Understanding the RSA algorithm

ZHENGPING JAY LUO, Rider University, USA

RUOWEN LIU, Rider University, USA
AARAV MEHTA, Rider University, USA
With the emerging importance of cybersecurity, it will be beneficial for a wide community to understand some of the
fundamental security mechanisms. The RSA algorithm is one of the essential algorithms used in public-key cryptosystems.
Understanding the RSA algorithm requires knowledge regarding number theory, modular arithmetic, etc., which is often
beyond the knowledge pool of many beginners in cybersecurity. In this work, we provide an intuitive and onion-peeling
arXiv:2308.02785v1 [cs.CR] 5 Aug 2023

style introduction to the RSA algorithm, in which we assume that readers will only have a basic background in mathematics
and cybersecurity. Started from three essential goals of public-key cryptosystems, we explained step-by-step how the RSA
algorithm achieved these goals. We also used a toy example to further help readers to understand the algorithm from a
practical perspective.
CCS Concepts: • Security and privacy → Public key encryption.
ACM Reference Format:
Zhengping Jay Luo, Ruowen Liu, and Aarav Mehta. 2023. Understanding the RSA algorithm. 1, 1 (August 2023), 7 pages.
https://doi.org/10.1145/nnnnnnn.nnnnnnn

1 INTRODUCTION
The three most widely accepted security goals of cybersecurity are shorted as “CIA triad”, which stands for
Confidentiality, Integrity and Availability. Cryptographic algorithms play an essential role in achieving confiden-
tiality through private-key and public-key cryptographic algorithms. Public-key cryptographic algorithms, such
as the RSA algorithm, also play an important role in achieving another common security goal, non-repudiation,
which is required in many application scenarios such as electronic mails, through digital signatures. In fact, the
RSA algorithm was originally designed to achieve both confidentiality and non-repudiation goals in electronic
mails [5].
The RSA algorithm is one of the pioneering implementations of the public-key cryptosystem that was invented
by Diffie and Hellman [2] in 1976. It was designed by Ron Rivest, Adi Shamir, and Leonard Adleman from
Massachusetts Institute of Technology (MIT). As a public-key cryptographic algorithm, it has two keys: a private
key and a public key. Let’s assume that we have two communication parties: Alice and Bob, and they want to
exchange a message secretly. With the RSA algorithm, Alice first uses Bob’s public key to encrypt the message 𝑀
into ciphertext 𝐶 and send it to Bob. Bob then decrypt 𝐶 with its private key to recover the plaintext 𝑀. The
process seems straightforward, but generating the public and private keys used in this process is not as simple

Authors’ addresses: Zhengping Jay Luo, Rider University, Lawrenceville, New Jersey, USA, 08648, [email protected]; Ruowen Liu, Rider
University, Lawrenceville, New Jersey, USA, 08648, [email protected]; Aarav Mehta, Rider University, Lawrenceville, New Jersey, USA, 08648,
[email protected].

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that
copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first
page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy
otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from
[email protected].
© 2023 Association for Computing Machinery.
XXXX-XXXX/2023/8-ART $15.00
https://doi.org/10.1145/nnnnnnn.nnnnnnn

, Vol. 1, No. 1, Article . Publication date: August 2023.

2 • Zhengping Jay Luo, Ruowen Liu and Aarav Mehta

(a) Symmetric-key cryptography (b) Public-key cryptography

Fig. 1. The information flow when Alice sends a message to Bob using symmetric and public key cryptography.

