How encryption works in RSA cryptosystem

Question

I understand how RSA cryptosystem works but what i don't understand is that in the algorithm http://en.wikipedia.org/wiki/RSA_%28algorithm%29 we send encrypted message to another person. Normally we write string as meesage. I want to know how this string is converted to a number. I see everywhere on internet people mentioned this message as numbers in all examples. But we don't send numbers normally, we send string as message. I want to know how this string is converted in numbers. I mean i know how to convert a string in number but in cryptographic view how this message is converted to numbers?

Answer 1

The secret message need not always be a string. But if it is so, the binary encoding of the string can be divided into blocks, whose decimal representation can be encrypted using RSA.

In general, asymmetric key cryptography is based on applying mathematical functions to numbers and hence is not as fast as symmetric key cryptography which is based on permutations and substitutions.

Hence, it is mostly used in authentication and digital signatures where the secret message is not a string but some number.

Please refer "Cryptography and network security" by Forouzan.Chapter - asymmetric key cryptography.

Answer 2

OK, so this is basically a question about encoding/decoding.

First of all, as you wrote down, a message is normally represented in a programming language as a string. A string consists of "code points" which can be represented as text. To create a binary representation in bytes you need to character-encode the string, e.g. using UTF-8 encoding. In some languages the "code points" already use a default internal encoding (e.g. ASCII in C).

You could now interpret the binary encoding of the string as an integer. The first byte is the highest (most significant) part of the integer, the last one the least significant. So now you got some number input for the RSA operation. Unfortunately this is insecure, and it cannot handle messages that are larger than the key size.

So instead of using the encoded text directly, the text is hashed using a secure cryptographic hash such as SHA-256. SHA-256 outputs a 32 byte hash. This hash is then padded using a secure padding scheme such as defined in PKCS#1 v1.5. The result of which is now converted into a number (see above) and encrypted using the private RSA key.

The output of the RSA encryption is again a number. This number is converted to bytes again (the reverse of the earlier function used on the padded hash). Now you have got binary data called the signature. Finally, if you want to send this as text you have to encode it again; base 64 encoding or hexadecimals are normally used.

To verify you do the same, but in the opposite order and using the public key instead of the private key. You need to compare the hashes to check if verification succeeds or fails.

Answer 3

Public key cryptography is quite slow, but allows us to exchange small amounts of information securely in public.

Secret key cryptography is fast, but a key must first be shared in private.

Generally, one would use RSA to encrypt a secret key (like an AES or RC4 key) to allow us to send that key in public, and then use that secret key to encrypt the actual messages to take advantage of the speed of secret-key encryption.

RSA can also be used to sign a message, but what is actually signed with RSA is a hash of the actual data (like MD5, SHA-1, SHA-256).

Often Diffie-Hellman is used instead of RSA for exchanging secret keys.

Is that answer enough, or do you need to know about how secret key encryption and hashing view the data also?