Introduction to Information Security

Similar documents
ECEN 5022 Cryptography

Mathematics for Cryptography

Chapter 9 Mathematics of Cryptography Part III: Primes and Related Congruence Equations

4 Number Theory and Cryptography

Topics in Cryptography. Lecture 5: Basic Number Theory

Chapter 4 Finite Fields

LECTURE NOTES IN CRYPTOGRAPHY

Basic elements of number theory

Basic elements of number theory

CSC 474 Information Systems Security

Numbers. Çetin Kaya Koç Winter / 18

Outline. Some Review: Divisors. Common Divisors. Primes and Factors. b divides a (or b is a divisor of a) if a = mb for some m

Outline. AIT 682: Network and Systems Security. GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation Discrete Logarithms

Mathematical Foundations of Cryptography

CSC 474 Network Security. Outline. GCD and Euclid s Algorithm. GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation Discrete Logarithms

3 The fundamentals: Algorithms, the integers, and matrices

Public-key Cryptography: Theory and Practice

Number Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.

Number Theory and Group Theoryfor Public-Key Cryptography

A field F is a set of numbers that includes the two numbers 0 and 1 and satisfies the properties:

Chapter 4 Mathematics of Cryptography

Number Theory Proof Portfolio

Introduction to Cryptography. Lecture 6

CIS 6930/4930 Computer and Network Security. Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography

Congruence Classes. Number Theory Essentials. Modular Arithmetic Systems

NUMBER THEORY. Anwitaman DATTA SCSE, NTU Singapore CX4024. CRYPTOGRAPHY & NETWORK SECURITY 2018, Anwitaman DATTA

A. Algebra and Number Theory

Number Theory. Modular Arithmetic

Applied Cryptography and Computer Security CSE 664 Spring 2018

Applied Cryptography and Computer Security CSE 664 Spring 2017

PRIMALITY TESTING. Professor : Mr. Mohammad Amin Shokrollahi Assistant : Mahdi Cheraghchi. By TAHIRI JOUTI Kamal

Basic Algebra and Number Theory. Nicolas T. Courtois - University College of London

Elementary Number Theory MARUCO. Summer, 2018

Basic Concepts in Number Theory and Finite Fields

Number Theory and Algebra: A Brief Introduction

[Part 2] Asymmetric-Key Encipherment. Chapter 9. Mathematics of Cryptography. Objectives. Contents. Objectives

Discrete Structures Lecture Primes and Greatest Common Divisor

Congruences and Residue Class Rings

Commutative Rings and Fields

Lecture 3.1: Public Key Cryptography I

4 PRIMITIVE ROOTS Order and Primitive Roots The Index Existence of primitive roots for prime modulus...

Coding Theory ( Mathematical Background I)

Summary Slides for MATH 342 June 25, 2018

The set of integers will be denoted by Z = {, -3, -2, -1, 0, 1, 2, 3, 4, }

Ch 4.2 Divisibility Properties

MATH 4400 SOLUTIONS TO SOME EXERCISES. 1. Chapter 1

a the relation arb is defined if and only if = 2 k, k

Chapter 9 Basic Number Theory for Public Key Cryptography. WANG YANG

Finite Fields. Mike Reiter

NUMBER SYSTEMS. Number theory is the study of the integers. We denote the set of integers by Z:

Math 312/ AMS 351 (Fall 17) Sample Questions for Final

Outline. Number Theory and Modular Arithmetic. p-1. Definition: Modular equivalence a b [mod n] (a mod n) = (b mod n) n (a-b)

Number theory lectures

Introduction to Number Theory

Homework #2 solutions Due: June 15, 2012

Part II. Number Theory. Year

ICS141: Discrete Mathematics for Computer Science I

MATH 501 Discrete Mathematics. Lecture 6: Number theory. German University Cairo, Department of Media Engineering and Technology.

Math 314 Course Notes: Brief description

Lecture 7 Number Theory Euiseong Seo

Introduction to Number Theory 1. c Eli Biham - December 13, Introduction to Number Theory 1

Galois fields/1. (M3) There is an element 1 (not equal to 0) such that a 1 = a for all a.

Algebra. Modular arithmetic can be handled mathematically by introducing a congruence relation on the integers described in the above example.

