1 00:00:00,000 --> 00:00:02,000 [Powered by Google Translate] [RSA] 2 00:00:02,000 --> 00:00:04,000 [Rob Bowden] [Tommy MacWilliam] [Chuo Kikuu cha Harvard] 3 00:00:04,000 --> 00:00:07,000 [Hii ni CS50.] [CS50.TV] 4 00:00:07,000 --> 00:00:11,000 Hebu tuangalie RSA, algorithm sana kutumika kwa ajili ya encrypting data. 5 00:00:11,000 --> 00:00:16,000 Algorithms encryption kama Kaisari na ciphers Vigenère ni si salama sana. 6 00:00:16,000 --> 00:00:20,000 Kwa cipher Kaisari, mshambulizi tu mahitaji ya kujaribu 25 funguo mbalimbali 7 00:00:20,000 --> 00:00:22,000 kupata ujumbe wa wazi asilia. 8 00:00:22,000 --> 00:00:25,000 Wakati cipher Vigenère ni salama zaidi kuliko cipher Kaisari 9 00:00:25,000 --> 00:00:28,000 sababu ya kubwa tafuta nafasi kwa funguo, mara moja mshambulizi 10 00:00:28,000 --> 00:00:30,000 anajua urefu wa muhimu katika cipher Vigenère, 11 00:00:30,000 --> 00:00:34,000 ambayo inaweza kuamua kupitia uchambuzi wa ruwaza katika maandishi encrypted, 12 00:00:34,000 --> 00:00:38,000 Cipher Vigenère si kwamba salama zaidi kuliko cipher Kaisari. 13 00:00:38,000 --> 00:00:42,000 RSA, kwa upande mwingine, si katika mazingira magumu na mashambulizi kama hii. 14 00:00:42,000 --> 00:00:45,000 Cipher Kaisari na Vigenère cipher kutumia ufunguo huo 15 00:00:45,000 --> 00:00:47,000 kwa wote Simba na decrypt ujumbe. 16 00:00:47,000 --> 00:00:51,000 Hii inafanya mali hizo ciphers algorithms muhimu symmetriska. 17 00:00:51,000 --> 00:00:54,000 Tatizo la msingi na muhimu algorithms symmetriska 18 00:00:54,000 --> 00:00:57,000 ni kwamba wao wanategemea moja encrypting na kutuma ujumbe 19 00:00:57,000 --> 00:00:59,000 na moja ya kupokea na decrypting ujumbe 20 00:00:59,000 --> 00:01:03,000 kuwa tayari walikubaliana upfront juu ya ufunguo wao wote kutumia. 21 00:01:03,000 --> 00:01:06,000 Lakini tuna tatizo kidogo ya startup hapa. 22 00:01:06,000 --> 00:01:10,000 Jinsi gani 2 kompyuta kwamba unataka kuwasiliana kuanzisha muhimu siri kati yao? 23 00:01:10,000 --> 00:01:16,000 Kama muhimu lazima siri, basi tunahitaji njia encrypt na decrypt muhimu. 24 00:01:16,000 --> 00:01:18,000 Kama wote tuna ni symmetriska key cryptography 25 00:01:18,000 --> 00:01:21,000 kisha tumekuwa tu kurudi tatizo moja. 26 00:01:21,000 --> 00:01:25,000 RSA, kwa upande mwingine, anatumia jozi ya funguo, 27 00:01:25,000 --> 00:01:28,000 moja kwa encryption na mwingine kwa ajili ya decryption. 28 00:01:28,000 --> 00:01:32,000 Moja inaitwa muhimu ya umma, na nyingine ni ufunguo binafsi. 29 00:01:32,000 --> 00:01:34,000 muhimu ya umma hutumiwa encrypt ujumbe. 30 00:01:34,000 --> 00:01:38,000 Kama unaweza nadhani kwa jina lake, tunaweza kushiriki ufunguo yetu ya umma na 31 00:01:38,000 --> 00:01:43,000 mtu yeyote tunataka bila kuacha usalama wa ujumbe ambao umefungiwa. 32 00:01:43,000 --> 00:01:45,000 Ujumbe encrypted kutumia ufunguo wa umma 33 00:01:45,000 --> 00:01:49,000 inaweza tu decrypted na ufunguo wake sambamba binafsi. 34 00:01:49,000 --> 00:01:53,000 Wakati unaweza kushiriki muhimu yako ya umma, unapaswa daima kuweka ufunguo wako binafsi siri. 61 00:01:55,000 --> 00:01:58,000 na tu ufunguo binafsi inaweza kutumika kwa ujumbe decrypt 62 00:01:58,000 --> 00:02:02,000 ikiwa 2 watumiaji unataka kutuma ujumbe fiche pamoja na RSA 63 00:02:02,000 --> 00:02:07,000 na kurudi wote watumiaji haja ya kuwa na umma na binafsi zao wenyewe jozi ufunguo. 