MGC TOKEN technical explanation —— Asymmetric encryption

Asymmetric encryption technology
Asymmetric encryption (public key encryption) refers to the use of different keys in both encryption and decryption. In this encryption technology, each user has a pair of keys: public and private. The public key is used during the encryption process and the private key is used during the decryption process. The public key can be exposed to the entire network, and the private key needs to be saved by the user. This solves the security risks caused by the need to share keys in symmetric encryption.
Because the public key is exposed, any user can encrypt the message or data and then send it to the user using the public key of the particular user. After receiving the message, the user decrypts the received content with a unique private key to obtain the information. Since no other user other than the user has a private key capable of decrypting the ciphertext, the ciphertext is unreadable to other users. This allows the sender and the receiver to confidently spread the encrypted message or data over the network. The way to establish an information channel by sharing a private key is no longer necessary. A pair of public and private keys owned by the user is a secure information channel.
The key to enabling asymmetric encryption technology and ensuring security is that it is operatively impossible for anyone to derive or calculate the user’s private key using the public key public. Note that this means “in operation (mainly using computer to calculate) is not possible” and does not mean that it is absolutely impossible in theory. In fact, we can assume that there is such a program that can easily solve such inverse problems, but no one knows how to construct such a program.
First, trapdoor function
The trapdoor function is a special one-way function with trapdoors, which is very easy to calculate from X to Y, but it is very difficult to calculate X from Y without specific information. The trapdoor function can also be analogized to dough. The direction from the flour to the dough is easy. Just mix the flour with the right amount of water and pour the dough to get the dough, but in the opposite direction, turn the dough into flour and water. It is very difficult. In theory, the existence of a perfect trapdoor function has not been proven. However, from the perspective of cryptography, as long as the inverse operation is “difficult” to a certain extent, this property can be used to construct a cryptographic algorithm.

Figure 1 trapdoor function
Public key cryptography utilizes the characteristics of such functions. The private key can be understood as the X of the above figure, the public key is the Y of the above figure, and each user uses his private key X to generate his own public using the trapdoor function. Key Y, and expose the public key to the entire network, so that each user has a pair of keys, do not have to worry about the public key will reveal the private key.
There are many mathematical problems with this characteristic. The following is an example of the discrete logarithm problem on an elliptic curve.
Second, the public key cryptosystem
The study of elliptic curve problems has been around for hundreds of years and has rich research content. The discrete logarithm problem has always been a problem in the mathematical world. At present, there is no fast method for solving discrete logarithms in the world. The following describes how to construct a public key cryptosystem using the discrete logarithm problem of elliptic curves in as simple as possible.
Imagine a situation where your friend asks you to play billiards, but he/she is an hour earlier than you, and begins to hit the black ball with a white ball, assuming there are no other balls on the billiard table, and there are no holes to score. Both balls always move only on the surface of the table. What your friend does in an hour is to constantly hit the black ball with a white ball (the frequency of hitting the ball is not regular, he/she can stop and rest at any time). After you arrive, your friend tells you where the black ball is just starting and where the black ball is now. Let you guess how many times the black ball has been hit according to the information of these two positions.
If you change one hour of the above scenario to one day or one month, or you don’t know the batting time at all? Obviously, for the above scenario, if you want to answer the question, you can only guess the number of times. And when the correct answer to this number is in a huge range, the probability of actually answering the question correctly is almost zero. The public key cryptosystem based on the elliptic curve for the discrete logarithm problem is very similar to the above problem.
The image of the elliptic curve is not an ellipse, the origin of its name is because the problem begins with the study of the perimeter of the ellipse. An example is used below to illustrate the image of the elliptic curve and how it is used to establish a public key cryptosystem.

