RSA+Week+four+Maple


 * I am combining Week Four and Week Five into one week. That means this page stands for both weeks. Let's see some good examples! Several problems are at the end .**

Question: Is there a way for //Maple// to find the m,y in the N1*m - K*y = 1 easily? Any guess and check method I've used is just stupidly time consuming. user:LauraShuman Now THAT is a good question. There is a short set of commands to find the desired coefficients.

Anyway, there's a short algorithm for doing this by hand or computer. I will put it here soon. It is called the Euclidean algorithm. The process produces the GCD of two given numbers N1 and K. In our work, N1 < K = (P1 - 1)(P2 - 1). Here is the Euclidean algorithm: K = L1*N1 +R1 (remainder one is R1) N1 = L2*R1 + R2 (remainder two is R2) R1 = L3*R2 + R3

keep doing this dance until the remainder is zero. R(m-2) = Lm*R(m-1). The GCD is that last remainder on the right, R(m-1), which will be 1. Now, you can work backwards and find coefficients for N1 and K in an equation equal to 1.

Example: GCD(35,12) = 1 35 = 2*12 +11 12= 1*11 +1 11 = 11*1 +0 So, 35 = 2(12) + 12 -1. 35 = 3(12) + -1 3(12) -1(35) = 1.

From now on, we'll be using computers. Aquinas has a site license for //Maple//. that's our tool. I will address some of last week's questions using this computing power.

I found a place in the Stinson text where he summarizes our study so far. "Suppose that n = pq where p and q are distinct odd primes and ab = 1 (mod (p-1)(q-1)). The RSA encryption operation is E(x) = x^b mod n The decryption is D(y) = y^a mod n."

We need one theorem from Number Theory, Fermat's (Little) Theorem. //For prime p such that p does not divide a, a^(p-1) = 1 (mod p).//

Problem 1. Set n= 35. Choose a specific p,q,a,b which satisfy Stinson's summary. Then show If x is an integer less than 17, show that D(E(x)) = x.

If n=35 then p=5 and q=7 ab=1(mod(p-1)(q-1)) McDaniel, Is the above step correct? In maple all I get when I run this is ab=1 user:TrevorBarton

Good.You are not doing the right work. You have to FIND a and b, just like m and y in our previous weeks. Do what it says to do. This problem is worth playing with because of the interesting play between multiples of 24 and factors of 35. I'd like to see everyone try this with numbers for x and x for x, in other words, the general case. user:mcdaniel30

Can a,b be the same numbers? If so, this is what I'm getting: n = 35; p = 5; q = 7 a = 5; b =5 25 = 1 (mod(24))

Let x = 10 E(10) = 10^5 mod 35 = 5 D(5) = 5^5 mod 35 = 10

In this case it worked for a,b to be the same number. user:LauraShuman

I was hoping to see more than this try. Where are the students in this class? There's an interesting case to be seen when a = b = 7. user:mcdaniel30 n=65 p=13 q=5 When a=b=7 49= 1 (mod(48))

Let x=12 E(12)= 12^7 mod 65= 38 D(38)= 38^7 mod 65= 0, there is no remainder as it is already a multiple of 65 user:D_Sweeney Your D(38) cannot be correct. 38^7 is only factors of 19 and 2. 38^7 MUST have a remainder mod 65. I MEANT that the a = b =7 case is interesting WHEN we're using the p=7 q =5 of the wimpy example. Would somebody please compute the weird case when p = 7 and a= b =7 is used? user:mcdaniel30

Okay 2nd try n=35 p=7 q=5 When a=b=7 49=1(mod(24)) Let x=10 E(12)= 110^7 mod(35)=10 WOW. . . would you look at that, it can not encrypt the message user:D_Sweeney P.S. Laura and I think that this case only works when x is a multiple of 5, with the STINSON Method. It may still work with our old method, even though they are pretty much the same. For example: When x=12, under the same circumstances, E(12)= 12^7 mod35= 33, clearly not 12.