64 00:02:07,000 --> 00:02:10,000 Ujumbe kutoka kwa mtumiaji 1 kwa mtumiaji 2 65 00:02:10,000 --> 00:02:15,000 tu kutumia mtumiaji 2 muhimu ya jozi, na ujumbe kutoka kwa mtumiaji 2 kwa mtumiaji 1 66 00:02:15,000 --> 00:02:17,000 tu kutumia mtumiaji 1 muhimu ya jozi. 67 00:02:17,000 --> 00:02:21,000 ukweli kwamba kuna 2 tofauti funguo encrypt na ujumbe decrypt 68 00:02:21,000 --> 00:02:24,000 hufanya RSA Differentierade muhimu algorithm. 69 00:02:24,000 --> 00:02:28,000 Hatuna haja ya kutia fumbo muhimu ya umma ili kutuma kwa kompyuta nyingine 70 00:02:28,000 --> 00:02:31,000 tangu muhimu ni umma anyway. 71 00:02:31,000 --> 00:02:33,000 Hii ina maana kwamba RSA hana huo startup tatizo 72 00:02:33,000 --> 00:02:36,000 kama symmetriska algorithms muhimu. 73 00:02:36,000 --> 00:02:39,000 Hivyo kama mimi unataka kutuma ujumbe kwa kutumia encryption RSA 74 00:02:39,000 --> 00:02:42,000 Rob, mimi kwanza utahitaji Rob wa umma muhimu. 75 00:02:42,000 --> 00:02:47,000 Kuzalisha jozi ya funguo, Rob inahitaji kuchukua 2 idadi kubwa ya waziri mkuu. 76 00:02:47,000 --> 00:02:50,000 Namba hizi zitatumika katika wawili funguo za umma na binafsi, 77 00:02:50,000 --> 00:02:54,000 lakini muhimu ya umma tu kutumia bidhaa za namba hizi 2, 78 00:02:54,000 --> 00:02:56,000 si idadi wenyewe. 79 00:02:56,000 --> 00:02:59,000 Mara nimekuwa encrypted ujumbe kwa kutumia Rob wa umma ufunguo 80 00:02:59,000 --> 00:03:01,000 Siwezi kutuma ujumbe kwa Rob. 81 00:03:01,000 --> 00:03:05,000 Kwa ajili ya kompyuta, factoring idadi ni tatizo ngumu. 82 00:03:05,000 --> 00:03:09,000 muhimu ya umma, kumbuka, kutumika bidhaa za namba 2 ya waziri mkuu. 83 00:03:09,000 --> 00:03:12,000 Bidhaa hii lazima basi kuwa sababu tu 2, 84 00:03:12,000 --> 00:03:16,000 ambayo kutokea kwa kuwa idadi kwamba kufanya juu ya ufunguo binafsi. 85 00:03:16,000 --> 00:03:20,000 Ili decrypt ujumbe, RSA kutumia ufunguo binafsi 86 00:03:20,000 --> 00:03:25,000 au namba tele pamoja katika mchakato wa kuunda muhimu ya umma. 87 00:03:25,000 --> 00:03:28,000 Sababu ni vigumu computationally sababu idadi 88 00:03:28,000 --> 00:03:32,000 kutumika katika muhimu ya umma ndani ya namba 2 kutumika katika ufunguo binafsi 89 00:03:32,000 --> 00:03:36,000 ni vigumu kwa mshambulizi kufikiri ufunguo binafsi 90 00:03:36,000 --> 00:03:39,000 kwamba itakuwa muhimu decrypt ujumbe. 91 00:03:39,000 --> 00:03:43,000 Sasa hebu kwenda katika maelezo ya chini baadhi ngazi ya RSA. 92 00:03:43,000 --> 00:03:46,000 Hebu kwanza tuone jinsi gani tunaweza kuzalisha jozi ya funguo. 93 00:03:46,000 --> 00:03:49,000 Kwanza, sisi itabidi 2 idadi ya waziri mkuu. 94 00:03:49,000 --> 00:03:52,000 Tutamwita nambari hizi 2 p na q. 95 00:03:52,000 --> 00:03:56,000 Ili kubaini p na q, katika mazoezi tunataka pseudorandomly kuzalisha 96 00:03:56,000 --> 00:03:59,000 idadi kubwa na kisha kutumia mtihani kwa ajili ya kuamua iwapo au 97 00:03:59,000 --> 00:04:02,000 wale idadi ni pengine waziri mkuu. 98 00:04:02,000 --> 00:04:05,000 Tunaweza kuendelea kuzalisha idadi random tena na tena 99 00:04:05,000 --> 00:04:08,000 mpaka tuna primes 2 kwamba tunaweza kutumia. 