Need a test suite for RSA test
Clash Royale CLAN TAG#URR8PPP
up vote
2
down vote
favorite
right now I have an assignment that I have to build a software which can encrypt/decrypt by RSA method. I already did it, but my teacher said that I need to find a test suite (include: modulus, public key, private key) to test if my software runs correctly and he doesn't accept any random data (although that data is correct). He needs real data which already tested by someone else and that data need to be mentioned in lectures, books, reports, benchmarks,... I tried to find them but I cannot :(. I'm very appreciated if you can help me.
Thank you.
rsa
asked 8 hours ago
user63361
161
New contributor
user63361 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
2
down vote
favorite
right now I have an assignment that I have to build a software which can encrypt/decrypt by RSA method. I already did it, but my teacher said that I need to find a test suite (include: modulus, public key, private key) to test if my software runs correctly and he doesn't accept any random data (although that data is correct). He needs real data which already tested by someone else and that data need to be mentioned in lectures, books, reports, benchmarks,... I tried to find them but I cannot :(. I'm very appreciated if you can help me.
Thank you.
rsa
asked 8 hours ago
user63361
161
New contributor
user63361 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
2
down vote
favorite
up vote
2
down vote
favorite
right now I have an assignment that I have to build a software which can encrypt/decrypt by RSA method. I already did it, but my teacher said that I need to find a test suite (include: modulus, public key, private key) to test if my software runs correctly and he doesn't accept any random data (although that data is correct). He needs real data which already tested by someone else and that data need to be mentioned in lectures, books, reports, benchmarks,... I tried to find them but I cannot :(. I'm very appreciated if you can help me.
Thank you.
rsa
asked 8 hours ago
user63361
161
New contributor
user63361 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
right now I have an assignment that I have to build a software which can encrypt/decrypt by RSA method. I already did it, but my teacher said that I need to find a test suite (include: modulus, public key, private key) to test if my software runs correctly and he doesn't accept any random data (although that data is correct). He needs real data which already tested by someone else and that data need to be mentioned in lectures, books, reports, benchmarks,... I tried to find them but I cannot :(. I'm very appreciated if you can help me.
Thank you.
rsa
rsa
asked 8 hours ago
user63361
161
New contributor
user63361 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 8 hours ago
user63361
161
New contributor
user63361 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 8 hours ago
user63361
161
New contributor
user63361 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 8 hours ago
user63361
161
asked 8 hours ago
user63361
161
161
New contributor
user63361 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
user63361 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
user63361 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
up vote
6
down vote
There are RSA keys pairs in the validation suite for the RSA part of FIPS 186-4 (see second part of this answer for details).
Because "encrypt/decrypt by RSA method" is not well-defined (for lack of indication of the padding method), there's no way to tell which Known Answer Test vectors for it fit the question's need.
Also, only the decryption code can be tested with fixed KAT: RSA encryption with proper random padding is not deterministic, thus its code needs to be modified (de-randomized) for testing against KAT.
FIPS 186-4 is a standard for digital signatures per a variety of methods, including several RSA-based. It has a test suite, with at the bottom of the page links to files with test vectors. The one for FIPS 186-4 RSA-based functions is 186-3rsatestvectors.zip. It contains several keys pairs. For example, SigGenPSS_186-3.txt starts with
[mod = 2048]
n = c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef
e = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000086c94f
d = 49e5786bb4d332f94586327bde088875379b75d128488f08e574ab4715302a87eea52d4c4a23d8b97af7944804337c5f55e16ba9ffafc0c9fd9b88eca443f39b7967170ddb8ce7ddb93c6087c8066c4a95538a441b9dc80dc9f7810054fd1e5c9d0250c978bb2d748abe1e9465d71a8165d3126dce5db2adacc003e9062ba37a54b63e5f49a4eafebd7e4bf5b0a796c2b3a950fa09c798d3fa3e86c4b62c33ba9365eda054e5fe74a41f21b595026acf1093c90a8c71722f91af1ed29a41a2449a320fc7ba3120e3e8c3e4240c04925cc698ecd66c7c906bdf240adad972b4dff4869d400b5d13e33eeba38e075e872b0ed3e91cc9c283867a4ffc3901d2069f
Note: $mathttmod$ is the bit size of the public modulus, expressed in decimal. $mathtt n$, $mathtt e$ and $mathtt d$ are the public modulus, the public exponent, and the FIPS 186-4-mandated private exponent, expressed in hexadecimal. Therefore, $mathtt d$ was obtained as $mathtt e^-1bmodlambda(mathtt n)$ (where $lambda$ is Carmichael's function), but is usable just as $mathtt e^-1bmodvarphi(mathtt n)$ would be (where $varphi$ is Euler's totient), another common private exponent in RSA.
