A Method for Obtaining Digital Signatures and Public-key Cryptosystems
Author(s)
Rivest, Ronald L.; Shamir, Adi; Adleman, Len
DownloadMIT-LCS-TM-082.pdf (4.038Mb)
Metadata
Show full item recordAbstract
We present an encryption method with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key. This has two important consequences. 1. Couriers or other secure means are not needed to transmit keys, since a message can be enciphered using an excryption key publicly revealed by the inteded recipient. Only he can decipher the message, since only he knows the corresponding decryption key. 2. A message can be "signed" using a privately-held decryption key. Anyone can verify this signature using the corresponding publicly revealed encryption key. Signatures cannot be forged, and a signer cannot later deny the validity of his signature. This has obvious applications in "electronic mail" and "electronic funds transfer" systems. A message is encrypted by representing it as a number M, raising M to a publicly-specified power e, and then taking the remainder when the result is dividied by the publicly specified product n of two large secrete prime numbers p and q. Decryption is similar; only a different sectre, power d is used, where e*d=1(modp-1)*(q-1)). The secruity of the system rests in part on the difficulty of factoring the published divisor, n.
Date issued
1977-04Series/Report no.
MIT-LCS-TM-082