RSA Algorithm Example
http://www.ruanyifeng.com/blog/2013/07/rsa_algorithm_part_two.html 阮一峰也举了例子进行推导
- Choose p = 3 and q = 11
- Compute n = p * q = 3 * 11 = 33
- Compute φ(n) = (p - 1) * (q - 1) = 2 * 10 = 20
- Choose e such that 1 < e < φ(n) and e and φ (n) are coprime. Let e = 7
- Compute a value for d such that (d * e) % φ(n) = 1. One solution is d = 3 [(3 * 7) % 20 = 1]
- Public key is (e, n) => (7, 33)
- Private key is (d, n) => (3, 33)
- The encryption of m = 2 is c = 27 % 33 = 29
- The decryption of c = 29 is m = 293 % 33 = 2
Let examine one example of RSA encryption and decryption, along with the calculations, following the above formulas. Assume we have generated the RSA public-private key pair:
modulus n = 143
public exponent e = 7
private exponent d = 103
public key = {n, e} = {143, 7}
private key = {n, d} = {143, 103}
Let's encrypt a secret message msg = 83. Just follow the formula:
encryptedMsg = msge mod n = 837 mod 143 = 27136050989627 mod 143 = 8
Now, let's decrypt the encrypted message back to its original value:
decryptedMsg = encryptedMsgd mod n = 8103 mod 143 = 1042962419883256876169444192465601618458351817556959360325703910069443225478828393565899456512 mod 143 = 83
The RSA calculations work correctly. This is because the key-pair meets the RSA property:
(me)d ≡ m (mod n) for all m in the range [0...n)
(m7)103 ≡ m (mod 143) for all m in the range [0...143)
In the real world, typically the RSA modulus n and the private exponent d are 3072-bit or 4096-bit integers and the public exponent e is 65537.
For further reading, look at this excellent explanation about how RSA works in detail with explainations and examples:
Because RSA encryption is a deterministic (has no random component) attackers can successfully launch a https://en.wikipedia.org/wiki/Chosen-plaintext_attack against by encrypting likely plaintexts with the public key and test if they are equal to the ciphertext. This may not be a problem, but is a weakness, that should be considered when developers choose an encryption scheme.
Hybrid encryption schemes like RSA-KEM solve this vulnerability and allow encrypting longer texts.