Upgrade to Pro — share decks privately, control downloads, hide ads and more …

rsa_understanding_memo

convto
November 26, 2021
Technology
0
350

 rsa_understanding_memo

RSA暗号の暗号化/復号処理とその証明など
社内勉強会で話した内容からそのまま公開できない面白い要素を抜いたものです

convto

November 26, 2021
Tweet

More Decks by convto

See All by convto
byte列のbit表現を得るencodingライブラリ作った
convto
1
620
Go runtimeの歩き方/how to follow go runtime function
convto
1
550
入出金ドメインの苦労話と解決へのアプローチ/funds in/out difficulties and solutions
convto
1
970
検索エンジンことはじめ/First step towards full-text search engine
convto
0
67
自作コンパイラやっていきの巻💪💪/making my own compiler!
convto
0
67
kubernetes 浅瀬 dive / kubernetes shallow dive
convto
0
440
GoogleCloudFunctionsでHTTPフックなGoスクリプトを書く / Write HTTP hook Go script with GoogleCloudFunctions
convto
0
58
Goのパフォーマンス計測 / go performance measurement
convto
0
220
Athenaのパーテション設定をCloudWatch Events + Lambda で自動化する
convto
0
74

Other Decks in Technology

See All in Technology
Oracle Exadata Database Service on [email protected] ([email protected]) - UI スクリーン・キャプチャ集
oracle4engineer
PRO
0
280
Spring Boot 3.0へのアップデートのハマり所 / Findings in Migrating our Application to Spring Boot 3.0
line_developers
PRO
4
340
BIMIとメールセキュリティ
sbtechnight
PRO
0
370
自動運転レベル4解禁にあたり求められる遠隔監視技術
sbtechnight
PRO
0
510
JAWS-UG 朝会 #43 登壇資料
takakuni
0
400
How we build Ads Platform in Rust
mapbox_jp
1
190
ノーコードAI開発プラットフォーム「AIMINA」のシステム設計コンセプトと技術的チャレンジ
sbtechnight
PRO
0
320
学びが形になる!〜DeNAで6年間プロダクト開発に携わって学んだこと〜
dena_tech
PRO
0
320
Showcase2023_進化し続けるサイバーセキュリティ脅威を防ぐSaaSソリューション.pdf
sakaitakeshi
0
410
SNS投稿を使ってクラウド障害を検知してみた
sbtechnight
PRO
0
370
マネジメント3.0モデル入門(120分版)
takufujii
11
2.6k
技育祭2023春 ちゅらデータ講演資料
foursue
1
450

Featured

See All Featured
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
349
27k
Why You Should Never Use an ORM
jnunemaker
PRO
49
8k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
2
460
Code Reviewing Like a Champion
maltzj
508
38k
How GitHub Uses GitHub to Build GitHub
holman
466
280k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
657
120k
Designing the Hi-DPI Web
ddemaree
273
33k
Building Applications with DynamoDB
mza
86
5k
A Modern Web Designer's Workflow
chriscoyier
689
180k
The Cult of Friendly URLs
andyhume
70
5.2k
It's Worth the Effort
3n
177
26k
JazzCon 2018 Closing Keynote - Leadership for the Reluctant Leader
reverentgeek
176
9.2k

Transcript

  1. RSA׬શཧղϝϞ
    2021/11/26 ࣾ಺ษڧձ

    View Slide

  2. ͸͡Ίʹ

    View Slide

  3. ॾ஫ҙ
    • ࠓճ΍Δͷ͸͋͘·ͰૉͷRSA҉߸ʹ͍ͭͯͰ͢ɻPKCS#1 v1.5 ͱ͔
    OAEP ͱ͔ͷ֤छpaddingํࣜʹ͍ͭͯ͸ݴٴ͠ͳ͍Ͱ͢
    • ૉͷRSA͸͍͔ͭ͘ͷཧ༝ʹΑΓඇਪ঑ͳͷͰɺ࣮ࡍʹར༻͢Δͱ͖
    ͸ރΕ࣮ͨ૷ͱ҆શͳpaddingΛ࢖͍·͠ΐ͏

    View Slide

  4. RSAͥΜͥΜΘ͔ΒΜ
    • ͳΜ͔͍͍ײ͡ʹ҆શͬΆ͍҉߸Λͭͬͯ͘͘ΕΔͬΆ͍
    • ͳΜ͔伴ͷbit͸௕͍΄͏͕ྑ͍Β͍͠
    • ͳΜ͔ૉҼ਺෼ղ͕Ήͣͯ͘ΞϨΒ͍͠

    View Slide

  5. ͥΜͥΜΘ͔Βͳ͍ͱࠔΔ͜ͱ
    • ҆શੑͷཧ༝͕Θ͔Βͳ͍(=ෳ਺ͷ҉߸ΞϧΰϦζϜؒͷ҆શੑͷൺ
    ֱ͕Ͱ͖ͳ͍)
    • ͥΜͥΜΘ͔Βͳ͍΋ͷʹഎதΛ༬͚Δͷ͸ͪΐͬͱ෺૽ɻݪཧΛ஌
    Βͳ͍ͱෆ༻ҙʹةݥͳ͜ͱΛͯ͠͠·ͬͨΓͪ͠Ό͏͔΋

    View Slide

  6. ͳͷͰ͍Ζ͍Ζௐ΂ͨ

    View Slide

  7. ͷͰ΍͍ͬͯ͘

    View Slide

  8. ࠓ೔΍Δ͜ͱ
    • RSAͷ҉߸Խ/෮߸ͷखॱͱ෮߸Ͱ͖Δ͜ͱͷূ໌
    • ܻ਺͘͢ͳ͍RSAΛखܭࢉͰͱ͘ϋϯζΦϯ
    • ૉҼ਺෼ղͷࠔ೉ੑͱ҆શૉ਺ʹ͍ͭͯ
    • ΋ͬͱਂງΓ͍ͨਓ޲͚ͷRSAཧղͷͨΊͷϩʔυϚοϓ

    View Slide

  9. RSAͷૢ࡞

    View Slide

  10. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ

    View Slide

  11. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ
    ͸΍͍͸΍͍͓͍ͪͭͯ

    View Slide

  12. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ
    Θ͔Δ

    View Slide

  13. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ
    ͓ޓ͍ૉͰͳʹ͕͏Ε͍͔͍ͬͯ͠͏ͱ࣍
    ͷ৚݅ΛΈͨ͢E͕ଘࡏ͢Δ͜ͱ͕͍͑Δ͔
    Β
    ༨ஊ͚ͩͲF͸ͱ͢Δ͜ͱ͕ଟ͍
    ͦͦ͜͜େ͖͍ૉ਺ͳͷͱɺਐ਺Ͱ
    ͱͳΓCJU͔͠
    ͨͬͯͳͯ͘ԋࢉෛՙ͕͍ͪ͞ΊͳͨΊ

    View Slide

  14. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ
    NPE͸৒༨ΛٻΊΔॲཧͰɺϓϩάϥϜͰ
    ΍Δԋࢉͱಉ͡
    ৒༨ʹ͓͚Δ߹ಉ͸ӈͱࠨͷ৒༨͕౳͍͠
    ͱ͍͏ҙຯ
    ͭ·ΓೃછΈ͋Δදݱʹ௚͢ͱ
    EF Q
    R
    Q
    R
    ͱͳ
    ΔE FΛ४උ͍ͤ΍ͱ͍͏͜ͱ

    View Slide

  15. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ
    NPE͸৒༨ΛٻΊΔॲཧͰɺϓϩάϥϜͰ
    ΍Δԋࢉͱಉ͡
    ৒༨ʹ͓͚Δ߹ಉ͸ӈͱࠨͷ৒༨͕౳͍͠
    ͱ͍͏ҙຯ
    ͭ·ΓೃછΈ͋Δදݱʹ௚͢ͱ
    EF Q
    R
    Q
    R
    ͱͳ
    ΔE FΛ४උ͍ͤ΍ͱ͍͏͜ͱ
    EF㲇 NPE Q
    R