Figure 2 Elliptic curve image on real numbers
The above figure is a general form of elliptic curve. It can be seen that this image is axisymmetric. Different values of the equation parameters of different elliptic curves will make the shape different, but this symmetry property is unchanged. In the application of cryptography, the real image of the elliptic curve is composed of points on the coordinates, and these points are contained in a finite space. The function of the parameters can be simply understood as the point on the elliptic curve used in the actual algorithm. Number. Adjusting the parameters of the elliptic curve can change the size of the finite space (the role of the parameter can be understood as the size of the pool table in the console ball scenario).
Recalling the scene of playing billiards, now imagine the image of this elliptical curve as a table, and then begin to introduce the “batting” process on the elliptical curve. The “hitting” on the elliptical curve is similar to the hitting process on the table, which is to move one coordinate point on the curve to another coordinate point (the ball is moved from one position to another when hitting the ball). This operation is called “plus” in the elliptic curve.
The next step is to introduce the “batting” process on the elliptic curve. The “hitting” on the elliptical curve is similar to the hitting process on the table, which is to move one coordinate point on the curve to another coordinate point (the ball is moved from one position to another when hitting the ball). This operation is called “plus” on the elliptic curve.
There are two kinds of operations of “add”. The first one is the different two points “plus”, the second is the same point phase “plus”, here is the same point “add”. Suppose the starting point of the coordinate point is point P (the starting point of the ball), after a “plus” (one shot): P + P, get 2P: draw a tangent through the point P at the point P in the image, this The second intersection of the tangent and the elliptic curve is obtained, and the symmetry point 2P of the intersection about the X-axis is the position of the ball after a “hitting”, as shown in FIG.

Figure 3 The same point on the ellipse is “plus”
The second “add” operation is also the same as before, and a tangent is made at 2P, and then the intersection of the tangent and the elliptic curve with respect to the X-axis is obtained, and the 3P point is obtained. After n-1 “add” operations, the last point obtained is the end point (after the ball is stopped, the ball is at the last position of the table). For convenience, it is called Q point, so: Q=nP, where Q and P is the point on the coordinate, and n is a constant.
In this encryption system, P and Q are public keys, and n is a private key. Recalling the scene of billiards, the starting position and final position of the ball is equivalent to the public key in the elliptical cryptosystem, and the number of hitting is the number of operations of the coordinate point, that is, the private key. The characteristics of the discrete logarithm problem based on the elliptic curve make it very easy to calculate Q when the private key n is known, but on the contrary, it is difficult to reverse the private key n when P and Q are known.
Another function of the parameter is to adjust the security of this encryption technique. The larger the range of parameters, the more times the parameter can be “added”, and the lower the probability of guessing or calculating the real private key (n). To make the encryption technology more secure.
The encryption algorithm based on the elliptic curve problem is also characterized by high efficiency, high speed and low power, so it is widely used in networks. In fact, the encryption technology used in Bitcoin uses this mechanism.
The principle of cryptography In the blockchain, the information is transmitted according to the asymmetric digital encryption technology such as public key and private key to realize mutual trust between the two parties. Asymmetric encryption is an important part of the blockchain technology system.
The principle of public key private key:
A public key corresponds to a private key, and the public key private key appears in pairs.
In the key pair, everyone knows the public key. If you don’t tell everyone, only you know it is the private key.
The public key is used to encrypt and verify the digital signature; the private key is used to decrypt and generate the digital signature. Generating a digital signature is essentially a private key encryption, which verifies that the digital signature uses the public key to decrypt the private key encrypted ciphertext. It can be summarized as follows: If data is encrypted with one of the keys, only the corresponding key can be decrypted.
If one of the keys can be used to decrypt the data, the data must be encrypted by the corresponding key.
Why use asymmetric encryption?
A website wants to encrypt the transmission. If symmetric encryption is used, there are the following cases:

1. The key of each access user is the same. In this case, the server only needs to save a secret key. Unless your website user is a specific internal user, the user can decrypt the ciphertext with the secret key.
2. The key of each access user is different. In this case, the server needs to store a large number of keys. If the website has hundreds of millions of users, you need to store hundreds of millions of keys, which is costly to maintain.
   If it is asymmetric encryption, the website only needs to save its own private key, and the user can download the website public key at will.

Digital signature: A string of digits that only the sender of the message can produce that cannot be forged by others. This string of digits is also a valid proof of the authenticity of the information sent by the sender of the message. The integrity of a digitally signed file is a process that is easy to verify:
(1) A summary generated by the cryptographic hash function (MD5, SHA, SM3) of the transmitted file
(2) The sender re-encrypts the digest with its own private key, which forms a digital signature.
(3) Pass the original text and the encrypted abstract to the other party at the same time.
(4) The other party decrypts the digest with the sender’s public key, obtains the digest generated by the sender, and simultaneously encrypts the received file with SHA code to generate another digest.
(5) Compare the decrypted digest with the digest generated by the re-encryption of the received file by the recipient. If the two are consistent, the information has not been destroyed or tampered with during the transfer. Otherwise it is not.
Digital signatures ensure that the received documents have not been tampered with and that the identity of the sender is guaranteed. Because the private key produces a digital signature, the private key is not public.
Having said that, write a piece of code to try it out.
/**

• Bestpay.com.cn Inc.
• Copyright © 2011-2018 All Rights Reserved.
  /
  package rsa;
  import java.security.KeyFactory;
  import java.security.KeyPair;
  import java.security.KeyPairGenerator;
  import java.security.MessageDigest;
  import java.security.NoSuchAlgorithmException;
  import java.security.PrivateKey;
  import java.security.PublicKey;
  import java.security.interfaces.RSAPrivateKey;
  import java.security.interfaces.RSAPublicKey;
  import java.security.spec.PKCS8EncodedKeySpec;
  import java.security.spec.X509EncodedKeySpec;
  import java.util.Base64;
  import java.util.HashMap;
  import java.util.Map;
  import javax.crypto.Cipher;
  /*
• @author huyajun
• @version $Id: RSAsecurityTest.java, v 0.1 2018年3月14日 下午6:09:53 huyajun Exp $
  /
  public class RSAsecurityTest {
  public static String PUBLIC_KEY = “pub_key”;
  public static String PRIVATE_KEY = “pri_key”;
  /*

  • BASE64 Decrypt

  • @param key

  • @return

  • @throws Exception
    /
    public static byte[] decryptBASE64(String key) {
    return Base64.getDecoder().decode(key);
    }
    /*

  • BASE64 encryption

  • @param key

  • @return

  • @throws Exception
    /
    public static String encryptBASE64(byte[] key) {
    return Base64.getEncoder().encodeToString(key);
    }
    /*

  • Initialization key pair

  • @return
    */
    public static Map<String, String> initRsaKey() {
    //1.Initialization key
    KeyPairGenerator keyPairGenerator;
    try {
    //1.Initialization key
    keyPairGenerator = KeyPairGenerator.getInstance(“RSA”);
    //Secret key length
    keyPairGenerator.initialize(512);
    //Initialization key pair
    KeyPair keyPair = keyPairGenerator.generateKeyPair();
    //Public key
    RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();
    //Private key
    RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();

     Map<String, String> keyMap = new HashMap<String, String>(2);
     keyMap.put(PUBLIC_KEY, encryptBASE64(rsaPublicKey.getEncoded()));
     keyMap.put(PRIVATE_KEY, encryptBASE64(rsaPrivateKey.getEncoded()));
     return keyMap;
    

    } catch (NoSuchAlgorithmException e) {
    e.printStackTrace();
    }
    return null;
    }
    ///
    /**

  • Public key processing, returning a base64 encoded string

  • @param file

  • @param rsaPublicKeyStr

  • @param model encryption：Cipher.ENCRYPT_MODE；Decrypt：Cipher.DECRYPT_MODE

  • @return Public key processed string, base64 encoding
    */

public static String publicKeyDeal(String file, String rsaPublicKeyStr, int model) {

    try {
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(
            decryptBASE64(rsaPublicKeyStr));
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(model, publicKey);
        byte[] result = cipher.doFinal(decryptBASE64(file));

// must be codec with base64
return encryptBASE64(result);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
/**

