comSec作业三 RSA

9.1

由于 ed mod= 1 mod入(n), 所以 ed = k入(n) + 1

由于 入(n) = LCM(p-1,q-1)

所以 p-1|入(n), q-1|入(n), 即 入(n) = $k_0(p-1)=k_1(q-1)$

那么有 ed = $k{k}_0(p-1)+1=k{k}_1(q-1)+1$

由于费尔马小定理，可得 $(a^{p-1}{)}^k$
故 $m^{ed-1}$ 模 p 余 1， 模 q 余1 同理

可得 $m^{ed}$ 模 pq 余 m

9.2

a.

N = p*q = 21; $\varphi (N)=\varphi (pq)=2\ast 6=12$;

由拓展欧几里得定理，欲求 ed mod $\varphi (N)$ 同余 1,

| 0 1 12 |

| 1 0 5 |

|-2 1 2 |

|5 -2 1 |

可得 d = 5;

则 EN:

C =$M^e$ = $10^5$mod 21 = 19;

D:

M = $C^d$ = $10^5$ mod 21 = 10;

b.

N = 5 * 13 =65, $\varphi (N)$ = 4 * 12 = 48;

| 1 0 48 |

| 0 1 5 |

| 1 -9 3 |

|-1 10 2 |

| 2 -19 1 |

d = -19 = 29;

$C=M^e=8^5=8^{101_2}$

for( k = 2 )
	c = 0 * 2, d= 1 * 1

		[b_k == 1]: c = 0+2 = 1, d = 1 * 8 = 8;
( k = 1 )

	c = 1 * 2 = 2, d = 8 * 8 = 64 = -1;
( k = 0 )

	c = 2 * 2, d = 1

		[b_k == 1]: c = 4 + 1 =5, d = 1 * 8;
return d = 8;

得 C = 8；

那么解密 $M=C^d=8^{29}=8^{11101_2}$

for(k = 4)
    c = 0 * 2, d = 1 * 1;
	[b_k == 1]: c = 0 + 1 = 1, d = d * 8;
(k = 3)
	c = 1 * 2 = 2, d = 8 * 8 = -1;
	[b_k == 1]: c = 2 + 1 = 3, d = d * 8 = -8;
(k = 2)
	c = 2 * 3 = 6, d = -8 * -8 = 1;
	[b_k == 1]: c = 6 + 1 = 7, d = d * 8 = 8;
(k = 1)
	c = 7 * 2 = 14, d =  8 * 8 = -1;
(k = 0)
	c = 14 * 2 = 28, d = -1 * -1 = 1;
	[b_k == 1]: c = 28 + 1, d = 1 * 8  = 8;

解密得到 M = 8。

c.

N = 7 * 17 = 119， $\varphi (N)$ = 6 * 16 = 96;

| 1 0 96 |

| 0 1 11 |

| 1 -8 8 |

|-1 9 3 |

| 3 -26 2 |

|-4 35 1 |

d = 35;

$C=M^e=11^{11}=11^{1011_2}$

for(k = 3)
    c = 0 * 2 = 0, d = 1 * 1 = 1;
	[b_i == 1]: c = 0 + 1 = 1, d = d * a = 11;
(k = 2)
	c = 1 * 2 = 2, d = 11 * 11 = 121 = 2;
(k = 1)
	c = 2 * 2 = 4, d = 2 * 2 = 4;
	[b_i == 1]: c = 4 + 1 = 5, d = 4 * 11 = 44;
(k = 0)
	c = 5 * 2 = 10, d = 44 * 44 = 44 * 11 * 4 = 176 * 11 = 57 * 11 = 32;
	[b_i == 1]: c = 10 + 1 = 11, d = d * a = 32 * 11 = 114;
return d = 114;

得 C = 114；

解密 $M=C^d=114^{35}=114^{100011_2}$

for(k = 5)
    c = 0 * 2 = 0, d = 1 * 1 = 1;
	[b_i == 1]: c = 0 + 1 = 1, d = d * a = 114;
(k = 4)
	c = 1 * 2 = 2, d = d * d = 114 * 114 = 25;
(k = 3)
	c = 2 * 2 = 4, d = d * d = 25 * 25 = 6 * 5 = 30;
(k = 2)
	c = 4 * 2 = 8, d = d * d = 30 * 30 = 31 * 6 = 67;
(k = 1)
	c = 8 * 2 = 16, d = d * d = 67 * 67 = 86;
	[b_i == 1]: c = 16 + 1 = 17, d = 86 * 114 = 46;
(k = 0)
	c = 17 * 2 = 34, d = 46 * 46 = 93;
	[b_i == 1]: c = 34 + 1 = 35, d = 93 * 114 = 11;
return d = 114;

解得 C = 11, 解密成功

d.

N = p * q = 7 * 13 = 91, $\varphi (N)=6\ast 12=72$

| 1 0 72 |

| 0 1 11 |

| 1 -6 6 |

|-1 7 5 |

| 2 -13 1 |

可得 d = -13 mod 72 = 59

加密 $C=M^e=2^{11}=2^{1011_2}$

for(k = 3)
    c = 0 * 2, d = 1 * 1;
	[b_k == 1]: c = 0 + 1 =1, d = 1 * 2 = 2;
(k = 2)
	c = 1 * 2 = 2, d = 2 * 2 = 4;
(k = 1)
	c = 2 * 2 = 4, d = 4 * 4 = 16;
	[b_k == 1]: c = 4 + 1 = 5, d = 16 * 2 = 32;
(k = 0)
	c = 5 * 2 = 10, d = 32 * 32 = 23;
	[b_k == 1]: c = 10 + 1 = 11, d = 23 * 2 = 46;
return d;

得 C = 46；

解密 $M=C^d=46^{59}=46^{111011_2}$

for(k = 5)
    c = 0 * 2, d = 1 * 1;
	[b_k == 1]: c = 0 + 1 =1, d = 1 * 46 = 46; 
(k = 4)
	c = 1 * 2 = 2, d = 46 * 46 = 23;
	[b_k == 1]: c = 2 + 1 = 3, d = 23 * 46 = 57;
(k = 3)
	c = 3 * 2 = 6, d = 57 * 57 = 64;
	[b_k == 1]: c = 6 + 1 = 7, d = 64 * 46 = 32;
(k = 2)
	c = 7 * 2 = 14, d = 32 * 32 = 23;
(k = 1)
	c = 14 * 2 = 28, d = 23 * 23 = 74;
	[b_k == 1]: c = 28 + 1 = 29, d = 74 * 46 = 37;
(k = 0)
	c = 29 * 2 = 58, d = 37 * 37= 4;
	[b_k == 1]: c = 58 + 1 = 59, d = 4 * 46 = 2;
return d = 2;

解得 M = 2, 解密成功；

e.

N = p * q = 17 * 23 = 391, $\varphi (N)=16\ast 22=352$

| 1 0 352|

| 0 1 9 |

| 1 -39 1 |

可得 d = 313;

M = $7^9=7^{1001_2}$

C = 61;

$M=C^d=61^{313}$

解密正确。

9.3

$\varphi (n)=6\ast 10=60$

| 1 0 60 |

| 0 1 13 |

| 1 -4 8 |

| -1 5 5 |

| 2 -9 3 |

| -3 14 2|

| 5 -23 1

可得 d = -23 = 37

可得到 M = 48

9.4

n = 2881 = 43 * 67; 则 $\varphi (n)=2772$

由欧几里得算法可得 d = 725;

故私钥为 PRK = (725, 2881)