100 00:04:08,000 --> 00:04:15,000 Hapa hebu pick p = 23 na q = 43. 101 00:04:15,000 --> 00:04:19,000 Kumbuka, katika mazoezi, p na q wanapaswa kuwa kubwa idadi. 102 00:04:19,000 --> 00:04:22,000 Mbali kama sisi kujua, idadi kubwa, ngumu ni 103 00:04:22,000 --> 00:04:25,000 ufa ujumbe ambao umefungiwa. 104 00:04:25,000 --> 00:04:29,000 Lakini pia ni ghali zaidi ujumbe Simba na decrypt. 105 00:04:29,000 --> 00:04:33,000 Leo ni mara nyingi ilipendekeza kwamba p na q ni angalau 1024 bits, 106 00:04:33,000 --> 00:04:37,000 ambao unaweka idadi ya kila saa digits zaidi ya 300 decimal. 107 00:04:37,000 --> 00:04:40,000 Lakini tutaweza kuchukua namba hizi ndogo kwa ajili ya mfano huu. 108 00:04:40,000 --> 00:04:43,000 Sasa tutaweza kuzidisha p na q pamoja na kupata idadi 3, 109 00:04:43,000 --> 00:04:45,000 ambayo Tutamwita n. 110 00:04:45,000 --> 00:04:55,000 Katika kesi yetu, n = 23 * 43, ambayo = 989. 111 00:04:55,000 --> 00:04:58,000 Tuna n = 989. 112 00:04:58,000 --> 00:05:02,000 Next tutaweza kuzidisha p - 1 na q - 1 113 00:05:02,000 --> 00:05:05,000 kupata idadi 4, ambayo Tutamwita m. 114 00:05:05,000 --> 00:05:15,000 Katika kesi yetu, m = 22 * ​​42, ambayo = 924. 115 00:05:15,000 --> 00:05:18,000 Tuna m = 924. 116 00:05:18,000 --> 00:05:22,000 Sasa tutaweza haja e idadi ambayo ni kiasi mkuu m 117 00:05:22,000 --> 00:05:25,000 na chini ya m. 118 00:05:25,000 --> 00:05:28,000 Namba mbili ni kiasi mkuu au coprime 119 00:05:28,000 --> 00:05:33,000 ikiwa tu integer chanya kwamba mgawanyiko wote wawili ni sawasawa 1. 120 00:05:33,000 --> 00:05:37,000 Kwa maneno mengine, kubwa kawaida kigawanyo ya e na m 121 00:05:37,000 --> 00:05:39,000 lazima 1. 122 00:05:39,000 --> 00:05:44,000 Katika mazoezi, ni kawaida kwa e kuwa idadi mkuu 65,537 123 00:05:44,000 --> 00:05:48,000 muda mrefu kama idadi hii haina kutokea kwa kuwa sababu ya m. 124 00:05:48,000 --> 00:05:53,000 Kwa funguo wetu, tutaweza kuchukua e = 5 125 00:05:53,000 --> 00:05:57,000 tangu 5 ni kiasi mkuu 924. 126 00:05:57,000 --> 00:06:01,000 Hatimaye, tutaweza haja moja zaidi ya namba, ambayo Tutamwita d. 127 00:06:01,000 --> 00:06:11,000 D lazima baadhi thamani utakaokubalika equation de = 1 (Mod m). 128 00:06:11,000 --> 00:06:17,000 Hii m Mod kunaashiria tutaweza kutumia kitu kinachoitwa byggelement hesabu. 129 00:06:17,000 --> 00:06:21,000 Katika hesabu za msimu, mara moja idadi anapata juu kuliko amefungwa baadhi ya juu 130 00:06:21,000 --> 00:06:24,000 ni litamalizika nyuma karibu na 0. 131 00:06:24,000 --> 00:06:27,000 saa, kwa mfano, hutumia hesabu byggelement. 132 00:06:27,000 --> 00:06:31,000 Dakika moja baada ya 1:59, kwa mfano, ni 2:00, 133 00:06:31,000 --> 00:06:33,000 si 1:60. 134 00:06:33,000 --> 00:06:36,000 mkono dakika ina kung'ata kwa 0 135 00:06:36,000 --> 00:06:39,000 baada ya kufikia juu amefungwa ya 60. 136 00:06:39,000 --> 00:06:46,000 Hivyo, tunaweza kusema 60 ni sawa na 0 (Mod 60) 137 00:06:46,000 --> 00:06:57,000 na 125 ni sawa na 65 ni sawa na 5 (Mod 60). 138 00:06:57,000 --> 00:07:02,000 Ufunguo yetu ya umma itakuwa e jozi na n 139 00:07:02,000 --> 00:07:09,000 ambapo katika kesi hii e ni 5 na n ni 989. 