RSA Overview
Previous articleWe learned about it.hash algorithmSo in this article, let's take a look at RSA.
First, let's look at the naming of the encryption algorithm. Interestingly enough, it's actually the name of three people. Back in 1977, three MIT mathematicians, Rivest, Shamir and Adleman, came up with the algorithm and named it after the first letters of their last names.
RSA encryption algorithmis anasymmetric encryption algorithmThe way it works breaks the rules of all previous encryption algorithms. Prior to RSA, all encryption methods followed the same pattern: the rules for encryption and decryption were the same. This centuries-old encryption scheme had a fatal flaw. When an encrypted message is transmitted, the decryption rules must be available to the other party in order for the message to be decrypted properly. Since the encryption and decryption rules are the same, it is not easy to save and transmit"Key.", it becomes the biggest headache.
The advent of RSA solved this problem. Let's see how RSA works.
RSA encryption/decryption
- utilizationpublic keyEncrypted data, utilizingprivate keydecrypt
- utilizationprivate keyEncrypted data, utilizingpublic keydecrypt
Yes, RSA encryption uses a "pair" of keys. These arepublic keycap (a poem)private keyThe public and private keys are actually numbers! Its binary bit length can be 1024 or 2048 bits. The longer the length of its encryption strength, so far the public can crack the maximum length of 768-bit key, as long as higher than 768-bit, relatively safe. So far, this encryption algorithm has been widely used.
Disadvantages of RSA
Since the principles of the RSA algorithm are all about large number counting, making the fastest case of RSA also faster than thesymmetric encryption algorithmIt is several times slower. Speed has always been the shortcoming of RSA, generally speaking, RSA is only used for small data encryption. The speed of RSA is corresponding to the same security level of symmetric encryption algorithms about 1/1000.
RSA Terminal Command Demo
Since OpenSSL (Open Source Cryptography Library) is built into the Mac system, we can play with RSA directly from the terminal using commands.
There are three main directives commonly used for the RSA algorithm in OpenSSL, the others are not described here.
| command | hidden meaning |
|---|---|
| genrsa | Generate and enter an RSA private key |
| rsautl | Encryption, decryption, signing and verification operations using RSA keys |
| rsa | Dealing with RSA key format conversion and other issues |
Generate RSA private key, the key length is 1024bit.
hank$ openssl genrsa -out 1024 Generating RSA private key, 1024 bit long modulus ..++++++ ..........................................++++++ e is 65537 (0x10001)
Extract public key from private key
hank$ openssl rsa -in -pubout -out writing RSA key
We can see the generated private and public key files as follows.
Key File
That's pretty cool, isn't it? So what's inside it, we can see with the terminal.
//View private key files hank$ cat -----BEGIN RSA PRIVATE KEY----- MIICWwIBAAKBgQDbGfA0XdkIpK5h2O9mg5o35pitxwiHDnlpBTCTUH+pkGMdDe6d 9nVQDr61QUEMWAgbnb/irTXh5VigGhHDbG/4kmVy1BgSfLxUx50jmm7jnvnS4Hrb 65g920x26gaBW+I9n9cHF/QShrqaNXP9DDeqhqNzdmrkaaAQQkQ9liN6awIDAQAB AoGAU0gdvNn7WES4oCrEfPQDF8KIQG3KOQPwdFHrr+NGU161veKA0/xNhTvFk8IV BqsjkdO5j2EFfTMfJ+Qg4maCfIZN+xknosXRUF3vz5CUz/rXwBupOlOiWFJbB6cV /Jee045DjiHjciip/ZVd8A2xnUEg4pIFUujAFPH+22t5TvkCQQD73bRqCQF9sWIA tBeNR10Mygx5wrwKvjgCvaawsgx82kuAb3CWR0G81GfU+lK0YaHdmcFHsAHlDncM OtY6IPnNAkEA3rKP6+/jUoylsJPWuN9LyuKjtAlsNtbWaYvs8iCNhLyV9hoWjvow AAZB1uWy5aLDtQI3v48beExwsJEFAlQtFwJASTkKU21s1or0T/oLgtJFdgtjlx6L JqBojjtus53/zWh1XNCJLddngCtMSHnCA5kCwvcJXvsHgf0zlQWh9GJT3QJAY0+q EwN1kpiaQzaKqQMbX6zWaDFTitkf4Q2/avLNaYZYMdnMeZJk2X3w2o6wyutc71m/ 1rNRAsLD9lmVrEYxnQJAEAHb0lsRgWe/sXX2attg4NbDsEExqDZ+7GGsyvqZn1Xg S/UPdt6rVkVQ3N7ZEPKV6SxwN9LySI4lVWmFWhCn6w== -----END RSA PRIVATE KEY----- //View public key files hank$ cat -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbGfA0XdkIpK5h2O9mg5o35pit xwiHDnlpBTCTUH+pkGMdDe6d9nVQDr61QUEMWAgbnb/irTXh5VigGhHDbG/4kmVy 1BgSfLxUx50jmm7jnvnS4Hrb65g920x26gaBW+I9n9cHF/QShrqaNXP9DDeqhqNz dmrkaaAQQkQ9liN6awIDAQAB -----END PUBLIC KEY-----
It's actually a text file, and it's easy to see that it's encoded in base64. So the public key is much simpler than the private key. We can convert the private key to plaintext with the command.
