Math/Mthe 418/818. Review Questions

Similar documents
Introduction to Modern Cryptography. Benny Chor

Candidates must show on each answer book the type of calculator used. Only calculators permitted under UEA Regulations may be used.

Definition: For a positive integer n, if 0<a<n and gcd(a,n)=1, a is relatively prime to n. Ahmet Burak Can Hacettepe University

Public-Key Cryptosystems CHAPTER 4

Part II. Number Theory. Year

CIS 551 / TCOM 401 Computer and Network Security

Mathematics of Cryptography

Lecture Notes, Week 6

Number Theory and Algebra: A Brief Introduction

Applied Cryptography and Computer Security CSE 664 Spring 2018

Cryptography and Security Midterm Exam

Lecture 1: Introduction to Public key cryptography

Cryptography IV: Asymmetric Ciphers

Public-Key Encryption: ElGamal, RSA, Rabin

Attempt QUESTIONS 1 and 2, and THREE other questions. penalised if you attempt additional questions.

Discrete Logarithm Problem

The RSA cryptosystem and primality tests

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE

Security II: Cryptography exercises

Introduction to Cryptography. Lecture 8

during transmission safeguard information Cryptography: used to CRYPTOGRAPHY BACKGROUND OF THE MATHEMATICAL

RSA RSA public key cryptosystem

Cryptography CS 555. Topic 18: RSA Implementation and Security. CS555 Topic 18 1

Chapter 8 Public-key Cryptography and Digital Signatures

Lemma 1.2. (1) If p is prime, then ϕ(p) = p 1. (2) If p q are two primes, then ϕ(pq) = (p 1)(q 1).

CPSC 467b: Cryptography and Computer Security

CSE 521: Design and Analysis of Algorithms I

CPSC 467b: Cryptography and Computer Security

University of Tokyo: Advanced Algorithms Summer Lecture 6 27 May. Let s keep in mind definitions from the previous lecture:

Finite Fields and Elliptic Curves in Cryptography

Asymmetric Encryption

Chapter 9 Mathematics of Cryptography Part III: Primes and Related Congruence Equations

Overview. Background / Context. CSC 580 Cryptography and Computer Security. March 21, 2017

Introduction to Public-Key Cryptosystems:

1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2

CPSC 467: Cryptography and Computer Security

Elliptic curves: Theory and Applications. Day 4: The discrete logarithm problem.

Mathematics for Cryptography

Security Issues in Cloud Computing Modern Cryptography II Asymmetric Cryptography

2 More on Congruences

One can use elliptic curves to factor integers, although probably not RSA moduli.

Elementary Number Theory MARUCO. Summer, 2018

CPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems

IRREDUCIBILITY TESTS IN F p [T ]

RSA: Genesis, Security, Implementation & Key Generation

ECE 646 Lecture 8. RSA: Genesis, Security, Implementation & Key Generation

14 Diffie-Hellman Key Agreement

Question: Total Points: Score:

RSA. Ramki Thurimella

Theme : Cryptography. Instructor : Prof. C Pandu Rangan. Speaker : Arun Moorthy CS

10 Public Key Cryptography : RSA

Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013

A Guide to Arithmetic

Aspect of Prime Numbers in Public Key Cryptosystem

Public Key 9/17/2018. Symmetric Cryptography Review. Symmetric Cryptography: Shortcomings (1) Symmetric Cryptography: Analogy

RSA Algorithm. Factoring, EulerPhi, Breaking RSA. Çetin Kaya Koç Spring / 14

Notes. Number Theory: Applications. Notes. Number Theory: Applications. Notes. Hash Functions I

MATH 25 CLASS 21 NOTES, NOV Contents. 2. Subgroups 2 3. Isomorphisms 4

Homework Problems, Math 134, Spring 2007 (Robert Boltje)

The security of RSA (part 1) The security of RSA (part 1)

Chapter 4 Asymmetric Cryptography

Curves, Cryptography, and Primes of the Form x 2 + y 2 D

Congruences and Residue Class Rings

Asymmetric Cryptography

Topics in Cryptography. Lecture 5: Basic Number Theory

ASSIGNMENT Use mathematical induction to show that the sum of the cubes of three consecutive non-negative integers is divisible by 9.

