Project Report

On
“RSA ALGORITM”
Submitted in the Partial fulfillment of the requirement for the Award of Degree of

Bachelor of Technology
in
COMPUTER SCIENCE & ENGINEERING

Batch
(2017-2021)

Submitted to Submitted by
Mr. Parambir Singh Sanyam Dhawan-1701359

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

Amritsar College of Engineering & Technology,

Amritsar
(Autonomous college under UGC Act – 1956[2(f) and 12(B)])
ACKNOWLEDGEMENT

This is a humble effort to express our sincere gratitude towards those who have guided and helped
me to complete this project.
A project is major milestone during the study period of a student. As such this project was a
challenge to us and was an opportunity to prove our caliber. We are highly grateful and obliged to
each and every one making me help out of problems being faced by us.
It would not have been possible to see through the undertaken project without the guidance of Mr.
Parambir Singh. It was purely on the basis of their experience and knowledge that we able to
clear all the theoretical and technical hurdles during the development phases of this project work.
Last but not the least we are very thankful to our Head of Department Mr. Vinod Sharma and all
Members of Computer Science Deptt. who gave us an opportunity to face real time problems while
fulfilling need of an organization by making projects for them.

2
[IMPLEMENTING RSA ALORITHM IN PYTHON]
 DECLARATION

We Taranjeet Singh and group hereby declare that the project work entitled “RSA
ALGORITHM” is an authentic record of our own work carried out as requirements of
Institutional project for the award of degree of B. Tech (CSE), Amritsar College of Engg. And
Technology, Amritsar, under the guidance of Mrs. Tejinder Sharma.

(Signature of Students)

Sanyam Dhawan -1701359

Certified that the above statement made by the student is correct to the best of our knowledge
and belief.

Faculty Coordinator

Mr. Parambir Singh (Assistant Professor – CSE Department)

3
[IMPLEMENTING RSA ALORITHM IN PYTHON]
 INDEX PAGE

Sr. No. Content Page No.

1. Introduction about the subject 5-9

2. Introduction about the project 10-12

3. Project code 13-14

4
[IMPLEMENTING RSA ALORITHM IN PYTHON]
Introduction to Python programming

What is Python…?

• Python is a general-purpose programming language that is often applied in scripting roles.

So, Python is programming language as well as scripting language.
• Python is also called as Interpreted language.

Differences between program and scripting language

Program Script
• A program is executed (i.e. the source • A script is interpreted.
is first compiled, and the result of that
compilation is expected)
• A "program" in general, is a sequence • A "script" is code written in a
of instructions written so that a scripting language. A scripting
computer can perform certain task. language is nothing but a type of
programming language in which we
can write code to control another
software application.

History of Python: -

• Invented in the Netherlands, early 90s by Guido van Rossum.

• Python was conceived in the late 1980s and its implementation was started in December
1989. Guido Van Rossum is fan of ‘Monty Python’s Flying Circus’, this is a famous TV
show in Netherlands.
• Named after Monty Python.
• Open sourced from the beginning.

Why was python created?

"My original motivation for creating Python was the perceived need for a higher-level language in
the Amoeba [Operating Systems] project. I realized that the development of system administration
utilities in C was taking too long. Moreover, doing these things in the Bourne shell wouldn't work for
a variety of reasons. ... So, there was a need for a language that would bridge the gap between C and
the shell” - Guido Van Rossum

5
[IMPLEMENTING RSA ALORITHM IN PYTHON]
 Scope of Python Science: -

• Bioinformatics System Administration

• Unix
• Web logic
• Web sphere Web Application Development
• CGI -Jython
• Servlets Testing scripts

Why do people use Python…?

The following primary factors cited by Python users seem to be these:

1. Python is object-oriented
• Structure supports such concepts as polymorphism, operation overloading, and
multiple inheritance.
2. Indentation
• Indentation is one of the greatest futures in Python.
3. It's free (open source)
• Downloading and installing Python is free and easy Source code is easily
accessible
4. It's powerful
• Dynamic typing
• Built-in types and tools
• Library utilities –
• Third party utilities (e.g. Numeric, NumPy, SciPy)
• Automatic memory management
5. It's portable
• Python runs virtually every major platform used today
• As long as you have a compatible Python interpreter installed, Python programs
will run in exactly the same manner, irrespective of platform.

6
[IMPLEMENTING RSA ALORITHM IN PYTHON]
 INTRODUCTION TO
Cyber Security
Cyber security is the practice of defending computers, servers, mobile devices, electronic systems,
networks, and data from malicious attacks. It's also known as information technology security or
electronic information security. The term applies in a variety of contexts, from business to mobile
computing, and can be divided into a few common categories.

· Network security is the practice of securing a computer network from intruders, whether
targeted attackers or opportunistic malware.
· Application security focuses on keeping software and devices free of threats. A
compromised application could provide access to the data its designed to protect.
Successful security begins in the design stage, well before a program or device is deployed.
· Information security protects the integrity and privacy of data, both in storage and in
transit.
· Operational security includes the processes and decisions for handling and protecting
data assets. The permissions users have when accessing a network and the procedures that
determine how and where data may be stored or shared all fall under this umbrella.
· Disaster recovery and business continuity define how an organization responds to a
cyber-security incident or any other event that causes the loss of operations or data. Disaster
recovery policies dictate how the organization restores its operations and information to
return to the same operating capacity as before the event. Business continuity is the plan
the organization falls back on while trying to operate without certain resources.
· End-user education addresses the most unpredictable cyber-security factor: people.
Anyone can accidentally introduce a virus to an otherwise secure system by failing to
follow good security practices. Teaching users to delete suspicious email attachments, not
plug in unidentified USB drives, and various other important lessons is vital for the security
of any organization.

The scale of the cyber threat

The global cyber threat continues to evolve at a rapid pace, with a rising number of data breaches
each year. A report by RiskBased Security revealed that a shocking 7.9 billion records have been
exposed by data breaches in the first nine months of 2019 alone. This figure is more than double
(112%) the number of records exposed in the same period in 2018.

Medical services, retailers and public entities experienced the most breaches, with malicious
criminals responsible for most incidents. Some of these sectors are more appealing to
cybercriminals because they collect financial and medical data, but all businesses that use networks
can be targeted for customer data, corporate espionage, or customer attacks.

With the scale of the cyber threat set to continue to rise, the International Data Corporation predicts
that worldwide spending on cyber-security solutions will reach a massive $133.7 billion by 2022.
7
[IMPLEMENTING RSA ALORITHM IN PYTHON]
Governments across the globe have responded to the rising cyber threat with guidance to help
organizations implement effective cyber-security practices.
In the U.S., the National Institute of Standards and Technology (NIST) has created a cyber-security
framework. To combat the proliferation of malicious code and aid in early detection, the
framework recommends continuous, real-time monitoring of all electronic resources.
The importance of system monitoring is echoed in the “10 steps to cyber security”, guidance
provided by the U.K. government’s National Cyber Security Centre. In Australia, TheAustralian
Cyber Security Centre(ACSC) regularly publishes guidance on how organizations can counter the
latest cyber-security threats.

Types of cyber threats

The threats countered by cyber-security are three-fold:

1. Cybercrime includes single actors or groups targeting systems for financial gain or to cause
disruption.
2. Cyber-attack often involves politically motivated information gathering.
3. Cyberterrorism is intended to undermine electronic systems to cause panic or fear.

So, how do malicious actors gain control of computer systems? Here are some common methods
used to threaten cyber-security:

Malware

Malware means malicious software. One of the most common cyber threats, malware is software
that a cybercriminal or hacker has created to disrupt or damage a legitimate user’s computer. Often
spread via an unsolicited email attachment or legitimate-looking download, malware may be used
by cybercriminals to make money or in politically motivated cyber-attacks.

There are a number of different types of malware, including:

· Virus: A self-replicating program that attaches itself to clean file and spreads throughout
a computer system, infecting files with malicious code.
· Trojans: A type of malware that is disguised as legitimate software. Cybercriminals trick
users into uploading Trojans onto their computer where they cause damage or collect data.
· Spyware: A program that secretly records what a user does, so that cybercriminals can
make use of this information. For example, spyware could capture credit card details.
· Ransomware: Malware which locks down a user’s files and data, with the threat of erasing
it unless a ransom is paid.
· Adware: Advertising software which can be used to spread malware.
· Botnets:Networks of malware infected computers which cybercriminals use to perform
tasks online without the user’s permission.

