RSA Cryptosystem Setup
1.
Choose two “large” primes p and q and compute the quantities
m  pq and f  ( p  1)( q  1) .
2.
A positive integer e is chosen where gcd(e, f )  1 . Using the Euclidean algorithm, we calculate an
integer d where
(e  d ) MOD f  1 .
Note that d is the multiplicative inverse of e MOD f , that is d  e 1 MOD f . Here, e will be called
the enciphering exponent and d will be called the deciphering exponent.
3.
Using an alphabet assignment to convert from English letters to numbers, compute an English plaintext
message number Y . Assuming that Y  m , we use the enciphering exponent e to encipher the message
by computing
Z  Y e MOD m .
by successive squaring. Here, Z will be the “secret” message number that will be transmitted from the
sender to the recipient of the message. If Y  m , we break Y into blocks of numbers smaller than m,
say Y1 , Y2 , … , Yr , and encipher each block separately, that is, we compute
Z1  Y1e MOD m , Z 2  Y2e MOD m , … , Z r  Yre MOD m .
4.
To decipher the message, the recipient uses the deciphering exponent d to reverse the process of step 3
by computing
Y  Z d MOD m .
or if the cipher-text is in blocks Z1 , Z 2 , … , Z r , we compute
Y1  Z 1d MOD m , Y2  Z 2d MOD m , … , Yr  Z rd MOD m .
The alphabet assignment is used to recover the message.
Important Facts Concerning the RSA Cryptosystem
1.
A common place that causes confusion when first learning the RSA is when to use m and f computed
in step 1. The integer m  pq is the modulus used in enciphering and deciphering messages (to
compute Z  Y e MOD m in step 3 and Y  Z d MOD m in step 4). The integer f  ( p  1)( q  1) is
only needed in step 2 and is the modulus needed to find the multiplicative inverse of e MOD f , that
is d  e 1 MOD f .
2.
3.
In practice, the modulus m and enciphering exponent e are made public (everyone knows).
To ensure gcd(e, f )  1 so that d  e 1 MOD f exists, a good choice for the enciphering exponent e is
a prime number (although it is not necessarily required).