325 report

7/29/2019 325 report

1/71

B131590

2012

Amal Umi Hafizah Md Yusoff i

Acknowledgement

Praises to Allah the Almighty who gave me all the strength to complete the project on time.

It has been a tough 3 months and without the support of people around me, the project will

not be as how it turned out to be now.

First, Id like to thank my project supervisor, Dr Ana Salagean, for supporting and offering

advice and pushing me to keep trying harder and make the project work. Without her

continuous guidance I would not be able to finish up this project and enjoy the pressure of

trying to get everything done with a good quality.

I would also like to express my gratitude to His Majesty the Sultan of Brunei for awarding

me with the scholarship and to Bruneis Ministry Of Education for giving me the

opportunity to further my studies and financially support my course.

Special thanks to Henrik Vestamark - who have helped me with the arbitrary arithmetic

library and not only promptly responded to any queries but also, has offered help at all

times.

To my father and mother, Ayah, Ummi and my other family members and friends for the

continuous support and encouragement it would have not been possible to complete this

without their support and comforting words to always be strong and healthy at the same

time. I wish them a blessed life both here and the hereafter

7/29/2019 325 report

2/71

B131590

2012

Amal Umi Hafizah Md Yusoff ii

Abstract

The first aim of this project is to explore and implement the flow, method and techniques

of one of the public-key cryptography techniques, namely the RSA cryptographic

algorithm. This study of understanding the overall flow of the algorithm includes the

logical and mathematical aspects that are implemented in the algorithm.

The general aim of this project is to implement and evaluate the RSA public key algorithm,

including the encryption and decryption algorithm along with the key creation using

different mathematical techniques, such as the Euclid algorithm, the extended Euclid

algorithm, and the square and multiply algorithm.

A more advance aim for this project is also conducted. This aim is to conduct a further

study of how the RSA algorithm is able to be increased in security and the time taken to do

encryption and decryption, with advance techniques, in particular Chinese Remainder

Theory.

This project also mentions the usage of RSA in many areas, particularly in Internet

protocols such as SSL/TLS and SSH.

Later in the project a general view of attacks on RSA is also conducted. The attacks such as

cryptanalysis and prime factors choices are looked into in details.

A few implementations are made in this project and each of them signifies several aspects

ofRSAs technique. It was proved that efficiency in RSA is dependent on the techniques and

methods being used in the encryption and decryption algorithm. This was shown by using

the time difference during the processes.

7/29/2019 325 report

3/71

B131590

2012

Amal Umi Hafizah Md Yusoff iii

Table of Contents

Acknowledgement ................................................................................................................................................... i

Abstract ....................................................................................................................................................................... ii

1.0 Introduction .................................................................................................................................................. 1

2.0 RSA Brief Background .............................................................................................................................. 1

3. 0 RSA Usage ..................................................................................................................................................... 2

4.0 Implementation Tools for RSA .............................................................................................................. 3

5.0 RSA Method ................................................................................................................................................... 3

5.1 Encryption Algorithm .......................................................................................................................... 4

5.2 Decryption Algorithm .......................................................................................................................... 6

5.4 Chinese Remainder Theorem ........................................................................................................... 7

6.0 Attacks on RSAs algorithm .................................................................................................................... 86.1 Small Prime Factors .............................................................................................................................. 9

6.2 Ciphertext Attack ................................................................................................................................... 9

6.3 Side-Channel Attacks......................................................................................................................... 10

6.4 Common Modulus ............................................................................................................................... 10

6.5 Cycle Attack ........................................................................................................................................... 10

7.0 Using OAEP to Enhance RSA Security ............................................................................................. 11

8.0 Implementation ........................................................................................................................................ 11

8.1 Initial Implementation ...................................................................................................................... 11

8.2 Improved Encryption and Decryption Method Implementation .................................... 14

8.3 Further Improved Encryption and Decryption Algorithm Implementation .............. 17

8.4 Improvised Decryption Technique in the Algorithm : CRT .............................................. 25

9.0 Efficiency Comparison ........................................................................................................................... 29

9.1 Simple multiply and modulus method Vs Square and Multiply Method ..................... 30

9.2 Square and Multiply Vs CRT ........................................................................................................... 31

11.0 Conclusion .................................................................................................................................................... 32

11.1 Comparison of Implementation ................................................................................................. 32

11.2 Problem Encountered During Implementation ................................................................... 33

11.3 RSA Conclusion ................................................................................................................................. 34

11.4 Future Works ..................................................................................................................................... 35

Bibliography.............................................................................................................................................................. a

7/29/2019 325 report

4/71

B131590

2012

Amal Umi Hafizah Md Yusoff iv

Appendix A ................................................................................................................................................................ a

Code for initial implementation ................................................................................................................... a

APPENDIX B .............................................................................................................................................................. a

Code for improved encryption and decryption implementation ................................................... a

APPENDIX C .............................................................................................................................................................. a

Code for further improved encryption and decryption implementation ................................... a

APPENDIX D .............................................................................................................................................................. a

Code for Improvised Decryption Technique Implementation ........................................................ a

APPENDIX E .............................................................................................................................................................. a

Flow of Algorithm for Improvised Decryption Technique in Algorithm .................................... a

7/29/2019 325 report

5/71

B131590

2012

Amal Umi Hafizah Md Yusoff 1

1.0 Introduction

RSA has been most commonly declared as one of the safest methods for cryptography.

This is accredited to the public key creation from the algorithm, which is undeniably one of

the best of its kind. It is proven that prime factorization is the main element to the

complexity and thus helps to ensure the high security in RSA.

RSA, as mentioned before, is mainly used for public key encryption and it is widely used in

Internet protocols such as SSL/TLS, SSH, PGP and IPSEC. This project will focus a little on

the two of the protocols in another section.

This project will deliberate on the methods used in RSA including the encryption and

decryption algorithm, and the pseudo code.

Further discussed in the sections, will be the possible attacks on RSA that have been

discovered by people who either uses the system, or by people who have developed a

system using RSA as their security mechanism or even a hacker.

This project will give several implementations to evaluate the efficiency of some of the

many techniques used in RSA. The first implementation would be an initial

implementation, to have a working RSA tested using small integers. The second

implementation is to develop RSA using a simple multiply and modulus technique,

absorbing how long it takes to process the encryption. Third implementation will be using

the square and multiply technique which is the standard technique in the algorithm

currently. Final implementation will be using an advance decryption technique, namely

Chinese Remainder Theorem. Comparisons of efficiency will be made at the end of the

paper.

2.0 RSA Brief Background

RSA, named after the inventors Ron Rivest, Adi Shamir and Leonard Adleman in 1977, is

the most widely used public key algorithm due to its high security. It supports encryption

and digital signatures. It takes some mathematical background to understand the

algorithm especially when computing the encryption and decryption exponent but it can

be relatively easy to comprehend and implement. As mentioned above, RSA gets its high

security from the complex factorization of large prime numbers. The current key size is a

1024 bit key which is equivalent to 307 decimal digits.

7/29/2019 325 report

6/71

B131590

2012


In RSAs public key cryptography, the sender who wishes to send a message has to obtain

the receivers public key and perform encryption with it, then the cipher text will be passed

to the receiver. The receiver then decrypts the cipher text using his private and public key.

Further description of the encryption and decryption algorithm will be discussed in section

5.1 and 5.2.

As with any other security algorithm, there is always a part of the system or algorithms

that are vulnerable and can be claim as a weakness. A further discussion on this part will

be given in section6.0.