Question: I was using the Stinson method like so: n = 35 p = 5 q = 7 a = 5 b = 29 ab = 145 145 = 1 (mod 24) x = 15 E(15) = 15^29 mod 35 = 15 (it didn't encrypt) I figured this was because a = p = 5

However if x = 16 E(16) = 16^29 mod 35 = 11 (it did encrypt)

Looking at Dave's example and my example, it leads me to believe that something funny is going on with multiples of 5 here. Or did I do something else wrong that I'm not seeing? Or is it because 5 is a factor of 15 and a = 5? That seems the most likely. (Time elapsed) This makes me think about about Fermat's Little Theorem (FLT): In FLT you raise a number, //a//, to (//p//-1) where //p// DOES NOT divide //a// this gives you 1 (mod //p//). If //p// DOES divide //a// what happens? 15^4 mod 5 = 0 (at least in this case, I know that that is not a proof that the outcome will always be 0) This is me just rambling basically, but I think that in order to encrypt a message, you can't use a message number (x = 15, above) and a mod number (n = 35, above), if they have a gcd > 1. That would explain why x = 16 can be encrypted (gcd(35,16) = 1), and why x = 15 cannot (gcd(15,35) = 5). 16^4 mod 5 = 1 (x^(a-1) mod a = 1) 16^28 mod 29 = 1 (x^(b-1) mod b = 1) And when you combine these two uses of FLT you get the ab = 1(mod((p-1)(p-q)). (I'll have to think about that more to see how that works.) It's probably off the wall - but I feel like I might be headed in the right direction.... Please let me know. :) I also think this thought process might be along the lines of solving PROBLEM 4.

user:LauraShuman

Let's learn enough Maple to run RSA.

RSA Cryptosystem  

Choose (Semi) Large Primes      the nextprime command gives the next prime after the given number. Nice!   That := defines things so that we can refer to mathematical entities by name. Phi is the product ab, in Stinson's summary. Write out Phi and n. Phi = 443452245760017704156814859768392 n = 443452245760017746564583051643631 user:TrevorBarton   Trevor's work is correct. I know that Trevor had to use a computer because of the large number of digits. The product of primes is made public. We called it C1. Right, Laura. user:mcdaniel30 Are you sure we didn't call n, C1 before? because n = p*q, and C1 = P1 * P2 in the other version. user:LauraShuman
 * > p:=nextprime(18723469817245634); q:=nextprime(23684298374629387); **
 * > Phi:=(p-1)*(q-1); # This is secret. These are ab in summary. **
 * > n:=p*q; **<span style="color: #ba34bc; font-family: 'Times New Roman',Times,serif; font-size: 12pt;">

<span style="color: blue; font-family: 'Times New Roman','serif'; font-size: 12pt; position: relative; top: 5pt;"> <span style="font-family: 'Times New Roman','serif'; font-size: 12pt;"> Problem 3. How does this e fit in with our RSA structure? since e is the same as N1 we know that this number is of course mutually prime with phi, and that in the past weeks it is used in the encryption of the message; Message^e mod(n). I'm not sure about it's role for public enciphering, but I think it's because nothing can be known about phi from e, and this is why it is used. user:D_Sweeney
 * > e:=65003; **<span style="font-family: 'Times New Roman','serif'; font-size: 12pt;">

. Enter the command ?igcd in Maple and explain this next line. "igcd(e,Phi)" will spit out the greatest common divisor btw the two numbers. We want e and Phi to be mutually prime, so we are checking to make sure the gcd is 1. (e was formerly known as N1, right?) user:wrighann <span style="color: blue; font-family: 'Times New Roman','serif'; font-size: 12pt; position: relative; top: 5pt;"> <span style="font-family: 'Times New Roman','serif'; font-size: 12pt;"> Yes. <span style="font-family: 'Times New Roman','serif'; font-size: 12pt;"> These next lines simply show the players in the RSA game. <span style="color: black; font-family: 'Times New Roman','serif'; font-size: 18pt;">Public Enciphering Key ( //<span style="color: black; font-family: 'Times New Roman','serif'; font-size: 12pt;">n,e //<span style="color: black; font-family: 'Times New Roman','serif'; font-size: 18pt;">) <span style="font-family: 'Times New Roman','serif'; font-size: 12pt;"> <span style="color: blue; font-family: 'Times New Roman','serif'; font-size: 12pt; position: relative; top: 31.5pt;"> <span style="font-family: 'Times New Roman','serif'; font-size: 12pt;"> <span style="color: black; font-family: 'Times New Roman','serif'; font-size: 18pt;">Private Decoding Key (//n,d//) <span style="font-family: 'Times New Roman','serif'; font-size: 12pt;"> <span style="color: blue; font-family: 'Times New Roman','serif'; font-size: 12pt; position: relative; top: 52.5pt;"> <span style="font-family: 'Times New Roman','serif'; font-size: 12pt;"> <span style="color: blue; font-family: 'Times New Roman','serif'; font-size: 12pt; position: relative; top: 5pt;"> <span style="font-family: 'Times New Roman','serif'; font-size: 12pt;"> <span style="color: black; font-family: 'Times New Roman','serif'; font-size: 18pt;">Sending a message //m// <span style="font-family: 'Times New Roman','serif'; font-size: 12pt;"> <span style="color: blue; font-family: 'Times New Roman','serif'; font-size: 12pt; position: relative; top: 5pt;"> <span style="font-family: 'Times New Roman','serif'; font-size: 12pt;"> Problem 5. what is the encrypted message? a=239963336450226030387886828879 b=1848 ab=1mod(443452245760017704156814859768392) n=443452245760017746564583051643631 x=message=11111111 11111111^1848*(`mod`(443452245760017746564583051643631)) = 387536442416352756452704721569406, The Encrypted Message The only problem with this is in the decryption process, 387536442416352756452704721569406^239963336450226030387886828879 mod n is a ridiculously large number and not the original message. Is this bad choices for a and b? user:D_Sweeney Use the igcd command to verify your a and b are fine. user:mcdaniel30
 * > igcd(e,Phi); # ensure that e^-1 mod Phi exists **<span style="font-family: 'Times New Roman','serif'; font-size: 12pt;">
 * > [n,e]; **<span style="font-family: 'Times New Roman','serif'; font-size: 12pt;">
 * > d:=e^(-1) mod Phi; **<span style="font-family: 'Times New Roman','serif'; font-size: 12pt;">
 * > d*e mod Phi; **<span style="font-family: 'Times New Roman','serif'; font-size: 12pt;">
 * > m:=11111111; **<span style="font-family: 'Times New Roman','serif'; font-size: 12pt;">

<span style="color: #ff0000; font-family: Georgia,serif;"> for ab = 1 (mod Phi), the product ab needs to have a remainder of 1 when divided by Phi, correct? So I choose: a = 177380898304007081662725943907357 b = 5 ab = 1 (mod 443452245760017704156814859768392) m = message = 11111111 E(m) = m^5 mod n = 395563982192370804992859847113140 - encrypted message

I know I added this the day it's due. Sorry. user:LauraShuman Decrypt?user:mcdaniel30 Neither Dave nor Laura has encrypted the message according to the values of this example. So, keep trying. All the pieces are here. Everybody should be able to do this example in Maple. Now, let's address Dave's concern that we're getting huge number to huge power. Remember, we're doing this huge number to huge power mod another huge number. Maple should apply the mod DURING the multiplication, thus keeping the size manageable. user:mcdaniel30 n = 12984750152996341 a = 12343 b = 64923749574624001/12343 ab = 1mod(12984749914924800) message = 11111111 = m m^a mod n = 1881154537440653 = encrypted message

