The Euler-Fermat Theorem and RSA

m ϕ(n) b 1 b 2 ...b ϕ(n) ≡ b 1 b 2 ...b ϕ(n) (mod n)Since each b i is relatively prime to n, it can be cancelled from this congruence,leavingm ϕ(n) ≡ 1 (mod n)as required.2 Corollaries• Fermat’s Little Theorem: if p is prime and not a factor of m, thenm p−1 ≡ 1 (mod p). This follows because when p is prime, ϕ(p) = p − 1.• If p, q are prime and not factors of m, then m (p−1)(q−1) ≡ 1(mod pq).This follows because in this case, ϕ(pq) = (p − 1)(q − 1).• For any k, m, prime p, prime q, if k ≡ 1 (mod (p − 1)(q − 1)) thenm k ≡ m (mod pq).The third corollary needs a little work to prove. If the primes p, q are notfactors of m, it follows from the second corollary, for k = k ′ (p−1)(q−1)+1 (forsome k ′ ), so making use of the second corollary, m k = (m (p−1)(q−1) ) k′ m ≡ (mod pq)1 k m = m.On the other hand, suppose p divides m. Then m k ≡ 0 ≡ m (mod p). Thus,by Fermat’s little theorem, whether or not p divides m, m k ≡ m (mod p).Similarly (whether or not q divides m) m k ≡ m (mod q). From the relativeprimeness of p, q it follows that m k ≡ m (mod pq).3 RSAAn RSA cryptosystem is generated from a pair of prime numbers, p, q, sufficientlylarge that it is computationally infeasible to recover their values fromknowledge of their product n.To generate keys, take an integer e relatively prime to (p−1)(q−1) and (usingthe extended Euclidian algorithm) compute d = e −1 mod (p−1)(q−1). (Thisd is the least nonnegative residue.)2