new public key (rsa) encryption · 2009. 2. 23. · logo1 overview needed theorems rsa encryption...
TRANSCRIPT
logo1
Overview Needed Theorems RSA Encryption
Public Key (RSA) Encryption
Bernd Schroder
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Encryption and Decryption
1. Simple idea: “You” want to send communications that“they” won’t understand, even if the transmission isintercepted.
2. Internet commerce. “You”: Provider and client. “They”:Hackers, identity thieves.
3. Intelligence. “You”: Operative and correspondingintelligence agency. “They”: Another intelligence agency.
4. War. “You”: Field commander and central command.“They”: Opposing army.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Encryption and Decryption1. Simple idea: “You” want to send communications that
“they” won’t understand, even if the transmission isintercepted.
2. Internet commerce. “You”: Provider and client. “They”:Hackers, identity thieves.
3. Intelligence. “You”: Operative and correspondingintelligence agency. “They”: Another intelligence agency.
4. War. “You”: Field commander and central command.“They”: Opposing army.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Encryption and Decryption1. Simple idea: “You” want to send communications that
“they” won’t understand, even if the transmission isintercepted.
2. Internet commerce.
“You”: Provider and client. “They”:Hackers, identity thieves.
3. Intelligence. “You”: Operative and correspondingintelligence agency. “They”: Another intelligence agency.
4. War. “You”: Field commander and central command.“They”: Opposing army.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Encryption and Decryption1. Simple idea: “You” want to send communications that
“they” won’t understand, even if the transmission isintercepted.
2. Internet commerce. “You”: Provider and client.
“They”:Hackers, identity thieves.
3. Intelligence. “You”: Operative and correspondingintelligence agency. “They”: Another intelligence agency.
4. War. “You”: Field commander and central command.“They”: Opposing army.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Encryption and Decryption1. Simple idea: “You” want to send communications that
“they” won’t understand, even if the transmission isintercepted.
2. Internet commerce. “You”: Provider and client. “They”:Hackers, identity thieves.
3. Intelligence. “You”: Operative and correspondingintelligence agency. “They”: Another intelligence agency.
4. War. “You”: Field commander and central command.“They”: Opposing army.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Encryption and Decryption1. Simple idea: “You” want to send communications that
“they” won’t understand, even if the transmission isintercepted.
2. Internet commerce. “You”: Provider and client. “They”:Hackers, identity thieves.
3. Intelligence.
“You”: Operative and correspondingintelligence agency. “They”: Another intelligence agency.
4. War. “You”: Field commander and central command.“They”: Opposing army.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Encryption and Decryption1. Simple idea: “You” want to send communications that
“they” won’t understand, even if the transmission isintercepted.
2. Internet commerce. “You”: Provider and client. “They”:Hackers, identity thieves.
3. Intelligence. “You”: Operative and correspondingintelligence agency.
“They”: Another intelligence agency.4. War. “You”: Field commander and central command.
“They”: Opposing army.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Encryption and Decryption1. Simple idea: “You” want to send communications that
“they” won’t understand, even if the transmission isintercepted.
2. Internet commerce. “You”: Provider and client. “They”:Hackers, identity thieves.
3. Intelligence. “You”: Operative and correspondingintelligence agency. “They”: Another intelligence agency.
4. War. “You”: Field commander and central command.“They”: Opposing army.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Encryption and Decryption1. Simple idea: “You” want to send communications that
“they” won’t understand, even if the transmission isintercepted.
2. Internet commerce. “You”: Provider and client. “They”:Hackers, identity thieves.
3. Intelligence. “You”: Operative and correspondingintelligence agency. “They”: Another intelligence agency.
4. War.
“You”: Field commander and central command.“They”: Opposing army.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Encryption and Decryption1. Simple idea: “You” want to send communications that
“they” won’t understand, even if the transmission isintercepted.
2. Internet commerce. “You”: Provider and client. “They”:Hackers, identity thieves.
3. Intelligence. “You”: Operative and correspondingintelligence agency. “They”: Another intelligence agency.
4. War. “You”: Field commander and central command.
“They”: Opposing army.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Encryption and Decryption1. Simple idea: “You” want to send communications that
“they” won’t understand, even if the transmission isintercepted.
2. Internet commerce. “You”: Provider and client. “They”:Hackers, identity thieves.
3. Intelligence. “You”: Operative and correspondingintelligence agency. “They”: Another intelligence agency.
4. War. “You”: Field commander and central command.“They”: Opposing army.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Caesarian Cipher
1. In Caesar’s times most people, including Romans, wereilliterate.
2. But that did not make written communications safe. Therewere literate barbarians.
3. Caesarian cipher: Scramble the letters of the alphabet. Forexample, “hello” becomes “ygaap”.
4. To send the message you need to know how to encode themessage: h → y, e → g, l → a, o → p.
5. To read the message you need to know how to decode it:y → h, g → e, a → l, p → o.
6. But for this one, as soon as you can encode, you candecode, too.
7. So sender and recipient must keep the code private, whichis why this is called “private key encryption”.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Caesarian Cipher1. In Caesar’s times most people, including Romans, were
illiterate.