as it may seem. To understand the logic behind requires knowledge from topics like number theory, modular
arithmetic, etc., which are often lacked by many beginners in cybersecurity or undergraduate students.
In this work, we provide an intuitive and accessible way to understand the RSA algorithm from a beginner’s
perspective. Started from three goals the RSA algorithm wants to achieve, we adopt an onion-peeling style to
explain how the system is designed step by step to reach the goal, which is lacked by other similar tutorials [3].
We assume readers have minimum background knowledge in number theory, modular arithmetic, etc. However,
we acknowledge that our goal is to provide an approachable way for a broader range of readers that do not have
much background in mathematics to understand this algorithm, thus some rigor of mathematics might inevitably
be simplified. At the end, we provide a toy example of the RSA algorithm from a practical perspective to help
readers better understand the algorithm.
The paper is organized as follows: the necessary foundational information of the RSA algorithm is provided
in Section 2. Then the detailed onion-peeling style introduction of the algorithm is elaborated in Section 3. In
Section 4 we employed an specific toy example to illustrate how to encrypt and decrypt the message in RSA from
a practical perspective. We concluded the paper in Section 5.

2 BACKGROUND AND PRELIMINARIES

In this section, we will provide necessary background which gives the context and mathematical foundations of
the RSA algorithm. Readers can also skip this section and use this section as a reference while reading Section 3.

2.1 Public-key Cryptosystems

One of the major challenges cryptography wants to address is how to ensure two end users, let’s say Alice and
Bob, could secretly exchange messages 𝑀 in an open and potentially unsafe environment. We have two strategies
to tackle this challenge. The first strategy is to let both Alice and Bob share a secret key 𝐾𝑠ℎ𝑎𝑟𝑒𝑑 and make sure
any one of them can encrypt the plaintext 𝑀 into ciphertext 𝐶 using 𝐾𝑠ℎ𝑎𝑟𝑒𝑑 , while the other can recover 𝑀 from
𝐶 using the same key 𝐾𝑠ℎ𝑎𝑟𝑒𝑑 . This strategy is also known as symmetric-key cryptography. It is similar with the
real-world locker example in which we use a key to lock a cabinet. When someone wants to open the cabinet,
they need to get the same key to open this cabinet. The process of Alice using the symmetric-key cryptography
to send a message to Bob is shown in Fig. 1(a).
The problem with the symmetric-key cryptography is that end users have to share the same key in advance,
which is often impractical in modern communication systems such as computer networks. In computer network
systems, communication connections are usually random and instantaneously. Besides, information sent over the
open environment could be intercepted by malicious attackers. Therefore, it is unrealistic to require all end users
to share the same secret key in advance when the want to exchange information secretly.

, Vol. 1, No. 1, Article . Publication date: August 2023.

 Understanding the RSA algorithm • 3

In 1976, Diffie and Hellman [2] proposed the second strategy named as public-key cryptosystems to tackle
the above challenge. The basic idea is that both Alice and Bob still share the same cryptograhic algorithm, but
they no longer need to share the same secret key. Instead, each of them will maintain two keys: a private key
and a public key. The private key is only known to the owner while the public key can be accessed by anyone
who wants to communicate with the owner. Every time Alice wants to send a message to Bob, Alice will use
Bob’s public key 𝐾 (𝐵𝑜𝑏,𝑝𝑢𝑏𝑙𝑖𝑐 ) to encrypt the message 𝑀. On Bob’s side, the ciphertext 𝐶 can be decrypted using
Bob’s private key 𝐾 (𝐵𝑜𝑏,𝑝𝑟𝑖𝑣𝑎𝑡𝑒 ) . Since only Bob has 𝐾 (𝐵𝑜𝑏,𝑝𝑟𝑖𝑣𝑎𝑡𝑒 ) , thus no one else could recover 𝑀. The process
of Alice using the public-key cryptosystem to send a message to Bob is shown in Fig. 1(b).
The public-key cryptosystem is similar with our self-service drop box mechanism used in the shipping industry.
Anyone can put an envelope or a package into a public drop box provided by the shipping company to get
it shipped (anyone could use the receiver’s public key to encrypt the message in public-key cryptosystems).
However, only authorized personnel from the shipping company that has the key (similar with the private key
used in public-key cryptosystems) could open the drop box to get the mails/packages been delivered.
Using public-key cryptosystems, two end users will no longer be required to share a secret key in advance
when they need to exchange information. All the sender needs to know is the public key of the receiver and
the cryptographic algorithm the receiver used, both of which are public information. The RSA algorithm is an
implementation of the public-key cryptosystem concept.

2.2 Modular Arithmetic

Modular arithmetic is a branch of arithmetic for integers, where numbers “wrap around” when reaching a certain
value. If we have a modulus 𝑛, which is an integer larger than 1, 𝑎 mod 𝑛 is the remainder of 𝑎 divided by 𝑛. The
result of 𝑎 mod 𝑛 for any number 𝑎 will always be less than 𝑛 and greater than or equal to 0, i.e., 0 ≤ 𝑎 mod 𝑛 < 𝑛.
If 𝑎 < 𝑛, then 𝑎 mod 𝑛 will always equal to 𝑎 itself. In the case where integers 𝑎 and 𝑏 have the same remainder
when divided by 𝑛, we call 𝑎 and 𝑏 are congruent modulo 𝑛 and can be represented as 𝑎 ≡ 𝑏 (mod 𝑛). In modular
arithmetic, we use “≡” rather than “=” to denote the equivalence of modulo results.
There is an important property of congruence that we will use in explaining the RSA algorithm, i.e., if
𝑎 ≡ 𝑏 (mod 𝑛) for integers 𝑎, 𝑏 and 𝑛, then 𝑎𝑘 ≡ 𝑏𝑘 (mod 𝑛) and 𝑎𝑘 ≡ 𝑏 𝑘 (mod 𝑛) for any integer 𝑘. Another
important theorem used in the RSA algorithm is that if there exists an integer 𝑏 such that 𝑎𝑏 ≡ 1 (mod 𝑛), then 𝑏
is said to be an inverse of 𝑎 modulo 𝑛 and vice versa. Further, an inverse of 𝑎 modulo 𝑛 is guaranteed to exist
whenever 𝑎 and 𝑛 are relatively prime. The modulo inverse here can be calculated by the Extended Euclidean
Algorithm. We skip the details of the Extended Euclidean Algorithm and just remember that it is a standard
and efficient method to find the modulo inverse of 𝑎 modulo 𝑛 when 𝑎 and 𝑛 are relatively prime. To make this
simpler to read, we leave the burden of proofs of these properties in modular arithmetic to readers’ interest. For
those who have a deeper interest in modular arithmetic, the related theorems and proofs, you can refer to [6] for
the detailed information.

2.3 Prime Factorization

Prime factorization means the decomposition, if possible, of a positive integer into a product of prime integers.
For example, the prime factorization of 15 is 3 × 5, in which both 3 and 5 are prime numbers. Prime factorization
is an important problem in number theory. It is important because still no efficient way has been discovered to
find the prime factorization of an integer with existing classical computer systems. The RSA algorithm embedded
prime factorization in its design to ensure there exists no efficient way to decipher the ciphertext.
However, it does not mean that we would not find an efficient way to perform prime factorization in the future
based on nowadays computer technology (a lot of mathematicians are still working on this problem); it also does
not mean that we would not find an efficient way on future computers, such as quantum computing. In fact, an

, Vol. 1, No. 1, Article . Publication date: August 2023.

4 • Zhengping Jay Luo, Ruowen Liu and Aarav Mehta

efficient way to perform prime factorization on quantum computers has already been found [7]. The problem is
that a workable quantum computer is still estimated to be at least decades away [1]. Therefore, we can safely say
the RSA algorithm is secure at least for the time being.

