The program implements a simple version of the RSA cryptosystem in Python. The application has a command-line interface. It offers functionality for generating (both public and private) keys and using them to encrypt and decrypt messages.
Poetry is used for managing dependencies and the commands for various tasks are handled by Invoke.
Multiple different algorithms are implemented. Together they form a working program.
The following algorithm is used to generate the public and the private key. All functionality is implemented in the file src/functions/keygen.py.
- Choose a desired key length
- Should be a power of two, usually
$2^{10} = 1024$ ,$2^{11} = 2048$ or$2^{12} = 4096$ - This application uses 1024 bit keys
- Greater key length permits longer messages and offers stronger encryption but key generation will take longer
- Should be a power of two, usually
- Choose two distinct prime numbers,
$p$ and$q$ - These values are to be kept secret and disposed of after key generation
- The bit length of each should be half the key length chosen in step 1
- Large prime numbers can be found efficiently using the Miller-Rabin test
- Calculate
$n = pq$ -
$n$ is the modulus, used for both keys -
$n$ is made public - The bit length of
$n$ should match the key length chosen in step 1
-
- Calculate
$\phi(n) = (p-1)(q-1)$ - The value will be kept secret and forgotten after key generation
- Choose an integer
$e$ , so that$e$ and$\phi$ are coprime and$1 < e < \phi$ - Usually
$2^{16} = 65537$ is a good choice and my implementation also uses this value
- Usually
- Calculate
$d$ -
$d$ can be calculated using the extended Euclidean algorithm -
$d$ is the exponent part of the private key and should not be published anywhere
-
To summarize:
- The public key is made of the modulus
$n$ and the encryption exponent$e$ - The private key consists of
$n$ and the decryption exponent$d$
As the values
The application generates random prime numbers in the following way.
- Get a random odd integer
$n$ with a desired bit length- The Python secrets module is used for reliable random number generation
- If the number yielded by the generator is even, one is added to make it odd
- Use the Miller-Rabin algorithm to test for primality
- 64 rounds are used in this application
- The value is arbitrary, but high enough
- 64 rounds are used in this application
- Return
$n$ if the test is passed, otherwise go to step 2
All functionality is implemented in the file src/functions/crypt.py.
A message can be encrypted with the following procedure.
- Enter a plaintext message
- Convert the message into an integer
- Conversion is done using the custom CharacterMap object, see below
- Encrypt the message
- The message can be encrypted by calculating
$c \equiv m^{e}$ (mod$n$ ), where-
$c$ is the encrypted ciphertext -
$m$ is the plaintext to be encrypted -
$e$ is the public encryption exponent -
$n$ is the modulus
-
- The message can be encrypted by calculating
A message can be decrypted with the following procedure.
- Enter the decrypted message
- In the context of this program, the message is stored in memory
- Decrypt the message
- The message can be decrypted by calculating,
$c^{d} \equiv (m^{e})^{d} \equiv m$ (mod$n$ ) where-
$c$ is the encrypted ciphertext -
$m$ is the original plaintext -
$e$ is the public encryption exponent -
$d$ is the private decryption exponent -
$n$ is the modulus
-
- The message can be decrypted by calculating,
- Convert the decrypted message into a string
- Conversion is done using the custom CharacterMap object, see below
CharacterMap is a custom data structure that is used to map characters into corresponding order numbers and vice versa. It works in a similar way to Python's built-in ord() and str() functions. It is needed to convert string to integers for encryption and decryption. CharacterMap offers only a limited set of characters, but it permits longer messages to be encrypted. The implementation can be found in the file src/utils/character_map.py.
The integer-character value pairs are stored in a dictionary in the file src/utils/characters.py. It has the followings contents, meaning only these characters are supported by the application.