2. But that did not make written communications safe. Therewere literate barbarians.
3. Caesarian cipher: Scramble the letters of the alphabet. Forexample, “hello” becomes “ygaap”.
4. To send the message you need to know how to encode themessage: h → y, e → g, l → a, o → p.
5. To read the message you need to know how to decode it:y → h, g → e, a → l, p → o.
6. But for this one, as soon as you can encode, you candecode, too.
7. So sender and recipient must keep the code private, whichis why this is called “private key encryption”.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Caesarian Cipher1. In Caesar’s times most people, including Romans, were
illiterate.2. But that did not make written communications safe.
Therewere literate barbarians.
3. Caesarian cipher: Scramble the letters of the alphabet. Forexample, “hello” becomes “ygaap”.
4. To send the message you need to know how to encode themessage: h → y, e → g, l → a, o → p.
5. To read the message you need to know how to decode it:y → h, g → e, a → l, p → o.
6. But for this one, as soon as you can encode, you candecode, too.
7. So sender and recipient must keep the code private, whichis why this is called “private key encryption”.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Caesarian Cipher1. In Caesar’s times most people, including Romans, were
illiterate.2. But that did not make written communications safe. There
were literate barbarians.
3. Caesarian cipher: Scramble the letters of the alphabet. Forexample, “hello” becomes “ygaap”.
4. To send the message you need to know how to encode themessage: h → y, e → g, l → a, o → p.
5. To read the message you need to know how to decode it:y → h, g → e, a → l, p → o.
6. But for this one, as soon as you can encode, you candecode, too.
7. So sender and recipient must keep the code private, whichis why this is called “private key encryption”.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Caesarian Cipher1. In Caesar’s times most people, including Romans, were
illiterate.2. But that did not make written communications safe. There
were literate barbarians.3. Caesarian cipher: Scramble the letters of the alphabet.
Forexample, “hello” becomes “ygaap”.
4. To send the message you need to know how to encode themessage: h → y, e → g, l → a, o → p.
5. To read the message you need to know how to decode it:y → h, g → e, a → l, p → o.
6. But for this one, as soon as you can encode, you candecode, too.
7. So sender and recipient must keep the code private, whichis why this is called “private key encryption”.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Caesarian Cipher1. In Caesar’s times most people, including Romans, were
illiterate.2. But that did not make written communications safe. There
were literate barbarians.3. Caesarian cipher: Scramble the letters of the alphabet. For
example, “hello” becomes “ygaap”.
4. To send the message you need to know how to encode themessage: h → y, e → g, l → a, o → p.
5. To read the message you need to know how to decode it:y → h, g → e, a → l, p → o.
6. But for this one, as soon as you can encode, you candecode, too.
7. So sender and recipient must keep the code private, whichis why this is called “private key encryption”.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Caesarian Cipher1. In Caesar’s times most people, including Romans, were
illiterate.2. But that did not make written communications safe. There
were literate barbarians.3. Caesarian cipher: Scramble the letters of the alphabet. For
example, “hello” becomes “ygaap”.4. To send the message you need to know how to encode the
message:
h → y, e → g, l → a, o → p.5. To read the message you need to know how to decode it:
y → h, g → e, a → l, p → o.6. But for this one, as soon as you can encode, you can
decode, too.7. So sender and recipient must keep the code private, which
is why this is called “private key encryption”.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Caesarian Cipher1. In Caesar’s times most people, including Romans, were
illiterate.2. But that did not make written communications safe. There
were literate barbarians.3. Caesarian cipher: Scramble the letters of the alphabet. For
example, “hello” becomes “ygaap”.4. To send the message you need to know how to encode the
message: h → y, e → g, l → a, o → p.
5. To read the message you need to know how to decode it:y → h, g → e, a → l, p → o.
6. But for this one, as soon as you can encode, you candecode, too.
7. So sender and recipient must keep the code private, whichis why this is called “private key encryption”.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Caesarian Cipher1. In Caesar’s times most people, including Romans, were
illiterate.2. But that did not make written communications safe. There
were literate barbarians.3. Caesarian cipher: Scramble the letters of the alphabet. For
example, “hello” becomes “ygaap”.4. To send the message you need to know how to encode the
message: h → y, e → g, l → a, o → p.5. To read the message you need to know how to decode it:
y → h, g → e, a → l, p → o.6. But for this one, as soon as you can encode, you can
decode, too.7. So sender and recipient must keep the code private, which
is why this is called “private key encryption”.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Caesarian Cipher1. In Caesar’s times most people, including Romans, were
illiterate.2. But that did not make written communications safe. There
were literate barbarians.3. Caesarian cipher: Scramble the letters of the alphabet. For
example, “hello” becomes “ygaap”.4. To send the message you need to know how to encode the
message: h → y, e → g, l → a, o → p.5. To read the message you need to know how to decode it:
y → h, g → e, a → l, p → o.
6. But for this one, as soon as you can encode, you candecode, too.
7. So sender and recipient must keep the code private, whichis why this is called “private key encryption”.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Caesarian Cipher1. In Caesar’s times most people, including Romans, were
illiterate.2. But that did not make written communications safe. There
were literate barbarians.3. Caesarian cipher: Scramble the letters of the alphabet. For
example, “hello” becomes “ygaap”.4. To send the message you need to know how to encode the
message: h → y, e → g, l → a, o → p.5. To read the message you need to know how to decode it:
y → h, g → e, a → l, p → o.6. But for this one, as soon as you can encode, you can
decode, too.
7. So sender and recipient must keep the code private, whichis why this is called “private key encryption”.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Caesarian Cipher1. In Caesar’s times most people, including Romans, were
illiterate.2. But that did not make written communications safe. There
were literate barbarians.3. Caesarian cipher: Scramble the letters of the alphabet. For
example, “hello” becomes “ygaap”.4. To send the message you need to know how to encode the
message: h → y, e → g, l → a, o → p.5. To read the message you need to know how to decode it:
y → h, g → e, a → l, p → o.6. But for this one, as soon as you can encode, you can
decode, too.7. So sender and recipient must keep the code private, which
is why this is called “private key encryption”.Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Problems With Private Key Encryption
1. If one of the owners of the key reveals the key, allcommunications are compromised.
2. One captured centurion jeopardizes legions. (“Windtalkers”.)
3. One captured operative jeopardizes a spy network.4. It does not matter how sophisticated the private key code
is. From the encoding process, you can find the decodingprocess. (Enigma.)
5. But somehow, even though the encoding mechanism forinternet transactions is public, internet transactions areconsidered safe???
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Problems With Private Key Encryption1. If one of the owners of the key reveals the key, all
communications are compromised.
2. One captured centurion jeopardizes legions. (“Windtalkers”.)
3. One captured operative jeopardizes a spy network.4. It does not matter how sophisticated the private key code
is. From the encoding process, you can find the decodingprocess. (Enigma.)
5. But somehow, even though the encoding mechanism forinternet transactions is public, internet transactions areconsidered safe???
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Problems With Private Key Encryption1. If one of the owners of the key reveals the key, all
communications are compromised.2. One captured centurion jeopardizes legions.
(“Windtalkers”.)
3. One captured operative jeopardizes a spy network.4. It does not matter how sophisticated the private key code
is. From the encoding process, you can find the decodingprocess. (Enigma.)
5. But somehow, even though the encoding mechanism forinternet transactions is public, internet transactions areconsidered safe???
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Problems With Private Key Encryption1. If one of the owners of the key reveals the key, all
communications are compromised.2. One captured centurion jeopardizes legions. (“Wind
talkers”.)
3. One captured operative jeopardizes a spy network.4. It does not matter how sophisticated the private key code
is. From the encoding process, you can find the decodingprocess. (Enigma.)
5. But somehow, even though the encoding mechanism forinternet transactions is public, internet transactions areconsidered safe???
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Problems With Private Key Encryption1. If one of the owners of the key reveals the key, all
communications are compromised.2. One captured centurion jeopardizes legions. (“Wind
talkers”.)3. One captured operative jeopardizes a spy network.
4. It does not matter how sophisticated the private key codeis. From the encoding process, you can find the decodingprocess. (Enigma.)
5. But somehow, even though the encoding mechanism forinternet transactions is public, internet transactions areconsidered safe???
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Problems With Private Key Encryption1. If one of the owners of the key reveals the key, all
communications are compromised.2. One captured centurion jeopardizes legions. (“Wind
talkers”.)3. One captured operative jeopardizes a spy network.4. It does not matter how sophisticated the private key code
is. From the encoding process, you can find the decodingprocess. (Enigma.)
5. But somehow, even though the encoding mechanism forinternet transactions is public, internet transactions areconsidered safe???
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Problems With Private Key Encryption1. If one of the owners of the key reveals the key, all
communications are compromised.2. One captured centurion jeopardizes legions. (“Wind
talkers”.)3. One captured operative jeopardizes a spy network.4. It does not matter how sophisticated the private key code
is. From the encoding process, you can find the decodingprocess. (Enigma.)
5. But somehow, even though the encoding mechanism forinternet transactions is public, internet transactions areconsidered safe
???
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Problems With Private Key Encryption1. If one of the owners of the key reveals the key, all
communications are compromised.2. One captured centurion jeopardizes legions. (“Wind
talkers”.)3. One captured operative jeopardizes a spy network.4. It does not matter how sophisticated the private key code
is. From the encoding process, you can find the decodingprocess. (Enigma.)
5. But somehow, even though the encoding mechanism forinternet transactions is public, internet transactions areconsidered safe???
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Public Key Encryption
1. The problems with private key encryption would beresolved if the decoding mechanism could not be (easily)obtained from the encoding mechanism.1.1 One captured centurion’s code would not reveal what the
others are sending (did not happen).1.2 One captured operative would not be a problem (did not
happen until late 1970s).1.3 Internet transmissions could be considered safe. (We do
consider them as safe as can be.)2. But how do you get something like that?3. Make breaking the code depend on being able to solve a
hard problem, like the factorization of a large number.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Public Key Encryption1. The problems with private key encryption would be
resolved if the decoding mechanism could not be (easily)obtained from the encoding mechanism.