2.4 Euler’s Theorem

Euler’s theorem is one of the major mathematical foundations of the RSA algorithm. Before introducing Euler’s
theorem, we need to understand Euler’s totient function. Given a positive integer, Euler’s totient function is the
number of positive integers that are less than and relatively prime to this integer. For example, given an integer 8,
there exist four integers 1, 3, 5, 7 that are relatively prime to 8, thus Euler’s totient function value of 8 is 4. You
might have already realized that Euler’s totient function value for a prime number 𝑛 is always 𝑛 − 1 as all the
positive integers less than 𝑛 are relative prime to 𝑛 and there are 𝑛 − 1 positive integers less than 𝑛. Euler’s totient
function is usually denoted as 𝜙, e.g., 𝜙 (8) = 4.
An important mathematical property of Euler’s totient function is that if 𝑚 and 𝑛 are relatively prime integers,
then 𝜙 (𝑚𝑛) = 𝜙 (𝑚) × 𝜙 (𝑛). For example, 𝜙 (6) = 𝜙 (2) × 𝜙 (3) = 1 × 2 = 2. This property offers a convenient way
to calculate Euler’s totient function value if an integer can be factorized into the product of two prime numbers
𝑚 and 𝑛, i.e., 𝜙 (𝑚𝑛) = 𝜙 (𝑚) × 𝜙 (𝑛) = (𝑚 − 1) (𝑛 − 1) as 𝑚, 𝑛 are also relatively prime to each other. The challenge
here is that no efficient way has been found on modern computers to do prime factorization (as discussed in
Section 2.3).
Euler’s theorem says that, if two integers 𝑎 and 𝑛 are relatively prime, then
𝑎𝜙 (𝑛) ≡ 1 (mod 𝑛). (1)
For example, let 𝑎 = 3 and 𝑛 = 4, then they are relatively prime and we have 𝜙 (4) = 2. Further we have
3𝜙 (4) = 32 = 9, thus, 3𝜙 (4) ≡ 9 ≡ 1 (mod 4). We leave the proof of Euler’s theorem to the readers due to the
abundance of online resources on this topic. It is worth noting that Euler’s theorem provides a fast way to
calculate 𝑎𝜙 (𝑛) mod 𝑛 when 𝑎, 𝑛 are relatively prime. This property plays a significant role in the RSA algorithm
as we will see in the following section.

3 THE RSA ALGORITHM

In this section, we will see how the above background and preliminaries paved the way for understanding the
RSA algorithm. To materialize a public-key cryptosystem, as we introduced in Section 2.1, we want to achieve
the following three basic goals [5]:
(1) Efficiency: The encryption and decryption process should be easy to compute for legitimate users who
have the required key information.
(2) Plaintext Recovery: We should be able to get the original plaintext 𝑀 through decrypting the ciphertext
𝐶.
(3) Computational difficulty: Without the private key information, there is no known efficient way to
perform the decryption process.
With these three goals in mind, we introduce the core encryption and decryption process of the RSA algorithm.
The corresponding ciphertext 𝐶 of the plaintext 𝑀 is computed from
𝐶 ≡ 𝑀 𝑒 (mod 𝑛). (2)
The decryption process is similar, which is
𝑀 ′ ≡ 𝐶 𝑑 (mod 𝑛). (3)
The encryption key (𝑒, 𝑛) is public, and the decryption key (𝑑, 𝑛) is private. We use 𝑀 ′,
not 𝑀 directly in Eq. (3)
because we want to highlight that this is the result we obtained from the decryption process. We will ensure

, Vol. 1, No. 1, Article . Publication date: August 2023.

 Understanding the RSA algorithm • 5

𝑀 ′ = 𝑀 in the plaintext recovery goal. The detailed encryption and decryption process of the RSA algorithm is
shown as follows:

Algorithm 1 The encryption and decryption process of the RSA algorithm.

