cleanup RSA
This commit is contained in:
parent
311719b8a3
commit
808ba8eed5
|
|
@ -2,43 +2,24 @@
|
|||
|
||||
What is interesting about an RSA key:
|
||||
|
||||
`e` is a constant, often it is 65537
|
||||
The modulus is `N` and it is `p * q = N` through factorization. `p` and `q` are primes.
|
||||
|
||||
`n` is the modulus, `p * q = n` through factorization
|
||||
|
||||
Coprime `phi` is calculated either by [Euler
|
||||
Totient](https://en.wikipedia.org/wiki/Euler's_totient_function) or [greatest
|
||||
common divisor](https://en.wikipedia.org/wiki/Greatest_common_divisor) via
|
||||
[euclidean
|
||||
algorithm](https://crypto.stanford.edu/pbc/notes/numbertheory/euclid.html)
|
||||
Coprime $\phi$ is calculated either by [Euler Totient](https://en.wikipedia.org/wiki/Euler's_totient_function) or [greatest common divisor](https://en.wikipedia.org/wiki/Greatest_common_divisor) via [euclidean algorithm](https://crypto.stanford.edu/pbc/notes/numbertheory/euclid.html).
|
||||
|
||||
There is:
|
||||
$$
|
||||
\phi(n) = (p-1)(q-1)
|
||||
\phi(N) = (p-1)(q-1)
|
||||
$$
|
||||
|
||||
and further
|
||||
|
||||
$$
|
||||
1 < \phi < n
|
||||
1\ <\ \phi < N
|
||||
$$
|
||||
|
||||
The public key is `(N, e)`. If you create a real key e.g. through OpenSSH, the default for `e` (encryption) is `65537` or `0x10001` in hex.
|
||||
|
||||
Encryption, public key `e` is a prime between 2 and phi
|
||||
$$
|
||||
2 < e < \phi
|
||||
$$
|
||||
|
||||
|
||||
Decryption, private key `d`
|
||||
$$
|
||||
d\ e\ mod\ \phi(n) \equiv 1
|
||||
$$
|
||||
|
||||
$$
|
||||
d\ e \equiv 1\ (mod\ \phi(n))
|
||||
$$
|
||||
|
||||
`d` is the modular inverse of e and phi and makes the private key.
|
||||
The private key is `(N, d)` and `d` (decryption) is the modular multiplicative inverse of `e` and $\phi$.
|
||||
|
||||
$$
|
||||
Cipher = msg^{d}\ mod\ \phi
|
||||
|
|
@ -48,6 +29,31 @@ $$
|
|||
Cleartext = cipher^{e}\ mod\ \phi
|
||||
$$
|
||||
|
||||
|
||||
Further properties:
|
||||
|
||||
public key `e` is a prime between 2 and phi
|
||||
|
||||
$$
|
||||
2 < e < \phi
|
||||
$$
|
||||
|
||||
Private key `d` is the multiplicative inverse modulo $\phi(N)$
|
||||
|
||||
$$
|
||||
1\ \equiv de\ mod\ \phi(N)
|
||||
$$
|
||||
|
||||
$$
|
||||
de\ \equiv 1\ mod\ \phi(N)
|
||||
$$
|
||||
|
||||
This means `d` can be calculated by
|
||||
|
||||
$$
|
||||
d \equiv\ e^{-1}\ mod\ \phi(N)
|
||||
$$
|
||||
|
||||
---
|
||||
|
||||
`e` and `d` may be found through the following Python snippets
|
||||
|
|
@ -68,7 +74,7 @@ for i in range (phi + 1, phi + foo):
|
|||
|
||||
## Euklid
|
||||
|
||||
Just a short excourse:
|
||||
Just a short excourse:
|
||||
A greatest common divisior out of an example a = 32 and b = 14 would be the
|
||||
groups of the following divisors
|
||||
|
||||
|
|
@ -120,10 +126,10 @@ $$
|
|||
### Modular Inverse
|
||||
|
||||
Coming back to the modular inverse $n$, it can be found in the following way
|
||||
$n^{p-1} \equiv 1\ mod\ p$
|
||||
$n^{p-1} * n^{-1} \equiv n^{-1}\ mod\ p$
|
||||
$n^{p-2} * n * n^-1 \equiv n^{-1}\ mod\ p$
|
||||
$n^{p-2} * 1 \equiv n^{-1}\ mod\ p$
|
||||
$n^{p-1} \equiv 1\ mod\ p$
|
||||
$n^{p-1} * n^{-1} \equiv n^{-1}\ mod\ p$
|
||||
$n^{p-2} * n * n^-1 \equiv n^{-1}\ mod\ p$
|
||||
$n^{p-2} * 1 \equiv n^{-1}\ mod\ p$
|
||||
$n^{p-2} \equiv n^{-1}\ mod\ p$
|
||||
|
||||
## Quadratic Residue
|
||||
|
|
|
|||
Loading…
Reference in New Issue