# RSA ENCRYPTION/DECRYPTION TUTORIAL
## By Siddharth Gupta, CS Major at Northeastern University

#### In this tutorial, I am going to be walking you through how RSA encryption works, along with how its differnt components are implemented in Python 3. This tutorial does not use any encryption/decryption packages, everything has been implemented from scratch (except for the prime number generator, that is beyond my current abilities). The first few steps are some mathematical function that the actual encryption and decryption processes use, so feel free to skip them if you want. Otherwise, let us begin:

#### Step 1: Encoding a message

In most real life scenarios, the message that we want to encrypt will be a string. Because our encryption and decryption algorithms only work on numbers, we need to convert, or _encode_, the message into a number. This can be done using the ASCII standard. Similar to how we can convert a number from binary to decimal, we can convert from a string to a decimal number using expansion of base 256: $$ \text{ASCII Expansion: } (a_0a_1a_2 ... a_{n-1}a_n)_{256} = a_n * 256^0 + a_{n-1} * 256^1 + ... a_0 * 256^n$$

In [6]:
#encoder: String -> Number
#creates a unique numerical represnetation for a given string
def encoder(s):
    ascii_array = list(map(ord,list(str(s))))
    ascii_array.reverse()
    return (sum([((256**i) * ascii_array[i]) for i in range(0, len(ascii_array))]))
#decoder: Number -> String
#Finds original string that was encoded
def decoder(n):
    remainders = []
    while n != 0:
        remainders.append(n%256)
        n = n//256
    remainders.reverse()
    return ''.join(map(chr, remainders))

In [7]:
decoder(encoder("Miusov, as a man man of breeding and deilcacy, could not but feel some inwrd qualms, when he reached the Father Superior's with Ivan: he felt ashamed of havin lost his temper. He felt that he ought to have disdaimed that despicable wretch, Fyodor Pavlovitch, too much to have been upset by him in Father Zossima's cell, and so to have forgotten himself. Teh monks were not to blame, in any case, he reflceted, on the steps. And if theyre decent people here (and the Father Superior, I understand, is a nobleman) why not be friendly and courteous withthem? I won't argue, I'll fall in with everything, I'll win them by politness, and show them that I've nothing to do with that Aesop, thta buffoon, that Pierrot, and have merely been takken in over this affair, just as they have.He determined to drop his litigation with the monastry, and relinguish his claims to the wood-cuting and fishery rihgts at once. He was the more ready to do this becuase the rights had becom much less valuable, and he had indeed the vaguest idea where the wood and river in quedtion were.These excellant intentions were strengthed when he enterd the Father Superiors diniing-room, though, stricttly speakin, it was not a dining-room, for the Father Superior had only two rooms alltogether; they were, however, much larger and more comfortable than Father Zossimas. But tehre was was no great luxury about the furnishng of these rooms eithar. The furniture was of mohogany, covered with "))

"Miusov, as a man man of breeding and deilcacy, could not but feel some inwrd qualms, when he reached the Father Superior's with Ivan: he felt ashamed of havin lost his temper. He felt that he ought to have disdaimed that despicable wretch, Fyodor Pavlovitch, too much to have been upset by him in Father Zossima's cell, and so to have forgotten himself. Teh monks were not to blame, in any case, he reflceted, on the steps. And if theyre decent people here (and the Father Superior, I understand, is a nobleman) why not be friendly and courteous withthem? I won't argue, I'll fall in with everything, I'll win them by politness, and show them that I've nothing to do with that Aesop, thta buffoon, that Pierrot, and have merely been takken in over this affair, just as they have.He determined to drop his litigation with the monastry, and relinguish his claims to the wood-cuting and fishery rihgts at once. He was the more ready to do this becuase the rights had becom much less valuable, and he ha

#### Step 2: Generating prime numbers

When creating a public key, we need to be able to generate two large and random prime numbers. The following algorithm, taken by from Medium.com, generates a large random prime number.

Because of how difficult it is to generate large prime numbers, prime number generation is often in the forefront of research in Cryptography and Computer Science. Prime numbers are the foundation of RSA Encryption, and now, we are ready to see why.