    Λຬͨ͢EΛٻΊ
    Δͷ͸֦ுϢʔΫϦουޓআ๏Λ͔ͭ͑͹
    ΘΓͱαΫοͱͰ͖Δ
    ֦ுϢʔΫϦουޓআ๏ͰͳΜͰ͏·͍͘
    ͔͘͸ϕζʔͷ౳ࣜͱ͔ͱབྷΉͷͰׂѪ
    ڵຯ͋Δਓ޲͚ͷϩʔυϚοϓʹؔ܎ੑΛ
    ·ͱΊͱ͖·͢

    View Slide

  16. ༻ҙ͢Δ΋ͷ
    • p, q Λ૬ҧͳૉ਺ͱͯ͠ n = pq ͱͳΔ੔਺ n
    • (p-1)(q-1) ͱޓ͍ʹૉͳ੔਺e
    • de ≡ 1 (mod (p-1)(q-1)) ͱͳΔ੔਺ d
    • n, eΛެ։伴ɺdΛൿີ伴ͱ͢Δ
    NPE͸৒༨ΛٻΊΔॲཧͰɺϓϩάϥϜͰ
    ΍Δԋࢉͱಉ͡
    ৒༨ʹ͓͚Δ߹ಉ͸ӈͱࠨͷ৒༨͕౳͍͠
    ͱ͍͏ҙຯ
    ͭ·ΓೃછΈ͋Δදݱʹ௚͢ͱ
    EF Q
    R
    Q
    R
    ͱͳ
    ΔE FΛ४උ͍ͤ΍ͱ͍͏͜ͱ
    EF㲇 NPE Q
    R

    Λຬͨ͢EΛٻΊ
    Δͷ͸֦ுϢʔΫϦουޓআ๏Λ͔ͭ͑͹
    ΘΓͱαΫοͱͰ͖Δ
    ֦ுϢʔΫϦουޓআ๏ͰͳΜͰ͏·͍͘
    ͔͘͸ϕζʔͷ౳ࣜͱ͔ͱབྷΉͷͰׂѪ
    ڵຯ͋Δਓ޲͚ͷϩʔυϚοϓʹؔ܎ੑΛ
    ·ͱΊͱ͖·͢
    ͳΜͰͦΜͳ͜ͱ͢Δͷʁ

    View Slide

  17. ͋ͱͰγϡͬͱͯ͠νϟͬͱ͢ΔΜͩΑʂ

    View Slide

  18. ҉߸Խͷૢ࡞
    • Ҏ߱͸ϓϨʔϯςΩετΛm, ҉߸ԽจࣈྻΛcͱ͠·͢
    • RSAͷ҉߸Խ͸ Enc(m) := m^e mod n
    • Α͏͸mΛe৐ͯ͠%nͱΕ͹҉߸ԽͰ͖Δɻeͱn͸ެ։৘ใͳͷͰ୭
    Ͱ΋҉߸ԽՄೳ

    View Slide

  19. ෮߸ͷૢ࡞
    • RSAͷ෮߸͸ Dec(c) := c^d mod n
    • ͜ΕͰmʹ΋ͲΔ
    • ͖ͬ͞ͷ෮߸ͱ͋Θͤͯ੔ཧ͢Δͱ (m^e mod n)^d mod n ͢Δͱm
    ʹ໭Δͱ͍͍ͬͯΔ
    • nΛ๏ͱ͢ΔmodͱΔૢ࡞͸్தͰ΍ͬͯ΋লུͯ͠΋݁Ռ͸͔ΘΒ
    ͳ͍ͷͰ (m^e)^d mod n ͱܭࢉͯ͠΋ಉ͡

