,11*2 \equiv 1 \mod 7 7∗8≡1mod11,11∗2≡1mod7
所以: M = ( 4 ∗ 7 ∗ 8 + 6 ∗ 11 ∗ 2 ) m o d 77 = 48 M=(4*7*8+6*11*2)\mod 77 = 48 M=(4∗7∗8+6∗11∗2)mod77=48
4、In an RSA system, the public key of a given user is e=65, n=2881.What is the private key of this user?
解:
由 n = 2881 得: n = p q = 43 ∗ 67 由n=2881得:n=pq=43*67 由n=2881得:n=pq=43∗67
∴ ϕ ( n ) = ( p − 1 ) ( q − 1 ) = 2772 \phi (n)=(p-1)(q-1)=2772 ϕ(n)=(p−1)(q−1)=2772
e d ≡ 1 m o d ϕ ( n ) ed \equiv 1 \mod \phi(n) ed≡1modϕ(n)
由egcd算法的: d = 725 d=725 d=725
故私钥为: P R = 725 , 2881 PR={725,2881} PR=725,2881