In [22]:
from random import randrange, getrandbits
#SOURCE: Medium.com
def is_prime(n, k=128):
    """ Test if a number is prime
        Args:
            n -- int -- the number to test
            k -- int -- the number of tests to do
        return True if n is prime
    """
    # Test if n is not even.
    # But care, 2 is prime !
    if n == 2 or n == 3:
        return True
    if n <= 1 or n % 2 == 0:
        return False
    # find r and s
    s = 0
    r = n - 1
    while r & 1 == 0:
        s += 1
        r //= 2
    # do k tests
    for _ in range(k):
        a = randrange(2, n - 1)
        x = pow(a, r, n)
        if x != 1 and x != n - 1:
            j = 1
            while j < s and x != n - 1:
                x = pow(x, 2, n)
                if x == 1:
                    return False
                j += 1
            if x != n - 1:
                return False
    return True
def generate_prime_candidate(length):
    """ Generate an odd integer randomly
        Args:
            length -- int -- the length of the number to generate, in bits
        return a integer
    """
    # generate random bits
    p = getrandbits(length)
    # apply a mask to set MSB and LSB to 1
    p |= (1 << length - 1) | 1
    return p
def generate_prime_number(length=1024):
    """ Generate a prime
        Args:
            length -- int -- length of the prime to generate, in          bits
        return a prime
    """
    p = 4
    # keep generating while the primality test fail
    while not is_prime(p, 128):
        p = generate_prime_candidate(length)
    return p

#### Generating Public and Private Keys:


In [9]:
#Generates random pair of public and private keys
def key_generator():
    p = generate_prime_number()
    q = generate_prime_number()
    n = p*q
    
    totient = (p-1)*(q-1)
    e = 65537
    private_key = int(inverse_mod(e,totient))
    public_key = (n,e)
    if private_key < 0:
        private_key += totient
    return (public_key, private_key)
    

In [10]:
import import_ipynb
import AES as aes

importing Jupyter notebook from AES.ipynb


In [11]:
sid_rsa_keys = key_generator()
sid_aes_key = aes.generateKey()

In [12]:
#rsa_encrypter: Integer (Integer, Integer) -> Integer
#encrypts a message with a given public key
def rsa_encrypter(m, key):
    return (pow(encoder(m), key[1], key[0]))

In [13]:
#rsa_decrypter: Integer ((Integer, Integer), Integer) -> String
#decrypts a message given a private key. Only decrypts message correctly if private key is the right one
def rsa_decrypter(encrypted, keys):
    return pow(encrypted, keys[1], keys[0][0])

In [14]:
file = open("example.txt","r") 
textFromFile = file.read()
textFromFile

'Hello world, my name is sid and I am going to be attempting to encrypt this file using AES encrytpion.\nMiusov, as a man man of breeding and deilcacy, could not but feel some inwrd qualms, when he reached the Father Superior\'s with Ivan: he felt ashamed of havin lost his temper. He felt that he ought to have disdaimed that despicable wretch, Fyodor Pavlovitch, too much to have been upset by him in Father Zossima\'s cell, and so to have forgotten himself. "Teh monks were not to blame, in any case," he reflceted, on the steps. "And if they\'re decent people here (and the Father Superior, I understand, is a nobleman) why not be friendly and courteous withthem? I won\'t argue, I\'ll fall in with everything, I\'ll win them by politness, and show them that I\'ve nothing to do with that Aesop, thta buffoon, that Pierrot, and have merely been takken in over this affair, just as they have."\n\nHe determined to drop his litigation with the monastry, and relinguish his claims to the wood-cuting

In [15]:
encryptedKey = rsa_encrypter(sid_aes_key, sid_rsa_keys[0])

In [16]:
encryptedKey

4015944665861545125771687458821526686497396008612506100195942491823385696574344919200660041701231194315000866646956713647174542480704657099498552731678511153758646560960005124743178617394944004592080389081785186987326067320367613885920398468249254224241350222555877393782042448130008932506436891613329477125831091852065001787696030217099155742261237462622598603142855060123381618370190179588793421026221023853145322529930849063787870450058636585269606143021523912760167921979825070445229083076182506529000818048666182466239482831597034890096392517198838761093649552734591039505286528163232488665985358670470238387732

In [17]:
encryptedMessage = aes.encrypt(textFromFile, sid_aes_key)

In [18]:
encryptedMessage

'90582196631142b6fe9439ce876b33470a86e6c34b6d9bb0087722ee6abb78b1a158c683fda3ef3617aa2692f80a97e2a4d6bfee26a98e2c310aa2a4f6925cf40aa3214d0c27265ca03a1c89db0a369108727cc570b83f5b6bcb31afb766474f93e122f0538268780173307f76dd81ca36d7dfc60406bda620a53dd461523fb895edc613bfc27792339f1ae454f37532e2fef8cddc6ffebb69384012299fde69789e9da259e0dc0053cf0119e43ddeb105453d6598a800ff5f9cfc25f2b4b137c33d92f032883f9185e651a6c3c9f55d26fd3a55e3119e1f99c904f85189ab6c189e9816a07cbfe69218c1ee548fe1bad2835ad66df73735699e6d952e07cd74f2a6cb013de55412eedb727dd4d2e5c024cce61648eea4ce3f95038af90e5d426c42520d3c58d59ea54c88dfb15b091856fd952897490141c837c9618da64563b0cd6768881c9a5ba4cadd50321bd42c6e5e4e8776b530ae57328546ffb793ebb56a3aa673fb804109eae8139f33f0c06e3ef648b24c46bda2f7f688734667e6c88bdaf5a79fdef65cea1746576199183b7d1ea335b8c53b2e0cb9b122e98334a0e83a263490668f88ff8faaa2ec5d5998afe18558eb4d80b7381ab41d9d9629d6d356047b2957a4d8458a4d5106fe93772081f282ad82ef2449de2f1adea91e52bb79f90e8befc69070cc3620a56b69f4de29e

In [19]:
decryptedKey = decoder(rsa_decrypter(encryptedKey,sid_rsa_keys))

In [20]:
decryptedMessage = aes.decrypt(encryptedMessage, decryptedKey)

In [21]:
decryptedMessage

'Hello world, my name is sid and I am going to be attempting to encrypt this file using AES encrytpion.\nMiusov, as a man man of breeding and deilcacy, could not but feel some inwrd qualms, when he reached the Father Superior\'s with Ivan: he felt ashamed of havin lost his temper. He felt that he ought to have disdaimed that despicable wretch, Fyodor Pavlovitch, too much to have been upset by him in Father Zossima\'s cell, and so to have forgotten himself. "Teh monks were not to blame, in any case," he reflceted, on the steps. "And if they\'re decent people here (and the Father Superior, I understand, is a nobleman) why not be friendly and courteous withthem? I won\'t argue, I\'ll fall in with everything, I\'ll win them by politness, and show them that I\'ve nothing to do with that Aesop, thta buffoon, that Pierrot, and have merely been takken in over this affair, just as they have."\n\nHe determined to drop his litigation with the monastry, and relinguish his claims to the wood-cuting

#### The GCD algorithm:

The GCD Algorithm finds the greates common divisor of two integers $ a \text{ and } b$. It makes use of the following mathematical fact: 
$$ a = bn + r_{a/b}  $$
From this, we can see if a number divides both $a$ and $b$, then it must also divide $r_{a/b}$, which is the remainder of $a/b$. Because of this, the GCD of $a$ and $b$ is equivalent of the GCD of $b$ and $r_{a/b}$, and so we come up with the following recurseive algorithm. If $r_{a/b}$ is 0, then we are done, as that shows that $b$ divides $a$. Otherwise, we have to find gcd($b$, $r_{a/b}$).

In [1]:
#gcd: Integer Integer -> Integer
#Returns the gcd of two integers, both of which are not 0

def gcd(a,b):
    if b == 0:
        return a
    else:
        return gcd(b, a%b)


In [2]:
gcd(49831,825579)

1

#### Extended Euclid Algorithm:
The extended euclid algorithm is another way to find the GCD of two integers $a$ and $b$, however it also finds solutions $x$ and $y$ to the following equation: $$ ax + by = gcd(a,b) $$ The following link by CMU gives a great explanation as to how the algorithm works.

In [3]:
#extended_euclid : Integer Integer -> (Integer, Integer)
#returns integers x, y such that ax + by = gcd(a,b)
#credit for theory: http://www.math.cmu.edu/~bkell/21110-2010s/extended-euclidean.html
def extended_euclid(a,b):
    return extended_euclid_helper(a,b,{a : (1,0), b : (0,1)})
#extended_euclid_helper: Integer Integer [Dict-of (Integer -> (Integer, Integer))] -> (Integer, Integer)
#ACCUMULATOR: [Dict-of (Integer -> (Integer, Integer))] keeps track of coefficients that can be used for substitution.
def extended_euclid_helper(a,b,table):
    if b == 0:
        return table[a]
    r = a%b
    q = a//b
    table[r] = (table[a][0] + -q*table[b][0],
                table[a][1] + -q*table[b][1])
    return extended_euclid_helper(b,r,table)

In [4]:
"""
def euclidean_alg_checker(a,b):
    x,y = extended_euclid(a,b)
    return a*x + b*y == gcd(a,b)

x = rand.randint(2,10000000000000000000)
y = rand.randint(2,10000000000000)
test = euclidean_alg_checker(x,y)
"""

'\ndef euclidean_alg_checker(a,b):\n    x,y = extended_euclid(a,b)\n    return a*x + b*y == gcd(a,b)\n\nx = rand.randint(2,10000000000000000000)\ny = rand.randint(2,10000000000000)\ntest = euclidean_alg_checker(x,y)\n'

#### Inverse Mod:

Consider a special case of the extended euclid algorithm: $$ ax + by = 1 $$

In [5]:
#inverse_mod: Integer Integer -> Integer
#finds the multiplicative inverse of x mod n _a_ such that ax mod n = 1
def inverse_mod(a,n):
    return int(extended_euclid(a,n)[0])