8
[IMPLEMENTING RSA ALORITHM IN PYTHON]
SQL injection

An SQL (structured language query) injection is a type of cyber-attack used to take control of and
steal data from a database. Cybercriminals exploit vulnerabilities in data-driven applications to
insert malicious code into a databased via a malicious SQL statement. This gives them access to
the sensitive information contained in the database.

Phishing

Phishing is when cybercriminals target victims with emails that appear to be from a legitimate
company asking for sensitive information. Phishing attacks are often used to dupe people into
handing over credit card data and other personal information.
Man-in-the-middle attack

A man-in-the-middle attack is a type of cyber threat where a cybercriminal intercepts

communication between two individuals in order to steal data. For example, on an unsecure WiFi
network, an attacker could intercept data being passed from the victim’s device and the network.

Denial-of-service attack

A denial-of-service attack is where cybercriminals prevent a computer system from fulfilling

legitimate requests by overwhelming the networks and servers with traffic. This renders the system
unusable, preventing an organization from carrying out vital functions.

9
[IMPLEMENTING RSA ALORITHM IN PYTHON]
 INTRODUCTION TO RSA ALGORITHM

RSA (Rivest–Shamir–Adleman) is one of the first public-key cryptosystems and is widely used
for secure data transmission. In such a cryptosystem, the encryption key is public and it is different
from the decryption key which is kept secret (private). In RSA, this asymmetry is based on the
practical difficulty of the factorization of the product of two large prime numbers, the "factoring
problem". The acronym RSA is made of the initial letters of the surnames of Ron Rivest, Adi
Shamir, and Leonard Adleman, who first publicly described the algorithm in 1978. Clifford Cocks,
an English mathematician working for the British intelligence agency Government
Communications Headquarters (GCHQ), had developed an equivalent system in 1973, but this
was not declassified until 1997.

A user of RSA creates and then publishes a public key based on two large prime numbers, along
with an auxiliary value. The prime numbers must be kept secret. Anyone can use the public key to
encrypt a message, but with currently published methods, and if the public key is large enough,
only someone with knowledge of the prime numbers can decode the message feasibly. Breaking
RSA encryption is known as the RSA problem. Whether it is as difficult as the factoring problem
remains an open question.

RSA is a relatively slow algorithm, and because of this, it is less commonly used to directly encrypt
user data. More often, RSA passes encrypted shared keys for symmetric key cryptography which
in turn can perform bulk encryption-decryption operations at much higher speed.

10
[IMPLEMENTING RSA ALORITHM IN PYTHON]
 WORKING OF RSA ALGORITHM

The RSA algorithm involves four steps: key generation, key distribution, encryption and
decryption.

A basic principle behind RSA is the observation that it is practical to find three very large positive
integers e, d and n such that with modular exponentiation for all integers m (with 0 ≤ m < n):

and that even knowing e and n or even m it can be extremely difficult to find d.

In addition, for some operations it is convenient that the order of the two exponentiations can be
changed and that this relation also implies:

RSA involves a public key and a private key. The public key can be known by everyone, and it is
used for encrypting messages. The intention is that messages encrypted with the public key can
only be decrypted in a reasonable amount of time by using the private key. The public key is
represented by the integers n and e; and, the private key, by the integer d (although n is also used
during the decryption process. Thus, it might be considered to be a part of the private key, too). m
represents the message (previously prepared with a certain technique explained below).

Key generation

The keys for the RSA algorithm are generated the following way:

1. Choose two distinct prime numbers p and q.

o For security purposes, the integers p and q should be chosen at random, and should
be similar in magnitude but differ in length by a few digits to make factoring
harder.[2] Prime integers can be efficiently found using a primality test.
2. Compute n = pq.
o n is used as the modulus for both the public and private keys. Its length, usually
expressed in bits, is the key length.
3. Compute λ(n) = lcm(φ(p), φ(q)) = lcm(p − 1, q − 1), where λ is Carmichael's totient
function. This value is kept private.
4. Choose an integer e such that 1 < e < λ(n) and gcd(e, λ(n)) = 1; i.e., e and λ(n) are coprime.
5. Determine d as d ≡ e−1 (mod λ(n)); i.e., d is the modular multiplicative inverse of e modulo
λ(n).

• This means: solve for d the equation d⋅e ≡ 1 (mod λ(n)).

• e having a short bit-length and small Hamming weight results in more efficient
encryption – most commonly e = 216 + 1 = 65,537. However, much smaller values
of e (such as 3) have been shown to be less secure in some settings.[14]
• e is released as the public key exponent.

11
[IMPLEMENTING RSA ALORITHM IN PYTHON]
 • d is kept as the private key exponent.

The public key consists of the modulus n and the public (or encryption) exponent e. The private
key consists of the private (or decryption) exponent d, which must be kept secret. p, q, and λ(n)
must also be kept secret because they can be used to calculate d.

In the original RSA paper,[2] the Euler totient function φ(n) = (p − 1)(q − 1) is used instead of λ(n)
for calculating the private exponent d. Since φ(n) is always divisible by λ(n) the algorithm works
as well. That the Euler totient function can be used can also be seen as a consequence of the
Lagrange's theorem applied to the multiplicative group of integers modulo pq. Thus any d
satisfying d⋅e ≡ 1 (mod φ(n)) also satisfies d⋅e ≡ 1 (mod λ(n)). However, computing d modulo φ(n)
will sometimes yield a result that is larger than necessary (i.e. d > λ(n)). Most of the
implementations of RSA will accept exponents generated using either method (if they use the
private exponent d at all, rather than using the optimized decryption method based on the Chinese
remainder theorem described below), but some standards like FIPS 186-4 may require that d <
λ(n). Any "oversized" private exponents not meeting that criterion may always be reduced modulo
λ(n) to obtain a smaller equivalent exponent.

Since any common factors of (p − 1) and (q − 1) are present in the factorisation of n − 1 = pq − 1

= (p − 1)(q − 1) + (p − 1) + (q − 1),[15] it is recommended that (p − 1) and (q − 1) have only very
small common factors, if any besides the necessary 2.

Note: The authors of the original RSA paper carry out the key generation by choosing d and then
computing e as the modular multiplicative inverse of d modulo φ(n). Since it is beneficial to use a
small value for e (e.g., 65,537) in order to speed up the encryption function, current
implementations of RSA, such as those following PKCS#1, choose e and compute d instead.[2][18]

Key distribution

Suppose that Bob wants to send information to Alice. If they decide to use RSA, Bob must know
Alice's public key to encrypt the message and Alice must use her private key to decrypt the
message. To enable Bob to send his encrypted messages, Alice transmits her public key (n, e) to
Bob via a reliable, but not necessarily secret, route. Alice's private key (d) is never distributed.

12
[IMPLEMENTING RSA ALORITHM IN PYTHON]
 SOURCE CODE OF RSA ALGORITHM

def isprime(h):
if(h<2):
return False
for i in range(2,h//2+1):
if h%i==0:
return False
return True
p=int(input("Enter the 1st key: "))
q=int(input("Enter the 2nd key: "))
if isprime(p):
myfile=open("KEY.txt","w+")
myfile.write(" KEYS are ")
myfile.write(str(p))
myfile.close()
print("""Chosen prime p=""", str(p))
else:
print("PLEASE ADD A VALID NUMBER")
exit
if isprime(q):
myfile=open("KEY.txt","a+")
myfile.write(" KEYS are ")
myfile.write(str(q))
myfile.close()
print("""Chosen prime q=""", str(q))
else:
print("PLEASE ADD A VALID NUMBER")
exit

def generate(w):
myfile=open("KEY.txt","a+")
myfile.write(" VALUE IS ")
myfile.write("EULER VALUE ")
myfile.write(str(n))
myfile.write(str(phi))
myfile.close()
print("n=p*q=", n)
print("(totient) [phi(n)]: ",(phi))
13
[IMPLEMENTING RSA ALORITHM IN PYTHON]
n=p*q
phi=(p-1)*(q-1)
generate(n)
def gcd(a, b):
while b != 0:
c=a%b
a=b
b=c
return a
def mod(a, m):
for x in range(1, m):
if (a * x) % m == 1:
return x
return False
def cop(a):
l = []
for x in range(2, a):
if gcd(a, x) == 1 and mod(x,phi) != None:
l.append(x)
for x in l:
if x == mod(x,phi):
l.remove(x)
return l
print("Choose an e from a below coprimes array:")
print(cop(phi))
e=int(input())
Ps=mod(e,phi)
print("Your public keys are (e=",(e) ,", n=",(n), ").")
print("Your secret keys are (Ps=",Ps ," ,n=",n, ").")

14
[IMPLEMENTING RSA ALORITHM IN PYTHON]