Congruence Classes. Number Theory Essentials. Modular Arithmetic Systems

Similar documents
Outline. Some Review: Divisors. Common Divisors. Primes and Factors. b divides a (or b is a divisor of a) if a = mb for some m

Outline. AIT 682: Network and Systems Security. GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation Discrete Logarithms

CSC 474 Network Security. Outline. GCD and Euclid s Algorithm. GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation Discrete Logarithms

Number Theory and Group Theoryfor Public-Key Cryptography

Numbers. Çetin Kaya Koç Winter / 18

Number Theory. Modular Arithmetic

Topics in Cryptography. Lecture 5: Basic Number Theory

Number Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.

CIS 6930/4930 Computer and Network Security. Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography

CPSC 467b: Cryptography and Computer Security

2.3 In modular arithmetic, all arithmetic operations are performed modulo some integer.

Introduction to Cryptography. Lecture 6

CPSC 467b: Cryptography and Computer Security

Basic elements of number theory

Basic elements of number theory

Chapter 9 Basic Number Theory for Public Key Cryptography. WANG YANG

Addition. Ch1 - Algorithms with numbers. Multiplication. al-khwārizmī. al-khwārizmī. Division 53+35=88. Cost? (n number of bits) 13x11=143. Cost?

ECE596C: Handout #11

CIS 551 / TCOM 401 Computer and Network Security

basics of security/cryptography

Some Facts from Number Theory

Lecture 4: Number theory

CSC 474 Information Systems Security

Introduction to Information Security

Lecture notes: Algorithms for integers, polynomials (Thorsten Theobald)

Theory of RSA. Hiroshi Toyoizumi 1. December 8,

Public Key Algorithms

Outline. Number Theory and Modular Arithmetic. p-1. Definition: Modular equivalence a b [mod n] (a mod n) = (b mod n) n (a-b)

Applied Cryptography and Computer Security CSE 664 Spring 2018

Number Theory Alex X. Liu & Haipeng Dai

[Part 2] Asymmetric-Key Encipherment. Chapter 9. Mathematics of Cryptography. Objectives. Contents. Objectives

Public Key Encryption

Public Key Cryptography

CPSC 467: Cryptography and Computer Security

Biomedical Security. Some Security News 9/17/2018. Erwin M. Bakker. Blockchains are not safe for voting (slashdot.org) : From: paragonie.

Number Theory Notes Spring 2011

CPSC 467: Cryptography and Computer Security

Number Theory and Algebra: A Brief Introduction

ECE 646 Lecture 5. Mathematical Background: Modular Arithmetic

Number Theory & Modern Cryptography

Chapter 8. Introduction to Number Theory

1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2

Definition: For a positive integer n, if 0<a<n and gcd(a,n)=1, a is relatively prime to n. Ahmet Burak Can Hacettepe University

Overview. Background / Context. CSC 580 Cryptography and Computer Security. March 21, 2017

A Readable Introduction to Real Mathematics

Lecture 5: Arithmetic Modulo m, Primes and Greatest Common Divisors Lecturer: Lale Özkahya

Mathematical Foundations of Public-Key Cryptography

Lecture 7 Number Theory Euiseong Seo

Know the Well-ordering principle: Any set of positive integers which has at least one element contains a smallest element.

Chapter 9 Mathematics of Cryptography Part III: Primes and Related Congruence Equations

NUMBER THEORY. Anwitaman DATTA SCSE, NTU Singapore CX4024. CRYPTOGRAPHY & NETWORK SECURITY 2018, Anwitaman DATTA

Introduction to Public-Key Cryptosystems:

Ma/CS 6a Class 4: Primality Testing

Public Key Cryptography. All secret key algorithms & hash algorithms do the same thing but public key algorithms look very different from each other.

Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013

Basic Algebra and Number Theory. Nicolas T. Courtois - University College of London

Number Theory A focused introduction

CHAPTER 6. Prime Numbers. Definition and Fundamental Results

Lemma 1.2. (1) If p is prime, then ϕ(p) = p 1. (2) If p q are two primes, then ϕ(pq) = (p 1)(q 1).

ALG 4.0 Number Theory Algorithms:

2 More on Congruences

The RSA public encryption scheme: How I learned to stop worrying and love buying stuff online

Lecture 3.1: Public Key Cryptography I

Mathematics of Cryptography

Mathematics of Cryptography

Elementary Number Theory MARUCO. Summer, 2018

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

CSc 466/566. Computer Security. 5 : Cryptography Basics

COMS W4995 Introduction to Cryptography September 29, Lecture 8: Number Theory

cse 311: foundations of computing Fall 2015 Lecture 12: Primes, GCD, applications

CPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems

CS March 17, 2009

Discrete Mathematics GCD, LCM, RSA Algorithm

Biomedical Security. Overview 9/15/2017. Erwin M. Bakker

cse 311: foundations of computing Spring 2015 Lecture 12: Primes, GCD, applications

Number Theory: Applications. Number Theory Applications. Hash Functions II. Hash Functions III. Pseudorandom Numbers

All variables a, b, n, etc are integers unless otherwise stated. Each part of a problem is worth 5 points.

Discrete mathematics I - Number theory

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE

The security of RSA (part 1) The security of RSA (part 1)

AN ALGEBRAIC PROOF OF RSA ENCRYPTION AND DECRYPTION

W3203 Discrete Mathema1cs. Number Theory. Spring 2015 Instructor: Ilia Vovsha. hcp://

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

Elementary Number Theory Review. Franz Luef

Example 2: Student work M ATHS COURSEWORK. Mathematics SL and HL teacher support material 1. Proving Euler s Totient Theorem

Integers and Division

CSC 5930/9010 Modern Cryptography: Number Theory

Introduction to Modern Cryptography. Benny Chor

Discrete Mathematics and Probability Theory Fall 2014 Anant Sahai Homework 5. This homework is due October 6, 2014, at 12:00 noon.

An integer p is prime if p > 1 and p has exactly two positive divisors, 1 and p.

ECEN 5022 Cryptography

For your quiz in recitation this week, refer to these exercise generators:

Math.3336: Discrete Mathematics. Mathematical Induction

CSE 20 DISCRETE MATH. Winter

This is a recursive algorithm. The procedure is guaranteed to terminate, since the second argument decreases each time.

Lecture 7: Number Theory Steven Skiena. skiena

MATH 4400 SOLUTIONS TO SOME EXERCISES. 1. Chapter 1

Ma/CS 6a Class 3: The RSA Algorithm

Introduction to Number Theory

Transcription:

Cryptography Introduction to Number Theory 1 Preview Integers Prime Numbers Modular Arithmetic Totient Function Euler's Theorem Fermat's Little Theorem Euclid's Algorithm 2 Introduction to Number Theory Integers Arithmetic Prime numbers Factoring GCD Modular arithmetic 3 Network Security 1

Number Theory Essentials Prime Numbers a I is prime iff It's only factors are itself and 1 Equivalently, x I, gcd (x,a) = 1 a, b I are relatively prime iff : gcd (a,b) = 1 Fundamental theorem of arithmetic: Every integer has a unique factorization that is a product of prime powers 4 Modular Arithmetic Systems Form: (a b) mod n The Modulo partitions the integers into congruence classes The congruence class of an integer 'a' is the set of all integers congruent to 'a' modulo 'n'. a b mod n asserts that 'a' and 'b' are members of the same congruence class in modulo 'n' 5 Congruence Classes... 10 5 0 1 6 11 (mod 5).. 14 9 4 1 6 11.. 3 2 8 7 13 12.... 6 Network Security 2

Notation for Modular Arithmetic Form: a b mod n congruent a = b mod n equal indicates that the integers a and b fall into the same congruence class modulo n = means that integer a is the reminder of the division of integer b by integer n, thus, a is the smallest (least) member of 7 the congruence class. The Integers Modulo n a,b,n I, a b mod n iff n * (a-b) 28 6 mod 11: (28-6)/11 = 2 I 219 49 mod 17: (219-49)/17 = 12 I If a b mod n then b a mod n Transitivity holds * N divides (a-b) 8 A Few Properties of Modular Arithmetic (a + b) mod n = (( a mod n)+(b mod n)) mod n ((a mod n) + (b mod n)) mod n = (( b mod n) + (a mod n)) mod n (a x b) mod n = ((a mod n) x (b mod n)) mod n (a x (b + c)) mod n = (((a x b) mod n) + (( a x c) mod n)) mod n (a b ) c mod n = (a b mod n) c mod n If a b mod n then b a mod n 9 Network Security 3

Scrambling with Modular Arithmetic x mod n Informally: Clock arithmetic 6 0 1 5 2 4 3 23 mod 7 =??? 10 Scrambling with Modular Arithmetic x mod n 5 2 Informally: Clock arithmetic 4 3 Formally: if x is less than n, then x mod n = x if x >= n, then x mod n = x - an where an < x 23 mod 7 = 23 - (3*7) = 23-21 = 2 11 6 0 1 Scrambling with Modular Arithmetic Modular Multiplication: c = cipher text = kx mod n p = plain text = c*k -1 mod n If n = 7 and k = 5 then k -1 = 3 encrypt x = 4 as c = 4*5 mod 7 = 6 mod 7 decrypt 6 * 3 mod 7 = 4 mod 7 encrypt x = 2 as c = 2*5 mod 7 = 3 mod 7 decrypt 3 * 3 mod 7 = 2 mod 7 12 Network Security 4

