# Chapter 8. Introduction to Number Theory

Size: px
Start display at page:

Transcription

1 Chapter 8 Introduction to Number Theory CRYPTOGRAPHY AND NETWORK SECURITY 1

2 Index 1. Prime Numbers 2. Fermat`s and Euler`s Theorems 3. Testing for Primality 4. Discrete Logarithms 2

3 Prime Numbers 3

4 Prime Numbers Prime number is a central concern of number theory Integer p > 1 is a prime number if its only divisors are ±1 and ±p Any Integer a > 1 can be factored in a unique way as a = p 1 a1 p 2 a2 p 1 a1 p t at 91 = = =

5 Prime Numbers (cont`d) a = P a p p P where each a p 0 The integer 12 is represented by {a 2 = 2, a 3 = 1} The integer 18 is represented by {a 2 = 1, a 3 = 2} The integer 91 is represented by {a 7 = 1, a 13 = 1} a = P a p p P, b = P b p p P define k = ab, Then k = P k p p P It follows k p = a p + b p for all p P k = = = 216 k 2 = = 3; k 3 = = = =

6 Prime Numbers (cont`d) a = P a p p P, b = P b p p P If a b, then a p b p for all p a = 12; b = 36; = 2 2 3; 36 = a 2 = 2 = b 2 a 3 = 1 b 3 Thus, the inequality a p b p is satisfied for all prime numbers. 6

7 Prime Numbers (cont`d) It is easy to determine gcd of two positive integers if we express each integer as the product of primes. 300 = = gcd 18,300 = = 6 If k = gcd a, b, then k p = min a p, b p for all p Determining the prime factors of a large number is not easy task, so preceding relationship doesn`t not directly lead to a practical method of calculating gcd. *gcd: greatest common devisor 7

8 Fermat and Euler`s Theorems 8

9 Fermat`s Theorems These two theorems play important roles in public-key cryptography. Fermat`s Theorem If p is a prime and a is a positive integer not divisible by p, then a p 1 1(mod p) a = 7, p = = 49 = 11 mod = 121 = 7 mod = 49 = 11 mod = 121 = 7 mod 19 a p 1 = 7 18 = = 7 11 = 77 = 1(mod 19) 9

10 Fermat`s Theorems: Proof set p = 1,2, p 1 set X = a mod p, 2a mod p, p 1 a mod p Suppose ja = ka(mod p), where 1 j < k p 1, and a is relative prime with a, we can eliminate a. Then it resulting j = k(mod p), but it is impossible. Therefore every elements in set X will be different. a 2a p 1 a [(1 2 p 1 ](mod p) a p 1 p 1! = a p 1 = 1 mod p p 1! mod p 10

11 Fermat`s Theorems (Cont`d) Alternative form: a p = a mod p This form does not requires a and p be relative prime. p = 5, a = 3 a p = 3 5 = 243 = 3 mod5 = a modp p = 5, a = 10 a p = 10 5 = = 10 mod5 = 0 mod5 = a(modp) 11

12 Euler`s Totient Function Written φ(n), and defined as the number of positive integers less than n and relatively prime to n. Determine φ(37), 37 is prime, 1~36 are relatively prime to 37, Thus φ 37 = 36 For a prime number p, φ p = p 1 If we have two prime numbers p and q with p!= q, for n = pq. φ n = φ pq = φ p φ q = (p 1) (q 1) φ n = pq 1 q 1 + p 1 = pq p + q + 1 = p 1 q 1 = φ p φ q φ 21 = φ 3 φ 7 = = 2 6 = 12 {1,2,3,5,8,10,11,13,16,17,19,20} 12

13 Euler`s Theorem Every a and n that are relatively prime: a φ n = 1(mod n) it is true if n is prime, because of Fermat`s theorem exists. φ n = n 1 a n 1 = 1 mod n But this also holds for any integer n. a = 3; n = 10; φ 10 = 4, a φ n = 3 4 = 81 = 1 mod10 a = 2; n = 11; φ 11 = 10, a φ n = 2 10 = 1024 = 1 mod11 13

14 Euler`s Theorem: Proof R = x 1, x 2,, x φ n each x i is a unique positive integer less than n. now multiply by a, and modulo n; S = { ax 1 mod n, ax 2 mod n,, (ax φ n mod n)} From here, very similar with Fermat`s Theorem`s proof. 14

15 Testing for Primality 15

16 Testing for Primality Miller-Rabin Algorithm: First, Any positive odd integer n>=3 can be expressed as n 1 = 2 k q with k > 0, q odd And we need two properties of prime numbers that we will need. 1. if p is prime and a is a positive integer less than p, than a 2 mod p = 1 2. let p be a prime number greater than 2. we can write p 1 = 2 k q with k >, q odd. Let a be any integer in 1 < a < p 1. then one of two condition is true 1. a q is congruent to 1 mod p. that is a q mod p = 1 or a q = 1(mod p) 2. one of numbers a q, a 2q, a 4q,, a 2k 1 q is congruent to -1 mod p. that is j in range (1 j k) such that a 2j 1 q mod p = 1 modp = p 1 or a 2j 1q = 1(mod p) 16

17 Miller-Rabin Algorithm(con`t) If n is prime, then either the first element in the list of residues, or remainders(a q, a 2q,, a 2k 1q, a 2kq ) mod n equals 1; or some elements is the list equals (n-1); otherwise, n is not a prime. Also, if condition met, it don`t exactly mean that n is prime. n = 2047 = 23 89, than n 1 = and mod 2047 = 1, so condition mets, but is not prime. 17

18 Miller-Rabin Algorithm(con`t) In the TEST procedure, it takes a candidate integer n as input and returns the result composite if n is not a prime, and the result inconclusive if n may or may not be a prime. TEST(n) 1. Find integers k,q, with k>0, q odd, so that (n 1 = 2 k q ); 2. Select a random integer a, 1 < a < n 1; 3. If a q mod n = 1 then return ( inconclusive ); 4. For j=0 to k-1 do 5. If a 2j q mod n = n 1 then return ( inconclusive ); 6. return ( composite ); 18

19 Discrete Logarithms 19

20 The Powers of an Integer, Modulo n a m = 1 mod n If a and n are relatively prime, then there is at least one integer m that satisfies this equation. Namely, M = φ(n). The least positive exponent m for this equation holds is referred to in several ways: The order of a(mod n) The exponent to which a belongs(mod n) The length of the period generated by a 20

21 21

22 The Powers of an Integer, Modulo n 1. All sequences end in The length of a sequence divides φ 19 = 18. That is, an integral number of sequences occur in each row of table. 3. Some of the sequences are of length 19. In this case, it is said that base integer a generates(via powers) the set of nonzero integers modulo 19. Each such integer is called a primitive root of the modulus 19. If a number is of this φ n order it is referred as primitive root. If a is a primitive root of n, a, a 2,, a φ n are distinct (mod n) and are all relatively prime to n. Not all integers have primitive roots. The only integers of the form 2,4, p a, 2p a where p is any odd prime and a is a positive integer. 22

23 Logarithms for Modula Arithmetic Review the ordinary logarithm`s properties y = x log x(y) log x (1) = 0 log x x = 1 log x yz = log x y + log x (z) log x y r = r log x (y) Consider primitive root a for some prime number p. We know that the powers of a from 1 through (p-1) produce each integer from 1 through (p-1) exactly once. And any integer b satisfies b = r mod p for some r, where 0 r (p 1) b = a i mod p where 0 i (p 1) 23

24 Logarithms for Modula Arithmetic(cont`d) This exponent i is referred to as the discrete logarithm of the number b for the base a(mod p). We denote this as dlog a,p b. dlog a,p 1 = 0 because a 0 mod p = 1 mod p = 1 dlog a,p a = 1 because a 1 mod p = a 24

25 25

26 Logarithms for Modula Arithmetic(cont`d) Now consider x = a dlog a,p x mod p y = a dlog a,p y mod p xy = a dlog a,p xy mod p xy mod p = [ x mod p y mod p mod p a dlog a,p xy mod p = a dlog a,p x mod p a dlog a,p y mod p mod p =(a dlog a,p x +dlog a,p y )mod p 26

27 Logarithms for Modula Arithmetic(cont`d) But if consider Euler`s theorem, that every a and n that are relatively prime. a φ(n) = 1(mod n) Any positive integer z can be expressed in the form z = q + kφ n, with 0 q < φ(n). Therefore, by Euler`s theorem, a z = a q mod n if z = q mod φ(n) Apply this to the foregoing equality we have, dlog a,p xy And generalizing, dlog a,p y r = [dlog a,p x +dlog a,p y ](mod φ(p)) = [r dlog a,p y ](mod φ(p)) 27

28 28

29 Calculation of Discrete Logarithm Consider the equation y = g x mod p If g,x,p is given, it is straightforward to calculate y. At worst, we must perform x repeated multiplications, and algorithms exit for achieving grater efficiency. However, given y,g, and p it is in general, very difficult to calculate x. 29

30 Thank you for listening 30

### Number Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.

CSS322: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 29 December 2011 CSS322Y11S2L06, Steve/Courses/2011/S2/CSS322/Lectures/number.tex,

### 2.3 In modular arithmetic, all arithmetic operations are performed modulo some integer.

CHAPTER 2 INTRODUCTION TO NUMBER THEORY ANSWERS TO QUESTIONS 2.1 A nonzero b is a divisor of a if a = mb for some m, where a, b, and m are integers. That is, b is a divisor of a if there is no remainder

### Number Theory. Modular Arithmetic

Number Theory The branch of mathematics that is important in IT security especially in cryptography. Deals only in integer numbers and the process can be done in a very fast manner. Modular Arithmetic

### CSC 474 Information Systems Security

CSC Information Systems Security Topic. Basic Number Theory CSC Dr. Peng Ning Basic Number Theory We are talking about integers! Divisor We say that b divides a if a = mb for some m, denoted b a. b is

### Number Theory. Raj Jain. Washington University in St. Louis

Number Theory Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/ 8-1

### CIS 6930/4930 Computer and Network Security. Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography

CIS 6930/4930 Computer and Network Security Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography 1 Review of Modular Arithmetic 2 Remainders and Congruency For any integer a and any positive

### Outline. Some Review: Divisors. Common Divisors. Primes and Factors. b divides a (or b is a divisor of a) if a = mb for some m

Outline GCD and Euclid s Algorithm AIT 682: Network and Systems Security Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography Modulo Arithmetic Modular Exponentiation Discrete Logarithms

### Outline. AIT 682: Network and Systems Security. GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation Discrete Logarithms

AIT 682: Network and Systems Security Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography Instructor: Dr. Kun Sun Outline GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation

### CSC 474 Network Security. Outline. GCD and Euclid s Algorithm. GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation Discrete Logarithms

Computer Science CSC 474 Network Security Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography CSC 474 Dr. Peng Ning 1 Outline GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation

### NUMBER THEORY. Anwitaman DATTA SCSE, NTU Singapore CX4024. CRYPTOGRAPHY & NETWORK SECURITY 2018, Anwitaman DATTA

NUMBER THEORY Anwitaman DATTA SCSE, NTU Singapore Acknowledgement: The following lecture slides are based on, and uses material from the text book Cryptography and Network Security (various eds) by William

### CPSC 467: Cryptography and Computer Security

CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 9 September 30, 2015 CPSC 467, Lecture 9 1/47 Fast Exponentiation Algorithms Number Theory Needed for RSA Elementary Number Theory

### Chapter 9 Mathematics of Cryptography Part III: Primes and Related Congruence Equations

Chapter 9 Mathematics of Cryptography Part III: Primes and Related Congruence Equations Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 9.1 Chapter 9 Objectives

### Basic elements of number theory

Cryptography Basic elements of number theory Marius Zimand By default all the variables, such as a, b, k, etc., denote integer numbers. Divisibility a 0 divides b if b = a k for some integer k. Notation

### Basic elements of number theory

Cryptography Basic elements of number theory Marius Zimand 1 Divisibility, prime numbers By default all the variables, such as a, b, k, etc., denote integer numbers. Divisibility a 0 divides b if b = a

### Lecture notes: Algorithms for integers, polynomials (Thorsten Theobald)

Lecture notes: Algorithms for integers, polynomials (Thorsten Theobald) 1 Euclid s Algorithm Euclid s Algorithm for computing the greatest common divisor belongs to the oldest known computing procedures

### Number Theory and Group Theoryfor Public-Key Cryptography

Number Theory and Group Theory for Public-Key Cryptography TDA352, DIT250 Wissam Aoudi Chalmers University of Technology November 21, 2017 Wissam Aoudi Number Theory and Group Theoryfor Public-Key Cryptography

### Ma/CS 6a Class 4: Primality Testing

Ma/CS 6a Class 4: Primality Testing By Adam Sheffer Reminder: Euler s Totient Function Euler s totient φ(n) is defined as follows: Given n N, then φ n = x 1 x < n and GCD x, n = 1. In more words: φ n is

