$30 off During Our Annual Pro Sale. View Details »

rsa_understanding_memo

convto
November 26, 2021
Technology
0
430

 rsa_understanding_memo

RSA暗号の暗号化/復号処理とその証明など
社内勉強会で話した内容からそのまま公開できない面白い要素を抜いたものです

convto

November 26, 2021
Tweet

More Decks by convto

See All by convto
Go1.20からサポートされるtree構造のerrの紹介と、treeを考慮した複数マッチができるライブラリを作った話/introduction of tree structure err added since go 1_20
convto
0
420
byte列のbit表現を得るencodingライブラリ作った
convto
1
800
Go runtimeの歩き方/how to follow go runtime function
convto
1
710
入出金ドメインの苦労話と解決へのアプローチ/funds in/out difficulties and solutions
convto
2
1.1k
検索エンジンことはじめ/First step towards full-text search engine
convto
0
75
自作コンパイラやっていきの巻💪💪/making my own compiler!
convto
0
76
kubernetes 浅瀬 dive / kubernetes shallow dive
convto
0
450
GoogleCloudFunctionsでHTTPフックなGoスクリプトを書く / Write HTTP hook Go script with GoogleCloudFunctions
convto
0
67
Goのパフォーマンス計測 / go performance measurement
convto
0
300

Other Decks in Technology

See All in Technology
EventStormingとRDRA2.0で大規模レガシーシステムのフルリニューアルPJに挑む
leveragestech
0
1.1k
Exploring Postgres VACUUM with the VACUUM Simulator
keiko713
5
660
デザインシステム仕切り直し
chloe463
1
1.7k
開発生産性大幅アップ!Postman VS Code拡張機能
nagix
0
130
【論文紹介】 A Survey on Hallucination in Large Language Models: Principles, Taxonomy, Challenges, and Open Questions
tomoaki25
5
160
從心開始的純軟之路
line_developers_tw
PRO
0
1.1k
負債と言わないことが負債と向き合うこと
kenchan
5
1.9k
pmconf 2023 プロダクトと事業を無限にスケールするための最強のロードマップの作り方 / The Greatest Roadmap for Unlimited Scaling your Business and Products
yamamuteki
15
7.8k
SOLID Is Dead, Long Live SOLID
lemiorhan
2
190
RealSense T265とD415とUFACTORY Lite 6で模倣学習の実験
hygradme
0
340
3つの⽴場で考える技術的負債への組織的アプローチ
sansantech
PRO
16
4.9k
生成AIでシステム開発はどう変わるか
etaroid
17
6.6k

Featured

See All Featured
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
53
33k
What's new in Ruby 2.0
geeforr
336
30k
The Straight Up "How To Draw Better" Workshop
denniskardys
226
130k
Writing Fast Ruby
sferik
615
59k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
18
6.4k
The Cult of Friendly URLs
andyhume
71
5.4k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
0
270
Gamification - CAS2011
davidbonilla
75
4.4k
The Pragmatic Product Professional
lauravandoore
23
5.4k
Docker and Python
trallard
32
2.4k
Bash Introduction
62gerente
603
210k
For a Future-Friendly Web
brad_frost
168
8.4k

Transcript

  1. RSA׬શཧղϝϞ
    2021/11/26 ࣾ಺ษڧձ

    View Slide

  2. ͸͡Ίʹ

    View Slide

  3. ॾ஫ҙ
    • ࠓճ΍Δͷ͸͋͘·ͰૉͷRSA҉߸ʹ͍ͭͯͰ͢ɻPKCS#1 v1.5 ͱ͔
    OAEP ͱ͔ͷ֤छpaddingํࣜʹ͍ͭͯ͸ݴٴ͠ͳ͍Ͱ͢
    • ૉͷRSA͸͍͔ͭ͘ͷཧ༝ʹΑΓඇਪ঑ͳͷͰɺ࣮ࡍʹར༻͢Δͱ͖
    ͸ރΕ࣮ͨ૷ͱ҆શͳpaddingΛ࢖͍·͠ΐ͏

    View Slide

  4. RSAͥΜͥΜΘ͔ΒΜ
    • ͳΜ͔͍͍ײ͡ʹ҆શͬΆ͍҉߸Λͭͬͯ͘͘ΕΔͬΆ͍
    • ͳΜ͔伴ͷbit͸௕͍΄͏͕ྑ͍Β͍͠
    • ͳΜ͔ૉҼ਺෼ղ͕Ήͣͯ͘ΞϨΒ͍͠

    View Slide

  5. ͥΜͥΜΘ͔Βͳ͍ͱࠔΔ͜ͱ
    • ҆શੑͷཧ༝͕Θ͔Βͳ͍(=ෳ਺ͷ҉߸ΞϧΰϦζϜؒͷ҆શੑͷൺ
    ֱ͕Ͱ͖ͳ͍)
    • ͥΜͥΜΘ͔Βͳ͍΋ͷʹഎதΛ༬͚Δͷ͸ͪΐͬͱ෺૽ɻݪཧΛ஌
    Βͳ͍ͱෆ༻ҙʹةݥͳ͜ͱΛͯ͠͠·ͬͨΓͪ͠Ό͏͔΋

    View Slide

  6. ͳͷͰ͍Ζ͍Ζௐ΂ͨ

    View Slide

  7. ͷͰ΍͍ͬͯ͘

    View Slide

  8. ࠓ೔΍Δ͜ͱ
    • RSAͷ҉߸Խ/෮߸ͷखॱͱ෮߸Ͱ͖Δ͜ͱͷূ໌
    • ܻ਺͘͢ͳ͍RSAΛखܭࢉͰͱ͘ϋϯζΦϯ
    • ૉҼ਺෼ղͷࠔ೉ੑͱ҆શૉ਺ʹ͍ͭͯ
    • ΋ͬͱਂງΓ͍ͨਓ޲͚ͷRSAཧղͷͨΊͷϩʔυϚοϓ

    View Slide

  9. RSAͷૢ࡞

    View Slide

  10. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ

    View Slide

  11. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ
    ͸΍͍͸΍͍͓͍ͪͭͯ

    View Slide

  12. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ
    Θ͔Δ

    View Slide

  13. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ
    ͓ޓ͍ૉͰͳʹ͕͏Ε͍͔͍ͬͯ͠͏ͱ࣍
    ͷ৚݅ΛΈͨ͢E͕ଘࡏ͢Δ͜ͱ͕͍͑Δ͔
    Β
    ༨ஊ͚ͩͲF͸ͱ͢Δ͜ͱ͕ଟ͍
    ͦͦ͜͜େ͖͍ૉ਺ͳͷͱɺਐ਺Ͱ
    ͱͳΓCJU͔͠
    ͨͬͯͳͯ͘ԋࢉෛՙ͕͍ͪ͞ΊͳͨΊ

    View Slide

  14. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ
    NPE͸৒༨ΛٻΊΔॲཧͰɺϓϩάϥϜͰ
    ΍Δԋࢉͱಉ͡
    ৒༨ʹ͓͚Δ߹ಉ͸ӈͱࠨͷ৒༨͕౳͍͠
    ͱ͍͏ҙຯ
    ͭ·ΓೃછΈ͋Δදݱʹ௚͢ͱ
    EF Q
    R
    Q
    R
    ͱͳ
    ΔE FΛ४උ͍ͤ΍ͱ͍͏͜ͱ

    View Slide

  15. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ
    NPE͸৒༨ΛٻΊΔॲཧͰɺϓϩάϥϜͰ
    ΍Δԋࢉͱಉ͡
    ৒༨ʹ͓͚Δ߹ಉ͸ӈͱࠨͷ৒༨͕౳͍͠
    ͱ͍͏ҙຯ
    ͭ·ΓೃછΈ͋Δදݱʹ௚͢ͱ
    EF Q
    R
    Q
    R
    ͱͳ
    ΔE FΛ४උ͍ͤ΍ͱ͍͏͜ͱ
    EF㲇 NPE Q
    R

