Open xieyuschen opened 2 years ago
In RSA:
N=pq
ed = 1 mod φ(N)
φ(N) = (q-1)*(p-1)
The public key is (N,e)
, and the private key is d
. In a real case, message M could be encrypted:
C=M^d mod N
We can also use a public key to decrypt it:C^e mod N = (M^d)^e mod N = M^ed mod N
Here we need the Euler Theorem:x^φ(N) = 1 mod N
SoM<N
.M^ed mod N= M*M^ed-1 mod N = M mod N = M
.The RSA PUBLIC/PRIVATE KEY is not the key pair files we use in normal life, that file is a kind of RSA key expression, see RFC3447
In ECC, y^2 = x^3 + ax +b
. P = mQ
, both P
and Q
belong to F*p.
The key pair generator choose a random m
and Q
in curve, and then calculate P.
P
.m
.The public key encrypts and the private key decrypts:
a
, b
, P
, Q
are public.M
, could be converted to a point Qm
on the curve.r
.C = Qm + rP
.C
and rQ
.So we could decrypt by private key:
C = Qm + rP = Qm + r(mQ) = Qm + m(rQ)
Qm = m(rQ) - C
.it's an INVILIAD operation to encrypt a message with a private key. Signature instead.
Diffe-Hellman is used to exchange a private key during an unsafe communication channel. It is Not an encrypting algorithm.
a
andb
is the private key of the client and serverp
is a large primer number known by both sides. It's generated by the client side and sends it to the server side after verifying the signature from the server side. In practice, it is generated apseudo prime number
.g
is small for easy computing.A = g^a mod p
.B = g^b mod p
.A
andB
.The server and client exchanges:
A
,B
,g
andp
: So both side could calculate the session key:But the listener could only get
A
,B
,g
andp
. To get ana
from an equalisationA = g^a mod p
is a dlb(Discrete Logarithm Problem) question. It's imposible to get the anwser now.