answered 8 hours ago
fgrieu
75.8k7155319
Thank you so much :) That is all what I need
– user63361
7 hours ago
add a comment |
up vote
0
down vote
For the modulus $n=pq$ you need to verify that $p$ and $q$ are prime numbers. You can do this with a probabilistic primality test like Rabin-Miller.
For the public key $e$ you need to verify that it is coprime to the euler totient $phi (n)$ you can do this with the extended Euclidean algorithm.
For the private key $d$ you need to verify that $de equiv 1 pmod n$. You can do this with the extended Euclidean algorithm.
answered 8 hours ago
Youssef El Housni
843
New contributor
Youssef El Housni is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
.First of all, I want to say thank you. I already did all of what you say (my software runs well I can say that), at this time the things that I need is some data are mentioned in lectures, books, reports, benchmarks,.... to test it (because my teacher doesn't accept any data that is generated randomly)
– user63361
8 hours ago
Ok what you need is a test vector suite. You can use NIST vectors available here: csrc.nist.gov/Projects/…
– Youssef El Housni
8 hours ago
$de equiv 1 pmod n$ usually does not hold. $d,eequiv 1 pmodlambda (n)$ holds. $d,eequiv 1 pmodphi (n)$ holds for some variants of RSA key generation. Verification of $d$ is usually performed by computing $d,ebmodlambda (n)=1$ when the factorization of $n$ is known, including derived from $(n,e,d)$; or checking that $x^e,dbmod n=x$ for a few $xin[2,n-2]$, otherwise.
– fgrieu
7 hours ago
add a comment |
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
6
down vote
There are RSA keys pairs in the validation suite for the RSA part of FIPS 186-4 (see second part of this answer for details).
Because "encrypt/decrypt by RSA method" is not well-defined (for lack of indication of the padding method), there's no way to tell which Known Answer Test vectors for it fit the question's need.
Also, only the decryption code can be tested with fixed KAT: RSA encryption with proper random padding is not deterministic, thus its code needs to be modified (de-randomized) for testing against KAT.
FIPS 186-4 is a standard for digital signatures per a variety of methods, including several RSA-based. It has a test suite, with at the bottom of the page links to files with test vectors. The one for FIPS 186-4 RSA-based functions is 186-3rsatestvectors.zip. It contains several keys pairs. For example, SigGenPSS_186-3.txt starts with
[mod = 2048]
n = c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef
e = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000086c94f
d = 49e5786bb4d332f94586327bde088875379b75d128488f08e574ab4715302a87eea52d4c4a23d8b97af7944804337c5f55e16ba9ffafc0c9fd9b88eca443f39b7967170ddb8ce7ddb93c6087c8066c4a95538a441b9dc80dc9f7810054fd1e5c9d0250c978bb2d748abe1e9465d71a8165d3126dce5db2adacc003e9062ba37a54b63e5f49a4eafebd7e4bf5b0a796c2b3a950fa09c798d3fa3e86c4b62c33ba9365eda054e5fe74a41f21b595026acf1093c90a8c71722f91af1ed29a41a2449a320fc7ba3120e3e8c3e4240c04925cc698ecd66c7c906bdf240adad972b4dff4869d400b5d13e33eeba38e075e872b0ed3e91cc9c283867a4ffc3901d2069f
Note: $mathttmod$ is the bit size of the public modulus, expressed in decimal. $mathtt n$, $mathtt e$ and $mathtt d$ are the public modulus, the public exponent, and the FIPS 186-4-mandated private exponent, expressed in hexadecimal. Therefore, $mathtt d$ was obtained as $mathtt e^-1bmodlambda(mathtt n)$ (where $lambda$ is Carmichael's function), but is usable just as $mathtt e^-1bmodvarphi(mathtt n)$ would be (where $varphi$ is Euler's totient), another common private exponent in RSA.
