What information is needed to be stored for RSA private key for decryption

Question

I am using rsa module in Python. I use the following line to generate public and private key:

(public_key, private_key) = rsa.newkeys(2048)

And then I encrypt a message using:

encrypted_msg = rsa.encrypt(the_msg, public_key)

Now assume I want to give the private key to someone, along with the encrypted message. What information shall be included in the private key that I give to the other person? If I look at the PrivateKey structure in Python code, I see that for example private_key has the following fields:

blindfac, blinffac_inverse, coef, d, e, exp1, exp2, mutex, n, p, q.

Do I need to save and pass all these data to the other person so s/he can decrypt the message? What are all these variables?

Answer 1

In RSA, there are various numbers that are (kind of) equivalent to the private key, but aren't the private key per se. These are numbers that if you know them, you can calculate the rest of the private key quickly. Some of these numbers improve signing/decryption speed of the private key if you know them, so RSA implementations often keep them with the private key for speed.

I looked up this implementation and found the following meaning:

• n is the modulus, the number modulo which key operations are done.
• e is the public exponent, the power to which a message is taken to encrypt it (or validate its signature).
• d is the private exponent. Taking a number to power d (modulo n) is the inverse operation to taking a number to power e. This is because in RSA, for any $m$ in range, $(m^e)^d \equiv (m^d)^e \equiv m \pmod n$.
• p is the larger factor of n.
• q is the smaller factor of n. The fact that it's smaller is important to the meaning of coef.
• exp1 is $d \mod (p-1)$.
• exp2 is $d \mod (q-1)$.
• coef is $q^{-1} \mod p$. It's the coefficient for the CRT speedup technique.
• blindfac is a random number chosen during decryption or signing. It is used during these operations to hide the value of private numbers from timing and power attacks: to "blind" timing attacks.
• blindfac_inverse is the inverse of blindfac modulo n, used for the blinding process.
• mutex is internal to the implementation, and isn't a number. It appears to be used for thread-safety of the implementation.

The public key consists of the numbers n and e.

The private key consists of the numbers n and d; e is usually included for convenience. You can do all operations with just d and the public key, but it may not have optimal performance.

p, q, exp1, exp2, and coef are additional private numbers that, when provided, speed up RSA decryption and signing operations. You want to keep these numbers if you can, but they are not necessary. For more information on what these do: Chinese Remainder Theorem and RSA

blindfac and blindfac_inverse are temporary numbers generated by the blind() function in that Python RSA implementation. Do not save these numbers.