140 00:07:09,000 --> 00:07:15,000 Ufunguo yetu binafsi itakuwa d jozi na n, 141 00:07:15,000 --> 00:07:22,000 ambayo katika kesi zetu ni 185 na 989. 142 00:07:22,000 --> 00:07:25,000 Ona kwamba primes yetu ya awali na p q wala kuonekana 143 00:07:25,000 --> 00:07:29,000 mahali popote katika funguo yetu binafsi au ya umma. 144 00:07:29,000 --> 00:07:33,000 Sasa kwa kuwa tuna jozi yetu ya funguo, hebu tuangalie ni jinsi gani tunaweza encrypt 145 00:07:33,000 --> 00:07:36,000 na decrypt ujumbe. 146 00:07:36,000 --> 00:07:38,000 Nataka kupeleka ujumbe kwa Rob, 147 00:07:38,000 --> 00:07:42,000 hivyo yeye atakuwa mmoja wa kuzalisha hii jozi ufunguo. 148 00:07:42,000 --> 00:07:46,000 Basi mimi itabidi kuuliza Rob kwa ufunguo wake wa umma, ambayo mimi itabidi kutumia 149 00:07:46,000 --> 00:07:48,000 encrypt ujumbe kutuma kwake. 150 00:07:48,000 --> 00:07:53,000 Kumbuka, ni kabisa sawa kwa Rob kushiriki ufunguo wake wa umma na mimi. 151 00:07:53,000 --> 00:07:56,000 Lakini itakuwa ni sawa na kushiriki ufunguo wake binafsi. 152 00:07:56,000 --> 00:08:00,000 Mimi si kuwa na wazo lolote nini ufunguo wake binafsi ni. 153 00:08:00,000 --> 00:08:03,000 Tunaweza kuvunja ujumbe wetu m juu katika chunks kadhaa 154 00:08:03,000 --> 00:08:07,000 ndogo kuliko zote n na kisha encrypt kila chunks hizo. 155 00:08:07,000 --> 00:08:12,000 Tutaweza encrypt CS50 kamba, ambayo tunaweza kuvunja katika chunks 4, 156 00:08:12,000 --> 00:08:14,000 moja kwa kila barua. 157 00:08:14,000 --> 00:08:17,000 Ili kuficha ujumbe wangu, mimi itabidi kubadili kwenye 158 00:08:17,000 --> 00:08:20,000 baadhi ya aina ya uwakilishi numeric. 159 00:08:20,000 --> 00:08:25,000 Hebu concatenate maadili ASCII na wahusika katika ujumbe wangu. 160 00:08:25,000 --> 00:08:28,000 Ili kuficha kupewa ujumbe m 161 00:08:28,000 --> 00:08:37,000 Mimi itabidi compute c = m e (Mod n). 162 00:08:37,000 --> 00:08:40,000 Lakini m lazima kuwa ndogo kuliko n, 163 00:08:40,000 --> 00:08:45,000 au mwingine ujumbe kamili hawezi kuwa walionyesha modulo n. 164 00:08:45,000 --> 00:08:49,000 Tunaweza kuvunja m juu katika chunks kadhaa, ambayo yote ni ndogo kuliko n, 165 00:08:49,000 --> 00:08:52,000 na simba kila chunks hizo. 166 00:08:52,000 --> 00:09:03,000 Encrypting kila chunks hizi, sisi kupata C1 = 67-5 (Mod 989) 167 00:09:03,000 --> 00:09:06,000 ambayo = 658. 168 00:09:06,000 --> 00:09:15,000 Kwa chunk pili yetu tuna 83-5 (Mod 989) 169 00:09:15,000 --> 00:09:18,000 ambayo = 15. 170 00:09:18,000 --> 00:09:26,000 Kwa chunk yetu ya tatu tuna 53-5 (Mod 989) 171 00:09:26,000 --> 00:09:30,000 ambayo = 799. 172 00:09:30,000 --> 00:09:39,000 Na hatimaye, kwa chunk yetu ya mwisho tuna 48-5 (Mod 989) 173 00:09:39,000 --> 00:09:43,000 ambayo = 975. 174 00:09:43,000 --> 00:09:48,000 Sasa tunaweza kutuma juu ya maadili haya fiche Rob. 175 00:09:54,000 --> 00:09:58,000 Hapa kwenda, Rob. 176 00:09:58,000 --> 00:10:01,000 Wakati ujumbe wetu ni katika ndege, hebu kuchukua kuangalia mwingine 177 00:10:01,000 --> 00:10:07,000 katika jinsi sisi got kwamba thamani kwa d. 178 00:10:07,000 --> 00:10:17,000 Idadi yetu d zinahitajika kukidhi 5d = 1 (Mod 924). 179 00:10:17,000 --> 00:10:24,000 Hii inafanya d inverse multiplicative ya 5 modulo 924. 