### Chapter 9 Basic Number Theory for Public Key Cryptography. WANG YANG

Chapter 9 Basic Number Theory for Public Key Cryptography WANG YANG wyang@njnet.edu.cn Content GCD and Euclid s Algorithm Modular Arithmetic Modular Exponentiation Discrete Logarithms GCD and Euclid s

### basics of security/cryptography

RSA Cryptography basics of security/cryptography Bob encrypts message M into ciphertext C=P(M) using a public key; Bob sends C to Alice Alice decrypts ciphertext back into M using a private key (secret)

### ECEN 5022 Cryptography

Elementary Algebra and Number Theory University of Colorado Spring 2008 Divisibility, Primes Definition. N denotes the set {1, 2, 3,...} of natural numbers and Z denotes the set of integers {..., 2, 1,

### CIS 551 / TCOM 401 Computer and Network Security

CIS 551 / TCOM 401 Computer and Network Security Spring 2008 Lecture 15 3/20/08 CIS/TCOM 551 1 Announcements Project 3 available on the web. Get the handout in class today. Project 3 is due April 4th It

### Lecture 14: Hardness Assumptions

CSE 594 : Modern Cryptography 03/23/2017 Lecture 14: Hardness Assumptions Instructor: Omkant Pandey Scribe: Hyungjoon Koo, Parkavi Sundaresan 1 Modular Arithmetic Let N and R be set of natural and real

### Math 324, Fall 2011 Assignment 7 Solutions. 1 (ab) γ = a γ b γ mod n.

Math 324, Fall 2011 Assignment 7 Solutions Exercise 1. (a) Suppose a and b are both relatively prime to the positive integer n. If gcd(ord n a, ord n b) = 1, show ord n (ab) = ord n a ord n b. (b) Let

### CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 8 February 1, 2012 CPSC 467b, Lecture 8 1/42 Number Theory Needed for RSA Z n : The integers mod n Modular arithmetic GCD Relatively

### Congruence Classes. Number Theory Essentials. Modular Arithmetic Systems

Cryptography Introduction to Number Theory 1 Preview Integers Prime Numbers Modular Arithmetic Totient Function Euler's Theorem Fermat's Little Theorem Euclid's Algorithm 2 Introduction to Number Theory

### Homework #2 solutions Due: June 15, 2012

All of the following exercises are based on the material in the handout on integers found on the class website. 1. Find d = gcd(475, 385) and express it as a linear combination of 475 and 385. That is

### Introduction to Public-Key Cryptosystems:

Introduction to Public-Key Cryptosystems: Technical Underpinnings: RSA and Primality Testing Modes of Encryption for RSA Digital Signatures for RSA 1 RSA Block Encryption / Decryption and Signing Each

### Numbers. Çetin Kaya Koç Winter / 18

Çetin Kaya Koç http://koclab.cs.ucsb.edu Winter 2016 1 / 18 Number Systems and Sets We represent the set of integers as Z = {..., 3, 2, 1,0,1,2,3,...} We denote the set of positive integers modulo n as

### A Guide to Arithmetic

A Guide to Arithmetic Robin Chapman August 5, 1994 These notes give a very brief resumé of my number theory course. Proofs and examples are omitted. Any suggestions for improvements will be gratefully

### MATH 4400 SOLUTIONS TO SOME EXERCISES. 1. Chapter 1

MATH 4400 SOLUTIONS TO SOME EXERCISES 1.1.3. If a b and b c show that a c. 1. Chapter 1 Solution: a b means that b = na and b c that c = mb. Substituting b = na gives c = (mn)a, that is, a c. 1.2.1. Find

### Public Key Encryption

Public Key Encryption 3/13/2012 Cryptography 1 Facts About Numbers Prime number p: p is an integer p 2 The only divisors of p are 1 and p s 2, 7, 19 are primes -3, 0, 1, 6 are not primes Prime decomposition

### Number Theory A focused introduction

Number Theory A focused introduction This is an explanation of RSA public key cryptography. We will start from first principles, but only the results that are needed to understand RSA are given. We begin

### p = This is small enough that its primality is easily verified by trial division. A candidate prime above 1000 p of the form p U + 1 is

LARGE PRIME NUMBERS 1. Fermat Pseudoprimes Fermat s Little Theorem states that for any positive integer n, if n is prime then b n % n = b for b = 1,..., n 1. In the other direction, all we can say is that

### Primality Proofs. Geoffrey Exoo Department of Mathematics and Computer Science Indiana State University Terre Haute, IN

Primality Proofs Geoffrey Exoo Department of Mathematics and Computer Science Indiana State University Terre Haute, IN 47809 ge@cs.indstate.edu July 30, 2013 Abstract There is an web site [1] that lists

### [Part 2] Asymmetric-Key Encipherment. Chapter 9. Mathematics of Cryptography. Objectives. Contents. Objectives

[Part 2] Asymmetric-Key Encipherment Mathematics of Cryptography Forouzan, B.A. Cryptography and Network Security (International Edition). United States: McGraw Hill, 2008. Objectives To introduce prime

### Know the Well-ordering principle: Any set of positive integers which has at least one element contains a smallest element.

The first exam will be on Monday, June 8, 202. The syllabus will be sections. and.2 in Lax, and the number theory handout found on the class web site, plus the handout on the method of successive squaring

### CSCE 564, Fall 2001 Notes 6 Page 1 13 Random Numbers The great metaphysical truth in the generation of random numbers is this: If you want a function

CSCE 564, Fall 2001 Notes 6 Page 1 13 Random Numbers The great metaphysical truth in the generation of random numbers is this: If you want a function that is reasonably random in behavior, then take any

### 2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

Chapter 3: Theory of Modular Arithmetic 25 SECTION C Solving Linear Congruences By the end of this section you will be able to solve congruence equations determine the number of solutions find the multiplicative

### Lecture 5: Arithmetic Modulo m, Primes and Greatest Common Divisors Lecturer: Lale Özkahya

BBM 205 Discrete Mathematics Hacettepe University http://web.cs.hacettepe.edu.tr/ bbm205 Lecture 5: Arithmetic Modulo m, Primes and Greatest Common Divisors Lecturer: Lale Özkahya Resources: Kenneth Rosen,

### Ma/CS 6a Class 4: Primality Testing

Ma/CS 6a Class 4: Primality Testing By Adam Sheffer Send anonymous suggestions and complaints from here. Email: adamcandobetter@gmail.com Password: anonymous2 There aren t enough crocodiles in the presentations

### Overview. Background / Context. CSC 580 Cryptography and Computer Security. March 21, 2017

CSC 580 Cryptography and Computer Security Math for Public Key Crypto, RSA, and Diffie-Hellman (Sections 2.4-2.6, 2.8, 9.2, 10.1-10.2) March 21, 2017 Overview Today: Math needed for basic public-key crypto

### Applied Cryptography and Computer Security CSE 664 Spring 2018

Applied Cryptography and Computer Security Lecture 12: Introduction to Number Theory II Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline This time we ll finish the

### Cryptography IV: Asymmetric Ciphers

Cryptography IV: Asymmetric Ciphers Computer Security Lecture 7 David Aspinall School of Informatics University of Edinburgh 31st January 2011 Outline Background RSA Diffie-Hellman ElGamal Summary Outline

### Chapter 3 Basic Number Theory

Chapter 3 Basic Number Theory What is Number Theory? Well... What is Number Theory? Well... Number Theory The study of the natural numbers (Z + ), especially the relationship between different sorts of

### 2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

Chapter 3: Theory of Modular Arithmetic 25 SECTION C Solving Linear Congruences By the end of this section you will be able to solve congruence equations determine the number of solutions find the multiplicative

### Part II. Number Theory. Year

Part II Year 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 2006 2005 2017 Paper 3, Section I 1G 70 Explain what is meant by an Euler pseudoprime and a strong pseudoprime. Show that 65 is an Euler

### Topics in Cryptography. Lecture 5: Basic Number Theory

Topics in Cryptography Lecture 5: Basic Number Theory Benny Pinkas page 1 1 Classical symmetric ciphers Alice and Bob share a private key k. System is secure as long as k is secret. Major problem: generating

### Wilson s Theorem and Fermat s Little Theorem

Wilson s Theorem and Fermat s Little Theorem Wilson stheorem THEOREM 1 (Wilson s Theorem): (p 1)! 1 (mod p) if and only if p is prime. EXAMPLE: We have (2 1)!+1 = 2 (3 1)!+1 = 3 (4 1)!+1 = 7 (5 1)!+1 =

### Chuck Garner, Ph.D. May 25, 2009 / Georgia ARML Practice

Some Chuck, Ph.D. Department of Mathematics Rockdale Magnet School for Science Technology May 25, 2009 / Georgia ARML Practice Outline 1 2 3 4 Outline 1 2 3 4 Warm-Up Problem Problem Find all positive

### Elementary Number Theory Review. Franz Luef

Elementary Number Theory Review Principle of Induction Principle of Induction Suppose we have a sequence of mathematical statements P(1), P(2),... such that (a) P(1) is true. (b) If P(k) is true, then

### Theory of Numbers Problems

Theory of Numbers Problems Antonios-Alexandros Robotis Robotis October 2018 1 First Set 1. Find values of x and y so that 71x 50y = 1. 2. Prove that if n is odd, then n 2 1 is divisible by 8. 3. Define

### Solution Sheet (i) q = 5, r = 15 (ii) q = 58, r = 15 (iii) q = 3, r = 7 (iv) q = 6, r = (i) gcd (97, 157) = 1 = ,

Solution Sheet 2 1. (i) q = 5, r = 15 (ii) q = 58, r = 15 (iii) q = 3, r = 7 (iv) q = 6, r = 3. 2. (i) gcd (97, 157) = 1 = 34 97 21 157, (ii) gcd (527, 697) = 17 = 4 527 3 697, (iii) gcd (2323, 1679) =

### SOLUTIONS Math 345 Homework 6 10/11/2017. Exercise 23. (a) Solve the following congruences: (i) x (mod 12) Answer. We have

Exercise 23. (a) Solve the following congruences: (i) x 101 7 (mod 12) Answer. We have φ(12) = #{1, 5, 7, 11}. Since gcd(7, 12) = 1, we must have gcd(x, 12) = 1. So 1 12 x φ(12) = x 4. Therefore 7 12 x

### Mathematics of Cryptography

UNIT - III Mathematics of Cryptography Part III: Primes and Related Congruence Equations 1 Objectives To introduce prime numbers and their applications in cryptography. To discuss some primality test algorithms

### Lecture 3.1: Public Key Cryptography I

Lecture 3.1: Public Key Cryptography I CS 436/636/736 Spring 2015 Nitesh Saxena Today s Informative/Fun Bit Acoustic Emanations http://www.google.com/search?source=ig&hl=en&rlz=&q=keyboard+acoustic+em

### A SURVEY OF PRIMALITY TESTS

A SURVEY OF PRIMALITY TESTS STEFAN LANCE Abstract. In this paper, we show how modular arithmetic and Euler s totient function are applied to elementary number theory. In particular, we use only arithmetic

### This is a recursive algorithm. The procedure is guaranteed to terminate, since the second argument decreases each time.

8 Modular Arithmetic We introduce an operator mod. Let d be a positive integer. For c a nonnegative integer, the value c mod d is the remainder when c is divided by d. For example, c mod d = 0 if and only

### Introduction to Number Theory

INTRODUCTION Definition: Natural Numbers, Integers Natural numbers: N={0,1,, }. Integers: Z={0,±1,±, }. Definition: Divisor If a Z can be writeen as a=bc where b, c Z, then we say a is divisible by b or,

### CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 9 February 14, 2013 CPSC 467b, Lecture 9 1/42 Integer Division (cont.) Relatively prime numbers, Z n, and φ(n) Computing in Z n

### Discrete Logarithms. Let s begin by recalling the definitions and a theorem. Let m be a given modulus. Then the finite set

Discrete Logarithms Let s begin by recalling the definitions and a theorem. Let m be a given modulus. Then the finite set Z/mZ = {[0], [1],..., [m 1]} = {0, 1,..., m 1} of residue classes modulo m is called

### Number Theory Alex X. Liu & Haipeng Dai

Number Theory Alex X. Liu & Haipeng Dai haipengdai@nju.edu.cn 313 CS Building Department of Computer Science and Technology Nanjing University How to compute gcd(x,y) Observation: gcd(x,y) = gcd(x-y, y)

### LARGE PRIME NUMBERS (32, 42; 4) (32, 24; 2) (32, 20; 1) ( 105, 20; 0).

LARGE PRIME NUMBERS 1. Fast Modular Exponentiation Given positive integers a, e, and n, the following algorithm quickly computes the reduced power a e % n. (Here x % n denotes the element of {0,, n 1}

### YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467a: Cryptography and Computer Security Notes 13 (rev. 2) Professor M. J. Fischer October 22, 2008 53 Chinese Remainder Theorem Lecture Notes 13 We

### Mathematics for Cryptography

Mathematics for Cryptography Douglas R. Stinson David R. Cheriton School of Computer Science University of Waterloo Waterloo, Ontario, N2L 3G1, Canada March 15, 2016 1 Groups and Modular Arithmetic 1.1

### 2 More on Congruences

2 More on Congruences 2.1 Fermat s Theorem and Euler s Theorem definition 2.1 Let m be a positive integer. A set S = {x 0,x 1,,x m 1 x i Z} is called a complete residue system if x i x j (mod m) whenever

### 1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2

Contents 1 Recommended Reading 1 2 Public Key/Private Key Cryptography 1 2.1 Overview............................................. 1 2.2 RSA Algorithm.......................................... 2 3 A Number

### Math 261 Spring 2014 Final Exam May 5, 2014

Math 261 Spring 2014 Final Exam May 5, 2014 1. Give a statement or the definition for ONE of the following in each category. Circle the letter next to the one you want graded. For an extra good final impression,

### RSA Key Generation. Required Reading. W. Stallings, "Cryptography and Network-Security, Chapter 8.3 Testing for Primality

ECE646 Lecture RSA Key Generation Required Reading W. Stallings, "Cryptography and Network-Security, Chapter 8.3 Testing for Primality A.Menezes, P. van Oorschot, and S. Vanstone, Handbook of Applied Cryptography

### Public-key Cryptography: Theory and Practice

Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 2: Mathematical Concepts Divisibility Congruence Quadratic Residues

### Public Key Algorithms

Public Key Algorithms Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-09/

### Discrete Structures Lecture Solving Congruences. mathematician of the eighteenth century). Also, the equation gggggg(aa, bb) =

First Introduction Our goal is to solve equations having the form aaaa bb (mmmmmm mm). However, first we must discuss the last part of the previous section titled gcds as Linear Combinations THEOREM 6

### Exam 2 Solutions. In class questions

Math 5330 Spring 2018 Exam 2 Solutions In class questions 1. (15 points) Solve the following congruences. Put your answer in the form of a congruence. I usually find it easier to go from largest to smallest

### A Readable Introduction to Real Mathematics

Solutions to selected problems in the book A Readable Introduction to Real Mathematics D. Rosenthal, D. Rosenthal, P. Rosenthal Chapter 7: The Euclidean Algorithm and Applications 1. Find the greatest

### Mathematical Foundations of Public-Key Cryptography

Mathematical Foundations of Public-Key Cryptography Adam C. Champion and Dong Xuan CSE 4471: Information Security Material based on (Stallings, 2006) and (Paar and Pelzl, 2010) Outline Review: Basic Mathematical

### Public Key Cryptography

Public Key Cryptography Spotlight on Science J. Robert Buchanan Department of Mathematics 2011 What is Cryptography? cryptography: study of methods for sending messages in a form that only be understood

### CSc 466/566. Computer Security. 5 : Cryptography Basics

1/84 CSc 466/566 Computer Security 5 : Cryptography Basics Version: 2012/03/03 10:44:26 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian Collberg Christian

### LECTURE 5: APPLICATIONS TO CRYPTOGRAPHY AND COMPUTATIONS

LECTURE 5: APPLICATIONS TO CRYPTOGRAPHY AND COMPUTATIONS Modular arithmetics that we have discussed in the previous lectures is very useful in Cryptography and Computer Science. Here we discuss several

### A field F is a set of numbers that includes the two numbers 0 and 1 and satisfies the properties:

Byte multiplication 1 Field arithmetic A field F is a set of numbers that includes the two numbers 0 and 1 and satisfies the properties: F is an abelian group under addition, meaning - F is closed under

### Theory of RSA. Hiroshi Toyoizumi 1. December 8,

Theory of RSA Hiroshi Toyoizumi 1 December 8, 2005 1 E-mail: toyoizumi@waseda.jp 2 Introduction This is brief introduction of number theory related to the so-called RSA cryptography. This handout is based

### Chapter 5. Modular arithmetic. 5.1 The modular ring

Chapter 5 Modular arithmetic 5.1 The modular ring Definition 5.1. Suppose n N and x, y Z. Then we say that x, y are equivalent modulo n, and we write x y mod n if n x y. It is evident that equivalence

### LECTURE NOTES IN CRYPTOGRAPHY

1 LECTURE NOTES IN CRYPTOGRAPHY Thomas Johansson 2005/2006 c Thomas Johansson 2006 2 Chapter 1 Abstract algebra and Number theory Before we start the treatment of cryptography we need to review some basic

### Q 2.0.2: If it s 5:30pm now, what time will it be in 4753 hours? Q 2.0.3: Today is Wednesday. What day of the week will it be in one year from today?

2 Mod math Modular arithmetic is the math you do when you talk about time on a clock. For example, if it s 9 o clock right now, then it ll be 1 o clock in 4 hours. Clearly, 9 + 4 1 in general. But on a

### 4 Powers of an Element; Cyclic Groups

4 Powers of an Element; Cyclic Groups Notation When considering an abstract group (G, ), we will often simplify notation as follows x y will be expressed as xy (x y) z will be expressed as xyz x (y z)

### LARGE PRIME NUMBERS. In sum, Fermat pseudoprimes are reasonable candidates to be prime.

LARGE PRIME NUMBERS 1. Fermat Pseudoprimes Fermat s Little Theorem states that for any positive integer n, if n is prime then b n % n = b for b = 1,..., n 1. In the other direction, all we can say is that

### ECE596C: Handout #11

ECE596C: Handout #11 Public Key Cryptosystems Electrical and Computer Engineering, University of Arizona, Loukas Lazos Abstract In this lecture we introduce necessary mathematical background for studying

### THE CUBIC PUBLIC-KEY TRANSFORMATION*

CIRCUITS SYSTEMS SIGNAL PROCESSING c Birkhäuser Boston (2007) VOL. 26, NO. 3, 2007, PP. 353 359 DOI: 10.1007/s00034-006-0309-x THE CUBIC PUBLIC-KEY TRANSFORMATION* Subhash Kak 1 Abstract. This note proposes

### Integers and Division

Integers and Division Notations Z: set of integers N : set of natural numbers R: set of real numbers Z + : set of positive integers Some elements of number theory are needed in: Data structures, Random

### LECTURE 4: CHINESE REMAINDER THEOREM AND MULTIPLICATIVE FUNCTIONS

LECTURE 4: CHINESE REMAINDER THEOREM AND MULTIPLICATIVE FUNCTIONS 1. The Chinese Remainder Theorem We now seek to analyse the solubility of congruences by reinterpreting their solutions modulo a composite

### An integer p is prime if p > 1 and p has exactly two positive divisors, 1 and p.

Chapter 6 Prime Numbers Part VI of PJE. Definition and Fundamental Results Definition. (PJE definition 23.1.1) An integer p is prime if p > 1 and p has exactly two positive divisors, 1 and p. If n > 1

### Summary Slides for MATH 342 June 25, 2018

Summary Slides for MATH 342 June 25, 2018 Summary slides based on Elementary Number Theory and its applications by Kenneth Rosen and The Theory of Numbers by Ivan Niven, Herbert Zuckerman, and Hugh Montgomery.

### Notes on Primitive Roots Dan Klain

Notes on Primitive Roots Dan Klain last updated March 22, 2013 Comments and corrections are welcome These supplementary notes summarize the presentation on primitive roots given in class, which differed

### COMS W4995 Introduction to Cryptography September 29, Lecture 8: Number Theory

COMS W4995 Introduction to Cryptography September 29, 2005 Lecture 8: Number Theory Lecturer: Tal Malkin Scribes: Elli Androulaki, Mohit Vazirani Summary This lecture focuses on some basic Number Theory.

### Introduction to Cryptography. Lecture 6

Introduction to Cryptography Lecture 6 Benny Pinkas page 1 Public Key Encryption page 2 Classical symmetric ciphers Alice and Bob share a private key k. System is secure as long as k is secret. Major problem:

### 10 Problem 1. The following assertions may be true or false, depending on the choice of the integers a, b 0. a "

Math 4161 Dr. Franz Rothe December 9, 2013 13FALL\4161_fall13f.tex Name: Use the back pages for extra space Final 70 70 Problem 1. The following assertions may be true or false, depending on the choice

### AN ALGEBRAIC PROOF OF RSA ENCRYPTION AND DECRYPTION

AN ALGEBRAIC PROOF OF RSA ENCRYPTION AND DECRYPTION Recall that RSA works as follows. A wants B to communicate with A, but without E understanding the transmitted message. To do so: A broadcasts RSA method,

### Introduction to Information Security

Introduction to Information Security Lecture 5: Number Theory 007. 6. Prof. Byoungcheon Lee sultan (at) joongbu. ac. kr Information and Communications University Contents 1. Number Theory Divisibility

### Factoring Algorithms Pollard s p 1 Method. This method discovers a prime factor p of an integer n whenever p 1 has only small prime factors.

Factoring Algorithms Pollard s p 1 Method This method discovers a prime factor p of an integer n whenever p 1 has only small prime factors. Input: n (to factor) and a limit B Output: a proper factor of