Finding (e,d) in RSA - mathematical problem

Question

I've been trying to solve that but it seems to me illogical.
$p$ and $q$ are large prime numbers and $n=p*q$.
Alice wants to send Bob message $M$ using RSA.
Alice lets Eve choose the keys for her and makes sure that $e \ mod[φ(n)] ≠ 1$.
I need to show how Eve could choose a pair of keys $(e,d)$, such that it would be possible to encrypt and decrypt, but
$M^e \ mod(n)=M \ mod(n) \ \ \ ∀M$


When I tried to solved that myself, my answers always lead me to $e=1$ which is not possible because $e \ mod[φ(n)] ≠ 1$.
I will be glad for some help.
Thanks.

Answer 1

Note that $$ed \equiv 1 \pmod{\varphi(n)}$$ isn't necessary for RSA to work. The actual necessary and sufficient condition is that $$ed \equiv 1 \pmod{\lambda(n)},$$ where $\lambda(n) = \operatorname{lcm}(p-1, q-1) = \varphi(n) \mathbin/ \operatorname{gcd}(p-1, q-1)$ is the Carmichael totient of $n = pq$.

In particular, since $p$ and $q$ are both odd primes by definition, we know that $\operatorname{gcd}(p-1, q-1) > 1$ and thus that $\lambda(n) < \varphi(n)$. Thus, it's sufficient for Eve to choose (for example) $e = \lambda(n)+1$ and $d = 1$, which will pass Alice's check for $e \not\equiv 1 \pmod{\varphi(n)}$ even though $m^e \equiv m \pmod{n}$ for all $m$.