The "Key" Idea: Remember that A cryptosystem is a five-tuple () where the following conditions are satisfied:
1. is a finite set of possible plaintexts:
2. is a finite set of possible ciphertexts:
3. the keyspace, is the a finite set of possible keys:
4. For each K there is and encryption rule e and a corresponding decryption rule d. Where
e and d are functions such that for all M ,d(e(M)) M.
In general we think of cryptosystems as being used for two-way communication between individuals who want to carry on a private dialog. However, this is really not be practical for e-commerce. Consider the basic function of taking a credit card over the Web.
Suppose, however, that it were possible to find a cryptosystem for which knowing e , and the general methodology used in its construction, did not lead to an easy computation of d , then we could do the following.
Secure One-Way Communication: (eg Web Form)
1. Publish e for the world to see. Tell the world that, if they want to communicate securely with you, all they need to is apply e to the message before transmitting it. This because there is an acceptably small chance of someone discovering d hence decoding there message.
2. When I received the encrypted message apply d which, presumably only I know.
Secure Two-Way Communication:
Assume that we are dealing with a Cryptosystem such that
In addition to d(e(M)) M, we have e(d(C)) C for all C.
Given d(), it is also very hard to compute e().
Suppose that we have two people P and P who want to communicate securely with each other. Each selects their own "one way system", K and K, from a Cryptosystem with the above listed properties .
P and P commmunicate as follows:
1. P gives e to P and P gives e to P.
2. Suppose P wants to send message M to P . P computes C e(d(M)) and transmits it.
3. P computes e(d(C)) e(d(e(d(M)))) e(d(M)) M.
Why does this work?
P knows that the only person who can read the message is P , the owner of K since, presumably P , is the only person who knows d().
P knows that P sent the message since, presumably P , is the only person who knows d(). We are implicitly assuming that the message P
sees is meaningful.
There are Examples of One Way Cryptosystems:
RSA ( The RSA algorithm was invented in 1978 by Ron Rivest, Adi Shamir, and Leonard Adleman):
1. Begin by choosing and to be two very large prime numbers.
2. Next choose , , such that and are relatively prime.
3. Referring back to the previous sections, we can find such that . Note that and are "symmetric" for two way communication.
4. Here is RSA
is the set of integers between and and relatively prime to .
the keyspace, is the set of pairs , as above:
For each K in and all M, e(M)) M =C and d(C) C
Note: d(e(M)) M M (M)M (1)M M
And d(e(M))=M.
Example- Let and .
and . So. Choose . Note
Compute
Suppose M Check
At first glance there may appear to be a security opening in RSA. A reasonable question that could be asked is, while it may be hard to factor all we really need to do is find such that , so given, , is there a way to compute ?
The answer is that it is as "hard" to compute from as it is to factor it self. Here is the argument.
1. For the sake of clarity, set . So if we know and we can quickly compute .
Next the important direction.
2. Suppose there was an easy way to compute from . To factor , we would then only have to solve the two simultaneous equations.
in two unknowns and .
Solving the first equation for p gives.
substituting this into the second equation gives.
or
.
The quadratic formula does the rest.