3. 0 RSA Usage

The strong public key encryption being offered by RSA has been recognized by the public

and is implemented in many security-based program or protocols. This section focuses on

the protocols that use RSA in their data securing algorithm. Some of the protocols are

SSL/TLS, PGP and SSH. Next is to discuss each of the protocols in brief detail, in particular

how they use RSA in their system.

Firstly, Secure Socket Layer (SSL) and Transport Layer Security (TLS) are one predecessor

of another, which are used to manage and transport a secure message over the Internet.

Referring to TLS version 1.2, it consists of two layers, namely TLS Record Protocol and TLS

Handshake Protocol. The TLS Handshake Protocol provides authentication, secure shared

key negotiation and reliability of negotiation services. RSA is used for key exchange, in the

first service that is the peers identity authentication, where key exchange and server

authentication are combined. Similar to SSL version 3.0, the two layers are SSL record

protocol and SSL protocol, which also uses RSA for the same purpose.

The next program that utilizes RSA is the Pretty Good Policy or better known as PGP. It is a

public-key encryption program designed to secure e-mail transaction over the Internet. It

includes encryption, signing of keys, decryption and authentication which use three of the

best known cryptography algorithms, Radix-64, International Data encryption Algorithm

(IDEA) and RSA. The encrypted file generated by PGP is encoded using IDEA, for the secret

keys and RSA for the public-key, which will encrypt the secret key into another round of

encryption.

7/29/2019 325 report

7/71

B131590

2012


Secure Shell (SSH) is another protocol that utilizes RSA. SSH is a protocol used to secure

and authenticate mostly for remote access and file transfer in which RSA is used to

generate keys and for authenticating.

Next the paper discuss the Secure Shell program designed especially for TCP/IP

application to provide command shell, file transfer, and data tunneling services for remote

access. It deals with securing the connection to the SSH server and providing a secure link

to access the resources at the server. SSH have three main components: Transport Layer

Protocol, User Authentication Protocol and Connection Protocol. RSA is used to

authenticate the identity of communicating users by utilizing its public and private key

algorithm.

4.0 Implementation Tools for RSAThe complex algorithm and the use of huge prime numbers are beyond the capability of

any programming compilers. In order to implement RSA to be fully functioning and to meet

the criteria (large keys creation), some additional tools are needed. In this project an

additional tool is implemented, namely the Arbitrary precision arithmetic library

The Arbitrary precision arithmetic library is used to handle large numbers and

mathematical operations, which includes division, multiplication and modular and

exponential computation which are the main operations in the RSA algorithm. This project

uses the Precision Library, created by Henrik Vestermark and is designed for C++

programming language and has mathematical functions such as addition, subtraction,

multiplication division and modulus. There are also operator functions such as logical or

and logical and; also the input output stream. The Precision Library has a number of

packages for multiple function specification, such as iprecision which was designed for

integer type and fprecision for floating numbers. There are also other types of header files

that deal with complex numbers and interval precision. This project only uses the

iprecision package.

5.0 RSA Method

RSA is as mentioned above one of the strongest encryption algorithms in securing data

transactions on a network. One of the factors that contributes to that is the keys factors

used in the algorithm, namely public and private keys, along with modern and advanced

7/29/2019 325 report

8/71

B131590

2012


padding techniques such as the padding scheme, OAEP and also the Chinese Remainder

Theory which had already been mentioned earlier in this paper.

5.1 Encryption Algorithm

RSA has more than one algorithm - the most used one being implemented in this project. In

the algorithm there are again many techniques to achieve the variable values that will be

needed for the encryption process, for example, the Euclid algorithm and the square and

multiply algorithm, to name a couple.

For the encryption process, the output will be an encrypted plain text, also called cipher

text. Public keys are used to arrive at the ciphertext, C. Public keys consists of an

encryption exponent, e, and a system modulus, n, which then comes together to form :

C = me mod n

where m is the plain text (message). The message m must be less than n. Next we discuss

the whole calculation to determine each value of e and n for the public keys, denoted as

PU(e, n) which will be visible globally via the Internet. To derive at the public encryption

key, two large prime numbers are needed initially, normally assigned as p and q. p and q

are used to compute the system modulus n and the value ofr, called the totient function,

which will be used to compute the encryption and decryption exponent. Below are the

formulae to compute n and r.

n = p * q

and

r = (p-1) * (q-1)

Now that the values ofn and rare set, the value ofe is next to be solved. The condition of

the correct value of e is that it must be in the range of 1 < e < r, such that their greatest

common divisor,gcd(e,r) = 1 . This can be verified by doing the following calculation:

ed mod r = 1 or

ed -1 is divisible by r

In this project the Euler Euclid algorithm will be used to solve e as it is a faster way to

compute it rather than using the modulo operation. To solve gcd(e,r) by the algorithm,

using e and r, compute a sequence of numbers with both numbers being the first two. Each

7/29/2019 325 report

9/71

B131590

2012


subsequent number is the remainder of the division of the previous two. The last

computation must result in a zero and the last non-zero number in the sequence will be the

gcd(e,r). This is better illustrated in the example below.

Example : computing gcd(40,7)

40

7

5 (40 = 7 * 5 + 5)

2 (7 = 5 * 1 + 2)

1 (5 = 2 * 2 + 1)

0 (2 = 2 * 1 + 0)

When e is validated, then the encryption can be made. The encryption is done using a much

faster algorithm namely the fast exponentiation approach or better known as square and

multiply approach. This is done exactly as the name suggests, by squaring and multiplying.

In the formula C = me mod n, write e as a sum of powers of 2, similar to writing e in binary

form, then multiply together the corresponding powers of m. To explain better how the

square and multiply algorithm work, lets look at another example.

Example 2:

Computing m45 mod n

e = 45

45 = 32 + 8 + 4 + 1 (101101)

m45 mod n = m32+8+4+1 mod n

m32 m8 m4 m1mod n = (m32 mod n)( m8 mod n )(m4 mod n)(m1 mod n )mod n

when m = 7 and n = 11,

C = 745 mod 11

e = 45

45 = 32 + 8 + 4 + 1 (101101)

745 mod 11 = 732+8+4+1 mod 11

732 78 74 71mod 11 = (732 mod 11)( 78 mod 11 )(74 mod 11)(71 mod 11 )mod 11

C = (5)(9)(3)(7) mod 11 = 10

Table 1. Example of computing using Euclid Algorithm

7/29/2019 325 report

10/71

B131590

2012


That conclude how encryption is being done specifically in this project, aiming to achieve

efficiency for the process.

5.2 Decryption Algorithm

Decrypting a message is just the reverse of encrypting plain text. It reads the encrypted

cipher text and begins decrypting using another algorithm and a different key. While for

the public key the sender makes available to the whole InternetPU(e, n), the private key

would be PR(d, n), which is only known to the users. Note that the decryption exponent

here is denoted as d. Decryption will be done using the following formula,

P = cd mod nwhere P will be the decrypted plain text. To determine the value ofd, the extended Euclid

algorithm is implemented. This is simply an extension to the Euclid algorithm used for the

encryption exponent. In the algorithm, for any two numbers of (r, e), two other values will

be computed, namely (u, v), such that

r u + e v = gcd (r,e)

which are achieved similar to the Euclid algorithm. First take the two numbers e and r,

write a sequence of it similar to what we did before, having the remainder and now an

addition of the quotient q; is also taken into account, an example is given below.

Example : computing gcd(40,7)

s u v q

40 1 0

7 0 1 5 (40 = 7 * 5 + 5)

5 10 x 5 = 1 01 x 5 = -5 1 (7 = 5 * 1 + 2)

2 01 x 1 = -1 1 - (-5) x 1 = 6 2 (5 = 2 * 2 + 1)

1 1 (-1) x 2 = 3 (-5)- 6 x 2 = -17 2 (2 = 2 * 1 + 0)

0

Table 2. Example of computing using the extended Euclid Algorithm

7/29/2019 325 report

11/71

B131590

2012


To arrive at the values of each column ofu and v, the following formula is applied:

the entry two positions higher (the entry one position higher x the quotient on the same

line)

as the font colour has indicated. The output of this calculation will be the gcd(r,e) which is

the last non-zero value ofs, which is also equal to (r * final u) + (e * final v).

gcd (40,7) = 1

(40 * 3) + (7 * -17) = 1

With the above calculation using the extended Euclid algorithm, we can determine the

decryption exponentd. If the result ofgcd(r,e) = 1, then dcomes in such thated mod r = 1. d

is called the multiplicative inverse ofe in modulo rarithmetic. Taking the equation above,

where (r * u) + e * v) = 1, perform the modulo r function. In other words, do a modulo r to

each of the term so that it looks like the equation below,

(r mod r)(u mod r) + (e mod r)(v mod r) = 1

Since r mod r = 0, we get(e mod r)(v mod r) = 1. Therefore we can conclude that

d = (v mod r)

Now that the value of d is defined, the private key PR (d,n) is defined which will remain

known only to the sender and recipient. The decryption process can be commenced using

the formula mentioned before, that is P = cd mod n.

5.4 Chinese Remainder Theorem

Chinese Remainder Theorem (CRT) is a theory originated from the idea of congruency in

number theory, which determine a value n, when divided by several given divisors leaves a

given remainders. It is a theory that is used in RSA to boost up the decryption process for

greater efficiency. Using this theorem will result to having as much as four times faster

than the normal RSA decryption algorithm of square and multiply, the reason will be

explained next while explaining the algorithm.

The algorithm for using CRT is a bit complicated than the square and multiply but for the

efficiency purpose, this algorithm is very much preferred. Instead of having just one

modular exponent of n in square and multiply method, CRT is having two. This can be

clearly illustrated in the figure below along with an example.

7/29/2019 325 report

12/71

B131590

2012


With the knowledge of p and q, four additional values will be derived using the formula

below:

1. dp = d(mod p-1)2. dq = d(mod q-1)3. q-1 (mod p)To calculate 3. extended Euclid algorithm is being used.

And so to decrypt a message m, Mp and Mq must be calculated using belows formula

Mp = mdp (mod p) Mq = mdq (mod q) h = q-1 * (Mp - Mq) (mod p) P = Mq + (h * q)

As can be seen in the algorithm above, we are computing two modular exponentiations, Mp

and Mq. Although it requires extra computing but the value to be computed, that are the

exponent and system modulus are smaller, this contributed to the faster decryption

process.

6.0 Attacks on RSAs algorithm

Kileen said of the attacks of cryptography attacks, The important thing to remember is thatno matter how secure you think your system is, there may be something you have not

considered.(Killeen, 2001). This reminds the system developer that there will always be

flaw or imperfection in what one has developed.

For RSA, it has been said that its strength lies in the complex prime factorization of the

encryption and decryption exponents. Naturally, some try to find weaknesses or any

opening through which to attack the strength or most important factor of the program.

Since RSA is mostly being used for its public-key algorithm that is exactly what attackers

are focus upon. The public key, PU(e, n)consists of an encryption exponent and the overall

modulus.

7/29/2019 325 report

13/71

B131590

2012


6.1 Small Prime Factors

The first and most obvious weaknesses which could arise when developing RSA is to allow

small prime factors to be used for the prime exponents, p and q, which are the factors that

make up modulus n. Factoring small or insufficiently large enough integers is not easy to

do, and this will result in the security being very weak, if there is any at all. When factoring

using small numbers the system can easily be brought down by hackers using brute force

or exhaustive key methods. This could be handled by not allowing small factors to be used

and putting a limit on the minimum bit of numbers for the prime factors. Especially in the

world of today, although the current key is 1024bit, a 1024 bit RSA key would not be

sufficient to provide cryptographic protection after 2011 (Barker, Barker, Burr, Polk, &

Smid, 2007).

6.2 Ciphertext Attack

An attacker would try to obtain the private key, which consists ofPR(d,p,q). In this type of

attack, the attacker has the knowledge of both plaintext and the encrypted text. Since in the

public key there is e and n, the attacker would need to determine the value ofp and q,

which if they succeed will give them the value for the totient function ((p-1)(q-1)). Upon

knowing the totient function (r), they would easily get the value ofd. Even though it sound

simple, it is a very complex task to do, given that the prime factors are very large numbers.

Therefore to prevent this attack, one must choose to use a more efficient method to factor

n ,where it has been proved by many researchers that factoring n is not impossible at all.

Some examples of the factored modulus of RSA are, RSA-120 was factored by quadratic

sieve by Thomsan, Bruce, Arjen and Mark and RSA-140 was factored by Cavallar, Dodson,

Lenstra, Leyland, Lioen, Montogomery, Murphy, and Zimmerman using number field sieve

as stated by (Aboud, 2009).

7/29/2019 325 report

14/71

B131590

2012


6.3 Side-Channel Attacks

Simple Power Analysis (SPA) and Differential Power Analysis (DPA) are two of the most

known types of the side-channel attacks. It has been proved that these two are the most

had cause disastrous effect on RSA cryptosystem. The method of repeated squaring has its

vulnerability towards attacks, where it made use of the technique of looping to infuse an

attack. According to (Zhang , Zheng, & Peng, 2008), the most widely used protect against

this attack is exponent randomization. Classical power-analysis protected implementation

of exponentiation is being used and main idea of the remedy is to randomize the private

exponent at each calculation.

6.4 Common Modulus

This is a situation when in an organization, the public modulus n would be generated by

the administration and users would use the same public modulus with others. Although the

public and private keys will be safely generated, it is shared among the respective people

in the organization which would allow an attacker to eavesdrop when any transactions are

being made. One of the solutions to this attack is to avoid sharing the modulus and use the

public-key cryptography which includes the exchanging of secret keys for symmetric

cryptosystems and the use of digital signatures.

6.5 Cycle Attack

As the name suggests, the attack is conducted in cycles, having the knowledge of

ciphertext, an attempt will be made to encrypt the ciphertext repeatedly until the plaintext

can be seen. While on the loop, the numbers of cycles are counted are used to decrypt the

ciphertext. Although this is a possible attack, it would be an impractical attack as it takes a

very long time to cycle large prime factors. The suggested remedy for this attack by Kileen,

2001 is to use the public exponent of the public key to re-encrypt the text. Although he

stated that any exponent that is co-prime to totient function r, would work, he suggested

that the use of 216 - 1 with the use of a fast binary method is what is commonly used in the

RSA algorithm due to its efficiency.

7/29/2019 325 report

15/71

B131590

2012


7.0 Using OAEP to Enhance RSA Security

OAEP is short for Optimal Asymmetric Encryption Padding which was invented by Mihir

Bellare and Phillip Rogaway with enhancement by Don B. Johnson and Stephen M. Matyas.

It is a padding method that is used to increase the security of RSA algorithm that produced

a scheme called RSA-OAEP. It was designed based on a trapdoor permutation (RSA) and

taking the counter measuring of chosen plaintext attack (IND-CPA) into account when

designing this algorithm. When combined with RSA, it is proven to be able to resist the

chosen ciphertext attack. Upon testing, it was ascertained that OAEP satisfies two main

aims, the first one when it could change a deterministic encryption scheme such as RSA

into a probabilistic scheme with an addition of an element of randomness and the second

one is it could prevent any partial decryption of ciphertexts by making certain that an

attacker would not be able to recover any part of the original text without being able to

invert the trapdoor one-way permutationf, which is a public key.

8.0 Implementation

Four sets of implementation will be carried out in this project to compare the efficiency of

the four different methods used in doing the encryption and decryption process. Using the

time package in C++, the difftime will determine the results in this observation which will

be shown in the Results and Testing section later on in the documentation.

8.1 Initial Implementation

The first implementation is a very simple and basic program for RSA algorithm. It is

designed to test if the algorithm could be put into coding. Although the iprecision library is

utilized in this phase, small prime integers were used for working functionality. For that

reason, check_prime() is implemented to verify the prime numbers that were received

from user via console input. The function can only work with small integers. To determine

the e and d value, the Euler Euclid and extended Euclid algorithm are implemented

respectively. However, the formula to calculate the encryption and decryption using the

power and modulus method are as below:

c1 = power(m,e);

7/29/2019 325 report

16/71

B131590

2012


c = c1 % n;

These formulae are very inefficient and take a long time to process both encryption and

decryption. The use of the power() function as can be seen beneath, definitely causes

extended time in the processing.

int_precision power(int_precision a, int_precision b){

int_precision c=a;

for (int n=b; n>1; n--)

c*=a;

return c;

}

The selected code for this phase of implementation is attached in the Appendix A

8.1.1 Experiment Settings

The prime numbers to be tested in this phase will be small integers. Two sets of tests are

conducted in the example illustrated in the figures below. The first sets of prime numbers

are 17 and 23, and the second sets are 79 and 97. Both the functions ofpower() and

check_prime() work perfectly, including the Euclid and extended Euclid algorithm. This

method altogether has shortcomings, such as an unnecessary long calculating time due to

inefficient method ofpower(), while check_prime() can only be used in small number.

From the Figure 1 below, in the test, the values of p and q are tested for their prime

validation, and the result returns that they are both prime numbers. The function to check

the prime number is as illustrated below; however, it can only be used by small numbers.

int check_prime(int_precision i)

{

int_precision count; int mod;

int check = 0;

if( (int) ( i % (int_precision)2 ) == 0 )

return 1;

for(count=3; count * count

7/29/2019 325 report

17/71

B131590

2012


mod = i % count;

if(mod == 0) //Statement to change the variable 'check' to

1 if the number gets divided

{

check = 1; //meaning its not prime

}

}

return check;

}

In the first test is we can note that we have e as 43 and das 131. This is a normal figure

where dis expected to have a bigger value than e which caused the decryption process to

be slower than encryption. This statement will be verified in the next test that was carried

out.

Figure 1 First set of test in initial implementation

7/29/2019 325 report

18/71

B131590

2012


Figure 2 Second test on the initial implementation

As can be seen in the Figure 2 above, the value ofe is 43 and dis 1219 which results in the

0 second encryption and 57 seconds decryption process. For a small number, 57 seconds is

considered very slow and this needs to be improved.

8.1.2 Issues Arising During Initial Implementation

The use of a simple power and modulus formula is very inefficient even when used with

small numbers. Thepower() function is also very inefficient as it will take a long time to do

the calculation. These issues will be resolved in the next implementation.

8.2 Improved Encryption and Decryption Method Implementation

The improved implementation also uses the same algorithm in determining the public and

private keys but an improved method of encryption and decryption is used replacing the

simple power() function with the use of the simple multiply and modulus technique, in

7/29/2019 325 report

19/71

B131590

2012


order to know the time taken for encryption to take place. The simple_multiply_modulus()

function is defined as illustrated below:

int_precision simple_multiply_modulus(int_precision ex_1, int_precision m_1,int_precision n_1){

int_precision c, x, e1;

c = 1;

x = m_1;

e1 = ex_1;

n = n_1;

//This is the simple multiply and modulus formula - Improved

Implementation

for(int i = 0; i < e1;i++)

c = c * x % n;c = c % n;

return c;

}

Three sets of test are conducted for this implementation, taking the number of digits being

the prime numbers, for example 103 has three digits. The first experiment in this phase is

to input two prime numbers of two digits below 30 that are 19 and 23. The second and

third experiment is to input two prime numbers with three digits which are 281 and 173,

with values of e, m and d as 9897, 100 and 31513, and for third values are 433 and 547,

with values of e, m and d as 8999, 100 and 146519. There are big differences in time or the

encryption and especially decryption.

7/29/2019 325 report

20/71

B131590

2012


Figure 3 Test 1 of Simple multiply and modulus method


7/29/2019 325 report

21/71

B131590

2012


8.2.2 Issues Arising During Improved Implementation

The simple multiply and modulus method has a better efficiency compared to the power

method in the initial implementation as it can support a larger number. Nevertheless, it is

still inefficient when being tested with bigger number than what has been tested, that is

around a value of 600, would take more than half an hour to process the encryption and

decryption. Due to that, next implementation would try to increase the efficiency of the

method.

8.3 Further Improved Encryption and Decryption Algorithm

Implementation


7/29/2019 325 report

22/71

B131590

2012


The first and second implementations are to make sure that the algorithm is able to be

implemented into code and is able to run, hence the simple algorithm.

Moving on to a more efficient code, the encryption process, producing the ciphertext will

be calculated using the square and multiply algorithm which proves to be more efficient

than the previous way. The codes are as shown below

//calculate ciphertext - encryption

ctext = power(m,e); ctext = ctext % n;

and the revised way; using the square and multiply techniques code is as follows:

//calculate ciphertext - encryption - using square and multiply algorithm

c = 1;

while (e1 > zero)

{

if (e1 % 2 == one)

c = c * x % n;

x = x * x % n;

e1 = e1/two;

}

return c;

Much bigger numbers are now able to be tested. A proper algorithm is now constructed,

having four functions, euclid(), extended_euclid() and square_and_multiply() in the coding,

each for public key creation, private key creation and the encryption and decryption

function, respectively. Timers in this implementation have also been added for the time it

takes to process e and d.

More to this implementation is file storage for the prime factors, keys and message will be

added to the implementation. Having this implemented, the project can now offer user to

either choose whether to create keys from scrape or they choose the ones saved to file

from the previous run of the program. The int_precision value namely p, q, (e,n), (d, n) will

first be converted to string to store the value in string form using the formula below:

in_p = fopen("in_p.txt","w"); // just write. "w"

std::string sP;

sP = _int_precision_itoa(&p);

7/29/2019 325 report

23/71

B131590

2012


if (in_p == NULL)

{

perror("Error opening the file");

exit(0);

}

else{

fprintf(in_p, "%s\n", sP.c_str());}

fclose(in_p);

When reading the values from file, it is converted back to int_precision.

The first test to be conducted in this phase is the use of large numbers of 10, 20, 50 and

300 digit number. Following figures are the example conducted.

Figure 6 Test of 10 digits numbers on square and multiply algorithm

7/29/2019 325 report

24/71

B131590

2012


From Figure 6 and Figure 7, the tests are on 10 digits number ofp and q, which results in

19 digits n. The encryption exponent is again a smaller value than the decryption exponent

which results in encryption in 0 second and decryption in 2 seconds. A comparison of the

plain text (message) and the decrypted text is being made to ensure the decryption is

working. Figure 6 displays the test on file storage, when users entered the ffor the choice

of extracting keys from file. It extracts the values from the previous (Figure 6)s

computations and uses it as its value assigning to the corresponding values. The text files

that are storing these values can be seen in the following pages.

Figure 7 Test for file storage

7/29/2019 325 report

25/71

B131590

2012


Bearing in mind that the values that are being stored are those that were saved during

Figure 6s program run. in_e.txt and in_d.txt each is storing the public and private keys,

(e,n) and (d,n) respectively. As the user chose to extract the saved keys (Figure 7), these

values are used, except for the message ms value. Users are prompted for a new message

to be encrypted and decrypted.

The next figures are the test of 20, 50 and 300 digit numbers where the results of increase

in time of processes in each increase of number of digits.

Figure 8 Files that store values of p,q,e,d and m from Figure 6

7/29/2019 325 report

26/71

B131590

2012


Figure 9 Test of 20 digits of square and multiply algorithm

7/29/2019 325 report

27/71

B131590

2012


Figure 10 Test for 50 digits for square and multiply algorithm

7/29/2019 325 report

28/71

B131590

2012


Figure 11 Test of 300 digits of square and multiply algorithm

7/29/2019 325 report

29/71

B131590

2012


The tests on large numbers which maximum digit number is 300 are successful for both

encryption and decryption. The results for timing of these various tests will be discussed in

the section 9.0 on comparison of techniques.

8.3.1 Issues Arising During Further Improved Implementation

The main issue in this implementation is that the users input of prime numbers for p and q

are not able to be verified for its prime. However, due to time constraint, the prime

validator for large numbers could not be implemented. Therefore users must make sure

that the entered values for p and q are both prime number. Second issue is its decryption

process is taking too long, as it has a bigger value of d to be computed. Therefore in the

final implementation, an advance technique will be implemented to have a faster

decryption algorithm

8.4 Improvised Decryption Technique in the Algorithm : CRT

The decryption process in the last section is taking too long for any specified digit numbers

selected. Therefore an advance technique is being implemented replacing the square and

multiply method for decryption with CRT method. The tests are conducted together with

the previous method for comparison purposes.

There are three tests conducted, having 70, 100 and 300 digits into tests as can be seen in

the figures in the following pages.

7/29/2019 325 report

30/71

B131590

2012


Figure 12 Test 1 for CRT method with 70 digits

7/29/2019 325 report

31/71

B131590

2012



7/29/2019 325 report

32/71

B131590

2012



7/29/2019 325 report

33/71

B131590

2012


The CRT method was able to be implemented and is perfectly functioning after being

tested to the maximum digit number. As mentioned earlier in the section 5.4, Chinese

Remainder Theorem (CRT) is an advance decryption technique that was design to speed

up and improve efficiency of the decryption process. Its algorithm of processing modulo p

and q instead of n works the magic of speeding up the process, even though there are more

to be computed, the numbers are smaller. The results of the comparison will again be

discussed in the section 9.0

8.7 Issues Arising During Improvision

The CRT has managed to speed up the time to decrypt messages by the formula of:

h = q-1 * (Mp - Mq) (mod p)

P = Mq + (h * q)

Due to time constraint, this project could only do a less efficient way to convert formula

above into C++ code as below

h1 = (qinv * (mp-mq));

//call the modular()

h = modular(h1,p);

ptextcrt = mq + (h * q);

which in the observation slows down the computation. The CRT has only managed to cut

down half of the time rather than four times as has been claimed by the developers.

9.0 Efficiency Comparison

This project has been implementing several techniques and methods to compare the

efficiency of the different techniques. To have a valid comparison, the use of identical sets

of values is being carried out as can be seen earlier in the sections of this paper. Following

will be the results comparison graphs from the methods compared.

7/29/2019 325 report

34/71

B131590

2012


9.1 Simple multiply and modulus method Vs Square and Multiply

Method

Figure 15 Time Taken for Encryption in Seconds

Figure 15 is a graph that shows the results in second for the encryption time. The first set

was a comparison between simple multiply and modulus of m, e and dbeing 100, 43 and

175. The second and third experiment is to input two prime numbers with three digits

which are 281 and 173, with values of e, m and d as 9897, 100 and 31513, and for third

values are 433 and 547, with values of e, m and d as 8999, 100 and 146519. Meanwhile

Figure 16 in the next page is showing the results of decryption time.

Almost all the results of using square and multiply tests shows 0 second, due to the small

prime numbers being used, while using simple multiply and modulus have a varying

results of 0, 15 and 21 second for encryption and 0, 120 and 611seconds for decryption.

The time difference in the decryption is pretty big and therefore proven that the simple

and multiply method is very inefficient. For that fact, further comparison is nearly

unbearable to perform as it took a very long time to process the decryption by simple

multiply and modulus method.

0

15

21

0

10

0

5

10

15

20

25

Test 1 Test 2 Test 3

Simple multiply and

modulus

Square and Multiply

7/29/2019 325 report

35/71

B131590

2012


Figure 16 Time Taken for Decryption in Seconds

9.2 Square and Multiply Vs CRT

Figure 17 Time Taken for Decryption in Seconds

0

120

611

0 0 00

100

200

300

400

500

600

700


Simple multiply and

modulus

Square and multiply

115205

2780

55 99

1217

0

500

1000

1500

2000

2500

3000


Square and multiply

CRT

7/29/2019 325 report

36/71

B131590

2012


Figure 17 shows the difference of time to process between square and multiply and CRT in

decryption process. The first test was tested for a 70 decimal digits, while test 2 and test 3

are 100 and 300 respectively. The average difference between the two methods is

115/55 = 2.0909

205/99 = 2.0707

2780/1217 = 2.284

(2.0909 + 2.0707 + 2.284) / 3 = 2.149

The method of CRT in this project manages to pull up the speed of decryption by 2.149

times due to the inefficient method in C++ code chosen in this project.

11.0 Conclusion

11.1 Comparison of Implementation

The first implementation was using the simple power function, which proved to be very

inefficient especially for large numbers. It also performed prime checking in that phase and

worked fine with small numbers. While in the second implementation, the prime checking

is already proven to be very time consuming.

The second implementation is to use the simple multiply and modulus technique which

was more efficient than the first technique but is not sufficient for large number which is

not good enough for RSA as it deals with very large number and may increase in the size as

well.

The third implementation is using the fast exponential technique, the square and multiplytechnique which is the current technique being used in the RSA. The encryption process

proved to be very fast and efficient, but the decryption is still taking a long time.

In every method, encryption is always faster than decryption because although the same

method is being used, the encryption exponent e is smaller than decryption exponent d,

making it faster to compute than d factor. However, there is an advanced technique that

7/29/2019 325 report

37/71

B131590

2012


has been designed specifically to reduce the time taken to process decryption. This project

proved that using Chinese Remainder Theorem, the decryption processing time is reduced

by at least half the processing time of the square and multiply technique.

11.2 Problem Encountered During Implementation

Despite the proven efficiency of the techniques being used in this project, it seems like it

still wouldnt be efficient enough as compared to real RSA application of encryption and

decryption algorithm. This may be due to the arbitrary arithmetic precision library

package that is being used in this project itself, the iprecision library. The developer of the

library has been working with improving the library from time to time and it was proven

that more efficient way could be achieved to lessen the time taken for encryption and

decryption.

