• Home
  • Textbooks
  • Modern Cryptography and Elliptic Curves: A Beginner’s Guide
  • Public-Key Cryptography and RSA

Modern Cryptography and Elliptic Curves: A Beginner’s Guide

Thomas R. Shemanske

Chapter 5

Public-Key Cryptography and RSA - all with Video Answers

Educators

Chapter Questions

Problem 1

Suppose we choose primes $p$ and $q$, so that $n=$ $p q=59753237$. With the knowledge of those primes, we compute $\phi(n)=(p-1)(q-1)=59737740$ and choose the common encryption exponent $e=2^{16}+1=65537$ (the last known Fermat prime).
(1) Find the primes $p$ and $q$. (This is not necessary to break the code, but it reinforces that knowing $\phi(n)$ is equivalent to factoring $n$. See the section on security of RSA for a hint.)
(2) Find the decryption exponent.
(3) Using the base 27 encoding scheme as above, decrypt the message consisting of two blocks of numerical ciphertext, i.e., given as $C=P^e(\bmod n): 1088131241465338$.

Check back soon!

Problem 2

Compute the probability that a plaintext message $M$ is not prime to $n=p q$. If we wanted to ensure that our messages were always relatively prime to $n$, what could be done?

Check back soon!

Problem 3

Explore real implementations of RSA, e.g., PKCS\#1 v2.2: RSA Cryptography Standard [Lab12].

Emphasis should be that, in reality, one is not encrypting a generic plaintext message, but an AES key to transmit securely. On the plus side, this is already a number, so encoding is not the issue. The problem is that an AES key is short relative to required modulus size. This means the AES keys are not randomly distributed in the RSA key space, producing a vulnerability and necessitating certain padding schemes.

Check back soon!

Problem 4

Suppose you want a 1024-bit RSA modulus, so you want two primes 512 bits long. About how many primes are there of that approximate size? What are the chances that randomly chosen odd integers of that length will be prime?

Check back soon!

Problem 5

The observations above also provide an answer to another important security question. We know that people often use $e=65537$ as an encryption exponent. What if they also chose the same value of $n$ ? What would be the security implications?

Check back soon!