Mathematical Foundations of Cryptography

Size: px
Start display at page:

Transcription

1 Mathematical Foundations of Cryptography Cryptography is based on mathematics In this chapter we study finite fields, the basis of the Advanced Encryption Standard (AES) and elliptical curve cryptography In chapter 8 we study modular arithmetic in more detail as the basis of RSA encryption The topics we cover now are Groups, rings, and fields Modular arithmetic and polynomial arithmetic Finite fields of the form GF(p) where p is prime and GF(2 n )

2

3 Groups Group G with operation obeys the following rules Closure: if a and b belong to G then so does a b Associativity: (a b) c = a (b c) Indentity: there is an identity element, call it e, such that a e = e a = a for all elements a in G Inverse: for every a in G there is an a in G such that a a = a a = e An abelian group also obeys the commutative law: a b = b a for all a and b in G The set of integers {, -2, 1, 0, 1, 2, } under addition is an example of an infinite abelian group

4 Group Work (no pun intended) Define the operation by a b Is there closure? Why? a a b Is associative? b b a Is there an identity element? What is it? Does every element have an inverse? What are the inverses of a and of b? Is commutative? How can you tell? Can you think of an appropriate name for?

5 Cyclic Group Exponentiation is repeated application of the group operator, such as a a a a = a 4 A group is cyclic if every element can be expressed as a power of a particular element, call it a; that is, every element equals a k for some k We define a -k as (a ) k and a 0 as the identity The element a is a generator for the group For the set of integers under addition, a = 1, a k = = k and a 0 = 0 a = -1 so a -k = = -k

6 Homework problem Consider S 3, all permutations of three elements Use the elements 1, 2, 3 write all possible permutations, label them using the scheme a is 1 2 3, b is 1 3 2, c is 2 1 3, d is 2 3 1, e is and f is 3 2 1; clearly a is the identity element Draw a composition table for permutations Is S 3 closed? Is it associative? Is there an identity element? Are there inverses? Is S 3 abelian? If not, give a counter example. Is S 3 a cyclic group?

7 Properties of a Ring A ring is a set S with two operations we will call + and x, for convenience we write x using concatenation, so a x b is simply written ab (S, +) is an abelian group S is closed under x, so ab is in S for all a and b The operation x is associative; how do we write this? The distributive laws hold: a (b + c) = a b + a c and (a + b) c = a c + b c The ring is commutative if a b = b a for all a and b The set S of even integers under addition and multiplication is a commutative ring

8 Group Work Given the operations + and x on S defined by + a b a a b b b a x a b a a a b a b Is S a ring? Justify your answer. Is S a commutative ring? Justify.

9 Integral Domain An integral domain, call it R, is a commutative ring that obeys two additional properties There is a multiplicative identity, call it 1, such that 1 a = a 1 = a for all elements a in R No zero divisors: if a and b are in R and a b = 0 then either a = 0 or b = 0 The set of integers under addition and multiplication is an integral domain

10 A Field A field F is an integral domain that satisfies one additional property Assume the operations are + and x, the additive identity is 0 and the multiplicative identity is 1 For each a in F, except 0, there is a multiplicative inverse a -1 such that a a -1 = a -1 a = 1 In essence we are adding division since a b -1 = a/b The rational numbers, the real numbers, and the complex numbers are all fields Why isn t the set of integers a field? We now turn our attention to finite groups, rings and fields

11 A Summary of Properties

12 Modulo Arithmetic Integer division produces a quotient and remainder a = qn + r where 0 <= r < n and q = a/n The remainder is given by a mod n so a = a/n n + (a mod n) Find q and r for a = 43 and n = 9 Find q and r for a = -13 and n = 4 Two integers are congruent modulo n If (a mod n) = (b mod n) then we write a b (mod n) Examples: mod 5 and mod 7 Modulo equality produces an infinite set, so the integers equal to 4 mod 7 are { -10, -3, 4, 11, 18 }

13 Divisors We say a b if a = mb for some integer m the divisors of 30 are 1, 2, 3, 5, 6, 10, 15 If a 1 then a = +1 or 1 If a b and b a then a = +b or b Any b 0 divides 0 If b g and b h then b (mg + nh) for arbitrary integers m,n Properties of the modulo operator a b mod n if n (a b) a b mod n implies b a mod n a b mod n and b c mod n implies a c mod n

14 Homework Problem How would you prove that mod is transitive? Namely, prove a b mod n and b c mod n implies a c mod n. How would you get started?

15 Properties Modulo Properties [(a mod n) + (b mod n)] mod n = (a + b) mod n [(a mod n) - (b mod n)] mod n = (a - b) mod n [(a mod n) x (b mod n)] mod n = (a x b) mod n How would you prove the last property? Examples [(12 mod 5) + (13 mod 5)] mod 5 = [2 + 3] mod 5 = 0 = ( ) mod 5 [(12 mod 5) x (13 mod 5)] mod 5 = [2 x 3] mod 5 = 1 = (12 x 13) mod mod 8 (49)(49) mod mod 8 1 mod 8

17 Multiplication Modulo 8

18 Residue Classes The entries in the previous tables are residue classes; each class represents an infinite set of integer values For example, the residue classes modulo 4 are [0] = {, -12, -8, -4, 0, 4, 8, 12, } [1] = {, -11, -7, -3, 1, 5, 9, 13, } [2] = {, -10, -6, -2, 2, 6, 10, 14, } [3] = {, -9, -5, -1, 3, 7, 11, 15, } The integers 0 through n-1 are used to represent their respective residue classes modulo n Notice that these classes are mutually exclusive The union of all these classes is the set of integers

19 Homework Problem Fill in the following tables for Z x

20 Properties of Zn

21 What about Multiplicative Inverses If (ab) (ac) mod n can we conclude b c (mod n) In general the answer is no, consider (6 x 3) (6 x 7) (mod 8) since both 2 but clearly 3 does not equal 7 mod 8 But in some cases it is true, as in (5 x 3) (5 x 11) (mod 8) since both 7 and it is true 3 11 mod 8 The conclusion above is only true if a and n are relatively prime If gcd(a, b) = 1 then a and b are relative prime The numbers relatively prime to 8 are 1, 3, 5, and 7 Notice that these numbers generate the entire group using exponentiation

22 Greatest Common Divisor Definition: c is the gcd(a,b) if c is a divisor of a and b Any divisor of a and b is also a divisor of c gcd(a,b) = max[k such that k a and k b] Some properties of gcd gcd(a,b) = gcd(-a,b) = gcd(a,-b) = gcd(-a,-b) So in general we can find gcd( a, b ) gcd(a,0) = a As mentioned earlier if gcd(a,b) = 1 then a and b are relatively prime

23 An important theorem gcd(a,b) = gcd(b, a mod b) The proof of this theorem is given in the textbook This gives us a way to calculate the gcd efficiently gcd(24, 18) = gcd(18, 6) = gcd(6, 0) = 6 What if the order of the original numbers is reversed? gcd(18,24) = gcd(24, 18) = gcd(18, 6) = gcd(6, 0) = 6 What if the numbers are relatively prime? gcd(80, 29) = gcd(29, 22) = gcd(22, 7) = gcd(7,1) = gcd(1,0) = 1 Euclid s algorithm implements the process of finding the gcd using this theorem

24 Euclid s Algorithm EUCLID(a,b) 1. A a; B b 2. If B = 0 return A // it is the gcd(a,b) 3. R = A mod B 4. A B 5. B R 6. Go to step 2 An extended example gcd(1970, 1066) = gcd(1066, 904) = gcd(904,162) = gcd(162,94) = gcd(94,68) = gcd(68,26) = gcd(26,16) = gcd(16,10) = gcd(10,6) = gcd(6,4) = gcd(4,2) = gcd(2,0) = 2

25 Finite Fields of Order p Consider modular arithmetic order p p is a prime, meaning its only divisors are 1 and itself All nonzero elements have a multiplicative inverse Therefore, if (a x b) = (a x c) mod p then b = c mod p A simple example, GF(2) x 0 1 w -w w

26 GF(7)

27 Extended Euclid Used to find the multiplicative inverse Extended Euclid(m,b) 1. (A1,A2,A3) (1,0,m); (B1,B2,B3) (0,1,b) 2. If B3 = 0 return A3 = gcd(m,b); no inverse 3. If B3 = 1 return B3 = gcd(m,b); B2 is b Q = floor(a3/b3) 5. (T1,T2,T3) (A1 Q B1, A2 Q B2, A3 Q B3) 6. (A1,A2,A3) (B1,B2,B3) 7. (B1,B2,B3) (T1,T2,T3) 8. Goto step 2

28 Find the inverse of 5 in GF(17) We show the T s too but as you can see they could have been written in the B s columns Q A1 A2 A3 B1 B2 B3 T1 T2 T So the inverse of 5 is 7 Check 5 x 7 1 mod 17 Homework Problem: find the inverse of 11

29 Polynomial Operations Addition Multiplication i n i a i x x f = = 0 ) ( i m i b i x x g = = 0 ) ( m n >= i n m i i m i i i i x a x b a x g x f + = = + + = ) ( ) ( ) ( = + = n m i i c i x x g x f 0 ) ( ) ( b a b a a b b a c k k k k k = where

30 Polynomial Arithmetic in Galois Fields Polynomial arithmetic with coefficients in Z p This forms a polynomial ring Division produces both a quotient and remainder So objects may not have multiplicative inverses We are particularly interested in Z 2 Looking ahead We will look at polynomial arithmetic over GF(2 n ) In this case objects do have multiplicative inverses This results in a finite field Modular polynomial arithmetic over GF(2 n ) form a basis of the Advanced Encryption Standard (AES)

31 Polynomial Arithmetic over GF(2) GF(2) is important because arithmetic is easy Addition is an XOR operation Multiplication is an AND operation Here are some example operations; notice that the coefficients in GF(2) can only be 0 or 1 and that addition and subtraction give the same result

32 Multiplication and Division

33 Definition Irreducible Polynomials A polynomial f(x) is irreducible if and only if it cannot be expressed as a product of lower degree polynomials These polynomials are also called prime polynomials Examples x is reducible since it equals (x+1)(x 2 +x+1) x 3 + x is irreducible because if it was then one factor would have degree one and the other degree two x is clearly not a factor x + 1 is not a factor because x 3 + x = x 2 (x + 1) + 1 So there is no factor of degree one

34 GCD for polynomials gcd(a(x), b(x)) = c(x) if c(x) divides both a(x) and b(x) Any divisor of a(x) and b(x) is a divisor of c(x) Euclid[a(x), b(x)] 1. A(x) a(x); B(x) b(x) 2. If B(x) = 0 then gcd(a(x), b(x)) = A(x) 3. R(x) = A(x) mod B(x) 4. A(x) B(x) 5. B(x) R(x) 6. Go to step 2

35 An Example Find gcd(x 3 +1, x 2 +1) over GF(2) x 2 x +1 x x + x x +1 x +1 x x 2 2 x + x x +1 x + 1 0

36 Finite Fields of the Form GF(2 n ) Desirable features Given appropriately defined structures (see next slide), operations produce a field; most importantly non-zero elements have inverses Integers are mapped uniformly; here are the occurrences Z GF(2 3 ) Why is this important for cryptography; hint: with character to character ciphers and the uneven distribution of alphabetic characters in English words, a cipher is easily broken

37 Arithmetic in GF(2 3 )

38 Modular Polynomial Arithmetic Arithmetic operations Follow the normal rules of algebra, refined by Coefficient arithmetic is performed modulo 2 n If multiplication results in a polynomial with terms of degree greater than 2 n 1, then the polynomial is reduced by some irreducible polynomial m(x) of degree 2 n This means we divide by m(x) and keep the remainder A look ahead to AES Polynomials are processed in GF(2 8 ) m(x) is x 8 + x 4 + x 3 + x + 1

39 Polynomials in GF(2 3 ) mod x 3 + x + 1 We need an irreducible polynomial of degree 3 There are two such polynomials, x 3 + x + 1 and x 3 + x 2 + 1; we choose the first one It does not matter which one was chosen, since the resultant fields are isomorphic Question: what does isomorphic mean?

40 Polynomials in GF(2 3 ) mod x 3 + x + 1 Claim: these two tables are equivalent Try to explain why

41 Yet Another Euclid s Algorithm EXTENDED EUCLID[m(x), b(x)] 1. [A1(x), A2(x), A3(x)] [1, 0, m(x)] [B1(x), B2(x), B3(x)] [0, 1, b(x)] 2. If B3(x) =0 return A3(x) = gcd(m(x),b(x)); no inverse 3. If B3(x) =1 return B3(x) = gcd(m(x),b(x)); B2(x) is b Q(x) = quotient of A3(x)/B3(x) 5. [T1(x),T2(x), T3(x)] [A1(x) Q(x) B1 (x), A2(x) Q(x) B2(x), A3(x) Q(x) B3 (x) ] 6. [A1(x), A2(x), A3(x)] [B1(x), B2(x), B3(x)] 7. [B1(x), B2(x), B3(x)] [T1(x), T2(x), T3(x)] 8. Goto step 2

42 A Sample Solution Find the inverse of x 7 + x + 1 mod x 8 + x 4 + x 3 + x + 1 The result is x 7

43 Computation in GF(2 8 ) Addition is very simple, apply XOR (x 6 + x 4 + x 2 + x + 1) + (x 7 + x + 1) = x 7 + x 6 + x 4 + x 2 is computed by ( ) ( ) = Multiplication takes more work We use x n mod p(x) = [p(x) x n ] In particular x 8 mod m(x) = x 4 + x 3 + x + 1 Given any f(x) we compute x f(x) mod m(x) Note that multiplying by x is a one bit shift left If b 7 = 0 then we are done If b 7 = 1 we compute (b 6 b 5 b 4 b 3 b 2 b 1 b 0 0) ( )

44 Computing ( Example Multiplication x + x + x + x + 1) ( x + x + 1) = x + x + 1mod m( x) First find ( ) times the powers of x ( ) x ( ) = ( ) // times x ( ) x ( ) = ( ) ( ) = ( ) // times x 2 ( ) x ( ) = ( ) // times x 3 ( ) x ( ) = ( ) ( ) = ( ) // times x 4 ( ) x ( ) = ( ) // times x 5 ( ) x ( ) = ( ) // times x 6 ( ) x ( ) = ( ) // times x 7

45 Example Multiplication 2 Now we do the multiply ( ) x ( ) = ( ) x [( ) ( ) ( )] Using distribution & the results from the previous slide = ( ) ( ) ( ) = Translating back into polynomial notation the result is x 7 + x Although polynomial arithmetic looks intimidating, when performed in binary it can be computed very efficiently Homework Problem ( x x + x + x + 1) ( x + x + 1) mod x + x

Chapter 4 Finite Fields

Chapter 4 Finite Fields Introduction will now introduce finite fields of increasing importance in cryptography AES, Elliptic Curve, IDEA, Public Key concern operations on numbers what constitutes a number

Finite Fields. Mike Reiter

1 Finite Fields Mike Reiter reiter@cs.unc.edu Based on Chapter 4 of: W. Stallings. Cryptography and Network Security, Principles and Practices. 3 rd Edition, 2003. Groups 2 A group G, is a set G of elements

A field F is a set of numbers that includes the two numbers 0 and 1 and satisfies the properties:

Byte multiplication 1 Field arithmetic A field F is a set of numbers that includes the two numbers 0 and 1 and satisfies the properties: F is an abelian group under addition, meaning - F is closed under

Chapter 4 Mathematics of Cryptography

Chapter 4 Mathematics of Cryptography Part II: Algebraic Structures Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 4.1 Chapter 4 Objectives To review the concept

Basic Concepts in Number Theory and Finite Fields

Basic Concepts in Number Theory and Finite Fields Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: 4-1 Overview

COMPUTER ARITHMETIC. 13/05/2010 cryptography - math background pp. 1 / 162

COMPUTER ARITHMETIC 13/05/2010 cryptography - math background pp. 1 / 162 RECALL OF COMPUTER ARITHMETIC computers implement some types of arithmetic for instance, addition, subtratction, multiplication

LECTURE NOTES IN CRYPTOGRAPHY

1 LECTURE NOTES IN CRYPTOGRAPHY Thomas Johansson 2005/2006 c Thomas Johansson 2006 2 Chapter 1 Abstract algebra and Number theory Before we start the treatment of cryptography we need to review some basic

Fields in Cryptography. Çetin Kaya Koç Winter / 30

Fields in Cryptography http://koclab.org Çetin Kaya Koç Winter 2017 1 / 30 Field Axioms Fields in Cryptography A field F consists of a set S and two operations which we will call addition and multiplication,

CSC 474 Information Systems Security

CSC Information Systems Security Topic. Basic Number Theory CSC Dr. Peng Ning Basic Number Theory We are talking about integers! Divisor We say that b divides a if a = mb for some m, denoted b a. b is

Mathematics for Cryptography

Mathematics for Cryptography Douglas R. Stinson David R. Cheriton School of Computer Science University of Waterloo Waterloo, Ontario, N2L 3G1, Canada March 15, 2016 1 Groups and Modular Arithmetic 1.1

The Euclidean Algorithm and Multiplicative Inverses

1 The Euclidean Algorithm and Multiplicative Inverses Lecture notes for Access 2009 The Euclidean Algorithm is a set of instructions for finding the greatest common divisor of any two positive integers.

ECEN 5022 Cryptography

Elementary Algebra and Number Theory University of Colorado Spring 2008 Divisibility, Primes Definition. N denotes the set {1, 2, 3,...} of natural numbers and Z denotes the set of integers {..., 2, 1,

Introduction to Information Security

Introduction to Information Security Lecture 5: Number Theory 007. 6. Prof. Byoungcheon Lee sultan (at) joongbu. ac. kr Information and Communications University Contents 1. Number Theory Divisibility

Groups, Rings, and Finite Fields. Andreas Klappenecker. September 12, 2002

Background on Groups, Rings, and Finite Fields Andreas Klappenecker September 12, 2002 A thorough understanding of the Agrawal, Kayal, and Saxena primality test requires some tools from algebra and elementary

Commutative Rings and Fields

Commutative Rings and Fields 1-22-2017 Different algebraic systems are used in linear algebra. The most important are commutative rings with identity and fields. Definition. A ring is a set R with two

Outline. Number Theory and Modular Arithmetic. p-1. Definition: Modular equivalence a b [mod n] (a mod n) = (b mod n) n (a-b)

Great Theoretical Ideas In CS Victor Adamchik CS - Lecture Carnegie Mellon University Outline Number Theory and Modular Arithmetic p- p Working modulo integer n Definitions of Z n, Z n Fundamental lemmas

Congruences and Residue Class Rings

Congruences and Residue Class Rings (Chapter 2 of J. A. Buchmann, Introduction to Cryptography, 2nd Ed., 2004) Shoichi Hirose Faculty of Engineering, University of Fukui S. Hirose (U. Fukui) Congruences

Finite Fields. SOLUTIONS Network Coding - Prof. Frank H.P. Fitzek

Finite Fields In practice most finite field applications e.g. cryptography and error correcting codes utilizes a specific type of finite fields, namely the binary extension fields. The following exercises

Galois Fields and Hardware Design

Galois Fields and Hardware Design Construction of Galois Fields, Basic Properties, Uniqueness, Containment, Closure, Polynomial Functions over Galois Fields Priyank Kalla Associate Professor Electrical

NUMBER THEORY. Anwitaman DATTA SCSE, NTU Singapore CX4024. CRYPTOGRAPHY & NETWORK SECURITY 2018, Anwitaman DATTA

NUMBER THEORY Anwitaman DATTA SCSE, NTU Singapore Acknowledgement: The following lecture slides are based on, and uses material from the text book Cryptography and Network Security (various eds) by William

Elementary Algebra Chinese Remainder Theorem Euclidean Algorithm

Elementary Algebra Chinese Remainder Theorem Euclidean Algorithm April 11, 2010 1 Algebra We start by discussing algebraic structures and their properties. This is presented in more depth than what we

Number Theory Notes Spring 2011

PRELIMINARIES The counting numbers or natural numbers are 1, 2, 3, 4, 5, 6.... The whole numbers are the counting numbers with zero 0, 1, 2, 3, 4, 5, 6.... The integers are the counting numbers and zero

Section VI.33. Finite Fields

VI.33 Finite Fields 1 Section VI.33. Finite Fields Note. In this section, finite fields are completely classified. For every prime p and n N, there is exactly one (up to isomorphism) field of order p n,

Finite Fields: An introduction through exercises Jonathan Buss Spring 2014

Finite Fields: An introduction through exercises Jonathan Buss Spring 2014 A typical course in abstract algebra starts with groups, and then moves on to rings, vector spaces, fields, etc. This sequence

Basic elements of number theory

Cryptography Basic elements of number theory Marius Zimand By default all the variables, such as a, b, k, etc., denote integer numbers. Divisibility a 0 divides b if b = a k for some integer k. Notation

Basic elements of number theory

Cryptography Basic elements of number theory Marius Zimand 1 Divisibility, prime numbers By default all the variables, such as a, b, k, etc., denote integer numbers. Divisibility a 0 divides b if b = a

Public-key Cryptography: Theory and Practice

Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 2: Mathematical Concepts Divisibility Congruence Quadratic Residues

ECE 646 Lecture 5. Mathematical Background: Modular Arithmetic

ECE 646 Lecture 5 Mathematical Background: Modular Arithmetic Motivation: Public-key ciphers RSA as a trap-door one-way function PUBLIC KEY message ciphertext M C = f(m) = M e mod N C M = f -1 (C) = C

Modular Arithmetic and Elementary Algebra

18.310 lecture notes September 2, 2013 Modular Arithmetic and Elementary Algebra Lecturer: Michel Goemans These notes cover basic notions in algebra which will be needed for discussing several topics of

This is a recursive algorithm. The procedure is guaranteed to terminate, since the second argument decreases each time.

8 Modular Arithmetic We introduce an operator mod. Let d be a positive integer. For c a nonnegative integer, the value c mod d is the remainder when c is divided by d. For example, c mod d = 0 if and only

2a 2 4ac), provided there is an element r in our

MTH 310002 Test II Review Spring 2012 Absractions versus examples The purpose of abstraction is to reduce ideas to their essentials, uncluttered by the details of a specific situation Our lectures built

Galois fields/1. (M3) There is an element 1 (not equal to 0) such that a 1 = a for all a.

Galois fields 1 Fields A field is an algebraic structure in which the operations of addition, subtraction, multiplication, and division (except by zero) can be performed, and satisfy the usual rules. More

cse 311: foundations of computing Spring 2015 Lecture 12: Primes, GCD, applications

cse 311: foundations of computing Spring 2015 Lecture 12: Primes, GCD, applications casting out 3s Theorem: A positive integer n is divisible by 3 if and only if the sum of its decimal digits is divisible

Introduction. will now introduce finite fields of increasing importance in cryptography. AES, Elliptic Curve, IDEA, Public Key

Introduction will now introduce finite fields of increasing importance in cryptography AES, Elliptic Curve, IDEA, Public Key concern operations on numbers where what constitutes a number and the type of

17 Galois Fields Introduction Primitive Elements Roots of Polynomials... 8

Contents 17 Galois Fields 2 17.1 Introduction............................... 2 17.2 Irreducible Polynomials, Construction of GF(q m )... 3 17.3 Primitive Elements... 6 17.4 Roots of Polynomials..........................

Algebra. Modular arithmetic can be handled mathematically by introducing a congruence relation on the integers described in the above example.

Coding Theory Massoud Malek Algebra Congruence Relation The definition of a congruence depends on the type of algebraic structure under consideration Particular definitions of congruence can be made for

MATH 3030, Abstract Algebra FALL 2012 Toby Kenney Midyear Examination Friday 7th December: 7:00-10:00 PM

MATH 3030, Abstract Algebra FALL 2012 Toby Kenney Midyear Examination Friday 7th December: 7:00-10:00 PM Basic Questions 1. Compute the factor group Z 3 Z 9 / (1, 6). The subgroup generated by (1, 6) is

MTH310 EXAM 2 REVIEW

MTH310 EXAM 2 REVIEW SA LI 4.1 Polynomial Arithmetic and the Division Algorithm A. Polynomial Arithmetic *Polynomial Rings If R is a ring, then there exists a ring T containing an element x that is not

4 Powers of an Element; Cyclic Groups

4 Powers of an Element; Cyclic Groups Notation When considering an abstract group (G, ), we will often simplify notation as follows x y will be expressed as xy (x y) z will be expressed as xyz x (y z)

Review all the activities leading to Midterm 3. Review all the problems in the previous online homework sets (8+9+10).

MA109, Activity 34: Review (Sections 3.6+3.7+4.1+4.2+4.3) Date: Objective: Additional Assignments: To prepare for Midterm 3, make sure that you can solve the types of problems listed in Activities 33 and

Lecture 7: Polynomial rings

Lecture 7: Polynomial rings Rajat Mittal IIT Kanpur You have seen polynomials many a times till now. The purpose of this lecture is to give a formal treatment to constructing polynomials and the rules

Number Theory. Modular Arithmetic

Number Theory The branch of mathematics that is important in IT security especially in cryptography. Deals only in integer numbers and the process can be done in a very fast manner. Modular Arithmetic

cse 311: foundations of computing Fall 2015 Lecture 12: Primes, GCD, applications

cse 311: foundations of computing Fall 2015 Lecture 12: Primes, GCD, applications n-bit unsigned integer representation Represent integer x as sum of powers of 2: If x = n 1 i=0 b i 2 i where each b i

Lecture 6: Finite Fields (PART 3) PART 3: Polynomial Arithmetic. Theoretical Underpinnings of Modern Cryptography

Lecture 6: Finite Fields (PART 3) PART 3: Polynomial Arithmetic Theoretical Underpinnings of Modern Cryptography Lecture Notes on Computer and Network Security by Avi Kak (kak@purdue.edu) January 26, 2017

Discrete Mathematics and Probability Theory Fall 2013 Vazirani Note 3

CS 70 Discrete Mathematics and Probability Theory Fall 2013 Vazirani Note 3 Modular Arithmetic In several settings, such as error-correcting codes and cryptography, we sometimes wish to work over a smaller

Numbers. Çetin Kaya Koç Winter / 18

Çetin Kaya Koç http://koclab.cs.ucsb.edu Winter 2016 1 / 18 Number Systems and Sets We represent the set of integers as Z = {..., 3, 2, 1,0,1,2,3,...} We denote the set of positive integers modulo n as

8 Primes and Modular Arithmetic

8 Primes and Modular Arithmetic 8.1 Primes and Factors Over two millennia ago already, people all over the world were considering the properties of numbers. One of the simplest concepts is prime numbers.

Math 131 notes. Jason Riedy. 6 October, Linear Diophantine equations : Likely delayed 6

Math 131 notes Jason Riedy 6 October, 2008 Contents 1 Modular arithmetic 2 2 Divisibility rules 3 3 Greatest common divisor 4 4 Least common multiple 4 5 Euclidean GCD algorithm 5 6 Linear Diophantine

Rings. EE 387, Notes 7, Handout #10

Rings EE 387, Notes 7, Handout #10 Definition: A ring is a set R with binary operations, + and, that satisfy the following axioms: 1. (R, +) is a commutative group (five axioms) 2. Associative law for

Polynomials. Chapter 4

Chapter 4 Polynomials In this Chapter we shall see that everything we did with integers in the last Chapter we can also do with polynomials. Fix a field F (e.g. F = Q, R, C or Z/(p) for a prime p). Notation

2. THE EUCLIDEAN ALGORITHM More ring essentials

2. THE EUCLIDEAN ALGORITHM More ring essentials In this chapter: rings R commutative with 1. An element b R divides a R, or b is a divisor of a, or a is divisible by b, or a is a multiple of b, if there

Q 2.0.2: If it s 5:30pm now, what time will it be in 4753 hours? Q 2.0.3: Today is Wednesday. What day of the week will it be in one year from today?

2 Mod math Modular arithmetic is the math you do when you talk about time on a clock. For example, if it s 9 o clock right now, then it ll be 1 o clock in 4 hours. Clearly, 9 + 4 1 in general. But on a

Number Theory & Modern Cryptography

Number Theory & Modern Cryptography Week 12 Stallings: Ch 4, 8, 9, 10 CNT-4403: 2.April.2015 1 Introduction Increasing importance in cryptography Public Key Crypto and Signatures Concern operations on

MATH 433 Applied Algebra Lecture 4: Modular arithmetic (continued). Linear congruences.

MATH 433 Applied Algebra Lecture 4: Modular arithmetic (continued). Linear congruences. Congruences Let n be a postive integer. The integers a and b are called congruent modulo n if they have the same

Outline. Some Review: Divisors. Common Divisors. Primes and Factors. b divides a (or b is a divisor of a) if a = mb for some m

Outline GCD and Euclid s Algorithm AIT 682: Network and Systems Security Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography Modulo Arithmetic Modular Exponentiation Discrete Logarithms

Outline. AIT 682: Network and Systems Security. GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation Discrete Logarithms

AIT 682: Network and Systems Security Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography Instructor: Dr. Kun Sun Outline GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation

Discrete Mathematics and Probability Theory Fall 2018 Alistair Sinclair and Yun Song Note 6

CS 70 Discrete Mathematics and Probability Theory Fall 2018 Alistair Sinclair and Yun Song Note 6 1 Modular Arithmetic In several settings, such as error-correcting codes and cryptography, we sometimes

Simplifying Rational Expressions and Functions

Department of Mathematics Grossmont College October 15, 2012 Recall: The Number Types Definition The set of whole numbers, ={0, 1, 2, 3, 4,...} is the set of natural numbers unioned with zero, written

Notes for Math 345. Dan Singer Minnesota State University, Mankato. August 23, 2006

Notes for Math 345 Dan Singer Minnesota State University, Mankato August 23, 2006 Preliminaries 1. Read the To The Student section pp. xvi-xvii and the Thematic Table of Contents. 2. Read Appendix A: Logic

Number Theory and Group Theoryfor Public-Key Cryptography

Number Theory and Group Theory for Public-Key Cryptography TDA352, DIT250 Wissam Aoudi Chalmers University of Technology November 21, 2017 Wissam Aoudi Number Theory and Group Theoryfor Public-Key Cryptography

Number Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.

CSS322: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 29 December 2011 CSS322Y11S2L06, Steve/Courses/2011/S2/CSS322/Lectures/number.tex,

Algebra Review 2. 1 Fields. A field is an extension of the concept of a group.

Algebra Review 2 1 Fields A field is an extension of the concept of a group. Definition 1. A field (F, +,, 0 F, 1 F ) is a set F together with two binary operations (+, ) on F such that the following conditions

Ch 4.2 Divisibility Properties

Ch 4.2 Divisibility Properties - Prime numbers and composite numbers - Procedure for determining whether or not a positive integer is a prime - GCF: procedure for finding gcf (Euclidean Algorithm) - Definition:

ENEE 457: Computer Systems Security. Lecture 5 Public Key Crypto I: Number Theory Essentials

ENEE 457: Computer Systems Security Lecture 5 Public Key Crypto I: Number Theory Essentials Charalampos (Babis) Papamanthou Department of Electrical and Computer Engineering University of Maryland, College

CSC 474 Network Security. Outline. GCD and Euclid s Algorithm. GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation Discrete Logarithms

Computer Science CSC 474 Network Security Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography CSC 474 Dr. Peng Ning 1 Outline GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation

Math 547, Exam 2 Information.

Math 547, Exam 2 Information. 3/19/10, LC 303B, 10:10-11:00. Exam 2 will be based on: Homework and textbook sections covered by lectures 2/3-3/5. (see http://www.math.sc.edu/ boylan/sccourses/547sp10/547.html)

Finite Fields. Saravanan Vijayakumaran Department of Electrical Engineering Indian Institute of Technology Bombay

1 / 25 Finite Fields Saravanan Vijayakumaran sarva@ee.iitb.ac.in Department of Electrical Engineering Indian Institute of Technology Bombay September 25, 2014 2 / 25 Fields Definition A set F together

Homework 8 Solutions to Selected Problems

Homework 8 Solutions to Selected Problems June 7, 01 1 Chapter 17, Problem Let f(x D[x] and suppose f(x is reducible in D[x]. That is, there exist polynomials g(x and h(x in D[x] such that g(x and h(x

Lecture notes: Algorithms for integers, polynomials (Thorsten Theobald)

Lecture notes: Algorithms for integers, polynomials (Thorsten Theobald) 1 Euclid s Algorithm Euclid s Algorithm for computing the greatest common divisor belongs to the oldest known computing procedures

Rings. Chapter 1. Definition 1.2. A commutative ring R is a ring in which multiplication is commutative. That is, ab = ba for all a, b R.

Chapter 1 Rings We have spent the term studying groups. A group is a set with a binary operation that satisfies certain properties. But many algebraic structures such as R, Z, and Z n come with two binary

SEVENTH EDITION and EXPANDED SEVENTH EDITION

SEVENTH EDITION and EXPANDED SEVENTH EDITION Slide 10-1 Chapter 10 Mathematical Systems 10.1 Groups Definitions A mathematical system consists of a set of elements and at least one binary operation. A

Math 511, Algebraic Systems, Fall 2017 July 20, 2017 Edition. Todd Cochrane

Math 511, Algebraic Systems, Fall 2017 July 20, 2017 Edition Todd Cochrane Department of Mathematics Kansas State University Contents Notation v Chapter 0. Axioms for the set of Integers Z. 1 Chapter 1.

CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 8 February 1, 2012 CPSC 467b, Lecture 8 1/42 Number Theory Needed for RSA Z n : The integers mod n Modular arithmetic GCD Relatively

Applied Cryptography and Computer Security CSE 664 Spring 2017

Applied Cryptography and Computer Security Lecture 11: Introduction to Number Theory Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline What we ve covered so far: symmetric

2 CRYPTOGRAPHY AND NUMBER THEORY 2.1 CRYPTOGRAPHY AND MODULAR ARITHMETIC Pages 54 to 56 Problem 1 Problem 2 Problem 3 Problem 4 14 mod 9 = 5; 1 mod 9 = 8; 11 mod 9 = 7. KHUH LV D PHVVDJH. EBOB FP X JBPPXDB.

MATH 361: NUMBER THEORY FOURTH LECTURE

MATH 361: NUMBER THEORY FOURTH LECTURE 1. Introduction Everybody knows that three hours after 10:00, the time is 1:00. That is, everybody is familiar with modular arithmetic, the usual arithmetic of the

Elementary Number Theory MARUCO. Summer, 2018

Elementary Number Theory MARUCO Summer, 2018 Problem Set #0 axiom, theorem, proof, Z, N. Axioms Make a list of axioms for the integers. Does your list adequately describe them? Can you make this list as

A. Algebra and Number Theory

A. Algebra and Number Theory Public-key cryptosystems are based on modular arithmetic. In this section, we summarize the concepts and results from algebra and number theory which are necessary for an understanding

0 Sets and Induction. Sets

0 Sets and Induction Sets A set is an unordered collection of objects, called elements or members of the set. A set is said to contain its elements. We write a A to denote that a is an element of the set

Math 312/ AMS 351 (Fall 17) Sample Questions for Final

Math 312/ AMS 351 (Fall 17) Sample Questions for Final 1. Solve the system of equations 2x 1 mod 3 x 2 mod 7 x 7 mod 8 First note that the inverse of 2 is 2 mod 3. Thus, the first equation becomes (multiply

MATH FINAL EXAM REVIEW HINTS

MATH 109 - FINAL EXAM REVIEW HINTS Answer: Answer: 1. Cardinality (1) Let a < b be two real numbers and define f : (0, 1) (a, b) by f(t) = (1 t)a + tb. (a) Prove that f is a bijection. (b) Prove that any

Public Key Encryption

Public Key Encryption 3/13/2012 Cryptography 1 Facts About Numbers Prime number p: p is an integer p 2 The only divisors of p are 1 and p s 2, 7, 19 are primes -3, 0, 1, 6 are not primes Prime decomposition

Discrete Mathematics and Probability Theory Summer 2014 James Cook Note 5

CS 70 Discrete Mathematics and Probability Theory Summer 2014 James Cook Note 5 Modular Arithmetic In several settings, such as error-correcting codes and cryptography, we sometimes wish to work over a

NOTES ON FINITE FIELDS

NOTES ON FINITE FIELDS AARON LANDESMAN CONTENTS 1. Introduction to finite fields 2 2. Definition and constructions of fields 3 2.1. The definition of a field 3 2.2. Constructing field extensions by adjoining

CS483 Design and Analysis of Algorithms

CS483 Design and Analysis of Algorithms Lectures 2-3 Algorithms with Numbers Instructor: Fei Li lifei@cs.gmu.edu with subject: CS483 Office hours: STII, Room 443, Friday 4:00pm - 6:00pm or by appointments

Lecture Notes on DISCRETE MATHEMATICS. Eusebius Doedel

Lecture Notes on DISCRETE MATHEMATICS Eusebius Doedel c Eusebius J. Doedel, 009 Contents Logic. Introduction............................................................................... Basic logical

CS 5319 Advanced Discrete Structure. Lecture 9: Introduction to Number Theory II

CS 5319 Advanced Discrete Structure Lecture 9: Introduction to Number Theory II Divisibility Outline Greatest Common Divisor Fundamental Theorem of Arithmetic Modular Arithmetic Euler Phi Function RSA

CSE 20: Discrete Mathematics

Spring 2018 Summary So far: Today: Logic and proofs Divisibility, modular arithmetics Number Systems More logic definitions and proofs Reading: All of Chap. 1 + Chap 4.1, 4.2. Divisibility P = 5 divides

MATH 501 Discrete Mathematics. Lecture 6: Number theory. German University Cairo, Department of Media Engineering and Technology.

MATH 501 Discrete Mathematics Lecture 6: Number theory Prof. Dr. Slim Abdennadher, slim.abdennadher@guc.edu.eg German University Cairo, Department of Media Engineering and Technology 1 Number theory Number

Topics in Cryptography. Lecture 5: Basic Number Theory

Topics in Cryptography Lecture 5: Basic Number Theory Benny Pinkas page 1 1 Classical symmetric ciphers Alice and Bob share a private key k. System is secure as long as k is secret. Major problem: generating

Math 2070BC Term 2 Weeks 1 13 Lecture Notes

Math 2070BC 2017 18 Term 2 Weeks 1 13 Lecture Notes Keywords: group operation multiplication associative identity element inverse commutative abelian group Special Linear Group order infinite order cyclic

Part IA Numbers and Sets

Part IA Numbers and Sets Definitions Based on lectures by A. G. Thomason Notes taken by Dexter Chua Michaelmas 2014 These notes are not endorsed by the lecturers, and I have modified them (often significantly)

Fault Tolerance & Reliability CDA Chapter 2 Cyclic Polynomial Codes

Fault Tolerance & Reliability CDA 5140 Chapter 2 Cyclic Polynomial Codes - cylic code: special type of parity check code such that every cyclic shift of codeword is a codeword - for example, if (c n-1,

Today. Polynomials. Secret Sharing.

Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is it? Any one of you knows nothing! Any two of you can figure it out! Example Applications: Nuclear launch: need

CPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems

CPE 776:DATA SECURITY & CRYPTOGRAPHY Some Number Theory and Classical Crypto Systems Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Some Number Theory

Computations/Applications

Computations/Applications 1. Find the inverse of x + 1 in the ring F 5 [x]/(x 3 1). Solution: We use the Euclidean Algorithm: x 3 1 (x + 1)(x + 4x + 1) + 3 (x + 1) 3(x + ) + 0. Thus 3 (x 3 1) + (x + 1)(4x

Mathematical Foundations of Public-Key Cryptography

Mathematical Foundations of Public-Key Cryptography Adam C. Champion and Dong Xuan CSE 4471: Information Security Material based on (Stallings, 2006) and (Paar and Pelzl, 2010) Outline Review: Basic Mathematical

Coding Theory ( Mathematical Background I)

N.L.Manev, Lectures on Coding Theory (Maths I) p. 1/18 Coding Theory ( Mathematical Background I) Lector: Nikolai L. Manev Institute of Mathematics and Informatics, Sofia, Bulgaria N.L.Manev, Lectures