To support this statement, a simple test has been conducted to multiply a 10000 times of

two numbers and the time taken to do so is quite long, using this library.

int main()

{

int_precision a, mul1, mul2, ans;

time_t start, end; // for timer

double diff;

a = "11111111111111111111111111111111111111111111" ;

time(&start);

for (int i = 1; i < 10000; i++)

{

mul1 = a * 7;mul2 = a * 9;

ans = mul1 * mul2;

a = a + 123456789;

}

time(&end);

diff = difftime(end, start);

7/29/2019 325 report

38/71

B131590

2012


cout

7/29/2019 325 report

39/71

B131590

2012


The several implementations this project have proved that the choice of algorithm has

effects on the efficiency of the RSA encryption and decryption process. A simple power and

modulus system would take the longest time to decrypt while the most efficient method to

encrypt is the fast exponent method better known as square and multiply method and for

decryption is the CRT advanced technique. This method can contribute to the efficiency of

the algorithm, and so too can the choice of library package of arbitrary arithmetic

precision. The ability of the library would determine how fast it could encrypt and decrypt

a message.

11.4 Future Works

This project is aimed to evaluate and implement the RSA algorithm, due to time

constraints, only a few different methods could be analyzed and compared. There is much

more work in this area that could be done in the future. Implementing the prime validator

such as the AKS (A grawalKayalSaxena test) library, would be an excellent start as afurther project. It would open up many more evaluation of techniques and revised

algorithm. Next we could consider implementing advanced techniques and revised

algorithms such as the padding scheme, Optimal Asymmetric Encryption Padding, OAEP.

OEAP could be used to prevent current attacks being carried out such as block cipher

attacks. In addition, one might want to use a different arbitrary arithmetic precision library

for comparison purposes and to evaluate the efficiency using different library packages.

7/29/2019 325 report

40/71

B131590

2012

a

Bibliography

Aboud, S. J. (2009). An Efficient Method for Attack RSA Scheme.Journal of IEEE, 587-591.

Barker, E., Barker, W., Burr, W., Polk, W., & Smid, M. (2007, March). Computer Security.

Recommendation for Key Management - Part 1 : General (Revised). NIST National

Institute of Standard and Technology.

Bronson, G. J. (c1999). C++ for engineers and scientists . Pacific Grove ; London : PWS Pub .

Bronson, G. J. (c2001).A first book of ANSI C. Pacific Grove, CA : Brooks/Cole .

Caldwell, P. C. (1994-2012). Random Small Primes. Retrieved July 28, 2012, from The Prime

Pages: http://primes.utm.edu/lists/small/small.html

Dierks, T., & Rescorla, E. (2008). The Transport Layer Security (TLS) Protocol Version 1.2.

IETF.

Fred W. Atkinson, I. (1996, April). Mishmash. Retrieved September 10, 2012, from PGP

Encryption: http://www.mishmash.com/fredspgp/pgp.html

Freier, A. O., Karlton, P., & Kocher, P. C. (2011). The Secure Socket Layer Protocol Version

3.0. Internet Engineering Task Force (IETF).

Iyappan, P., Arvind, K., Vanitha, S., & Geetha, N. (2009). Pluggable Encryption Algorithm In

Secure Shell(SSH) Protocol.2009 Second International Conference on Emerging

Trends in Engineering & Technology, 808-813.

Key size. (2001). Key size. Retrieved September 9, 2012, from Wikipedia:http://en.wikipedia.org/wiki/Key_size

Killeen, R. (2001). Possible Attacks on RSA. Retrieved September 6, 2012, from RSA:

Hacking and Cracking: http://members.tripod.com/irish_ronan/rsa/attacks.html

Kirk, J. (1998-2012). Researcher: RSA 1024-bit Encryption not Enough. Retrieved September

9, 2012, from PCWorld:

http://www.pcworld.com/article/132184/researcher_rsa_1024bit_encryption_not

_enough.html

Salomaa, A. (c1996). Public-key cryptography. Berlin ; London : Springer.

Schneier, B. (1963-1964).Applied cryptography : protocols, algorithms, and source code in C

. New York ; Chichester : Wiley .

Stallings, W. (2006). Cryptography and network security : principles and practices. Pearson

Education.

Stinson, D. R. (2002). Cryptography : theory and practice. Chapman & Hall/CRC.

7/29/2019 325 report

41/71

B131590

2012

b

Tan, W., Wang, X., Lou, X., & Pan, M. (2011). Analysis of RSA based on Quantitating Key

Security Strength. Procedia Engineering, 15.

Vestermark, H. (2002-2012).Arbitrary precision package. Retrieved June 17, 2012, from

Numerical Methods: http://www.hvks.com/Numerical/arbitrary_precision.html

Zhang , Y., Zheng, X., & Peng, B. (2008). A Side-channel Attack Countermeasure Based on

Segmented Modular Exponent Randomizing in RSA Cryptosystem.2008 11th IEEE

Singapore International Conference on Communication Systems, 148-151.

7/29/2019 325 report

42/71

B131590

2012

a

Appendix A

Code for initial implementation

// rsa_p2.cpp : Defines the entry point for the console application. #include"stdafx.h"#include#include#include#include#include#include#include#include"iprecision.h"

usingnamespace std;

int_precision power(int_precision a, int_precision b){

int_precision c=a;for (int n=b; n>1; n--)

c*=a;return c;

}

int check_prime(int_precision i){

int_precision count; int mod;

int check = 0;if( (int) ( i % (int_precision)2 ) == 0 )

return 1;

for(count=3; count * count

7/29/2019 325 report

43/71

B131590

2012

b

int_precision r,m; // calculated in the program r = (p-1)(q-1)int_precision a, b; //random number for eint_precision e1, r1, quo,rem; // e's variables.int_precision ra,rb;time_t startEncrypt, endEncrypt, startDecrypt, endDecrypt; // for timerdouble diffEncrypt, diffDecrypt; // for timerbool prime_x, gcd_x = false;

int_precision one = 1, two = 2, zero = 0;

//loop to check prime numbers entereddo{

//Prompt users to enter 2 values to be assigned to the respectivevariables.

cout

7/29/2019 325 report

44/71

B131590

2012

c

quo = r1 / e1;rem = r1 % e1;r1 = e1;e1 = rem;

}

if (rem == zero && r1 == one)

{gcd_x = true;//then it means that gcd(e,r) == 1e = a;

}}while (gcd_x == false || (e < two || e > r));

int limit = 50; //limit to small number for initial implementationcout

7/29/2019 325 report

45/71

B131590

2012

d

//calculate plaintexttext - decryption using simple power and modulus//d = v mod rif (v2 < zero){

d = r + v2;cout

7/29/2019 325 report

46/71

B131590

2012

a

APPENDIX B

Code for improved encryption and decryption implementation

// rsa_9.cpp : Defines the entry point for the console application. //// EDITED FROM :// rsa_7.cpp :

#include"stdafx.h"#include#include#include#include#include#include

#include#include#include#include"iprecision.h"

usingnamespace std;int_precision one = 1, zero = 0, two = 2, n, ctext;bool prime_x, gcd_x;

int_precision euclid(int_precision rnd_e, int_precision r_1){

int_precision p_e, e1, r1, quo, rem;

e1 = rnd_e;r1 = r_1;quo = r1 / e1;rem = r1 % e1;r1 = e1;e1 = rem;

while(rem != zero){


}

if (rem == zero && r1 == one){

gcd_x = true;p_e = rnd_e;

}else{

//cout

7/29/2019 325 report

47/71

B131590

2012

b

gcd_x = false;}return p_e;

}

int_precision extended_euclid(int_precision r_2, int_precision e_2){

int_precision p_d;//calculating plaintext from ciphertext.//calculate d. using extended euclid algorithmint_precision s1, s2; int s3;int_precision quod, u1, u2, u3a, u3b, v1,v2,v3a,v3b;

s1 = r_2;s2 = e_2;s3 = s1 % s2; //remainderu1 = 1; u2 = 0;v1 = 0; v2 = 1;

quod = s1 / s2;

while (s3 != 0){

u3a = quod * u2; u3b = u1 - u3a;v3a = quod * v2; v3b = v1 - v3a;s1 = s2; u1 = u2; v1 = v2;s2 = s3; u2 = u3b; v2 = v3b;s3 = s1 % s2;quod = s1 / s2;