Groups, Rings, and Finite Fields. Andreas Klappenecker. September 12, 2002

Cryptography CS 555. Topic 18: RSA Implementation and Security. CS555 Topic 18 1

COT 3100 Applications of Discrete Structures Dr. Michael P. Frank

Proofs. Methods of Proof Divisibility Floor and Ceiling Contradiction & Contrapositive Euclidean Algorithm. Reading (Epp s textbook)

Lecture notes: Algorithms for integers, polynomials (Thorsten Theobald)

cse547, math547 DISCRETE MATHEMATICS Professor Anita Wasilewska

Chapter 2 Mathematical Foundations of Cryptography

4 Powers of an Element; Cyclic Groups

1 Overview and revision

Integers and Division

Mathematical Foundations of Public-Key Cryptography

Know the Well-ordering principle: Any set of positive integers which has at least one element contains a smallest element.

Introduction to Cybersecurity Cryptography (Part 5)

Lecture 4: Number theory

Discrete Structures Lecture Solving Congruences. mathematician of the eighteenth century). Also, the equation gggggg(aa, bb) =

Foundations of Cryptography

Introduction to Cryptography k. Lecture 5. Benny Pinkas k. Requirements. Data Integrity, Message Authentication

7.2 Applications of Euler s and Fermat s Theorem.

Chuck Garner, Ph.D. May 25, 2009 / Georgia ARML Practice

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

2.3 In modular arithmetic, all arithmetic operations are performed modulo some integer.

Discrete mathematics I - Number theory

MATH 433 Applied Algebra Lecture 4: Modular arithmetic (continued). Linear congruences.

Lecture 7: Number Theory Steven Skiena. skiena

COMP239: Mathematics for Computer Science II. Prof. Chadi Assi EV7.635

Public Key Encryption

MATH 361: NUMBER THEORY FOURTH LECTURE

Math 118: Advanced Number Theory. Samit Dasgupta and Gary Kirby

With Question/Answer Animations. Chapter 4

8 Primes and Modular Arithmetic

Number Theory & Modern Cryptography

Course 2BA1: Trinity 2006 Section 9: Introduction to Number Theory and Cryptography

CS 5319 Advanced Discrete Structure. Lecture 9: Introduction to Number Theory II

2 Elementary number theory

4.4 Solving Congruences using Inverses

SEVENTH EDITION and EXPANDED SEVENTH EDITION

Transcription:

Introduction to Information Security Lecture 5: Number Theory 007. 6. Prof. Byoungcheon Lee sultan (at) joongbu. ac. kr Information and Communications University

Contents 1. Number Theory Divisibility Prime numbers and factorization gcd and lcm Euclidean algorithm, Extended Euclidean algorithm Congruence and modular arithmetic Chinese remainder theorem Fermat s theorem and Euler s theorem Legendre symbol and Jacobi symbol. Finite Fields Group, Ring Field, Finite field Cyclic group

Divisibility Let Z denote the set of all integers. Z={,-3,-,-1,0,1,,3, } Division Theorem (a,b Z) For nonzero b, q,r Z s.t. a=qb+r, 0 r <b q: quotient, r: remainder Divide b divides a, or b a iff cz s.t. a=bc (i.e. r=0) If a b, then a bc If a b and a c, then a (bx+cy) If a b and b a then a= b (antisymmetry) If a b and b c, then a c (transitivity) b a b divides a 3

Prime Numbers Prime An integer p is called prime if its divisors are 1 and p A number that is divisible only by 1 and itself,3,5,7,11,13,17,19,3,9,31,.. If a prime p divides ab, then p a or p b Composite number Any number that is not prime 4

Prime Number Theorem There are infinitely many prime numbers Prime number theorem x ( x) :number of ln x ( x)ln( x) lim 1 n x primes less than x Example: Estimate the number of 100-digit primes 10 ln10 10 ln10 100 99 100 99 ( 10 ) (10 ) 3.9 100 99 10 97 5

Sieve of Eratosthenes Sieve of Eratosthenes : Determine all primes smaller than N S1. Create an initial set of all numbers N N ={,3,4,,N-1} S. For all integers n < sqrt(n), remove all multiples of n from the above N N S3. The final reduced set N N contains all primes smaller than N Exercise 1: Obtain all primes less than 00 6

Factorization Factorization Any positive integer can be uniquely factored into the product of primes n pp p e P 504 = 3 3 7, 115 = 3 5 3 7

lcm and gcd lcm(a,b) - least common multiple lcm of a and b is the smallest integer which is divisible by both a and b gcd(a,b) - greatest common divisor gcd of a and b is the largest integer which divides both a and b Example: gcd(4,60)=1, gcd(5,7)=1 a and b are relatively prime if gcd(a,b)=1 Finding gcd(a,b) Using the factorization of a and b 576= 6 3, 135=3 3 5, gcd(576,135)=3 Using the Euclidean algorithm 8