(b = N1 from last week; Phi = K from last week; n =C1 from last week; a = m from N1*m -K*y correct?) user:MattJohnson1013 <span style="color: blue; font-family: 'Times New Roman','serif'; font-size: 12pt; position: relative; top: 52.5pt;"> <span style="font-family: 'Times New Roman','serif'; font-size: 12pt;"> <span style="color: black; font-family: 'Times New Roman','serif'; font-size: 18pt;">Deciphering a received message //<span style="color: black; font-family: 'Times New Roman','serif'; font-size: 12pt;">c //<span style="font-family: 'Times New Roman','serif'; font-size: 12pt;"> <span style="color: blue; font-family: 'Times New Roman','serif'; font-size: 12pt; position: relative; top: 5pt;"> <span style="font-family: 'Times New Roman','serif'; font-size: 12pt;"> That &^ is the inert form of exponentiation. It tells Maple to take mods as the product is computed rather than computing the huge power first and then taking mods. Dave and I think Maple 13 applies intelligent mod without the inert symbol. In other words, Maple should do m^e mod n the smart way. PROBLEMS 2, 3 Use Nextprime to get two big primes. Use an easy message like 111111 or 5656565, just make it up. Then find a working a, b. Then run the encryption in Maple, write the encryot command on the wiki, write your encrypted text on the wiki. Decrypt in Maple. Write the decrypt command on the wiki. Here is all the work i have from maple: p:= nextprime(1872346968981724563409; q:= nextprime(2368428997983746293098790) Phi:= (p-1)*(q-1); 4434520855623290409244547723601979517437063224p=1872346968981724563439 q=23 684289979 83746293098949 n:= p*q; 4434520855623290409246918024946932245454725611    ifactor(Phi); (2)^3 (3)^2 (11) (19) (193) (339256937) (9061859) (895223647847) (1667851) (332641) ((5)^2)*((7)^3*((17)^4); e:= 716192575 igcd(e,Phi ); 1 [n,e]; [4434520855623290409246918024946932245454725611, 716192575] d*e mod Phi; 1 m:= 123456789 THIS IS THE ORIGINAL MESSAGE. c;=m^e mod n; 1649607122656691021088923007081662246842427323 THIS IS THE ENCRYPTED MESSAGE. m1:= c^d mod n; 123456789 THIS IS THE DECRYPTED MESSAGE. This is the PDF file of my maple just in case I copied any numbers wrong. <span style="color: black; font-family: 'Times New Roman','serif'; font-size: 18pt;"> user:TrevorBarton
 * __Please note the instruction below:__**
 * > c:=m&^e mod n; # Enciphered message ** <span style="font-family: 'Times New Roman','serif'; font-size: 12pt;">
 * > m1:=c&^d mod n; **<span style="font-family: 'Times New Roman','serif'; font-size: 12pt;">
 * > **<span style="font-family: 'Times New Roman','serif'; font-size: 12pt;">

Here is my attempt from Maple. I was able to encrypt the message, but got an error when trying to decrypt. user:wrighann



PROBLEM 4 EVERYBODY TRIES THIS. WHY does RSA encrypt/decrypt work? **In other words, in the Stinson's wording why does D(E(x)) = x?** mcdaniel30

This was the best that I could do: D(x)=(c^d) mod(n) and E(x)=(m^e) mod(n),

You're in trouble already. D(x) and E(x) mean both D and E are functions of x. So x should appear in their right hand sides. You're going to miss a connection if your notation is faulty.

so D(E(x)) = [(m^e) mod(n)]^d mod(n).

same complaint

We want to prove that m = [(m^e) mod(n)]^d mod(n). THAT's more like it.

Use the property "[(a mod(n))^2] mod(n) = (a^2) mod(n)": [(m^e) mod(n)]^d mod(n) = (m^d*e) mod(n). d*e = k*Phi + 1 where k is a constant from the process of finding d. So m = (m^d*e) mod(n) = (m^(k*Phi+1)) mod(n) = m*m^(k*Phi) mod(n). m = m*m^(k*Phi) mod(n). This doesn't seem to be true though. I was hoping that m^(k*Phi) mod(n) = 1. user:wrighann SO close. There's the Fermat's Little Theorem to cash in.user:mcdaniel30