1: The Receiver:
2: Choose two large random prime numbers 𝑝 and 𝑞 privately.
3: Obtain 𝑛 and 𝜙 (𝑛) through 𝑛 = 𝑝 · 𝑞 and 𝜙 (𝑛) = (𝑝 − 1) (𝑞 − 1).
4: Choose a large number 𝑑 that is relatively prime to 𝜙 (𝑛).
5: Compute 𝑒 such that 𝑒𝑑 ≡ 1(mod 𝜙 (𝑛)).
6: Release the key (𝑒, 𝑛) to the public.
7: The Sender:
8: Encrypt the message 𝑀 using public key (𝑒, 𝑛): 𝐶 ≡ 𝑀 𝑒 (mod 𝑛).
9: The Receiver:
10: Decrypt ciphertext 𝐶 using private key (𝑑, 𝑛): 𝑀 ′ ≡ 𝐶 𝑑 (mod 𝑛).

We now need to understand what conditions must be satisfied and how this process could achieve the three
goals mentioned above. We will explain each goal with the associated conditions as follows.

3.1 Goal 1: Efficiency

Both procedures, the encryption and decryption, involve first raising the power of the plaintext or ciphertext,
and then applying the modulo operation. These two operations are actually identical from the implementation
perspective, thus it is easy to be implemented. The private and public key could also be determined using a
standard and efficient way on modern computers [4].

3.2 Goal 2: Plaintext recovery

The second goal is to guarantee the accurate recovery of original plaintext 𝑀 from ciphertext 𝐶 using receiver’s
private key (𝑑, 𝑒), i.e., to ensure 𝑀 ′ = 𝑀. Substituting 𝐶 in Eq.(2) to Eq.(3), it yields
𝑀 ′ ≡ [𝑀 𝑒 (mod 𝑛)]𝑑 ≡ 𝑀 𝑒𝑑 (mod 𝑛). (4)
As we know from Section 2.2,
𝑀 ≡ 𝑀 (mod 𝑛), if 𝑀 < 𝑛. (5)
Therefore, the goal can be reinterpreted as finding the conditions to guarantee
𝑀 𝑒𝑑 ≡ 𝑀 (mod 𝑛), with 𝑀 < 𝑛. (6)
According to the Euler’s theorem (Section 2.4), if 𝑀 and 𝑛 are relatively prime, then 𝑀 𝜙 (𝑛)
≡ 1 (mod 𝑛). By the
modular arithmetic properties (Section 2.2), we can raise both sides to the 𝑘-th power, with 𝑘 being a positive
integer, to get 𝑀 𝑘𝜙 (𝑛) ≡ 1𝑘 ≡ 1 (mod 𝑛). Multiplying both sides by 𝑀 yields,
𝑀 𝑘𝜙 (𝑛)+1 ≡ 𝑀 (mod 𝑛). (7)
Comparing Eq.(6) to Eq.(7), to ensure the correct recovery 𝑀′ = 𝑀, we would now require
𝑒𝑑 = 𝑘𝜙 (𝑛) + 1 , 𝑘 is a positive integer. (8)
Up until now, we found that we have two conditions need to be satisfied in order to make above equations hold:
(1) 𝑀 < 𝑛 and (2) 𝑀 and 𝑛 are relatively prime to each other. To satisfy the first condition, in real world, after
choosing the large positive number 𝑛, we need to break long messages into small blocks such that each block can
be represented as an integer 𝑀 that is less than 𝑛. We will explain how to ensure the second condition later.

, Vol. 1, No. 1, Article . Publication date: August 2023.