Euclidean Algorithm - find gcd using division and remainder Find gcd(a,b) Initialize r 0 =a, r 1 =b Computes the following sequence of equations r 0 =q 1 r 1 +r r 1 =q r +r 3 r =q 3 r 3 +r 4.. r n- =q n-1 r n-1 +r n where r n =0 Then gcd(a,b) = r n-1 r r 0 1 a b? rn 1?? rn 1 9

Euclidean Algorithm - find gcd using division and remainder Example : gcd(3465,88)=63 3465=3 x 88+819 88=1 x 819+63 819=13 x 63+0 3 13 3465 88 646 819 819 819 63 0 1 10

11 Extended Euclidean Algorithm Extended Euclidean Algorithm Let d=gcd(a,b). Then there exist integers x, y such that ax+by=d. If a and b are relatively prime, then there exist x, y such that ax+by=1 1 1 4 3 3 3 1 n n n r q r r r q r r r q b r q b a b a r b a r q r r b q q a q r q b r q b a r n (??) (?) (??) (?) ) (1 1 3 3 4 1 3 1 ax+by=d gcd(10,7) = 1 gcd(367,1) = 1 Example 1 = (-)(10) + (3)(7). 1 = (-56)(367) + (93)(1)

Extended Euclidean Algorithm Easier calculation algorithm by hand http://marauder.millersville.edu/~bikenaga/absalg/exteuc/exteucex.html Example: for gcd(187,10) = 17 (next x) = (next-to-last x) - q (last x) (next y) = (next-to-last y) - q (last y) 17 = (187,10) = (-1)(187) + ()(10). 1

Extended Euclidean Algorithm Exercise : For the following pair of numbers 1. Find gcd using Euclidean algorithm. Solve ax+by=d using Extended Euclidean algorithm 1. gcd(55,13). gcd(41,789) 3. gcd(35,14) 4. gcd(114,368) 5. gcd(733,75) 13

Congruence Definition) Congruence a b mod n iff n (a-b) a = b+kn for some integer k a%n=b%n a is congruent to b modulo n 3 mod 5-1 37 mod 7 a a a b iff b a If a b and b c then a c Residue Class Group: Z n ={xz 0 x< n} Addition: a+b = (a+b mod n) Multiplication: ab =(ab mod n) Closed under addition, subtraction, and multiplication Closed under division if n is prime 14

Modular Arithmetic Modular addition Modular subtraction Modular multiplication Fill out the table a b x 1 3 4 5 6 7 8 9 10 1 1 4 3 9 1 4 7 4 5 6 7 8 9 10 Modular multiplication in mod 11 Compute axb mod 11 15

Modular Arithmetic Modular exponentiation Fill out the table ^ 1 3 4 5 6 7 8 9 10 1 3 3 9 5 4 1 3 9 5 4 1 4 a 5 6 7 8 9 10 b Modular exponentiation in mod 11 Compute a b mod 11 16

Modular Arithmetic b a^b 1 3 4 5 6 7 8 9 10 11 1 a 1 1 1 1 1 1 1 1 1 1 1 1 1 4 8 3 6 1 11 9 5 10 7 1 3 3 9 1 3 9 1 3 9 1 3 9 1 4 4 3 1 9 10 1 4 3 1 9 10 1 5 5 1 8 1 5 1 8 1 5 1 8 1 6 6 10 8 9 1 7 3 5 4 11 1 7 7 10 5 9 11 1 6 3 8 4 1 8 8 1 5 1 8 1 5 1 8 1 5 1 9 9 3 1 9 3 1 9 3 1 9 3 1 10 10 9 1 3 4 1 10 9 1 3 4 1 11 11 4 5 3 7 1 9 8 10 6 1 1 1 1 1 1 1 1 1 1 1 1 1 1 Modular exponentiation in mod 13 Compute a b mod 13 17

Modular Arithmetic Modular division Solve: x+7=3 (mod 17) x=-4 (mod 17) x=- (mod 17)=15 You can divide by a mod n only when gcd(a,n)=1 Find the multiplicative inverse of a mod n = a -1 and then multiply a -1 b/a mod n = b*a -1 mod n If ac=1 mod n, then c=a -1 mod n Compute a -1 mod n using the extended Euclidean algorithm For gcd(n,a)=1, solve ax+ny=1, then x=a -1 mod n 18

Efficient Modular Exponentiation How to compute a x (mod n) efficiently? Multiply a x times? No good 134 mod 789 = 104+18+64+16+ mod 789 = 104 * 18 * 64 * 16 * mod 789 = 86 * 559 * 367 * 49 * 4 mod 789 = 481 mod 789 19

Square and Multiply Algorithm How to compute y=a x (mod n) efficiently? 1. binary representation of x=x r x r-1 x 1 x 0. Let y=a 3. For i from r-1 to 0 y=y mod n If x i =1, then y=ya mod n 4. Output y Compute 7 1 mod 11, 1=10101 (), r=4 7 1 mod 11 i bit y y*a y = 7 16+4+1 mod 11 = (((7 ) 7) ) 7 mod 11 4 1 7 3 0 7 =5-5 1 5 =3 3*7=10 10 1 0 10 =1-1 0 1 1 =1 1*7=7 7 Output 7 as the result 0

Chinese Remainder Theorem (CRT) Chinese Remainder Theorem Suppose gcd(m,n)=1. Given integers a and b, there exists exactly one solution x (mod mn) to the simultaneous congruences x=a mod m, x=b mod n proof) there exists s, t such that ms+nt=1 ms=1 mod n, nt=1 mod m Let x=ant+bms, then x=ant mod m=a mod m x=bms mod n=b mod n 1

Chinese Remainder Theorem (CRT) Find a number x which satisfies x=b 1 mod m 1..... x=b n mod m n Example: Find x such that x=4 mod 5 x=3 mod 7 x=6 mod 11 Efficient algorithm to compute x 1. m=m 1 m m n = 5*7*11 = 385. M 1 = m/m 1 = 385/5 = 7*11 = 77 M = m/m = 385/7 = 5*11 = 55 M 3 = m/m 3 = 385/11 = 5*7 = 35 3. N 1 =M -1 1 mod m 1 =77-1 mod 5=3 Use extended Euclidean algorithm N =M -1 mod m =55-1 mod 7=6 N 3 =M -1 3 mod m 3 =35-1 mod 11=6 4. T=b 1 M 1 N 1 +b M N +b 3 M 3 N 3 mod m =4*77*3+3*55*6+6*35*6 mod 385=94

Chinese Remainder Theorem (CRT) Exercise 3: find a number which satisfies 1. x = 3 mod 11 = 6 mod 7 = 8 mod 13. x = 5 mod 31 = 6 mod 17 = 8 mod 9 3

Euler phi function: (n) Euler phi function (or Euler totient function): (n) The number of integers in [1, n], which are relatively prime to n If p is prime, (p) = p-1 (p e ) = p e p e-1 = p e-1 (p-1) for prime p > if gcd(n, m) = 1, (nm) = (n). (m) (multiplicative property) So, for primes p & q, (pq) = (p). (q) = (p-1)(q-1) 4

Fermat s Theorem and Euler s Theorem Fermat s Theorem: Let p be a prime If gcd(x, p) = 1, then x p-1 = 1 mod p If a = b mod p-1, then x a = x b mod p for all integers x x p = x mod p for all integers x Euler s Theorem: Let n be an integer If gcd(x, n) = 1, then x (n) = 1 mod n If n is a product of distinct primes and a = b mod (n), then x a = x b mod n for all integers x x n = x mod n for all integers x 5

Legendre Symbol Quadratic congruence for a prime modulus p x = a (mod p) where p is a prime It will have 1. one solution if a=0 (mod p). two solutions if a is a quadratic residue modulo p 3. no solution if a is a quadratic non-residue modulo p Legendre symbol is defined as a p 0 1 1 If a = 0 If a is a QR If a is a QNR It is computed by a p a 1 ( p1) mod p 6

Quadratic Residue Example in Z 13 * 1 1 mod 13 7 10 mod 13 4 mod 13 8 1 mod 13 3 9 mod 13 9 3 mod 13 4 3 mod 13 10 9 mod 13 5 1 mod 13 11 4 mod 13 6 10 mod 13 1 1 mod 13 QR = {1, 3, 4, 9, 10, 1} 3 1 (131) 6 13 3 mod13 3 mod13 1 QNR={, 5, 6, 7, 8, 11} 1 (131) 6 13 mod13 mod13 1 7

Jacobi Symbol Generalization of Legendre symbol Quadratic congruence for an arbitrary modulus n x = a (mod n) where n=p 1 p r It is computed by a n r i1 a pi 8