1.1 One captured centurion’s code would not reveal what theothers are sending (did not happen).
1.2 One captured operative would not be a problem (did nothappen until late 1970s).
1.3 Internet transmissions could be considered safe. (We doconsider them as safe as can be.)
2. But how do you get something like that?3. Make breaking the code depend on being able to solve a
hard problem, like the factorization of a large number.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Public Key Encryption1. The problems with private key encryption would be
resolved if the decoding mechanism could not be (easily)obtained from the encoding mechanism.1.1 One captured centurion’s code would not reveal what the
others are sending (did not happen).
1.2 One captured operative would not be a problem (did nothappen until late 1970s).
1.3 Internet transmissions could be considered safe. (We doconsider them as safe as can be.)
2. But how do you get something like that?3. Make breaking the code depend on being able to solve a
hard problem, like the factorization of a large number.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Public Key Encryption1. The problems with private key encryption would be
resolved if the decoding mechanism could not be (easily)obtained from the encoding mechanism.1.1 One captured centurion’s code would not reveal what the
others are sending (did not happen).1.2 One captured operative would not be a problem (did not
happen until late 1970s).
1.3 Internet transmissions could be considered safe. (We doconsider them as safe as can be.)
2. But how do you get something like that?3. Make breaking the code depend on being able to solve a
hard problem, like the factorization of a large number.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Public Key Encryption1. The problems with private key encryption would be
resolved if the decoding mechanism could not be (easily)obtained from the encoding mechanism.1.1 One captured centurion’s code would not reveal what the
others are sending (did not happen).1.2 One captured operative would not be a problem (did not
happen until late 1970s).1.3 Internet transmissions could be considered safe.
(We doconsider them as safe as can be.)
2. But how do you get something like that?3. Make breaking the code depend on being able to solve a
hard problem, like the factorization of a large number.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Public Key Encryption1. The problems with private key encryption would be
resolved if the decoding mechanism could not be (easily)obtained from the encoding mechanism.1.1 One captured centurion’s code would not reveal what the
others are sending (did not happen).1.2 One captured operative would not be a problem (did not
happen until late 1970s).1.3 Internet transmissions could be considered safe. (We do
consider them as safe as can be.)
2. But how do you get something like that?3. Make breaking the code depend on being able to solve a
hard problem, like the factorization of a large number.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Public Key Encryption1. The problems with private key encryption would be
resolved if the decoding mechanism could not be (easily)obtained from the encoding mechanism.1.1 One captured centurion’s code would not reveal what the
others are sending (did not happen).1.2 One captured operative would not be a problem (did not
happen until late 1970s).1.3 Internet transmissions could be considered safe. (We do
consider them as safe as can be.)2. But how do you get something like that?
3. Make breaking the code depend on being able to solve ahard problem, like the factorization of a large number.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Public Key Encryption1. The problems with private key encryption would be
resolved if the decoding mechanism could not be (easily)obtained from the encoding mechanism.1.1 One captured centurion’s code would not reveal what the
others are sending (did not happen).1.2 One captured operative would not be a problem (did not
happen until late 1970s).1.3 Internet transmissions could be considered safe. (We do
consider them as safe as can be.)2. But how do you get something like that?3. Make breaking the code depend on being able to solve a
hard problem, like the factorization of a large number.
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition.
Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors.
Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).
Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof.
Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m).
Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.
Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b.
Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).
Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}.
For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).
Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m)
, which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m).
But then A :={[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements
and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them.
Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m.
So A ={[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}
and [1]m ∈ A. Hence thereis a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A.
Hence thereis a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m
, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proposition. Let x,m ∈N have no common factors. Then for allc ∈ N that are not divisible by m, we have that cx 6≡ 0 (mod m).Moreover, there is a y ∈ N so that xy ≡ 1 (mod m).
Proof. Let b ∈ N be so that bx ≡ 0 (mod m). Then m|bx.Because x and m do not have any common factors, m|b. Hence,if c is not divisible by m, then cx 6≡ 0 (mod m).Now consider {xy : y = 1, . . . ,m−1}. For any two distincty1,y2 ∈ {1, . . . ,m−1} with y1 < y2 we have that m - (y2− y1).Hence, x(y2− y1) 6≡ 0 (mod m), which means thatxy1 6≡ xy2 (mod m). But then A :=
{[xy]m : y = 1, . . . ,m−1
}has m−1 distinct elements and [0]m is not one of them. Thereare exactly m−1 equivalence classes modulo m that are not[0]m. So A =
{[z]m : z = 1, . . . ,m−1
}and [1]m ∈ A. Hence there
is a y ∈ {1, . . . ,m−1} so that [x]m · [y]m = [1]m, that is, so thatxy ≡ 1 (mod m).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem.
Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem.
Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.
Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p).
Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof.
Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N.
We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.
Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.
Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p
=p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k
= 1+ap +p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)
≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a.
There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p).
Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p)
impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p)
, which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Theorem. Fermat’s Little Theorem. Let p be a prime number.Then for every a ∈ N we have that ap ≡ a (mod p). Moreover,for every a ∈ N that is not divisible by p we have thatap−1 ≡ 1 (mod p).
Proof. Let a ∈ N. We prove ap ≡ a (mod p) by induction on a.Base step a = 1: obvious.Induction step.
(a+1)p =p
∑k=0
(pk
)ak1p−k = 1+ap +
p−1
∑k=1
(pk
)ak
≡ 1+ap (mod p)≡ 1+a (mod p)
Now let a ∈ N be so that p - a. There is a b ∈ N withab ≡ 1 (mod p). Hence ap ≡ a (mod p) impliesapb ≡ ab (mod p), which implies ap−1 ≡ 1 (mod p).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
RSA Encryption
1. R. Rivest, A. Shamir, L. Adleman, (1978) A Method forObtaining Digital Signatures and Public-KeyCryptosystems, Communications of the ACM 21, 120-126
2. p, q: fixed, distinct prime numbers3. n := pq (must be hard to factor, so large, proprietary prime
numbers are used)4. ϕ(n) := (p−1)(q−1)5. e ∈
{2, . . . ,ϕ(n)−1
}must be so that
(e,ϕ(n)
)= 1 (there
is an efficient algorithm to check e)6. d is so that de ≡ 1
(mod ϕ(n)
), (there is an efficient
algorithm to find d)7. (n,e) is the public key (disseminated)8. d is the private key (kept secret)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
RSA Encryption1. R. Rivest, A. Shamir, L. Adleman, (1978) A Method for
Obtaining Digital Signatures and Public-KeyCryptosystems, Communications of the ACM 21, 120-126
2. p, q: fixed, distinct prime numbers3. n := pq (must be hard to factor, so large, proprietary prime
numbers are used)4. ϕ(n) := (p−1)(q−1)5. e ∈
{2, . . . ,ϕ(n)−1
}must be so that
(e,ϕ(n)
)= 1 (there
is an efficient algorithm to check e)6. d is so that de ≡ 1
(mod ϕ(n)
), (there is an efficient
algorithm to find d)7. (n,e) is the public key (disseminated)8. d is the private key (kept secret)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
RSA Encryption1. R. Rivest, A. Shamir, L. Adleman, (1978) A Method for
Obtaining Digital Signatures and Public-KeyCryptosystems, Communications of the ACM 21, 120-126
2. p, q: fixed, distinct prime numbers
3. n := pq (must be hard to factor, so large, proprietary primenumbers are used)
4. ϕ(n) := (p−1)(q−1)5. e ∈
{2, . . . ,ϕ(n)−1
}must be so that
(e,ϕ(n)
)= 1 (there
is an efficient algorithm to check e)6. d is so that de ≡ 1
(mod ϕ(n)
), (there is an efficient
algorithm to find d)7. (n,e) is the public key (disseminated)8. d is the private key (kept secret)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
RSA Encryption1. R. Rivest, A. Shamir, L. Adleman, (1978) A Method for
Obtaining Digital Signatures and Public-KeyCryptosystems, Communications of the ACM 21, 120-126
2. p, q: fixed, distinct prime numbers3. n := pq (must be hard to factor, so large, proprietary prime
numbers are used)
4. ϕ(n) := (p−1)(q−1)5. e ∈
{2, . . . ,ϕ(n)−1
}must be so that
(e,ϕ(n)
)= 1 (there
is an efficient algorithm to check e)6. d is so that de ≡ 1
(mod ϕ(n)
), (there is an efficient
algorithm to find d)7. (n,e) is the public key (disseminated)8. d is the private key (kept secret)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
RSA Encryption1. R. Rivest, A. Shamir, L. Adleman, (1978) A Method for
Obtaining Digital Signatures and Public-KeyCryptosystems, Communications of the ACM 21, 120-126
2. p, q: fixed, distinct prime numbers3. n := pq (must be hard to factor, so large, proprietary prime
numbers are used)4. ϕ(n) := (p−1)(q−1)
5. e ∈{
2, . . . ,ϕ(n)−1}
must be so that(e,ϕ(n)
)= 1 (there
is an efficient algorithm to check e)6. d is so that de ≡ 1
(mod ϕ(n)
), (there is an efficient
algorithm to find d)7. (n,e) is the public key (disseminated)8. d is the private key (kept secret)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
RSA Encryption1. R. Rivest, A. Shamir, L. Adleman, (1978) A Method for
Obtaining Digital Signatures and Public-KeyCryptosystems, Communications of the ACM 21, 120-126
2. p, q: fixed, distinct prime numbers3. n := pq (must be hard to factor, so large, proprietary prime
numbers are used)4. ϕ(n) := (p−1)(q−1)5. e ∈
{2, . . . ,ϕ(n)−1
}must be so that
(e,ϕ(n)
)= 1
(thereis an efficient algorithm to check e)