answered 8 hours ago
fgrieu
75.8k7155319
Thank you so much :) That is all what I need
– user63361
7 hours ago
add a comment |
up vote
6
down vote
There are RSA keys pairs in the validation suite for the RSA part of FIPS 186-4 (see second part of this answer for details).
Because "encrypt/decrypt by RSA method" is not well-defined (for lack of indication of the padding method), there's no way to tell which Known Answer Test vectors for it fit the question's need.
Also, only the decryption code can be tested with fixed KAT: RSA encryption with proper random padding is not deterministic, thus its code needs to be modified (de-randomized) for testing against KAT.
FIPS 186-4 is a standard for digital signatures per a variety of methods, including several RSA-based. It has a test suite, with at the bottom of the page links to files with test vectors. The one for FIPS 186-4 RSA-based functions is 186-3rsatestvectors.zip. It contains several keys pairs. For example, SigGenPSS_186-3.txt starts with
[mod = 2048]
n = c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef
e = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000086c94f
d = 49e5786bb4d332f94586327bde088875379b75d128488f08e574ab4715302a87eea52d4c4a23d8b97af7944804337c5f55e16ba9ffafc0c9fd9b88eca443f39b7967170ddb8ce7ddb93c6087c8066c4a95538a441b9dc80dc9f7810054fd1e5c9d0250c978bb2d748abe1e9465d71a8165d3126dce5db2adacc003e9062ba37a54b63e5f49a4eafebd7e4bf5b0a796c2b3a950fa09c798d3fa3e86c4b62c33ba9365eda054e5fe74a41f21b595026acf1093c90a8c71722f91af1ed29a41a2449a320fc7ba3120e3e8c3e4240c04925cc698ecd66c7c906bdf240adad972b4dff4869d400b5d13e33eeba38e075e872b0ed3e91cc9c283867a4ffc3901d2069f
Note: $mathttmod$ is the bit size of the public modulus, expressed in decimal. $mathtt n$, $mathtt e$ and $mathtt d$ are the public modulus, the public exponent, and the FIPS 186-4-mandated private exponent, expressed in hexadecimal. Therefore, $mathtt d$ was obtained as $mathtt e^-1bmodlambda(mathtt n)$ (where $lambda$ is Carmichael's function), but is usable just as $mathtt e^-1bmodvarphi(mathtt n)$ would be (where $varphi$ is Euler's totient), another common private exponent in RSA.
answered 8 hours ago
fgrieu
75.8k7155319
Thank you so much :) That is all what I need
– user63361
7 hours ago
add a comment |
up vote
6
down vote
up vote
6
down vote
There are RSA keys pairs in the validation suite for the RSA part of FIPS 186-4 (see second part of this answer for details).
Because "encrypt/decrypt by RSA method" is not well-defined (for lack of indication of the padding method), there's no way to tell which Known Answer Test vectors for it fit the question's need.
Also, only the decryption code can be tested with fixed KAT: RSA encryption with proper random padding is not deterministic, thus its code needs to be modified (de-randomized) for testing against KAT.
