A method for obtaining digital signatures and public-key cryptosystems

  • R. L. Rivest
    MIT Lab. for Computer Science and Department of Mathematics, Cambridge, MA
  • A. Shamir
    MIT Lab. for Computer Science and Department of Mathematics, Cambridge, MA
  • L. Adleman
    MIT Lab. for Computer Science and Department of Mathematics, Cambridge, MA

Search this article

Description

<jats:p> An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key. This has two important consequences: (1) Couriers or other secure means are not needed to transmit keys, since a message can be enciphered using an encryption key publicly revealed by the intented recipient. Only he can decipher the message, since only he knows the corresponding decryption key. (2) A message can be “signed” using a privately held decryption key. Anyone can verify this signature using the corresponding publicly revealed encryption key. Signatures cannot be forged, and a signer cannot later deny the validity of his signature. This has obvious applications in “electronic mail” and “electronic funds transfer” systems. A message is encrypted by representing it as a number M, raising M to a publicly specified power e, and then taking the remainder when the result is divided by the publicly specified product, <jats:italic>n</jats:italic> , of two large secret primer numbers p and q. Decryption is similar; only a different, secret, power d is used, where e * d ≡ 1(mod (p - 1) * (q - 1)). The security of the system rests in part on the difficulty of factoring the published divisor, <jats:italic>n</jats:italic> . </jats:p>

Journal

Citations (535)*help

See more

Details 詳細情報について

Report a problem

Back to top