# Simple RSA worked example

## Note: actual implementation is very different to the below, but you get the idea

IMPORTANT:
The math is actually way more involved than I originally thought.  So many more theorems and proofs
involved if you actually want to understand it properly.
In addition so many implementation details to consider from a practical performance 
perspective.  Going to ** PARK ** this for now and maybe come back to it later and spend more time 
on the theorems.

See below links for more info....

[Fermat's little theorem](https://en.wikipedia.org/wiki/Fermat%27s_little_theorem)

[Euler's totient function (uppercase Φ, lowercase φ or ϕ)](https://en.wikipedia.org/wiki/Euler%27s_totient_function)

[Euclid's gcd algorithm](https://en.wikipedia.org/wiki/Greatest_common_divisor)

[di-mgt.com](https://www.di-mgt.com.au/rsa_alg.html)

[crypto.stackexchange.com](https://crypto.stackexchange.com/questions/388/what-is-the-relation-between-rsa-fermats-little-theorem)

1. Select primes p and q

In [None]:
let p = 11
let q = 3

2. Calculate n and phi

In [None]:
let n = p * q
let phi = (p - 1) * (q - 1)

printfn $"n = {n}, phi = {phi}"

n = 33, phi = 20


3. Choose e such that gcd(e, phi) = 1  (gcd = greatest common divisor)

In [None]:
let e = 3

let rec gcd x y =
  if x = y then x
  else if x > y then gcd (x - y) y
  else gcd x (y - x)

gcd e phi = 1


4. Compute d such that ed ≡ 1 (mod phi)
   i.e. find d such that phi divides ed-1

In [None]:
let dCheck e phi d = e * d - 1 = phi
let d = 7
d |> dCheck e phi

5. Create public and private keys

In [None]:
let publicKey = (n, e)
let privateKey = (n, d)

6. Encrypt our message e.g '7' using the public key.  Note that the message must be less than n.

In [None]:
let encrypt n e m = (pown m e) % n

let m = 7
let c = encrypt n e m

7. Decrypt the message using our private key

In [None]:
let decrypt n d c = (pown c d) % n

let m' = decrypt n d c
m'

8. Out of interest, if we calculate the ciphertext c for all the possible values of m (0 to 32), we get the below.

Note that all 33 values of m (0 to 32) map to a unique code c in the same range in a sort of random manner. 
In this case we have nine values of m that map to the same value of c - these are known as unconcealed messages. 
m = 0, 1 and n-1 will always do this for any n, no matter how large. But in practice, these shouldn't be a problem
when we use large values for n in the order of several hundred bits.

In [None]:
[0..32] |> List.map (fun m -> (m, encrypt n e m))

index,Item1,Item2
0,0,0
1,1,1
2,2,8
3,3,27
4,4,31
5,5,26
6,6,18
7,7,13
8,8,17
9,9,3
