Leadership Crisis in Congress

In the wake of the crushing defeat in the 2019 general elections, the refrain in the Congress Party is, yet again, that the Nehru-Gandhi family is the ‘glue’ that holds the party together, and that…

独家优惠奖金 100% 高达 1 BTC + 180 免费旋转

The elegant maths behind the RSA Encryption

RSA was named after Rivest, Shamir and Adleman, from the Massachusetts Institute of Technology (MIT). It is an exponential cryptosystem based on concepts from Number Theory: modular arithmetic and Fermat’s Little Theorem. In this article we’ll cover the additive, multiplicative and exponential ciphers and show, with simple examples, what makes RSA so interesting.

But before we move to the above-mentioned ciphers, we need to cover Fermat’s Little Theorem. Pierre de Fermat was a 17th century French mathematician mainly known in popular culture for his Last Theorem, which was proved in the nineties by Andrew Wiles, after centuries of attempts.

One of his other theorems, the so-called ‘Little Theorem’, forms the basis for the exponential ciphers. It says that if p is a prime number and a is greater than zero and is not a multiple of p, the following identity applies:

Let’s take an example, with p=7 and a=3, we have:

Another example, let’s take p=5 and a=21 and thus:

We’ll see later how this theorem is relevant for exponential ciphers.

Additive ciphers, also called Caesar’s ciphers, are very straightforward and use basic modular addition. To simplify let’s use values from 0 to 25 to represent letters and so we’ll be working with addition mod 26. The additive cipher simply transforms a letter by adding a fixed value, k, to it.

For instance, if we use a key k=17, and we match letters to their position in the alphabet (from 0 to 25): H=7, E=4, L=11 and 0=14 we have:

To decipher the message we simply add the additive inverse of 17 (mod 26), which is 9 — as 17 + 9 = 0 (mod 26) — and we get:

Multiplicative ciphers use modular multiplication instead of addition. It is a similar process but we need to make sure that our k value (the one we are multiplying each element by) is coprime with n, the total number of elements in our set of symbols. The reason we need k and n to be coprimes is that to decipher a coded message, we need the multiplicative inverse — k’ — of k and this multiplicative inverse will always exist if k and n are coprimes. As a reminder, k’ is the multiplicative inverse modulo n of k if:

Let’s look at an example, if we take the same word (“HELLO”) with the corresponding numerical values: (7, 4, 11, 11, 14), with n=26 (for the 26 letters of the alphabet) and k=7, coprime with 26 we get:

To decipher the message, we need the multiplicative inverse of 7 modulo 26, which is 15, as 15 * 7 = 105 = 1 (mod 26). See in the box below how to find the multiplicative inverse using the Euclidean algorithm.

We can then decipher our “XCZZU” message as follows: XCZZU has numerical values (23, 2, 25, 25, 20) and so:

After this quick overview of the additive and multiplicative filters, we can now move to the next step, the exponential ciphers and a specific implementation of them, the RSA. Exponential ciphers have the following form:

With:

To decipher it we use the multiplicative inverse of k in Z(p-1), k’:

Again, let’s take an example with p=29 for instance and k=5, coprime with (p-1)=28. Again, let’s use HELLO encoded as (7, 4, 11, 11, 14):

To decipher the message “QJOOT”, we use the multiplicative inverse of 5 in Z28, 17 (as 5 * 17 = 1 mod 28)

To see why exponential ciphers work and how they can be deciphered, we need to refer back to Fermat’s Little Theorem. Our decipher key k’ is the multiplicative inverse of k in Z(p-1) so we know that k’ * k = 1 and thus:

k * k’ = l * (p-1) + 1 (mod p-1), for some integer l, by definition.

Thus when we encipher a message we get x^k and when we decipher it:

But, as we have seen above kk’ = l (p -1) + 1 and thus:

And we know, using Fermat’s Little Theorem, that x^(p-1) = 1 (mod p) so we are left with:

As expected, we get our initial message back.

The RSA cipher is based on the exponential system seen above but with an extra twist. For RSA, we need 2 prime numbers, p and q, and we use their product pq as part of a public key (more on that later). It works as follows:

With p, q prime numbers and k in Z(p-1)(q-1) and coprime with (p-1)(q-1)

To decipher the message we use:

With k’ is the multiplicative inverse of k in Z(p-1)(q-1)

Let’s follow with an example, with p=13 and q=17, we get pq=221. We also need our k, coprime with (p-1)*(q-1)=12*16=192, so for instance k=5. The combination of pq and k is my public key: (221, 5) 😎

Now, I can share this public key with anyone so they can encode a message that only I can decipher. Obviously in real life we would use the product of larger primes (way larger!). 😵

So let’s take an example, let’s say I share my public key (221, 5) with you and you want to send me an encoded message “HELLO”, you would proceed as follows:

I then receive the following message: (11, 140, 163, 163, 131) and will need my secret key to decipher it. My secret key is the multiplicative inverse of k=5 in Z(p-1)(q-1), Z192. That multiplicative inverse k’ is equal to 77, because 77 *5 (mod 192) =1 . So I get:

Let’s look at an intuition of why this works. This is in no way a formal proof, by the way. Remember that x^k is our encrypted message and (x^k)^k’=x^kk’ should decipher it.

k’ is the multiplicative inverse of k in (p-1)(q-1) so kk’=1 mod (p-1)(q-1) and thus:

by definition. This gives us: