August 14, 2003

OK, here is what we want to do: We have a "piece of data" that we want to somehow "scramble" so nobody can learn what this data is, and we want to send this data over unsecure lines to the recipient. Upon receipt of this scrambled data, the recipient must be able to "unscramble" this data to its original shape. The important thing here is that we want to do this "scrambling/unscrambling" process without requiring usage of any secret keys that both the sender and the recipient must posses in order to scramble and descramble the data. This is why the method we are going to discuss here is called "Public Key Cryptography". There are several Public Key Cryptography algorithms in use today. The most popular is called RSA algorithm, and is named after the initials of its inventors: R for Rivest, S for Shamir, and A for Adelman. By the way, they were students when they invented this algorithm in 1977. This is their

So here is the summary of operations. Please continue reading below for the detailed explanation of how this is achieved. Let's say that your WEB Browser has a piece of data, say number 14 (we'll call it a Plain message and label it as P=14). and it wants to encrypt this Plain message first and then send it to the Server. Upon receipt of this encrypted message, the Server wants to decrypt it to its original value. Here is the summary of what transpires. Before any communication happens, the Server had calculated, in advance, its public (n =33 and k=7) and private (j=3) keys. Now, to initiate the transaction, the Browser sends this message to the server: Hey Server, please send me your public key. The Server obliges: Here it comes, it's n=33, k=7. After receiving the Server's public key, the Browser converts the Plain message P=14 into the Encrypted message E=20 and sends it to the Server. The Server receives this encrypted message E=20 and using its secret key j=3 (and publicly known key n=33) decrypts the E=20 message into its original Plain message P=14.

Now, let's look a bit more into the math behind all this.

Section1. Generating Public and Private Keys

First, as we mentioned above, before any transmission happens, the Server had calculated its public and secret keys. Here is how.

1.1) pick two prime numbers, we'll pick p = 3 and q = 11

1.2) calculate n = p * q = 3 * 11 = 33

1.3) calculate z = ( p - 1 ) * ( q - 1 ) = ( 3 - 1 ) * ( 11 - 1 ) = 20

1.4) choose a prime number k, such that k is co-prime to z, i.e, z is not divisible by k. We have several choices for k: 7, 11, 13, 17, 19 (we cannot use 5, because 20 is divisible by 5). Let's pick k=7 (smaller k, "less math").

1.5) So, the numbers n = 33 and k = 7 become the Server's public key.

1.6) Now, still done in advance of any transmission, the Server has to calculate it's secret key. Here is how.

1.7) k * j = 1 ( mod z )

1.8) 7 * j = 1 ( mod 20 )

1.9) ( 7 * j ) / 20 = ? with the remainder of 1 (the "?" here means: "something, but don't wory about it"; we are only interested in the remainder). Since we selected (on purpose) to work with small numbers, we can easily conclude that 21 / 20 gives "something" with the remainder of 1. So, 7 * j = 21, and j = 3. This is our secret key. We MUST NOT give this key away.

Now, after the Server has done the above preparatory calculations in advance, we can begin our message transmission from our Browser to the Server. First, the Browser requests from the Server, the Server's public key, which the Server obliges, i.e., it sends n=33 and k=7 back to the Browser. Now, we said that the Browser has a Plain message P=14, and it wants to encrypt it, before sending it to the Server. Here is how the encryption happens on the Browser.

Section 2. Encrypting the message

Here is the encryption math that Browser executes.

2.1) P ^ k = E ( mod n )

"^" means "to the power of"

P is the Plain message we want to encrypt

n and k are Server's public key (see Section 1)

E is our Encrypted message we want to generate

After plugging in the values, this equation is solved as follows:

2.2) 14 ^ 7 = E ( mod 33 )

This equation in English says: raise 14 to the power of 7, divide this by 33, giving the remainder of E.

2.3) 105413504 / 33 = 3194348.606 (well, I lied when I said that this is "Pencil and Paper" method only. You might want to use a calculator here).

2.4) 3194348 * 33 = 10541348

2.5) E = 105413504 - 10541348 = 20

So, our Encrypted message is E=20. This is now the value that the Browser is going to send to the Server. When the Server receives this message, it then proceeds to Decrypt it, as follows.

Section 3. Decrypting the Message

Here is the decryption math the Server executes to recover the original Plain text message which the Browser started with.

3.1) E ^ j = P ( mod n)

E is the Encrypted message just received

j is the Server's secret key

P is the Plain message we are trying to recover

n is Server's public key (well part of; remember that Server's public key was calculated in Section 1 as consisting of two numbers: n=33 and k=7).

After plugging in the values:

3.2) 20 ^ 3 = P ( mod 33 )

3.3) 8000 / 33 = ? with the remainder of P. So to calculate this remainder, we do:

3.4) 8000 / 33 = 242.424242...

3.5) 242 * 33 = 7986

3.6) P = 8000 - 7986 = 14, which is exactly the Plain text message that the Browser started with!

Well that's about it. While we did not discuss the theory behind the formulae involved I hope that you got at least a basic idea of how the public key cryptography using the RSA algorithm works.

Section 4. "Cracking the Code"

The essential requirement of the Public Key Cryptography is that the public and secret keys are mathematically related, but this relationship must be made very hard to determine by an outsider. As you saw in the preceding text, everything starts with p and q, from which we calculated n. The public key consists of two numbers: n and k, where k is calculated from z and z is calculated from p and q. The secret key j, was calculated from k and z and, as we just stated, k and z are calculated from p and q. It follows then, that j is also calculated from p and q,which proves that the public and private keys are mathematically related. So, if an outsider wanted to find the secret key j, by only knowing n, he must break down n into the two prime numbers that were used to produce it (remember that n = p * q). Now, here is the real crux of the bisquit: Decomposing a very large n into p and q is really difficult to do. It is easy with the small numbers that we have used in our demonstration, but try, for example decomposing p into p and q when p has several hundred digits. Well, if you have some free time on your hands, try