180 00:10:24,000 --> 00:10:28,000 Kutokana 2 integers, b, na kupanuliwa Euclidean algorithm 181 00:10:28,000 --> 00:10:33,000 inaweza kutumika kwa kupata kubwa ya kawaida integers kigawanyo ya hizi 2. 182 00:10:33,000 --> 00:10:37,000 Itakuwa pia kutupa 2 idadi nyingine, x na y, 183 00:10:37,000 --> 00:10:47,000 kwamba kukidhi shoka equation + na = kigawanyo kubwa ya kawaida ya b na. 184 00:10:47,000 --> 00:10:49,000 Jinsi gani hii kutusaidia? 185 00:10:49,000 --> 00:10:52,000 Naam, kuziba katika e = 5 kwa 186 00:10:52,000 --> 00:10:56,000 na m = 924 kwa b 187 00:10:56,000 --> 00:10:59,000 sisi tayari kujua kuwa hizi namba ni coprime. 188 00:10:59,000 --> 00:11:03,000 Kawaida wao mkuu kigawanyo ni 1. 189 00:11:03,000 --> 00:11:09,000 Hii inatupa 5x + 924y = 1 190 00:11:09,000 --> 00:11:17,000 au 5x = 1 - 924y. 191 00:11:17,000 --> 00:11:22,000 Lakini kama sisi tu huduma ya juu kila kitu modulo 924 192 00:11:22,000 --> 00:11:25,000 basi tunaweza kuacha - 924y. 193 00:11:25,000 --> 00:11:27,000 Fikiria nyuma ya saa. 194 00:11:27,000 --> 00:11:31,000 Kama mkono dakika ni juu ya 1 na kisha hasa masaa 10 kupita, 195 00:11:31,000 --> 00:11:35,000 tunajua mkono dakika bado kuwa juu ya 1. 196 00:11:35,000 --> 00:11:39,000 Hapa sisi kuanza saa 1 na kisha wrap kuzunguka mara hasa y, 197 00:11:39,000 --> 00:11:41,000 hivyo tutaweza bado kuwa katika 1. 198 00:11:41,000 --> 00:11:49,000 Tuna 5x = 1 (Mod 924). 199 00:11:49,000 --> 00:11:55,000 Na hapa x hii ni sawa kama sisi d walikuwa wanatafuta kabla, 200 00:11:55,000 --> 00:11:58,000 hivyo kama sisi kutumia kupanuliwa Euclidean algorithm 201 00:11:58,000 --> 00:12:04,000 kupata hii x idadi, hiyo ni idadi tunapaswa kutumia kama d wetu. 202 00:12:04,000 --> 00:12:07,000 Sasa hebu kukimbia kupanuliwa Euclidean algorithm kwa 5 = 203 00:12:07,000 --> 00:12:11,000 na b = 924. 204 00:12:11,000 --> 00:12:14,000 Tutaweza kutumia njia inayoitwa njia meza. 205 00:12:14,000 --> 00:12:21,000 Meza yetu itakuwa na nguzo 4, x, y, d, na k. 206 00:12:21,000 --> 00:12:23,000 Meza yetu kuanza mbali na safu 2. 207 00:12:23,000 --> 00:12:28,000 Katika safu ya kwanza tuna 1, 0, basi thamani yetu ya, ambayo ni 5, 208 00:12:28,000 --> 00:12:37,000 na safu ya pili yetu ni 0, 1, na thamani yetu kwa b, ambayo ni 924. 209 00:12:37,000 --> 00:12:40,000 thamani ya safu ya 4, k, itakuwa matokeo 210 00:12:40,000 --> 00:12:45,000 ya kugawa thamani ya d katika mstari hapo juu kwa thamani ya d 211 00:12:45,000 --> 00:12:49,000 juu ya mstari huo. 212 00:12:49,000 --> 00:12:56,000 Tuna 5 kugawanywa na 924 ni 0 kwa salio baadhi. 213 00:12:56,000 --> 00:12:59,000 Hiyo ina maana tuna k = 0. 214 00:12:59,000 --> 00:13:05,000 Sasa thamani ya kila kiini nyingine itakuwa thamani ya safu kiini 2 hapo juu 215 00:13:05,000 --> 00:13:09,000 bala thamani ya mstari hapo juu ni mara k. 216 00:13:09,000 --> 00:13:11,000 Hebu kuanza na d katika mstari 3. 217 00:13:11,000 --> 00:13:19,000 Tuna 5-924 * 0 = 5. 218 00:13:19,000 --> 00:13:25,000 Next tuna 0-1 * 0 ambayo ni 0 219 00:13:25,000 --> 00:13:30,000 na 1-0 * 0 ambayo ni 1. 220 00:13:30,000 --> 00:13:33,000 Si mbaya sana, hivyo basi hoja juu ya mstari unaofuata. 221 00:13:33,000 --> 00:13:36,000 Kwanza tunahitaji thamani yetu ya k. 222 00:13:36,000 --> 00:13:43,000 924 kugawanywa na 5 = 184 na salio baadhi, 223 00:13:43,000 --> 00:13:46,000 hivyo thamani yetu kwa k ni 184. 