# RSA signatures

Sigurjón Ágústsson

In [14]:
import random
import time
import numpy as np

In [15]:
def load_small_primes():
    pfile =  open("1000primes.txt", "r")
    small_primes = [int(num) for num in pfile.read().split(',')]
    return small_primes

small_odd_primes = load_small_primes()
print("Small odd primes loaded : {}...{}".format(small_odd_primes[:5], small_odd_primes[-3:]))

Small odd primes loaded : [3, 5, 7, 11, 13]...[7901, 7907, 7919]


We start by introducing some helper functions. Most important of which is the modular exponentiation function which uses Montgomery modular multiplication to very quickly compute modular exponentiation.

In [16]:
def even(n):
    """Checks the parity of n"""
    return (n&1) != 1

def pow_n_mod_n(a,n):
    """Naive and very inefficient way of doing modular exponentiation"""
    return ((a**(n-1)) % n)

def modular_exponentiation(a,n):
    """Python's fast way of doing modular exponentiation"""
    return pow(a,(n-1),n)

def divisible_by_small_prime(n, resolution=1000):
    """A function that checks if a number n has one of the 
        1000 first primes as a factor (excluding 2 because 
        it is checked for already)"""
    global small_odd_primes # The array of primes
    for small_prime in small_odd_primes[:resolution]:
        if n == small_prime:
            # In this case n is a small prime number, and we return
            # False to indicate it is not divisible by any of
            # the smaller primes
            return False
        if (n % small_prime) == 0:
            # print("diviseble by small prime")
            return True
    return False

def seconds_to_prefix(sec):
    """Just a function that inputs number of seconds (float) and 
        outputs a string representation with a unit (s, ms or min) """
    if sec < 1:
        ms = sec * 1000
        return "{} ms".format(round(ms,4))
    elif sec < 60:
        return "{} s".format(round(sec,4))
    else:
        min = int(sec) // 60
        rem = seconds_to_prefix(sec-60*min)
        return "{} min and {}".format(min,rem)

Let's demonstrate with a timing example.

In [17]:
bits = 20
# Let n be a random 20 bit integer
n = random.randint((1<<(bits-1)),((1<<bits)-1))
a = random.randint(0xFFFF,n-1) # a very large number but still less than n


ex1_start = time.perf_counter()
print(pow_n_mod_n(a,n))
ex1_end = time.perf_counter()
ex2_start = time.perf_counter()
print(modular_exponentiation(a,n))
ex2_end = time.perf_counter()
t1,t2 = (ex1_end-ex1_start), (ex2_end-ex2_start)
strt1,strt2 = seconds_to_prefix(t1), seconds_to_prefix(t2)
diff = round(t1/t2,2)
print("Using the slow algorithm, it took: {} \
        \nUsing the fast algorithm, it took: {}".format(strt1,strt2))
print("The Montgomery algorithm makes modular exponentiation {} times faster in this case!".format(diff))

508462
508462
Using the slow algorithm, it took: 1.6541 s         
Using the fast algorithm, it took: 0.0398 ms
The Montgomery algorithm makes modular exponentiation 41560.78 times faster in this case!


## Prime number generation

Now we are ready to do generate prime numbers. 

In [18]:
def probable_prime(size):
    assert size > 0
    s = size-1
    smallest = 1<<s
    largest = (1<<(s+1))-1
    while True:
        # First pick a random number n of size 'size' bits
        n = random.randint(smallest,largest)
        if even(n) or divisible_by_small_prime(n):
            continue
        a = random.randint(2,n-1)

        mod_computation = modular_exponentiation(a,n)

        if mod_computation == 1:
            # By Fermat's little thm, if the result is not 1
            # then n is not prime, otherwise, it is likely to 
            # be prime
            return n

Let's use this to generate some "small" probably-prime numbers, or pseudoprimes.

In [19]:
for i in range(4):
    bits = 8*(i+1)
    print("{} bits: \t".format(bits), probable_prime(bits))

8 bits: 	 193
16 bits: 	 53881
24 bits: 	 15850739
32 bits: 	 2618465573


In RSA encryption we want much larger primes. Typically 1024 or 3072 bits. That is no obstacle for us, let's generate such pseudoprimes:

In [38]:
t1s = time.perf_counter()
p1024 = probable_prime(1024)
t1e = time.perf_counter()
print(p1024)
print("execution time: {} seconds".format(round((t1e-t1s),3)))

178669879833238058803097230945796509217220128626420334357191547020827428454242408443807852290079627911117474207117030340362094125665778751017398846151977855704299536040324506463489481545876098988273129981573475275515572769878823605967157544036805354035545342161039183557952119110897054871043393788164984832399
execution time: 0.037 seconds


In [39]:
t1s = time.perf_counter()
p3072 = probable_prime(3072)
t1e = time.perf_counter()
print(p3072)
print("execution time: {} seconds".format(round((t1e-t1s),3)))

4773147904658828348516806229466132409572384417959991116555404200487871941555747007599299930452534622640586564635765925047116792538348919936173540953531783697768701482368306271205680427379838747791265472294387800222320820675626195427690907492811542583596301530362892913037219164227286188526709774034100313852602691053480898884212474274380391330280734594212892983870897998936647727656239733009285726614992113798056528645766299772670877885835512429478000631907400630636658842647518080212425860525103145330380045698153428039750814152338008893715536732983782104185728108162512614849879430556933306977770975346766887247828545703659932685916651245248000937226886053173659030953258687002446221937754238441673234416101946171962591846544721579743339637557261585352678330115683013676235890967733464813665671123650510834539475532280639216064379609624883790194669055416925238175703370852337734450712143957664997195377078337918119952306383
execution time: 8.177 seconds


## RSA signatures

In [23]:
e = 3
print(pow(e,-1,500))

167


In [24]:
def find_ed(N,T):
    e = 3
    d = pow(e,-1,T)
    return (e,d)

In [25]:
def generate_keys(size=1024):
    """Function that returns a tuple of public and private keys of given size (in bits)"""
    p,q = probable_prime(size),probable_prime(size)
    N = p*q
    # e is less than T. And it is coprime to T and N
    # e*d mod T has to be 1
    # e is typically 3
    T = N - p - q + 1 # (p-1)(q-1)
    e = 3
    d = pow(e,-1,T)
    return ((N,e),(N,d))

def dummy_keys():
    return ((91, 5), (91, 29))

def encrypt(val, public_key):
    """public key is a tuple containing N,e """
    N,e = public_key
    return pow(val,e,N)

def decrypt(cipher, private_key):
    """Private key is a tuple containing N,d """
    N,d = private_key
    return pow(cipher,d,N)

In [26]:
public_key, secret_key = generate_keys()
# public_key, secret_key = dummy_keys()

In [27]:
public_key

(18472208556680261967665985663500975132801565602218831511265395241007946232441937464853192318459351792252730799228778990611499446529895109199902625082685536323707545443388984813058872831649183703572126458895071669424863163636578326587733333193924928065923475615130041770191493226349004025493392864950110365331679482258565866394910608044511682097603197005870097580735983075965449185939875721276978497624479099127213078290188285010667124741571473040486834624111044475361689571762858166704318843082245672045068305928694741152252727594533733513356081836815470751162156756740211910566108577411790752821658441156579407661893,
 3)

In [28]:
secret_key

(18472208556680261967665985663500975132801565602218831511265395241007946232441937464853192318459351792252730799228778990611499446529895109199902625082685536323707545443388984813058872831649183703572126458895071669424863163636578326587733333193924928065923475615130041770191493226349004025493392864950110365331679482258565866394910608044511682097603197005870097580735983075965449185939875721276978497624479099127213078290188285010667124741571473040486834624111044475361689571762858166704318843082245672045068305928694741152252727594533733513356081836815470751162156756740211910566108577411790752821658441156579407661893,
 1231480570445350797844399044233398342186771040147922100751026349400529748829462497656879487897290119483515386615251932707433296435326340613326841672179035754913836362892598987537258188776612246904808430593004777961657544242438555105848888879594995204394898374342002784679432881756600268366226190996674024355427114954119602782021902445410830729816239108136199035256585996658869409

In [29]:
text = "HELLO WORLD!"

In [30]:
def str2ascii_list(string):
    return [ord(c) for c in string]

def ascii_list2str(alist):
    s = ""
    for c in alist:
        s+=chr(c)
    return s

def encrypt_string(string, public_key):
    ascii_list = [ord(i) for i in string]
    enc_list = [encrypt(j,public_key) for j in ascii_list]
    print(enc_list)
    enc_string  = ""
    for enc in enc_list:
        enc_string += chr(enc)
    return enc_list

def decrypt_string(enc_list,private_key):
    ascii_list = [decrypt(j, private_key) for j in enc_list]
    return ascii_list

In [31]:
text_asc = str2ascii_list(text)
print("original:")
print(text_asc)
print("encrypted:")
enc = [encrypt(c, public_key) for c in text_asc]
print(enc)
print("decrypted_list")
dec_list = [decrypt(c, secret_key) for c in enc]
print(dec_list)
print("result")
res = ascii_list2str(dec_list)
print(res)

original:
[72, 69, 76, 76, 79, 32, 87, 79, 82, 76, 68, 33]
encrypted:
[373248, 328509, 438976, 438976, 493039, 32768, 658503, 493039, 551368, 438976, 314432, 35937]
decrypted_list
[72, 69, 76, 76, 79, 32, 87, 79, 82, 76, 68, 33]
result
HELLO WORLD!


In [32]:
# ASCII has values from 32 to 126
# print("Public,private keys are: ", public_key, secret_key)
for i in range(32,127):
    enc = encrypt(i, public_key)
    dec = decrypt(enc, secret_key)
    if dec == i:
        print(f"{i}, ASCII: '{chr(i)}', Encryption: '{enc}', Decrypting encryption: '{dec}'")
    else:
        print(f"{i}, ASCII: '{chr(i)}', Encryption: '{enc}', Decrypting encryption: '{dec}' - FAIL")

32, ASCII: ' ', Encryption: '32768', Decrypting encryption: '32'
33, ASCII: '!', Encryption: '35937', Decrypting encryption: '33'
34, ASCII: '"', Encryption: '39304', Decrypting encryption: '34'
35, ASCII: '#', Encryption: '42875', Decrypting encryption: '35'
36, ASCII: '$', Encryption: '46656', Decrypting encryption: '36'
37, ASCII: '%', Encryption: '50653', Decrypting encryption: '37'
38, ASCII: '&', Encryption: '54872', Decrypting encryption: '38'
39, ASCII: ''', Encryption: '59319', Decrypting encryption: '39'
40, ASCII: '(', Encryption: '64000', Decrypting encryption: '40'
41, ASCII: ')', Encryption: '68921', Decrypting encryption: '41'
42, ASCII: '*', Encryption: '74088', Decrypting encryption: '42'
43, ASCII: '+', Encryption: '79507', Decrypting encryption: '43'
44, ASCII: ',', Encryption: '85184', Decrypting encryption: '44'
45, ASCII: '-', Encryption: '91125', Decrypting encryption: '45'
46, ASCII: '.', Encryption: '97336', Decrypting encryption: '46'
47, ASCII: '/', Encryptio

In [33]:
encrypted = encrypt_string(text,public_key)
print(encrypted)
decrypted = decrypt_string(encrypted,secret_key)
print(decrypted)

[373248, 328509, 438976, 438976, 493039, 32768, 658503, 493039, 551368, 438976, 314432, 35937]
[373248, 328509, 438976, 438976, 493039, 32768, 658503, 493039, 551368, 438976, 314432, 35937]
[72, 69, 76, 76, 79, 32, 87, 79, 82, 76, 68, 33]


Different way to encode strings

In [52]:
def string_to_num(string):
    num = 0
    for c in string:
        new_char = ord(c)
        num = (num<<7)+new_char
    return num

def num_to_string(num):
    string = ""
    while num>0:
        new_char = 0x7F
        new_char &= num # Now new_char is the ascii value of the last character of the string
        string = chr(new_char) + string # We prepend the new character to the string, since we are going in the reverse
        num = num >> 7
    return string

s = "AB"

string_to_num(s)


8386

In [68]:
num_chars = 5
bits = num_chars * 8
largest, lowest = (1<<bits)-1, (1<<(bits-1))
for _ in range(5):
    s = random.randint(lowest,largest)
    print(num_to_string(s))


i5
lP70
r2!;
P[Z3
/@k^


In [54]:
ord('A')

65

In [45]:
bin(8386)

'0b10000011000010'

In [47]:
chr(0b1000010)

'B'

In [48]:
chr(0b1000001)

'A'

In [49]:
bin(64)

'0b1000000'