6. d is so that de ≡ 1(mod ϕ(n)
), (there is an efficient
algorithm to find d)7. (n,e) is the public key (disseminated)8. d is the private key (kept secret)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
RSA Encryption1. R. Rivest, A. Shamir, L. Adleman, (1978) A Method for
Obtaining Digital Signatures and Public-KeyCryptosystems, Communications of the ACM 21, 120-126
2. p, q: fixed, distinct prime numbers3. n := pq (must be hard to factor, so large, proprietary prime
numbers are used)4. ϕ(n) := (p−1)(q−1)5. e ∈
{2, . . . ,ϕ(n)−1
}must be so that
(e,ϕ(n)
)= 1 (there
is an efficient algorithm to check e)
6. d is so that de ≡ 1(mod ϕ(n)
), (there is an efficient
algorithm to find d)7. (n,e) is the public key (disseminated)8. d is the private key (kept secret)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
RSA Encryption1. R. Rivest, A. Shamir, L. Adleman, (1978) A Method for
Obtaining Digital Signatures and Public-KeyCryptosystems, Communications of the ACM 21, 120-126
2. p, q: fixed, distinct prime numbers3. n := pq (must be hard to factor, so large, proprietary prime
numbers are used)4. ϕ(n) := (p−1)(q−1)5. e ∈
{2, . . . ,ϕ(n)−1
}must be so that
(e,ϕ(n)
)= 1 (there
is an efficient algorithm to check e)6. d is so that de ≡ 1
(mod ϕ(n)
),
(there is an efficientalgorithm to find d)
7. (n,e) is the public key (disseminated)8. d is the private key (kept secret)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
RSA Encryption1. R. Rivest, A. Shamir, L. Adleman, (1978) A Method for
Obtaining Digital Signatures and Public-KeyCryptosystems, Communications of the ACM 21, 120-126
2. p, q: fixed, distinct prime numbers3. n := pq (must be hard to factor, so large, proprietary prime
numbers are used)4. ϕ(n) := (p−1)(q−1)5. e ∈
{2, . . . ,ϕ(n)−1
}must be so that
(e,ϕ(n)
)= 1 (there
is an efficient algorithm to check e)6. d is so that de ≡ 1
(mod ϕ(n)
), (there is an efficient
algorithm to find d)
7. (n,e) is the public key (disseminated)8. d is the private key (kept secret)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
RSA Encryption1. R. Rivest, A. Shamir, L. Adleman, (1978) A Method for
Obtaining Digital Signatures and Public-KeyCryptosystems, Communications of the ACM 21, 120-126
2. p, q: fixed, distinct prime numbers3. n := pq (must be hard to factor, so large, proprietary prime
numbers are used)4. ϕ(n) := (p−1)(q−1)5. e ∈
{2, . . . ,ϕ(n)−1
}must be so that
(e,ϕ(n)
)= 1 (there
is an efficient algorithm to check e)6. d is so that de ≡ 1
(mod ϕ(n)
), (there is an efficient
algorithm to find d)7. (n,e) is the public key (disseminated)
8. d is the private key (kept secret)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
RSA Encryption1. R. Rivest, A. Shamir, L. Adleman, (1978) A Method for
Obtaining Digital Signatures and Public-KeyCryptosystems, Communications of the ACM 21, 120-126
2. p, q: fixed, distinct prime numbers3. n := pq (must be hard to factor, so large, proprietary prime
numbers are used)4. ϕ(n) := (p−1)(q−1)5. e ∈
{2, . . . ,ϕ(n)−1
}must be so that
(e,ϕ(n)
)= 1 (there
is an efficient algorithm to check e)6. d is so that de ≡ 1
(mod ϕ(n)
), (there is an efficient
algorithm to find d)7. (n,e) is the public key (disseminated)8. d is the private key (kept secret)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Sending Messages
1. The message is a large number m smaller than n (or astring of numbers). Group letters in blocks and encodethem with numbers. Make sure a cryptoquote styleapproach is unlikely to break the code.
2. Encrypted message: c :≡ me (mod n) (use the positiverepresentative smaller than n for convenience).
3. Decrypted message: Representative of[cd]
n that is in{0, . . . ,n−1}.
Why does this work?
Theorem. RSA encryption. With notation as above, ifc ≡ me (mod n), then cd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Sending Messages1. The message is a large number m smaller than n (or a
string of numbers).
Group letters in blocks and encodethem with numbers. Make sure a cryptoquote styleapproach is unlikely to break the code.
2. Encrypted message: c :≡ me (mod n) (use the positiverepresentative smaller than n for convenience).
3. Decrypted message: Representative of[cd]
n that is in{0, . . . ,n−1}.
Why does this work?
Theorem. RSA encryption. With notation as above, ifc ≡ me (mod n), then cd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Sending Messages1. The message is a large number m smaller than n (or a
string of numbers). Group letters in blocks and encodethem with numbers.
Make sure a cryptoquote styleapproach is unlikely to break the code.
