# RSA Algorithm: Theory and Implementation in Python

### [ WARNING: this is an exercise purely for fun: it is definitely very insecure, do not use this code in a real system and do not attempt to write your own cryptographic functions! ]




# Pick two large prime numbers:

First we need to pick two large prime numbers at random. So first, we'll get the user to type some random keys on the keyboard (this will be familiar if you've used e.g. Gnu-PG):

In [1]:
user_entropy = input("please generate some entropy by typing lots of random characters: ")

entropy = 0
 for letter in user_entropy:
     entropy = entropy + ord(letter)

IndentationError: unexpected indent (259581665.py, line 4)

That turns the user input into a single number. Then we need to find the nearest prime number, with two functions:

In [None]:
def isPrime(num):
     for i in range(2,num):
         if (num % i) == 0:
             prime = False
         else:
             prime = True
     return prime

In [None]:
def find_nearest_prime(num):

    while num < 100000:

        if isPrime(num):

            return num

        else:

            num += 1

# Get $\mathbf{N}$ and $\boldsymbol{\Phi}(\mathbf{N})$

Now we have two prime numbers, we multiply then together to get the composite number $\mathrm{N}$ which will be the second part of the private and public keys.

In [None]:
n = prime1*prime2

We also need $\Phi(N)$ (the 'totient'):

In [None]:
phi_n = ((prime1-1)*(prime2-1))

# Get e (public key)

Now we have to find e, the public key component. The easy bit condition is that it has to be between 1 and $\Phi(N)$. The more tricky condition is that it has to be coprime with both $\mathrm{N}$ and $\Phi(N)$. Two numbers are coprime if they have no common factors other than 1 . So first thing we need is a function to find the factors of a number:

In [None]:
def get_factors(num):

    factors = []

    for i in range(2,num):

        if ((num % i) == 0):

            factors.append(i)

    return factors

Now we can write a function to check if two numbers have common factors other than 1:

In [None]:
def isCoprime(num1,num2):

    num1_factors = get_factors(num1)

    num2_factors = get_factors(num2)

    if set(num1_factors).isdisjoint(set(num2_factors)):

        # print('no common factors - they coprime!')

        return True

    else:

        # print('there are common factors, not coprime')

        return False

Now we can write a function to find values for e that will satisfy those conditions:

In [None]:
def find_e(n,phi_n):

    candidates = []

    for i in range(3,n):

        if isPrime(i):

            if((isCoprime(i,n)) and (isCoprime(i,phi_n))):

                candidates.append(i)

    return candidates

This returns a list of potential values for e which we can pick.

# Get d (private key)

How about the private key for decrypting messages (d)? This should be the multiplicative inverse of e; that means that when multiplied by e, it should equal 1. My notes say this is equivalent to: $e^{\star} d=1 \bmod N$.

In [None]:
def find_d(prime1,n):
     for i in range(prime1,n):
         if (((i*e) % phi_n) == 1):
             print(i)
             return i

So that’s the basic key generation functions done. I put in some command line interactions to get this all done, and save the keypair to a text file in the working directory.

# Encryption and decryption

With the keypairs saved as dictionaries, the encryption and decryption functions are relatively simple:

In [None]:
def encrypt(pt):
     return (pt ** public_key['e']) % public_key['n']

In [None]:
def decrypt(ct):
     return (ct ** private_key['d'] % public_key['n'])

At the moment, this only works to encrypt integers rather than text strings. There are various ways we could handle encoding text to integers.

# Functional ... just!

So there we go. A few minutes was just enough to put together a minimally functional RSA cryptosystem.

The main issue is that even for pairs of small prime numbers, it takes a while to find $\mathrm{e}$. Keysizes in the $10-20$ 's range are pretty quick to compute, but NIST recommends asymmetric keys should be at least 2048-bits. Trying to generate a key this big means leaving the script running for a long, long time.

There are loads of ways the code could be improved.

# Summary

The algorithm for RSA is as follows:

 1. Select 2 prime numbers, preferably large, $\mathrm{p}$ and $\mathrm{q}$.
 2. Calculate $n=p^* q$.
 3. Calculate phi(n) $=(p-1)^{\star}(q-1)$
 4. Choose a value of e such that $1<e<$ phi(n) and $\operatorname{gcd}(\operatorname{phi}(\mathrm{n}), \mathrm{e})=1$.
 5. Calculate $d$ such that $d=\left(e^{\wedge}-1\right)$ mod phi(n).

Here the public key is $\{e, n\}$ and private key is $\{d, n\}$. If $M$ is the plain text then the cipher text $\mathrm{C}=\left(\mathrm{M}^{\wedge} \mathrm{e}\right)$ mod $\mathrm{n}$. This is how data is encrypted in RSA algorithm. Similarly, for decryption, the plain text $M=\left(C^{\wedge} d\right)$ mod $n$.

Example: Let $\mathrm{p}=3$ and $\mathrm{q}=11$ (both are prime numbers).
 - Now, $n=p^* q=3^* 11=33$
 - $\operatorname{phi}(\mathrm{n})=(\mathrm{p}-1)^{\star}(\mathrm{q}-1)=(3-1)^{\star}(11-1)=2^{\star} 10=20$
 - Value of e can be 7 since $1<7<20$ and $\operatorname{gcd}(20,7)=1$.
 - Calculating $\mathrm{d}=\left(7^{\wedge}-1\right) \bmod 20=3$.
 - Therefore, public key $=\{7,33\}$ and private key $=\{3,33\}$.
 
Suppose our message is $\mathrm{M}=31$. You can encrypt and decrypt it using the RSA algorithm as follows:

__Encryption:__ $\mathrm{C}=\left(\mathrm{M}^{\wedge} \mathrm{e}\right) \bmod \mathrm{n}=31^{\wedge} 7 \bmod 33=4$

__Decryption:__ $M=\left(C^{\wedge} d\right) \bmod n=4^{\wedge} 3 \bmod 33=31$

Since we got the original message that is plain text back after decryption, we can say that the algorithm worked correctly.

Below is the Python code for the implementation of the RSA Algorithm:

In [None]:
import math
 
# step 1
p = 3
q = 7
 
# step 2
n = p*q
print("n =", n)
 
# step 3
phi = (p-1)*(q-1)
 
# step 4
e = 2
while(e<phi):
    if (math.gcd(e, phi) == 1):
        break
    else:
        e += 1
 
print("e =", e)
# step 5
k = 2
d = ((k*phi)+1)/e
print("d =", d)
print(f'Public key: {e, n}')
print(f'Private key: {d, n}')
 
# plain text
msg = 11
print(f'Original message:{msg}')
 
# encryption
C = pow(msg, e)
C = math.fmod(C, n)
print(f'Encrypted message: {C}')
 
# decryption
M = pow(C, d)
M = math.fmod(M, n)
 
print(f'Decrypted message: {M}')  

Being able to do both encryption and digital signatures is one of the RSA algorithm’s key benefits. To confirm that the message has not been tampered with, digital signatures are made by encrypting a message hash with the sender’s private key. This encryption may then be validated by anybody with access to the sender’s public key.