RSA加密/解密未返回原始消息
[英]RSA encryption / decryption not returning original message
问题描述
beginner here, trying some RSA encryption. 
初学者,尝试一些RSA加密。 I wrote a python code that returns the right message most of the time, but sometimes encryption and decryption don't return the original message. 我编写了一个python代码,该代码通常会返回正确的消息,但有时加密和解密不会返回原始消息。
I though it was some error in my code, but some online resources are also returning error: 我虽然这是我的代码中的某些错误,但是一些在线资源也返回了错误:
http://extranet.cryptomathic.com/rsacalc/index http://extranet.cryptomathic.com/rsacalc/index
https://www.cs.drexel.edu/~jpopyack/IntroCS/HW/RSAWorksheet.html https://www.cs.drexel.edu/~jpopyack/IntroCS/HW/RSAWorksheet.html
The parameters selected are: 选择的参数为:
p = 11 p = 11
q = 269 q = 269
n = 2959 n = 2959
e = 13 e = 13
d = 1237 d = 1237
message = 13355 讯息= 13355
crypt text = 1079 地穴文本= 1079
decrypted = 1519 解密= 1519
Am I missing some kind of limit to RSA? 我是否缺少对RSA的某种限制? Some minimum size of parameters for the text? 一些最小参数的文字?
1 个解决方案
解决方案1
7 2017-07-11 18:56:30
Your modulus ( n ) is 2959. This means that the largest number you can encrypt with this system is 2958. 您的模数( n )为2959。这意味着您可以使用此系统加密的最大数字为2958。
You're attempting to encrypt the number 13355, which is too large. 您正在尝试加密数字13355,该数字太大。 The result you're getting is equal to 13355 mod 2959, which is 1519. 您得到的结果等于13355 mod 2959,即1519。
But why? 但为什么?
The two basic formulae used to implement RSA encryption are as follows: 用于实现RSA加密的两个基本公式如下:
- c = m e (mod n ), and c = m e (mod n ),并且
- m = c d (mod n ) M = C d(MOD N)
where n is the modulus, m is the plaintext, c is the encrypted ciphertext, e is the public encryption exponent, and d is the private decryption exponent. 其中n是模数, m是明文, c是加密的密文, e是公共加密指数, d是私有解密指数。 Since all the arithmetic is performed modulo n , the values of c in Eq. 由于所有算术均以n为模执行,因此等式中c的值。 1 and m in Eq. 1和m在等式中 2 must be less than n . 2必须小于n 。
What if m is larger than n ? 如果m大于n怎么办? Well, in this case we can make the substitution m = m 0 + kn , where k is some integer value. 好吧,在这种情况下,我们可以使替换m = m 0 + kn ,其中k是某个整数值。 From this we get: 由此我们得到:
c = m e (mod n ) = ( m 0 + kn ) e (mod n ) c = m e (mod n )=( m 0 + kn ) e (mod n )
If you expand the term ( m 0 + kn ) e , you'll end up with an expression like the following: 如果扩展( m 0 + kn ) e项 ,最终将得到如下表达式:
( m 0 + kn ) e = ( m 0 ) e + a 0 ( m 0 ) e −1 ( kn ) + a 1 ( m 0 ) e −2 ( kn ) 2 + a 2 ( m 0 ) e −3 ( kn ) 3 + ... + ( kn ) e ( m 0 + kn ) e =( m 0 ) e + a 0 ( m 0 ) e -1 ( kn )+ a 1 ( m 0 ) e -2 ( kn ) 2 + a 2 ( m 0 ) e -3 ( kn ) 3 + ... +( kn ) e
where the coefficients a 0 , a 1 etc. are binomial coefficients . 其中系数a 0 , a 1等是二项式系数 。 This looks complicated, but since every term with an n in it is equal to zero (mod n ), we're left with m e (mod n ) ≡ ( m 0 ) e (mod n ). 这看起来很复杂,但是由于其中每个带有n的项都等于零(mod n ),因此剩下的是m e (mod n )≡( m 0 ) e (mod n )。 In other words, the result of attempting to encrypt a value greater than or equal to n is identical to the result of encrypting that number modulo n . 换句话说,尝试对大于或等于n的值进行加密的结果与对该数字取模n的加密结果相同。 So when you thought you were encrypting the number 13355, you were actually encrypting 13355 mod 2959. 因此,当您以为要加密数字13355时,实际上是在加密13355 mod 2959。
Usually this isn't a problem; 通常这不是问题; RSA is generally used to encrypt symmetric keys for use with ciphers like AES, so 2048 bits is more than enough. RSA通常用于对对称密钥进行加密,以与AES等密码一起使用,因此2048位就足够了。 If you really have to somehow encrypt a value ≥ n , you can use multiple messages. 如果你真的必须以某种加密值≥N,则可以使用多条消息。 For example, in base 2959, the number 13355 has two "digits" — the first one is 4, and the second is 1519. These numbers could be recombined at the receiving end (4 * 2959 + 1519 = 13355). 例如,在基数2959中,数字13355有两个“数字”,第一个是4,第二个是1519。可以在接收端重新组合这些数字(4 * 2959 + 1519 = 13355)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.