The RSA Cipher and its Algorithmic Foundations

10 Modular Arithmetic and Cryptography

10 Concrete candidates for public key crypto

SEMINAR SECURITY - REPORT ELLIPTIC CURVE CRYPTOGRAPHY

Lecture V : Public Key Cryptography

5199/IOC5063 Theory of Cryptology, 2014 Fall

D-MATH Algebra II FS18 Prof. Marc Burger. Solution 26. Cyclotomic extensions.

Introduction to Elliptic Curve Cryptography. Anupam Datta

Summary Slides for MATH 342 June 25, 2018

The Elliptic Curve in https

Foundations of Network and Computer Security

Methods of Public-Key Cryptography. Émilie Wheeler

KTH, NADA , and D1449 Kryptografins grunder. Lecture 6: RSA. Johan Håstad, transcribed by Martin Lindkvist

Introduction to Cybersecurity Cryptography (Part 5)

Factorization & Primality Testing

1: Please compute the Jacobi symbol ( 99

Public Key Encryption

Elliptic Curve Cryptography with Derive

Public Key Algorithms

Elliptic Curve Cryptography

Introduction to Cybersecurity Cryptography (Part 4)

My brief introduction to cryptography

RSA Key Generation. Required Reading. W. Stallings, "Cryptography and Network-Security, Chapter 8.3 Testing for Primality

Cryptography. Number Theory with AN INTRODUCTION TO. James S. Kraft. Lawrence C. Washington. CRC Press

8.1 Principles of Public-Key Cryptosystems

CRYPTOGRAPHY AND NUMBER THEORY

Mathematics 4: Number Theory Problem Sheet 3. Workshop 26 Oct 2012

Elementary Number Theory and Cryptography, 2014

Introduction to Cybersecurity Cryptography (Part 4)

MATH 158 FINAL EXAM 20 DECEMBER 2016

Introduction to Elliptic Curve Cryptography

Introduction to Modern Cryptography. Benny Chor

Public-key Cryptography and elliptic curves

L7. Diffie-Hellman (Key Exchange) Protocol. Rocky K. C. Chang, 5 March 2015

Transcription:

Math/Mthe 418/818 Review Questions 1. Show that the number N of bit operations required to compute the product mn of two integers m, n > 1 satisfies N = O(log(m) log(n)). 2. Can φ(n) be computed in polynomial time? Explain. 3. Use the binary power-mod algorithm to compute rem(3 30, 35). 4. (a) Give a mathematical model for a cryptosystem. (b) Explain what is meant by n-block cipher and give a (classical) example. (c) What are the encryption and decryption functions of an affine block cipher? 5. (a) Explain the basic set-up of the RSA cryptosystem and why it works. (b) Discuss the security of RSA and some particular design features (and attacks). 6. (a) Let G be a group. Define the order of a group element x G. (b) If x G has finite order n, prove that ord(x k ) n, for all k Z. (c) Let G be a group of order n and let p n be a prime. If x G and if x n/p 1, prove that p ord(x). 7. (a) Explain the purpose, basic set-up and protocol of: (i) Diffie-Hellman; (ii) Massey-Omura; (iii) El Gamal. (b) Discuss security issues of the above cryptosystems. 8. Explain the construction of the public keys in the DSA method. 9. If p is a prime of bit size 150, is the DLP safe against the logtable attack in F p? Explain. 10. Give the main ideas of the SPH attack, and explain the circumstances under which it can applied. What are the consequences for a cryptosystem based on the DLP? 11. Explain the steps of Fermat primality test. What do we know about n if n passes the Fermat test k times? Similarly, explain the steps of the Euler primality test (Solovay Strassen method) and of the Miller-Rabin test. What do we know about n if n passes each of these tests k times? 12. What is the relation between pseudoprimes, Euler pseudoprimes and strong pseudoprimes? 13. If n Z is an integer with ( n 15) = 1, is n a square mod 15? Either explain (or prove) why this is true or give a counterexample.

