CS250: Discrete Math for Computer Science

Similar documents
CISC-102 Winter 2016 Lecture 11 Greatest Common Divisor

CISC-102 Fall 2017 Week 6

The following is an informal description of Euclid s algorithm for finding the greatest common divisor of a pair of numbers:

COMP239: Mathematics for Computer Science II. Prof. Chadi Assi EV7.635

Intermediate Math Circles February 26, 2014 Diophantine Equations I

The Euclidean Algorithm and Multiplicative Inverses

Intermediate Math Circles February 29, 2012 Linear Diophantine Equations I

4 Powers of an Element; Cyclic Groups

Applied Cryptography and Computer Security CSE 664 Spring 2017

cse 311: foundations of computing Spring 2015 Lecture 12: Primes, GCD, applications

Homework 3, solutions

Some Facts from Number Theory

Math Circle Beginners Group February 28, 2016 Euclid and Prime Numbers Solutions

Number Theory Notes Spring 2011

EUCLID S ALGORITHM AND THE FUNDAMENTAL THEOREM OF ARITHMETIC after N. Vasiliev and V. Gutenmacher (Kvant, 1972)

Math Circle Beginners Group February 28, 2016 Euclid and Prime Numbers

ECE 646 Lecture 5. Mathematical Background: Modular Arithmetic

This is a recursive algorithm. The procedure is guaranteed to terminate, since the second argument decreases each time.

CSE 311: Foundations of Computing. Lecture 12: Two s Complement, Primes, GCD

Finite Fields. Mike Reiter

Discrete Mathematics GCD, LCM, RSA Algorithm

8 Primes and Modular Arithmetic

Greatest Common Divisor MATH Greatest Common Divisor. Benjamin V.C. Collins, James A. Swenson MATH 2730

Proofs. Methods of Proof Divisibility Floor and Ceiling Contradiction & Contrapositive Euclidean Algorithm. Reading (Epp s textbook)

cse 311: foundations of computing Fall 2015 Lecture 12: Primes, GCD, applications

Remainders. We learned how to multiply and divide in elementary

Lecture Notes. Advanced Discrete Structures COT S

a the relation arb is defined if and only if = 2 k, k

Outline. Number Theory and Modular Arithmetic. p-1. Definition: Modular equivalence a b [mod n] (a mod n) = (b mod n) n (a-b)

Arithmetic Algorithms, Part 1

Algorithmic number theory. Questions/Complaints About Homework? The division algorithm. Division

MTH 346: The Chinese Remainder Theorem

Math.3336: Discrete Mathematics. Primes and Greatest Common Divisors

CSC 474 Information Systems Security

Ch 4.2 Divisibility Properties

Mat Week 8. Week 8. gcd() Mat Bases. Integers & Computers. Linear Combos. Week 8. Induction Proofs. Fall 2013

Chapter 4 Finite Fields

CMPUT 403: Number Theory

Mathematical Foundations of Cryptography

18 Divisibility. and 0 r < d. Lemma Let n,d Z with d 0. If n = qd+r = q d+r with 0 r,r < d, then q = q and r = r.

CSE20: Discrete Mathematics

NOTES ON SIMPLE NUMBER THEORY

Student Responsibilities Week 8. Mat Section 3.6 Integers and Algorithms. Algorithm to Find gcd()

Number theory (Chapter 4)

Theory of RSA. Hiroshi Toyoizumi 1. December 8,

MATH 145 Algebra, Solutions to Assignment 4

Number Theory Proof Portfolio

Outline. Some Review: Divisors. Common Divisors. Primes and Factors. b divides a (or b is a divisor of a) if a = mb for some m

Outline. AIT 682: Network and Systems Security. GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation Discrete Logarithms

Math 131 notes. Jason Riedy. 6 October, Linear Diophantine equations : Likely delayed 6

Elementary Properties of the Integers

Proof 1: Using only ch. 6 results. Since gcd(a, b) = 1, we have

MATH 433 Applied Algebra Lecture 4: Modular arithmetic (continued). Linear congruences.

Introduction to Number Theory

CSC 474 Network Security. Outline. GCD and Euclid s Algorithm. GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation Discrete Logarithms

Number Theory. Zachary Friggstad. Programming Club Meeting

Senior Math Circles Cryptography and Number Theory Week 2

Basic elements of number theory

Basic elements of number theory

An Algorithm for Prime Factorization

Integers and Division

Algorithms (II) Yu Yu. Shanghai Jiaotong University

2. THE EUCLIDEAN ALGORITHM More ring essentials

CSE 521: Design and Analysis of Algorithms I

INTEGERS. In this section we aim to show the following: Goal. Every natural number can be written uniquely as a product of primes.

