With so many articles being published that highlight how important encryption is nowadays, you must stay aware of every possible route to enforce such standards. The RSA algorithm has been a reliable source of security since the early days of computing, and it keeps solidifying itself as a definitive weapon in the line of cybersecurity.
Before moving forward with the algorithm, let’s get a refresher on asymmetric encryption since it verifies digital signatures according to asymmetric cryptography architecture, also known as public-key cryptography architecture.
What Is Asymmetric Encryption?
In Asymmetric Encryption algorithms, you use two different keys, one for encryption and the other for decryption. The key used for encryption is the public key, and the key used for decryption is the private key. But, of course, both the keys must belong to the receiver.
As seen in the image above, using different keys for encryption and decryption has helped avoid key exchange, as seen in symmetric encryption.
For example, if Alice needs to send a message to Bob, both the keys, private and public, must belong to Bob.
The process for the above image is as follows:
- Step 1: Alice uses Bob’s public key to encrypt the message
- Step 2: The encrypted message is sent to Bob
- Step 3: Bob uses his private key to decrypt the message
This eliminates the need to exchange any secret key between sender and receiver, thereby reducing the window of exploitation.
Now that you understand how asymmetric encryption occurs, you can look at how the digital signature architecture is set up.
What Are Digital Signatures?
Digital signatures serve the purpose of authentication and verification of documents and files. This is crucial to prevent tampering during official papers’ transmission and prevent digital manipulation or forgery.
They work on the public key cryptography architecture, barring one small caveat. Typically, the asymmetric key system uses a public key for encryption and a private key for decryption. However, when dealing with digital signatures, it’s the opposite. The private key is used to encrypt the signature, and the public key is used to decrypt it. Since the keys work in tandem with each other, decrypting it with the public key signifies it used the correct private key to sign the document, hence authenticating the origin of the signature.
M - Plaintext
H - Hash function
h - Hash digest
‘+’ - Bundle both plaintext and digest
E - Encryption
D - Decryption
The image above shows the entire process, from the signing of the key to its verification. So, go through each step to understand the procedure thoroughly.
- Step 1: M denotes the original message It is first passed into a hash function denoted by H# to scramble the data before transmission.
- Step 2: It then bundled the message together with the hash digest, denoted by h, and encrypts it using the sender’s private key.
- Step 3: It sends the encrypted bundle of the message and digest to the receiver, who decrypts it using the sender’s public key.
- Step 4: Once decrypted, it passes the message through the same hash function (H#) to generate the hash digest again.
- Step 5: It compares the newly generated hash with the hash received in the decrypted bundle. If they match, it verifies the data integrity.
There are two industry-standard ways to implement the above methodology. They are:
- RSA Algorithm
- DSA Algorithm
Both have the same goal, but they approach encryption and decryption in different ways. So now that you know how it's supposed to function, look at the RSA algorithm, which is the topic for today.
What Is the RSA Algorithm?
The RSA algorithm is a public-key signature algorithm developed by Ron Rivest, Adi Shamir, and Leonard Adleman. Their paper was first published in 1977, and the algorithm uses logarithmic functions to keep the working complex enough to withstand brute force and streamlined enough to be fast post-deployment. The image below shows it verifies the digital signatures using RSA methodology.
RSA can also encrypt and decrypt general information to securely exchange data along with handling digital signature verification. The image above shows the entire procedure of the RSA algorithm. You will understand more about it in the next section.
RSA in Data Encryption
When using RSA for encryption and decryption of general data, it reverses the key set usage. Unlike signature verification, it uses the receiver’s public key to encrypt the data, and it uses the receiver’s private key in decrypting the data. Thus, there is no need to exchange any keys in this scenario.
There are two broad components when it comes to RSA cryptography, they are:
- Key Generation: Generating the keys to be used for encrypting and decrypting the data to be exchanged.
- Encryption/Decryption Function: The steps that need to be run when scrambling and recovering the data.
You will now understand each of these steps in our next sub-topic.
Steps in RSA Algorithm
Keeping the image above in mind, go ahead and see how the entire process works, starting from creating the key pair, to encrypting and decrypting the information.
You need to generate public and private keys before running the functions to generate your ciphertext and plaintext. They use certain variables and parameters, all of which are explained below:
- Choose two large prime numbers (p and q)
- Calculate n = p*q and z = (p-1)(q-1)
- Choose a number e where 1 < e < z
- Calculate d = e-1mod(p-1)(q-1)
- You can bundle private key pair as (n,d)
- You can bundle public key pair as (n,e)
Once you generate the keys, you pass the parameters to the functions that calculate your ciphertext and plaintext using the respective key.
- If the plaintext is m, ciphertext = me mod n.
- If the ciphertext is c, plaintext = cd mod n
To understand the above steps better, you can take an example where p = 17 and q=13. Value of e can be 5 as it satisfies the condition 1 < e < (p-1)(q-1).
N = p * q = 91
D = e-1mod(p-1)(q-1) = 29
Public Key pair = (91,5)
Private Key pair = (91,29)
If the plaintext(m) value is 10, you can encrypt it using the formula me mod n = 82.
To decrypt this ciphertext(c) back to original data, you must use the formula cd mod n = 29.
You can now look at the factors that make the RSA algorithm stand out versus its competitors in the advantages section.
Advantages of RSA
- No Key Sharing: RSA encryption depends on using the receiver’s public key, so you don’t have to share any secret key to receive messages from others.
- Proof of Authenticity: Since the key pairs are related to each other, a receiver can’t intercept the message since they won’t have the correct private key to decrypt the information.
- Faster Encryption: The encryption process is faster than that of the DSA algorithm.
- Data Can’t Be Modified: Data will be tamper-proof in transit since meddling with the data will alter the usage of the keys. And the private key won’t be able to decrypt the information, hence alerting the receiver of manipulation.
This sums up this lesson on the RSA Algorithm.
Looking forward to a career in Cyber Security? Then check out the Certified Ethical Hacking Course and get skilled. Enroll now!
How Can Simplilearn Help You?
Hope you found this information helpful, and you could gain a better understanding of the importance of digital signatures in the digital age and the role of cryptography in developing a business threat model. However, this is a small segment of cybersecurity, which is a rapidly rising industry with an increasing demand for competent personnel.
Simplilearn offers a “Cybersecurity Expert” course that will teach you all you need to know to start or advance your career in cybersecurity. There are no definite prerequisites for this course, and it is appropriate for professionals of various ages and backgrounds. In addition, the course is packed with industry-leading modules that will ensure you have a thorough understanding of all you need to learn before entering the cybersecurity job market.
With this, you have understood the importance of asymmetric cryptography, the functionality of digital signatures, the workflow in RSA, the steps involved in the signature verification, and the perks it offers over other standards. Hope this tutorial helped in familiarising you with how the RSA algorithm is used in today’s industry.
Do you have any concerns regarding the topic? Please mention your queries in the comment section of this tutorial and, we’d be happy to have our experts answer them for you.