//Converted to plaintext messages
hank$ openssl rsa -in -text -out
writing RSA key
//View text messages
hank$ cat
Private-Key: (1024 bit)
modulus:
00:db:19:f0:34:5d:d9:08:a4:ae:61:d8:ef:66:83:
9a:37:e6:98:ad:c7:08:87:0e:79:69:05:30:93:50:
7f:a9:90:63:1d:0d:ee:9d:f6:75:50:0e:be:b5:41:
41:0c:58:08:1b:9d:bf:e2:ad:35:e1:e5:58:a0:1a:
11:c3:6c:6f:f8:92:65:72:d4:18:12:7c:bc:54:c7:
9d:23:9a:6e:e3:9e:f9:d2:e0:7a:db:eb:98:3d:db:
4c:76:ea:06:81:5b:e2:3d:9f:d7:07:17:f4:12:86:
ba:9a:35:73:fd:0c:37:aa:86:a3:73:76:6a:e4:69:
a0:10:42:44:3d:96:23:7a:6b
publicExponent: 65537 (0x10001)
privateExponent:
53:48:1d:bc:d9:fb:58:44:b8:a0:2a:c4:7c:f4:03:
17:c2:88:40:6d:ca:39:03:f0:74:51:eb:af:e3:46:
53:5e:b5:bd:e2:80:d3:fc:4d:85:3b:c5:93:c2:15:
06:ab:23:91:d3:b9:8f:61:05:7d:33:1f:27:e4:20:
e2:66:82:7c:86:4d:fb:19:27:a2:c5:d1:50:5d:ef:
cf:90:94:cf:fa:d7:c0:1b:a9:3a:53:a2:58:52:5b:
07:a7:15:fc:97:9e:d3:8e:43:8e:21:e3:72:28:a9:
fd:95:5d:f0:0d:b1:9d:41:20:e2:92:05:52:e8:c0:
14:f1:fe:db:6b:79:4e:f9
prime1:
00:fb:dd:b4:6a:09:01:7d:b1:62:00:b4:17:8d:47:
5d:0c:ca:0c:79:c2:bc:0a:be:38:02:bd:a6:b0:b2:
0c:7c:da:4b:80:6f:70:96:47:41:bc:d4:67:d4:fa:
52:b4:61:a1:dd:99:c1:47:b0:01:e5:0e:77:0c:3a:
d6:3a:20:f9:cd
prime2:
00:de:b2:8f:eb:ef:e3:52:8c:a5:b0:93:d6:b8:df:
4b:ca:e2:a3:b4:09:6c:36:d6:d6:69:8b:ec:f2:20:
8d:84:bc:95:f6:1a:16:8e:fa:30:00:06:41:d6:e5:
b2:e5:a2:c3:b5:02:37:bf:8f:1b:78:4c:70:b0:91:
05:02:54:2d:17
exponent1:
49:39:0a:53:6d:6c:d6:8a:f4:4f:fa:0b:82:d2:45:
76:0b:63:97:1e:8b:26:a0:68:8e:3b:6e:b3:9d:ff:
cd:68:75:5c:d0:89:2d:d7:67:80:2b:4c:48:79:c2:
03:99:02:c2:f7:09:5e:fb:07:81:fd:33:95:05:a1:
f4:62:53:dd
exponent2:
63:4f:aa:13:03:75:92:98:9a:43:36:8a:a9:03:1b:
5f:ac:d6:68:31:53:8a:d9:1f:e1:0d:bf:6a:f2:cd:
69:86:58:31:d9:cc:79:92:64:d9:7d:f0:da:8e:b0:
ca:eb:5c:ef:59:bf:d6:b3:51:02:c2:c3:f6:59:95:
ac:46:31:9d
coefficient:
10:01:db:d2:5b:11:81:67:bf:b1:75:f6:6a:db:60:
e0:d6:c3:b0:41:31:a8:36:7e:ec:61:ac:ca:fa:99:
9f:55:e0:4b:f5:0f:76:de:ab:56:45:50:dc:de:d9:
10:f2:95:e9:2c:70:37:d2:f2:48:8e:25:55:69:85:
5a:10:a7:eb