    Λຬͨ͢EΛٻΊ
    Δͷ͸֦ுϢʔΫϦουޓআ๏Λ͔ͭ͑͹
    ΘΓͱαΫοͱͰ͖Δ
    ֦ுϢʔΫϦουޓআ๏ͰͳΜͰ͏·͍͘
    ͔͘͸ϕζʔͷ౳ࣜͱ͔ͱབྷΉͷͰׂѪ
    ڵຯ͋Δਓ޲͚ͷϩʔυϚοϓʹؔ܎ੑΛ
    ·ͱΊͱ͖·͢

    View Slide

  16. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ
    NPE͸৒༨ΛٻΊΔॲཧͰɺϓϩάϥϜͰ
    ΍Δԋࢉͱಉ͡
    ৒༨ʹ͓͚Δ߹ಉ͸ӈͱࠨͷ৒༨͕౳͍͠
    ͱ͍͏ҙຯ
    ͭ·ΓೃછΈ͋Δදݱʹ௚͢ͱ
    EF Q
    R
    Q
    R
    ͱͳ
    ΔE FΛ४උ͍ͤ΍ͱ͍͏͜ͱ
    EF㲇 NPE Q
    R

    Λຬͨ͢EΛٻΊ
    Δͷ͸֦ுϢʔΫϦουޓআ๏Λ͔ͭ͑͹
    ΘΓͱαΫοͱͰ͖Δ
    ֦ுϢʔΫϦουޓআ๏ͰͳΜͰ͏·͍͘
    ͔͘͸ϕζʔͷ౳ࣜͱ͔ͱབྷΉͷͰׂѪ
    ڵຯ͋Δਓ޲͚ͷϩʔυϚοϓʹؔ܎ੑΛ
    ·ͱΊͱ͖·͢
    ͳΜͰͦΜͳ͜ͱ͢Δͷʁ

    View Slide

  17. ͋ͱͰγϡͬͱͯ͠νϟͬͱ͢ΔΜͩΑʂ

    View Slide

  18. ҉߸Խͷૢ࡞
    • Ҏ߱͸ϓϨʔϯςΩετΛm, ҉߸ԽจࣈྻΛcͱ͠·͢
    • RSAͷ҉߸Խ͸ Enc(m) := m^e mod n
    • Α͏͸mΛe৐ͯ͠%nͱΕ͹҉߸ԽͰ͖Δɻeͱn͸ެ։৘ใͳͷͰ୭
    Ͱ΋҉߸ԽՄೳ

    View Slide

  19. ෮߸ͷૢ࡞
    • RSAͷ෮߸͸ Dec(c) := c^d mod n
    • ͜ΕͰmʹ΋ͲΔ
    • ͖ͬ͞ͷ෮߸ͱ͋Θͤͯ੔ཧ͢Δͱ (m^e mod n)^d mod n ͢Δͱm
    ʹ໭Δͱ͍͍ͬͯΔ
    • nΛ๏ͱ͢ΔmodͱΔૢ࡞͸్தͰ΍ͬͯ΋লུͯ͠΋݁Ռ͸͔ΘΒ
    ͳ͍ͷͰ (m^e)^d mod n ͱܭࢉͯ͠΋ಉ͡

    View Slide

  20. ͨΊͯ͠ΈΑ͏
    • m = (m^e mod n)^d mod n ͕੒Γཱͭͱͯ͠ܭࢉͯ͠ΈΔ
    • ద౰ʹn=35, e=5, d=5, m=4ͱ͔Ͱࢼͯ͠ΈΔ
    • m^e mod n = 4^5 mod 35 = 1024 mod 35 = 9
    • c^d mod n = 9^5 mod 35 = 59049 mod 35 = 4
    • 0 < m < n ͷൣғʹ͓͍ͯ੒ཱ͢Δ

