RSA Algorithm Example

Choose p = 3 and q = 11 Compute n = p * q = 3 * 11 = 33 Compute (n) = (p - 1) * (q - 1) = 2 * 10 = 20 Choose e such that 1 < e < (n) and e and n are coprime. Let e = 7 Compute a value for d such that (d * e) % (n) = 1. One solution is d = 3 [(3 * 7) % 20 = 1] Public key is (e, n) => (7, 33) Private key is (d, n) => (3, 33) The encryption of m = 2 is c = 27 % 33 = 29 The decryption of c = 29 is m = 293 % 33 = 2

Digital Signature and Encryption Example This web page is intended to provide an idea of the steps needed to digitally sign and encrypt messages. I used openssl to do the work.

Juliet's Message Juliet wants to send the following message to Romeo:

O Romeo, Romeo! wherefore art thou Romeo? Deny thy father and refuse thy name; Or, if thou wilt not, be but sworn my love, And I'll no longer be a Capulet.

Digital Signatures Juliet wants to make sure that Romeo knows that the message came from her and no one else. To do this, Juliet needs to create a digest and sign it. To create a digest, Juliet uses a cryptographic hash function to convert the message into an ID number. It is supposed to be very difficult to create an alternative message with the same ID number. This is the ID number/digest for her message:
MD5(romeo-message)= 4b01c786b36b9a6e281deceaad86374e

Now to sign the digest, Juliet needs a secret private key that one else knows. Here is Juliet's private key:
-----BEGIN RSA PRIVATE KEY----MIIBOgIBAAJBAKkbSUT9/Q2uBfGRau6/XJyZhcF5abo7b37I5hr3EmwGykdzyk8G SyJK3TOrjyl0sdJsGbFmgQaRyV+DLE7750ECAwEAAQJAESwLKa1dCAmW4uvwXuQh

xGk2kuoAWX/1l3tRGoXiYgO4O0/BjHNNwiAQF1q6q6nQ89SPKwA1/gpw5lOhMDhA AQIhANWKs6T6e/FO7MTth4j5KTaPAoq8Xqp/0zGtzJzFD0sBAiEAyrrT4osEDa6t NrlbdGHmIohnLGu550nVhXg4+8ql3EECIFXcSjUonhM9p8fatedmP6L3R49fBDVL 5jAQcLgMKAUBAiApOnV8zOi2H5/6URfYQ1CaFUNmNUJJVyqlSh3MlxnEAQIhAILN /Oqz6uYzMmgEtP74B+vuI7yRB35TT1VQbgel6pLC -----END RSA PRIVATE KEY-----

To verify her signature, Juliet needs to publish her public key so that it is available to everyone.
-----BEGIN PUBLIC KEY----MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKkbSUT9/Q2uBfGRau6/XJyZhcF5abo7 b37I5hr3EmwGykdzyk8GSyJK3TOrjyl0sdJsGbFmgQaRyV+DLE7750ECAwEAAQ== -----END PUBLIC KEY-----

Using her private key, Juliet signs the digest. The combination of her message and her signature (which is long because of "padding") is:
MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="----714A286D976BF3E58D9D671E37CBCF7C" This is an S/MIME signed message ------714A286D976BF3E58D9D671E37CBCF7C O Romeo, Romeo! wherefore art thou Romeo? Deny thy father and refuse thy name; Or, if thou wilt not, be but sworn my love, And I'll no longer be a Capulet. ------714A286D976BF3E58D9D671E37CBCF7C Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIB6gYJKoZIhvcNAQcCoIIB2zCCAdcCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3 DQEHATGCAbYwggGyAgEBMIGcMIGOMQswCQYDVQQGEwJVUzEOMAwGA1UECBMFVGV4 YXMxFDASBgNVBAcTC1NhbiBBbnRvbmlvMQ0wCwYDVQQKEwRVVFNBMQswCQYDVQQL EwJDUzEXMBUGA1UEAxMOYWkuY3MudXRzYS5lZHUxJDAiBgkqhkiG9w0BCQEWFWp1 bGlldEBhaS5jcy51dHNhLmVkdQIJAMvyApGmAWbKMAkGBSsOAwIaBQCggbEwGAYJ KoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDcwMjEyMjI1 ODU4WjAjBgkqhkiG9w0BCQQxFgQUdBfDe/KmnhmYA9DILxfq/zKlvwEwUgYJKoZI hvcNAQkPMUUwQzAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcN AwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEQFbJ +8cZivvgvrjj8l1QbK2o7gWdWBM9yav6NJR2eBVj3hKGaKQ+7JNbygcqtVcMDIo1 jSpsZas33BvhocwGOqs= ------714A286D976BF3E58D9D671E37CBCF7C--