• Private key processing, returning a base64 encoded string
• @param file

  • @param rsaPrivateKeyStr

  • @param model encryption：Cipher.ENCRYPT_MODE；Decrypt：Cipher.DECRYPT_MODE

  • @return Private key processed string, base64 encoding
    */
    public static String privateKeyDeal(String file, String rsaPrivateKeyStr, int model) {
    try {
    / / Generate private key
    PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(
    decryptBASE64(rsaPrivateKeyStr));
    KeyFactory keyFactory = KeyFactory.getInstance(“RSA”);
    PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
    Cipher cipher = Cipher.getInstance(“RSA”);
    / / Initialize encryption
    Cipher.init(model, privateKey);
    Byte[] result = cipher.doFinal(decryptBASE64(file));
    / / can not return, new String (result), there will be garbled, resulting in no way to decode
    // must be codec with base64
    return encryptBASE64(result);
    } catch (Exception e) {
    e.printStackTrace();
    }
    return null;
    }
    public static String EncoderByMd5(String str) {
    try {
    MessageDigest md5 = MessageDigest.getInstance(“MD5”);
    byte[] result = md5.digest(str.getBytes(“utf-8”));
    return toHex(result);
    } catch (Exception e) {
    e.printStackTrace();
    }
    return null;
    }
    private static String toHex(byte[] bytes) {
    final char[] HEX_DIGITS = “0123456789ABCDEF”.toCharArray();
    StringBuilder ret = new StringBuilder(bytes.length * 2);
    for (int i = 0; i < bytes.length; i++) {
    ret.append(HEX_DIGITS[(bytes[i] >> 4) & 0x0f]);
    ret.append(HEX_DIGITS[bytes[i] & 0x0f]);
    }
    return ret.toString();
    }
    public static void main(String[] args) {
    Map<String, String> keyMap = initRsaKey();
    String file = “Sweet Orange Finance, Internet Finance Industry Third”;
    // public key encryption, private key decryption, regular usage;
    If (keyMap != null) {
    String str = publicKeyDeal(encryptBASE64(file.getBytes()), keyMap.get(PUBLIC_KEY),
    Cipher.ENCRYPT_MODE);
    System.out.println(“public key to plaintext encryption:” + str);
    String str2 = privateKeyDeal(str, keyMap.get(PRIVATE_KEY), Cipher.DECRYPT_MODE);
    System.out.println(“Private Key to ciphertext decryption:” + new String(decryptBASE64(str2)));

    }
    System.out.println("");
    // private key encryption, public key decryption, get plain text; – digital signature with this reason
    If (keyMap != null) {
    String str = privateKeyDeal(encryptBASE64(file.getBytes()), keyMap.get(PRIVATE_KEY),
    Cipher.ENCRYPT_MODE);
    System.out.println(“Private Key to Plaintext Encryption:” + str);
    String str2 = publicKeyDeal(str, keyMap.get(PUBLIC_KEY), Cipher.DECRYPT_MODE);
    System.out.println(“public key to ciphertext decryption:” + new String(decryptBASE64(str2)));
    }
    System.out.println("");
    //
    // digital signature
    // Production summary
    String md5Str = EncoderByMd5(file);
    System.out.println(“Sender Generated Summary:” + md5Str);
    //2 Encrypt the digest with the private key
    String signStr = privateKeyDeal(encryptBASE64(md5Str.getBytes()), keyMap.get(PRIVATE_KEY),
    Cipher.ENCRYPT_MODE);
    System.out.println(“Sender encrypts the digest with the private key:” + signStr);

    //3 Send original + summary ciphertext (digital signature) to the recipient
    System.out.println(“Receiver receives original and abstract”);
    //4 Receiver decrypts the digest with the public key
    String md5Str_Decrypt = new String(decryptBASE64(publicKeyDeal(signStr,
    keyMap.get(PUBLIC_KEY), Cipher.DECRYPT_MODE)));
    System.out.println(“Receiver decrypts the digest with the public key:” + md5Str_Decrypt);
    //5 Generate a summary of the original text using the same algorithm
    String md5Str2 = EncoderByMd5(file);
    System.out.println(“Receiver generated summary:” + md5Str2);
    //6 Compare the summary of the public key decryption with the abstract generated from the original text
    If (md5Str2.equals(md5Str_Decrypt)) {
    System.out.println(“Digital Signature Verification Successful!”);
    } else {
    System.out.println(“Digital Signature Verification Failed!”);
    }
    }
    }
    The code can be seen: after encrypting with the public key, it can be decrypted with the corresponding private key; conversely, after the private key is encrypted, it can also be decrypted with the corresponding public key.
    The entire digital signature process is a bit more complicated. Java also provides a special signature class that eliminates these cumbersome steps.

code show as below:
/**

• Bestpay.com.cn Inc.

• Copyright © 2011-2018 All Rights Reserved.
  /
  package rsa;
  import java.security.KeyFactory;
  import java.security.KeyPair;
  import java.security.KeyPairGenerator;
  import java.security.NoSuchAlgorithmException;
  import java.security.PrivateKey;
  import java.security.PublicKey;
  import java.security.Signature;
  import java.security.interfaces.RSAPrivateKey;
  import java.security.interfaces.RSAPublicKey;
  import java.security.spec.PKCS8EncodedKeySpec;
  import java.security.spec.X509EncodedKeySpec;
  import java.util.Base64;
  import java.util.HashMap;
  import java.util.Map;
  /*

• @author huyajun

• @version $Id: SignTest.java, v 0.1 2018年4月22日 下午7:29:08 huyajun Exp $
  */
  public class SignTest {

  private static final String PUBLIC_KEY = “PUBLIC_KEY”;
  private static final String PRIVATE_KEY = “PRIVATE_KEY”;
  /**
  *

  • @param args
    /
    public static void main(String[] args) {
    Map<String, String> keyMap = initRsaKey();
    String content = “123”;
    String sign = null;
    try {
    sign = sign(content.getBytes(), keyMap.get(PRIVATE_KEY));
    System.out.println(“Private key signature result：” + sign);
    } catch (Exception e) {
    e.printStackTrace();
    }
    //5.Public key check
    try {
    boolean flag = verify(content.getBytes(), keyMap.get(PUBLIC_KEY), sign);
    System.out.println(“Public key verification digital signature：” + flag);
    } catch (Exception e) {
    e.printStackTrace();
    }
    }
    
    /*

• BASE64 Decrypt

  • @param key
  • @return
  • @throws Exception
    /
    public static byte[] decryptBASE64(String key) {
    return Base64.getDecoder().decode(key);
    }
    /*
  • BASE64 encryption
  • @param key
  • @return
  • @throws Exception
    /
    public static String encryptBASE64(byte[] key) {
    return Base64.getEncoder().encodeToString(key);
    }
    /*
  • Initialization key pair
  • @return
    /
    public static Map<String, String> initRsaKey() {
    //1.Initialization key
    KeyPairGenerator keyPairGenerator;
    try {
    //1.Initialization key
    keyPairGenerator = KeyPairGenerator.getInstance(“RSA”);
    //Secret key length
    keyPairGenerator.initialize(512);
    //Initialization key pair
    KeyPair keyPair = keyPairGenerator.generateKeyPair();
    //Public key
    RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();
    //Private key
    RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();
    Map<String, String> keyMap = new HashMap<String, String>(2);
    keyMap.put(PUBLIC_KEY, encryptBASE64(rsaPublicKey.getEncoded()));
    keyMap.put(PRIVATE_KEY, encryptBASE64(rsaPrivateKey.getEncoded()));
    return keyMap;
    } catch (NoSuchAlgorithmException e) {
    e.printStackTrace();
    }
    return null;
    }
    /*

