I am going through RSA Algorithm and I have few questions. The questions can be silly, Please help me.
My understanding of RSA Algorithm.
My Question is, How does a Receiver get his private keys P and Q.
For a particular Public Key, If every receiver has the Same private keys then One malicious Receiver can decrypt any message that is intended to send to other receivers?
The general model is that the the sender generated their own private key, so the key isn't transmitted, it is just manufactured out of whole cloth.
When looking at small numbers there aren't very many prime numbers to choose from, so the risk of collision is high. For example, there are only 25 prime numbers less than 100, so a total of 300 private keys (25 * 24 / 2). The odds that a second party has the same key as you in that constrained space, 1 in 300.
When you get into bigger key-spaces, though, the chance of two parties accidentally having the same private key are vanishingly small. RSA-1024 (which is now "too small") uses 512-bit values for p and q. The prime number theorem says there are approximately 2^511 / ln(2^511) (~1.9e151) 512-bit prime numbers, making about 1.8e302 different private keys. The birthday problem says that there's a 1% chance of two randomly generated RSA-1024 keys being the same after 1.9e150 keys have been generated. That's a lot of keys.
For RSA-2048: 1.3e305 1024-bit primes, 8e609 private keys. 1% chance of collision at 1.3e304 key generations.
You are correct, though, that if two parties have the same private key, they each can decrypt messages intended for the other party (and can sign messages on behalf of the other party).
The solution is: don't share private keys. Generate your own, and do it in a big enough keyspace. (Not just to keep collisions down, but to keep targeted key breaking hard)
In general each "receiver" has its own private key which is never shared. You usually rely on a PKI to sign a different key to each "receiver". In that context key distribution is relatively easy because the "receiver" generate his private key locally and get his public key signed by the CA. It is exactly how HTTPS works so you can look at how let's encrypt do it as a reference.
You should make sure to keep the root key of the PKI and the private signing key secure. E.g use a HSM or a cold storage.
