RSA CRYPTOGRAPHY SYSTEM

2012-13

CHAPTER 1

INTRODUCTION

Cryptography is the art and science of keeping messages secure. When we say messages we could be referring to plain text files as well as any other types of files such as executable files. Basically, the point of cryptography is to allow any user to keep his data secure and not readable from not desired individuals. Before we examine how it works we need to be familiar with certain terms. In order to fully understand some cryptography-related terms, we are going to use the following Example . Imagine that you were to send an attached text file by email to your friends. Suppose that the information you are sending him is quite sensitive and it is extremely important to you that only your friends gets to read the message. So, what you do is that you get the text file where that information is. This text file at this point is readable and therefore unsecured. In cryptography we call this the plaintext file. So now you need to make the plaintext file unreadable. This is called encrypting the data and the result is the cipher text file (encrypted file). The cipher text file cannot be read and it looks as a sequence of non-sense characters. Only if you decrypt the file you will be able to read it. After you email the ciphertext file to your friends then he would decrypt it, which means that he would convert it back to its plaintext form so he could read it. The following diagram (Figure 1) illustrates the encryption/decryption process.

Dept of CS&E,SJBIT

Page 1

RSA CRYPTOGRAPHY SYSTEM

2012-13

Now you must be wondering: text file and not someone else? the cipher text file? Smart question . In order for only a specific person to be able to decrypt a file a key is used. This key is just like a real world door key. Only the people who own the key can open the door, and at the same time you keep you key hidden from other people so that no intruders get into your house. In CRYPTOGRAPHY, this is also called a key. This key is just a sequence of characters such as firebird or this is my key. This key should only be known by the sender and the receiver, so that if an authorized user gets access to the cipher text file he wont be able to read it since he wouldnt know the key (see Figure 2).

The key you choose is really up to you, although you should know that the longer your key is, the harder it will be for a cryptanalyst (a cipher text breaker) to decrypt the file. Also, the encryption algorithm used makes a difference in how hard it is to break the encryption. There are all sorts of encryption algorithms out there, although this subject is really outside the scope of this paper. Next, we will discuss the two general types of key-based algorithms: symmetric and asymmetric. In a symmetric algorithm the key used to encrypt and decrypt a certain message is the same in both cases. Since both sides have the same key we call this a symmetric
Dept of CS&E,SJBIT Page 2

RSA CRYPTOGRAPHY SYSTEM

2012-13

algorithm. The example discussed at the beginning of this paper uses a symmetric algorithm to encrypt and decrypt the text file sent by email. With this type of algorithms all the security relies on only one key, so it must be kept in total secret. If anyone had access to the key, he could decrypt and encrypt the message with no problem. The second type is the asymmetric algorithm, also called public-key algorithm. As you Can guess from the term asymmetric now each of the two parties have a different key! So now we have two different types of keys called Public and Private Key. The first one is used to encrypt the message, whereas the private key is used to decrypt it. The public key can be given to anyone, since all you can do is encrypt a message but never decrypt it. However, the private key should only be known by whoever is supposed to decrypt the message .Lets use an example to illustrate asymmetric-algorithm-based cryptography. We will use your friends again. Suppose that your friends now tells you that he wants to use a different type of cryptography in which only he knows the key to decrypt the messages that he receives. So you talk to him about asymmetric cryptography and he likes the concept .So now, your friends have a private key that is only known by him. He uses this key to decrypt messages that his employees send to him. On the other hand, his employees will use the public key in order to encrypt the messages (see Figure 3). Any of his employees will be able to encrypt a message in order to send it to their friends, but only their friends will be able to decrypt it and therefore be able to read the message, since only he knows the private key.

Dept of CS&E,SJBIT

Page 3

RSA CRYPTOGRAPHY SYSTEM

2012-13

1.2 Types of Cryptography

1. Secret (symmetric) Key Cryptography. 2. Public (asymmetric) Key Cryptography. 3. Hash Functions. 4. Trust Model

The three types of cryptographic algorithms that will be discussed as shown below:

Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption Public Key Cryptography (PKC): Uses one key for encryption and another for decryption Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information

Dept of CS&E,SJBIT

Page 4

RSA CRYPTOGRAPHY SYSTEM

2012-13

1.Secret Key Cryptography

With secret key cryptography, a single key is used for both encryption and decryption. As shown in Figure the sender uses the key (or some set of rules) to encrypt the plain text and sends the ciphertext to the receiver. The receiver applies the same key (or ruleset) to decrypt the message and recover the plain text. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption. With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key. Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so- called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plain text block will always encrypt to the same cipher text when using the same key in a block cipher whereas the same plaintext will encrypt to different ciphertext in a stream cipher.

2.Public key cryptography Modern PKC was first described publicly by Stanford University professor Martin Hellman and graduate student Whitfield Diffie in 1976. Their paper described a two-key crypto system in which two parties could engage in a secure communication over a non-secure communications channel without having to share a secret key. Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other key. One key is used to encrypt the plain text and the other key is used to decrypt the cipher text. The important point here is that it does not matter which key is applied first, but that both keys are required for the process to work (Figure 1B). Because a pair of keys are required, this approach is also called asymmetric cryptography

Dept of CS&E,SJBIT

Page 5

RSA CRYPTOGRAPHY SYSTEM 3. Hash Function

2012-13

Hash functions, also called message digests and one-way encryption, are algorithms that, in some sense, use no key (Figure 1C). Instead, a fixed-length hash value is computed based upon the plaintext that makes it impossible for either the contents or length of the plaintext to be recovered. Hash algorithms are typically used to provide a digital fingerprint of a file's contents, often used to ensure that the file has not been altered by an intruder or virus. Hash functions are also commonly employed by many operating systems to encrypt passwords. Hash functions, then, help preserve the integrity of a file.

4.TRUST MODELS Secure use of cryptography requires trust. While secret key cryptography can ensure message confidentiality and hash codes can ensure integrity, none of this works without trust. In SKC, PKC solved the secret distribution problem. There are a number of trust models employed by various cryptographic schemes.

The web of trust employed by Pretty Good Privacy (PGP) users, who hold their own set of trusted public keys.

Kerberos, a secret key distribution scheme using a trusted third party. Certificates, which allow a set of trusted third parties to authenticate each other and, by implication, each other's users.

Each of these trust models differs in complexity, general applicability, scope, and scalability.

Dept of CS&E,SJBIT

Page 6

RSA CRYPTOGRAPHY SYSTEM

2012-13

Chapter 2

SYSTEM REQUIREMENT ANALYSIS.

2.1 IMPORTANCE OF REQIREMENT ANALYSIS

Requirements analysis is critical to the success of a development project. Requirements must be documented, actionable, measurable, testable and defined to a level of detail sufficient for system design. Requirements can be architectural, structural, behavioral, functional, and non-functional. A software requirements specification (SRS) is a comprehensive description of the intended purpose and the environment for software under development. The SRS fully describes what the software will do and how it will be expected to perform. A SRS minimizes the time and effort required by developers to achieve the desired goals and also minimizes the development cost. A good SRS defines how an application will interact with system hardware, other programs and human users in a wide variety of real-world situation.

2.1.1 FUNCTIONAL REQUIREMENTS

i. ii. iii. iv. Any Processor RAM Size Hard disk Keyboard, Mouse. : 500 MHz plus : 256 MB plus : 10GB plus

2.1.2 NON-FUNCTIONAL REQUIREMENTS

i. ii. iii. iv. v. vi. Operating system Language GUI Database Applications sever Browser : Windows XP/Windows 7 / Linux : PHP, HTML, CSS : PHPMyAdmin , Dreamweaver : MySQL 5.0 : Apache. : Google Chrome / Internet Explorer / Mozilla Firefox

Dept of CS&E,SJBIT

Page 7

RSA CRYPTOGRAPHY SYSTEM

2012-13

CHAPTER 3

System Study and Analysis

3.1 . INTRODUCTION ON RSA

RSA, named after its inventors (Rivest, Shamir, and Adleman) is an encryption system made public in the mid seventies. Since RSAs advent the government and big businesses have used the system to encrypt some of their most sensitive information. Today with so much of the worlds population owning a computer and using the internet, it was only a matter of time before the internet branched out and became the worlds forum for marketing. In todays society it has become second nature for people to do shopping over the internet. There are no limits as to what type of business one can find.One can buy a car, do their banking, find clothing, purchase food, or find and purchase a home. The list has really become endless. However, the comfort of shopping at home does come at a price. Security. Home addresses, social security numbers, telephone numbers, full names, background history as well as credit card numbers are all information that a consumer can be required to send over the internet in order to make purchases. This very personal and sensitive information when in the wrong hands could mean a major dishevelment of a persons life. Lately, there have been numerous news reports of hackers breaking into the hard drive of big businesses and even the government. Security is an issue of major importance right now. With so many businesses relying on the inability to decode RSA, it is important to test the strength of this encryption program.

3.2. RSA ALOGRITHM

RSA involves a public key and a private key. The public key can be known to everyone and is used for encrypting messages. Messages encrypted with the public key can only be decrypted using the private key. The keys for the RSA algorithm are generated the following way: 1. Choose two distinct prime numbers p and q.

For security purposes, the integers p and q should be chosen at random, and should be of similar bit-length. Prime integers can be efficiently found using a primality test.

2. Compute n = pq.

n is used as the modulus for both the public and private keys. Its length, usually expressed in bits, is the key length.

Dept of CS&E,SJBIT

Page 8

RSA CRYPTOGRAPHY SYSTEM 3. Compute (n) = (p1)(q1), where is Euler's totient function.

2012-13

4. Choose an integer e such that 1 < e < (n) and greatest common divisor gcd(e, (n)) = 1; i.e., e and (n) are coprime.

e is released as the public key exponent. e having a short bit-length and small Hamming weight results in more efficient encryption most commonly 216 + 1 = 65,537. However, much smaller values of e (such as 3) have been shown to be less secure in some settings.

5. Determine d as d e1 (mod (n)), i.e., d is the multiplicative inverse of e (modulo (n)).

This is more clearly stated as solve for d given de 1 (mod (n)) This is often computed using the extended Euclidean algorithm. d is kept as the private key exponent.

By construction, de 1 (mod (n)). The public key consists of the modulus n and the public (or encryption) exponent e. The private key consists of the modulus n and the private (or decryption) exponent d, which must be kept secret. p, q, and (n) must also be kept secret because they can be used to calculate d.

3.3 RSA Key Generation

If the RSA keys does not exist, they need to be created. The key generation process is usually relatively slow but fortunately it is performed seldom (the very first time and then only if keys need to be regenerated).

The key generation starts by finding two distinct prime numbers p and q. First PRNG is used to generate random numbers, then they are tested for primality and will be regenerated untill prime numbers are found.

NOTES: The p and q must same length in bits, must not be equal, and they should not be close to each other (that is p - q should not be small number). If primes are chosen random, and even when they are same in length, it is extremely likely these conditions are met.

Compute modulus n = pq and

= (p - 1)(q - 1).

The n will be stored for later as it is part of the public key. To have 1024 bit public key, then p and q are about 512 bits each.

Dept of CS&E,SJBIT

Page 9

RSA CRYPTOGRAPHY SYSTEM

2012-13

Select public exponent e, which is used as public key with n. It is used to encrypt messages and to verify digital signatures. The e is stored for later with n. The e is usually small number but it can be 1 < e < . The e must be relatively prime to , hence gcd(e, ) = 1 (gcd = greatest common divisor, use Euclidean algorithm).

NOTES: Usually e is small to make encryption faster. However, using very small e (<16 bit number) is not recommended. A popular starting value for e is 65537. If e is not relatively prime to , then it is usually added by 2 untill it becomes relatively prime. This makes the finding of e as fast as possible.

Compute private exponent d, which is the actual RSA private key. The d must not be disclosed at any time or the security of the RSA is compromised. The d is found by computing the multiplicative inverse d = e - 1 mod . The extended Euclidean algorithm is commonly used to compute inverses. The d exponent is used to decrypt messages and to compute digital signatures.

NOTES: Implementations try to find as small d as possible to make decryption faster. This is fine as long as it is assured that d is about the same size as n. If it is only one-quarter of size it is not considered safe to be used. It is possible to find a smaller d by using lcm(p-1,q-1) instead of / gcd(p-1,q-1)). The PKCS#1 standard recommends this. (lcm = least common multiple, lcm(p-1,q-1) =

3.4 Things to remember in key generation

Key generation is the most important part of RSA, it is also the hardest part of RSA to implement correctly.

Prime numbers must be primes, otherwise the RSA will not work or is insecure. There exists some rare composite numbers that make the RSA work, but the end result is insecure.

Find fast implementation of the extended Euclidean algorithm.

Do not select too small e. Do not compute too small d.

Compute at least 1024 bit public key. Smaller keys are nowadays considered insecure. If you need long time security compute 2048 bit keys or longer. Also, compute always new n for each key pair. Do not share n with
Dept of CS&E,SJBIT Page 10

RSA CRYPTOGRAPHY SYSTEM any other key pair (common modulus attack).

2012-13

Test the keys by performing RSA encryption and decryption operations.

3.5 Example of RSA with small numbers

p = 47, q = 71, compute n = pq = 3337 Compute phi = 46 * 70 = 3220 Let e be 79, compute d = 79-1 mod 3220 = 1019 Public key is n and e, private key d, discard p and q. Encrypt message m = 688, 68879 mod 3337 = 1570 = c. Decrypt message c = 1570, 15701019 mod 3337 = 688 = m.

3.6. RSA DATA FLOW DIAGRAM

Dept of CS&E,SJBIT

Page 11

RSA CRYPTOGRAPHY SYSTEM

2012-13

Chapter 4.

Specification and Design

The necessary functionality of the system will be described below.