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQDbGfA0XdkIpK5h2O9mg5o35pitxwiHDnlpBTCTUH+pkGMdDe6d
9nVQDr61QUEMWAgbnb/irTXh5VigGhHDbG/4kmVy1BgSfLxUx50jmm7jnvnS4Hrb
65g920x26gaBW+I9n9cHF/QShrqaNXP9DDeqhqNzdmrkaaAQQkQ9liN6awIDAQAB
AoGAU0gdvNn7WES4oCrEfPQDF8KIQG3KOQPwdFHrr+NGU161veKA0/xNhTvFk8IV
BqsjkdO5j2EFfTMfJ+Qg4maCfIZN+xknosXRUF3vz5CUz/rXwBupOlOiWFJbB6cV
/Jee045DjiHjciip/ZVd8A2xnUEg4pIFUujAFPH+22t5TvkCQQD73bRqCQF9sWIA
tBeNR10Mygx5wrwKvjgCvaawsgx82kuAb3CWR0G81GfU+lK0YaHdmcFHsAHlDncM
OtY6IPnNAkEA3rKP6+/jUoylsJPWuN9LyuKjtAlsNtbWaYvs8iCNhLyV9hoWjvow
AAZB1uWy5aLDtQI3v48beExwsJEFAlQtFwJASTkKU21s1or0T/oLgtJFdgtjlx6L
JqBojjtus53/zWh1XNCJLddngCtMSHnCA5kCwvcJXvsHgf0zlQWh9GJT3QJAY0+q
EwN1kpiaQzaKqQMbX6zWaDFTitkf4Q2/avLNaYZYMdnMeZJk2X3w2o6wyutc71m/
1rNRAsLD9lmVrEYxnQJAEAHb0lsRgWe/sXX2attg4NbDsEExqDZ+7GGsyvqZn1Xg
S/UPdt6rVkVQ3N7ZEPKV6SxwN9LySI4lVWmFWhCn6w==
-----END RSA PRIVATE KEY-----Encrypt data with public key, decrypt data with private key
// Generate plaintext documents hank$ vi //View the contents of the file hank$ cat cryptographic:123456 // Encryption via public key hank$ openssl rsautl -encrypt -in -inkey -pubin -out // Decryption by private key hank$ openssl rsautl -decrypt -in -inkey -out
Encrypt data with private key, decrypt data with public key
// Encryption by private key hank$ openssl rsautl -sign -in -inkey -out // Decryption by public key hank$ openssl rsautl -verify -in -inkey -pubin -out
wrap-up
So after seeing this, you should have some understanding of RSA. Because RSA encryption is very inefficient! Not all data encryption will use it. So its main battlefield is to encrypt some small data, such as symmetric encryption algorithm key. Ordigital signature. We'll talk more about digital signatures in a follow-up article.
The above is the application of RSA encryption and decryption algorithm and the extension of the exploration of the details, more information about the RSA encryption and decryption algorithm, please pay attention to my other related articles!