14. Is the curve E/Q defined by y 2 = x 3 3x + 2 an elliptic curve? Explain why or why not. 15. Let E/Q be the elliptic curve defined by y 2 = x 3 + 1. Show that P = (2, 3) E(Q), and determine the order of P. 16. Let E/F 19 be defined by y 2 = x 3 1. Determine E(F 19 )[2]. 17. Let E/F 71 be defined by y 2 = x 3 x. Calculate E(F 71 ) and determine the structure of the group E(F 71 ). 18. Let E/F 71 be an elliptic curve with a point of order 8 and a point of order 7. Determine E(F 71 ) and the structure of E(F 71 ). 19. Let E/F 71 be an elliptic curve with a point of order 7. If E(F 71 )[4] = 8, determine E(F 71 ) and the structure of E(F 71 ). 20. Let E/F p be an elliptic curve and let l be a prime. If E(F p )[l 2 ] = l 3, then β l = 1. 21. Show that the groups G 1 = Z/8Z Z/4Z and G 2 = Z/16Z Z/2Z are not isomorphic. 22. Discuss the analogue of the Diffie-Hellman Key Exchange for elliptic curves: the public information, the protocol and the common secret key. Similarly, discuss the analogue of the El Gamal cryptosystem. 23. What is the advantage of elliptic curve cryptosystems over cryptosystems based on the group F p? 24. Give two methods for constructing the public information for the elliptic curve analogue of El Gamal. What is the principal difficulty for each method? 25. Explain Koblitz s method for embedding plaintexts in E(F p ). 2

Assignment 1 Review Questions (from Assignments) 1. Find the binary expansion of 213. (Use the table method from class.) 2. (a) If m is a k-bit integer and n is an l-bit integer, show that the product mn has either k + l or k + l 1 bits. [Use suitable inequalities to justify your claims.] Assignment 2 1. (a) Find all the solutions of the equation 18x = 12 in Z/48Z. (b) Determine 12/43 in Z/73Z. 2. (a) Show that (Z/5Z) (Z/11Z) (Z/55Z) by constructing an explicit isomorphism f : (Z/5Z) (Z/11Z) (Z/55Z). (Use suitable results from class to justify the fact that f is an isomorphism of groups.) (b) Use part (a) to find an integer x Z with 0 x < 55 such that x 2 (mod 5) and x 8 (mod 11). 3. (a) Prove that φ(2n) = φ(n), if n is odd, and that φ(2n) = 2φ(n), if n is even. (b) Prove that φ(m) φ(n) whenever m n. Assignment 3 ( ) 1 2 1. (a) Let A = M 3 4 2 (Z). Show that the associated linear map L A : Z 2 Z 2 is injective (one-to-one). Moreover, show that L A is not surjective (onto) by finding an explicit vector which is not in the image of L A (and verify that it isn t). Assignment 4 1. (a) Use the Chinese Remainder Theorem to find an element of order 12 in G = (Z/35Z). Are there any elements of larger order in G? (Justify your assertions.) 2. If m = pq is the product of two distinct odd primes p and q, prove that ord(x) φ(m)/2, for all x G := (Z/mZ). Conclude that G is not cyclic. [Hint: Use CRT.] Assignment 5 1. Let G = x be a cyclic group of order n, and let m n. Show that x k has order m if and only if k = n m k, for some k Z with gcd(k, m) = 1. Conclude that G contains precisely φ(m) elements of order m. 3