224 00:13:46,000 --> 00:13:54,000 Sasa 924-5 * 184 = 4. 225 00:13:54,000 --> 00:14:05,000 1-0 * 184 ni 1 na 0-1 * 184 ni -184. 226 00:14:05,000 --> 00:14:07,000 Haki zote, hebu kufanya mstari unaofuata. 227 00:14:07,000 --> 00:14:10,000 Thamani yetu ya k itakuwa 1 kwa sababu 228 00:14:10,000 --> 00:14:15,000 5 kugawanywa na 4 = 1 na salio baadhi. 229 00:14:15,000 --> 00:14:17,000 Hebu kujaza katika nguzo nyingine. 230 00:14:17,000 --> 00:14:21,000 5-4 * 1 = 1. 231 00:14:21,000 --> 00:14:25,000 0-1 * 1 = -1. 232 00:14:25,000 --> 00:14:33,000 Na 1-184 * 1 ni 185. 233 00:14:33,000 --> 00:14:35,000 Hebu kuona nini thamani yetu ya pili ya k itakuwa. 234 00:14:35,000 --> 00:14:40,000 Naam, inaonekana kama tuna 4 kugawanywa na 1, ambayo ni 4. 235 00:14:40,000 --> 00:14:43,000 Katika kesi hii ambapo sisi ni kugawa na 1 vile k kwamba ni sawa na 236 00:14:43,000 --> 00:14:50,000 thamani ya d katika mstari hapo juu ina maana kwamba sisi ni kosa na kompyuta yetu. 237 00:14:50,000 --> 00:14:58,000 Tunaweza kuona hapa kwamba tuna x = 185 na y = -1 katika mstari wa mwisho. 238 00:14:58,000 --> 00:15:00,000 Hebu sasa kurudi lengo yetu ya awali. 239 00:15:00,000 --> 00:15:04,000 Sisi alisema kuwa thamani ya x kama matokeo ya kuendesha algorithm 240 00:15:04,000 --> 00:15:08,000 itakuwa inverse multiplicative ya (Mod b). 241 00:15:08,000 --> 00:15:15,000 Hiyo ina maana kwamba ni 185 inverse multiplicative ya 5 (Mod 924) 242 00:15:15,000 --> 00:15:20,000 ambayo ina maana kwamba tuna thamani ya 185 kwa ajili ya d. 243 00:15:20,000 --> 00:15:23,000 ukweli kwamba d = 1 katika mstari wa mwisho 244 00:15:23,000 --> 00:15:26,000 inathibitisha e kwamba alikuwa coprime kwa m. 245 00:15:26,000 --> 00:15:30,000 Kama si 1 kisha sisi ingekuwa kuchukua e mpya. 246 00:15:30,000 --> 00:15:33,000 Sasa hebu angalia kama Rob imepokea ujumbe wangu. 247 00:15:33,000 --> 00:15:35,000 Wakati mtu anatuma ujumbe ambao umefungiwa yangu 248 00:15:35,000 --> 00:15:38,000 muda mrefu kama mimi ve naendelea ufunguo wangu binafsi siri 249 00:15:38,000 --> 00:15:41,000 Mimi ni mmoja tu ambao wanaweza decrypt ujumbe. 250 00:15:41,000 --> 00:15:46,000 Ili decrypt c chunk naweza mahesabu ya ujumbe halisi 251 00:15:46,000 --> 00:15:53,000 ni sawa na chunk d nguvu (Mod n). 252 00:15:53,000 --> 00:15:57,000 Kumbuka kwamba d na n ni kutoka ufunguo wangu binafsi. 253 00:15:57,000 --> 00:16:01,000 Ili kupata ujumbe kamili kutoka chunks yake sisi decrypt kila chunk 254 00:16:01,000 --> 00:16:04,000 na concatenate matokeo. 255 00:16:04,000 --> 00:16:08,000 Hasa jinsi salama ni RSA? 256 00:16:08,000 --> 00:16:10,000 Ukweli ni kwamba, sisi hatujui. 257 00:16:10,000 --> 00:16:14,000 Usalama ni msingi kwa muda gani itachukua mshambulizi kwa ufa ujumbe 258 00:16:14,000 --> 00:16:16,000 umesimbwa kwa RSA. 259 00:16:16,000 --> 00:16:19,000 Kumbuka kwamba mshambulizi ina kupata ufunguo yako ya umma, 260 00:16:19,000 --> 00:16:21,000 ambayo ina wote e na n. 261 00:16:21,000 --> 00:16:26,000 Kama mshambulizi itaweza Factor n ndani yake primes 2, uk na q, 262 00:16:26,000 --> 00:16:30,000 kisha aliweza kukokotoa d kutumia kupanuliwa Euclidean algorithm. 263 00:16:30,000 --> 00:16:35,000 Hii inatoa yake muhimu binafsi, ambayo inaweza kutumika decrypt ujumbe wowote. 264 00:16:35,000 --> 00:16:38,000 Lakini jinsi ya haraka tunaweza Factor integers? 265 00:16:38,000 --> 00:16:41,000 Tena, hatujui. 266 00:16:41,000 --> 00:16:43,000 Hakuna ina kupatikana kwa njia ya haraka ya kufanya hivyo, 267 00:16:43,000 --> 00:16:46,000 ambayo ina maana kwamba aliyopewa kubwa ya kutosha n 268 00:16:46,000 --> 00:16:49,000 itachukua muda mrefu mshambulizi unrealistically 269 00:16:49,000 --> 00:16:51,000 kwa sababu idadi. 270 00:16:51,000 --> 00:16:54,000 Kama mtu umebaini njia ya haraka ya integers factoring 271 00:16:54,000 --> 00:16:57,000 RSA itakuwa kuvunjwa. 272 00:16:57,000 --> 00:17:01,000 Lakini hata kama integer factorization ni inneboende polepole 273 00:17:01,000 --> 00:17:04,000 Algorithm RSA bado anaweza kuwa na baadhi ya flaw katika hilo 274 00:17:04,000 --> 00:17:07,000 ambayo inaruhusu kwa decryption rahisi ya ujumbe. 275 00:17:07,000 --> 00:17:10,000 Hakuna mtu ambaye kupatikana na umebaini flaw vile bado, 276 00:17:10,000 --> 00:17:12,000 lakini hiyo haina maana moja haipo. 277 00:17:12,000 --> 00:17:17,000 Katika nadharia, mtu angeweza kuwa nje kuna kusoma data zote umesimbwa kwa RSA. 278 00:17:17,000 --> 00:17:19,000 Kuna mwingine kidogo ya suala faragha. 279 00:17:19,000 --> 00:17:23,000 Kama Tommy encrypts baadhi ujumbe kwa kutumia ufunguo wangu umma 280 00:17:23,000 --> 00:17:26,000 na mshambulizi encrypts ujumbe huo kutumia ufunguo wangu umma 281 00:17:26,000 --> 00:17:29,000 mshambulizi utaona kwamba ujumbe 2 ni sawa 282 00:17:29,000 --> 00:17:32,000 na hivyo kujua nini Tommy msimbo. 283 00:17:32,000 --> 00:17:36,000 Ili kuzuia hili, ujumbe ni kawaida padded na bits random 284 00:17:36,000 --> 00:17:39,000 kabla ya kuwa encrypted ili kwamba ujumbe huo encrypted 285 00:17:39,000 --> 00:17:44,000 mara nyingi utaangalia tofauti kwa muda mrefu kama padding juu ya ujumbe ni tofauti. 286 00:17:44,000 --> 00:17:47,000 Lakini kumbuka jinsi tuna pasua ujumbe katika chunks 287 00:17:47,000 --> 00:17:50,000 ili kila chunk ni ndogo kuliko n? 288 00:17:50,000 --> 00:17:52,000 Padding chunks ina maana kwamba sisi tupate kuwa na mgawanyiko mambo up 289 00:17:52,000 --> 00:17:57,000 katika chunks hata zaidi tangu chunk padded lazima kuwa ndogo kuliko n. 290 00:17:57,000 --> 00:18:01,000 Encryption na decryption ni kiasi ghali na RSA, 291 00:18:01,000 --> 00:18:05,000 na hivyo wanaohitaji kuvunja ujumbe katika chunks wengi wanaweza kuwa gharama kubwa sana. 292 00:18:05,000 --> 00:18:09,000 Kama kiasi kikubwa cha data mahitaji ya kuwa na encrypted decrypted 293 00:18:09,000 --> 00:18:12,000 tunaweza kuchanganya faida ya algorithms symmetriska ufunguo 294 00:18:12,000 --> 00:18:16,000 na wale wa RSA kupata wawili wa usalama na ufanisi. 295 00:18:16,000 --> 00:18:18,000 Ingawa sisi si kwenda ndani yake hapa, 296 00:18:18,000 --> 00:18:23,000 AES ni muhimu symmetriska algorithm kama Vigenère na Kaisari ciphers 297 00:18:23,000 --> 00:18:25,000 lakini vigumu sana ufa. 298 00:18:25,000 --> 00:18:30,000 Bila shaka, hatuwezi kutumia AES bila kuanzisha pamoja ufunguo wa siri 299 00:18:30,000 --> 00:18:34,000 kati ya mifumo ya 2, na tuliona tatizo na kwamba kabla. 