4.1 Arbitrary-length key generation and management

The system will allow the user to generate RSA key pairs of arbitrary length. Though the system will suggest a recommended length as a default (this will be capable of updating), the user will be able to generate keys of any length, including those which are too long to make encryption/decryption computationally feasible and those which are too short to provide adequate security. There will be an option, where feasible, to allow warning messages to be sent somewhere if the user tries to do this. The system will allow the writing of keys to key files. These files will include data such as checksums and some means of ensuring that the files are valid. Public key files will be optimised for easy sharing (i.e. small file sizes). Private key files may be located on fixed media (not recommended) or on removeable media such as floppies or CDs. The system may support some means of authenticating the user to the key file however, this is not essential if keys are stored on removeable media which is kept securely. The system will allow the reading of keys from key files and will take all reasonable precautions to ensure that sensitive data does not leak.

4.2 RSA Encryption and Decryption

The system will, on being given a file containing data to be encrypted, and a key file containing a public key, encrypt the said data and write the encrypted data to memory or a file. The system will conversely decrypt data that has previously been encrypted. The system will identify situations where the user has tried to decrypt data with the wrong key (see below). The system will be able to cope with any binary file.

4.3 Error handling

There is much scope for errors for example, if, given key pairs P(a,b) and Q(c,d) (where the first of the 2 keys in each pair is the public key and the second the private key associated with it) you try to decrypt a message encrypted with public key a using private key q. Since the mathematics wouldn't show any problem here, there
Dept of CS&E,SJBIT Page 12

RSA CRYPTOGRAPHY SYSTEM

2012-13

must be some method for determining whose public key has been used to encrypt a given file of encrypted data. Keys must therefore have unique identifiers associated with them, and errors must be returned if the identifiers from an encrypted data file and a decryption key do not match.

4.4 Symmetric Encryption

It is anticipated that the system will support one or more symmetric encryption algorithms such as IDEA. This would be to allow the system to be used in a similar way to the popular encryption product PGP[PGP], which uses asymmetric encryption for keyexchange only, and actually encrypts data using a faster symmetric algorithm

4.5 Test and Timing Functions

These functions will allow the system to return metrics about the environment that it is currently running on. These tests will work by encrypting a given amount of data using either type of encryption with any key length, and measuring the time taken. Based on theoretical algorithm speeds, it will be able to estimate average encryption times for given key sizes, and therefore be able to assist users in selecting a key size.

4.6 Encoding and Integrity Checking

In order to make it easier to send enciphered files via email or via similar means, it is anticipated that the system will encode output files using Base64 encoding. In addition, methods such as cyclic redundancy checking will be used to detect any corruption. Checking will be performed at several levels to ensure that any errors are detected.

4.7 Digital Signatures and secure hashes

The system will provide the necessary functionality for digital signatures to be implemented. This will include message-digest and secure hash algorithms which can obviously also be used in their own right. Whether or not digital signatures are actually implemented will depend on time constraints.

Dept of CS&E,SJBIT

Page 13

RSA CRYPTOGRAPHY SYSTEM

2012-13

Chapter 5.
5.1 Input Enter the value of P.
Enter the value of Q.

Snapshots

Enter the message to be ENCRYPTED.

Dept of CS&E,SJBIT

Page 14

RSA CRYPTOGRAPHY SYSTEM

2012-13

5.2 Output The ENCRYPTION KEY is displayed.

The DECRYPTION KEY is displayed. The ENCRYPTED message is displayed. The DECRYPTED message is displayed.

Dept of CS&E,SJBIT

Page 15

RSA CRYPTOGRAPHY SYSTEM

2012-13

CONCLUSION
From the above study it is advent that RSA algorithm has the same importance as of the system in the Cryptography over network security. Since RSA are used to be provides the authentication & privacy to whole system. But it is fully depends upon the two large prime numbers, Encryption & Decryption key. Always keep you mind its mathematical calculation are very difficult and lengthy. Since its publication, a vast amount of research has been completed on inverting the RSA function, and many clever attacks have been found. Although the attacks detailed within this paper could be devastating in the appropriate conditions, the true benefit of this research should be to highlight the need for proper implementation of RSA, preventing the use of these attacks. Thus we see that, employed correctly, RSA is still a valid security measure for digital data. The attacks outlined in this paper have exploited weaknesses in the underlying Structure of the RSA function. We have considered private exponent attacks, from which we have discovered that a low private exponent should never be used, and low public exponent attacks. These are not the only classes of attacks which have proven successful. There have also been a great number of attacks focused upon the implementation itself. Brute force attack most common known attacks occur in RSA algorithm . These attacks exemplify the need to focus not only upon the underlying mathematical structure of RSA, but on more practical concerns, such as time considerations and random faults.

Dept of CS&E,SJBIT

Page 16

RSA CRYPTOGRAPHY SYSTEM

2012-13

Bibliography
HTML
http://www.w3schools.com/html/default.asp

JAVA SCRIPT http://www.w3schools.com/js/default.asp

INFORMATION http://en.wikipedia.org/wiki/Cryptography

Dept of CS&E,SJBIT

Page 17