Decrypting a string using RSA

Question

the scenario is as follows: I am asked to implement a decryption algorithm in Javascript to decrypt a string that was encoded using RSA with the following algorithm:

1. Convert the string to some list of integers (4 chars to 1 integer) we call this list u[].
2. Apply this operation for all elements in u[]: e[i] = RSA((u[i]-e[i-1]) mod n), e[-1] = 0
3. Then we get the encrypted list of integers e[].

A textual description of step 2: We encrypt the first element, subtract the encrypted first element from the second element. Then we do (modulo n) and then encrypt the result. And the process continues for the rest of the numbers.

Now the problem is the decryption part. I have been stuck at this part for hours!

I worked with the equation, with the goal of making u[n] the subject:

e[i] = RSA((u[i]-e[i-1]) mod n) -- (1)

We know:

RSA(x) = x^e mod n -- (2) 
RSA'(x) = x^d mod n -- (3)

So, from (1) and (3)

RSA'(e[i]) = (u[i]-e[i-1]) mod n
RSA'(e[i]) + k*i + e[i-1] = u[i]

Then i am kind of stuck, because we do not know k.

So, i tried again:

RSA'(e[i]) = (u[i]-e[i-1]) mod n
(e[i])^d mod n = (u[i]-e[i-1]) mod n

That seems to go no where too...

Answer 1

The second step doesn't make much sense, shouldn't it be:

e[i] = RSA((u[i]-e[i-1]) mod n), e[-1] = 0

That is, the modulus is independent of the index. It doesn't make much sense because to get e[0] you would have to calculate something modulo 0 (equally nonsensical as dividing by zero), and for e[1] you have to calculate something modulo 1 and the result of that is always 0.

Furthermore, if n is the RSA modulus, for the plain text you have 0 <= u[i] < n . This means that the second step in reverse is just

u[i] = (RSA'(e[i]) + e[i-1]) mod n