The character set is a subset of the ASCII encoding standard.
| # | char | # | char | # | char |
|---|---|---|---|---|---|
| 10 | a | 40 | A | 70 | 0 |
| 11 | b | 41 | B | 71 | 1 |
| 12 | c | 42 | C | 72 | 2 |
| 13 | d | 43 | D | 73 | 3 |
| 14 | e | 44 | E | 74 | 4 |
| 15 | f | 45 | F | 75 | 5 |
| 16 | g | 46 | G | 76 | 6 |
| 17 | h | 47 | H | 77 | 7 |
| 18 | i | 48 | I | 78 | 8 |
| 19 | j | 49 | J | 79 | 9 |
| 20 | k | 50 | K | 80 | ! |
| 21 | l | 51 | L | 81 | % |
| 22 | m | 52 | M | 82 | & |
| 23 | n | 53 | N | 83 | ( |
| 24 | o | 54 | O | 84 | ) |
| 25 | p | 55 | P | 85 | * |
| 26 | q | 56 | Q | 86 | + |
| 27 | r | 57 | R | 87 | , |
| 28 | s | 58 | S | 88 | - |
| 29 | t | 59 | T | 89 | . |
| 30 | u | 60 | U | 90 | / |
| 31 | v | 61 | V | 91 | : |
| 32 | w | 62 | W | 92 | ; |
| 33 | x | 63 | X | 93 | < |
| 34 | y | 64 | Y | 94 | > |
| 35 | z | 65 | Z | 95 | = |
| 36 | å | 66 | Å | 96 | ? |
| 37 | ä | 67 | Ä | 97 | @ |
| 38 | ö | 68 | Ö | 98 | _ |
| 39 | 69 | " | 99 | € |
Python supports very large integer out of the box, so there was no need to implement any data structures to hold large values.
See the testing document for more details.
All documentation can be found in the documentation directory. The contents of htmlcov are generated by the coverage command. The only relevant file there is index.html and it should be opened in a web browser to inspect the test coverage. The directory src contains the source code of the program, including automated tests. The file index.py is the entry point and the file app.py contains the main application loop logic and user interface code.
As the project is managed by Poetry, the directory contains the configuration files poetry.lock and pyproject.toml. They are needed to install dependencies. See the user manual for instructions. The file tasks.py is used by the dependency Invoke, which is used to define commands for Poetry. And as expected, README.md contains relevant information about the repository and is displayed on the project's GitHub page.
The project has the following file structure. Ignored or generated files and directories are not listed here.
├── documentation
│ ├── misc
│ │ ├── results.txt
│ ├── reports
│ │ ├── week1.md
│ │ ├── ...
│ │ └── week6.md
│ ├── guide.md
│ ├── hours.md
│ ├── implementation.md
│ ├── specification.md
│ └── testing.md
├── htmlcov
│ ├── ...
│ ├── index.html
│ └── ...
├── src
│ ├── functions
│ │ ├── __init__.py
│ │ ├── crypt.py
│ │ └── keygen.py
│ ├── tests
│ │ ├── functions
│ │ │ ├── __init__.py
│ │ │ ├── crypt_test.py
│ │ │ └── keygen_test.py
│ │ ├── utils
│ │ │ ├── __init__.py
│ │ │ └── character_map_test.py
│ │ └── __init__.py
│ ├── utils
│ │ ├── __init__.py
│ │ ├── characters.py
│ │ ├── character_map.py
│ │ └── commands.py
│ ├── app.py
│ ├── console_io.py
│ ├── index.py
│ └── performance.py
├── .coveragerc
├── .gitignore
├── .pylintrc
├── .python-version
├── poetry.lock
├── pyproject.toml
├── README.md
└── tasks.py
The program could still be expanded and improved. Here are some ideas for functionality to be implemented at a later date:
- Graphical user interface
- Improved command-line interface using a CLI library
- Padding
- Customizable key length
- Message signing
- Writing to and reading the keys from a file
- Writing to and reading messages from a file
The following sources have been used in the development process.
- ASCII Code (n.d.) | ascii-code.com
- Coprime integers (n.d.) | wikipedia.org
- Euclidean algorithm (n.d.) | wikipedia.org
- Euclidean division (n.d.) | wikipedia.org
- Extended Euclidean algorithm (n.d.) | brilliant.org
- Extended Euclidean algorithm (n.d.) | wikipedia.org
- Miller–Rabin primality test (n.d.) | rosettacode.org
- Miller-Rabin primality test (n.d.) | wikipedia.org
- Public Key Cryptography: RSA Encryption Algorithm (2012) | Art of the Problem on youtube.com
- RSA (cryptosystem) (n.d.) | wikipedia.org
- RSA - bitlength of p and q (2012) | Mark Dickinson on stackoverflow.com
- RSA and prime-generator algorithms (2010) | Thomas Pornin on stackoverflow.com
- RSA Encryption (n.d.) | brilliant.org