Modular Arithmetic & RSA Encryption

Philip Tromans http://pjtlog.blogspot.com/ March 2008

1

Introduction

With the rise of the internet, information security has become enormously important to every internet user. After all, no-one wants their credit card details stolen when they shop online. All modern cryptography (the art of encoding messages so that only the desired recipient can understand the message) is based on maths, and huge amounts of money are directed at research into these fields. In this talk we intend to explore the most prominent form of encryption used on the internet (RSA encryption) and some of the theory that makes us believe it’s safe to use. As for the exercises in this set of notes, don’t be worried if you can’t do all of them. The first few are generally intended to be do-able, but the latter ones are supposed to be hard, and are supposed to stretch you (hopefully you’ll find them interesting too).

2

Prime numbers

Prime numbers are sometimes said to be the building blocks of the number system. A number is prime if and only if the only two numbers that divide it are 1 and itself. For example: 11, 17, 23 and 2 are all prime, and 4 and 33 aren’t prime as 4 = 2 × 2 and 33 = 3 × 11. Every number that isn’t prime can be expressed as a product of primes, for example: 53158732 = 2 × 2 × 11 × 19 × 63587 Note: 1 is defined not to be a prime.

2.1

Coprime numbers

Two numbers are coprime if they don’t share any common factors. If they don’t have any common factors, then they definitely can’t have any common prime factors (if you can’t see why that’s true, then think about it for a little while or ask someone). So for example, 9 and 10 are coprime as 9 = 3 × 3 and 10 = 2 × 5, and 8 and 12 are not coprime as 8 = 2 × 2 × 2 and 12 = 2 × 2 × 3 (both have a factor of 2). Note: 1 is coprime to every number apart from 1 (and anything being coprime to 0 makes no sense).

2.2

Exercises

1. Which of 68, 50, 37, 97, 5, 43 are prime? If not, why not? 2. Express 18 as a product of primes. 3. Are any two different prime numbers coprime? 4. What’s the highest common factor (HCF) of any two coprime numbers?

1

5. Is x3 prime where x is any positive integer (i.e. a counting number: 1, 2, 3 . . . ). 6. Consider the sequence of numbers: 41, 43, 47, 53, 61, . . . (where the difference between each pair of numbers increases by 2 each time). Are all of these numbers in the sequence (up to infinity) prime?

3

Euler’s Totient Function, φ(x)

Euler’s totient function is generally written φ(x), and only exists when x is a positive integer. It is defined by: φ(x) = the number of positive integers less than x (and greater than or equal to 1) that are coprime to x. For example: φ(9) = 6 as 1, 2, 4, 5, 7 and 8 are coprime to 9. Also, φ(13) = 12 as 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12 are all coprime to 13.

3.1

Properties

(You might like to write reasons why this is true after it’s been explained on the board). For a prime number p: φ(p) = p − 1 φ(p2 ) = p2 − p For distinct primes p, q: φ(pq) = pq − q − p + 1 = (p − 1)(q − 1)

3.2

Exercises

1. Calculate φ(16), φ(21), φ(25), φ(7).

4

Modular Arithmetic

You might not have ever heard of modular arithmetic, but the chances are you use it every day. It’s just a posh name for arithmetic on remainders. For example, when you tell the time, if it’s 2pm you say it’s 2 o’clock and not 14 o’clock. We say that the time is told mod 12 (mod stands for modulo). We write this as: t≡2 (mod 12)

What this means is ”when t is divided by 12, the remainder is 2”. Some more examples are: 7 ≡ 2 (mod 5), 6 ≡ 0 (mod 6).

4.1

Exercises
(mod 3), 6 (mod 4), 100 (mod 9).

1. Calculate 7

2. What is p + 3 (mod p) for any postive integer p bigger than 3?. 3. What is p2 (mod p) for any positive integer p?. What about p2 + p + 1 (mod p)?

4. Does 2x ≡ 3 (mod 6) have any solutions if x is a positive integer? (if it does, state one, if not then say why not) 5. Solve 2x ≡ 4 (mod 6). 2

5

Encryption

Encryption is the art of transforming text (called a plaintext) so that it is unreadable unless you have special knowledge (a key). So, if you want to communicate in secret with someone, you give them a key (and you have the same key) and encrypt some information for them. If this is intercepted by someone else, then in an ideal world it is useless to them, as they don’t have the key. If the message is received as intended, then that person has the key and can decrypt it, and read the contents.

5.1

The Key Distribution Problem

Think of a way of encryption (say swap A with B, B with C, C with D, ..., Z with A). Chances are, you’ve thought of something that is symmetric. This means that you need the same key to decrypt it as to encrypt it.
Plaintext Ciphertext

Key

Now imagine you are somewhere where all your communications are intercepted. How will you get the key to the recipient? This is what is known as the key distribution problem. What we need is an asymmetric cipher, i.e. one where there is a different encryption key and decryption key (and ideally it needs to be hard to work out the decryption key from the encryption key).
Decryption Key Plaintext Encryption Key Ciphertext

With this setup, you can publish your encryption key (write it on your door or whatever) and keep your decryption key secret. Then, if anyone wants to communicate with you, then they just encrypt it using your encryption key, and only you should be able to decrypt and read the message. One such algorithm exists and is called RSA (after the initials of its inventors).

