Efficient encryption and decryption
|
|
- Evangeline Sanders
- 5 years ago
- Views:
Transcription
1 ECE646 Lctur RSA Implmntation: Efficint ncryption, dcryption & ky gnration Rquird Rading W. Stallings, "Cryptography and twork-scurity, Chaptr 9. Th RSA Algorithm Chaptr 8. Tsting for Primality A. Mnzs, P. van Oorschot, and S. Vanston, Handbook of Applid Cryptography Chaptr 4 Public-Ky Paramtrs 4. Introduction 4. Probabilistic primality tsts (you can skip 4.. Solvay-Strassn tst) 4.4 Prim numbr gnration (you can skip 4.4. and 4.4.4) umbr of bits vs. numbr of dcimal digits #digits = #bits Efficint ncryption and dcryption #digits = (log ) #bits. #bits 56 bits = 77 D 84 bits = 6 D 5 bits = 54 D 768 bits = D 4 bits = 8 D 48 bits = 66 D How to prform xponntiation fficintly? Exponntiation: Y = X E mod Y = X E mod = X X X X X X X mod Right-to-lft binary xponntiation Lft-to-right binary xponntiation E-tims E = ( L-, L-,,, ) Problms: Solutions: E may b in th rang of 4 8. hug storag ncssary to stor X E bfor rduction. amount of computations infasibl to prform. modulo rduction aftr ach multiplication. clvr algorithms BC, India, Chandah-Sûtra Y = ; S = X; for i= to L- { if ( i == ) Y = Y S mod ; S = S mod ; } Y = ; for i=l- downto { Y = Y mod ; if ( i == ) Y = Y X mod ; }
2 Right-to-lft binary xponntiation E = ( L-, L-,,, ) S: X X mod X 4 mod X 8 mod X L- mod E: L- Y = X (X mod ) (X 4 mod ) (X 8 mod ) (X L- mod ) L- (X a ) b = X ab X a X b = X a+b Y = X L- L- mod = L- i i i= = X = X E mod Y = X E mod Right-to-lft binary xponntiation: Exampl E = 9 = = () S: X X mod X 4 mod X 8 mod X 6 mod E: 4 Y = X X mod X 6 mod = = X 9 mod Y = 9 mod mod =9 9 mod = 4 4 mod = 5 5 mod = 9 mod (7 mod ) mod = 5 mod = 4 Lft-to-right binary xponntiation Y = X E mod E = ( L-, L-,,, ) E: L- L- L- Y = ((...((( X L- ) X L- ) X L- ). ) X ) X mod (X a ) b = X ab X a X b = X a+b Y = X ( L- + L- ) + L- ) +. + ) + mod = i i = X L- L- + L- L- + L- L i= mod = X = = X E mod L- Lft-to-right binary xponntiation: Exampl Y = 9 mod E = 9 = = () E: 4 Y = ((...((( X ) ) ) X) X mod = ((( mod ) ) mod ) mod ) mod mod = (8 mod ) mod ) mod mod = = (5 ) mod mod = = 4 mod mod = = 5 mod = 4 Y = (X 8 X ) X mod = X 9 mod Exponntiation Exampl: Y = 7 mod Right-to-lft binary xponntiation = = ( ) Lft-to-right binary xponntiation Right-to-Lft Binary Exponntiation in Hardwar X E nabl Y S MUL SQR output
3 Lft-to-Right Binary Exponntiation in Hardwar Y X Basic Oprations of RSA Encryption L < k public ky xponnt C = M mod ciphrtxt plaintxt public ky modulus k-bits k-bits k-bits Control Logic E Dcryption L=k d privat ky xponnt MUL M plaintxt = C mod ciphrtxt privat ky modulus output k-bits k-bits k-bits Tim of Exponntiation in Softwar Tim of Exponntiation in Hardwar t EXP (, L, k) = #modular_multiplications(, L) t MULMOD (k), L = 4 = F 4 = + #modular_multiplications 7 larg random L-bit L + #ons() L t EXP (L, k) = L t MULMOD (k) t MULMOD (k) - tim of a singl modular multiplication of two k-bit numbrs modulo a k-bit numbr t MULMOD (k) = c hm k t MULMOD (k) - tim of a singl modular multiplication of two k-bit numbrs modulo a k-bit numbr t MULMOD (k) = c sm k Algorithms for Modular Multiplication Papr-and-Pncil Algorithm of Multiplication word = l byts = λ bits A n- A n-... A A A Multiplication Papr-and-pncil θ(k ) Karatsuba θ(k / ) Schönhag-Strassn (FFT) Modular Rduction θ(k ln(k)) Multiplication combind with modular rduction Montgomry algorithm θ(k ) classical Barrtt θ(k ) th sam complxity as undrlying multiplication Slby-Mitchll θ(k ) + + Assrtion: + lg n λ D n- words D n- C n- C n- words D n-4 D = A B D = A B + A B D = A B + A B + A B C n+ C n B n- B n- C n- C n-... B B D words D n-4 = A n- B n- + A n- B n- + A n- B n- D n- = A n- B n- + A n- B n- D n- = A n- B n- x + + D words D... C C B C
4 Classical Algorithm of Modular Rduction x m Effct of th incras in th computr spd on th spd of ncryption and dcryption in RSA x n- x n- x n-... x n-... x x : m n- m n-... m x n- x n-... x n-... x q n- m x x n- b+ x n- q n- = m n- : m n- m n-... m q n- = q n- + ε ε =,, computr spd to kp th sam scurity oprand siz x n-... x n-... x x q n- = x n- b+ x n- m n- q n- = q n- + ε ε =,, ncryption/dcryption spd x n-... x x Dcryption using Chins Rmaindr Thorm M C P = C mod P d P = d mod (P-) d P = C mod C Q = C mod Q d Q = d mod (Q-) M P = C P mod P M Q = C Q mod Q whr M = M P R Q + M Q R P mod R P = (P - mod Q) P = P Q- mod R Q = (Q - mod P) Q= Q P- mod d d Q SOFTWARE Without CRT Tim of dcryption without and with Chins Rmaindr Thorm HARDWARE t DEC (k) = t EXP (random, k, L=k) = c s k With CRT k t DEC-CRT (k) t EXP (random, k/, L=k/) = c s ( ) = t DEC (k) 4 Without CRT t DEC (k) = t EXP (random, k, L=k) = c h k With CRT t DEC-CRT (k) t EXP (random, k/, L=k/) = c h ( k ) = t DEC (k) 4 Lt and Chins Rmaindr Thorm = n n n... n M for any i, j gcd(n i, n j ) = Thn, any numbr A - can b rprsntd uniquly by A (a = A mod n, a = A mod n,, a M = A mod n M ) A can b rconstructd from (a, a,, a M ) using quation M A = (a i i - i mod n i ) mod i= whr i = = n i = n n... n i- n i+... n M M = M P P Chins Rmaindr Thorm for =P Q = P Q gcd(p, Q) = M (M p = M mod P, M Q = M mod Q) P - mod P + MQ Q Q - mod Q = M P Q ((Q - ) mod P) + M Q P ((P - ) mod Q) mod = = M P R Q + M Q R P mod mod