6 • Zhengping Jay Luo, Ruowen Liu and Aarav Mehta

3.3 Goal 3: Computational difficulty

Now the challenge is reduced to a problem of finding appropriate values of 𝑒 and 𝑑, which are the major
components of the public key and private key respectively. The only clue we have now is 𝑒𝑑 = 𝑘𝜙 (𝑛) + 1, where
𝑘 is a positive integer.
To achieve the third goal of computational difficulty, we will start with the challenge of how to choose 𝑒 and 𝑑.
Let’s first manipulate the equation a little bit. Given that 𝑒𝑑 = 𝑘𝜙 (𝑛) + 1, when the modulus is 𝜙 (𝑛), we have
𝑒𝑑 ≡ 𝑘𝜙 (𝑛) + 1 ≡ 1 (mod 𝜙 (𝑛)), where the last congruent relation comes from the fact that 𝑘 is a positive integer.
The congruence we get from the above manipulation 𝑒𝑑 ≡ 1 (mod 𝜙 (𝑛)) reveals that if 𝑑 and 𝜙 (𝑛) are relatively
prime, then 𝑒 is an inverse of 𝑑 modulo 𝜙 (𝑛) and the existence of 𝑒 is guaranteed (Section 2.2). Now we just need
to find a number 𝑑 that is relatively prime to 𝜙 (𝑛), and the corresponding inverse modulo 𝑛, denoted by 𝑒. Both
of which have standard and efficient ways to do that on modern computers.
We have successfully found a way to find an appropriate 𝑒 and 𝑑. However, this does not conclude the problem.
In the third goal of public-key cryptosystems, it requires that there exists no known efficient way to calculate 𝑑
given the information of 𝑒 and 𝑛. Obviously, we still have not reached that goal. If 𝑛 is not chosen carefully, an
attacker can easily figure out the value of 𝜙 (𝑛) and further efficiently figure out 𝑑 based on 𝑒.
Achieving the last goal of the public-key cryptosystems is one of the most elegant parts of the RSA algorithm.
We know that there exists no known efficient method to perform prime factorization(Section 2.3). If the receiver
can first find two large random prime numbers 𝑝 and 𝑞 privately and let 𝑛 = 𝑝 · 𝑞, then there will exist no efficient
way to reverse this process to get 𝑝 and 𝑞 from only 𝑛. Further, it will be computationally difficult to get the value
of 𝜙 (𝑛). However, it will be super easy for the receiver to calculate 𝜙 (𝑛) as 𝜙 (𝑛) = (𝑝 − 1) (𝑞 − 1) (Section 2.4).
This is also known as the “trap-door one-way function”, which is similar with how our shipping drop box works.
We still have one last question left unanswered from Section 3.2. How can we ensure 𝑛 and 𝑀 to be relatively
prime? Unfortunately, we cannot ensure it directly. However, we know that 𝑛 = 𝑝 · 𝑞 with 𝑝, 𝑞 being prime, which
means 𝑛 will be relatively prime to all numbers less than 𝑛 except 𝑝, 𝑞 and their multiples. The probability will be
extremely low when both 𝑝 and 𝑞 are sufficiently large because a prime number is relatively prime to all the
numbers less than itself. The only case in which 𝑀 and 𝑛 are not relatively prime is when 𝑀 is a multiple of 𝑝 or
𝑞, which has an extremely low chance in terms of probability considering we also require 𝑀 < 𝑛 in Goal 2.

4 A TOY EXAMPLE
In this section, let’s go through the whole process using a toy example. The detailed implementation specifications
of the RSA algorithm in real world can be found in [4]. Suppose Alice wants to send a message “Tue 7PM” to Bob
secretly using the RSA algorithm. First, Bob needs to decide his private key (𝑑, 𝑛) and public key (𝑒, 𝑛) for the
communication. Bob will choose two large random prime numbers 𝑝 and 𝑞. Let’s assume 𝑝 = 1721 and 𝑞 = 1801.
In real world, these two numbers should be much larger such that it is unrealistic for modern computers to obtain
the prime factors 𝑝 and 𝑞 from 𝑛. 𝑛 can be computed as 𝑛 = 𝑝 · 𝑞 = 3099521. We can also obtain Euler’s totient
function of 𝑛 as 𝜙 (𝑛) = (𝑝 − 1) (𝑞 − 1) = 3096000.
The next step for Bob is to choose a private key 𝑑, which is a number relatively prime to 𝜙 (𝑛). In real world,
𝑑 should also be a large number to prevent it from being guessed easily. Here in our toy example we choose
𝑑 = 997. Now Bob needs to compute the public key 𝑒. Based on the equation 𝑒𝑑 ≡ 1 (mod 𝜙 (𝑛)), we could get the
inverse of 𝑑 modulo 𝜙 (𝑛) as 𝑒 = 1012333 using the Extended Euclidean Algorithm. After 𝑒 and 𝑑 are determined,
𝑝 and 𝑞 can be destroyed or hidden for the sake of security. Bob can release his public key (𝑒, 𝑛) to the public
while keep 𝑑 private.