FIPS 186-4 is a standard for digital signatures per a variety of methods, including several RSA-based. It has a test suite, with at the bottom of the page links to files with test vectors. The one for FIPS 186-4 RSA-based functions is 186-3rsatestvectors.zip. It contains several keys pairs. For example, SigGenPSS_186-3.txt starts with
[mod = 2048]
n = c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef
e = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000086c94f
d = 49e5786bb4d332f94586327bde088875379b75d128488f08e574ab4715302a87eea52d4c4a23d8b97af7944804337c5f55e16ba9ffafc0c9fd9b88eca443f39b7967170ddb8ce7ddb93c6087c8066c4a95538a441b9dc80dc9f7810054fd1e5c9d0250c978bb2d748abe1e9465d71a8165d3126dce5db2adacc003e9062ba37a54b63e5f49a4eafebd7e4bf5b0a796c2b3a950fa09c798d3fa3e86c4b62c33ba9365eda054e5fe74a41f21b595026acf1093c90a8c71722f91af1ed29a41a2449a320fc7ba3120e3e8c3e4240c04925cc698ecd66c7c906bdf240adad972b4dff4869d400b5d13e33eeba38e075e872b0ed3e91cc9c283867a4ffc3901d2069f
Note: $mathttmod$ is the bit size of the public modulus, expressed in decimal. $mathtt n$, $mathtt e$ and $mathtt d$ are the public modulus, the public exponent, and the FIPS 186-4-mandated private exponent, expressed in hexadecimal. Therefore, $mathtt d$ was obtained as $mathtt e^-1bmodlambda(mathtt n)$ (where $lambda$ is Carmichael's function), but is usable just as $mathtt e^-1bmodvarphi(mathtt n)$ would be (where $varphi$ is Euler's totient), another common private exponent in RSA.
answered 8 hours ago
fgrieu
75.8k7155319
There are RSA keys pairs in the validation suite for the RSA part of FIPS 186-4 (see second part of this answer for details).
Because "encrypt/decrypt by RSA method" is not well-defined (for lack of indication of the padding method), there's no way to tell which Known Answer Test vectors for it fit the question's need.
Also, only the decryption code can be tested with fixed KAT: RSA encryption with proper random padding is not deterministic, thus its code needs to be modified (de-randomized) for testing against KAT.
FIPS 186-4 is a standard for digital signatures per a variety of methods, including several RSA-based. It has a test suite, with at the bottom of the page links to files with test vectors. The one for FIPS 186-4 RSA-based functions is 186-3rsatestvectors.zip. It contains several keys pairs. For example, SigGenPSS_186-3.txt starts with
[mod = 2048]
n = c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef
e = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000086c94f
d = 49e5786bb4d332f94586327bde088875379b75d128488f08e574ab4715302a87eea52d4c4a23d8b97af7944804337c5f55e16ba9ffafc0c9fd9b88eca443f39b7967170ddb8ce7ddb93c6087c8066c4a95538a441b9dc80dc9f7810054fd1e5c9d0250c978bb2d748abe1e9465d71a8165d3126dce5db2adacc003e9062ba37a54b63e5f49a4eafebd7e4bf5b0a796c2b3a950fa09c798d3fa3e86c4b62c33ba9365eda054e5fe74a41f21b595026acf1093c90a8c71722f91af1ed29a41a2449a320fc7ba3120e3e8c3e4240c04925cc698ecd66c7c906bdf240adad972b4dff4869d400b5d13e33eeba38e075e872b0ed3e91cc9c283867a4ffc3901d2069f
Note: $mathttmod$ is the bit size of the public modulus, expressed in decimal. $mathtt n$, $mathtt e$ and $mathtt d$ are the public modulus, the public exponent, and the FIPS 186-4-mandated private exponent, expressed in hexadecimal. Therefore, $mathtt d$ was obtained as $mathtt e^-1bmodlambda(mathtt n)$ (where $lambda$ is Carmichael's function), but is usable just as $mathtt e^-1bmodvarphi(mathtt n)$ would be (where $varphi$ is Euler's totient), another common private exponent in RSA.
answered 8 hours ago
fgrieu
75.8k7155319
edited 7 hours ago
answered 8 hours ago
fgrieu
75.8k7155319
answered 8 hours ago
fgrieu
75.8k7155319
answered 8 hours ago
fgrieu
75.8k7155319
75.8k7155319
Thank you so much :) That is all what I need
– user63361
7 hours ago
add a comment |
Thank you so much :) That is all what I need
– user63361
7 hours ago
Thank you so much :) That is all what I need
– user63361
7 hours ago
Thank you so much :) That is all what I need
– user63361
7 hours ago
add a comment |
up vote
0
down vote
For the modulus $n=pq$ you need to verify that $p$ and $q$ are prime numbers. You can do this with a probabilistic primality test like Rabin-Miller.