300 00:18:34,000 --> 00:18:40,000 Lakini sasa tunaweza kutumia RSA kuanzisha pamoja ufunguo wa siri kati ya mifumo ya 2. 301 00:18:40,000 --> 00:18:43,000 Tutamwita kompyuta kutuma data mtumaji 302 00:18:43,000 --> 00:18:46,000 na kompyuta kupokea data receiver. 303 00:18:46,000 --> 00:18:49,000 receiver ina RSA jozi ufunguo na zituma 304 00:18:49,000 --> 00:18:51,000 muhimu ya umma kwa mtumaji. 305 00:18:51,000 --> 00:18:54,000 Sender inazalisha muhimu AES, 306 00:18:54,000 --> 00:18:57,000 encrypts kwa ufunguo receiver ya RSA umma, 307 00:18:57,000 --> 00:19:00,000 na zituma muhimu AES kwa mpokeaji. 308 00:19:00,000 --> 00:19:04,000 receiver decrypts ujumbe na ufunguo wake RSA binafsi. 309 00:19:04,000 --> 00:19:09,000 Wote mtumaji na mpokeaji sasa kuwa pamoja AES muhimu kati yao. 310 00:19:09,000 --> 00:19:14,000 AES, ambayo ni kwa kasi zaidi katika encryption na decryption kuliko RSA, 311 00:19:14,000 --> 00:19:18,000 sasa inaweza kutumika encrypt kiasi kikubwa cha data na kuwatuma receiver, 312 00:19:18,000 --> 00:19:21,000 ambao wanaweza decrypt kutumia ufunguo huo. 313 00:19:21,000 --> 00:19:26,000 AES, ambayo ni kwa kasi zaidi katika encryption na decryption kuliko RSA, 314 00:19:26,000 --> 00:19:30,000 sasa inaweza kutumika encrypt kiasi kikubwa cha data na kuwatuma receiver, 315 00:19:30,000 --> 00:19:32,000 ambao wanaweza decrypt kutumia ufunguo huo. 316 00:19:32,000 --> 00:19:36,000 Sisi tu inahitajika RSA kuhamisha muhimu pamoja. 317 00:19:36,000 --> 00:19:40,000 Sisi hakuna tena haja ya kutumia RSA wakati wote. 318 00:19:40,000 --> 00:19:46,000 Inaonekana kama mimi nimepata ujumbe. 319 00:19:46,000 --> 00:19:49,000 Haijalishi kama mtu yeyote kusoma nini juu ya ndege karatasi kabla mimi hawakupata hiyo 320 00:19:49,000 --> 00:19:55,000 kwa sababu mimi nina moja tu na ufunguo binafsi. 321 00:19:55,000 --> 00:19:57,000 Hebu decrypt kila chunks katika ujumbe. 322 00:19:57,000 --> 00:20:07,000 chunk kwanza, 658, sisi kuongeza nguvu d, ambayo ni 185, 323 00:20:07,000 --> 00:20:18,000 Mod n, ambayo ni 989, ni sawa na 67, 324 00:20:18,000 --> 00:20:24,000 ambayo ni C barua katika ASCII. 325 00:20:24,000 --> 00:20:31,000 Sasa, kwenye chunk pili. 326 00:20:31,000 --> 00:20:35,000 chunk pili ana thamani 15, 327 00:20:35,000 --> 00:20:41,000 ambayo sisi kuongeza kwa nguvu 185, 328 00:20:41,000 --> 00:20:51,000 Mod 989, na hii ni sawa na 83 329 00:20:51,000 --> 00:20:57,000 ambayo ni S barua katika ASCII. 330 00:20:57,000 --> 00:21:06,000 Sasa kwa ajili ya chunk ya tatu, ambayo ina thamani 799, sisi kuongeza kwa 185, 331 00:21:06,000 --> 00:21:17,000 Mod 989, na hii ni sawa na 53, 332 00:21:17,000 --> 00:21:24,000 ambayo ni thamani ya tabia 5 katika ASCII. 333 00:21:24,000 --> 00:21:30,000 Sasa kwa ajili ya chunk ya mwisho, ambayo ina thamani 975, 334 00:21:30,000 --> 00:21:41,000 sisi kuongeza kwa 185, 989 Mod, 335 00:21:41,000 --> 00:21:51,000 na hii ni sawa na 48, ambayo ni thamani ya 0 tabia katika ASCII. 336 00:21:51,000 --> 00:21:57,000 Jina langu ni Rob Bowden, na hii ni CS50. 337 00:21:57,000 --> 00:22:00,000 [CS50.TV] 338 00:22:06,000 --> 00:22:08,000 RSA wakati wote. 339 00:22:08,000 --> 00:22:14,000 RSA wakati wote. [Kicheko] 340 00:22:14,000 --> 00:22:17,000 Wakati wote.