Cynic's Blog

RSA cryptosystems involves, a private key (which is kept private) and a public key, which is kept public i.e. known to everyone. The security of RSA hinges on the mathematically difficult problem of finding prime factorization of a very large number. Let's quickly disuss how a public, private key pair can be generated, Let, p and q be two large primes, then $n = q \times q$ $\phi(n) = (p-1) \times (q-1)$ Here, $\phi(n)$ is called euler's totient function Choose a random number $e$ such that, $e \in \left\{0,1,2...\phi(n)-1\right\}$ and $gcd(e,\phi(n)) = 1$ The gcd condition will ensure that we have an inverse of $e$ in $\mathbb{Z}_{26}$. Now, using extended euclidian algorithm one can get the inverse of e as d such that, $d \equiv e \pmod{\phi(n)}$ So, there we have it, the private key is $e$ and the public key is $(n,d)$. Few points to note here are, $p$ and $q$ are both $\geq 2^{512}$, although the recommened size is $2^{1024}$ $n$ is $\geq 2^{1024}$, although the recommended...

 Feistel Networks are building blocks of many stream cipher notably DES, SwordFish etc, wherein one performs a fixed number of rounds of the feistel network, for both excryptopn and decrypton. Feistel Network The abbreviations are as follows, F: Round function K i : Subkey for round i L i : Left half of the intermediate value at round i, L 0 would be the left half of clear text. R i : Right half of the intermediate value at round i, R 0 would be the right half of clear text. Micheal Luby and Charles Rackoff proved that,  If the round function is a cryptographically secure pseudorandom function, then 3 rounds are sufficient to make the block cipher a pseudorandom permutation, while 4 rounds are sufficient to make it a "strong" pseudorandom permutation. Strong psuedorandom permutation means that it remains pseudorandom even to an adversary who gets oracle access to its inverse permutation. Note that in one round of a feistal network, only the left half of the cleartext is enc...

 This is basically a basic building block for constructing a hash function based on Ralph Merkel's PhD thesis which basically states that,  if an appropriate padding scheme is used and the compression function is collision-resistant, then the hash function will also be collision-resistant Block Diagram for Merkel Damgard Construction Important things to consider, Padding IV Padding is basically a long string of 1 followed by as many number of 0s as required and ends with a binary representation of the message length. So to pad a message, 1001101, we pad it with 1001101[100000...00111], where the part inside square brackets are the padded bits.