Why are primes important for encryption

Question

Why are primes so important? Why can't we just use a random number? My guess is that it's because finding a random prime require more computing power, than finding a random number. Can anybody confirm this?

score 36 · Accepted Answer · answered Dec 17 '14 at 13:49

Primes are important because the security of many encryption algorithms are based on the fact that it is very fast to multiply two large prime numbers and get the result, while it is extremely computer-intensive to do the reverse. When you have a number which you know is the product of two primes, finding these two prime numbers is very hard. This problem is called prime factorization and finding an algorithm which does it fast is one of the unsolved problems of computer science.

score 9 · Answer 2 · answered Dec 17 '14 at 13:15

What's actually important isn't prime numbers as such, it's numbers that have factors (other than 1 and themselves) but are very difficult to factor. You get such numbers by multiplying together two very large primes. Numbers that are equally large but have more smaller factors are very much easier to factor, and hence are unsuitable for cryptography purposes -- for practical purposes, the difficulty of factoring a number varies with the size of its smallest prime factor, regardless of how big the number is, and so your prime factors need to be as large as possible.

score 9 · Answer 3 · answered Dec 17 '14 at 16:20

For many areas of encryption, you actually DO want as truly random of a value as possible. Primes (or more accurately, relative primes) only enter in to the equation when dealing with certain forms of asymmetric encryption.

Asymmetric encryption is where one person has a public key to encrypt a message and then the recipient has a different private key which allows them to decrypt the message. You can't simply use a random number for this type of encryption because there needs to be some relationship between the public key and the private key that is hard to determine the private key from the public key, but yet allows the private key to be related so that it can be used for decryption.

If you don't need that relationship, then random numbers are much, MUCH more secure. This is why for a symmetric algorithm like AES, 256 bit encryption is considered highly secure, however for something like RSA, 2056 or even 4092 bit encryption needs to be used to be considered highly secure.

The relationship between the public and private key makes it less secure, but is also the only way that the asymmetric cryptography can function.

It is also worth noting that relative primes is not the only "hard problem" used in the relationship between the public and private keys. There are alternate hard problems such as elliptic curve cryptography that are not based on prime number factorization.

score 5 · Answer 4 · edited Dec 04 '18 at 08:10

Good question. Most of the above commentators got it mostly correct, but they are each telling one part of the story and not describing other aspects in one post. Here is the more full reasons in one post:

For starters as a general rule understand it is public key cryptography that requires quantitative methods and specifically number theory. This is part of a larger picture with using modulo arithmetic and prime numbers as part of this type of math. Although it is not necessary to have an in depth understanding of specific aspects number theory like groups (Abelian) to work with cryptography it does make public key cryptography easier to understand and use. More on the important details later.If you cannot work with modulo arithmetic that would be my first suggestion to learn.

First for asymmetric cryptography there are two theorems that apply:

1.) Fermat's theorem which states: $m^{p-1} - 1 \bmod p=0$ and can also be seen with this notation: $m^p \equiv m \pmod p$ which means: For any prime $p$ and any positive integer $m$ not divisible by $p$ which all results in getting back the same remainder.

2.) Euler's Totient Function aka phi function: $\varphi(n)$ which is the number of integers less than $n$ and relatively prime to $n$.

Euler's theorem related to the totient (NOT quotient) $m^{\varphi(n)} = 1 \bmod n$. Euler's theorem states that there is at least one value of $p$ satisfies the relation $\varphi(p)$; but there could be more.

In symmetric encryption Diffie Hellman utilizes primes and it plays a role with public key cryptography but this too can seem tricky... there are generally two parts with key exchanges within protocols one part asymmetric and then symmetric key formation/sharing.That is for a different post.

The use of primes for Diffie Hellman is as follows: the whole basis is modulo arithmetic as the earlier example, but it also combines modular exponentiation.

Now yes prime factorization can be important for certain applications within number complexity theory but this is not universal.

I will leave one link and a suggestion on prime numbers:

http://www.mersenne.org/

Taken from Introduction to Algorithms (2009) MIT Press Chapter 11:

Large primes are not so are and they can be found with relative ease, however, they are more secure due to not being able to factor the product of large primes. As others have mentioned the discrete logarithms serve as one example.

I also strongly suggest either Daniel Boneh's or Jonathan Katz's free online Coursera courses in Cryptography.

score 0 · Answer 5 · answered Dec 18 '14 at 22:49

Consider the discrete logarithm problem. If the group order does not contain large prime factor, you can solve the problem for each of small prime factors and "combine" them into the full solution.

So, it can be described that here primes are needed because they can't be divided into smaller things.

Why are primes important for encryption

5 Answers5