• Private key signature
  *

  • @param data original file
  • @param privateKey
  • @return
  • @throws Exception
    /
    Public static String sign(byte[] data, String privateKey) throws Exception {
    / / Construct a PKCS8EncodedKeySpec object
    PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(decryptBASE64(privateKey));
    / / Specify the encryption algorithm
    KeyFactory keyFactory = KeyFactory.getInstance(“RSA”);
    / / Take the private key object
    PrivateKey privateKeyObj = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
    / / Use the private key to generate a digital signature on the information
    Signature signature = Signature.getInstance(“MD5withRSA”);// MD2withRSA SHA1withRSA MD5withRSA
    signature.initSign(privateKeyObj);
    Signature.update(data);
    Return encryptBASE64(signature.sign());
    }
    /*
  • Verify digital signature
  • @param data Encrypted data
  • @param publicKey public key
  • @param sign digital signature
  • @return
  • @throws Exception
    /
    Public static boolean verify(byte[] data, String publicKey, String sign) throws Exception {
    / / Construct X509EncodedKeySpec object
    X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(decryptBASE64(publicKey));
    / / Specify the encryption algorithm
    KeyFactory keyFactory = KeyFactory.getInstance(“RSA”);
    / / Generate public key object
    PublicKey publicKeyObj = keyFactory.generatePublic(x509EncodedKeySpec);
    Signature signature = Signature.getInstance(“MD5withRSA”);// MD2withRSA SHA1withRSA MD5withRSA
    signature.initVerify(publicKeyObj);
    Signature.update(data);
    / / Verify that the signature is normal
    Return signature.verify(decryptBASE64(sign));
    }
    }
    The Signature class helps us implement methods for generating digital signatures and verifying digital signatures. It is much easier to use than it is.
    Signature.getInstance(“MD5withRSA”); indicates that MD5 is used for abstracting and RSA is used for encryption and decryption. For the same reason, you can also choose SHA1withRSA. Note that the method for generating signatures and checks is the same.
    MGC TOKEN uses the RSA algorithm. Let’s look at the principle of the RSA algorithm.
    Principle of RSA algorithm
    The RSA algorithm is based on the mathematical fact that the large numbers obtained by multiplying two large prime numbers are difficult to factorize.
    For example, if there is a large prime number p and q, it is easy to calculate N, so that N = p * q,
    But given N, it is more difficult to find p q (no good way, only keep trying)
    This is actually the concept of a one-way function.
    Let’s take a look at the mathematical calculation process:
    Select two large prime numbers p, q and calculate N = p * q and φ ( N ) = φ § * φ (q) = (p-1) * (q-1)
    Three mathematical concepts:
    Prime numbe: Also known as a prime number, in a natural number greater than 1, there are no other factors besides 1 and itself.
    Mutual relationship: If two positive integers, except 1 , have no other common factors, we call these two numbers a coprime.
    φ(N): It is called Euler function, which means that any given positive integer N, and how many of them are in a prime relationship with N among positive integers less than or equal to N.
    If n is a prime number, then φ(n) = n-1.
    If n can be decomposed into the product of two prime integers, φ(n) = φ(p1p2) = φ(p1)φ(p2). The product Euler function is equal to the product of the Euler functions of the various factors.
    Select a number e greater than 1 and less than φ(N) so that e and φ(N) are homogeneous
    e is actually a prime number before 1 and φ(N)
    Calculate d such that de=1 mod φ(N) is equivalent to the equation ed-1 = k φ(N) to find a set of solutions.
    d is called the inverse element of e, and e and φ(N) are mutually primed.
    The modulo element means that if two positive integers a and n are mutually prime, then the integer b must be found such that the remainder of ab divided by n is 1, then b is called the modulo element of a.
    The existence of the model inverse element can be proved according to the Euler’s theorem. The Euler’s theorem means that if n, a is mutually prime, then:
    a^φ(n) ≡ 1(mod n) and a^φ(n) = a * a^(φ(n) - 1), which gives the φ(n)-1 power of a, which is the modulus of a Anti-element.
    (N, e) is encapsulated into a public key, and (N, d) is encapsulated into a private key.
    Assuming m is plaintext, encryption is to calculate ciphertext c:
    m^e mod N = c (plain text m is encrypted with the public key e and the random number N is used to obtain the ciphertext c)
    The decryption is:
    C^d mod N = m (ciphertext c is decrypted with the key and the random number N is used to get the plaintext m)
    Decryption of the private key is provable, and it is not expanded here.
    Encryption step
    Let’s take a look at the steps. For example, let’s say Alice and Bob want to communicate with each other.
    Alice randomly takes large prime numbers P1=53, P2=59, then N=5359=3127, φ(N)=3016
    Take an e=3 and calculate d=2011.
    Only pass N=3127, e=3 as a public key to Bob (public key public)
    Suppose Bob needs to encrypt the plaintext m=89, c = 89^3 mod 3127=1394, so Bob returns c=1394. (public key encryption process)
    Alice can get plaintext m=89 using c^d mod N = 1394^2011 mod 3127. (private key decryption process)
    If the attacker can intercept the public key n=3127, e=3, and ciphertext c=1394, it is still impossible to decrypt the ciphertext without using d.
    Security analysis
    So, is it possible to derive d from the case where n and e are known?
    Ed≡1 (mod φ(n)). Only know e and φ(n) to calculate d.
    φ(n)=(p-1)(q-1). Only know p and q can calculate φ(n).
    n=pq. P and q can only be calculated by decomposing the n factor.
    If n can be factorized, d can be calculated, so RSA security is based on the factorization of N. Factorization of large integers is a very difficult task.
    As long as the key length is long enough, the information encrypted with RSA cannot actually be broken.
    Supplementary modular operation rule
    Modular operation addition and subtraction:
    (a + b) mod p = (a mod p + b mod p) mod p
    (a - b) mod p = (a mod p - b mod p) mod p
    Modular multiplication:
    (a * b) mod p = (a mod p * b mod p) mod p
    Modular operation power:
    a ^ b mod p = ((a mod p)^b) mod p