Practice Number Theory Problems

5: The Integers (An introduction to Number Theory)

Introduction to Number Theory. The study of the integers

1. multiplication is commutative and associative;

Number Theory Math 420 Silverman Exam #1 February 27, 2018

Discrete Mathematics and Probability Theory Fall 2013 Vazirani Note 3

Public Key Encryption

#26: Number Theory, Part I: Divisibility

Computational Number Theory. Adam O Neill Based on

Wednesday, February 21. Today we will begin Course Notes Chapter 5 (Number Theory).

CS 491 CAP Mathematics

OWO Lecture: Modular Arithmetic with Algorithmic Applications

4. Number Theory (Part 2)

Divisibility. Def: a divides b (denoted a b) if there exists an integer x such that b = ax. If a divides b we say that a is a divisor of b.

Topics in Cryptography. Lecture 5: Basic Number Theory

Lecture 7.5: Euclidean domains and algebraic integers

Module 1. Integers, Induction, and Recurrences

Inverses. Today: finding inverses quickly. Euclid s Algorithm. Runtime. Euclid s Extended Algorithm.

Number Theory and Graph Theory. Prime numbers and congruences.

CPSC 467: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security

ECE 646 Lecture 5. Motivation: Mathematical Background: Modular Arithmetic. Public-key ciphers. RSA keys. RSA as a trap-door one-way function

Notes on Systems of Linear Congruences

Introduction to Public-Key Cryptosystems:

Number theory. Myrto Arapinis School of Informatics University of Edinburgh. October 9, /29

Introduction to Cryptography CS 355 Lecture 3

Number Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.

2 Arithmetic. 2.1 Greatest common divisors. This chapter is about properties of the integers Z = {..., 2, 1, 0, 1, 2,...}.

ICS141: Discrete Mathematics for Computer Science I

Solutions Math 308 Homework 9 11/20/2018. Throughout, let a, b, and c be non-zero integers.

ENEE 457: Computer Systems Security. Lecture 5 Public Key Crypto I: Number Theory Essentials

Direct Proof MAT231. Fall Transition to Higher Mathematics. MAT231 (Transition to Higher Math) Direct Proof Fall / 24

Chapter 3: The Euclidean Algorithm and Diophantine. Math 138 Burger California State University, Fresno

Math Circles - Lesson 2 Linear Diophantine Equations cont.

Algorithms CMSC Basic algorithms in Number Theory: Euclid s algorithm and multiplicative inverse

Transcription:

CS250: Discrete Math for Computer Science L6: Euclid s Algorithm & Multiplicative Inverses Mod m

Greatest Common Divisors, GCD If d a and d b then d is a common divisor of a and b. 1, 2, 3, and 6 are common divisors of 12,18. 1 is a common divisor of every pair of integers a,b. The greatest common divisor of a,b is denoted gcd(a,b). gcd(12, 18) = 6 gcd(5,11) = 1 5 and 11 are relatively prime gcd(17, 34) = 17 gcd(30, 100) = 10 gcd(98, 105) = 7

How do we efficiently compute gcd(a, b)? Easy if we know the prime factors of a and b: 12 = 2 2 3 1 18 = 2 1 3 2 gcd(12,18) = 2 1 3 1 5 = 5 1 11 0 11 = 5 0 11 1 gcd(5,11) = 5 0 11 0 17 = 2 0 17 1 34 = 2 1 17 1 gcd(17,34) = 2 0 17 1 30 = 2 1 3 1 5 1 100 = 2 2 3 0 5 2 gcd(30,100) = 2 1 3 0 5 1 98 = 2 1 30 50 72 105 = 2 0 31 51 71 gcd(98,105) = 20 30 50 71 Prop: If a = p a 1 1 pa 2 2 pa k k and b = p b 1 for primes p 1 < p 2 < < p k, 1 pb 2 2 pb k Then gcd(a,b) = p min(a 1,b 1 ) 1 p min(a 2,b 2 ) 2 p min(a k,b k ) k k

But, factoring integers is computationally difficult To factor a thousand-bit integer, a, we would try all divisors up to a but that we would be about 2 500 divisors! This is exponential time in terms of the size of the input, so it is not feasible. Today, we will see how over 2300 years ago, Euclid gave a very efficient algorithm to compute gcd(a,b), without factoring. This was in Euclid s Geometry text. He was thinking about line segments and wanted to be able to compute the length d of the longest line segment that evenly divided two given line segments, a and b.

Euclid s algorithm To compute: gcd(12, 18) = gcd(18, 12), Divide the bigger number, b, by the smaller, s, computing the remainder, r. Repeat until remainder = 0. Answer = the last postive remainder. 18 = 1 12 + 6 Answer: gcd(18,12) = 6 12 = 2 6 + 0

Euclid s algorithm Compute: gcd(123, 42) 123 = 2 42 + 39 42 = 1 39 + 3 Answer: gcd(123,42) = 3 39 = 13 3 + 0 Compute: gcd(13, 8) 13 = 1 8 + 5 8 = 1 5 + 3 5 = 1 3 + 2 3 = 1 2 + 1 Answer: gcd(13,8) = 1 2 = 2 1 + 0

Euclid s Algorithm: Why It Works Algorithm: GCD(b, s) Input: integers b > s 0 1. while (s 0) do { b := s; s := (b % s) } 2. return(b) Lemma [Euclid, 300 B.C.] If b > s > 0 Then gcd(b,s) = gcd(s,(b % s)). Each iteration of the while loop decreases s. Thus Euclid s Algorithm eventually halts. By Euclid s Lemma, each iteration preserves value of gcd(b,s). Correct answer at last step: because gcd(b,0) = b because b 0 (b 0 = 0) Thus, Euclid s Algorithm (GCD) correctly computes gcd.

Lemma [Euclid, 300 B.C.] If b > s > 0 Then gcd(b,s) = gcd(s,(b % s)). proof: Let r = b % s and b = q s + r Claim: d[(d b d s) (d s d r)] let d be arbitrary suppose (d b d s) Thus, d (b q s), i.e., d r. Conversely, suppose (d s d r) Thus, d (q s + r), i.e., d b. This proves the claims. Thus gcd(b, s) = gcd(s, r).

Euclid s Algorithm: How Long Does it Take? Algorithm: GCD(b, s) Input: integers b > s 0 1. while (s 0) do { b := s; s := (b % s) } 2. return(b) Claim: After two iterations: b b/2. b := s; s := (b % s) b := s ; s := (b % s ) proof: Suppose s b/2, then reduced by half after one iteration. Otherwise: s > b/2. Thus, s = b%s = b s so s < b/2. Thus b = s < b/2 Thus, Euclid s Algorithm takes at most 2 log b iterations. Thus linear, i.e., O(n) iterations where n = b is the number of bits to represent b.

Euclid s Algorithm Backwards Thm: ab xy(ax + by = gcd(a,b)) Remember that our universe of discourse is Z. 18 = 1 12 + 6 gcd(18,12) = 6 Express gcd(a,b) in terms of previous values. 6 = 18 1 + 12 ( 1)

ab xy(ax + by = gcd(a, b)) 123 = 2 42 + 39 42 = 1 39 + 3 gcd(123,42) = 3 Express gcd(a,b) in terms of previous values; regroup; repeat. 3 = 42 1 + 39 ( 1) 3 = 42 1 + (123 + 42 ( 2)) ( 1) 3 = 123 ( 1) + 42 3

ab xy(ax + by = gcd(a, b)) 13 = 1 8 + 5 8 = 1 5 + 3 5 = 1 3 + 2 3 = 1 2 + 1 gcd(13,8) = 1 Express gcd(a,b) in terms of previous values; regroup; repeat. 1 = 3 1 + 2 ( 1) 1 = 3 1 + (5 + 3 ( 1)) ( 1) 1 = 5 ( 1) + 3 2 1 = 5 ( 1) + (8 + 5 ( 1)) 2 1 = 8 (2) + 5 3 1 = 8 (2) + (13 + 8 ( 1)) 3 1 = 13 ( 3) + 8 5 Don t forget to check: 1 = 39 + 40

ab xy(ax + by = gcd(a, b)) In fact, x and y can be computed very efficiently by running Euclid s Algorithm backwards. 13 ( 3) 1 (mod 8) 8 (5) 1 (mod 13) 1 = 13 ( 3) + 8 5 Thm: If gcd(a,b) = 1 then we can efficiently compute the multiplicative inverse of a (mod b). Proof. It s x in the above equation. ax + by = 1 ax 1(mod b)

Multipicative Inverses Mod m Thm: For all integers a,m s.t. m > 1, a has a multiplicative inverse mod m iff a and m are relatively prime. Proof: Recall a and m are relatively prime iff gcd(a,m) = 1. Let a and m be arbitrary with m > 1. Assume: gcd(a,m) = 1 Then xy(ax + my = 1) so x is mult. inv. of a (mod m). Assume: ax 1(mod m) Thus, y(ax + my = 1). If, d a and d m, then d (ax + my), i.e., d 1. Thus, gcd(a,m) = 1. Since a and m were arbitrary, Thm holds for all such a,m.

a, m > 1 (a has mult. inverse mod m iff gcd(a, m) = 1) mod 6 0 1 2 3 4 5 0 0 0 0 0 0 0 1 0 1 2 3 4 5 2 0 2 4 0 2 4 3 0 3 0 3 0 3 4 0 4 2 0 4 2 5 0 5 4 3 2 1

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback