I'm busy with the RSA-encryption algorithm. I figured out why $0≤C≤25$ and $ ∈ {2,3,...,m−2}$ But I can't find why $ ∈ {2, 3, ... , ( − 2)}$ in the RSA-encryption algorithm with $C≡P^e(modn)$?
Asked
Active
Viewed 156 times
0
-
Could you link to a reference with expanded terminology? – Badam Baplan Nov 27 '17 at 02:05
-
1no, just found it in a presentation of my maths teacher – WinstonCherf Nov 27 '17 at 02:09
-
I mean, is C the ciphertext here... P the message post padding process? etc – Badam Baplan Nov 27 '17 at 02:23
-
Yes, P is plaintext, C is ciphertext – WinstonCherf Nov 27 '17 at 02:30
-
The $0 \leq C \leq 25$ constraint is not for RSA: at least, not usually. For the part of the question that is relevant to RSA, I'm a bit skeptical about the $\varphi(n-2)$ upper bound. Usually, in RSA key generation the upper bound is $\varphi(n)$ and $\varphi(n-2)$ may be larger than $\varphi(n)$. For instance, $\varphi(21)=12<18=\varphi(19)$. As noted below, the mandatory condition is $\gcd(\varphi(n),e)=1$, and many implementations use $e=2^{16}+1=65537$, which is prime and not too large. If that $e$ divides $\varphi(n)=(p-1)(q-1)$ new $p$ and $q$ are chosen. – Fabio Somenzi Nov 28 '17 at 04:13
1 Answers
0
This is not needed, it is just common sense. Why would make $e$ larger than necessary? Even your range can made smaller if you use the Carmichael function $\lambda(n),$ see Wikipedia or RFC 8017.
What you really need is $\gcd(\varphi(n),e)=1$ in order to compute the decryption exponent with $e d \equiv 1 \bmod{\varphi(n)}$
gammatester
- 18,827