I'm learning modular exponentiation with Chinese remainder theorem.
I found a great answer from below How can I use eulers totient and the chinese remainder theorem for modular exponentiation?
But I can't understand the last step of construction from $C_p$ and $C_q$ very well. Can someone explain it to me? Moreover, if I make $N = 55 = 11 \times 5$ instead of $5 \times 11$, that last step fails to give correct answer.
The last step: $$M^e \bmod{pq}= C_q+q((C_p−C_q) \bmod p)$$
First, you got the last line wrong, it's $$M^e \bmod{pq} = C_q+q(q^{−1}(C_p−C_q) \bmod p)$$
The basic idea of the CRT is that if $a$ and $b$ are relatively prime, working modulo $ab$ is the same as working modulo $a$ and modulo $b$ separately. In the case of modular exponentiation, exponentiating an element modulo $a$ and then modulo $b$ is much cheaper than modulo $ab$, because you can work with smaller exponents.
About that last step, it's standard CRT computation, you have $$\left\{\begin{array}{l} M^e \equiv C_p \pmod p \\ M^e \equiv C_q \pmod q \end{array}\right.$$
The second line gives $M^e = C_q+kq$. Plugging that into the first gives $C_q+kq \equiv C_p \pmod p$, so $kq \equiv C_p-C_q \pmod p$. Since $p$ and $q$ are relatively prime we can take $q^{-1} \bmod p$, so $k \equiv q^{-1}(C_p-C_q) \pmod{p}$, so $k = q^{-1}(C_p-C_q) + k'p$. Plugging that into $M^e = C_q+kq$ gives the desired expression.