5 Concalmnt of mssags in th RSA cryptosystm Blakly, Borosh, 979 Thr xist mssags that ar not changd by th RSA ncryption! For xampl: M= C = mod = M= C = mod = M=- - mod C = (-) mod = - Evry M such that M P = M mod P {,, -} M Q = M mod Q {,, -} C P = C mod P = (M mod ) mod P = M mod P = M P mod P = M P C Q = C mod Q = (M mod ) mod Q = M mod Q = M Q mod Q = M Q Concalmnt of mssags in th RSA cryptosystm Blakly, Borosh, 979 At last 9 mssags not concald by RSA! umbr of mssags not concald by RSA: σ = ( + gcd(-, P-)) ( + gcd(-, Q-)) A. = σ = 9 B. gcd(-, P-) = and gcd(-, Q-) = σ = 9 C. gcd(-, P-) = P- and gcd(-, Q-) = Q- σ = P Q= It is possibl that all mssags rmain unconcald by RSA! Efficint ky gnration prim numbr gnration Gnration of th RSA kys P, Q Typically = 6 + gcd(, P-) = gcd(, Q-) = gcd(-, P-) = gcd(-, Q-) = Extndd Euclid s algorithm = P Q d = - mod (P-) (Q-) Random sarch Random vs. Incrmntal Sarch Is thr a sufficnt amount of prim numbrs to choos from? π(x) - th amount of prim numbrs smallr than x x prims numbrs tstd for primality Incrmntal sarch starting point chosn at random π(x) = x ln(x) π(x) prim numbrs x π(x)
6 Is thr a sufficnt amount of prim numbrs of th givn bit lngth to choos from? π k - th amount of prim numbrs of th siz of k-bits k- π k prim numbrs k Avrag distanc btwn prims of th givn bit lngth () prims k- k Avrag distanc btwn two conscutiv prims π k = π( k ) - π( k- ).5 π( k ) π( k- ) k π k Avrag distanc (k) k - k- π k.69 (k-) k- π( k- ) ln k- Avrag distanc btwn prims of th givn bit lngth () Eulr s Thorm Lonard Eulr, umbr of bits k Avrag distanc btwn prims Avrag amount of odd numbrs to tst a: gcd(a, ) = a ϕ() (mod ) Frmat s Thorm Pirr d Frmat, 6?-665 Frmat primality tst prim a: gcd(a, ) = a - (mod )
7 Frmat primality tst Carmichal umbrs n composit Carmichal numbr n composit L(n) Liars to W(n) Witnsss to L(n) Liars to W(n) Witnsss to a W(n) iff a n- mod n {..n-} W(n) = {a: a n, gcd(a, n)>} L(n) = ϕ(n) W(n) = n-ϕ(n) {..n-} Carmichal umbrs A composit intgr is a Carmichal numbr iff k n= p p p p k p i ar distinct prims, p i p j for i j p i (p i -) (n-) Smallst Carmichal numbr n = 56 = 7 Among all numbrs smallr or qual to 5 Thr ar about prim numbrs 5 Carmichal numbrs Good probabilistic primality tst n composit L(n) Liars to W(n) Witnsss to n composit W(n) L(n) {..n-} If a W(n) tst rturns n composit ls tst rturns n probably prim or n psudoprim to th bas a n composit n composit L(n) Strong liars to W(n) Strong witnsss to L(n), n- Strong liars to W(n) Strong witnsss to n composit {..n-} L(n) ϕ(n)/4 < (n-)/4 For crtain composit numbrs, such as n = (k+) thr ar only two strong liars: and n- {..n-}
8 Mathmatical Basis Algorithm () If n is prim thn has only two squar roots modulo n i.., thr ar only two numbrs, y and y, such that y mod n = and y mod n = y = and y =n- - mod n If n is composit thn has at last four squar roots modulo n i.., thr xist numbrs, y, y, y, y 4, such that y mod n =, y mod n =, y mod n =, y 4 mod n =, y =, y =n- - mod n, y ± mod n, y 4 ± mod n Find s and r, such that For xampl: n - = s r, n = 49 n - = 48 = 4 s=4, r= n = 6 n- = 6 = 5 s=, r=5 whr r is odd Algorithm () Algorithm () Comput a n- mod n = ( ((a r mod n) mod n) mod n ) mod n = squar mod n s squarings s- s a r (a r ) (a r ) (a r )... (a r ) (a r ) squar root mod n mod n squar mod n s- s a r (a r ) (a r ) (a r )... (a r ) (a r ) X ± mod n squar root mod n X X - X X - X X X X X X mod n rsult of tst probably prim or composit? -log of th bound on th rror probability of dclaring a k-bit composit numbr a prim aftr t itrations of th k = numbr of bits t - numbr of itrations of th
9 Minimal numbr of th s t, ncssary to obtain th probability of rror < - for a k-bit numbr n Minimal numbr of th s, t, for rlativly small numbrs n k t k t k t ovr 85 Random vs. Incrmntal Sarch Using division by small prims Random sarch prims numbrs tstd prims numbrs tstd for primality Incrmntal sarch starting point chosn at random D D D D D D D D D D D D D D D D D R R R D Division by small prims R R with bas R R with th random bas a R R Mrtn s Thorm Th proportion of candidat odd intgrs OT ruld out by th trial division by all prims B Incrmntal sarch for a prim Efficint implmntation of division by small prims St of small prims 5 7 α(b) = (-/) (-/5) (-/7) (-/B) α(b). / ln B For B=56, α(b). 8% of tstd numbrs discardd by th trial division n = 9 n = 9 n = 95 n = 97 n = 99 n mod = n mod 5 = n mod 7 = n mod = + mod = + mod 5= + mod 7= + mod = 5 + mod = + mod 5= + mod 7= 4 5+ mod = 7 + mod = + mod 5= 4+ mod 7= 6 7+ mod = 9 + mod = + mod 5= 4 6+ mod 7= 9+ mod = n = + mod = 4+ mod 5= + mod 7= + mod =
