Cryptography Reference
In-Depth Information
decrypted. The function proceeds to generate these messages pseudo-randomly and
then it measures the time taken by the encryption/decryption operations performed.
If any of these operations fails to recover the original plaintext, the procedure stops
with an error message, otherwise it prints a description of the operations performed
and the total time spent.
> PublicKeyTiming := proc(scheme::name, key::list, seed::string,
iterations::posint, bytelength::posint)
local Encrypt, Decrypt, pk, sk, hexlength, correct, ti, i, message;
if scheme = RSAOAEP then
Encrypt := RSAESOAEPEncrypt;
Decrypt := RSAESOAEPDecrypt
elif scheme = RabinSAEPPlus then
Encrypt := RabinSAEPPlusEncrypt;
Decrypt := RabinSAEPPlusDecrypt
elif scheme = CramerShoup then
Encrypt := CSEncrypt;
Decrypt := CSDecrypt
else error
"incorrect scheme %1", scheme
end if;
pk := key[1];
sk := key[2];
hexlength := 2*bytelength;
correct := true;
ti := time();
for i to iterations while correct do
message := StringTools:-LowerCase(StringTools:-Random(hexlength, xdigit));
correct := evalb(Decrypt(sk, Encrypt(pk, message, seed)) = message)
end do;
if correct then
printf("%d %s encryption/decryptions of %d-byte messages took %f seconds",
iterations, scheme, bytelength, time()-ti)
else
error "an encryption/decryption error was produced"
end if
end proc:
Observe that the timing could be made more accurate by previously generating
the messages to be encrypted/decrypted so that the time taken by this process would
not be taken into account by the function. However, this time is small in comparison
with that spent by the encryption/decryption function and so we will not worry about
this.
Exercise 8.33
Write a variant of the function
PublicKeyTiming
that generates
the messages to be encrypted/decrypted before starting the timing.
Let us now perform the timings for the three schemes with keys we have already
used in previous examples. We will use the same machine for the three timings and
we start with RSAES-OAEP with the RSA key
rsakey
of Example 8.10:
> rsakey := RSAKeyGen(1024, 618020429552270915383892324472348012175,
410275671464698780248543572127557803186):
This is a key with a 2048-bit modulus and we also need a 256-bit seed because this
is the output length of SHA-256, which is the hash function we use in this scheme. To
carry out the speed test we do not need a random seed, so we will use the following
seed:
> sd := StringTools:-Repeat("0123456789abcdef", 4):
