# Playing with RSA

In [99]:
import timeit

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding

## What happens if p and q are too close?

In [41]:
p=next_prime(2^512)

In [42]:
q=next_prime(p)

In [43]:
n_ = p * q

In [44]:
# n has 1024 bit
n_

179769313486231590772930519078902473361797697894230657273430081157732675805500963132708477322407536021120113879871393357658789768814416622492847430639477074095512480796227391561801824887394139579933613278628104952355769470429079061808809522886423955917442317693387325171135071792698344550223571732405562649211

In [53]:
# We start from the square root and look for the next prime
next_prime(sqrt(n_).n(1000))

13407807929942597099574024998205846127479365820592393377723561443721764030073546976801874298166903427690031858186486050853753882811946569946433649006084241

In [54]:
# Compare with q
q

13407807929942597099574024998205846127479365820592393377723561443721764030073546976801874298166903427690031858186486050853753882811946569946433649006084241

## How long does it take to generate a key?

In [76]:
def gen():
    rsa.generate_private_key(
        public_exponent=int(65537),
        key_size=512,
        backend=default_backend())
    
timeit.timeit(gen, number = 100)

0.6423623399996359

Homework: measure the key generation time for various key sizes up to 4096 bits. Plot a graph. 

# What happens if the exponent is too low?

In [102]:
private_key = rsa.generate_private_key(
    public_exponent=int(3),
    key_size=1024,
    backend=default_backend()
)
public_key = private_key.public_key()

In [103]:
message = b"OK"

m = int.from_bytes(message,"big")
c = power_mod(m,public_key.public_numbers().e,public_key.public_numbers().n)

print("m = {}, c = {}".format(m,c))

m = 20299, c = 8364190790899


In [104]:
# Can we find the message?
Integer(c).nth_root(3)

20299

In [112]:
# What happens if we use padding?
c = public_key.encrypt(message,
    padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),
    algorithm=hashes.SHA256(),
    label=None
    ))
print("c = {:d}".format(int.from_bytes(c,"big")))

c = 72298893754522997186261833291349017833380813959935397776769547882223664956860838176327136650812371051385738923316838446425081077831439882699006945410119829804883334430114532893965285342133954141230248211581804468197409100565876887274196787369997850636594203218119964770892385802488758232002788601317056239444