    View Slide

  20. ͨΊͯ͠ΈΑ͏
    • m = (m^e mod n)^d mod n ͕੒Γཱͭͱͯ͠ܭࢉͯ͠ΈΔ
    • ద౰ʹn=35, e=5, d=5, m=4ͱ͔Ͱࢼͯ͠ΈΔ
    • m^e mod n = 4^5 mod 35 = 1024 mod 35 = 9
    • c^d mod n = 9^5 mod 35 = 59049 mod 35 = 4
    • 0 < m < n ͷൣғʹ͓͍ͯ੒ཱ͢Δ

    View Slide

  21. (m^e)^d ≡ m (mod n) ͷূ໌(1)
    • ੔ཧͯ͠m^de ≡ m (mod n)
    • ͜͜Ͱ de ʹ͍ͭͯɺ de ≡ 1 (mod (p-1)(q-1)) ͱͳΔΑ͏ͳ਺͔ͩΒ
    ͳʹ͔͠Βͷ(p-1)(q-1)ͷഒ਺ʹ1଍ͨ͠஋Ͱ de = 1 + s(p-1)(q-1) ͱ
    ͔͚Δ
    • m^de = m^(1+s(p-1)(q-1)) = m(m^(p-1)(q-1))^s ͱ͔͚Δɻ͜ΕͰm
    ͷഒ਺ͷܗͰ͔͚ͨ

    View Slide

  22. (m^e)^d ≡ m (mod n) ͷূ໌(2)
    • ·ͱΊΔͱ m(m^(p-1)(q-1))^s ≡ m (mod n) ͱͳΕ͹Α͍
    • άοͱᛀΉͱ m^(p-1)(q-1) mod n ͕ͳʹ͔ͷखҧ͍Ͱ1ʹͳͬͯ͘Ε
    Δͱm(1)^s ≡ m (mod n) ͱͳͬͯ͘Εͦ͏
    • ͦΜͳ౎߹ͷ͍͍͜ͱ…͋ΔΘ͚…͋ΔΘ͚…

    View Slide

  23. (m^e)^d ≡ m (mod n) ͷূ໌(2)
    • ·ͱΊΔͱ m(m^(p-1)(q-1))^s ≡ m (mod n) ͱͳΕ͹Α͍
    • άοͱᛀΉͱ m^(p-1)(q-1) mod n ͕ͳʹ͔ͷखҧ͍Ͱ1ʹͳͬͯ͘Ε
    Δͱm(1)^s ≡ m (mod n) ͱͳͬͯ͘Εͦ͏
    • ͦΜͳ౎߹ͷ͍͍͜ͱ…͋ΔΘ͚…͋ΔΘ͚…
    େ਺ֶऀϑΣϧϚʔ
    ࢴ͕͘͢ͳ͍͜ͱͰ༗໊
    ͋ΔͰ

    View Slide

  24. ϑΣϧϚʔͷখఆཧ
    • p͸ૉ਺, a͸੔਺Ͱޓ͍ʹૉͱ͢Δͱ͖ҎԼ͕੒Γཱͭ
    • a^(p-1) ≡ 1 (mod p)
    • ূ໌΋঺հ͍͚ͨ͠Ͳۮવʹ΋खݩʹࢴ͕ແ͍ͷͰলུ͠·͢
    • ͦͦ͜͜؆୯ͳͷͰ͕࣌ؒ༨ͬͨΒܰ͘঺հ͢Δ͔΋

    View Slide

  25. (m^e)^d ≡ m (mod n) ͷূ໌(3)
    m^(p-1)(q-1) ≡ 1 (mod n) Λͱ͘
    • ํ਑ͱͯ͠͸ͳΜ΍͔΍ͯ͠ m^(p-1)(q-1) -1 ≡ 0 (mod n) ͰׂΓ੾Ε
    Δ͜ͱΛ֬ೝ͢Δํ޲ͰؤுΔ
    • ↑͕੒Γཱͯ͹มܗͯ͠ m^(p-1)(q-1) ≡ 1 (mod n) ͕ٻ·Δ

    View Slide

  26. (m^e)^d ≡ m (mod n) ͷূ໌(4)
    m^(p-1)(q-1) ≡ 1 (mod n) Λͱ͘
    • (m^(p-1))^(q-1) ͱมܗͯ͠ߟ͑Δ
    • q͸ૉ਺͔ͩΒɺmࣗ਎͕qͷഒ਺Ͱͳ͍ݶΓ m^(p-1) ͱ͸ޓ͍ʹૉ
    ͳͷͰɺϑΣϧϚʔͷখఆཧΑΓ (m^(p-1))^(q-1) ≡ 1 (mod q)
    • ׂΓ੾ΕΔܗʹ੔ཧ͢Δͱ (m^(p-1))^(q-1) -1 ≡ 0 (mod q)
    • m^(p-1)(q-1) -1 ≡ 0 (mod q) ͕ࣔͤͨ … (i

    View Slide

  27. (m^e)^d ≡ m (mod n) ͷূ໌(5)
    m^(p-1)(q-1) ≡ 1 (mod n) Λͱ͘
    • (m^(q-1))^(p-1) ͱมܗͯ͠ߟ͑Δ
    • p͸ૉ਺͔ͩΒɺmࣗ਎͕pͷഒ਺Ͱͳ͍ݶΓ m^(q-1) ͱ͸ޓ͍ʹૉ
    ͳͷͰɺϑΣϧϚʔͷখఆཧΑΓ (m^(q-1))^(p-1) ≡ 1 (mod p)
    • ׂΓ੾ΕΔܗʹ੔ཧ͢Δͱ (m^(q-1))^(p-1) -1 ≡ 0 (mod p)
    • m^(p-1)(q-1) -1 ≡ 0 (mod p) ͕ࣔͤͨ … (ii

    View Slide

  28. (m^e)^d ≡ m (mod n) ͷূ໌(6)
    m^(p-1)(q-1) ≡ 1 (mod n) Λͱ͘
    • (i, (ii ΑΓ m^(p-1)(q-1) -1 ͸pͰ΋qͰ΋ׂΓ੾ΕΔ
    • p, q͸૬ҧͳૉ਺ͳͷͰ໿਺͕ଘࡏ͠ͳ͍ɻͦͷͨΊͲͪΒͰ΋ׂΓ
    ੾ΕΔͱ͍͏͜ͱ͸ m^(p-1)(q-1) -1 ͸ pq ͷഒ਺Ͱ͋Δ
    • Ҏ্ΑΓ m^(p-1)(q-1) -1 ≡ 0 (mod n) Ͱ͋Δ͜ͱ͕Θ͔Δ
    • มܗͯ͠ m^(p-1)(q-1) ≡ 1 (mod n) ͱͳΔʂ …(iii

    View Slide

  29. (m^e)^d ≡ m (mod n) ͷূ໌(7)
    • m(m^(p-1)(q-1))^s ≡ m (mod n) ͱͳΕ͹Α͍
    • άοͱᛀΉͱ m^(p-1)(q-1) mod n ͕ͳʹ͔ͷखҧ͍Ͱ1ʹͳͬͯ͘ΕΔͱ
    m(1)^s ≡ m (mod n) ͱͳͬͯ͘Εͦ͏
    • pqͱޓ͍ʹૉͳmͳΒ m^(p-1)(q-1) ≡ 1 (mod n) ͱͳΔͷͰˢ͕੒ཱ͢Δʂূ
    ໌͓ΘΓ
    • ͪͳΈʹpqͱm͕ૉ͡Όͳ͍ͱ͖͸ϑΣϧϚʔͷখఆཧͱ͔ߟ͑ͳͯ͘Αͯ͘
    m͕p, qͰׂΓ੾ΕΔ͜ͱΛར༻ͯ͠୯ʹnͷഒ਺+mͷܗʹ੔ཧͰ͖Δ

    View Slide

  30. खܭࢉͰͱͧ͘ʂ

    View Slide

  31. ໰୊
    • 1~26ͷ਺ࣈΛͦΕͧΕΞϧϑΝϕοτͷA~ZʹׂΓ౰ͯͨՍۭͷจ
    ࣈίʔυ͕ଘࡏ͢Δͱ͢Δ
    • n=35, e=5 ͕Θ͔͍ͬͯΔͱ͖ɺҎԼͷ3ͭͷ҉߸จΛղಡͯ͠Ͷ
    • 23, 24, 1

    View Slide

  32. ໰୊
    • 1~26ͷ਺ࣈΛͦΕͧΕΞϧϑΝϕοτͷA~ZʹׂΓ౰ͯͨՍۭͷจ
    ࣈίʔυ͕ଘࡏ͢Δͱ͢Δ
    • n=35, e=5 ͕Θ͔͍ͬͯΔͱ͖ɺҎԼͷ3ͭͷ҉߸จΛղಡͯ͠Ͷ
    • 23, 24, 1
    • ώϯτ1: c^d mod n Ͱ෮߸Ͱ͖Δɻd͸ de ≡ 1 (mod (p-1)(q-1))
    • ώϯτ2: n = pq ͱͳΔpqʹૉҼ਺෼ղͰ͖Ε͹͋ͱ͸ܭࢉ͢Δ͚ͩ

    View Slide

  33. ͨ͑͜
    • n ͸35͔ͩΒୈ࿡ײͰ 5 * 7 ͷૉҼ਺෼ղͰ͖Δ
    • Αͬͯd͸ 5d ≡ 1 mod (5 - 1)(7 - 1)
    • ܭࢉ͢Δͱ5d - 1 ≡ 0 mod 24 ͱͳΓɺd = 5 ͕͋ͯ͸·Δ͜ͱ͕Θ͔Δ
    • ͋ͱ͸ 23^5 mod 35, 24^5 mod 35, 1^5 mod 35 ΛٻΊΔ͚ͩɻखͰ΍Δ
    ͱ͖͍͚ͭͲΪϦࠜੑͰղ͚Δൣғ
    • ղ͘ͱ 18, 19, 1 ʹͳͬͯṖͷจࣈίʔυʹরΒ͠߹ΘͤΔͱ RSA ʹͳΔʂ

    View Slide

  34. ϋϯζΦϯ͔ΒΘ͔Δ͜ͱ
    • ૉҼ਺෼ղ͑͞Ͱ͖ͨΒޙ͸ܭࢉ͢Δ͚ͩ
    • ୯७ܭࢉ͸ίϯϐϡʔλͷಘҙͱ͢Δͱ͜ΖͳͷͰͦ͜·Ͱ͍͚͹
    νϣϩ͍
    • RSAͷ೉͠͞͸ૉҼ਺෼ղͷࠔ೉͞ʹґڌ͍ͯ͠Δɻ͕͜͜ಥഁ͞Ε
    Δͱγϡοͱൿີ伴͕ܭࢉ͞ΕͪΌ͏

    View Slide

  35. ૉҼ਺෼ղͷࠔ೉ੑͱ҆શૉ਺

    View Slide

  36. ૉҼ਺෼ղ͖ͪʔͧʂ
    • ଟ߲ࣜ࣌ؒͰͱ͚ΔΞϧΰϦζϜΈ͔ͭͬͯͳ͍ͷ…
    • ࢦ਺͔͔࣌ؒΔ͔ΒͭΒ͍ͷ…
    • ର৅ͱͳΔૉ਺ͷܻ͕૿͑Ε͹૿͑Δ΄ͲΞϗΈ͍ͨʹ͔͔࣌ؒΔ
    • 200ܻ * 200ܻ͙Β͍ͩͱ͍·ͷεύίϯͰ΋਺ԯ೥͔͔ΔΑ͏Ͱ͢
    (ࢦ਺͔͔࣌ؒΔͱ͍͏ͱ͜Ζ·Ͱ͔͠௥ͬͯͳ͍͔ΒͲ͏͍͏ܭࢉ
    Ͱ਺ԯ೥ͱ͍ͬͯΔͷ͔͸஌Βͳ͍)

