Coding Theory ( Mathematical Background I)

Size: px

Start display at page:

Download "Coding Theory ( Mathematical Background I)"

Olivia Bradley
5 years ago
Views:

1 N.L.Manev, Lectures on Coding Theory (Maths I) p. 1/18 Coding Theory ( Mathematical Background I) Lector: Nikolai L. Manev Institute of Mathematics and Informatics, Sofia, Bulgaria

2 N.L.Manev, Lectures on Coding Theory (Maths I) p. 2/18 Greatest common divisor Euclidean Property of the integers: For any two integers a and b, b 0, there exist unique q,r Z, such that a = bq + r, 0 r < b. The integer r is called reminder of a modulo b.

3 N.L.Manev, Lectures on Coding Theory (Maths I) p. 2/18 Greatest common divisor Euclidean Property of the integers: For any two integers a and b, b 0, there exist unique q,r Z, such that a = bq + r, 0 r < b. The integer r is called reminder of a modulo b. The greatest common divisor (gcd) of a,b Z is the integer d which satisfies: 1. d a and d b, 2. if d 1 a and d 1 b, then d 1 d, 3. d > 0. We denote it by d = (a,b).

4 N.L.Manev, Lectures on Coding Theory (Maths I) p. 3/18 Greatest common divisor Theorem. The greatest common divisor d = (a,b) exists for any two integers a,b, not both zero, and there exist uniquely determined integers u, v such that Properties: (1) (a,ab) a for any a,b Z. d = ua + vb. (2) (a, b) = (a,b), for any a,b Z. (3) (a,b qa) = (a,b), for any a,b,q Z. (4) (a, (b,c)) = ((a,b),c) = (a,b,c), for any a,b,c Z. (5) (ac,bc) (a,b)c, for any a,b,c Z. (6) if (a,b) = (a,c) = 1, then (a,bc) = 1, a,b,c Z.

5 N.L.Manev, Lectures on Coding Theory (Maths I) p. 4/18 Greatest common divisor a = bq 1 + r 1, 0 < r 1 < b b = r 1 q 2 + r 2, 0 < r 2 < r 1 r 1 = r 2 q 3 + r 3, 0 < r 3 < r r n 3 = r n 2 q n 1 + r n 1, 0 < r n 1 < r n 2 r n 2 = r n 1 q n, (a,b) = (b,r 1 ) = (r 1,r 2 ) = = (r n 2,r n 1 ) = r n 1. If we set u 0 = 0, u 1 = 1, u j def = u j 2 q j u j 1 v 0 = 1, v 1 = q 1, v j def = v j 2 q j v j 1. then r j = au j + bv j.

6 N.L.Manev, Lectures on Coding Theory (Maths I) p. 5/18 Greatest common divisor Therefore, (a,b) = r n 1, u = u n 1 and v = v n 1, where n is defined by r n = 0. a 1 0 q b 0 1 q 1 r 1 u 1 v 1 q 2 r 2 u 2 v 2 q r n 1 u n 1 v n 1 q n 0 Algorithm 1. Data: a, b integers (a > b > 0) Output: d = (a, b), u, v integers Variables: A = (a 1, a 2, a 3 ), B = (b 1, b 2, b 3 ), C = (c 1, c 2, c 3 ); q integer. A := (a, 1, 0), B := (b, 0, 1), C := (1, 0, 0). while c 1 0 do q := a 1 b 1, C := A qb, A := B, B := C else d := a 1, u := a 2, v := a 3.

7 N.L.Manev, Lectures on Coding Theory (Maths I) p. 6/18 Greatest common divisor - an example q The required values of u and v are in the forth row, 2nd and 3rd column - the row before 0 in the first row. Hence (29, 25) = 1, and u = 6, v = 7. Therefore 29 ( 6) = 1.

8 N.L.Manev, Lectures on Coding Theory (Maths I) p. 7/18 Congruences For a,b,m, integers, we say that a is congruent to b modulo m, and write a b (mod m), if m divides a b.

9 N.L.Manev, Lectures on Coding Theory (Maths I) p. 7/18 Congruences For a,b,m, integers, we say that a is congruent to b modulo m, and write a b (mod m), if m divides a b. (1) If a b (mod n) and c d (mod n), then (a ± c) (b ± d) (mod n); (2) If a b (mod n), c d (mod n), then ac bd (mod n); (3) If f(x) Z[x], a b (mod n), then f(a) f(b) (mod n); (4) If ma mb (mod n), d = (m,n)), then a b ( mod n d ); (5) If a b (mod n) and d is a common divisor of a and n (in partial d = (a,n)), then d b.

10 N.L.Manev, Lectures on Coding Theory (Maths I) p. 8/18 Ring and fields Let R be a set with two binary operations: a + b and ab. R is a field if: 1. a + b = b + a, 2. (a+b)+c = a+(b+c), 3. 0: a + 0 = a, 4. a, a: a + ( a) = 0, 5. ab = ba, 6. (ab)c = a(bc), 7. a(b + c) = ab + ac, 8. 1 a = a, 9. For any a 0 a 1 : aa 1 = 1. The first 8 axioms define a commutative ring with identity. Q, R, C are fields; Z is a ring, but not a field. In a field both equations ax = b and ya = b has unique solution for a 0.

11 N.L.Manev, Lectures on Coding Theory (Maths I) p. 9/18 The ring Z n 1 Let n be a positive integer. Consider the set of all nonnegative reminders modulo n: Z n = {0, 1, 2, 3,...,n 1}. Define addition a b and multiplication a b in Z n by: a b def = a + b (mod n) a b def = ab (mod n) A nonzero element a of Z n is invertible if and only if (a,n) = 1. Z n is a field if and only if n is a prime. Z 3, Z 5, Z 11 are fields; Z 6, Z 9 are only commutative rings. For a 0 find a 1 : there exist u,v such that au + vn = 1. Then au 1 (mod n), that is aa 1 = 1 in Z n.

12 N.L.Manev, Lectures on Coding Theory (Maths I) p. 10/18 The ring Z n 2 The Fermat Little Theorem: If p is prime, then a p 1 1 (mod p) for any a 0 (mod p). Theorem. For any prime p there exist such an integer a with (a,p) = 1 that all powers 1,a,a 2,a 3,...,a p 2 are non-congruent one another, that is, Z p = {0, 1,a,a 2,a 3,...,a p 2 }. Any element of Z p with the above property is called primitive element of the field Z p. Theorem (Euler). Let n > 0 be an integer. For any (a,n) = 1, we have a ϕ(n) 1 (mod n), where ϕ(n) is the number integers < n and co-prime with n (Euler function). If n = p e 1 1 pe pe k k, then ϕ(n) = n(1 1 p 1 ) (1 1 p k ).

13 N.L.Manev, Lectures on Coding Theory (Maths I) p. 11/18 Characteristic of a field Definition. The characteristic of a field (ring) F is the smallest positive integer m (written charf = m) such that m 1 = } {{ + 1 } = 0. If such a integer does not exist m we say that the characteristic is zero. charq = charr = charc = 0, but charz 5 = 5. If charf = m, then m a = a } + a + {{ + a } = 0 for any a F. m

14 N.L.Manev, Lectures on Coding Theory (Maths I) p. 11/18 Characteristic of a field Definition. The characteristic of a field (ring) F is the smallest positive integer m (written charf = m) such that m 1 = } {{ + 1 } = 0. If such a integer does not exist m we say that the characteristic is zero. charq = charr = charc = 0, but charz 5 = 5. If charf = m, then m a = a } + a + {{ + a } = 0 for any a F. m Theorem. The characteristic of a finite field is always a prime integer. Theorem. If charf = p, then for any a,b F (a + b) p = a p + b p.

15 N.L.Manev, Lectures on Coding Theory (Maths I) p. 12/18 Cosets in a linear space Let L be a linear space over the field F and U L be its subspace, that is, for any u,v U and λ F: u ± v U and λu U. Definition. For a fixed vector a L, the subset a + U def = {a + u u U} is called coset, or affine subspace, of U in L. Any vector of a + U is referred to as a representative of the coset. The set of all cosets of U in L is called quotient space L/U. Obviously, two vectors of a,b L belong to one and the same coset if and only if a b U. There is one-to-one correspondence between U and a + U, that is U = a + U.

16 N.L.Manev, Lectures on Coding Theory (Maths I) p. 13/18 Polynomials 1 Let a(x) and b(x) be two polynomials in x over the field F: a(x) = a n x n + a n 1 x n a 1 x + a 0, a n 0, b(x) = b m x m + b m 1 x m b 1 x + b 0, b m 0. Euclidean Property: Given two polynomials a(x) and b(x), b(x) not identically 0, there exist q(x),r(x) F[x], such that a(x) = b(x)q(x) + r(x), and either r(x) 0, or deg r(x) < deg b(x).

17 N.L.Manev, Lectures on Coding Theory (Maths I) p. 14/18 Polynomials 2 The greatest common divisor (gcd) of a(x) and b(x) is the polynomial d(x) which satisfies: 1. d(x) (x) and d(x) b(x), 2. if d 1 (x) a(x) and d 1 (x) b(x), then d 1 (x) d(x), 3. d(x) is a monic polynomial, i.e., the coefficient of the highest power of x is equal to 1.

18 N.L.Manev, Lectures on Coding Theory (Maths I) p. 14/18 Polynomials 2 The greatest common divisor (gcd) of a(x) and b(x) is the polynomial d(x) which satisfies: 1. d(x) (x) and d(x) b(x), 2. if d 1 (x) a(x) and d 1 (x) b(x), then d 1 (x) d(x), 3. d(x) is a monic polynomial, i.e., the coefficient of the highest power of x is equal to 1. In the ring of polynomials over a field the greatest common divisor d(x) = (a(x), b(x)) exists for any two polynomials, and there exist polynomials u(x), v(x) such that d(x) = u(x)a(x) + v(x)b(x).

19 N.L.Manev, Lectures on Coding Theory (Maths I) p. 15/18 Polynomials 3 Definition. Let a(x), b(x) and m(x) be polynomials in x over a field (or a ring) F. We say that a(x) is congruent to b(x) modulo m(x), written a(x) b(x) (mod m(x)), if m(x) divides a(x) b(x). The congruences in a ring of polynomials posses the same properties as the congruences in Z. Example: In the ring Z 2 [x]: x (mod x 2 +x+1) and x 2 x+1 (mod x 2 +x+1). In Z 3 [x]: x 3 1 2x + 2 (mod x 2 + 1).

20 N.L.Manev, Lectures on Coding Theory (Maths I) p. 16/18 Polynomials 4 Definition. Let F and K be fields such that F K. A polynomial f(x) F[x] is called irreducible over K, if it cannot be represented as a product of two polynomials over K with degree at least one, that is, in the form f(x) = a(x)b(x), a(x),b(x) K[x]. Example: x 2 2 Q[x] is irreducible over Q, but reducible over R : x 2 2 = (x 2)(x 2). The polynomial x Q[x] is irreducible over Q and R, but reducible over C. Polynomials x 2 + x + 1 and x 3 + x + 1 are irreducible over Z 2, but x = (x + 1) 2 is reducible over Z 2.

21 N.L.Manev, Lectures on Coding Theory (Maths I) p. 17/18 Polynomials 5 Theorem. Let F and K be fields such that F K. A polynomial f(x) F[x] is divisible by x α, α K if and only if f(α) = 0. If deg f(x) = n, then f(x) has at most n roots. Theorem. For any field F there exists an extension K F, where any polynomial f(x) F[x] can be decomposed in a product of polynomials of degree one: f(x) = a(x α 1 )(x α 2 )...(x α n ), where n = deg f(x). The minimal such extension for a given polynomial f(x) is called the splitting field of f(x). For example, any polynomial over Q, R, and C can be factorized into a product of linear polynomials. Examples of splitting fields we will give later.

22 N.L.Manev, Lectures on Coding Theory (Maths I) p. 18/18 The end of the part Thank You for Attention!

Public-key Cryptography: Theory and Practice

Public-key Cryptography: Theory and Practice Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 2: Mathematical Concepts Divisibility Congruence Quadratic Residues