The RSA Cryptosystem and Number Theory

Zhengyu (Brian) Li

Department of Mathematical and Computational Sciences

University of Toronto Mississauga

MAT315H5F - Introduction to Number Theory

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 1 / 22
Table of Contents

1 Historical background

2 Important mathematical objects and results

3 Proof on the correctness of RSA

4 A real life example using RSA

5 Present and future of RSA

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 2 / 22
Table of Contents

1 Historical background

2 Important mathematical objects and results

3 Proof on the correctness of RSA

4 A real life example using RSA

5 Present and future of RSA

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 3 / 22
Historical background

Origin and Motivation

The RSA is a public-key cryptosystem, named after the initials of three
cryptographers: Ron Rivest, Adi Shamir, and Leonard Adleman. They
have made multiple attempts throughout the years to create a one-way
function that is hard to invert. The premise of the question is that “ Is
there an one-way function that can be reversed only if the receiver has
certain unique information? The three of them combine their perspectives
in computer science and mathematics to create the RSA system. In this
presentation, we will mainly discuss the mathematical aspect of RSA,
specifically how number theory is being applied. [1]

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 4 / 22
Table of Contents

1 Historical background

2 Important mathematical objects and results

3 Proof on the correctness of RSA

4 A real life example using RSA

5 Present and future of RSA

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 5 / 22
Important mathematical objects and results

Encoding
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26

Example
“Welcome to UofT” → 2351231513520152115620

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 6 / 22
Preparation Algorithm

Algorithm
This algorithm describes the proper preparations needed before any
encoding and decoding could happen.
Step 1: Choose two large prime numbers p and q, obtain modulus
m = pq.
Step 2: Compute φ(m) = φ(p)φ(q) = (p − 1)(q − 1) since p, q are
prime numbers. Then choose a number k that is a co-prime of φ(m).
Step 3: Announce the values of m, k as public information but keep
the values of p, q as private information.

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 7 / 22
Encoding Algorithm

Algorithm
The following algorithm outlines the method of encoding.
Step 1: Convert the message into a string of numbers based on the
table above.
Step 2: Break the string of digits into multiple numbers that are all
less than m, yielding a list of numbers a1 , a2 , ..., ar .
Step 3: Use successive squaring to calculate

b1 = a1k (mod m), b2 = a2k (mod m), ..., br = ark (mod m)

Step 4: The message being sent out is the encoded list of numbers
b1 , b2 , ..., br .
uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 8 / 22
Decoding Algorithm

Algorithm
Once a user received the encoded message, the following algorithm will be
able to decode the message.
Step 1: Compute
φ(m) = φ(p)φ(q) = (p − 1)(q − 1) = pq − p − q + 1 = m − p − q + 1
since we have access to the value of p, q.
Step 2: Recover a1 , a2 , ..., ar by solving x k ≡ bi (mod m) using
successive squaring, since each bi is congruent to aik (mod m).
Step 3: Once the values of a1 , a2 , ..., ar are found, we can easily
piece them together and match it with letters on the table.

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 9 / 22
Main Theorem

Theorem
Let 1 < n < m, where m = pq and

E (n) ≡ ne (mod m), D(n) ≡ nd (mod m)

where gcd(d, φ(m)), ed ≡ 1 (mod m), then we have:

D(E (n)) ≡ n (mod m)

E (D(n)) ≡ n (mod m)

Remark
This theorem states the validity of the RSA cryptosystem, by showing that
decoding the encoded message, or encoding the decoded message will
return the message itself. We will prove the theorem in the next section.
uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 10 / 22
Table of Contents

1 Historical background

2 Important mathematical objects and results

3 Proof on the correctness of RSA

4 A real life example using RSA

5 Present and future of RSA

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 11 / 22
Proof on the correctness of RSA

Proof
The following is the proof for Theorem 2.1: [2]

D(E (n)) = (ne )d = (nd )e = E (D(n))

Therefore to prove the correctness of RSA, we simply needs to show that:

ned ≡ n (mod m)

ed ≡ 1 (mod m) implies that for some value k,

ned ≡ nkφ(m)+1 (mod m)

Given that p is a prime number, we can invoke Fermat’s little theorem. If

p does not divide n,
np−1 ≡ 1 (mod p) uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 12 / 22
Continuation

Proof.
Since (p − 1) divides φ(m),

nkφ(m) ≡ 1 (mod p) =⇒ nkφ(m)+1 ≡ n (mod p)

We can apply the same argument to q and obtain:

nkφ(m)+1 ≡ n (mod q)

Combining the above two equations and by Chinese remainder theorem,

nkφ(n)+1 ≡ n (mod m) =⇒ ned ≡ n (mod m)

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 13 / 22
Remark of the Proof

Remark
The central idea of the proof is the application of Fermat’s Little Theorem,
and essentially Chinese Remainder Theorem. Being able to prove the
correctness of RSA cryptosystem is very significant since it shows the
reliability of the algorithm, which results in its wide usage nowadays.

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 14 / 22
Table of Contents

1 Historical background

2 Important mathematical objects and results

3 Proof on the correctness of RSA

4 A real life example using RSA

5 Present and future of RSA

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 15 / 22
A real life example using RSA

We will provide three examples in this section. The first example will
demonstrate how to prepare for encoding and decoding by constructing
the public and private key. The second and third example will demonstrate
the encoding and decoding itself with a concrete example. Let us create
the string “number theory is cool”.

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 16 / 22
Preparation

Example
Step 1: Let p = 7901, q = 7907, where both p, q are prime and
m = pq = 62473207.
Step 2: φ(62473207) = (7900)(7906) = 62457400. Then we choose
k = 39 such that gcd(39, 62457400) = 1.
Step 3: Announce that m = 62473207, k = 39, but keep p, q private.

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 17 / 22
Encoding Example

Example
Step 1: We convert “number theory is cool” into
142113251820851518259193151512 based on the table above.
Step 2: We break the string into
a1 = 14211325, a2 = 18208515, a3 = 18259193, a4 = 151512.
Step 3: Use successive squaring to calculate b1 ≡ 1421132539
(mod 62473207), b2 ≡ 1820851539
(mod 62473207), b3 ≡ 1825919339 (mod 62473207), b4 ≡ 15151239
(mod 62473207)
Step 4: We send out the message
b1 = 39362208, b2 = 12824021, b3 = 55858704, b4 = 13591790.
uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 18 / 22
Decoding Example

Example
This example will apply algorithm 2.3.
Step 1: Compute φ(62473207) = (7900)(7906) = 62457400.
Step 2: Solve a139 ≡ 39362208 (mod 62473207), a239 ≡ 12824021
(mod 62473207), a339 ≡ 55858704 (mod 62473207), a439 ≡ 13591790
(mod 62473207) using successive squaring.
Step 3: Obtain
a1 = 14211325, a2 = 18208515, a3 = 18259193, a4 = 151512.
Step 4: Combine the strings together we get
142113251820851518259193151512, which corresponds to “number
theory is cool”.
uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 19 / 22
Table of Contents

1 Historical background

2 Important mathematical objects and results

3 Proof on the correctness of RSA

4 A real life example using RSA

5 Present and future of RSA

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 20 / 22
Present of RSA

The RSA algorithm is considered to be “unbreakable” for classical

computers. Let us assume that you have the value of the public keys m, k,
but not the value of private keys p, q. In order to decode the message, you
are required to find the value of φ(m) then plug it into the algorithm. We
know that we can obtain φ(m) by:

φ(m) = φ(p)φ(q) = (p − 1)(q − 1) = pq − (p + q) + 1

Finding the value of p + q is equivalent to determining the value of p, q,

since they are simply the solution of the following quadratic equation:

X 2 − (p + q)X + m = 0

Hence the problem is converted into finding the prime factors p and q of
m. This is a extremely time consuming process for large m with over 100
uoft.png
digits even for the most powerful computers nowadays.

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 21 / 22
Future of RSA

The RSA cryptosystem has been applied throughout various industries, in

particular the technology sector. RSA is extremely useful when data is
transmitted to a complete stranger. As a result of that, RSA is widely
used in web browsers, chat applications, email encryptions, VPNs, and so
on. The rise of quantum computers has brought out questions regarding
the security of RSA, since quantum computers could outperform classical
computers significantly in such computations that involving finding factors
of a very large number. Based on the paper “Quantum Computers,
Factoring, and Decoherence”, quantum computers can find the factors of
a L-digit number in ∼ L2 time, which is a huge improvement. [3] New
cryptosystems and algorithms are constantly being researched and
developed to adapt to the fast-changing technology. Some common
hacking approaches are further discussed in “Twenty Years of Attacks on
the RSA Cryptosystem” by Dan Boneh. [4] uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 22 / 22
 Joseph H Silverman.
A friendly introduction to number theory.
Am Math Compet, 10:12, 2006.
Maria D Kelly.
The rsa algorithm: A mathematical history of the ubiquitous
cryptological algorithm.
2009.
Isaac L Chuang, Raymond Laflamme, Peter W Shor, and Wojciech H
Zurek.
Quantum computers, factoring, and decoherence.
Science, 270(5242):1633–1635, 1995.
Dan Boneh et al.
Twenty years of attacks on the rsa cryptosystem.
Notices of the AMS, 46(2):203–213, 1999.

uoft.png

Li, Zhengyu (Brian) (UTM) The RSA Cryptosystem and Number Theory December 2020 22 / 22