    View Slide

  37. ૉҼ਺෼ղޮ཰Α͘Ͱ͖ͳ͍ʁ
    • p-1๏ͱ͍͏ͷ͕͋Δ
    • ͘Θ͘͠͸๻΋௥͍͔͚Εͯͳ͍͚ͲɺϑΣϧϚʔͷখఆཧΛ͔ͭͬ
    ͨߟ͑ํͰɺૉ਺p͔Β-1ͨ͠ͱ͖ʹখ͞ͳૉ਺Ͳ͏͠ͷੵʹͳͬͯ
    Δͱޮ཰Α͘ܭࢉͰ͖ΔΒ͍͠
    • Ͱ͔͍ૉҼ਺͕;͘·ΕͯΔͱp-1๏͸ޮ཰Α͘Ͱ͖ͳ͍

    View Slide

  38. ҆શૉ਺ͱ͸
    • p, qͷ૬ҧͳૉ਺͕͋ͬͨͱ͖ p = 2q +1 ͱͳΔૉ਺
    • p-1๏͸p-1ʹͰ͔͍ૉҼ਺͕͋Δͱޮ཰͕͋Βͳ͍ͷΛࢥ͍ग़͢ͱɺ҆શ
    ૉ਺͸p-1๏ʹͱ͔ͬͯͳΓ૬खͨ͘͠ͳ͍਺(p-1ͷૉҼ਺ʹ͍͍ͩͨp/2
    ͷαΠζͷόΧσΧૉ਺͕͋ΔͷͰ)
    • ҉߸తͳڧ౓Λ΋ͭૉ਺ੜ੒ͱ͸ɺे෼େ͖͍҆શૉ਺Λͭͬͯ͘͘ΕΔ
    ͬͯ͜ͱͩͧʂ͜͜ςετʹग़·͢
    • े෼ͳܻ਺ͷ҆શૉ਺ͷੵ͸·͋ૉҼ਺෼ղ͢Δͷແཧ΍Ζͱͳ͍ͬͯΔ

    View Slide

  39. ਂງΓ͍ͨਓ޲͚
    RSAཧղ΁ͷϩʔυϚοϓ

    View Slide

  40. ҉߸Խ/෮߸͕੒ཱ͢Δ͜ͱ
    Λཧղ͢ΔͨΊʹඞཁͬΆ͍΍ͭ
    • ϑΣϧϚʔͷখఆཧ
    • ؆୯Ί
    • ΦΠϥʔͷఆཧ
    • ϑΣϧϚʔͷఆཧ͸๏p͕ૉ਺Ͱ͋Δඞཁ͕͚͋ͬͨͲɺͦΕΛҰ
    ൠʹ֦ுͯ͠ޓ͍ʹૉͳa, nͰ͋Ε͹੒ཱ͢ΔΑ͏ʹͨ͠΍ͭ
    • ͜ΕͰূ໌ͯ͠Δ͜ͱ΋ଟ͍͚ͲϑΣϧϚʔͷখఆཧͱେମ͓ͳ͡

    View Slide

  41. de ≡ 1 (mod (p-1)(q-1)) ΛٻΊΔํ๏
    ͷཧղʹඞཁͬΆ͍΍ͭ
    • ܈, ؀, ମͷݴ༿ͷఆٛ͘Β͍
    • ͷͪͷূ໌ʹ͠Εͬͱग़͖ͯͯͳΜͩ͜ΕͱͳΔ
    • ୯Ґݩ, ٯݩ͋ͨΓ΋ݴ༿ͷҙຯ͕Θ͔ΔͱΑ͛͞
    • ϕζʔͷ౳ࣜ
    • ax+by=c͕࣮਺ղΛ࣋ͭͳΒc͸gcd(a,b)ͷഒ਺ͩͧͱ͍͏΍ͭɻݸਓతʹ͸ࠓճಡΜͩূ໌ͰҰ൪Ή͔ͣͬͨ
    • ϢʔΫϦουޓআ๏
    • gcd(a,b)Λޮ཰Α͘΋ͱΊΔΞϧΰϦζϜɻ͜Ε΋ূ໌͕؆୯
    • ֦ுϢʔΫϦουޓআ๏
    • ϕζʔͷ౳ࣜΛຬͨ͢ղΛ୳ࡧͰ͖Δɻ࣮૷ͱͯ͠͸ϢʔΫϦουޓআ๏ʹໟ͕ੜ͑ͨఔ౓
    • ͍ͭ͜Ͱ৒༨؀ͷٯݩ͕ͩͤΔઆ໌͸ผ్ಡ·ͳ͍ͱΘ͔Β͵͔΋