10 Division by small prims Practical implmntation () Optimum numbr of small prims 5 7 S[k] {, 5, 7,. B opt } B opt R D ln (R /D) R = tim of th with bas D = tim spnt on tst dividing on numbr by on small prim Rcovring RSA-ncryptd mssags without a privat ky () Gussing a st of possibl mssags RSA countrmasurs against known attacks IRS FBI E public_ky_of_fbi ( nam of th congrss mmbr who committd a tax fraud) journalist E public_ky_of_fbi (nam) E public_ky_of_fbi (nam).. E public_ky_of_fbi (nam) Rcovring RSA-ncryptd mssags without a privat ky () Small and small mssags = Hastad s attack P U = (, ) P U = (, ) P U = (, ) m c = m mod = m / m < / m =, m snd to thr diffrnt popl m mod CRT m mod m mod = m m mod / m Coding Optimal Assymtric Encryption Padding () >68 bits mssag SEED MASK(SEED) maskd_mssag maskd_mssag Bllar-Rogaway MASK(maskd_mssag) maskd_sd
11 Optimal Assymtric Encryption Padding () RSA signatur Dcoding Bllar-Rogaway Alic Mssag Signatur Mssag Signatur Bob maskd_mssag maskd_sd Hash function Hash function MASK(maskd_mssag) Hash valu SEED Hash valu ys no MASK(SEED) Public ky algorithm Hash valu Public ky algorithm mssag >68 bits Alic s privat ky Alic s public ky Padding for signaturs with appndix PKCS # v.5 for signaturs Padding for signaturs with appndix PKCS v.: PSS Probabilistic Signatur Schm FF FF FF. FF hash ID h(m) at last 8 byts ASI X9., ISO BBBBBBBBBBB A h(m) hash ID MGF: Mask Gnration Function padding : padding : zro octts bc: BC in hx
Efficient encryption and decryption. ECE646 Lecture 10. RSA Implementation: Efficient Encryption & Decryption. Required Reading
ECE646 Lecture 10 RSA Implementation: Efficient Encryption & Decryption Required Reading W. Stallings, "Cryptography and etwork-security, Chapter 9.2 The RSA Algorithm Chapter 8.4 The Chinese Remainder
More informationRSA: Genesis, Security, Implementation & Key Generation
ECE 646 Lecture 8 RSA: Genesis, Security, Implementation & Key Generation Public Key (Asymmetric) Cryptosystems Public key of Bob - K B Private key of Bob - k B Network Alice Encryption Decryption Bob
More informationECE 646 Lecture 8. RSA: Genesis, Security, Implementation & Key Generation
ECE 646 Lecture 8 RSA: Genesis, Security, Implementation & Key Generation Public Key (Asymmetric) Cryptosystems Public key of Bob - K B Private key of Bob - k B Network Alice Encryption Decryption Bob
More informationRSA Key Generation. Required Reading. W. Stallings, "Cryptography and Network-Security, Chapter 8.3 Testing for Primality
ECE646 Lecture RSA Key Generation Required Reading W. Stallings, "Cryptography and Network-Security, Chapter 8.3 Testing for Primality A.Menezes, P. van Oorschot, and S. Vanstone, Handbook of Applied Cryptography
More informationECE646 Lecture 11 Required Reading Chapter 8.3 Testing for Primality RSA Key Generation
ECE646 Lecture equired eading W. Stallings, "Cryptography and Network-Security, Chapter 8. Testing for Primality SA Key Generation A.Menezes, P. van Oorschot, and S. Vanstone, Handbook of Applied Cryptography
More informationA generalized attack on RSA type cryptosystems
A gnralizd attack on RSA typ cryptosystms Martin Bundr, Abdrrahman Nitaj, Willy Susilo, Josph Tonin Abstract Lt N = pq b an RSA modulus with unknown factorization. Som variants of th RSA cryptosystm, such
More informationImprovement in Rebalanced CRT RSA
524 Th Intrnational Arab Journal of Information Tchnology, Vol. 12, No. 6, Novmbr 2015 Improvmnt in Rbalancd CRT Sma Vrma and Dpak Garg Dpartmnt of Computr Scinc and Enginring, Thapar Univrsity, India
More informationAlgorithmic Number Theory and Public-key Cryptography
Algorithmic Number Theory and Public-key Cryptography Course 3 University of Luxembourg March 22, 2018 The RSA algorithm The RSA algorithm is the most widely-used public-key encryption algorithm Invented
More informationA NEW SIGNATURE PROTOCOL BASED ON RSA AND ELGAMAL SCHEME
A NEW SIGNATURE PROTOCOL BASED ON RSA AND ELGAMAL SCHEME ABSTRACT J Ettanfoui and O Kadir Laboratory of Matmatics, Cryptograpy and Mcanics, Fstm, Univrsity Hassan II of Casablanca, Morocco In tis papr,
More informationIntroduction to Public-Key Cryptosystems:
Introduction to Public-Key Cryptosystems: Technical Underpinnings: RSA and Primality Testing Modes of Encryption for RSA Digital Signatures for RSA 1 RSA Block Encryption / Decryption and Signing Each
More informationHardy-Littlewood Conjecture and Exceptional real Zero. JinHua Fei. ChangLing Company of Electronic Technology Baoji Shannxi P.R.