Encryption At this point, anyone who received Juliet's message to Romeo can use Juliet's public key to verify that Juliet created the message. However, Juliet might only want Romeo to read and verify her message. To accomplish this, Juliet needs to use Romeo's public

key to encrypt the message. Of course, because Romeo wants to use public-key cryptography in order to receive secret, digitally-signed messages from Juliet, he has also published his public key.
-----BEGIN PUBLIC KEY----MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKiJh05asQ4lF7oJQtBxK9zBAyO5iE1n 5+S4zIA9RUsIw6+HZJmd2k1O3SdWVotAnwI3orclEksnt4wEoL1E39ECAwEAAQ== -----END PUBLIC KEY-----

Juliet uses this key to encrypt her message. This ensures that only Romeo (well, actually, anyone who has Romeo's private key) can read the message. Because her signature is part of the message, Romeo will know that the message came from her. Here is Juliet's signed and encrypted message:
MIME-Version: 1.0 Content-Disposition: attachment; filename="smime.p7m" Content-Type: application/x-pkcs7-mime; smime-type=enveloped-data; name="smime.p 7m" Content-Transfer-Encoding: base64 MIIGlQYJKoZIhvcNAQcDoIIGhjCCBoICAQAxggEEMIIBAAIBADCBqTCBmzELMAkG A1UEBhMCVVMxDjAMBgNVBAgTBVRleGFzMRQwEgYDVQQHEwtTYW4gQW50b25pbzEN MAsGA1UEChMEVVRTQTEZMBcGA1UECxMQQ29tcHV0ZXIgU2NpZW5jZTEXMBUGA1UE AxMOYWkuY3MudXRzYS5lZHUxIzAhBgkqhkiG9w0BCQEWFHJvbWVvQGFpLmNzLnV0 c2EuZWR1AgkAoptFaT8fxecwDQYJKoZIhvcNAQEBBQAEQIZ0kPgRARoHzrskKCjB tAv72y1IsRo/QTA/mVf7FJilBolgLdeuLYcrD2F0xzHp5ESPrHnBV1oUXozyHtHQ E3AwggVzBgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECMEIukgSyfAJgIIF SLaH9S7XlajFEZD87vi1ihBmLW74CrFzlfPMbpV+EjoTUIH1oDMEv5LxY3SeyEUo BEcTE7f3w9e8X1Htq3cPXmAzyuEXW0uoL5VlZuWTyMta2SJMZ/WYsalXVLr/6Fei Z7G9UDjmRDw3/Y22dxwN/9iAxpC995aZizYHm++hrjgd9mplxPLThT6qiWMrpfUK SMUVUFCE3pU2ELSvKtMrxFas9LJFVPXbTL/lceL0014QKHG8N3QMc9Ls8kwlkvDq wZDNDmZCHJVJI4SOqFbZVErFF4RQkf9ttzf1oYncb2mu7mi2J9hNhQ22jxNVxbkw x19g10jZItwPVRHhmQ2uPw8jpDcYvsMvjAPQf+SBUdjDNjznfDiXsmhBFNzI+GJN MEpE2lchFa7U4qd85ty/JidfG6/WAasXJdt7hpj689FDfZ91l+zeCLxuHsFI8tDa s4JbQtKyOMMt/9ml4q0baXxHQ9OU/Z/UZA8K+noBP9xcr7h6Vt3lYXHkgrA3Xp0M iptFtEaNkRcFJkUcql38em3rduT3Z1+yVFsLUoP6ZHm86cGbjqpc+V1Fwc0kxjZy X4KmIWWGrbBGIqKmmb39VayMxUqhc20uLlbW8mldRLSLL09Epa4nw6WYXSBd5uR+ j7N7g/LibrcQwfkFGpLXRDFTXgugg/5LXZiFi6UUMV3Yq2ax2uvfPB4Y0f8182XN 96lo37gUZqcIBSa4Cj8NiRPcZogOhjHPJatFS36QZHDdesh6cuMvIuaOIF2BN2+c /uJ8Fy8iyTmI2Sq8ow4Ic/bOv2HIm9MQocql4ObkHRZTHcqfoKtlfFILAaZtZHl9 25RnQ6WjxFoQ0DBWUQ7F5QKRG/tOxf+9pWYBSB/kUGeLw9rVMuBlRyhTEFTaqONO QAgvQmpzMC1UQb7MjmOA9DTWqJhnvzJtryoUdoOIyRuvZXddqtny4MfyA6iFl3WB einncyHydyjGaUHJ0SE0p9rH8s4MbwTMfMocnLFYosZBMhOz0iVNhLqom2nha4Fr f4wP6yl1CeuOh6VEb6w/qrzPoCOPhAijTKxii9TCkOY1qxRSrVbSSgEgeTdgdqgA JUIZzFGTFmwWr+l7adyoQfKH1XWB8gfpbeHFovPiePqOV1dRo/CFW9uAxQpMIfa8 D29Vl6CsE8BHi6/1ELuD9yFGuz7GGmERW+eYRNCgfjEdkKuulGImTk4c+dM2CSaZ PmPQFSo3s/tbWbYH9EX342g1jkHQAmaLbBoDxVF5jMqPS2k2mickJYasdJjat5KK ujUvpzJitFDYGb849U6v9tjw7ko/CXcJjg1booDzo9QY2x5muBJBHpO+0Hgd3Ett n/6kb+Ek876hu8vUKKEHflfH5aY8hcmN7aEvmLwzRoqSUb26/mwZxM//+QP8o9XH t4CO2PMAa33INYLk92IP112uH9Q/AT4t8fhN9lW1GnJIeQxEkrJZowwiPeeO6HEB dzke8I+XTkUsKLyDZvIsq/IcqmeNejCvzBRTA3INuH9usw/JFFL/YCD+2yRe2BZU 8HDldASRjRQi31VknrV2SOp0oKPaAxHUBj2cvX2sPfqpDIkH839LGN6kZas18lOV uml7/hald3REGuE3VOVzwbG18hUuiC7QxnR2bYHFqc9WiG/lSAYJk3h6/JF/OmBj

ETOulHdiWv3G+gSU4jFh/xHrxfE2Ix4cJ7GEZRLgAEUYzKXQDzWhsZ4+wfpAkO5G 0FaVsMUndINhayRTvdFgtaQLgXujH+nKdS53N5PHFts1/c6R41P9m0m4YiKI24My j7PRu11lAGl3

To reverse this process, Romeo uses his private key to decrypt the message and then uses Juliet's public key to verify the signature. PKI For these techniques to work in general, a public key infrastructure is needed that maintains a database of public keys and ensures the identity of the owners of the public keys. Currently, digital certificates (which include public keys and signatures), such as used for online shopping, are verified by keeping a list of trusted certificate authorities on your computer (i.e., a digital certificate for each one), which are then used to vertify the digital certificates from the web sites.