RSA
This algorithm is based on the difficulty
of factorizing large numbers that have 2 and only 2 factors (Prime numbers).
The system works on a public and private key system. The public key is made
available to everyone. With this key a user can encrypt data but cannot
decrypt it, the only person who can decrypt it is the one who possesses the
private key. It is theoretically possible but extremely difficult to generate
the private key from the public key, this makes the RSA algorithm a very
popular choice in data encryption.
Key Generation
Its security comes from the computational difficulty
of factoring large numbers. To be secure, very large numbers must be used for p
and q - 100 decimal digits at the very least.
1) Generate two large prime numbers, p and q
To make the example easy to follow I am going to use small numbers, but
this is not secure. To find random primes, we start at a random number
and go up ascending odd numbers until we find a prime. Lets have:
p = 7
q = 19
2) Let n = pq
n = 7 * 19
= 133
3) Let m = (p - 1)(q - 1)
m = (7 - 1)(19 - 1)
= 6 * 18
= 108
4) Choose a small number, e coprime to m
e coprime to m, means that the largest number that can exactly divide
both e and m (their greatest common divisor, or gcd) is 1. Euclid's algorithm
is used to find the gcd of two numbers, but the details are omitted here.
e = 2 => gcd(e, 108) = 2 (no)
e = 3 => gcd(e, 108) = 3 (no)
e = 4 => gcd(e, 108) = 4 (no)
e = 5 => gcd(e, 108) = 1 (yes!)
5) Find d, such that de % m = 1
This is equivalent to finding d which satisfies de = 1 + nm where n is
any integer. We can rewrite this as d = (1 + nm) / e. Now we work through
values of n until an integer solution for e is found:
n = 0 => d = 1 / 5 (no)
n = 1 => d = 109 / 5 (no)
n = 2 => d = 217 / 5 (no)
n = 3 => d = 325 / 5
= 65 (yes!)
To do this with big numbers, a more sophisticated algorithm called extended
Euclid must be used.
Public Key
n = 133
e = 5
Private Key (Secret Key)
n = 133
d = 65
Communication
Encryption
The message must be a number less than the smaller of p and q. However,
at this point we don't know p or q, so in practice a lower bound on p
and q must be published. This can be somewhat below their true value and
so isn't a major security concern. For this example, lets use the message
"6".
C = Pe % n
= 65 % 133
= 7776 % 133
= 62
Decryption
This works very much like encryption, but involves a larger exponation,
which is broken down into several steps.
P = Cd % n
= 6265 % 133
= 62 * 6264 % 133
= 62 * (622)32 % 133
= 62 * 384432 % 133
= 62 * (3844 % 133)32 % 133
= 62 * 12032 % 133
We now repeat the sequence of operations that reduced 6265 to 12032 to
reduce the exponent down to 1.
= 62 * 3616 % 133
= 62 * 998 % 133
= 62 * 924 % 133
= 62 * 852 % 133
= 62 * 43 % 133
= 2666 % 133
= 6
And that matches the plaintext we put in at the beginning, so the algorithm
worked!