2. Encrypted message: c :≡ me (mod n) (use the positiverepresentative smaller than n for convenience).
3. Decrypted message: Representative of[cd]
n that is in{0, . . . ,n−1}.
Why does this work?
Theorem. RSA encryption. With notation as above, ifc ≡ me (mod n), then cd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Sending Messages1. The message is a large number m smaller than n (or a
string of numbers). Group letters in blocks and encodethem with numbers. Make sure a cryptoquote styleapproach is unlikely to break the code.
2. Encrypted message: c :≡ me (mod n) (use the positiverepresentative smaller than n for convenience).
3. Decrypted message: Representative of[cd]
n that is in{0, . . . ,n−1}.
Why does this work?
Theorem. RSA encryption. With notation as above, ifc ≡ me (mod n), then cd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Sending Messages1. The message is a large number m smaller than n (or a
string of numbers). Group letters in blocks and encodethem with numbers. Make sure a cryptoquote styleapproach is unlikely to break the code.
2. Encrypted message: c :≡ me (mod n) (use the positiverepresentative smaller than n for convenience).
3. Decrypted message: Representative of[cd]
n that is in{0, . . . ,n−1}.
Why does this work?
Theorem. RSA encryption. With notation as above, ifc ≡ me (mod n), then cd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Sending Messages1. The message is a large number m smaller than n (or a
string of numbers). Group letters in blocks and encodethem with numbers. Make sure a cryptoquote styleapproach is unlikely to break the code.
2. Encrypted message: c :≡ me (mod n) (use the positiverepresentative smaller than n for convenience).
3. Decrypted message: Representative of[cd]
n that is in{0, . . . ,n−1}.
Why does this work?
Theorem. RSA encryption. With notation as above, ifc ≡ me (mod n), then cd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Sending Messages1. The message is a large number m smaller than n (or a
string of numbers). Group letters in blocks and encodethem with numbers. Make sure a cryptoquote styleapproach is unlikely to break the code.
2. Encrypted message: c :≡ me (mod n) (use the positiverepresentative smaller than n for convenience).
3. Decrypted message: Representative of[cd]
n that is in{0, . . . ,n−1}.
Why does this work?
Theorem. RSA encryption. With notation as above, ifc ≡ me (mod n), then cd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Sending Messages1. The message is a large number m smaller than n (or a
string of numbers). Group letters in blocks and encodethem with numbers. Make sure a cryptoquote styleapproach is unlikely to break the code.
2. Encrypted message: c :≡ me (mod n) (use the positiverepresentative smaller than n for convenience).
3. Decrypted message: Representative of[cd]
n that is in{0, . . . ,n−1}.
Why does this work?
Theorem.
RSA encryption. With notation as above, ifc ≡ me (mod n), then cd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Sending Messages1. The message is a large number m smaller than n (or a
string of numbers). Group letters in blocks and encodethem with numbers. Make sure a cryptoquote styleapproach is unlikely to break the code.
2. Encrypted message: c :≡ me (mod n) (use the positiverepresentative smaller than n for convenience).
3. Decrypted message: Representative of[cd]
n that is in{0, . . . ,n−1}.
Why does this work?
Theorem. RSA encryption.
With notation as above, ifc ≡ me (mod n), then cd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Sending Messages1. The message is a large number m smaller than n (or a
string of numbers). Group letters in blocks and encodethem with numbers. Make sure a cryptoquote styleapproach is unlikely to break the code.
2. Encrypted message: c :≡ me (mod n) (use the positiverepresentative smaller than n for convenience).
3. Decrypted message: Representative of[cd]
n that is in{0, . . . ,n−1}.
Why does this work?
Theorem. RSA encryption. With notation as above, ifc ≡ me (mod n), then cd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof.
cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd
≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d
≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).
Now, de ≡ 1(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
).
That is, there are x and y so thated = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).
Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m.
By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain
cd ≡ med = m1+x(p−1) =(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd
≡ med = m1+x(p−1) =(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med
= m1+x(p−1) =(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1)
=(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m
≡ m (mod p).Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m.
If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, then
cd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd
≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med
≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed
≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡
0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡
m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).
Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Proof. cd ≡ (me)d ≡ med (mod n).Now, de ≡ 1
(mod (p−1)(q−1)
), so de ≡ 1
(mod p−1
)and
de ≡ 1(mod q−1
). That is, there are x and y so that
ed = 1+ x(p−1) = 1+ y(q−1).Case 1: p - m. By Fermat’s Little Theorem, used in the last step,we obtain cd ≡ med = m1+x(p−1) =
(mp−1)x m ≡ m (mod p).
Case 2: p|m. If m is a multiple of p, thencd ≡ med ≡ 0ed ≡ 0 ≡ m (mod p).Similarly, we prove that cd ≡ m (mod q), which impliescd ≡ m (mod n).
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Why Is It Safe?
