Understanding Encryption: From Simple Stories to Diffie‑Hellman and RSA

1. Encryption Basics

Encryption combines a plaintext message with a secret key to produce ciphertext. Only parties that know the key can recover the original data.

2. Keys

A key is a secret value used during encryption and decryption. In symmetric cryptography the same key is used for both operations; in asymmetric cryptography a public key encrypts data while a corresponding private key decrypts it.

3. Symmetric Encryption and Key‑Exchange Techniques

3.1 Establishing a Shared Secret (numeric version)

Both parties agree on a public number (e.g., 5). Each chooses a private multiplier ( a=4 and b=7). They publish the products A = 5·a = 20 and B = 5·b = 35. After exchange, each multiplies the received value by its own private multiplier: 20·7 = 140 and 35·4 = 140. The result 140 is the shared secret.

3.2 Diffie‑Hellman Key Exchange (modular exponentiation)

Parameters: prime modulus p = 11, base g = 2. Private exponents: a = 4, b = 7. Compute public values:

A = g^a mod p = 2^4 mod 11 = 5

B = g^b mod p = 2^7 mod 11 = 7

Exchange A and B. Each side raises the received value to its own private exponent:

Shared secret = B^a mod p = 7^4 mod 11 = 3

Shared secret = A^b mod p = 5^7 mod 11 = 3

Both obtain the identical secret 3, while an eavesdropper who knows p, g, A, B cannot feasibly compute it.

3.3 AES Symmetric Encryption

AES (Advanced Encryption Standard) is a block cipher that operates on 128‑bit blocks. It supports key lengths of 128, 192, or 256 bits; longer keys provide higher security. Encryption proceeds by splitting the plaintext into blocks, applying the AES round function with the secret key, and concatenating the resulting ciphertext blocks.

Example (illustrative only): plaintext 462315 is split into single‑digit blocks, each block is transformed with a secret key 3, yielding ciphertext 795648. The receiver reverses the process with the same key to recover the original digits.

4. Asymmetric Encryption – RSA

4.1 RSA Key Generation (illustrative small numbers)

Choose two distinct primes p = 2 and q = 11.

Compute modulus n = p·q = 22.

Compute Euler’s totient φ(n) = (p‑1)(q‑1) = 10.

Select a public exponent e such that 1 < e < φ(n) and gcd(e, φ(n)) = 1. Example: e = 7.

Compute the private exponent d as the modular inverse of e modulo φ(n): d·e ≡ 1 (mod φ(n)). Example: d = 3.

Public key: (n, e) = (22, 7). Private key: (n, d) = (22, 3).

4.2 RSA Encryption / Decryption Example

Message m = 14. Ciphertext is computed as: c = m^e mod n = 14^7 mod 22 = 20 The receiver uses the private exponent to recover the plaintext: m = c^d mod n = 20^3 mod 22 = 14 An attacker who knows (n, e, c) = (22, 7, 20) cannot derive d without factoring n.

4.3 Digital Signature (conceptual)

To sign a message, compute a hash (e.g., MD5) of the message and encrypt the hash with the private key. Anyone can verify the signature by decrypting with the public key and comparing the result to an independently computed hash.

5. Practical Security Parameters

In real deployments RSA keys are at least 1024 bits long; 2048 bits is common. Factoring a 2048‑bit modulus is computationally infeasible with current technology.

Example of a large RSA modulus (truncated for readability):

1230186684530117755130494958384962720772853569595334792197322452151726400507263657518745202199786469389956474942774063845925192557326303453731548268507917026122142913461670429214311602221240479274737794080665351419597459856902143413 = 33478071698956898786044169848212690817704794983713768568912431388982883793878002287614711652531743087737814467999489 × 36746043666799590428244633799627952632279158164343087642676032283815739666511279233373417143396810270092798736308917

Such numbers illustrate why RSA security relies on the difficulty of integer factorisation.