LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What are the four steps of RSA key generation for a 3072-bit key in practice?

Choose two ~1536-bit primes, multiply them to get N, choose e coprime to φ(N), compute d as the modular inverse of e.

Step 1: Choose two large random primes $p$ and $q$

  • Each ~1536 bits (~462 decimal digits, ~$10^{450}$)
  • Must be roughly equal size
  • $(p-1)$ and $(q-1)$ should contain large prime factors

Step 2: Compute $N = p \cdot q$

  • Result is ~3072 bits (~924 decimal digits)

Step 3: Choose public exponent $e < \varphi(N) = (p-1)(q-1)$

  • Must satisfy $\gcd(e, (p-1)(q-1)) = 1$
  • Often a randomly chosen prime, or the standard $e = 65537$
  • Warning: Small $e$ (like 3) is safe for signing but dangerous for encryption without padding!

Step 4: Compute $d \equiv e^{-1} \mod (p-1)(q-1)$

  • Using the Extended Euclidean Algorithm
  • Verify: $d \cdot e \equiv 1 \mod \varphi(N)$, i.e., $d \cdot e = r \cdot (p-1)(q-1) + 1$

Important (BSI 2023): Modulus N must be at least 3000 bits. The $d \equiv e^{-1}$ is computed mod $\varphi(N)$, NOT mod $N$ — this is a critical distinction!

Go deeper:

From Quiz: KRYPTOG / RSA | Updated: Jul 14, 2026