The RSA encryption algorithm is one
of the most widely used public key encryption algorithms that have ever been
invented. It was created by the three scientists Ronald Rivest, Adi
Shamir, and Leonard Adleman in 1977, and today it is increasingly being used in
the network area.
To generate the keys for RSA encryption and decryption, two large prime numbers p and q need to be found. With those two primes,the RSA will output three numbers, e, d and n. The user may choose either one of the first two number(e and d) as the private key, and the other one would serve as the public key. n is a common factor that needs to be combined with either one of e and d to form a key pair, so that the key pairs may be used by encryption and decryption procedures. For example, if the user choose e as the private key, e and n form a private key pair, and d and n will form a public key pair. Depending on the situation, the user may wish to use the either the private key pair or the public key pair to perform encryption, and keep the other key pair for decryption.
This applet simulates a simple sender/receiver communication process and uses the asymmetric encryption digital signiture to performs error detection.
Step 1:
First
the user (sender) needs to generate the RSA keys pairs before the encryption and
decryption procedures can be done. The user can click on the "Key
Generation" button to generate two keys and a common factor. Then the user is allowed to choose either one of the
two keys, and together with the common factor to form his/her private key pair,
which should be kept confidential. And the applet will
automatically pick the other key and the common factor to form a public key pair
for the user. In our applet, the sender will use the private key pair for
encryption, and the receiver will use the public key pair to decrypt the message.
Step 2:
After the keys are generated, the
sender is allowed to type the message to be sent to the receiver in the
text box that is enabled in the applet. After inputting the message, the
user may click on the encryption button and the following things happen:
1. A hash function is performed on
the plain text to generate a 20-byte long message digest.
2. The message digest is then
encrypted with the private key of the sender and thus produces a signature of
the message.
3. Both the signature and the
message itself are combined and displayed as the encrypted message in the text
box in the middle of the applet.
The above simulates the process of
an authenticated communication. When the receiver receives the encrypted
message digest and the message itself, he/she may use the public key of the sender to decrypt the signature and
recovers the message digest. At the same time, the receiver also performs
a hash operation on the message itself directly. If the message has been
altered for some reason during the communication process, the generated digest
will not match the received message digest, in addition, the message must come
from the sender as no one else has the encryption key that matches the public
decryption key used by the receiver. Therefore it means that the message
is authentic and is indeed from the sender.
Step 3:
To demonstrate the error detection
ability, the user is allowed to make
alteration on the encrypted message and/or the RSA keys, in order to simulate the error introduced
by noise or malicious alteration during a communication process. The
signature is performed character by character, therefore the applet is able to
detect which character has been altered during the communication and the total
number of erroneous characters.
When error detection ability is
lost:
The error detection ability of the
applet really relies on the strength of the hash function. As all the hash
functions, it is possible for different data to produce the same hash output.
In such cases, the error detection ability of the applet is lost.
One example:
When 17579 is used as the encryption
key, 139 is used as the decryption key, and 19519 is used as the common factor, the applet will convert the letter
'T' into a four character encrypted text '2a32'. If the second letter of
the encrypted text is changed into the 'b' and becomes '2b32', the applet will
not be able to detect the error, although the character is not decoded
correctly. This is caused by the conflict caused by the Hash function.
Implementation issue:
1. Our applet implements the RSA
encryption as the asymmetric encryption algorithm. Since the RSA
encryption is fairly complex, we use the 8-bit long encryption to demonstrate
the idea. Therefore the number of asymmetric key pair randomly generated
are quite small. Therefore it is easy to observe the case where the
applet's ability of error detection is lost.
2. The Hash algorithm we used in the
applet is SHA, and it produces a 20-byte-long message digest regardless of the
length of the input of the Hash. It is very easy to change the Hash
function to another one such as the MD5.
3. The RSA algorithm requires
heavy computational power therefore is rarely used to directly encrypt/decrypt
the message itself. Instead, the encryption is performed only on the
message digest.
More Detail Explanation of RSA
The key generation:
Encryption:
C = Pe % n
Decryption:
P = Cd % n
Note: P stands for the plain text, and C stands for the cipher text.