## RSA Cipher



### Key generation

* Choose two primes $p$ and $q$

* Compute $n=pq$

* Compute the least common multiple of $p−1$ and $q−1$, and call it $\lambda(n)=lcm(p-1,q-1)$

* Choose an integer $e$ coprime to $\lambda(n)$

* Compute the inverse $d$ of $e$ modulo $\lambda(n)$ 

Now, say that Alice wants to receive from Bob a message. 

* $(n,e)$ is a public key, which Alice sends to Bob through a reliable channel. 
* $(n,d)$ is a private key, which Alice keeps for herself. 


### Encryption and Decryption 

Bob translates his message M to an integer $m$, and then converts it to ciphertext using 

$$ c = m^e \pmod{n} $$

When Alices receives the value of 'c', she decodes it using 

$$ m = c^d \pmod{n}$$ 

which recovers $m$. 

### Examples

* Choose $p=61$, $q=53$ which are two prime numbers
* Compute $n=pq = 3233$, 
* Compute the least common multiple, 

$$ \lambda (3233) = lcm (60, 52) = 780 $$

* Choose between $1<e<780$ this is coprime to 780. Let $e=17$. 
* Compute $d$, the modular multiplicative inverse of $ 17 \pmod {780}$.  
   
   - $780=2^2*3*5*13$ 
   - $\phi(780) = (2-1)^2(3-1)(5-1)(13-1) = 96$
   - $ d= 17^{96-1} \pmod{780} = 413$

Now the public/encryption key is $(n=3233, e=17)$, the private/decryption key is $(n=3233, d=413)$. 

In this case, $p$ and $q$ are small, it is very easy to guess their values from $n$. In reality, large prime numbers are used such that the decomposition of $n$ to prime numbers is difficult. 

Now let's try the encryption and decryption 

Bob wants to send a message "HI", e.g., H=7, I=8. He first encodes it with the key he got from Alice $(n=3233, e=17)$,

$$ c1 = 7^{17} \pmod{3233} = 2369 $$
$$ c2 = 8^{17} \pmod{3233} = 2041 $$

He sends "2369, 2041" to Alice. 

Alice now uses her private key $(n=3233, d=413)$ to decode it, 

$$ m1 = 2369^{413} \pmod{3233} = 7 $$
$$ m2 = 2041^{413} \pmod{3233} = 8 $$

and she gets "7 8". With the alphabetic table, she understands the message is "HI". 


### Resources

* [Wikipedia](https://en.wikipedia.org/wiki/RSA_(cryptosystem))




In [1]:
17**95 % 780

413

In [2]:
[m**17 % 3233 for m in [7, 8]]

[2369, 2041]

In [3]:
[c**413 % 3233 for c in [2369, 2041]]

[7, 8]