For the public key $e$ you need to verify that it is coprime to the euler totient $phi (n)$ you can do this with the extended Euclidean algorithm.
For the private key $d$ you need to verify that $de equiv 1 pmod n$. You can do this with the extended Euclidean algorithm.
answered 8 hours ago
Youssef El Housni
843
New contributor
Youssef El Housni is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
.First of all, I want to say thank you. I already did all of what you say (my software runs well I can say that), at this time the things that I need is some data are mentioned in lectures, books, reports, benchmarks,.... to test it (because my teacher doesn't accept any data that is generated randomly)
– user63361
8 hours ago
Ok what you need is a test vector suite. You can use NIST vectors available here: csrc.nist.gov/Projects/…
– Youssef El Housni
8 hours ago
$de equiv 1 pmod n$ usually does not hold. $d,eequiv 1 pmodlambda (n)$ holds. $d,eequiv 1 pmodphi (n)$ holds for some variants of RSA key generation. Verification of $d$ is usually performed by computing $d,ebmodlambda (n)=1$ when the factorization of $n$ is known, including derived from $(n,e,d)$; or checking that $x^e,dbmod n=x$ for a few $xin[2,n-2]$, otherwise.
– fgrieu
7 hours ago
add a comment |
up vote
0
down vote
For the modulus $n=pq$ you need to verify that $p$ and $q$ are prime numbers. You can do this with a probabilistic primality test like Rabin-Miller.
For the public key $e$ you need to verify that it is coprime to the euler totient $phi (n)$ you can do this with the extended Euclidean algorithm.
For the private key $d$ you need to verify that $de equiv 1 pmod n$. You can do this with the extended Euclidean algorithm.
answered 8 hours ago
Youssef El Housni
843
New contributor
Youssef El Housni is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
.First of all, I want to say thank you. I already did all of what you say (my software runs well I can say that), at this time the things that I need is some data are mentioned in lectures, books, reports, benchmarks,.... to test it (because my teacher doesn't accept any data that is generated randomly)
– user63361
8 hours ago
Ok what you need is a test vector suite. You can use NIST vectors available here: csrc.nist.gov/Projects/…
– Youssef El Housni
8 hours ago
$de equiv 1 pmod n$ usually does not hold. $d,eequiv 1 pmodlambda (n)$ holds. $d,eequiv 1 pmodphi (n)$ holds for some variants of RSA key generation. Verification of $d$ is usually performed by computing $d,ebmodlambda (n)=1$ when the factorization of $n$ is known, including derived from $(n,e,d)$; or checking that $x^e,dbmod n=x$ for a few $xin[2,n-2]$, otherwise.
– fgrieu
7 hours ago
add a comment |
up vote
0
down vote
up vote
0
down vote
For the modulus $n=pq$ you need to verify that $p$ and $q$ are prime numbers. You can do this with a probabilistic primality test like Rabin-Miller.
For the public key $e$ you need to verify that it is coprime to the euler totient $phi (n)$ you can do this with the extended Euclidean algorithm.
For the private key $d$ you need to verify that $de equiv 1 pmod n$. You can do this with the extended Euclidean algorithm.
answered 8 hours ago
Youssef El Housni
843
New contributor
Youssef El Housni is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
For the modulus $n=pq$ you need to verify that $p$ and $q$ are prime numbers. You can do this with a probabilistic primality test like Rabin-Miller.
For the public key $e$ you need to verify that it is coprime to the euler totient $phi (n)$ you can do this with the extended Euclidean algorithm.
