 So, of course, if something is too inconvenient to use, it won't be used. And so one of the ongoing challenges is to make sure that RSA, which is a relatively good crypto system, is actually practical to use. And the biggest problem, the biggest limitation with RSA is that Shen really requires doing lots and lots and lots and lots of computations. So for example, let's say Alice sets up her RSA system using the public number 3293 and public exponent E equals 35. Now Bob wants to send her the value M equals 153, so he computes 153 to power 35 and finds 2494 is the number two set. Alice receives this, and since she set up the system, she knows what the corresponding decryption exponent is going to be, works out to be 2987. And so in order to decrypt this number, Alice must evaluate 2494 to power 2987, mod 3293. And again, remember that in a real RSA system, this encryption exponent may have 100 digits, this decryption exponent may have 200 digits or something like that. So the computations here are non-trivial. So in any case, that's quite a bit of work, even with the fast-powering algorithm. So the natural question to ask is, well, can we do this more effectively, more efficiently? And the answer is we can go back to our Chinese remainder algorithm. And in general, if I have a congruence, if a number is congruent to a mod A product, then the number is going to be congruent to the same value mod P and mod Q. Now note that A could be larger than P or Q individually. So this may necessitate further reduction by the modulus, but we know that at least we can start off with these two congruences. And what that means is the following. What I need to evaluate, what Alice needs to find is C to power D mod N. But because she set up the system, she knows how N factors. N has a factor of P times Q. And so rather than finding C to power D mod N, she can try to find C to power D mod P, C to power D mod Q, and then solve the Chinese remainder problem to find the number that satisfies both of those congruences. What makes this work is that since P and Q are prime and much smaller than N, first of all, I know that C anything to power P minus 1 is congruent to 1 mod P, and likewise C to power Q minus 1 is congruent to 1 mod P. So at worst, we'll have to compute C to power P minus 1, C to power Q minus 1 instead of a much higher power of C. Also, in general, we know that C back here could be as large as N, but if C is larger than P or C is larger than Q, I can also reduce it. So using the Chinese remainder algorithm allows me to reduce the size of the numbers that I'm working with. So for example, let's take Alice's cryptosystem, and again she knows what the factorization of 3293 is. So if she wants to evaluate 2494 to power 2987 mod 3293, she can solve this system of congruences. But she's not going to solve this system of congruences. She's going to be clever and reduce this to a simpler system. So we can reduce both bases by their respective moduli. So 2494 mod 37 is 15, 2494 mod 89 reduces all the way down to 2. Next, since I know that 37 and 89 are both prime, those exponents can be reduced. So this 2987, what I'm going to do is I'm going to split off factors of 37 minus 1, 36. So that 2987, 36 times 82 plus 35, rearrange, 15 to power 36 to the 82nd, 15 to the 35th. 37 is prime, so anything to the 1 less is going to be 1. So this first factor here is 1. I can ignore it, and I have x congruent of 15 to power 35. Likewise, this 2 to power 2987, 89 is prime, so I can split off powers of 89 minus 1, 88. So that 2987, 88 times 33 plus 83, 2 to the 88 to the 33rd. And again, 2 to the 88th power is congruent to 1 mod 89. So I'll drop out that first factor, and I'm left with this much nicer system of congruences. So at this point, I can use the Chinese remainder problem algorithm and solve this system of congruences. And it turns out that 15 to power 35, that reduces to 5, 2 to power 83 reduces to 64. I can solve this system of congruences. I'm looking for something that's congruent to 5 mod 37 and 64 mod 89. So multiple of 89, that's congruent to 5, well, there's 1. A multiple of 37, that's congruent to 64, there's 1. And I can add the 2 together to get a solution and then reduce that solution mod the product. So here is a solution, and I'm going to reduce that mod the product. So 37 by 89, note that this is Alice's public number N, and I get this number 153, which is the number that I started with and the number I'm looking for as my decrypted value.