From e3aa0f65e8a5a453e967ac2dc343c7cb96217548 Mon Sep 17 00:00:00 2001 From: Zizhou Zhang Date: Fri, 15 Nov 2019 06:29:54 +1100 Subject: [PATCH] fix implementation errors. (#1568) I revised my implementation and found out that I have miss a inner loop for t. x and y should be recalculated everytime when t is divisble by 2. I have also included a more readble source for this algorithm. --- ciphers/rsa_factorization.py | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/ciphers/rsa_factorization.py b/ciphers/rsa_factorization.py index 58bdc554a..9ec34e6c5 100644 --- a/ciphers/rsa_factorization.py +++ b/ciphers/rsa_factorization.py @@ -4,6 +4,7 @@ An RSA prime factor algorithm. The program can efficiently factor RSA prime number given the private key d and public key e. Source: on page 3 of https://crypto.stanford.edu/~dabo/papers/RSA-survey.pdf +More readable source: https://www.di-mgt.com.au/rsa_factorize_n.html large number can take minutes to factor, therefore are not included in doctest. """ import math @@ -15,7 +16,7 @@ def rsafactor(d: int, e: int, N: int) -> List[int]: """ This function returns the factors of N, where p*q=N Return: [p, q] - + We call N the RSA modulus, e the encryption exponent, and d the decryption exponent. The pair (N, e) is the public key. As its name suggests, it is public and is used to encrypt messages. @@ -35,13 +36,17 @@ def rsafactor(d: int, e: int, N: int) -> List[int]: while p == 0: g = random.randint(2, N - 1) t = k - if t % 2 == 0: - t = t // 2 - x = (g ** t) % N - y = math.gcd(x - 1, N) - if x > 1 and y > 1: - p = y - q = N // y + while True: + if t % 2 == 0: + t = t // 2 + x = (g ** t) % N + y = math.gcd(x - 1, N) + if x > 1 and y > 1: + p = y + q = N // y + break # find the correct factors + else: + break # t is not divisible by 2, break and choose another g return sorted([p, q])