Skip to main content
IBM 
ShopSupportDownloads
IBM HomeProductsConsultingIndustriesNewsAbout IBM
IBM : developerWorks : Security : Education - online courses
Introduction to cryptology: Pt. 2		Download tutorial zip fileView letter-sized PDF fileView A4-sized PDF fileE-mail this tutorial to a friend
Main menuSection menuGive feedback on this tutorialPreviousNext
3. Public-key encryption
  


How RSA works, part 2 page 3 of 14


The actual operations involved in RSA are remarkably simple, and are elementary ("elementary" in mathematics refers to methods or proofs that use only integers). To generate an RSA key pair, you must first select two primes, p and q, of the same approximate magnitude. In practice, these primes are selected by choosing random large odd numbers and eliminating composites by iterating probabilistic "primality" tests. Several such tests exist that will, on each iteration, have an X% probability of detecting a composite number (for the better tests, X > 80%). Repeating the test numerous times can eliminate composites with an arbitrarily good guarantee of correctness. The basic math of RSA does not depend on the size of p and q, but to make it secure practically, you want p and q to both be 100-200 digits long, or longer.

Several calculations are made once p and q are chosen. Schneier (see Resources), or another more extended treatment, explains the mathematical grounds in more detail; for now we just show what is calculated. First we calculate n = p * q. Next we select an exponent e that is relatively prime to (p-1) * (q-1). Common choices for e are 3, 17, and 2^16+1 (i.e., 65537) (each of these has only two 1 digits in their binary representation, which speeds exponentiation in practice). After this, we create a decryption key d such that: 


		    (e * d) mod ((p-1)*(q-1)) = 1

Or, in other words:


		    d = e^-1 mod ((p-1)*(q-1))

Main menuSection menuGive feedback on this tutorialPreviousNext
PrivacyLegalContact