| ▲ | RSA and Python(xnacly.me) |
| 18 points by ibobev 3 days ago | 10 comments |
| |
|
| ▲ | dfboyd 2 hours ago | parent | next [-] |
| The way the article uses RSA is no better than a simple substitution cipher. Both the "l"s in "hello" are enciphered to 2575. It's a newspaper cryptogram. You're supposed to concatenate all the input numbers, to create a message that has hundreds or thousands of digits; then RSA-encrypt that number. |
| |
| ▲ | hannob 24 minutes ago | parent | next [-] | | > You're supposed to concatenate all the input numbers, to create a message that has hundreds or thousands of digits; then RSA-encrypt that number. That's not how it works... In modern protocols, you don't encrypt at all with RSA. You use a key exchange, and if you use RSA, you only use it as a signature algorithm to initiate the key exchange. If you happen to want to encrypt with RSA, which you usually shouldn't, you first use a padding algorithm (the modern variant of that is called RSA-OAEP) with which you prepare and then encrypt a random key. That key you then use for symmetric encryption. | |
| ▲ | NewsaHackO 44 minutes ago | parent | prev | next [-] | | I thought it was a padding scheme, where you use a moving mask to obscure the plaintext, then encrypt that. Since it's being XOR'ed, adjacent characters will not have the same encryption values anymore. Sort of like using CBC instead of ECB for block ciphers. However, because this article is about the maths with RSA itself, he probably correctly thought it was not relevant to what he was writing about and would just unnecessarily complicate things. | |
| ▲ | pfortuny an hour ago | parent | prev [-] | | And pad! Padding for RSA is like CDM (?) for AES. |
|
|
| ▲ | nayuki 2 hours ago | parent | prev | next [-] |
| I have a different take on the same topic: https://www.nayuki.io/page/java-biginteger-was-made-for-rsa-... My article isn't written as a step-by-step tutorial and doesn't come with example numbers. But mine fills in certain things that xnacly doesn't cover: random prime generation, efficiently calculating the decryption exponent d from (n, e) by using a modular inverse, using modular exponentiation instead of power-then-modulo. By the way for Python, modular exponentiation is pow(x, y, m) (since 3.0), and modular inverse is pow(x, -1, m) (since 3.8, Oct 2019). https://docs.python.org/3/library/functions.html#pow |
|
| ▲ | gmiller123456 2 hours ago | parent | prev | next [-] |
| One of the bigger hurdles in implementing RSA is having an algorithm which can multiply the large numbers in real time. If you try a niave multiplication algorithm, you might find you'll never get an answer. A lot of hardware now comes with special instructions which implement efficient algorithms for doing this. |
| |
| ▲ | MattPalmer1086 2 hours ago | parent [-] | | Sure, you can't use built in multiplication, but it isn't a very big hurdle. Just use repeated squares, it's fairly trivial to implement. I've worked on software that did this on very low power mobile payment devices. | | |
| ▲ | SkiFire13 an hour ago | parent [-] | | Repeated squares is a way to implement exponentiation, not multiplication. | | |
|
|
|
| ▲ | ashwinnair99 2 hours ago | parent | prev [-] |
| RSA is one of those algorithms where understanding it once actually sticks. |
