Proof that RSA works
Posted: Mon Dec 28, 2020 7:39 am
Due to recent interest by one individual, I looked up the proof that RSA works. Because I always found that non-intuitive, that being multiplicative inverses in a completely different ring somehow meant
Given: n, e, d integers
p, q distinct large primes
n = pq
e ≡ 1 (mod φ(n))
ed ≡ 1 (mod φ(n))
Claim: For all integers m < n: m ≡ m^(de) (mod n)
Proof:
ed ≡ 1 (mod φ(n)) is equivalent to
φ(n) | ed - 1
Since n = pq for primes p and q, φ(n) = (p - 1)(q - 1). Therefore
(p - 1)(q - 1) | ed - 1
Therefore both of these are true:
p - 1 | ed - 1 (1)
q - 1 | ed - 1 (2)
(1) more specifically means that for some integer k:
ed - 1 = k(p - 1) (3)
Notice also:
m^(de) ≡ m^(de - 1 + 1) ≡ m^(de - 1) m (mod p) (4)
But by inserting (3) into (4) we get:
m^(de) ≡ m^(k(p - 1)) m (mod p) (5)
Since p is prime, any integer m must either be coprime to p or be a multiple of p.
Case 1: m coprime to p
In that case, we can use Fermat's little theorem states that
m^(p - 1) ≡ 1 (mod p) (6)
We want to show that m^(k(p - 1)) ≡ 1 (mod p).
m^(k(p - 1)) ≡ (m^(p - 1))^k (mod p) (7)
Inserting 6 into 7 yields:
m^(k(p - 1)) ≡ 1^k (mod p) ≡ 1 (mod p) (for all k)
Therefore equation 5 is equivalent to:
m^(de) ≡ m (mod p)
Case 2: m is a multiple of p
In that case
m^(de) ≡ 0 (mod p)
m ≡ 0 (mod p)
Therefore
m^(de) ≡ m (mod p) (8)
By symmetry, the same constructions based off of (2) yields
m^(de) ≡ m (mod q) (9)
Thanks to a property of modular congruence, when m and n are coprime, a ≡ b (mod m), and a ≡ b (mod n), then a ≡ b (mod mn). In our case, we have p and q being distinct primes (therefore coprime), and we have (8) and (9), and therefore
m^(de) ≡ m (mod pq)
≡ m (mod n)
Quod erat demonstrantum.
Given: n, e, d integers
p, q distinct large primes
n = pq
e ≡ 1 (mod φ(n))
ed ≡ 1 (mod φ(n))
Claim: For all integers m < n: m ≡ m^(de) (mod n)
Proof:
ed ≡ 1 (mod φ(n)) is equivalent to
φ(n) | ed - 1
Since n = pq for primes p and q, φ(n) = (p - 1)(q - 1). Therefore
(p - 1)(q - 1) | ed - 1
Therefore both of these are true:
p - 1 | ed - 1 (1)
q - 1 | ed - 1 (2)
(1) more specifically means that for some integer k:
ed - 1 = k(p - 1) (3)
Notice also:
m^(de) ≡ m^(de - 1 + 1) ≡ m^(de - 1) m (mod p) (4)
But by inserting (3) into (4) we get:
m^(de) ≡ m^(k(p - 1)) m (mod p) (5)
Since p is prime, any integer m must either be coprime to p or be a multiple of p.
Case 1: m coprime to p
In that case, we can use Fermat's little theorem states that
m^(p - 1) ≡ 1 (mod p) (6)
We want to show that m^(k(p - 1)) ≡ 1 (mod p).
m^(k(p - 1)) ≡ (m^(p - 1))^k (mod p) (7)
Inserting 6 into 7 yields:
m^(k(p - 1)) ≡ 1^k (mod p) ≡ 1 (mod p) (for all k)
Therefore equation 5 is equivalent to:
m^(de) ≡ m (mod p)
Case 2: m is a multiple of p
In that case
m^(de) ≡ 0 (mod p)
m ≡ 0 (mod p)
Therefore
m^(de) ≡ m (mod p) (8)
By symmetry, the same constructions based off of (2) yields
m^(de) ≡ m (mod q) (9)
Thanks to a property of modular congruence, when m and n are coprime, a ≡ b (mod m), and a ≡ b (mod n), then a ≡ b (mod mn). In our case, we have p and q being distinct primes (therefore coprime), and we have (8) and (9), and therefore
m^(de) ≡ m (mod pq)
≡ m (mod n)
Quod erat demonstrantum.
It's just hard to take in when I'm not feeling up to it, and unfamiliar notation is baffling. It's not so hard to pick up a little bit at a time. 
The UI and file manager I tested with still use the bitmap font. The only quality improvement since I started using it in version 0.72 has been higher-resolution bitmaps. (PostScript is rendered by a separate process.) The changelog doesn't mention anything about vector fonts; no doubt it would if they were usable. The to-do list still contains this item: "Extend the text display capabilities by connecting to standard font libraries (but still continue to support the built-in font)."