Galileo's Paradox of Infinity Explorer
Explore Galileo's paradox interactively — compare counting numbers with perfect squares, visualize bijections, and understand infinite set cardinality.
RSA Encryption Demo Calculator
Explore RSA encryption with small primes — generate keys, encrypt and decrypt messages, see modular exponentiation step by step.
RSA Encryption Demo
First prime
Second prime (different from p)
0 ≤ m < 3233
Leave blank for auto-selection (65537 preferred)
Encrypted (c)⧉
1581
c = m^e mod n = 42^257 mod 3233 = 1581
Decrypted⧉
42
m = c^d mod n = 1581^2513 mod 3233 = 42
Round-Trip ✓⧉
✅ Match
Decrypted value should equal original message
Modulus n⧉
3233
61 × 53 = 3233
φ(n)⧉
3120
(61−1)(53−1) = 3120
Key Size⧉
12 bits
Number of bits in n — real RSA uses 2048+ bits
Key Generation Summary
| Parameter | Value | Description |
|---|---|---|
| p (prime 1) | 61 | First prime factor — keep secret |
| q (prime 2) | 53 | Second prime factor — keep secret |
| n = p × q | 3233 | Modulus — part of public key |
| φ(n) = (p−1)(q−1) | 3120 | Euler's totient — keep secret |
| e (public exponent) | 257 | Public key exponent — gcd(e, φ) = 1 |
| d (private exponent) | 2513 | Private key — d ≡ e⁻¹ (mod φ) |
| Public Key | (257, 3233) | Share this: (e, n) |
| Private Key | (2513, 3233) | Keep secret: (d, n) |
Encryption: Modular Exponentiation Steps
c = 42^257 mod 3233 Step 1: exp bit=1 → 1 × 42 mod 3233 = 42 Step 2: exp bit=0 → skip multiply Step 3: exp bit=0 → skip multiply Step 4: exp bit=0 → skip multiply Step 5: exp bit=0 → skip multiply Step 6: exp bit=0 → skip multiply Step 7: exp bit=0 → skip multiply Step 8: exp bit=0 → skip multiply Step 9: exp bit=1 → 42 × 2116 mod 3233 = 1581 Result: 1581
Decryption: Modular Exponentiation Steps
m = 1581^2513 mod 3233 Step 1: exp bit=1 → 1 × 1581 mod 3233 = 1581 Step 2: exp bit=0 → skip multiply Step 3: exp bit=0 → skip multiply Step 4: exp bit=0 → skip multiply Step 5: exp bit=1 → 1581 × 2557 mod 3233 = 1367 Step 6: exp bit=0 → skip multiply Step 7: exp bit=1 → 1367 × 259 mod 3233 = 1656 Step 8: exp bit=1 → 1656 × 2421 mod 3233 = 256 Step 9: exp bit=1 → 256 × 3045 mod 3233 = 367 Step 10: exp bit=0 → skip multiply Step 11: exp bit=0 → skip multiply Step 12: exp bit=1 → 367 × 652 mod 3233 = 42 Result: 42
RSA Algorithm Steps
| Step | Operation | Formula |
|---|---|---|
| 1 | Choose two distinct primes | p, q |
| 2 | Compute modulus | n = p × q |
| 3 | Compute Euler's totient | φ(n) = (p−1)(q−1) |
| 4 | Choose public exponent | e: 1 < e < φ(n), gcd(e,φ)=1 |
| 5 | Compute private exponent | d ≡ e⁻¹ (mod φ(n)) |
| 6 | Encrypt | c = mᵉ mod n |
| 7 | Decrypt | m = cᵈ mod n |
⚠️ Educational Only: This demo uses tiny primes for illustration. Real RSA uses 2048-bit (617-digit) numbers. Never use this for actual encryption.
Planning notes, formulas, and examples
About the RSA Encryption Demo Calculator
RSA (Rivest–Shamir–Adleman, 1977) is the foundational public-key cryptosystem that secures most of the internet. Its security rests on the practical difficulty of factoring the product of two large primes. The algorithm is elegant: choose two primes p and q, compute n = pq and φ(n) = (p−1)(q�−1), pick a public exponent e coprime to φ(n), and derive the private exponent d = e⁻¹ mod φ(n). Encryption is c = mᵉ mod n; decryption is m = cᵈ mod n.
This educational page lets you experiment with RSA using small primes so every step is transparent. Enter your own primes (or use presets), and the calculator generates the full key pair, encrypts a message, decrypts it, and verifies the round trip. Each modular exponentiation is shown step-by-step using the square-and-multiply algorithm, so you can trace exactly how the ciphertext and plaintext are computed.
Whether you are a student learning number theory and cryptography, an instructor building a lecture demo, or a developer wanting to understand the math behind TLS, the page keeps key generation, modular inverses, and exponentiation steps tied to the same example.
When This Page Helps
RSA is one of the most important algorithms in computing, yet its mechanics are often presented as opaque formulas. This demo makes every step visible — from prime selection through key generation to the bit-by-bit square-and-multiply exponentiation. Seeing the math in action builds genuine understanding rather than rote memorization.
It also serves as a sanity-check tool: enter your homework primes, verify the key generation, and trace the encryption/decryption to catch arithmetic errors. For instructors, the step-by-step output can be projected or screenshotted directly into lecture slides.
How to Use the Inputs
- Enter two distinct prime numbers p and q (the tool warns if they are not prime).
- Enter a message as an integer m where 0 ≤ m < n = p × q.
- Optionally enter a custom public exponent e (leave blank for auto-selection).
- Read the encrypted value c and decrypted value in the output cards.
- Verify the round-trip: decrypted should equal the original message.
- Examine the Key Generation Summary table for all RSA parameters.
- Follow the Modular Exponentiation Steps for encryption and decryption.
Formula used
Key generation: n = p×q, φ(n) = (p−1)(q−1), e: gcd(e,φ)=1, d = e⁻¹ mod φ(n). Encrypt: c = mᵉ mod n. Decrypt: m = cᵈ mod n. Correctness: mᵉᵈ ≡ m (mod n) by Euler's theorem.Example Calculation
Result: n=3233, φ=3120, e=17, d=2753, c=42^17 mod 3233=2557, decrypt=2557^2753 mod 3233=42 ✓
With p=61, q=53: n=3233, φ=3120, e=17 (coprime to 3120), d=2753. Message 42 encrypts to 2557 and decrypts back to 42.
Tips & Best Practices
- Start with small primes (p=3, q=11) to trace every step by hand, then try larger ones.
- The message m must be less than n. For m ≥ n, RSA loses information.
- Try encrypting m=0 and m=1 — they always encrypt to 0 and 1 (a known RSA property).
- Compare different public exponents e for the same primes to see how d changes.
- Verify by hand: compute m^e mod n with a calculator and compare to the tool.
- This demo uses JavaScript integers, so keys larger than ~20 bits may lose precision.
History of RSA
RSA was published in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman at MIT. An equivalent system had been secretly developed in 1973 by Clifford Cocks at the UK's GCHQ but remained classified until 1997. RSA was the first widely practical public-key cryptosystem and enabled secure internet communication, digital signatures, and key exchange. It remains the foundation of PKI (Public Key Infrastructure) and is used in TLS/SSL, SSH, PGP, and many other protocols.
Modular Exponentiation
The core operation in RSA — computing m^e mod n — uses the square-and-multiply algorithm for efficiency. The exponent e is processed bit by bit from LSB to MSB: if the current bit is 1, multiply the accumulator by the current power of the base; then square the base. This reduces O(e) multiplications to O(log e), making RSA practical even with 2048-bit exponents.
RSA and Number Theory
RSA relies on three pillars of number theory: Euler's theorem (a^φ(n) ≡ 1 mod n for gcd(a,n)=1), the Chinese Remainder Theorem (used to speed up decryption by working mod p and mod q separately), and the computational difficulty of integer factorization. The security assumption is that factoring n = pq is infeasible for sufficiently large primes, even though no mathematical proof of this difficulty exists — it is an empirical assumption supported by centuries of failed factoring attempts.
Sources & Methodology
Last updated:
Frequently Asked Questions
RSA's security depends on the difficulty of factoring n = p × q. If an attacker could factor n, they could compute φ(n) and derive the private key d.
e must be coprime to φ(n). The most common choice in practice is 65537 (2¹⁶+1) because it has only two 1-bits, making exponentiation fast.
d is the modular multiplicative inverse of e modulo φ(n), computed via the Extended Euclidean Algorithm. It satisfies e×d ≡ 1 (mod φ(n)).
By Euler's theorem: mᵉᵈ = m^(1 + kφ(n)) = m × (m^φ(n))^k ≡ m × 1^k ≡ m (mod n), provided gcd(m,n) = 1.
Modern RSA uses at least 2048-bit keys (about 617 decimal digits for n). 4096-bit keys are increasingly recommended. This demo uses tiny primes for educational clarity.
Classical RSA with 2048+ bits remains secure against known classical attacks. However, a sufficiently large quantum computer running Shor's algorithm could break it, motivating post-quantum cryptography research.
More in this topic
Hilbert's Hotel Paradox Simulator
Simulate Hilbert's Hotel thought experiment — accommodate new guests in a fully-occupied infinite hotel and explore cardinal arithmetic interactively.
Complex Number (i) Calculator
Perform complex number arithmetic — add, subtract, multiply, divide, raise to powers via De Moivre, find modulus, argument, polar form, and conjugate.