Simon Blackburn. Sean Murphy. Jacques Stern. Laboratoire d'informatique, Ecole Normale Superieure, Abstract
|
|
- Cameron Robertson
- 6 years ago
- Views:
Transcription
1 The Cryptaalysis of a Public Key Implemetatio of Fiite Group Mappigs Simo Blackbur Sea Murphy Iformatio Security Group, Royal Holloway ad Bedford New College, Uiversity of Lodo, Egham, Surrey TW20 0EX, U.K. Jacques Ster Laboratoire d'iformatique, Ecole Normale Superieure, 5 Rue d'ulm, Paris 05, Frace Jauary 20, 199 Abstract Mighua Qu ad S.A.Vastoe [2]have proposed a public key cryptosystem (FGM) which is based o factorisatios of a biary vector space (i.e. trasversal logarithmic sigatures of a elemetary abelia 2-group). I this paper, a geeralised (basis-idepedet) decryptio algorithm is give, which shows that there are may equivalet private keys, ad a method of ecietly obtaiig such a equivalet private key is give. The FGM cryptosystem is thus redered isecure. Although the FGM cryptosystem is deed i terms of liear algebra, the attack give here is essetially group{theoretic i ature. Thus this attack throws doubt o ay cryptosystem which relies o the security of trasversal logarithmic sigatures. Key Words. Public Key Cryptosystems, Fiite Group Mappigs, Permutatio Group Mappigs, Logarithmic Sigatures. This author was supported by S.E.R.C. research grat GR/H
2 The paper is orgaised as follows. Sectio 1 gives a descriptio of the Fiite Group Mappigs (FGM) public key cryptosystem proposed by Mighua Qu ad Vastoe [2] ad a geeralised decryptio algorithm for FGM which shows that there are may equivalet private keys. Sectio 2 costructs part of such a equivalet private key from the public key. The ext two sectios show how to decrypt with this iformatio ad costruct the rest of a equivalet private key. The al sectio gives some coclusios 1 The FGM Public Key Cryptosystem Let be a iteger such that >ad 0mod. We describe the public key system give i [2], which ecrypts (; )-bit messages ito -bit ciphertexts. Let G := Z 2 be a vector space over Z 2 of dimesio ad let f 1 2 ::: g be a arbitrary basis for G. Dee a chai of subspaces G = G 0 >G 1 > >G 2 = f0g (1) where G i := h 2i+1 2i+2 ::: i whe i is such that 1 i ; 1 ad where G = f0g. 2 2 For all itegers i such that1i ; 1, dee A i by A i := f[i 0] [i 1] [i 2] [i 3]g where the elemets [i j] are arbitrary elemets of G subject to the coditio that for ay t 1 t 2 2f0 1g, [i t 1 +2t 2 ] t 1 2(i)+1 + t 2 2(i)+2 mod G i : (2) The A i is a complete set of coset represetatives of G i i G i. For all itegers i ad h such that i ; 2ad0h3, dee 2 A i h := f[i 0] h [i 1] h [i 2] h [i 3] h g 2
3 where the elemets [i j] h are arbitrary elemets of G subject to the coditio that for ay t 1 t 2 2f0 1g [i t 1 +2t 2 ] h t 1 2(i)+1 + t 2 2(i)+2 mod G i : (3) Clearly, for ay h 2f g, A i h is a complete set of coset represetatives of G i i G i. Dee f to be ay oe{to{oe fuctio such that f : f1 2 ::: ; 1g ;!f ::: 2 ; 2g: Fially, whe i is a iteger such that1 i ; 1, we dee A i := [ 3 f[i h]+a h=0 f (i) hg = f[i j] j 0 j 15g where [i s +h] :=[i h]+[f(i) s] h () for ay h s 2f g. The Public Key is the collectio of blocks A i where 1 i ; 1: I [2], the Private Key is give as the collectio of blocks A i where 1 i ; 1 the collectio of blocks A i h where i 2 ; 2 ad 0 h 3 the fuctio f ad the basis f 1 ::: g. I fact, wemay reduce the amout of iformatio cotaied i the private key ad still decrypt ecietly. We will take the private key to be the blocks A i ad A i h, the fuctio f, ad istead of the basis f 1 ::: g,thechai of subspaces (1). We ow give a descriptio of the ecryptio process. A ( ; )-bit message may be regarded as a iteger m such that0 m 2 ; ; 1. To 3
4 ecrypt, we rst express m i hexadecimal as (p 1 p ), so 0 p i 15, where m = p 1 +16p p : We dee a elemet g 2 G by g := [1 p 1 ]+[2 p 2 ]++ [( ; 1) p ]: (5) Now, we ca write g as a biary -tuple (q 1 ::: q )whichwemay regard as aumber betwee 0 ad 2 ; 1. We take the ciphertext c to be c := q 1 +2q q : (6) Followig [2], we decrypt as follows. Let c be the ciphertext, so we ca express c i the form (6) to obtai g =(q 1 ::: q ): We dp 1 ::: p satisfyig (5) by applyig the followig algorithm: For i =1to ; 1 do: Set h i = dcoset(g i) Set g = g ; [i h i ] Retur `h i ' For i = to ; 2do: 2 Set h i = dcoset(g i) Set g = g ; [i h i ] hf (i) Set p f (i) = h i +h f (i) Retur `p f (i)' Here the fuctio dcoset(g i) returs the value t 1 +2t 2 where g t 1 2(i)+1 + t 2 2(i)+2 mod G i : The decryptio algorithm preseted here diers from that give i [2] by our drawig together that part of the algorithm cocerig itself with dig the h i ito a separate subroutie dcoset. That part of the algorithm i [2] which correspods to dcoset uses kowledge of the elemets 1 ::: to calculate h i.wegive a geeralised algorithm which implemets dcoset
5 which oly uses kowledge of the chai of subgroups (1). This decryptio algorithm is of comparable speed to the decryptio algorithm preseted i [2]. fidcoset(g i) [i ; 1] fidcoset(g i) [i ] For j =0to 3 do : For j =0to 3 do : If g ; [i j] 2 G i If g ; [i j] 0 2 G i Set h i = j: Set h i = j: The justicatio for this algorithm is equatio (2) whe i ; 1ad equatio (3) otherwise. Examiig the rst half of the decryptio algorithm, we d that the oly properties of the subspaces G k,1k ; 1, that the algorithm uses are: (P 1) [i s] 2 G k where k +1 i ; 1 (P 2) [i s] h 2 G k where i ; 2 0 h s 3 2 (P 3) the cosets [k s]+g k (s = ) are distict. Hece ay subspaces satisfyig (P 1) (P 2) ad (P 3) may replace the subspaces G 1 ::: G i the decryptio algorithm. Note that a aalogous list of properties exists for the subspaces G ::: G, but we shall defer ;2 2 cosiderig this list util later. We areow ready to begi cryptaalysis of the system. 2 A Equivalet Set of Private Key Blocks Let K be a private key. Wemay, of course, assume that we kow the public key associated with K. Suppose that we also kow the fuctio f. This sectio describes the costructio of the blocks of a private key K which decrypts messages ecrypted usig the public key associated with K. Thus the private key K is equivalet to the private key K. For itegers i ad h such that1 i ; 1 ad 0 h 3, dee the vector [i h] by [i h] :=[i h]: (8) We also dee, for itegers i,s ad h such that 1 i ; 1, 0 h 3ad 0 s 3, the vector [f(i) s] h by 9 >= > (7) [f(i) s] h := [i s +h]+[i h]: (9) 5
6 Fially, we dee blocks A by i A i := f [i 0] [i 1] [i 2] [i 3]g where i is such that 1 i ; 1, ad blocks A i h by A i h := f [i 0] h [i 1] h [i 2] h [i 3] h g where i ad h are such that i ; 2ad0h 3. We ca ow 2 costruct a key K deed by fa j 1 i g, i fa j i ;2 0 i h 2 h 3g, f ad the chai (1). We will show thatk is a valid private key ad furthermore that the public key associated with K is the same as the public key associated with K. Theorem: The key K deed by fa j 1 i ; 1g, i fa j i i h ; 2 0 h 3g, f ad the chai (1) is a valid private key. 2 Proof: Let i be a iteger suchthat1 i. The for ay t 1 t 2 2f0 1g, [i t 1 +2t 2 ] = [i t 1 +8t 2 ] = [i t 1 +2t 2 ]+[f(i) 0] h : Hece [i t 1 +2t 2 ] [i t 1 +2t 2 ] t 1 2(i)+1 + t 2 2(i)+2 mod G i sice [f(i) 0] h 2 G f (i) <G i. If i, s ad h are itegers such that [i s] h = [f (i) s+h]+[f (i) h] i ; 2, ad 0 s h 3, the 2 = [f (i) h]+[i s] h + [f (i) h]+[i 0] h = [i s] h + [i 0] h : So sice [i 0] h 2 G i, for t 1 t 2 2f0 1g such thats = t 1 +2t 2, [i s] h [i s] h t 1 2(i)+1 + t 2 2(i)+2 mod G i : Hece the elemets [i s] satisfy (2) ad the elemets [i s] h (3). So K is a valid private key. 2 satisfy Corollary : The private keys K ad K are equivalet. 6
7 Proof : Cosider the public key fa g associated with K.For all i s ad h i such that 1 i ; 1, 0 s 3ad0h3, [i s +h] = [i h]+ [f(i) s] h = [i h]+[i s +h]+[i h] = [i s +h]: Hece the public keys associated with K ad K are idetical. Therefore the private keys K ad K are equivalet. 2 We ow discuss how much iformatio we have about the blocks of K if we have o kowledge of f. Sice (8) does ot deped o f, wemay still costruct the blocks A where i is such that1i ; 1. If we set i [i s] h := [i s +h]+[i h] (10) ad dee B i h by B i h := f[i 0] h [i 1] h [i 2] h [i 3] h g the we kow that, for a xed h, the blocks B i h where 1 i ; 1 are some rearragemet of the blocks A where i ;2. Ideed, for xed i h 2 h ad s such that 0 h 3 ad 0 s 3wemay assert that the vectors [i s] h where 1 i ; 1 are some rearragemet of the vectors [i s] h where i 2 ; 2: I particular, the subspace H deed by H := D [i s] h j i 2 ; 2 0 s h 3E = D [i s] h j 1 i ; 1 0 s h 3E : (11) ca be costructed usig oly our kowledge of the public key. 7
8 3 The Begiig of the Decryptio Process I this sectio, we shall aalyse the top half of the chai of subgroups (1) ad show how to costruct the top half of a equivalet chai of subgroups, which ca be used to decrypt half of ay ciphertext. Ay ciphertext block c ca be expressed as c = q 1 +2q q : where q 1 ::: q 2 Z 2.We set g := (q 1 ::: q ) 2 G. Our goal is to d p 1 ::: p 2f0 1 ::: 15g such that If we writep i g = [1 p 1 ]++ [( ; 1) p ]: := s i +h i, the a equivalet problem is to d s 1 ::: s h 1 ::: h such that g = [1 h 1 ]++ [( ; ] 1) h +[f(1) s 1 ] h1 + + [f( ; ] 1) s h : By the previous sectio, we may write g = = X i=1 X i=1 [i h i ]+ [i h i ]+ X i=1 X i=1 [f(i) s i ] hi [i s i ] hi : (12) The costructio of the top half of a equivalet chai of subgroups will eable us to d the itegers h 1 ::: h i the expressio (12). From Sectio 1, we kow that the oly properties of the subgroups G k, where 1 k ; 1, that the algorithm uses whe decryptig usig key K are (P 1), (P 2) ad (P 3) give i (7). Aalogously, the algorithm decryptig usig the key K uses oly the properties: (Q1) [i s] 2 G k where k +1 i ; 1 (Q2) [i s] h 2 G k where i ; 2 0 s h 3 2 (Q3) the cosets [k s]+g k (s = ) are distict. 8
9 Usig the deitio (11) of H i Sectio 2, wemay write (Q2) more succictly as property (Q2 0 ): (Q2 0 ) H G k : We dee subspaces G where 1 k ; 1by k G := f [i s] j k +1 i k ; 1 0 s 3g + H: Note that the deitio of G depeds oly o kowledge of the public key. k Clearly, G satises properties (Q1) ad (Q2 0 ). To see that G also satises k k property (Q3), observe that G G k k (sice G k satises (Q1) ad (Q2 0 )). The for ay s s 0 2f g such that we have [k s] [k s 0 ]modg k [k s] [k s 0 ]modg k hece that s = s 0.SoG satises (Q3). k I cosequece of the subspaces G satisfyig properties (Q1), k (Q20 )ad (Q3), we may use them i place of the subspaces G k i the rst half of the decryptio algorithm. Sice the deitios of the G ad the [i s] deped k oly o the public key, wemay use the rst half of the decryptio algorithm as preseted i Sectio 1 to d the correct values of h 1 ::: h. Hece we have already recovered half the bits of the message. We recover the remaider i the ext sectio. The Ed of the Decryptio Process Usig the methods of the previous sectio, we have reduced the problem of decryptio to determiig the decompositio g = [1 s 1 ] h1 + + [ ; 1 s ] h (13) where the vector g ad the itegers h 1 ::: h are kow. We rst give, ad justify, a algorithm for dig a oe{to{oe fuctio f : 1 2 ::: ; 1 ;! 1 2 ::: ; 1 9
10 ad subspaces H 1 ::: H with the followig properties (R1) [f (i) s] h 2 H k where k +1 i ; 1 0 s h 3 (R2) [f (k) s] 0 + [f (k) s] h 2 H k where 0 s h 3 (R3) the cosets of H k cotaiig the elemets [f (k) j] 0 where 0 j 3, are distict. We theshow that oce f ad H 1 ::: H have bee costructed, we may decompose g ito the sum (13). The algorithm for dig f ad H 1 ::: H, dsubspaces say, ca be writte i the followig maer. dsubspaces Set S = f1 2 ::: ; 1g For k =1to ; 1 do : Fid i 0 2 S such that the cosets [i 0 s] 0 + W i0 (s = ) are distict where W i0 := h[i s] h [i 0 s] 0 + [i 0 s] h j i 2 S fi 0 g 0 s h 3i : Set f (k) =i 0 H k = W i0 S= S fi 0 g: This algorithm clearly produces f H 1 ::: H satisfyig properties (R1), (R2) ad (R3), provided that at every stage a iteger i 0 ca always be foud which satises the coditios of the algorithm dsubspaces. We will ow show i the followig lemma that this is ideed the case. Lemma : At every iteratio of k betwee 1 ad ; 1, the algorithm dsubspaces produces a value i 0. Proof : Suppose that 6= S f1 ::: ; 1g. Set i 0 2 S to be the uique elemet such that f(i 0 )=miff(i)g: i2s Now, W i0 G f (i0 ), sice rstly [i s] h = [f(i) s] h 2 G f (i) G f (i0 ) for all i 2 S fi 0 g ad 0 s h 3, ad secodly [i 0 s] 0 + [i 0 s] h 2 G f (i0 ) for all 0 s 3 0 h 3: 10
11 But ow wemay deduce that for all s s 0 2f g, implies that [i 0 s] 0 [i 0 s 0 ] 0 mod W i0 [i 0 s] 0 [i 0 s 0 ] 0 mod G f (i0 ) ad hece that s = s 0. Therefore W i0 satises property (R3). Sice clearly W i0 satises properties (R1) ad (R2), we deduce that i 0 is a valid choice for f (k), as required. 2 Oce we have obtaied f H 1 ::: H, our decryptio algorithm is as follows. For k =1to ; 1do: Fid s f (k) such that[f (k) s f (k) ] 0 g mod H k Set g = g ; [f (k) s f (k) ] hf (k) Set p f (k) = s f (k) +h f (k) Retur `p f (k)' At each stage of the algorithm, g is of the form Hece g = [f (k) s f (k)] hf (k) + X i=k+1 g [f (k) s f (k) ] 0 mod H k [f (i) s f (i)] hf (i) : by properties (R1) ad (R2). Sice property (R3) is satised, we ca determie s f (k) uiquely by dig the coset of H k cotaiig g. We have foud blocks A ad A i i h, subspaces G 1 ::: G H 1 :::H ad a fuctio f etirely from the public key. Sice these objects form a private key equivalet to the origial private key, we are ow able to decrypt a arbitrary cryptogram. 5 Coclusios I this paper we have show Mighua Qu ad Vastoe's FGM public key cryptosystem [2] to be isecure. We were able to do this by otig that there 11
12 exists a geeralised decryptio algorithm that does ot deped directly o the basis chose. Thus there is redudat iformatio i the private key give i [2] ad there are may equivalet private keys. We have give a method to costruct oe of these equivalet private keys from the public key that is computatioally similar to the origial decryptio algorithm, that is essetially calculatig liear depedeces of sets of vectors. We also ote that eve as a private key cryptosystem, FGM is isecure agaist a chose plaitext attack sice the vector sums of cryptograms of a few suitably chose plaitexts will give us much of the iformatio we used to attack the public key cryptosystem. The costructio at the heart of FGM ca be geeralised to a arbitrary group. This geeralisatio is kow as a logarithmic sigature ad has bee proposed as the basis of cryptosystems i arbitrary groups, for example the Permutatio Group Mappigs (PGM) Cryptosystem [1]. However, all geeral families of logarithmic sigatures so far proposed for use i these systems are i fact trasversal logarithmic sigatures or simple modicatios of them. A trasversal logarithmic sigature is based o the uique decompositio of a elemet of a group ito a product of coset represetatives associated with a tower of subgroups. I a cryptosystem based o a trasversal logarithmic sigature, the security of the system is based o the secrecy of this tower of subgroups. I the FGM cryptosystem, the chai of vector subspaces (1) is othig more tha this tower. Our method for dig a equivalet private key does ot use ay of the liearity iheret iz 2, but istead treats Z 2 as a abstract group ad so is really a method of dig a suitable tower of subgroups. Thus our aalysis is applicable to a trasversal logarithmic sigature i a arbitrary group ad so throws doubt o the security of ay cryptosystem which relies o trasversal logarithmic sigatures. Refereces [1] S.S. Magliveras ad N.D. Memo. Algebraic Properties of Cryptosystem PGM. J. Cryptology, 5 (1992), [2] Mighua Qu ad S.A. Vastoe. New Public-key Cryptosystems Based o Factorisatios of Fiite Groups. I Advaces i Cryptology - AUSCRYPT To be published. 12
A Block Cipher Using Linear Congruences
Joural of Computer Sciece 3 (7): 556-560, 2007 ISSN 1549-3636 2007 Sciece Publicatios A Block Cipher Usig Liear Cogrueces 1 V.U.K. Sastry ad 2 V. Jaaki 1 Academic Affairs, Sreeidhi Istitute of Sciece &
More information6 Integers Modulo n. integer k can be written as k = qn + r, with q,r, 0 r b. So any integer.
6 Itegers Modulo I Example 2.3(e), we have defied the cogruece of two itegers a,b with respect to a modulus. Let us recall that a b (mod ) meas a b. We have proved that cogruece is a equivalece relatio
More informationThe multiplicative structure of finite field and a construction of LRC
IERG6120 Codig for Distributed Storage Systems Lecture 8-06/10/2016 The multiplicative structure of fiite field ad a costructio of LRC Lecturer: Keeth Shum Scribe: Zhouyi Hu Notatios: We use the otatio
More informationTHE ASYMPTOTIC COMPLEXITY OF MATRIX REDUCTION OVER FINITE FIELDS
THE ASYMPTOTIC COMPLEXITY OF MATRIX REDUCTION OVER FINITE FIELDS DEMETRES CHRISTOFIDES Abstract. Cosider a ivertible matrix over some field. The Gauss-Jorda elimiatio reduces this matrix to the idetity
More informationOblivious Transfer using Elliptic Curves
Oblivious Trasfer usig Elliptic Curves bhishek Parakh Louisiaa State Uiversity, ato Rouge, L May 4, 006 bstract: This paper proposes a algorithm for oblivious trasfer usig elliptic curves lso, we preset
More information4 The Sperner property.
4 The Sperer property. I this sectio we cosider a surprisig applicatio of certai adjacecy matrices to some problems i extremal set theory. A importat role will also be played by fiite groups. I geeral,
More informationFactoring Algorithms and Other Attacks on the RSA 1/12
Factorig Algorithms ad Other Attacks o the RSA T-79550 Cryptology Lecture 8 April 8, 008 Kaisa Nyberg Factorig Algorithms ad Other Attacks o the RSA / The Pollard p Algorithm Let B be a positive iteger
More informationEnd-of-Year Contest. ERHS Math Club. May 5, 2009
Ed-of-Year Cotest ERHS Math Club May 5, 009 Problem 1: There are 9 cois. Oe is fake ad weighs a little less tha the others. Fid the fake coi by weighigs. Solutio: Separate the 9 cois ito 3 groups (A, B,
More informationChapter 4. Fourier Series
Chapter 4. Fourier Series At this poit we are ready to ow cosider the caoical equatios. Cosider, for eample the heat equatio u t = u, < (4.) subject to u(, ) = si, u(, t) = u(, t) =. (4.) Here,
More information4.3 Growth Rates of Solutions to Recurrences
4.3. GROWTH RATES OF SOLUTIONS TO RECURRENCES 81 4.3 Growth Rates of Solutios to Recurreces 4.3.1 Divide ad Coquer Algorithms Oe of the most basic ad powerful algorithmic techiques is divide ad coquer.
More informationCommutativity in Permutation Groups
Commutativity i Permutatio Groups Richard Wito, PhD Abstract I the group Sym(S) of permutatios o a oempty set S, fixed poits ad trasiet poits are defied Prelimiary results o fixed ad trasiet poits are
More informationEigenvalues and Eigenvectors
5 Eigevalues ad Eigevectors 5.3 DIAGONALIZATION DIAGONALIZATION Example 1: Let. Fid a formula for A k, give that P 1 1 = 1 2 ad, where Solutio: The stadard formula for the iverse of a 2 2 matrix yields
More informationRecurrence Relations
Recurrece Relatios Aalysis of recursive algorithms, such as: it factorial (it ) { if (==0) retur ; else retur ( * factorial(-)); } Let t be the umber of multiplicatios eeded to calculate factorial(). The
More informationCALCULATION OF FIBONACCI VECTORS
CALCULATION OF FIBONACCI VECTORS Stuart D. Aderso Departmet of Physics, Ithaca College 953 Daby Road, Ithaca NY 14850, USA email: saderso@ithaca.edu ad Dai Novak Departmet of Mathematics, Ithaca College
More informationCS284A: Representations and Algorithms in Molecular Biology
CS284A: Represetatios ad Algorithms i Molecular Biology Scribe Notes o Lectures 3 & 4: Motif Discovery via Eumeratio & Motif Represetatio Usig Positio Weight Matrix Joshua Gervi Based o presetatios by
More informationw (1) ˆx w (1) x (1) /ρ and w (2) ˆx w (2) x (2) /ρ.
2 5. Weighted umber of late jobs 5.1. Release dates ad due dates: maximimizig the weight of o-time jobs Oce we add release dates, miimizig the umber of late jobs becomes a sigificatly harder problem. For
More informationPAijpam.eu ON TENSOR PRODUCT DECOMPOSITION
Iteratioal Joural of Pure ad Applied Mathematics Volume 103 No 3 2015, 537-545 ISSN: 1311-8080 (prited versio); ISSN: 1314-3395 (o-lie versio) url: http://wwwijpameu doi: http://dxdoiorg/1012732/ijpamv103i314
More informationSome remarks for codes and lattices over imaginary quadratic
Some remarks for codes ad lattices over imagiary quadratic fields Toy Shaska Oaklad Uiversity, Rochester, MI, USA. Caleb Shor Wester New Eglad Uiversity, Sprigfield, MA, USA. shaska@oaklad.edu Abstract
More informationStochastic Matrices in a Finite Field
Stochastic Matrices i a Fiite Field Abstract: I this project we will explore the properties of stochastic matrices i both the real ad the fiite fields. We first explore what properties 2 2 stochastic matrices
More information11. FINITE FIELDS. Example 1: The following tables define addition and multiplication for a field of order 4.
11. FINITE FIELDS 11.1. A Field With 4 Elemets Probably the oly fiite fields which you ll kow about at this stage are the fields of itegers modulo a prime p, deoted by Z p. But there are others. Now although
More informationAlgebra of Least Squares
October 19, 2018 Algebra of Least Squares Geometry of Least Squares Recall that out data is like a table [Y X] where Y collects observatios o the depedet variable Y ad X collects observatios o the k-dimesioal
More informationDIVISIBILITY PROPERTIES OF GENERALIZED FIBONACCI POLYNOMIALS
DIVISIBILITY PROPERTIES OF GENERALIZED FIBONACCI POLYNOMIALS VERNER E. HOGGATT, JR. Sa Jose State Uiversity, Sa Jose, Califoria 95192 ad CALVIN T. LONG Washigto State Uiversity, Pullma, Washigto 99163
More informationTheorem: Let A n n. In this case that A does reduce to I, we search for A 1 as the solution matrix X to the matrix equation A X = I i.e.
Theorem: Let A be a square matrix The A has a iverse matrix if ad oly if its reduced row echelo form is the idetity I this case the algorithm illustrated o the previous page will always yield the iverse
More informationMath 155 (Lecture 3)
Math 55 (Lecture 3) September 8, I this lecture, we ll cosider the aswer to oe of the most basic coutig problems i combiatorics Questio How may ways are there to choose a -elemet subset of the set {,,,
More information62. Power series Definition 16. (Power series) Given a sequence {c n }, the series. c n x n = c 0 + c 1 x + c 2 x 2 + c 3 x 3 +
62. Power series Defiitio 16. (Power series) Give a sequece {c }, the series c x = c 0 + c 1 x + c 2 x 2 + c 3 x 3 + is called a power series i the variable x. The umbers c are called the coefficiets of
More informationLONG SNAKES IN POWERS OF THE COMPLETE GRAPH WITH AN ODD NUMBER OF VERTICES
J Lodo Math Soc (2 50, (1994, 465 476 LONG SNAKES IN POWERS OF THE COMPLETE GRAPH WITH AN ODD NUMBER OF VERTICES Jerzy Wojciechowski Abstract I [5] Abbott ad Katchalski ask if there exists a costat c >
More informationCALCULATING FIBONACCI VECTORS
THE GENERALIZED BINET FORMULA FOR CALCULATING FIBONACCI VECTORS Stuart D Aderso Departmet of Physics, Ithaca College 953 Daby Road, Ithaca NY 14850, USA email: saderso@ithacaedu ad Dai Novak Departmet
More informationSimilarity Solutions to Unsteady Pseudoplastic. Flow Near a Moving Wall
Iteratioal Mathematical Forum, Vol. 9, 04, o. 3, 465-475 HIKARI Ltd, www.m-hikari.com http://dx.doi.org/0.988/imf.04.48 Similarity Solutios to Usteady Pseudoplastic Flow Near a Movig Wall W. Robi Egieerig
More informationHoggatt and King [lo] defined a complete sequence of natural numbers
REPRESENTATIONS OF N AS A SUM OF DISTINCT ELEMENTS FROM SPECIAL SEQUENCES DAVID A. KLARNER, Uiversity of Alberta, Edmoto, Caada 1. INTRODUCTION Let a, I deote a sequece of atural umbers which satisfies
More informationCSE 1400 Applied Discrete Mathematics Number Theory and Proofs
CSE 1400 Applied Discrete Mathematics Number Theory ad Proofs Departmet of Computer Scieces College of Egieerig Florida Tech Sprig 01 Problems for Number Theory Backgroud Number theory is the brach of
More information7. Modern Techniques. Data Encryption Standard (DES)
7. Moder Techiques. Data Ecryptio Stadard (DES) The objective of this chapter is to illustrate the priciples of moder covetioal ecryptio. For this purpose, we focus o the most widely used covetioal ecryptio
More informationAn Introduction to Randomized Algorithms
A Itroductio to Radomized Algorithms The focus of this lecture is to study a radomized algorithm for quick sort, aalyze it usig probabilistic recurrece relatios, ad also provide more geeral tools for aalysis
More informationHOMEWORK 2 SOLUTIONS
HOMEWORK SOLUTIONS CSE 55 RANDOMIZED AND APPROXIMATION ALGORITHMS 1. Questio 1. a) The larger the value of k is, the smaller the expected umber of days util we get all the coupos we eed. I fact if = k
More informationM A T H F A L L CORRECTION. Algebra I 1 4 / 1 0 / U N I V E R S I T Y O F T O R O N T O
M A T H 2 4 0 F A L L 2 0 1 4 HOMEWORK ASSIGNMENT #4 CORRECTION Algebra I 1 4 / 1 0 / 2 0 1 4 U N I V E R S I T Y O F T O R O N T O P r o f e s s o r : D r o r B a r - N a t a Correctio Homework Assigmet
More informationAnother diametric theorem in Hamming spaces: optimal group anticodes
Aother diametric theorem i Hammig spaces: optimal group aticodes Rudolf Ahlswede Departmet of Mathematics Uiversity of Bielefeld POB 003, D-3350 Bielefeld, Germay Email: ahlswede@math.ui-bielefeld.de Abstract
More information1 Hash tables. 1.1 Implementation
Lecture 8 Hash Tables, Uiversal Hash Fuctios, Balls ad Bis Scribes: Luke Johsto, Moses Charikar, G. Valiat Date: Oct 18, 2017 Adapted From Virgiia Williams lecture otes 1 Hash tables A hash table is a
More informationSolutions to Math 347 Practice Problems for the final
Solutios to Math 347 Practice Problems for the fial 1) True or False: a) There exist itegers x,y such that 50x + 76y = 6. True: the gcd of 50 ad 76 is, ad 6 is a multiple of. b) The ifiimum of a set is
More informationProblem Set 2 Solutions
CS271 Radomess & Computatio, Sprig 2018 Problem Set 2 Solutios Poit totals are i the margi; the maximum total umber of poits was 52. 1. Probabilistic method for domiatig sets 6pts Pick a radom subset S
More informationLecture XVI - Lifting of paths and homotopies
Lecture XVI - Liftig of paths ad homotopies I the last lecture we discussed the liftig problem ad proved that the lift if it exists is uiquely determied by its value at oe poit. I this lecture we shall
More informationMath 4707 Spring 2018 (Darij Grinberg): homework set 4 page 1
Math 4707 Sprig 2018 Darij Griberg): homewor set 4 page 1 Math 4707 Sprig 2018 Darij Griberg): homewor set 4 due date: Wedesday 11 April 2018 at the begiig of class, or before that by email or moodle Please
More informationProperties and Tests of Zeros of Polynomial Functions
Properties ad Tests of Zeros of Polyomial Fuctios The Remaider ad Factor Theorems: Sythetic divisio ca be used to fid the values of polyomials i a sometimes easier way tha substitutio. This is show by
More informationProduct measures, Tonelli s and Fubini s theorems For use in MAT3400/4400, autumn 2014 Nadia S. Larsen. Version of 13 October 2014.
Product measures, Toelli s ad Fubii s theorems For use i MAT3400/4400, autum 2014 Nadia S. Larse Versio of 13 October 2014. 1. Costructio of the product measure The purpose of these otes is to preset the
More informationReview of Elementary Cryptography. For more material, see my notes of CSE 5351, available on my webpage
Review of Elemetary Cryptography For more material, see my otes of CSE 5351, available o my webpage Outlie Security (CPA, CCA, sematic security, idistiguishability) RSA ElGamal Homomorphic ecryptio 2 Two
More information1 Outline. 2 Kakeya in Analysis. Kakeya Sets: The Paper: The Talk. I aim to cover roughly the following things:
Kakeya Sets: The Paper: The Talk 1 Outlie I aim to cover roughly the followig thigs: 1 Brief history of the Kakeya problem i aalysis 2 The ite-eld Kakeya problem >> Dvir's solutio 3 Kakeya over o-archimedea
More informationAverage time of computing Boolean operators
Discrete Applied Mathematics 135 (2004 41 54 www.elsevier.com/locate/dam Average time of computig Boolea operators A.V. Chashki 1 Faculty of Mechaics ad Mathematics, Moscow State Uiversity, Vorob evy Gory,
More informationA Note on the Symmetric Powers of the Standard Representation of S n
A Note o the Symmetric Powers of the Stadard Represetatio of S David Savitt 1 Departmet of Mathematics, Harvard Uiversity Cambridge, MA 0138, USA dsavitt@mathharvardedu Richard P Staley Departmet of Mathematics,
More information(b) What is the probability that a particle reaches the upper boundary n before the lower boundary m?
MATH 529 The Boudary Problem The drukard s walk (or boudary problem) is oe of the most famous problems i the theory of radom walks. Oe versio of the problem is described as follows: Suppose a particle
More informationBeurling Integers: Part 2
Beurlig Itegers: Part 2 Isomorphisms Devi Platt July 11, 2015 1 Prime Factorizatio Sequeces I the last article we itroduced the Beurlig geeralized itegers, which ca be represeted as a sequece of real umbers
More informationRiesz-Fischer Sequences and Lower Frame Bounds
Zeitschrift für Aalysis ud ihre Aweduge Joural for Aalysis ad its Applicatios Volume 1 (00), No., 305 314 Riesz-Fischer Sequeces ad Lower Frame Bouds P. Casazza, O. Christese, S. Li ad A. Lider Abstract.
More information1 Summary: Binary and Logic
1 Summary: Biary ad Logic Biary Usiged Represetatio : each 1-bit is a power of two, the right-most is for 2 0 : 0110101 2 = 2 5 + 2 4 + 2 2 + 2 0 = 32 + 16 + 4 + 1 = 53 10 Usiged Rage o bits is [0...2
More informationExpected Norms of Zero-One Polynomials
DRAFT: Caad. Math. Bull. July 4, 08 :5 File: borwei80 pp. Page Sheet of Caad. Math. Bull. Vol. XX (Y, ZZZZ pp. 0 0 Expected Norms of Zero-Oe Polyomials Peter Borwei, Kwok-Kwog Stephe Choi, ad Idris Mercer
More informationChapter 6 Infinite Series
Chapter 6 Ifiite Series I the previous chapter we cosidered itegrals which were improper i the sese that the iterval of itegratio was ubouded. I this chapter we are goig to discuss a topic which is somewhat
More informationSequences and Series of Functions
Chapter 6 Sequeces ad Series of Fuctios 6.1. Covergece of a Sequece of Fuctios Poitwise Covergece. Defiitio 6.1. Let, for each N, fuctio f : A R be defied. If, for each x A, the sequece (f (x)) coverges
More informationSequences. Notation. Convergence of a Sequence
Sequeces A sequece is essetially just a list. Defiitio (Sequece of Real Numbers). A sequece of real umbers is a fuctio Z (, ) R for some real umber. Do t let the descriptio of the domai cofuse you; it
More informationAlgorithm of Superposition of Boolean Functions Given with Truth Vectors
IJCSI Iteratioal Joural of Computer Sciece Issues, Vol 9, Issue 4, No, July ISSN (Olie: 694-84 wwwijcsiorg 9 Algorithm of Superpositio of Boolea Fuctios Give with Truth Vectors Aatoly Plotikov, Aleader
More informationDeterminants of order 2 and 3 were defined in Chapter 2 by the formulae (5.1)
5. Determiats 5.. Itroductio 5.2. Motivatio for the Choice of Axioms for a Determiat Fuctios 5.3. A Set of Axioms for a Determiat Fuctio 5.4. The Determiat of a Diagoal Matrix 5.5. The Determiat of a Upper
More informationThe natural exponential function
The atural expoetial fuctio Attila Máté Brookly College of the City Uiversity of New York December, 205 Cotets The atural expoetial fuctio for real x. Beroulli s iequality.....................................2
More informationORTHOGONAL MATRIX IN CRYPTOGRAPHY
Orthogoal Matrix i Cryptography ORTHOGONAL MATRIX IN CRYPTOGRAPHY Yeray Cachó Sataa Member of CriptoRed (U.P.M.) ABSTRACT I this work is proposed a method usig orthogoal matrix trasform properties to ecrypt
More informationsubject to A 1 x + A 2 y b x j 0, j = 1,,n 1 y j = 0 or 1, j = 1,,n 2
Additioal Brach ad Boud Algorithms 0-1 Mixed-Iteger Liear Programmig The brach ad boud algorithm described i the previous sectios ca be used to solve virtually all optimizatio problems cotaiig iteger variables,
More informationInjections, Surjections, and the Pigeonhole Principle
Ijectios, Surjectios, ad the Pigeohole Priciple 1 (10 poits Here we will come up with a sloppy boud o the umber of parethesisestigs (a (5 poits Describe a ijectio from the set of possible ways to est pairs
More informationApply change-of-basis formula to rewrite x as a linear combination of eigenvectors v j.
Eigevalue-Eigevector Istructor: Nam Su Wag eigemcd Ay vector i real Euclidea space of dimesio ca be uiquely epressed as a liear combiatio of liearly idepedet vectors (ie, basis) g j, j,,, α g α g α g α
More informationIt is often useful to approximate complicated functions using simpler ones. We consider the task of approximating a function by a polynomial.
Taylor Polyomials ad Taylor Series It is ofte useful to approximate complicated fuctios usig simpler oes We cosider the task of approximatig a fuctio by a polyomial If f is at least -times differetiable
More informationThe standard deviation of the mean
Physics 6C Fall 20 The stadard deviatio of the mea These otes provide some clarificatio o the distictio betwee the stadard deviatio ad the stadard deviatio of the mea.. The sample mea ad variace Cosider
More informationON MEAN ERGODIC CONVERGENCE IN THE CALKIN ALGEBRAS
PROCEEDINGS OF THE AMERICAN MATHEMATICAL SOCIETY Volume 00, Number 0, Pages 000 000 S 0002-9939(XX0000-0 ON MEAN ERGODIC CONVERGENCE IN THE CALKIN ALGEBRAS MARCH T. BOEDIHARDJO AND WILLIAM B. JOHNSON 2
More informationCS 171 Lecture Outline October 09, 2008
CS 171 Lecture Outlie October 09, 2008 The followig theorem comes very hady whe calculatig the expectatio of a radom variable that takes o o-egative iteger values. Theorem: Let Y be a radom variable that
More informationSolutions to home assignments (sketches)
Matematiska Istitutioe Peter Kumli 26th May 2004 TMA401 Fuctioal Aalysis MAN670 Applied Fuctioal Aalysis 4th quarter 2003/2004 All documet cocerig the course ca be foud o the course home page: http://www.math.chalmers.se/math/grudutb/cth/tma401/
More informationSeunghee Ye Ma 8: Week 5 Oct 28
Week 5 Summary I Sectio, we go over the Mea Value Theorem ad its applicatios. I Sectio 2, we will recap what we have covered so far this term. Topics Page Mea Value Theorem. Applicatios of the Mea Value
More informationImprovement of Generic Attacks on the Rank Syndrome Decoding Problem
Improvemet of Geeric Attacks o the Rak Sydrome Decodig Problem Nicolas Arago, Philippe Gaborit, Adrie Hauteville, Jea-Pierre Tillich To cite this versio: Nicolas Arago, Philippe Gaborit, Adrie Hauteville,
More informationSection 4.3. Boolean functions
Sectio 4.3. Boolea fuctios Let us take aother look at the simplest o-trivial Boolea algebra, ({0}), the power-set algebra based o a oe-elemet set, chose here as {0}. This has two elemets, the empty set,
More informationCHAPTER 5. Theory and Solution Using Matrix Techniques
A SERIES OF CLASS NOTES FOR 2005-2006 TO INTRODUCE LINEAR AND NONLINEAR PROBLEMS TO ENGINEERS, SCIENTISTS, AND APPLIED MATHEMATICIANS DE CLASS NOTES 3 A COLLECTION OF HANDOUTS ON SYSTEMS OF ORDINARY DIFFERENTIAL
More informationOn the Inverse of a Certain Matrix Involving Binomial Coefficients
It. J. Cotemp. Math. Scieces, Vol. 3, 008, o. 3, 5-56 O the Iverse of a Certai Matrix Ivolvig Biomial Coefficiets Yoshiari Iaba Kitakuwada Seior High School Keihokushimoyuge, Ukyo-ku, Kyoto, 60-0534, Japa
More informationIt is always the case that unions, intersections, complements, and set differences are preserved by the inverse image of a function.
MATH 532 Measurable Fuctios Dr. Neal, WKU Throughout, let ( X, F, µ) be a measure space ad let (!, F, P ) deote the special case of a probability space. We shall ow begi to study real-valued fuctios defied
More informationIP Reference guide for integer programming formulations.
IP Referece guide for iteger programmig formulatios. by James B. Orli for 15.053 ad 15.058 This documet is iteded as a compact (or relatively compact) guide to the formulatio of iteger programs. For more
More informationBinary codes from graphs on triples and permutation decoding
Biary codes from graphs o triples ad permutatio decodig J. D. Key Departmet of Mathematical Scieces Clemso Uiversity Clemso SC 29634 U.S.A. J. Moori ad B. G. Rodrigues School of Mathematics Statistics
More informationSOME THEORY AND PRACTICE OF STATISTICS by Howard G. Tucker
SOME THEORY AND PRACTICE OF STATISTICS by Howard G. Tucker CHAPTER 9. POINT ESTIMATION 9. Covergece i Probability. The bases of poit estimatio have already bee laid out i previous chapters. I chapter 5
More informationAnalytic Theory of Probabilities
Aalytic Theory of Probabilities PS Laplace Book II Chapter II, 4 pp 94 03 4 A lottery beig composed of umbered tickets of which r exit at each drawig, oe requires the probability that after i drawigs all
More informationMath 609/597: Cryptography 1
Math 609/597: Cryptography 1 The Solovay-Strasse Primality Test 12 October, 1993 Burt Roseberg Revised: 6 October, 2000 1 Itroductio We describe the Solovay-Strasse primality test. There is quite a bit
More informationlim za n n = z lim a n n.
Lecture 6 Sequeces ad Series Defiitio 1 By a sequece i a set A, we mea a mappig f : N A. It is customary to deote a sequece f by {s } where, s := f(). A sequece {z } of (complex) umbers is said to be coverget
More informationROTATION-EQUIVALENCE CLASSES OF BINARY VECTORS. 1. Introduction
t m Mathematical Publicatios DOI: 10.1515/tmmp-2016-0033 Tatra Mt. Math. Publ. 67 (2016, 93 98 ROTATION-EQUIVALENCE CLASSES OF BINARY VECTORS Otokar Grošek Viliam Hromada ABSTRACT. I this paper we study
More informationInfinite Sequences and Series
Chapter 6 Ifiite Sequeces ad Series 6.1 Ifiite Sequeces 6.1.1 Elemetary Cocepts Simply speakig, a sequece is a ordered list of umbers writte: {a 1, a 2, a 3,...a, a +1,...} where the elemets a i represet
More informationZeros of Polynomials
Math 160 www.timetodare.com 4.5 4.6 Zeros of Polyomials I these sectios we will study polyomials algebraically. Most of our work will be cocered with fidig the solutios of polyomial equatios of ay degree
More informationgcd(n, k) = 1 Kwang Ho Kim 1 and Sihem Mesnager 2 Pyongyang, Democratic People s Republic of Korea
Solvig x 2k + + x + a = 0 i F 2 gcd, k = with Kwag Ho Kim ad Sihem Mesager 2 Istitute of Mathematics, State Academy of Scieces ad PGItech Corp., Pyogyag, Democratic People s Republic of Korea khk.cryptech@gmail.com
More informationRelations Among Algebras
Itroductio to leee Algebra Lecture 6 CS786 Sprig 2004 February 9, 2004 Relatios Amog Algebras The otio of free algebra described i the previous lecture is a example of a more geeral pheomeo called adjuctio.
More informationarxiv: v1 [math.co] 3 Feb 2013
Cotiued Fractios of Quadratic Numbers L ubomíra Balková Araka Hrušková arxiv:0.05v [math.co] Feb 0 February 5 0 Abstract I this paper we will first summarize kow results cocerig cotiued fractios. The we
More informationFINITE GROUPS WITH THREE RELATIVE COMMUTATIVITY DEGREES. Communicated by Ali Reza Ashrafi. 1. Introduction
Bulleti of the Iraia Mathematical Society Vol. 39 No. 2 203), pp 27-280. FINITE GROUPS WITH THREE RELATIVE COMMUTATIVITY DEGREES R. BARZGAR, A. ERFANIAN AND M. FARROKHI D. G. Commuicated by Ali Reza Ashrafi
More informationShannon s noiseless coding theorem
18.310 lecture otes May 4, 2015 Shao s oiseless codig theorem Lecturer: Michel Goemas I these otes we discuss Shao s oiseless codig theorem, which is oe of the foudig results of the field of iformatio
More informationCardinality Homework Solutions
Cardiality Homework Solutios April 16, 014 Problem 1. I the followig problems, fid a bijectio from A to B (you eed ot prove that the fuctio you list is a bijectio): (a) A = ( 3, 3), B = (7, 1). (b) A =
More informationarxiv: v1 [math.co] 23 Mar 2016
The umber of direct-sum decompositios of a fiite vector space arxiv:603.0769v [math.co] 23 Mar 206 David Ellerma Uiversity of Califoria at Riverside August 3, 208 Abstract The theory of q-aalogs develops
More informationPhysics 116A Solutions to Homework Set #1 Winter Boas, problem Use equation 1.8 to find a fraction describing
Physics 6A Solutios to Homework Set # Witer 0. Boas, problem. 8 Use equatio.8 to fid a fractio describig 0.694444444... Start with the formula S = a, ad otice that we ca remove ay umber of r fiite decimals
More informationDesign and Analysis of Algorithms
Desig ad Aalysis of Algorithms Probabilistic aalysis ad Radomized algorithms Referece: CLRS Chapter 5 Topics: Hirig problem Idicatio radom variables Radomized algorithms Huo Hogwei 1 The hirig problem
More informationMath 61CM - Solutions to homework 3
Math 6CM - Solutios to homework 3 Cédric De Groote October 2 th, 208 Problem : Let F be a field, m 0 a fixed oegative iteger ad let V = {a 0 + a x + + a m x m a 0,, a m F} be the vector space cosistig
More informationThe Choquet Integral with Respect to Fuzzy-Valued Set Functions
The Choquet Itegral with Respect to Fuzzy-Valued Set Fuctios Weiwei Zhag Abstract The Choquet itegral with respect to real-valued oadditive set fuctios, such as siged efficiecy measures, has bee used i
More informationDefinition 4.2. (a) A sequence {x n } in a Banach space X is a basis for X if. unique scalars a n (x) such that x = n. a n (x) x n. (4.
4. BASES I BAACH SPACES 39 4. BASES I BAACH SPACES Sice a Baach space X is a vector space, it must possess a Hamel, or vector space, basis, i.e., a subset {x γ } γ Γ whose fiite liear spa is all of X ad
More informationSequences of Definite Integrals, Factorials and Double Factorials
47 6 Joural of Iteger Sequeces, Vol. 8 (5), Article 5.4.6 Sequeces of Defiite Itegrals, Factorials ad Double Factorials Thierry Daa-Picard Departmet of Applied Mathematics Jerusalem College of Techology
More informationTHE CHAIN CONDITION OF MODULE MATRIX
Jural Karya Asli Loreka Ahli atematik Vol 9 No (206) Page 00-00 Jural Karya Asli Loreka Ahli atematik THE CHAIN CONDITION OF ODULE ATRIX Achmad Abdurrazzaq Ismail bi ohd 2 ad Ahmad Kadri bi Juoh Uiversiti
More informationMachine Learning for Data Science (CS 4786)
Machie Learig for Data Sciece CS 4786) Lecture & 3: Pricipal Compoet Aalysis The text i black outlies high level ideas. The text i blue provides simple mathematical details to derive or get to the algorithm
More informationA Hadamard-type lower bound for symmetric diagonally dominant positive matrices
A Hadamard-type lower boud for symmetric diagoally domiat positive matrices Christopher J. Hillar, Adre Wibisoo Uiversity of Califoria, Berkeley Jauary 7, 205 Abstract We prove a ew lower-boud form of
More informationMath 104: Homework 2 solutions
Math 04: Homework solutios. A (0, ): Sice this is a ope iterval, the miimum is udefied, ad sice the set is ot bouded above, the maximum is also udefied. if A 0 ad sup A. B { m + : m, N}: This set does
More information1 Last time: similar and diagonalizable matrices
Last time: similar ad diagoalizable matrices Let be a positive iteger Suppose A is a matrix, v R, ad λ R Recall that v a eigevector for A with eigevalue λ if v ad Av λv, or equivaletly if v is a ozero
More informationLecture 11: Pseudorandom functions
COM S 6830 Cryptography Oct 1, 2009 Istructor: Rafael Pass 1 Recap Lecture 11: Pseudoradom fuctios Scribe: Stefao Ermo Defiitio 1 (Ge, Ec, Dec) is a sigle message secure ecryptio scheme if for all uppt
More information