6

RSA Encryption

Before we can actually look at the RSA algorithm, we need one more tool. It’s called the Fermat-Euler Theorem. Note: This section is the hardest so far, and takes the ideas from before and makes quite a lot of use of them. Don’t be put off if you don’t understand this straight away. It’s meant to be challenging.

6.1

The Fermat-Euler Theorem
aφ(n) ≡ 1 (mod n)

The Fermat-Euler Theorem states that:

for all integers a in the range 1 . . . n (not including n) that are coprime to n. This is quite a complicated statement, so read it a few times to make sure you’ve understood it. Proving this isn’t too hard, but we don’t have time to do it now. It requires a bit more background in modular arithmetic, but if you’re interested then either me or one of your maths teachers would be happy

3

to help. To help us believe that it might be true, let’s see an example: working mod 5. φ(5) = 4. And we can see by calculation that: 14 ≡ 1 (mod 5) 24 = 16 ≡ 1 (mod 5) 34 = 81 ≡ 1 (mod 5) 44 = 256 ≡ 1 (mod 5) You might like to try it with some other values of n (but make sure you only check it for values of a that are coprime to n!) and check that the theorem’s true for these values too.

6.2
6.2.1

The RSA Algorithm
Encryption

1. Let our message (or part of our message) be m, and make sure this m is an integer (as encryption is going to involve modular arithemetic). 2. Choose two large prime numbers, p and q (say each is 200 digits long), and let n = p × q and store n somewhere. 3. Now calculate the totient, φ(n). But this is easy as: φ(n) = φ(pq) = (p − 1)(q − 1) So this is just multiplication and subtraction (both of which a computer can do very very quickly). 4. We now choose an integer e which is between 1 and φ(n) such that e and φ(n) are coprime (so that they share no factors). This e is called the coding exponent and this is what you publish (along with n) if you want people to be able to send encrypted messages to you. 5. To encrypt a message m, all that we do is raise it to the power e, working modulo n, i.e.: x = me and we call x the ciphertext. 6.2.2 Decryption (mod n)

Decrypting a message is easy if you know what the values of p and q were from before. 1. Just like we had an ”coding exponent” (which we called e), we also have a ”decoding exponent” which shall be called d. We know (from the Fermat-Euler theorem) that: xφ(n) ≡ 1 (mod n)

(this assumes that x is coprime to n but this turns out to be true). So: xkφ(n) ≡ 1 (mod n) for any integer k. So: xkφ(n)+1 ≡ x (mod n) (just by multiplying each side by x).

4

2. So, we need to set up our decoding exponent (d) so that: (me )d ≡ m This is is done by picking d so that: de ≡ 1 (mod φ(n)) which it turns out is fairly easy to do1 . This is only easy to do because we know what the value of φ(n) is, because we know what the values of p and q are. 3. Let the encrypted message (ciphertext) we receive be x, and hopefully the decrypted value will be the original m. m = xd (mod n) 6.2.3 Summary To Encode x → xe (mod n) Need to know n and e (which have been published). To Decode x → xd (mod n) Need to know n and d. (mod n)

So, encryption is always easy, and decryption is easy if we know n and d. However, d is always kept secret (which is why it’s called a private key) so that only we can decrypt messages intended for us. 6.2.4 Decryption by an enemy

If we don’t know what d is, then we can calculate it if we know what φ(n) is (which is what we did in the last section). n is publicly available (it’s part of someone’s public key) and we even know that n is two big primes multiplied together. But if we don’t know what the values of p and q are then we have to find them (so that we can calculate φ(n) = φ(pq) = (p − 1)(q − 1)) because there is no way of calculating φ(n) without them! To the best of public knowledge, there is no way of finding out what p and q are other than brute force (i.e. starting from 1 and manually checking every number between 1 and n to see whether it’s coprime to n), and the numbers chosen are always very very large (so that the amount of time taken to find the decryption key is expected to be many times the lifetime of the universe).

6.3

Exercises

1. When we’re working out xe (mod n), if we just multiply x by itself e times, this is likely to take a long time. What’s a quicker way of working it out? 2. It turns out that in practice RSA is pretty slow (lots of big numbers to multiply etc...). Bearing in mind that there are lots of very strong and very fast symmetric ciphers, what might the best use of something like RSA be in practice? (Hint: think about the key distribution problem). 3. The numbers 3, 5 and 7 are all prime. Does it ever happen again that there are numbers n, n + 2, n + 4 that are all prime? This work is licensed under a Creative Commons Attribution-Share Alike 3.0 Unported License, see http://creativecommons.org/licenses/by-sa/3.0/ for details.

1 This uses something called Euclid’s algorithm. http://en.wikipedia.org/wiki/Euclidean algorithm and to see http://en.wikipedia.org/wiki/Linear congruence theorem

To see how to

what solve

Euclid’s algorithm does, see: the above equation, look at:

5

Sign up to vote on this title
UsefulNot useful