1. To break the code, an attacker would need d.2. d can be generated from e and ϕ(n).3. ϕ(n) can be generated from p and q.4. p and q can in principle be obtained from n. But that’s the
key to safety. Factoring large numbers is hard.5. There might be fast factorization algorithms (that would
win a Clay Millennium Prize).6. Quantum computers could do it (but we can’t build them
yet).7. So for the time being, public key encryption is safe. (In my
opinion, it will be a while.)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Why Is It Safe?1. To break the code, an attacker would need d.
2. d can be generated from e and ϕ(n).3. ϕ(n) can be generated from p and q.4. p and q can in principle be obtained from n. But that’s the
key to safety. Factoring large numbers is hard.5. There might be fast factorization algorithms (that would
win a Clay Millennium Prize).6. Quantum computers could do it (but we can’t build them
yet).7. So for the time being, public key encryption is safe. (In my
opinion, it will be a while.)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Why Is It Safe?1. To break the code, an attacker would need d.2. d can be generated from e and ϕ(n).
3. ϕ(n) can be generated from p and q.4. p and q can in principle be obtained from n. But that’s the
key to safety. Factoring large numbers is hard.5. There might be fast factorization algorithms (that would
win a Clay Millennium Prize).6. Quantum computers could do it (but we can’t build them
yet).7. So for the time being, public key encryption is safe. (In my
opinion, it will be a while.)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Why Is It Safe?1. To break the code, an attacker would need d.2. d can be generated from e and ϕ(n).3. ϕ(n) can be generated from p and q.
4. p and q can in principle be obtained from n. But that’s thekey to safety. Factoring large numbers is hard.
5. There might be fast factorization algorithms (that wouldwin a Clay Millennium Prize).
6. Quantum computers could do it (but we can’t build themyet).
7. So for the time being, public key encryption is safe. (In myopinion, it will be a while.)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Why Is It Safe?1. To break the code, an attacker would need d.2. d can be generated from e and ϕ(n).3. ϕ(n) can be generated from p and q.4. p and q can in principle be obtained from n.
But that’s thekey to safety. Factoring large numbers is hard.
5. There might be fast factorization algorithms (that wouldwin a Clay Millennium Prize).
6. Quantum computers could do it (but we can’t build themyet).
7. So for the time being, public key encryption is safe. (In myopinion, it will be a while.)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Why Is It Safe?1. To break the code, an attacker would need d.2. d can be generated from e and ϕ(n).3. ϕ(n) can be generated from p and q.4. p and q can in principle be obtained from n. But that’s the
key to safety.
Factoring large numbers is hard.5. There might be fast factorization algorithms (that would
win a Clay Millennium Prize).6. Quantum computers could do it (but we can’t build them
yet).7. So for the time being, public key encryption is safe. (In my
opinion, it will be a while.)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Why Is It Safe?1. To break the code, an attacker would need d.2. d can be generated from e and ϕ(n).3. ϕ(n) can be generated from p and q.4. p and q can in principle be obtained from n. But that’s the
key to safety. Factoring large numbers is hard.
5. There might be fast factorization algorithms (that wouldwin a Clay Millennium Prize).
6. Quantum computers could do it (but we can’t build themyet).
7. So for the time being, public key encryption is safe. (In myopinion, it will be a while.)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Why Is It Safe?1. To break the code, an attacker would need d.2. d can be generated from e and ϕ(n).3. ϕ(n) can be generated from p and q.4. p and q can in principle be obtained from n. But that’s the
key to safety. Factoring large numbers is hard.5. There might be fast factorization algorithms (that would
win a Clay Millennium Prize).
6. Quantum computers could do it (but we can’t build themyet).
7. So for the time being, public key encryption is safe. (In myopinion, it will be a while.)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Why Is It Safe?1. To break the code, an attacker would need d.2. d can be generated from e and ϕ(n).3. ϕ(n) can be generated from p and q.4. p and q can in principle be obtained from n. But that’s the
key to safety. Factoring large numbers is hard.5. There might be fast factorization algorithms (that would
win a Clay Millennium Prize).6. Quantum computers could do it (but we can’t build them
yet).
7. So for the time being, public key encryption is safe. (In myopinion, it will be a while.)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Why Is It Safe?1. To break the code, an attacker would need d.2. d can be generated from e and ϕ(n).3. ϕ(n) can be generated from p and q.4. p and q can in principle be obtained from n. But that’s the
key to safety. Factoring large numbers is hard.5. There might be fast factorization algorithms (that would
win a Clay Millennium Prize).6. Quantum computers could do it (but we can’t build them
yet).7. So for the time being, public key encryption is safe.
(In myopinion, it will be a while.)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption
logo1
Overview Needed Theorems RSA Encryption
Why Is It Safe?1. To break the code, an attacker would need d.2. d can be generated from e and ϕ(n).3. ϕ(n) can be generated from p and q.4. p and q can in principle be obtained from n. But that’s the
key to safety. Factoring large numbers is hard.5. There might be fast factorization algorithms (that would
win a Clay Millennium Prize).6. Quantum computers could do it (but we can’t build them
yet).7. So for the time being, public key encryption is safe. (In my
opinion, it will be a while.)
Bernd Schroder Louisiana Tech University, College of Engineering and Science
Public Key (RSA) Encryption