For the private key $d$ you need to verify that $de equiv 1 pmod n$. You can do this with the extended Euclidean algorithm.
answered 8 hours ago
Youssef El Housni
843
New contributor
Youssef El Housni is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 8 hours ago
Youssef El Housni
843
New contributor
Youssef El Housni is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 8 hours ago
Youssef El Housni
843
answered 8 hours ago
Youssef El Housni
843
843
New contributor
Youssef El Housni is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Youssef El Housni is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Youssef El Housni is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
.First of all, I want to say thank you. I already did all of what you say (my software runs well I can say that), at this time the things that I need is some data are mentioned in lectures, books, reports, benchmarks,.... to test it (because my teacher doesn't accept any data that is generated randomly)
– user63361
8 hours ago
Ok what you need is a test vector suite. You can use NIST vectors available here: csrc.nist.gov/Projects/…
– Youssef El Housni
8 hours ago
$de equiv 1 pmod n$ usually does not hold. $d,eequiv 1 pmodlambda (n)$ holds. $d,eequiv 1 pmodphi (n)$ holds for some variants of RSA key generation. Verification of $d$ is usually performed by computing $d,ebmodlambda (n)=1$ when the factorization of $n$ is known, including derived from $(n,e,d)$; or checking that $x^e,dbmod n=x$ for a few $xin[2,n-2]$, otherwise.
– fgrieu
7 hours ago
add a comment |
.First of all, I want to say thank you. I already did all of what you say (my software runs well I can say that), at this time the things that I need is some data are mentioned in lectures, books, reports, benchmarks,.... to test it (because my teacher doesn't accept any data that is generated randomly)
– user63361
8 hours ago
Ok what you need is a test vector suite. You can use NIST vectors available here: csrc.nist.gov/Projects/…
– Youssef El Housni
8 hours ago
$de equiv 1 pmod n$ usually does not hold. $d,eequiv 1 pmodlambda (n)$ holds. $d,eequiv 1 pmodphi (n)$ holds for some variants of RSA key generation. Verification of $d$ is usually performed by computing $d,ebmodlambda (n)=1$ when the factorization of $n$ is known, including derived from $(n,e,d)$; or checking that $x^e,dbmod n=x$ for a few $xin[2,n-2]$, otherwise.
– fgrieu
7 hours ago
.First of all, I want to say thank you. I already did all of what you say (my software runs well I can say that), at this time the things that I need is some data are mentioned in lectures, books, reports, benchmarks,.... to test it (because my teacher doesn't accept any data that is generated randomly)
– user63361
8 hours ago
.First of all, I want to say thank you. I already did all of what you say (my software runs well I can say that), at this time the things that I need is some data are mentioned in lectures, books, reports, benchmarks,.... to test it (because my teacher doesn't accept any data that is generated randomly)
– user63361
8 hours ago
Ok what you need is a test vector suite. You can use NIST vectors available here: csrc.nist.gov/Projects/…
– Youssef El Housni
8 hours ago
Ok what you need is a test vector suite. You can use NIST vectors available here: csrc.nist.gov/Projects/…
– Youssef El Housni
8 hours ago
$de equiv 1 pmod n$ usually does not hold. $d,eequiv 1 pmodlambda (n)$ holds. $d,eequiv 1 pmodphi (n)$ holds for some variants of RSA key generation. Verification of $d$ is usually performed by computing $d,ebmodlambda (n)=1$ when the factorization of $n$ is known, including derived from $(n,e,d)$; or checking that $x^e,dbmod n=x$ for a few $xin[2,n-2]$, otherwise.
– fgrieu
7 hours ago
$de equiv 1 pmod n$ usually does not hold. $d,eequiv 1 pmodlambda (n)$ holds. $d,eequiv 1 pmodphi (n)$ holds for some variants of RSA key generation. Verification of $d$ is usually performed by computing $d,ebmodlambda (n)=1$ when the factorization of $n$ is known, including derived from $(n,e,d)$; or checking that $x^e,dbmod n=x$ for a few $xin[2,n-2]$, otherwise.
– fgrieu
7 hours ago
add a comment |
user63361 is a new contributor. Be nice, and check out our Code of Conduct.
user63361 is a new contributor. Be nice, and check out our Code of Conduct.
user63361 is a new contributor. Be nice, and check out our Code of Conduct.
user63361 is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f63874%2fneed-a-test-suite-for-rsa-test%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
