Chapter+6

Here are the assignments for September 20 - 27: Read Chapter 6. Try any of the first 12 odds in the text. Questions here are most welcome.

From the text: 1) I ran the extended Euclidean algorithm program and got 3 for d. 5859^3 mod(11413) = 1415  In letters, that would be 'no'. user:meganternes

3) 8^3 mod 437 = 75 9^3 mod 437 = 292  8 was the original plaintext that the ciphertext 75 came from when n = 437 and e = 3. user:meganternes  I got the same. user:kml003

5. p=large prime, m=message x, e=encryption exponent, how do we find d? we want d such that d*e=1mod(p-1) d*e+(p-1)*k=1 for some integer k use extended algorithm to find d and k for the known e and p

7. Not sure if this one is right or not.... original message=c^d mod n  eve sends c*2^e, so nelson decrypts (c*2^e)^d mod n = (2^ed)(c^d) mod n so to get original message, eve just divides by 2^ed? user:bea001

13) You would compute (880525*2057202*648581*668676)^2 and (2*3*(77^1/2))^2. These numbers should be congruent mod 2288233, but (880525*2057202*648581*668676) and (2*3*(77^1/2)) are not congruent mod 2288233. To factor 2288233 then, calculate gcd( (880525*2057202*648581*668676)mod2288233 - (2*3*(77^1/2)), 2288233)=x. The other factor is 2288233/x.  Right? With that 77^1/2, wouldn't the answers be messy though? user:meganternes

17) Since Alice is encrypting each letter individually, Eve could just try each number 1-26 to see which ones work. It would be a little tedious, but using an encrypting program makes the process a little faster. And Eve probably wouldn't even need to try every letter once she figured out a few; she could just guess which other letters to try. 8^13 mod 8881 = 4461 > h  5^13 mod 8881 = 794 --> e  12^13 mod 8881 = 2015 ---> l (two of these)  15^13 mod 8881 = 3603 ---> o  hello user:meganternes

21) The final ciphertext she sends is the original message. Since e^2 = 1 mod (p-1)(q-1), even though Alice is encrypting in two steps, by calculating 12345^(e^2) mod (7919*17389) she is really calculating 12345^1 mod (7919*17389) which will just be 12345. user:meganternes

To make certain you are where you need to be, we have the personal assignments below. Remember, in RSA, we use an alphabet which assigns 01 to A, 02 to B etc. Here is my RSA encryption information for all four of you: PQ=798947 and e=187. 1. send me the first three letters of your first name by writing them here, unsigned. I promise not to use the history button to see who wrote what. 590003 decrypts to KAY, so Kayla can RSA encrypt. 356230 decrypts to EESS IF I use 5 in place of 05. I don't know whose this is. 511897 decrypts to MEG, so Megan can RSA encrypt. Here's the work. I typed &^ on a separate line in text mode, copied it and pasted it whenever I needed it in my calculations. That trick worked just fine to get intelligent mod.user:mcdaniel30

2. Ian's d= 16573 for PQ=20737 Decrypt this two letter word. 5835 From C#: 2015 or TO user:ian.hart

Kayla's d = 36989 for PQ=20737 Decrypt this two letter word. 16046 ﻿In maple: 16046&^36989 mod 20737 = 1215 = lo. user:kml003

Bailey's d = 57405 for PQ=20737 Decrypt this two letter word. 19902 (Hint, your answer is not EZ.) 19902&^57405mod20737 = 1301 = ma user:bea001

Megan's d = 77821 for PQ =20737 Decrypt this two letter word. 2249 I'm getting 2249&^77821 mod 20737 = 15610. Is that the number I'm supposed to be getting, and if so, how do I turn that into letters? user:meganternes You should be getting only 4 digits, and you'd use 01=a, 02=b, etc. user:kml003 I checked and you should get a 4 digit output. Remember, intelligent mod is tricky. These numbers are small enough that regular mod should work just fine.user:mcdaniel30 Okay, I didn't think that was right. I redid the calculation just now on WolframAlpha and it gave me 2113 which corresponds to 'um'. I think Maple just hates me. Almost every time I tried intelligent mod it just gave me the exponent number back, so I'm clearly doing something wrong. user:meganternes Are you a Muggle? If not, try Expelliarmus. You're going to need some reliable way to do these large exponent/mod calculations for the rest of the semester. user:mcdaniel30

3. How about a Maple or C# or TI program for the extended Euclidean algorithm which actually uses the extended Euclidean algorithm? I sort of have one which works okay. suggs:= proc(F,E) for i from 1 to E do if ((F*i+1) mod E = 0) then print((F*i+1)/E) end if end do end proc;

I have tested it on some 9 digit examples and it's fast. So I think the code is okay. Plus, even in real life, we will tend to choose smallish E's. So this might do. Give it a try!user:mcdaniel30

I wrote a C# program that does it the same way we usually do, utilizing recursion. It does only output two coeffs, though. I can bring it in on Tuesday. user:ian.hart if i copy & paste your code, it works, but if i type it in exactly as you have it, i cant get it to work. not sure why. but at least i can copy&paste when i need it. user:bea001

**HERE ARE THE QUESTIONS FOR THE LAST WEEK OF SEPTEMBER.** **1. I lost my d for the RSA encryption of your names in problem 1 from last week. How did I recalculate it?** You factored PQ then got d with de-yPhi = 1. user:kml003 **﻿** **2. Suppose someone left their y from their de - yPhi = 1 calculation lying around and you found it. You have their RSA public knowledge as well. How could you hack their RSA encryptions?** if you have y and the public knowledge of pq and e, could you use the extended algorithm to find d? user:bea001 Attempt to factor pq, get Phi from (p-1)(q-1), and use d = (1 + y*phi)/e user:ian.hart **3. The book recommends building a big d to make your RSA more secure. Suppose our Extended Euclidean algorithm gives us a puny d and we're too lazy to try a different e. So we add PQ to d, which makes our new d quite gigantic. Why would adding PQ to the d to use as our new d not be of any use?** c^(d+PQ) = c^d*c^(PQ). That c^PQ is 0 mod PQ, so then you're back to just plain old c^d... exactly what we started with. user:kml003﻿ **﻿** **4. The book recommends we build a big d with properties we want. What properties would these be?** **5. Once we have a decent d, how do we get an appropriate e?** dont we start with an e and calculate d using e? if not, you would just use d*e-y*phi=1 to get an e, wouldn't you? user:bea001 After d is chosen, find e where de ≡ 1 (mod ϕ(n)). user:meganternes

**Here is a screen shot of a Maple program which finds d using a chosen plaintext attack and it's pretty fast! Check it out.**

It went through over 300,000 possibilities in a few seconds.

That's the text form of &^ in the line above the program. That's not part of the program.