Group Definition) A group (G,*) consists of a set G with a binary operation * on G satisfying the following three axioms. 1. a*(b*c)=(a*b)*c for all a,b,c G : associative. There is an element 1 G called the identity element s.t. a*1=1*a=a 3. For each a G there exists an element a -1 (inverse) s.t. a*a -1 =a -1 *a=1 A group G is abelian (or commutative) if, furthermore, 4. a*b=b*a for all a,b G 9

Ring Definition) A ring (R,+,x) consists of a set R with two binary operations arbitrarily denoted + (addition) and x (multiplication) on R satisfying the following axioms. 1. (R,+) is an abelian group with identity denoted 0.. The operation x is associative. That is ax(bxc)=(axb)xc for all a,b,c R. 3. There is a multiplicative identity denoted 1, s.t. 1xa=ax1=a for all a R. 4. The operation x is distributive over +. ax(b+c)=(axb)+(axc) for all a,b,c R. The ring R is a commutative ring if axb=bxa for all a,b R. 30

Field and Finite Field Definition) A field is a commutative ring in which all non-zero elements have multiplicative inverses. Definition) A finite field (Galois Field) is a field F which contains a finite number of elements. Galois Field GF(p)=Z p with prime p addition, subtraction, multiplication, and division by non-zero elements are all well-defined. arithmetic modulo p. Galois Field GF(q n ) with prime q and degree n arithmetic modulo irreducible polynomials of degree n whose coefficients are integers modulo q. 31

Order of Group Order of group in modular arithmetic x = y mod n : x is congruent to y modulo n; n divides (x-y) Z n = {0, 1,,..., n-1} Z n * = { x Z n gcd(x, n) = 1}: multiplicative group of Z n Order of Z n * = the number of elements in Z n * = Z n * = (n) Order of x Z n * = smallest integer r such that x r = 1 mod n Ord(x) for any x Z n * = a divisor of (n) 3

Cyclic Group Let p be a prime Z p = {0, 1,,, p-1} Z * p = { x Z p gcd(x, p) = 1} = {1,,, p-1} = Z p - {0} Order of Z p = Z * p = (p) = p-1 Order of an element Z * p = Ord() = a divisor of p-1 is a generator / primitive element of Z * p if Ord() = (p) = p-1 Then Z * p = { i i = 0, 1,, p-} : cyclic group For any y Z p*, there exists an integer x [0, p-] such that y = x mod p Let p be a prime and q be a prime divisor of p-1, I.e., p-1= kq Let g be an element of order q, I.e., g 1and g q = 1 mod p <g> = {g i i = 0, 1,, q-1} Z * p : a multiplicative subgroup of Z * p That is, for any y <g>, there exists an integer x [0, q-1] such that y = g x mod p 33

Cyclic Group Example: p = 13 Z 13 = {0, 1,,, 1} Z 13 * = {1,,, 1}; Z p * = 1 = 6 : a generator of Z 13 * i 0 1 3 4 5 6 7 8 9 10 11 i mod 13 1 6 10 8 9 1 7 3 5 4 11 Order of x Z 13 * : a divisor of 1 =..3 x 1 3 4 5 6 7 8 9 10 11 1 Ord(x) 1 1 3 6 4 1 1 4 3 6 1 Exercise 4. Find the order of x Z 31 * 34

Z 13 * b a a^b 1 3 4 5 6 7 8 9 10 11 1 1 1 1 1 1 1 1 1 1 1 1 1 1 4 8 3 6 1 11 9 5 10 7 1 3 3 9 1 3 9 1 3 9 1 3 9 1 4 4 3 1 9 10 1 4 3 1 9 10 1 5 5 1 8 1 5 1 8 1 5 1 8 1 6 6 10 8 9 1 7 3 5 4 11 1 7 7 10 5 9 11 1 6 3 8 4 1 8 8 1 5 1 8 1 5 1 8 1 5 1 9 9 3 1 9 3 1 9 3 1 9 3 1 10 10 9 1 3 4 1 10 9 1 3 4 1 11 11 4 5 3 7 1 9 8 10 6 1 1 1 1 1 1 1 1 1 1 1 1 1 1 Ord(a) 1 1 3 6 4 1 1 4 3 6 1 35

Homework #5 Solve the exercises appeared in this lecture. 1. Exercise 1 on finding prime numbers. Exercise on Euclidean / Extended Euclidean algorithm 3. Exercise 3 on Chinese Remainder Theorem 4. Exercise 4 on Order in cyclic group 36

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback