# CSE 227: Lecture 8

The topics covered in this lecture are RSA modular exponentiation mobile code rpc equivalence

## RSA Modular Exponentiation

To compute y=xe mod n, a common algorithm is:
```y = 1;
z = x;
while (e != 0) {
if (e odd) {
y = y * z;
}
z = z * z;
e = e div 2;
}
```
We introduce a counter to make the proof eaiser. The counter does not affect on the computation:
```y = 1;
z = x;
i = 0;
while (e != 0) {
if (e odd) {
y = y * z;
}
z = z * z;
e = e div 2;
i = i + 1;
}
```
The loop invariants are: z = x2i and xe0 = y * ze Where `e0` is the original input value in the variable `e`. (There's no need to make the distinction for `x` since it is not changed.) We show that the invariants are true before the loop starts, i.e.,
x = z =?= x2i = x20 = x
and
xe0 =?= y * ze = 1 * xe.

Next, we assume that the invariants are true immediately after the while test, and show that the body of the loop preserves the invariant. Let e = 2e'+b, where b is a bit.
znew = z * z = x2i * x2i = x(2i + 2i) = x(2 * 2i) = x(2i+1)
and since
inew = i + 1
znew = x(2inew)
so the z invariant holds.

Similarly we check the y invariant.

## Mobile Code

Mobile code is remote execution of code where code is transmitted to the execution site. Existing mobile code include:
• Java applets
• ActiveX controls
• VBScript attachments (codered's foo.doc.vbs)
• Email attachments
• Postscript
• Outlook express (preview bug)
• Word macros
• Viruses and Worms

## Remote Procedure Call

RPC is performed by sending a message containing a number indicating which procedure to call, with the parameters to that procedure, and then waiting for a reply message containing the results. Conceptually, the virtual machine is remotely executing a complex instruction from a small instruction set: the RPC number is the instruction, and the list of possible RPCs is the instruction set.

Mobile code is not much different, except in scale: typically the instruction set is much larger: native code or JVM byte codes. There are security differences -- with RPCs the very complex instructions are interpreted (much as system calls are interpreted instructions) and the interpretation ensures that access controls are enforced. With native code or JVM, the enforcement mechanisms differ: there is no enforcement for native code aside from that from the security kernel (and possibly other techniques such as SFI), and in the case of JVM a fixed security mechanism (Java's security model and byte code semantics) is used, as opposed to the typical roll-your-own security mechanism that are used in RPCs. (Secure RPC mechanisms exist, but are not widely used.)

[ search CSE | CSE | bsy's home page | links | webster | MRQE | google | yahoo | citeseer | certserver ]

bsy+cse227w02@cs.ucsd.edu, last updated Mon Apr 8 20:19:52 PDT 2002. Copyright 2002 Bennet Yee.
email bsy.