Republic of South Africa (Republic of South Africa)
1977, that is, one year after Diffie-Hellman's paper was published, three researchers at MIT developed a practical method based on this idea. This is RSA, which is named after the initials of three developers-Ron Livingstone, adi shamir and Leonard Adelman. RSA is probably the most widely used public key cryptosystem. 1983 applied for a patent for RSA in the United States, and it was formally adopted as a standard. Although its export is still restricted, it has been widely used to achieve development outside the United States.
Like other such systems, RSA uses large prime numbers to construct key pairs. Each key pair * * * enjoys the product of two prime numbers, namely the modulus, but each key pair also has a specific exponent. RSA Lab explains the principle of RSA cryptosystem as follows:
"With two big prime numbers P and Q, calculate their product n = pq;; N is the modulus. Choose a number e smaller than n, which is prime with (p- 1)(q- 1), that is, there is no common factor except 1, e and (p- 1). Find another number d so that (ed- 1) is divisible by (p- 1)(q- 1). The values e and d are called public index and private index respectively. The public key is this logarithm (n, e); The private key is this logarithm (n, d). "
If you know the public key, you can get the private key, but you have to decompose the modular factor into its prime numbers. It's difficult, and you can basically do it by choosing a long enough key. What needs to be considered is the length of the module; At present, RSA Lab suggests that the key size used by ordinary companies should be 1024 bits, and for extremely important materials, the size should be doubled, that is, 2048 bits. For daily use, the key length of 768 bits is enough, because it can't be easily cracked with current technology. The cost of protecting data always needs to be considered in combination with the value of data and whether the cost of destroying protection is too high. RSA Lab mentioned the recent research on RSA key length security, which is based on the factorization technology available in 1995. This study shows that it is possible to decompose the 5 12-bit key with eight months' efforts and less than one million dollars. In fact, in 1999, as part of the traditional RSA security challenge, it takes seven months to decompose a specific RSA 5 12 number (called RSA- 155).
Remember that all the numbers given here are averages for the security range provided, and sometimes it is important to identify a specific private key faster. Similarly, the security assumption provided is based on the factorization of prime numbers, which is very difficult. If a new mathematical technique is found to make factorization simple, this assumption will change, and then the security provided by RSA and similar algorithms may immediately become worthless.
In addition, please note that increasing the key length will affect the speed of encryption/decryption, so there is a trade-off. Doubling the modulus will increase the operation time using public key by about 4 times, while the time required for encryption/decryption using private key will increase by 8 times. In addition, when the modulus is doubled, the time to generate the key will increase to 16 times on average. If the computing power continues to improve rapidly, but in fact asymmetric passwords are usually used for short texts, this is not a problem in practical applications.
Other asymmetric cryptosystems
ElGamal system named after its developer is based on discrete logarithm problem, which has encryption and signature variants, while digital signature algorithm (DSA) is partly based on ElGamal. The system looks as secure as RSA, but it is usually slow, and it takes twice as long to expand the message during encryption as RSA. These restrictions do not affect the use of this algorithm in signature.
Other systems include Merkle-Hellman knapsack cryptosystem first published in 1978, Chor- Rivest cryptosystem first published in 1984 and its revised version in 1988. In addition, Australia and New Zealand have also developed the LUC public key system. McEliece public key encryption algorithm is based on algebraic coding theory, and uses a class of error-correcting codes called Goppa codes. These codes provide fast decoding, but the key size used is about half a trillion, and the message text is greatly expanded in the encryption process.
In the mid-1980s, a more advanced public key cryptosystem called elliptic curve cryptosystem was put forward, which has attracted people's interest. These systems are based on numerical theory and mathematical construction in algebraic geometry, and are usually defined on finite fields. Although these schemes use short key lengths, they seem to provide security similar to existing systems, and some schemes may be particularly useful in mobile computing or smart card-based systems. RSA Lab proposed that the elliptic curve cryptosystem with key length of 160 bits can provide almost the same security as RSA with key length of 1024 bits. But the problem is that elliptic curve cryptosystem may be vulnerable to some special attacks that have not been fully developed.