    View Slide

  42. ҆શͳn=pqΛ࡞Δํ๏
    ͷཧղʹඞཁͬΆ͍΍ͭ
    • ૉ਺ੜ੒ΞϧΰϦζϜ͸ਖ਼௚͓͍͖Εͯͳ͍
    • ద౰ͳૉ਺ͬΆ͍਺ͭ͘Δ -> ߴ଎ͳૉ਺൑ఆʂͷྲྀΕ͕͓͓͍ɻߴ଎ͳૉ
    ਺൑ఆ͸֬཰తͳΞϧΰϦζϜ͹͔ͬΓ͔ͩΒෳ਺ճ܁Γฦͯ͠ޡݕ஌཰Λ
    ͛͞Δ(n=10ͱ͔)
    • Miller-Rabin๏: ૉ਺͡Όͳ͍਺ʹOKग़ͪ͠Ό͏ͷ͸25%ҎԼ
    • Baillie-PSW๏: ͍͔ͭ͘ͷૉ਺൑ఆΞϧΰϦζϜΛ૊Έ߹Θͤͯຐվ଄ͨ͠
    Έ͍ͨͳ΍ͭʁͪΌΜͱ௥ͬͯͳ͍͚ͲGoͱ͔Ͱ࢖ΘΕͯΔ͔ΒΑͦ͞͏

    View Slide

  43. ҆શͳn=pqΛ࡞Δํ๏
    ͷཧղʹඞཁͬΆ͍΍ͭ
    • ૉ਺ੜ੒ΞϧΰϦζϜ͸ਖ਼௚͓͍͖Εͯͳ͍
    • ద౰ͳૉ਺ͬΆ͍਺ͭ͘Δ -> ߴ଎ͳૉ਺൑ఆʂͷྲྀΕ͕͓͓͍ɻߴ଎ͳૉ
    ਺൑ఆ͸֬཰తͳΞϧΰϦζϜ͹͔ͬΓ͔ͩΒෳ਺ճ܁Γฦͯ͠ޡݕ஌཰Λ
    ͛͞Δ(n=10ͱ͔)
    • Miller-Rabin๏: ૉ਺͡Όͳ͍਺ʹOKग़ͪ͠Ό͏ͷ͸25%ҎԼ
    • Baillie-PSW๏: ͍͔ͭ͘ͷૉ਺൑ఆΞϧΰϦζϜΛ૊Έ߹Θͤͯຐվ଄ͨ͠
    Έ͍ͨͳ΍ͭʁͪΌΜͱ௥ͬͯͳ͍͚ͲGoͱ͔Ͱ࢖ΘΕͯΔ͔ΒΑͦ͞͏
    ͪͳΈʹ҆શૉ਺ͷੜ੒ʹ͍ͭͯ͸͋Μ·
    Γ͏·͘΍ͬͯͳ͍ؾ͕͍ͯͯ͠ɺ
    ૉ௚ʹ೚ҙͷૉ਺൑ఆͰૉ਺RΛͭͬͨ͘ޙ
    R͕ૉ਺͔͓͔ΘΓ൑ఆͯ͠ૉ਺ͩͬͨ
    Β͍ͦͭΛQͱͯ͠ฦ͢Έ͍ͨͳงғؾ͕͋
    Δ
    ͪΌΜͱௐ΂͖Εͯͳ͍͚Ͳ௚ײతʹ΋ͦ
    Ε͕ૣͦ͏

    View Slide

  44. RSAʹ͍ͭͯͷઆ໌͸
    ͜Εʹͯऴྃ

    View Slide

  45. ׬

    View Slide