}

//d = v mod rif (v2 < zero)

{ p_d = r_2 + v2;}else{

p_d = v2 % r_2;}return p_d;

}

int_precision simple_multiply_modulus(int_precision ex_1, int_precision m_1,int_precision n_1){


c = 1;x = m_1;e1 = ex_1;n = n_1;

//This is the simple multiply and modulus formula - Revised Implementationfor(int i = 0; i < e1;i++)

c = c * x % n;c = c % n;

7/29/2019 325 report

48/71

B131590

2012

c

return c;}

int_precision square_and_multiply(int_precision ex_1, int_precision m_1,int_precision n_1){


c = 1;x = m_1;e1 = ex_1;n = n_1;

//This is square and multiply method. Improved Implementation.while (e1 > zero){

if (e1 % 2 == one)c = c * x % n;

x = x * x % n;e1 = e1/two;

}return c;

}

int main(){

int_precision p, q; // p and q values - prime numbers ****************randomly generated and check if its prime. library for checking prime numbers

int_precision ptext; // cipher textint_precision e, d; // for the encryption and decryption value.

**********************key from file optionint_precision r, m; // calculated in the program r = (p-1)(q-1)

**********m fileint_precision a, b; //random number for eint e1, r1, quo,rem; // e's variables.

int ra,rb;time_t startEncrypt,endEncrypt, startDecrypt, endDecrypt; // for timerdouble diffEncrypt,diffDecrypt; // for timerchar cont;srand(time (NULL));char method;

while (1){

cout

7/29/2019 325 report

49/71

B131590

2012

d

cin>>e;cout

7/29/2019 325 report

50/71

B131590

2012

e

cout

7/29/2019 325 report

51/71

B131590

2012

a

APPENDIX C

Code for further improved encryption and decryption

implementation

// rsa_7.cpp : Defines the entry point for the console application.

#include"stdafx.h"#include#include#include#include#include#include#include

#include#include#include"iprecision.h"//arbitrary arithmetic precision library

usingnamespace std;int_precision one = 1, zero = 0, two = 2, n, ctext;bool prime_x, gcd_x;



e1 = rnd_e;

r1 = r_1;quo = r1 / e1;rem = r1 % e1;r1 = e1;e1 = rem;

while(rem != zero){


}



}else{

//cout

7/29/2019 325 report

52/71

B131590

2012

b

}return p_e;

}

int_precision extended_euclid(int_precision r_2, int_precision e_2){

int_precision p_d;

//calculating plaintext from ciphertext.//calculate d. using extended euclid algorithmint_precision s1, s2; int s3;int_precision quod, u1, u2, u3a, u3b, v1,v2,v3a,v3b;

s1 = r_2;s2 = e_2;s3 = s1 % s2; //remainderu1 = 1; u2 = 0;v1 = 0; v2 = 1;

quod = s1 / s2;

while (s3 != 0){

u3a = quod * u2; u3b = u1 - u3a;v3a = quod * v2; v3b = v1 - v3a;s1 = s2; u1 = u2; v1 = v2;s2 = s3; u2 = u3b; v2 = v3b;s3 = s1 % s2;quod = s1 / s2;

}

//d = v mod rif (v2 < zero){

p_d = r_2 + v2;}else{

p_d = v2 % r_2;}return p_d;

}

int_precision square_and_multiply(int_precision ex_1, int_precision m_1,int_precision n_1){

int_precision c, x, e1;c = 1;

x = m_1;e1 = ex_1;n = n_1;

while (e1 > zero){

if (e1 % 2 == one)c = c * x % n;

x = x * x % n;e1 = e1/two;

7/29/2019 325 report

53/71

B131590

2012

c

}return c;

}

int main(){

int_precision p, q; // p and q values - prime numbers ****************

randomly generated and check if its prime. library for checking prime numbersint_precision ptext; // cipher text//int_precision n; // caculated in the program n = p * qint_precision e, d; // for the encryption and decryption value.

**********************key from file optionint_precision r, m; // calculated in the program r = (p-1)(q-1)

**********m fileint_precision a, b; //random number for eint e1, r1, quo,rem; // e's variables.int ra,rb;time_t startE, startEncrypt, endE, endEncrypt, startD, endD, startDecrypt,

endDecrypt; // for timerdouble diffE, diffEncrypt, diffD, diffDecrypt; // for timerFILE *input, *in_p, *in_q, *in_e, *in_d, *in_msg;

srand(time (NULL));bool opt;char key_opt;char cont, nada;cout

7/29/2019 325 report

54/71

B131590

2012

d

//Call public key creation function, euclid();//record the time to generate encryption exponenttime(&startE);//a loop to obtain a valid encryption valuedo{

b = rand()%limite + two; //generate random

number for eif (b != r)

a = b;e = euclid(a, r);

}while (gcd_x == false || (e < two || e > r));

time(&endE);diffE = difftime(endE, startE);cout

7/29/2019 325 report

55/71

B131590

2012

e

{cout

7/29/2019 325 report

56/71

B131590

2012

f

do{

cout

7/29/2019 325 report

57/71

B131590

2012

g

//to store p value (key) to a file to allow user to choose fromexisting keys

in_p = fopen("in_p.txt","w"); // just write. "w"std::string sP;sP = _int_precision_itoa(&p);if (in_p == NULL){

perror("Error opening the file");exit(0);

}else{


fclose(in_p);

//to store q value (key) to a file to allow user to choose fromexisting keys

in_q = fopen("in_q.txt","w"); // just write. "w"std::string sQ;sQ = _int_precision_itoa(&q);if (in_q == NULL){


}else{

fprintf(in_q, "%s\n", sQ.c_str());}

fclose(in_q);

//to store e value (key) to a file to allow user to choose fromexisting keysin_e = fopen("in_e.txt","w"); // just write. "w"std::string sE, sN;sE = _int_precision_itoa(&e);sN = _int_precision_itoa(&n);

std::string arrFile[2] = {sE, sN};if (in_e == NULL){


}else

{for (int g = 0; g < 2; g++){

fprintf(in_e, "%s\n", arrFile[g].c_str());}

}rewind(in_e);fclose(in_e);

7/29/2019 325 report

58/71

B131590

2012

h

//to store d value (key) to a file to allow user to choose fromexisting keys

in_d = fopen("in_d.txt","w"); // just write. "w"std::string sD;sD = _int_precision_itoa(&d);

std::string arrFile1[2] = {sD, sN};

sD = _int_precision_itoa(&d);if (in_d == NULL){


}else{

for (int h = 0; h < 2; h++){

fprintf(in_d, "%s\n", arrFile1[h].c_str());}

}rewind(in_d);fclose(in_d);

in_msg = fopen("in_msg.txt","w"); //just one msg per file.std::string sM;sM = _int_precision_itoa(&m);if (in_msg == NULL){


}else{

fprintf(in_msg, "%s\n", sM.c_str());

}

fclose(in_msg);

//ask user if they still want to use the programcout

7/29/2019 325 report

59/71

B131590

2012

a

APPENDIX D

Code for Improvised Decryption Technique Implementation

// rsa_10.cpp : Defines the entry point for the console application. // Implementing CRT//// EDITED FROM :// rsa_7.cpp

#include"stdafx.h"#include#include#include#include

#include#include#include#include#include#include"iprecision.h"//arbitrary arithmetic precision library

usingnamespace std;int_precision one = 1, zero = 0, two = 2;bool prime_x, gcd_x;

int_precision modular(int_precision a, int_precision b){

return (a % b + b) % b;}



e1 = rnd_e;r1 = r_1;quo = r1 / e1;rem = r1 % e1;r1 = e1;e1 = rem;

while(rem != zero){quo = r1 / e1;rem = r1 % e1;r1 = e1;e1 = rem;

}


7/29/2019 325 report

60/71

B131590

2012

b


}else{

//cout

7/29/2019 325 report

61/71

B131590

2012

c

while (e1 > zero){

if (e1 % 2 == one)c = c * x % no;

x = x * x % no;e1 = e1/two;

}return c;

}

int main(){

int_precision p, q; // p and q values - prime numbersint_precision ptext, ctext; // cipher textint_precision n; // caculated in the program n = p * qint_precision e, d; // for the encryption and decryption value.int_precision r, m; // calculated in the program r = (p-1)(q-1)int_precision a, b; //random number for eint e1, r1, quo,rem; // e's variables.int ra,rb;time_t startE, startEncrypt, endE, endEncrypt, startD, endD, startDecrypt,

endDecrypt; // for timerdouble diffE, diffEncrypt, diffD, diffDecrypt; // for timerFILE *input, *in_p, *in_q, *in_e, *in_d, *in_msg;

//crt's variablesint_precision dp, dq, pinv, qinv, mp, mq;time_t startCrt, endCrt;double diffCrt;

srand(time (NULL));bool opt;char key_opt;

char cont, nada;cout

7/29/2019 325 report

62/71

B131590

2012

d

n = p * q;int_precision raa = p - one;int_precision rbb = q - one;r = raa * rbb;

cout

7/29/2019 325 report

63/71

B131590

2012

e

{getline(in_q,sq);char* sqc = (char*)malloc( sizeof( char )

*(sq.length() +1) );strcpy( sqc, sq.c_str() );int_precision qc(sqc); q = qc;cout

7/29/2019 325 report

64/71

B131590

2012

f

}else//when user input other than c or f{

opt = false;cout

7/29/2019 325 report

65/71

B131590

2012

g

if ( m == ptext )cout

7/29/2019 325 report

66/71

B131590

2012

h

//to store p value (key) to a file to allow user to choose fromexisting keys

in_p = fopen("in_p.txt","w"); // just write. "w"

//converts p to store it into file in string formatstd::string sP;sP = _int_precision_itoa(&p);

if (in_p == NULL){


}else{


fclose(in_p);

//to store q value (key) to a file to allow user to choose fromexisting keys

in_q = fopen("in_q.txt","w"); // just write. "w"std::string sQ;sQ = _int_precision_itoa(&q);if (in_q == NULL){


}else{

fprintf(in_q, "%s\n", sQ.c_str());}

fclose(in_q);

//to store e value (key) to a file to allow user to choose fromexisting keys

in_e = fopen("in_e.txt","w"); // just write. "w"std::string sE, sN;sE = _int_precision_itoa(&e);sN = _int_precision_itoa(&n);

std::string arrFile[2] = {sE, sN};if (in_e == NULL){


}else{

for (int g = 0; g < 2; g++){

fprintf(in_e, "%s\n", arrFile[g].c_str());}

}rewind(in_e);fclose(in_e);

7/29/2019 325 report

67/71

B131590

2012

i

//to store d value (key) to a file to allow user to choose fromexisting keys

in_d = fopen("in_d.txt","w"); // just write. "w"std::string sD;sD = _int_precision_itoa(&d);

std::string arrFile1[2] = {sD, sN};sD = _int_precision_itoa(&d);if (in_d == NULL){


}else{

for (int h = 0; h < 2; h++){

fprintf(in_d, "%s\n", arrFile1[h].c_str());}

}rewind(in_d);fclose(in_d);

in_msg = fopen("in_msg.txt","w"); //just one msg per file.std::string sM;sM = _int_precision_itoa(&m);if (in_msg == NULL){


}else

{ fprintf(in_msg, "%s\n", sM.c_str());}

fclose(in_msg);

cout

7/29/2019 325 report

68/71

B131590

2012

j

7/29/2019 325 report

69/71

B131590

2012

a

APPENDIX E

Flow of Algorithm for Improvised Decryption Technique in

Algorithm

Let user know the option of key creation :

i Press c to create own key or

If choice = c; Ask user to input two relatively prime numbers for p and q values Calculate n and r. n =p*q , r= (p-1)(q-1) Display r, the totient function Compute e value. EA timer startEwill be set just before generating a random

number for e using rand() function, to determine how long it takes to

generate and validate the encryption exponent value, e, which will be done

using the auclid() function taking the value ofe and ras the parameters. The

limit ofe will be between 2 and r-1 and must meet the condition of gcd(e,r) =

1 which will be verified by the Euclid algorithm.

The new value ofe will be generated until the check conditions are satisfied. Display the value ofe and the time it took to process it.

Ii Press f to choose existing key from file.

If choice = f; Open files for the values ofp, q, e, d, and n that has been stored from previous

use of the program.

Read the values from respective files and display on the command window. Calculate the value ofr. r= (p-1)(q-1). Display the rvalue.

Iii Press either c or f

If choice != f or c Display error message if user input other characters other than c or f.

iv Prompt user to enter message to be encrypted.

The message will be checked if it is within range that must be more than 2 andless than n-1. User will be prompted to re-enter the value of message if the

message entered earlier is not within the range set earlier until the condition is

7/29/2019 325 report

70/71

B131590

2012

b

met.

Assign message to the variable m.v Display the public key as (e, n)

vi Perform encryption, calling the function square_and_multiply() having e, m and n as

parameters.

Another timer will be set to record the time it takes to process the encryption.The encryption will be done using the square and multiply method which results

will be assigned to ctextvariable and display to user alongside the time taken to

encrypt the message.

vii Generate decryption exponent, d, using extended_euclid() function having rand e as

parameters;

Timer is set. D is calculated using the extended Euclid algorithm. Return dand time taken

viii Perform decryption, also using the same function of encryption, square_and_multiply

() having d, ctextand n as parameters.

Set timer Assigned the result to ptext variable and display to user with time taken for

decrypting the ciphertext.

ix. Compare the original message m with the decryptedptext

If both are equal, display a message of decryption is a success. Else, display a message of decryption is unsuccessful

ix. Perform CRTs calculation, using square_and_multiply() function

Compute dp, dq and qinv as part of private key taking p and q as modulardp = d % (p-1);

q = d % (q-1);

Call the extended_euclid() function to compute qinv

Calculate decryption using crt technique:o Start timer for CRT-based decryptiono

Calculate the mp and mq by calling the square_and_multiply() functiono Calculate h by calling the modular() function.o End the timero Display theptextcrtand the time it takes to decrypt using CRT technique

x. Compare theptextwith the CRT-based decryptedptextcrt

If both are equal, display a message of decryption is a success.

7/29/2019 325 report

71/71

B131590

2012

Else, display a message of decryption is unsuccessful

x. Store the variables of p, q and m to respective files of in_p.txt, in_q.txt, in_m.txt.

While in_e.txt will store the values of e and n, for public encryption keys, and in_d.txt

will store the values of d and n which indicates private keys for decryption.

These values in the files will be read if the user chooses the option of extractingexisting keys from files (choice = f).

xi. Ask if the user still wants to continue to use the program.

Enter any key to continue or enterxto exit and terminate the program If user enter any key, user will be program will welcome user once again and

start program from beginning

If user enters x, terminate the program

325 report

Documents