Why is the RSA exponentiation function a permutation (i.e. a bijection) over $\mathbb{Z}^*_N$? My doubt was specifically why, when raising to the power of the decryption key d we get a unique number x? My concern is specifically on the roots $x^{e^{-1}}=x^{1/e}$ being unique (which isn't the "normal" case for polynomial equations like that). Why is it that if we have $x^{e}$, why don't we have e different roots for $x^{e} \pmod {N}$?
I do understand that $ed = 1 \pmod N$ and that therefore:
$$x^{ed} = x^{ed \pmod {\phi(N)}} = x \pmod N$$
But what I did not understand is why the rules that we had for roots having e different roots that satisfied an equation like:
$$x^e = y \pmod N$$
Don't apply anymore. Why is there not a different $x' \neq x$ such that $x^e = (x')^e \pmod N$. What is the fundamental difference between the two setting? And why does that difference make it such that the RSA exponentiation function now has a unique correspondence between the two sets?
Thanks for the help!
A polynomial of degree $e$ has at most $e$ roots. The result that it has exactly $e$ roots (counting multiplicities) is only valid over an algebraically closed field, and $\mathbb{Z}_N$ is not algebraically closed.