    View Slide

  21. (m^e)^d ≡ m (mod n) ͷূ໌(1)
    • ੔ཧͯ͠m^de ≡ m (mod n)
    • ͜͜Ͱ de ʹ͍ͭͯɺ de ≡ 1 (mod (p-1)(q-1)) ͱͳΔΑ͏ͳ਺͔ͩΒ
    ͳʹ͔͠Βͷ(p-1)(q-1)ͷഒ਺ʹ1଍ͨ͠஋Ͱ de = 1 + s(p-1)(q-1) ͱ
    ͔͚Δ
    • m^de = m^(1+s(p-1)(q-1)) = m(m^(p-1)(q-1))^s ͱ͔͚Δɻ͜ΕͰm
    ͷഒ਺ͷܗͰ͔͚ͨ

    View Slide

  22. (m^e)^d ≡ m (mod n) ͷূ໌(2)
    • ·ͱΊΔͱ m(m^(p-1)(q-1))^s ≡ m (mod n) ͱͳΕ͹Α͍
    • άοͱᛀΉͱ m^(p-1)(q-1) mod n ͕ͳʹ͔ͷखҧ͍Ͱ1ʹͳͬͯ͘Ε
    Δͱm(1)^s ≡ m (mod n) ͱͳͬͯ͘Εͦ͏
    • ͦΜͳ౎߹ͷ͍͍͜ͱ…͋ΔΘ͚…͋ΔΘ͚…

    View Slide

  23. (m^e)^d ≡ m (mod n) ͷূ໌(2)
    • ·ͱΊΔͱ m(m^(p-1)(q-1))^s ≡ m (mod n) ͱͳΕ͹Α͍
    • άοͱᛀΉͱ m^(p-1)(q-1) mod n ͕ͳʹ͔ͷखҧ͍Ͱ1ʹͳͬͯ͘Ε
    Δͱm(1)^s ≡ m (mod n) ͱͳͬͯ͘Εͦ͏
    • ͦΜͳ౎߹ͷ͍͍͜ͱ…͋ΔΘ͚…͋ΔΘ͚…
    େ਺ֶऀϑΣϧϚʔ
    ࢴ͕͘͢ͳ͍͜ͱͰ༗໊
    ͋ΔͰ

    View Slide

  24. ϑΣϧϚʔͷখఆཧ
    • p͸ૉ਺, a͸੔਺Ͱޓ͍ʹૉͱ͢Δͱ͖ҎԼ͕੒Γཱͭ
    • a^(p-1) ≡ 1 (mod p)
    • ূ໌΋঺հ͍͚ͨ͠Ͳۮવʹ΋खݩʹࢴ͕ແ͍ͷͰলུ͠·͢
    • ͦͦ͜͜؆୯ͳͷͰ͕࣌ؒ༨ͬͨΒܰ͘঺հ͢Δ͔΋

    View Slide

  25. (m^e)^d ≡ m (mod n) ͷূ໌(3)
    m^(p-1)(q-1) ≡ 1 (mod n) Λͱ͘
    • ํ਑ͱͯ͠͸ͳΜ΍͔΍ͯ͠ m^(p-1)(q-1) -1 ≡ 0 (mod n) ͰׂΓ੾Ε
    Δ͜ͱΛ֬ೝ͢Δํ޲ͰؤுΔ
    • ↑͕੒Γཱͯ͹มܗͯ͠ m^(p-1)(q-1) ≡ 1 (mod n) ͕ٻ·Δ

    View Slide

  26. (m^e)^d ≡ m (mod n) ͷূ໌(4)
    m^(p-1)(q-1) ≡ 1 (mod n) Λͱ͘
    • (m^(p-1))^(q-1) ͱมܗͯ͠ߟ͑Δ
    • q͸ૉ਺͔ͩΒɺmࣗ਎͕qͷഒ਺Ͱͳ͍ݶΓ m^(p-1) ͱ͸ޓ͍ʹૉ
    ͳͷͰɺϑΣϧϚʔͷখఆཧΑΓ (m^(p-1))^(q-1) ≡ 1 (mod q)
    • ׂΓ੾ΕΔܗʹ੔ཧ͢Δͱ (m^(p-1))^(q-1) -1 ≡ 0 (mod q)
    • m^(p-1)(q-1) -1 ≡ 0 (mod q) ͕ࣔͤͨ … (i

    View Slide

  27. (m^e)^d ≡ m (mod n) ͷূ໌(5)
    m^(p-1)(q-1) ≡ 1 (mod n) Λͱ͘
    • (m^(q-1))^(p-1) ͱมܗͯ͠ߟ͑Δ
    • p͸ૉ਺͔ͩΒɺmࣗ਎͕pͷഒ਺Ͱͳ͍ݶΓ m^(q-1) ͱ͸ޓ͍ʹૉ
    ͳͷͰɺϑΣϧϚʔͷখఆཧΑΓ (m^(q-1))^(p-1) ≡ 1 (mod p)
    • ׂΓ੾ΕΔܗʹ੔ཧ͢Δͱ (m^(q-1))^(p-1) -1 ≡ 0 (mod p)
    • m^(p-1)(q-1) -1 ≡ 0 (mod p) ͕ࣔͤͨ … (ii

    View Slide

  28. (m^e)^d ≡ m (mod n) ͷূ໌(6)
    m^(p-1)(q-1) ≡ 1 (mod n) Λͱ͘
    • (i, (ii ΑΓ m^(p-1)(q-1) -1 ͸pͰ΋qͰ΋ׂΓ੾ΕΔ
    • p, q͸૬ҧͳૉ਺ͳͷͰ໿਺͕ଘࡏ͠ͳ͍ɻͦͷͨΊͲͪΒͰ΋ׂΓ
    ੾ΕΔͱ͍͏͜ͱ͸ m^(p-1)(q-1) -1 ͸ pq ͷഒ਺Ͱ͋Δ
    • Ҏ্ΑΓ m^(p-1)(q-1) -1 ≡ 0 (mod n) Ͱ͋Δ͜ͱ͕Θ͔Δ
    • มܗͯ͠ m^(p-1)(q-1) ≡ 1 (mod n) ͱͳΔʂ …(iii

    View Slide

  29. (m^e)^d ≡ m (mod n) ͷূ໌(7)
    • m(m^(p-1)(q-1))^s ≡ m (mod n) ͱͳΕ͹Α͍
    • άοͱᛀΉͱ m^(p-1)(q-1) mod n ͕ͳʹ͔ͷखҧ͍Ͱ1ʹͳͬͯ͘ΕΔͱ
    m(1)^s ≡ m (mod n) ͱͳͬͯ͘Εͦ͏
    • pqͱޓ͍ʹૉͳmͳΒ m^(p-1)(q-1) ≡ 1 (mod n) ͱͳΔͷͰˢ͕੒ཱ͢Δʂূ
    ໌͓ΘΓ
    • ͪͳΈʹpqͱm͕ૉ͡Όͳ͍ͱ͖͸ϑΣϧϚʔͷখఆཧͱ͔ߟ͑ͳͯ͘Αͯ͘
    m͕p, qͰׂΓ੾ΕΔ͜ͱΛར༻ͯ͠୯ʹnͷഒ਺+mͷܗʹ੔ཧͰ͖Δ

    View Slide

  30. खܭࢉͰͱͧ͘ʂ

    View Slide

  31. ໰୊
    • 1~26ͷ਺ࣈΛͦΕͧΕΞϧϑΝϕοτͷA~ZʹׂΓ౰ͯͨՍۭͷจ
    ࣈίʔυ͕ଘࡏ͢Δͱ͢Δ
    • n=35, e=5 ͕Θ͔͍ͬͯΔͱ͖ɺҎԼͷ3ͭͷ҉߸จΛղಡͯ͠Ͷ
    • 23, 24, 1

    View Slide

  32. ໰୊
    • 1~26ͷ਺ࣈΛͦΕͧΕΞϧϑΝϕοτͷA~ZʹׂΓ౰ͯͨՍۭͷจ
    ࣈίʔυ͕ଘࡏ͢Δͱ͢Δ
    • n=35, e=5 ͕Θ͔͍ͬͯΔͱ͖ɺҎԼͷ3ͭͷ҉߸จΛղಡͯ͠Ͷ
    • 23, 24, 1
    • ώϯτ1: c^d mod n Ͱ෮߸Ͱ͖Δɻd͸ de ≡ 1 (mod (p-1)(q-1))
    • ώϯτ2: n = pq ͱͳΔpqʹૉҼ਺෼ղͰ͖Ε͹͋ͱ͸ܭࢉ͢Δ͚ͩ

    View Slide

  33. ͨ͑͜
    • n ͸35͔ͩΒୈ࿡ײͰ 5 * 7 ͷૉҼ਺෼ղͰ͖Δ
    • Αͬͯd͸ 5d ≡ 1 mod (5 - 1)(7 - 1)
    • ܭࢉ͢Δͱ5d - 1 ≡ 0 mod 24 ͱͳΓɺd = 5 ͕͋ͯ͸·Δ͜ͱ͕Θ͔Δ
    • ͋ͱ͸ 23^5 mod 35, 24^5 mod 35, 1^5 mod 35 ΛٻΊΔ͚ͩɻखͰ΍Δ
    ͱ͖͍͚ͭͲΪϦࠜੑͰղ͚Δൣғ
    • ղ͘ͱ 18, 19, 1 ʹͳͬͯṖͷจࣈίʔυʹরΒ͠߹ΘͤΔͱ RSA ʹͳΔʂ

    View Slide

  34. ϋϯζΦϯ͔ΒΘ͔Δ͜ͱ
    • ૉҼ਺෼ղ͑͞Ͱ͖ͨΒޙ͸ܭࢉ͢Δ͚ͩ
    • ୯७ܭࢉ͸ίϯϐϡʔλͷಘҙͱ͢Δͱ͜ΖͳͷͰͦ͜·Ͱ͍͚͹
    νϣϩ͍
    • RSAͷ೉͠͞͸ૉҼ਺෼ղͷࠔ೉͞ʹґڌ͍ͯ͠Δɻ͕͜͜ಥഁ͞Ε
    Δͱγϡοͱൿີ伴͕ܭࢉ͞ΕͪΌ͏

    View Slide

  35. ૉҼ਺෼ղͷࠔ೉ੑͱ҆શૉ਺

    View Slide

  36. ૉҼ਺෼ղ͖ͪʔͧʂ
    • ଟ߲ࣜ࣌ؒͰͱ͚ΔΞϧΰϦζϜΈ͔ͭͬͯͳ͍ͷ…
    • ࢦ਺͔͔࣌ؒΔ͔ΒͭΒ͍ͷ…
    • ର৅ͱͳΔૉ਺ͷܻ͕૿͑Ε͹૿͑Δ΄ͲΞϗΈ͍ͨʹ͔͔࣌ؒΔ
    • 200ܻ * 200ܻ͙Β͍ͩͱ͍·ͷεύίϯͰ΋਺ԯ೥͔͔ΔΑ͏Ͱ͢
    (ࢦ਺͔͔࣌ؒΔͱ͍͏ͱ͜Ζ·Ͱ͔͠௥ͬͯͳ͍͔ΒͲ͏͍͏ܭࢉ
    Ͱ਺ԯ೥ͱ͍ͬͯΔͷ͔͸஌Βͳ͍)

    View Slide

  37. ૉҼ਺෼ղޮ཰Α͘Ͱ͖ͳ͍ʁ
    • p-1๏ͱ͍͏ͷ͕͋Δ
    • ͘Θ͘͠͸๻΋௥͍͔͚Εͯͳ͍͚ͲɺϑΣϧϚʔͷখఆཧΛ͔ͭͬ
    ͨߟ͑ํͰɺૉ਺p͔Β-1ͨ͠ͱ͖ʹখ͞ͳૉ਺Ͳ͏͠ͷੵʹͳͬͯ
    Δͱޮ཰Α͘ܭࢉͰ͖ΔΒ͍͠
    • Ͱ͔͍ૉҼ਺͕;͘·ΕͯΔͱp-1๏͸ޮ཰Α͘Ͱ͖ͳ͍

    View Slide

  38. ҆શૉ਺ͱ͸
    • p, qͷ૬ҧͳૉ਺͕͋ͬͨͱ͖ p = 2q +1 ͱͳΔૉ਺
    • p-1๏͸p-1ʹͰ͔͍ૉҼ਺͕͋Δͱޮ཰͕͋Βͳ͍ͷΛࢥ͍ग़͢ͱɺ҆શ
    ૉ਺͸p-1๏ʹͱ͔ͬͯͳΓ૬खͨ͘͠ͳ͍਺(p-1ͷૉҼ਺ʹ͍͍ͩͨp/2
    ͷαΠζͷόΧσΧૉ਺͕͋ΔͷͰ)
    • ҉߸తͳڧ౓Λ΋ͭૉ਺ੜ੒ͱ͸ɺे෼େ͖͍҆શૉ਺Λͭͬͯ͘͘ΕΔ
    ͬͯ͜ͱͩͧʂ͜͜ςετʹग़·͢
    • े෼ͳܻ਺ͷ҆શૉ਺ͷੵ͸·͋ૉҼ਺෼ղ͢Δͷແཧ΍Ζͱͳ͍ͬͯΔ

    View Slide

  39. ਂງΓ͍ͨਓ޲͚
    RSAཧղ΁ͷϩʔυϚοϓ

    View Slide

  40. ҉߸Խ/෮߸͕੒ཱ͢Δ͜ͱ
    Λཧղ͢ΔͨΊʹඞཁͬΆ͍΍ͭ
    • ϑΣϧϚʔͷখఆཧ
    • ؆୯Ί
    • ΦΠϥʔͷఆཧ
    • ϑΣϧϚʔͷఆཧ͸๏p͕ૉ਺Ͱ͋Δඞཁ͕͚͋ͬͨͲɺͦΕΛҰ
    ൠʹ֦ுͯ͠ޓ͍ʹૉͳa, nͰ͋Ε͹੒ཱ͢ΔΑ͏ʹͨ͠΍ͭ
    • ͜ΕͰূ໌ͯ͠Δ͜ͱ΋ଟ͍͚ͲϑΣϧϚʔͷখఆཧͱେମ͓ͳ͡

    View Slide

  41. de ≡ 1 (mod (p-1)(q-1)) ΛٻΊΔํ๏
    ͷཧղʹඞཁͬΆ͍΍ͭ
    • ܈, ؀, ମͷݴ༿ͷఆٛ͘Β͍
    • ͷͪͷূ໌ʹ͠Εͬͱग़͖ͯͯͳΜͩ͜ΕͱͳΔ
    • ୯Ґݩ, ٯݩ͋ͨΓ΋ݴ༿ͷҙຯ͕Θ͔ΔͱΑ͛͞
    • ϕζʔͷ౳ࣜ
    • ax+by=c͕࣮਺ղΛ࣋ͭͳΒc͸gcd(a,b)ͷഒ਺ͩͧͱ͍͏΍ͭɻݸਓతʹ͸ࠓճಡΜͩূ໌ͰҰ൪Ή͔ͣͬͨ
    • ϢʔΫϦουޓআ๏
    • gcd(a,b)Λޮ཰Α͘΋ͱΊΔΞϧΰϦζϜɻ͜Ε΋ূ໌͕؆୯
    • ֦ுϢʔΫϦουޓআ๏
    • ϕζʔͷ౳ࣜΛຬͨ͢ղΛ୳ࡧͰ͖Δɻ࣮૷ͱͯ͠͸ϢʔΫϦουޓআ๏ʹໟ͕ੜ͑ͨఔ౓
    • ͍ͭ͜Ͱ৒༨؀ͷٯݩ͕ͩͤΔઆ໌͸ผ్ಡ·ͳ͍ͱΘ͔Β͵͔΋

    View Slide

  42. ҆શͳn=pqΛ࡞Δํ๏
    ͷཧղʹඞཁͬΆ͍΍ͭ
    • ૉ਺ੜ੒ΞϧΰϦζϜ͸ਖ਼௚͓͍͖Εͯͳ͍
    • ద౰ͳૉ਺ͬΆ͍਺ͭ͘Δ -> ߴ଎ͳૉ਺൑ఆʂͷྲྀΕ͕͓͓͍ɻߴ଎ͳૉ
    ਺൑ఆ͸֬཰తͳΞϧΰϦζϜ͹͔ͬΓ͔ͩΒෳ਺ճ܁Γฦͯ͠ޡݕ஌཰Λ
    ͛͞Δ(n=10ͱ͔)
    • Miller-Rabin๏: ૉ਺͡Όͳ͍਺ʹOKग़ͪ͠Ό͏ͷ͸25%ҎԼ
    • Baillie-PSW๏: ͍͔ͭ͘ͷૉ਺൑ఆΞϧΰϦζϜΛ૊Έ߹Θͤͯຐվ଄ͨ͠
    Έ͍ͨͳ΍ͭʁͪΌΜͱ௥ͬͯͳ͍͚ͲGoͱ͔Ͱ࢖ΘΕͯΔ͔ΒΑͦ͞͏

    View Slide

  43. ҆શͳn=pqΛ࡞Δํ๏
    ͷཧղʹඞཁͬΆ͍΍ͭ
    • ૉ਺ੜ੒ΞϧΰϦζϜ͸ਖ਼௚͓͍͖Εͯͳ͍
    • ద౰ͳૉ਺ͬΆ͍਺ͭ͘Δ -> ߴ଎ͳૉ਺൑ఆʂͷྲྀΕ͕͓͓͍ɻߴ଎ͳૉ
    ਺൑ఆ͸֬཰తͳΞϧΰϦζϜ͹͔ͬΓ͔ͩΒෳ਺ճ܁Γฦͯ͠ޡݕ஌཰Λ
    ͛͞Δ(n=10ͱ͔)
    • Miller-Rabin๏: ૉ਺͡Όͳ͍਺ʹOKग़ͪ͠Ό͏ͷ͸25%ҎԼ
    • Baillie-PSW๏: ͍͔ͭ͘ͷૉ਺൑ఆΞϧΰϦζϜΛ૊Έ߹Θͤͯຐվ଄ͨ͠
    Έ͍ͨͳ΍ͭʁͪΌΜͱ௥ͬͯͳ͍͚ͲGoͱ͔Ͱ࢖ΘΕͯΔ͔ΒΑͦ͞͏
    ͪͳΈʹ҆શૉ਺ͷੜ੒ʹ͍ͭͯ͸͋Μ·
    Γ͏·͘΍ͬͯͳ͍ؾ͕͍ͯͯ͠ɺ
    ૉ௚ʹ೚ҙͷૉ਺൑ఆͰૉ਺RΛͭͬͨ͘ޙ
    R͕ૉ਺͔͓͔ΘΓ൑ఆͯ͠ૉ਺ͩͬͨ
    Β͍ͦͭΛQͱͯ͠ฦ͢Έ͍ͨͳงғؾ͕͋
    Δ
    ͪΌΜͱௐ΂͖Εͯͳ͍͚Ͳ௚ײతʹ΋ͦ
    Ε͕ૣͦ͏

    View Slide

  44. RSAʹ͍ͭͯͷઆ໌͸
    ͜Εʹͯऴྃ

    View Slide

  45. ׬

    View Slide