Hardy-Littlwood Conjctur and Excptional ral Zro JinHua Fi ChangLing Company of Elctronic Tchnology Baoji Shannxi P.R.China E-mail: fijinhuayoujian@msn.com Abstract. In this papr, w assum that Hardy-Littlwood
More informationCryptography. Course 1: Remainder: RSA. Jean-Sébastien Coron. September 21, Université du Luxembourg
Course 1: Remainder: RSA Université du Luxembourg September 21, 2010 Public-key encryption Public-key encryption: two keys. One key is made public and used to encrypt. The other key is kept private and
More informationRecall that by Theorems 10.3 and 10.4 together provide us the estimate o(n2 ), S(q) q 9, q=1
Chaptr 11 Th singular sris Rcall that by Thorms 10 and 104 togthr provid us th stimat 9 4 n 2 111 Rn = SnΓ 2 + on2, whr th singular sris Sn was dfind in Chaptr 10 as Sn = q=1 Sq q 9, with Sq = 1 a q gcda,q=1
More informationIntroduction to Arithmetic Geometry Fall 2013 Lecture #20 11/14/2013
18.782 Introduction to Arithmtic Gomtry Fall 2013 Lctur #20 11/14/2013 20.1 Dgr thorm for morphisms of curvs Lt us rstat th thorm givn at th nd of th last lctur, which w will now prov. Thorm 20.1. Lt φ:
More informationHomework #3. 1 x. dx. It therefore follows that a sum of the
Danil Cannon CS 62 / Luan March 5, 2009 Homwork # 1. Th natural logarithm is dfind by ln n = n 1 dx. It thrfor follows that a sum of th 1 x sam addnd ovr th sam intrval should b both asymptotically uppr-
More informationAn Application of Hardy-Littlewood Conjecture. JinHua Fei. ChangLing Company of Electronic Technology Baoji Shannxi P.R.China
An Application of Hardy-Littlwood Conjctur JinHua Fi ChangLing Company of Elctronic Tchnology Baoji Shannxi P.R.China E-mail: fijinhuayoujian@msn.com Abstract. In this papr, w assum that wakr Hardy-Littlwood
More informationPropositional Logic. Combinatorial Problem Solving (CPS) Albert Oliveras Enric Rodríguez-Carbonell. May 17, 2018
Propositional Logic Combinatorial Problm Solving (CPS) Albrt Olivras Enric Rodríguz-Carbonll May 17, 2018 Ovrviw of th sssion Dfinition of Propositional Logic Gnral Concpts in Logic Rduction to SAT CNFs
More information2008 AP Calculus BC Multiple Choice Exam
008 AP Multipl Choic Eam Nam 008 AP Calculus BC Multipl Choic Eam Sction No Calculator Activ AP Calculus 008 BC Multipl Choic. At tim t 0, a particl moving in th -plan is th acclration vctor of th particl
More information1 Minimum Cut Problem
CS 6 Lctur 6 Min Cut and argr s Algorithm Scribs: Png Hui How (05), Virginia Dat: May 4, 06 Minimum Cut Problm Today, w introduc th minimum cut problm. This problm has many motivations, on of which coms
More informationCarmen s Core Concepts (Math 135)
Carmen s Core Concepts (Math 135) Carmen Bruni University of Waterloo Week 8 1 The following are equivalent (TFAE) 2 Inverses 3 More on Multiplicative Inverses 4 Linear Congruence Theorem 2 [LCT2] 5 Fermat
More informationAbstract Interpretation: concrete and abstract semantics
Abstract Intrprtation: concrt and abstract smantics Concrt smantics W considr a vry tiny languag that manags arithmtic oprations on intgrs valus. Th (concrt) smantics of th languags cab b dfind by th funzcion
More informationAsymmetric Encryption
-3 s s Encryption Comp Sci 3600 Outline -3 s s 1-3 2 3 4 5 s s Outline -3 s s 1-3 2 3 4 5 s s Function Using Bitwise XOR -3 s s Key Properties for -3 s s The most important property of a hash function
More information7' The growth of yeast, a microscopic fungus used to make bread, in a test tube can be
N Sction A: Pur Mathmatics 55 marks] / Th rgion R is boundd by th curv y, th -ais, and th lins = V - +7 and = m, whr m >. Find th volum gnratd whn R is rotatd through right angls about th -ais, laving
More informationEEO 401 Digital Signal Processing Prof. Mark Fowler
EEO 401 Digital Signal Procssing Prof. Mark Fowlr Dtails of th ot St #19 Rading Assignmnt: Sct. 7.1.2, 7.1.3, & 7.2 of Proakis & Manolakis Dfinition of th So Givn signal data points x[n] for n = 0,, -1
More informationMathematical Foundations of Public-Key Cryptography
Mathematical Foundations of Public-Key Cryptography Adam C. Champion and Dong Xuan CSE 4471: Information Security Material based on (Stallings, 2006) and (Paar and Pelzl, 2010) Outline Review: Basic Mathematical
More informationNew Attacks on RSA with Modulus N = p 2 q Using Continued Fractions
Journal of Physics: Confrnc Sris PAPER OPEN ACCESS Nw Attacks on RSA with Modulus N = p q Using Continud Fractions To cit this articl: M A Asbullah and M R K Ariffin 015 J. Phys.: Conf. Sr. 6 01019 Viw
More informationMA 262, Spring 2018, Final exam Version 01 (Green)
MA 262, Spring 218, Final xam Vrsion 1 (Grn) INSTRUCTIONS 1. Switch off your phon upon ntring th xam room. 2. Do not opn th xam booklt until you ar instructd to do so. 3. Bfor you opn th booklt, fill in
More informationWhere k is either given or determined from the data and c is an arbitrary constant.
Exponntial growth and dcay applications W wish to solv an quation that has a drivativ. dy ky k > dx This quation says that th rat of chang of th function is proportional to th function. Th solution is
More informationThe Matrix Exponential
Th Matrix Exponntial (with xrciss) by D. Klain Vrsion 207.0.05 Corrctions and commnts ar wlcom. Th Matrix Exponntial For ach n n complx matrix A, dfin th xponntial of A to b th matrix A A k I + A + k!
More informationWeek 3: Connected Subgraphs
Wk 3: Connctd Subgraphs Sptmbr 19, 2016 1 Connctd Graphs Path, Distanc: A path from a vrtx x to a vrtx y in a graph G is rfrrd to an xy-path. Lt X, Y V (G). An (X, Y )-path is an xy-path with x X and y
More informationCombinatorial Networks Week 1, March 11-12
1 Nots on March 11 Combinatorial Ntwors W 1, March 11-1 11 Th Pigonhol Principl Th Pigonhol Principl If n objcts ar placd in hols, whr n >, thr xists a box with mor than on objcts 11 Thorm Givn a simpl
More informationResearch Article On the Improvement of Wiener Attack on RSA with Small Private Exponent
Scintific World Journal, Articl ID 650537, 9 pags http://dx.doi.org/10.1155/014/650537 Rsarch Articl On th Improvmnt of Winr Attack on RSA with Small Privat Exponnt Mu-En Wu, 1 Chin-Ming Chn,,3 Yu-Hsun
More information1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2
Contents 1 Recommended Reading 1 2 Public Key/Private Key Cryptography 1 2.1 Overview............................................. 1 2.2 RSA Algorithm.......................................... 2 3 A Number
More informationChapter 6 Folding. Folding
Chaptr 6 Folding Wintr 1 Mokhtar Abolaz Folding Th folding transformation is usd to systmatically dtrmin th control circuits in DSP architctur whr multipl algorithm oprations ar tim-multiplxd to a singl
More informationThe Matrix Exponential
Th Matrix Exponntial (with xrciss) by Dan Klain Vrsion 28928 Corrctions and commnts ar wlcom Th Matrix Exponntial For ach n n complx matrix A, dfin th xponntial of A to b th matrix () A A k I + A + k!
More informationContinuous probability distributions
Continuous probability distributions Many continuous probability distributions, including: Uniform Normal Gamma Eponntial Chi-Squard Lognormal Wibull EGR 5 Ch. 6 Uniform distribution Simplst charactrizd
More information1. Review of general exponentiation algorithms
Plas cit this articl as: Artur Jakubski, Robrt Prliński, Rviw of nral xponntiation alorithms, Scintific Rsarch of th Institut of Mathmatics and Computr Scinc, 011, Volum 10, Issu, pas 87-98. Th wbsit:
More informationBINOMIAL COEFFICIENTS INVOLVING INFINITE POWERS OF PRIMES. 1. Statement of results
BINOMIAL COEFFICIENTS INVOLVING INFINITE POWERS OF PRIMES DONALD M. DAVIS Abstract. If p is a prim and n a positiv intgr, lt ν p (n dnot th xponnt of p in n, and u p (n n/p νp(n th unit part of n. If α
More informationLucas Test is based on Euler s theorem which states that if n is any integer and a is coprime to n, then a φ(n) 1modn.
Modul 10 Addtonal Topcs 10.1 Lctur 1 Prambl: Dtrmnng whthr a gvn ntgr s prm or compost s known as prmalty tstng. Thr ar prmalty tsts whch mrly tll us whthr a gvn ntgr s prm or not, wthout gvng us th factors
More informationChapter 8 Public-key Cryptography and Digital Signatures
Chapter 8 Public-key Cryptography and Digital Signatures v 1. Introduction to Public-key Cryptography 2. Example of Public-key Algorithm: Diffie- Hellman Key Exchange Scheme 3. RSA Encryption and Digital
More information4. (5a + b) 7 & x 1 = (3x 1)log 10 4 = log (M1) [4] d = 3 [4] T 2 = 5 + = 16 or or 16.
. 7 7 7... 7 7 (n )0 7 (M) 0(n ) 00 n (A) S ((7) 0(0)) (M) (7 00) 8897 (A). (5a b) 7 7... (5a)... (M) 7 5 5 (a b ) 5 5 a b (M)(A) So th cofficint is 75 (A) (C) [] S (7 7) (M) () 8897 (A) (C) [] 5. x.55
More informationAnnounce. ECE 2026 Summer LECTURE OBJECTIVES READING. LECTURE #3 Complex View of Sinusoids May 21, Complex Number Review
ECE 06 Summr 018 Announc HW1 du at bginning of your rcitation tomorrow Look at HW bfor rcitation Lab 1 is Thursday: Com prpard! Offic hours hav bn postd: LECTURE #3 Complx Viw of Sinusoids May 1, 018 READIG
More informationA Propagating Wave Packet Group Velocity Dispersion
Lctur 8 Phys 375 A Propagating Wav Packt Group Vlocity Disprsion Ovrviw and Motivation: In th last lctur w lookd at a localizd solution t) to th 1D fr-particl Schrödingr quation (SE) that corrsponds to
More informationCryptanalysis of Improved Liaw s Broadcasting Cryptosystem *
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 22, 391-399 (26) Cryptanalysis of Improv Liaw s Broacasting Cryptosystm * J. MUÑOZ MASQUÉ AND A. PEINADO ** Dpartamnto Trataminto la Informacióny Coificación
More information2F1120 Spektrala transformer för Media Solutions to Steiglitz, Chapter 1
F110 Spktrala transformr för Mdia Solutions to Stiglitz, Chaptr 1 Prfac This documnt contains solutions to slctd problms from Kn Stiglitz s book: A Digital Signal Procssing Primr publishd by Addison-Wsly.
More informationPseudo-random Number Generation. Qiuliang Tang
Pseudo-random Number Generation Qiuliang Tang Random Numbers in Cryptography The keystream in the one-time pad The secret key in the DES encryption The prime numbers p, q in the RSA encryption The private
More informationINCOMPLETE KLOOSTERMAN SUMS AND MULTIPLICATIVE INVERSES IN SHORT INTERVALS. xy 1 (mod p), (x, y) I (j)
INCOMPLETE KLOOSTERMAN SUMS AND MULTIPLICATIVE INVERSES IN SHORT INTERVALS T D BROWNING AND A HAYNES Abstract W invstigat th solubility of th congrunc xy (mod ), whr is a rim and x, y ar rstrictd to li
More informationLecture V : Public Key Cryptography
Lecture V : Public Key Cryptography Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Amir Rezapoor Computer Science Department, National Chiao Tung University 2 Outline Functional
More informationCryptography IV: Asymmetric Ciphers
Cryptography IV: Asymmetric Ciphers Computer Security Lecture 7 David Aspinall School of Informatics University of Edinburgh 31st January 2011 Outline Background RSA Diffie-Hellman ElGamal Summary Outline
More informationCalculus II (MAC )
Calculus II (MAC232-2) Tst 2 (25/6/25) Nam (PRINT): Plas show your work. An answr with no work rcivs no crdit. You may us th back of a pag if you nd mor spac for a problm. You may not us any calculators.
More information(Upside-Down o Direct Rotation) β - Numbers
Amrican Journal of Mathmatics and Statistics 014, 4(): 58-64 DOI: 10593/jajms0140400 (Upsid-Down o Dirct Rotation) β - Numbrs Ammar Sddiq Mahmood 1, Shukriyah Sabir Ali,* 1 Dpartmnt of Mathmatics, Collg
More informationCPSC 665 : An Algorithmist s Toolkit Lecture 4 : 21 Jan Linear Programming
CPSC 665 : An Algorithmist s Toolkit Lctur 4 : 21 Jan 2015 Lcturr: Sushant Sachdva Linar Programming Scrib: Rasmus Kyng 1. Introduction An optimization problm rquirs us to find th minimum or maximum) of
More informationCS483 Design and Analysis of Algorithms
CS483 Design and Analysis of Algorithms Lectures 2-3 Algorithms with Numbers Instructor: Fei Li lifei@cs.gmu.edu with subject: CS483 Office hours: STII, Room 443, Friday 4:00pm - 6:00pm or by appointments
More informationDivision of Mechanics Lund University MULTIBODY DYNAMICS. Examination Name (write in block letters):.
Division of Mchanics Lund Univrsity MULTIBODY DYNMICS Examination 7033 Nam (writ in block lttrs):. Id.-numbr: Writtn xamination with fiv tasks. Plas chck that all tasks ar includd. clan copy of th solutions
More informationSearching Linked Lists. Perfect Skip List. Building a Skip List. Skip List Analysis (1) Assume the list is sorted, but is stored in a linked list.
3 3 4 8 6 3 3 4 8 6 3 3 4 8 6 () (d) 3 Sarching Linkd Lists Sarching Linkd Lists Sarching Linkd Lists ssum th list is sortd, but is stord in a linkd list. an w us binary sarch? omparisons? Work? What if
More informationCosc 412: Cryptography and complexity Lecture 7 (22/8/2018) Knapsacks and attacks
1 Cosc 412: Cryptography and complexity Lecture 7 (22/8/2018) Knapsacks and attacks Michael Albert michael.albert@cs.otago.ac.nz 2 This week Arithmetic Knapsack cryptosystems Attacks on knapsacks Some
More informationComputing and Communications -- Network Coding
89 90 98 00 Computing and Communications -- Ntwork Coding Dr. Zhiyong Chn Institut of Wirlss Communications Tchnology Shanghai Jiao Tong Univrsity China Lctur 5- Nov. 05 0 Classical Information Thory Sourc
More informationApplied Cryptography and Computer Security CSE 664 Spring 2017
Applied Cryptography and Computer Security Lecture 11: Introduction to Number Theory Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline What we ve covered so far: symmetric
More informationDISTRIBUTION OF DIFFERENCE BETWEEN INVERSES OF CONSECUTIVE INTEGERS MODULO P
DISTRIBUTION OF DIFFERENCE BETWEEN INVERSES OF CONSECUTIVE INTEGERS MODULO P Tsz Ho Chan Dartmnt of Mathmatics, Cas Wstrn Rsrv Univrsity, Clvland, OH 4406, USA txc50@cwru.du Rcivd: /9/03, Rvisd: /9/04,
More informationIntroduction to Modern Cryptography. Benny Chor
Introduction to Modern Cryptography Benny Chor RSA Public Key Encryption Factoring Algorithms Lecture 7 Tel-Aviv University Revised March 1st, 2008 Reminder: The Prime Number Theorem Let π(x) denote the
More informationIntroduction to Cybersecurity Cryptography (Part 5)
Introduction to Cybersecurity Cryptography (Part 5) Prof. Dr. Michael Backes 13.01.2017 February 17 th Special Lecture! 45 Minutes Your Choice 1. Automotive Security 2. Smartphone Security 3. Side Channel
More informationChapter 1. Chapter 10. Chapter 2. Chapter 11. Chapter 3. Chapter 12. Chapter 4. Chapter 13. Chapter 5. Chapter 14. Chapter 6. Chapter 7.
Chaptr Binomial Epansion Chaptr 0 Furthr Probability Chaptr Limits and Drivativs Chaptr Discrt Random Variabls Chaptr Diffrntiation Chaptr Discrt Probability Distributions Chaptr Applications of Diffrntiation
More informationSection 6.1. Question: 2. Let H be a subgroup of a group G. Then H operates on G by left multiplication. Describe the orbits for this operation.
MAT 444 H Barclo Spring 004 Homwork 6 Solutions Sction 6 Lt H b a subgroup of a group G Thn H oprats on G by lft multiplication Dscrib th orbits for this opration Th orbits of G ar th right costs of H
More informationBasic elements of number theory
Cryptography Basic elements of number theory Marius Zimand By default all the variables, such as a, b, k, etc., denote integer numbers. Divisibility a 0 divides b if b = a k for some integer k. Notation
More informationBasic elements of number theory
Cryptography Basic elements of number theory Marius Zimand 1 Divisibility, prime numbers By default all the variables, such as a, b, k, etc., denote integer numbers. Divisibility a 0 divides b if b = a
More informationPublic Key Cryptography
Public Key Cryptography Introduction Public Key Cryptography Unlike symmetric key, there is no need for Alice and Bob to share a common secret Alice can convey her public key to Bob in a public communication:
More informationA Prey-Predator Model with an Alternative Food for the Predator, Harvesting of Both the Species and with A Gestation Period for Interaction
Int. J. Opn Problms Compt. Math., Vol., o., Jun 008 A Pry-Prdator Modl with an Altrnativ Food for th Prdator, Harvsting of Both th Spcis and with A Gstation Priod for Intraction K. L. arayan and. CH. P.
More information1997 AP Calculus AB: Section I, Part A
997 AP Calculus AB: Sction I, Part A 50 Minuts No Calculator Not: Unlss othrwis spcifid, th domain of a function f is assumd to b th st of all ral numbrs for which f () is a ral numbr.. (4 6 ) d= 4 6 6
More informationCOUNTING TAMELY RAMIFIED EXTENSIONS OF LOCAL FIELDS UP TO ISOMORPHISM
COUNTING TAMELY RAMIFIED EXTENSIONS OF LOCAL FIELDS UP TO ISOMORPHISM Jim Brown Dpartmnt of Mathmatical Scincs, Clmson Univrsity, Clmson, SC 9634, USA jimlb@g.clmson.du Robrt Cass Dpartmnt of Mathmatics,
More informationENEE 457: Computer Systems Security 10/3/16. Lecture 9 RSA Encryption and Diffie-Helmann Key Exchange
ENEE 457: Computer Systems Security 10/3/16 Lecture 9 RSA Encryption and Diffie-Helmann Key Exchange Charalampos (Babis) Papamanthou Department of Electrical and Computer Engineering University of Maryland,
More informationLimiting value of higher Mahler measure
Limiting valu of highr Mahlr masur Arunabha Biswas a, Chris Monico a, a Dpartmnt of Mathmatics & Statistics, Txas Tch Univrsity, Lubbock, TX 7949, USA Abstract W considr th k-highr Mahlr masur m k P )
More informationLecture 2: Discrete-Time Signals & Systems. Reza Mohammadkhani, Digital Signal Processing, 2015 University of Kurdistan eng.uok.ac.
Lctur 2: Discrt-Tim Signals & Systms Rza Mohammadkhani, Digital Signal Procssing, 2015 Univrsity of Kurdistan ng.uok.ac.ir/mohammadkhani 1 Signal Dfinition and Exampls 2 Signal: any physical quantity that
More information22/ Breakdown of the Born-Oppenheimer approximation. Selection rules for rotational-vibrational transitions. P, R branches.
Subjct Chmistry Papr No and Titl Modul No and Titl Modul Tag 8/ Physical Spctroscopy / Brakdown of th Born-Oppnhimr approximation. Slction ruls for rotational-vibrational transitions. P, R branchs. CHE_P8_M
More informationAspect of Prime Numbers in Public Key Cryptosystem
Aspect of Prime Numbers in Public Key Cryptosystem Md.Mehedi Masud, Huma Galzie, Kazi Arif Hossain and Md.Minhaj Ul Islam Computer Science and Engineering Discipline Khulna University, Khulna-9208, Bangladesh
More informationCS March 17, 2009
Discrete Mathematics CS 2610 March 17, 2009 Number Theory Elementary number theory, concerned with numbers, usually integers and their properties or rational numbers mainly divisibility among integers
More informationMathematics. Complex Number rectangular form. Quadratic equation. Quadratic equation. Complex number Functions: sinusoids. Differentiation Integration
Mathmatics Compl numbr Functions: sinusoids Sin function, cosin function Diffrntiation Intgration Quadratic quation Quadratic quations: a b c 0 Solution: b b 4ac a Eampl: 1 0 a= b=- c=1 4 1 1or 1 1 Quadratic
More informationbasics of security/cryptography
RSA Cryptography basics of security/cryptography Bob encrypts message M into ciphertext C=P(M) using a public key; Bob sends C to Alice Alice decrypts ciphertext back into M using a private key (secret)
More informationRevisiting Wiener s Attack New Weak Keys in RSA
Rvisiting Winr s Attack w Wak Kys in RSA Subhamoy Maitra an Santanu Sarkar Inian Statistical Institut, 0 B T Roa, Kolkata 700 08, Inia {subho, santanu r}@isicalacin Abstract In this papr w rvisit Winr
More informationObjective Mathematics
x. Lt 'P' b a point on th curv y and tangnt x drawn at P to th curv has gratst slop in magnitud, thn point 'P' is,, (0, 0),. Th quation of common tangnt to th curvs y = 6 x x and xy = x + is : x y = 8
More informationTheme : Cryptography. Instructor : Prof. C Pandu Rangan. Speaker : Arun Moorthy CS
1 C Theme : Cryptography Instructor : Prof. C Pandu Rangan Speaker : Arun Moorthy 93115 CS 2 RSA Cryptosystem Outline of the Talk! Introduction to RSA! Working of the RSA system and associated terminology!
More informationNumber Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.
CSS322: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 29 December 2011 CSS322Y11S2L06, Steve/Courses/2011/S2/CSS322/Lectures/number.tex,
More informationAim To manage files and directories using Linux commands. 1. file Examines the type of the given file or directory
m E x. N o. 3 F I L E M A N A G E M E N T Aim To manag ils and dirctoris using Linux commands. I. F i l M a n a g m n t 1. il Examins th typ o th givn il or dirctory i l i l n a m > ( o r ) < d i r c t
More informationSearch sequence databases 3 10/25/2016
Sarch squnc databass 3 10/25/2016 Etrm valu distribution Ø Suppos X is a random variabl with probability dnsity function p(, w sampl a larg numbr S of indpndnt valus of X from this distribution for an
More informationCryptanalysis of DES Implemented on Computers with Cache
Cryptanalysis of DES Implmntd on Computrs with Cach Yukiyasu Tsunoo 1, Truo Saito, Tomoyasu Suzaki, Maki Shigri, and Hiroshi Miyauchi 1 1 NEC Corporation, Intrnt Systms Rsarch Laboratoris 4-1-1, Miyazaki,
More informationThe pn junction: 2 Current vs Voltage (IV) characteristics
Th pn junction: Currnt vs Voltag (V) charactristics Considr a pn junction in quilibrium with no applid xtrnal voltag: o th V E F E F V p-typ Dpltion rgion n-typ Elctron movmnt across th junction: 1. n
More informationUNTYPED LAMBDA CALCULUS (II)
1 UNTYPED LAMBDA CALCULUS (II) RECALL: CALL-BY-VALUE O.S. Basic rul Sarch ruls: (\x.) v [v/x] 1 1 1 1 v v CALL-BY-VALUE EVALUATION EXAMPLE (\x. x x) (\y. y) x x [\y. y / x] = (\y. y) (\y. y) y [\y. y /
More informationLinear Congruences. The equation ax = b for a, b R is uniquely solvable if a 0: x = b/a. Want to extend to the linear congruence:
Linear Congruences The equation ax = b for a, b R is uniquely solvable if a 0: x = b/a. Want to extend to the linear congruence: ax b (mod m), a, b Z, m N +. (1) If x 0 is a solution then so is x k :=
More information2. Secret Key Cryptography Contents. 2. Secret Key Cryptography Introduction
Contnts 1/ 82 Scrt Ky Cryptography Introduction and dfinitions Cryptosystms Historical cryptosystms Scrcy of cryptosystms Stram ciphrs Autoky ciphr and Vrnam ciphr Synchronous and slf-synchronising ciphrs
More information3 The fundamentals: Algorithms, the integers, and matrices
3 The fundamentals: Algorithms, the integers, and matrices 3.4 The integers and division This section introduces the basics of number theory number theory is the part of mathematics involving integers
More informationNumbering Systems Basic Building Blocks Scaling and Round-off Noise. Number Representation. Floating vs. Fixed point. DSP Design.
Numbring Systms Basic Building Blocks Scaling and Round-off Nois Numbr Rprsntation Viktor Öwall viktor.owall@it.lth.s Floating vs. Fixd point In floating point a valu is rprsntd by mantissa dtrmining th
More informationCryptography CS 555. Topic 18: RSA Implementation and Security. CS555 Topic 18 1
Cryptography CS 555 Topic 18: RSA Implementation and Security Topic 18 1 Outline and Readings Outline RSA implementation issues Factoring large numbers Knowing (e,d) enables factoring Prime testing Readings:
More informationBINOMIAL COEFFICIENTS INVOLVING INFINITE POWERS OF PRIMES
BINOMIAL COEFFICIENTS INVOLVING INFINITE POWERS OF PRIMES DONALD M. DAVIS Abstract. If p is a prim (implicit in notation and n a positiv intgr, lt ν(n dnot th xponnt of p in n, and U(n n/p ν(n, th unit
More informationCOT 3100 Applications of Discrete Structures Dr. Michael P. Frank
University of Florida Dept. of Computer & Information Science & Engineering COT 3100 Applications of Discrete Structures Dr. Michael P. Frank Slides for a Course Based on the Text Discrete Mathematics
More informationMathematics of Cryptography
UNIT - III Mathematics of Cryptography Part III: Primes and Related Congruence Equations 1 Objectives To introduce prime numbers and their applications in cryptography. To discuss some primality test algorithms
More informationThe security of RSA (part 1) The security of RSA (part 1)
The modulus n and its totient value φ(n) are known φ(n) = p q (p + q) + 1 = n (p + q) + 1 The modulus n and its totient value φ(n) are known φ(n) = p q (p + q) + 1 = n (p + q) + 1 i.e. q = (n φ(n) + 1)
More informationSlide 1. Slide 2. Slide 3 DIGITAL SIGNAL PROCESSING CLASSIFICATION OF SIGNALS
Slid DIGITAL SIGAL PROCESSIG UIT I DISCRETE TIME SIGALS AD SYSTEM Slid Rviw of discrt-tim signals & systms Signal:- A signal is dfind as any physical quantity that varis with tim, spac or any othr indpndnt
More informationSCHUR S THEOREM REU SUMMER 2005
SCHUR S THEOREM REU SUMMER 2005 1. Combinatorial aroach Prhas th first rsult in th subjct blongs to I. Schur and dats back to 1916. On of his motivation was to study th local vrsion of th famous quation
More informationDealing with quantitative data and problem solving life is a story problem! Attacking Quantitative Problems
Daling with quantitati data and problm soling lif is a story problm! A larg portion of scinc inols quantitati data that has both alu and units. Units can sa your butt! Nd handl on mtric prfixs Dimnsional
More informationHow to Construct Double-Block-Length Hash Functions
How to Construct Doubl-Block-Lngth Hash Functions Shoichi Hiros Graduat School of Enginring, Th Univrsity of Fukui, Fukui 910-8507 Japan hiros@fu.fukui-u.ac.jp Abstract In this articl, it is discussd how
More informationProblem Set 6 Solutions
6.04/18.06J Mathmatics for Computr Scinc March 15, 005 Srini Dvadas and Eric Lhman Problm St 6 Solutions Du: Monday, March 8 at 9 PM in Room 3-044 Problm 1. Sammy th Shark is a financial srvic providr
More information