, Vol. 1, No. 1, Article . Publication date: August 2023.

 Understanding the RSA algorithm • 7

From Alice’s perspective, Alice needs to first obtain Bob’s public key (𝑒, 𝑛), then she could convert the message
she wants to send into its numerical representations. Here we use ASCII (American Standard Code for Information
Interchange) to convert “Tue 7PM” into numerical representation as: 084 117 101 032 055 080 077.
If the message is too long, Alice could divide the message into smaller blocks, then encode each block separately.
Here we divide the message into blocks that has 3 digits in each of them. There are seven blocks in the message
including the space. With the public key (𝑒, 𝑛) = (1012333, 3099521), Alice could obtain the ciphertext through
𝑀 𝑒 (mod 𝑛) to get 0841012333 ≡ 469428(mod 3099521), 1171012333 ≡ 547387(mod 3099521), . . . . . . . The complete
ciphertext 𝐶 is shown as "0469428 0547387 2687822 1878793 0330764 1501041 1232817".
When Bob receives the ciphertext, he will decrypt the ciphertext using his own private key (𝑑, 𝑛) = (997, 3099521)
to get 0469428997 ≡ 84(mod 3099521), 0547387997 ≡ 117(mod 3099521), . . . , 1232817997 ≡ 77(mod 3099521). Fi-
nally he recovers the original message by looking up the ASCII table to get the plaintext message “Tue 7PM”.

5 CONCLUSION
As the importance of cybersecurity increased rapidly in various aspects of our society, understanding the
fundamental logic of widely used security mechanisms is not only necessary for cybersecurity students, but will
also benefit a much wider community. In this work, we provided a self-contained and accessible interpretation
of the RSA algorithm. We introduced the algorithm from a beginners’ perspective in an onion-peeling style.
Mathematical background and cybersecurity knowledge requirements are minimized. Started with the goals
of public-key cryptosystems, we explained step-by-step how each of the goals is satisfied and implemented by
the RSA algorithm. We hope this will offer readers a new while much easier channel to understand the RSA
algorithm.

REFERENCES
[1] Daniel J Bernstein and Tanja Lange. 2017. Post-quantum cryptography. Nature 549, 7671 (2017), 188–194.
[2] Whitfield Diffie and Martin E Hellman. 2022. New directions in cryptography. In Democratizing Cryptography: The Work of Whitfield
Diffie and Martin Hellman. 365–390.
[3] Evgeny Milanov. 2009. The RSA algorithm. RSA laboratories (2009), 1–11.
[4] Kathleen Moriarty, Burt Kaliski, Jakob Jonsson, and Andreas Rusch. 2016. PKCS# 1: RSA cryptography specifications version 2.2. Technical
Report.
[5] Ronald L Rivest, Adi Shamir, and Leonard Adleman. 1978. A method for obtaining digital signatures and public-key cryptosystems.
Commun. ACM 21, 2 (1978), 120–126.
[6] Kenneth H Rosen. 2019. Discrete mathematics and its applications. The McGraw Hill Companies,.
[7] Peter W Shor. 1994. Algorithms for quantum computation: discrete logarithms and factoring. In Proceedings 35th annual symposium on
foundations of computer science. Ieee, 124–134.

, Vol. 1, No. 1, Article . Publication date: August 2023.