2. (a) Show that G = (Z/2 r Z) is cyclic if and only if r 2. [Hint: For r 3, find the order of the elements 1, 1 + 2 r 1 in G and use Prob. 1.] 3. Let (a, p) = 1, where p is a prime, and let n 1. Prove that the congruence equation x n p 1 a (mod p) has a solution if and only if ord p (a). (Here, ord (n,p 1) p(a) denotes the order of [a] in F p.) (b) Conclude from part (a) that 1 is a square mod p if and only if p 1 (mod 4) or p = 2. Assignment 6 1. If G is a group, and m 1 is an integer, put G[m] := {x m = 1 : x G}. (a) If G is cyclic of order n and if m n, show that G[m] = m. (b) Suppose that G = x has order n, and that m n. Prove that G[m] = x n m. (c)* Verify that if G = G 1 G 2, then G[m] = G 1 [m] G 2 [m], Use this to determine G[4] when G = (Z/65Z). Hint: For part (a), use (and verify) the identity d n φ(d) = n. 2. Find the probability (in percent) that a random element of F p is a generator when (a) p = 101; (b) p = 1019; (c) p = 2311. 3. (a) Let p be an odd prime. Show that if a is a square mod p, then a cannot be a primitive root mod p. (b) Let p be a safe prime, i.e., p = 2q + 1, where q is an odd prime, and let a 0, 1 (mod p). Prove that a is a primitive root mod p if and only a is not a square mod p. (c)* Prove that if p is a safe prime, then 4 is a generator of F p. Assignment 7 1. Determine P 21, the set of bases b for which 21 is a pseudoprime to the base b. (Do this by hand (without using a calculator), and use theory to save on computations.) 2. (a) Let G be an abelian group of order n and let m 1 be an integer. Prove that G[m] = G[(n, m)]. (b)* Let n = pq, where p, q are distinct primes, and put m = (p 1, q 1). Show that P n F p [m] F q [m] and conclude that P n = m 2. 3. (a) Which of the three numbers 111, 10000, and 21112 are squares in F 22307? Justify your answer. (Do not use the prime factorization of your numbers.) (b) For which primes p is 11 a quadratic residue mod p? (Give your answer in terms of congruence conditions on p.) 4

4. (a) Let m be a squarefree odd integer, and let (a, m) = 1. Show that x 2 a (mod m) has a solution if and only if ( a ) = 1, for all primes p m. p Assignment 8 1. Let n > 1 be an odd integer, and let b (Z/nZ). (a) Verify that b E n if and only if b E n. (b) If ord(b) = 2, prove that b S n if and only if b = 1. (c)* Suppose that n = pq, where p, q are distinct odd primes with (p 1, q 1) = 2. Prove that S n = {±1}. 2. Determine the sets S n, E n and P n when (a) n = 15 and (b) n = 21 and (c)* n = 65. [Note: you should not use MAPLE or a calculator for this question.] 3. Find the order of the point P on the elliptic curve E/Q as listed: (a) P = (0, 16) on y 2 = x 3 + 256. (b) P = ( 1 2, 1 2 ) on y2 = x 3 + 1 4 x. Assignment 9 1. Let E/F p be an elliptic curve and let P E(F p ) be a point. (a) If n = ord(p ) > 1 2 ( p + 1) 2, prove that E(F p ) is cyclic of order n. (b) If n = ord(p ) > 1 m ( p + 1) 2 for some m 2, what can you say about E(F p )? 2. (a) Let E/F p r be the elliptic curve y 2 = x 3 x. Show that if p 3 (mod 4) is a prime then N E/Fp = p + 1. (b) Find the structure of E(F p ) for p = 19. Assignment 10 1. (a) Let E/F 13 be the elliptic curve defined by y 2 = x 3 + 1. Determine the structure of the group E(F 13 ) using the fact that E(F 13 ) = 12. (Justify your assertion.) (b)* Let E /F 13 be the elliptic curve defined by y 2 = x 3 + x + 2. Determine the structure of the group E (F 13 ) using the fact that E (F 13 ) = 12. (Justify your assertion.) 5

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback