RSA

Intro

Brackets with a subscript is the mod function. See mod Arithmetic .

This is intended to be a mathematical perspective of RSA. The following shows how RSA works. For example there is no need to explicitly apply the Euler's totient function mod because it is part of the number system and for the correct choice of numbers happens automatically.

See proj/rsa for a RSA implementation in C++.

Without M.Schroeder's "Number Theory in Science and Communication"'s 5 page explanation I would not be as informed. This was a really enjoyable read.

RSA Algorithm

$m$ is the message.
$c$ is the cipher.
$E$ is to encrypt.
$D$ is to decrypt.

E: $c = (m^{e})_{n}$

D: $(c^{e_{2}})_{n} = (((m^{e})_{n})^{e_{2}})_{n}$
$(c^{e_{2}})_{n} = (m^{(e . e_{2})_{ϕ (n)}})_{n}$

$e_{2}$ chosen: $(e . e_{2})_{ϕ (n)} = 1$

$(c^{e_{2}})_{n} = (m^{1})_{n} = m$

This works when $(m, n) = 1$

The RAS Algorithm works for n being prime but the inverse is easily calculated. It gets its security from n being the product of two primes. Euler's totient function is easily found in this case if you know the primes. But if you do not know the primes you need to factor n. For really large n this is extremely difficult, the larger the primes the more difficult the task becomes.

$p, q$ are prime.
$n = p q$
$ϕ (n) = (p - 1) (q - 1)$

Generating Primes

This is incredibly easy. The tests are statistical in nature. Choose a number at random and if it satisfies Euler's totient function then p could be prime. Keep repeating this test for increasing confidence. One failure of the test means that p is not prime.

$r$ is a random number.
$p$ is possibly a prime number.
$(r^{p - 1})_{p} == 1$

However maths libraries often have prime testing functions that are probably more efficient. I also have a table of the first few hundred primes to remove about 80% of non-prime numbers generated when searching for primes.

Generating random numbers of large sizes is generating n-bits and setting the leading bit. You could sequentially search for the next prime or randomly choose another number.

Unique Public Exponent

Do not have multiple public exponents. If a message is encrypted with multiple exponents it may be decrypted without knowing the key.

$c_{1} = (m^{e_{1}})_{n}$
$c_{2} = (m^{e_{2}})_{n}$
Solve $a_{1} e_{1} + a_{2} e_{2} = 1$
$c_{1}^{a_{1}} c_{2}^{a_{2}} = (m^{e_{1} a_{1} + e_{2} a_{2}})_{n} = m$

Euler's Power Law for mod Arithmetic

I made up the name as it seems appropriate.

$(x^{a b})_{n} = (x^{(a b)_{ϕ (n)}})_{n}$
when $(x, n) = 1$

The following is a proof of Euler's Power Law for mod Arithmetic.

Let $a . b = k ϕ (n) + (a b)_{ϕ (n)}$
$k \in J$

Consider the left hand side.

lhs:
$(x^{a b})_{n} = (x^{k ϕ (n) + (a b)_{ϕ (n)}})_{n}$
$(x^{a b})_{n} = (x^{k ϕ (n)} . x^{(a b)_{ϕ (n)}})_{n}$
$(x^{a b})_{n} = (x^{k ϕ (n)})_{n} . (x^{(a b)_{ϕ (n)}})_{n}$

If $(x^{k ϕ (n)})_{n} = 1$ then the left hand side is equal to the right hand side.

$(x^{k ϕ (n)})_{n} = (((x^{ϕ (n)})_{n})^{k})_{n}$
But $(x^{ϕ (n)})_{n} = 1$ when $(x, n) = 1$
$(x^{k ϕ (n)})_{n} = (1^{k})_{n} = 1$