Scrambling with Modular Arithmetic Modular Exponentiation: c = cipher text = x k mod n p = plain text = c k-1 mod n k is the encryption key, k -1 is the decryption key 13 Generators 14 Prime Numbers and Modular Arithmetic Modular computations can be utilized to scramble data Cryptographic systems utilize large prime numbers to create the modulus 15 Network Security 5

Fermat's Little Theorem If for p, a I, where p is prime and 1 < a < p a p = a mod p Equivalently, if p is prime and 1 < a < p a p-1 = 1 mod p 16 Fermat's Little Theorem Proof by Example a p-1 = 1 mod p Let p = 11, pick a's 3: 3 10 = 59049 mod 11 = 1 5: 5 10 = 9765625 mod 11 = 1 7: 7 10 = 282475249 mod 11 = 1 8: 8 10 = 1073741824 mod 11= 1 17 Using FLT to Compute Large Modular Computations Compute: 3 12 mod 11 =(3 10 * 3 2 ) mod 11 =(3 10 ) mod 11 * (3 2 ) mod 11 =1 *(3 2 ) mod 11 =9 18 Network Security 6

Compute: 249 122 mod 31 Compute: 249 122 mod 31 = (249 120 * 249 2 ) mod 31 = (249 120 ) mod 31 * (249 2 ) mod 31 = 1 * (249 2 ) mod 31 = 62001 19 Prime Number Challenges 1. Finding large prime numbers 2. Recognizing large numbers as prime 20 How Do We Get BIG Prime Numbers? Buy them Look them up Compute them 21 Network Security 7

Finding Big Primes The probability of a randomly chosen number being prime is 1/ln n For a 100 digit number, the chance is about 1/230 Guess and check, should take 230 tries on the average How do we check? Primality testing. 22 Primality Testing: FLT says that: "If p is prime, then a p-1 mod p = 1 If we don't know whether or not n is prime, what does the fact that (a n-1 mod n = 1) say about N? 23 A Number P is Probably Prime if: a p-1 = 1 mod p 1. Select p, a large number 2. Select a < p 3. Compute x = a p-1 mod p a. If x 1, p is not prime b. If x = 1, p is probably prime 24 Network Security 8

A Number P is Probably Prime if: a p-1 = 1 mod p If a p-1 = 1 mod p, the chance that p is not prime is 1/10 13 25 Large Exponents 381 1502 Thank goodness: That our computations are mod n When n is prime For FLT 381 1502 mod 751 = 218 26 Large Exponents & FLT 381 1502 mod 751 = 381 2 x 381 750 x 381 750 = 381 2 mod 751 x 1 mod 751 = 145161 mod 751 = 218 27 Network Security 9

Exponentiation with FLT a p-1 1 mod p 7 13 x mod 11 7 10 mod 11* 7 3 mod 11 x mod 11 1 mod 11* 7 3 mod 11 x mod 11 7 3 mod 11 x mod 11 343 mod 11 2 mod 11 28 Z n * Z = set of all integers Z n is the set of all integers mod n Z n * is the set of integers in Z n (less than n) that are relatively prime to n (gcd (m,n) = 1) Z n * is closed under multiplication 29 φ(n) φ(n) is the # of #s less than n that are relatively prime to n The function φ(n) returns the cardinality of Z n * p Primes, φ(p) = p - 1 30 Network Security 10

Deriving φ(n) For Primes: Product of 2 relatively prime #s Product of n relatively prime #s Generally (i.e. for all integers x) 31 Deriving φ(n) Primes: p Primes, φ(p) = p - 1. Product of 2 relatively prime #s if gcd (m,n) = 1, then φ(mn) = φ(m) * φ(n) 15 = 3*5 and 32 φ(15)=2*4=8, {1,2,4,7,8,11,13,14} Deriving φ(n) Product of n relatively prime #s if gcd (a 1,a 2, a n ) = 1, then φ(a i a 2 a n )=φ(a 1 )*φ(a 2 )* φ(a n ) 30 = 2*3*5 and φ(30)=1*2*4=8 33 Z 30* = {1,7,11,13,17,19,23,29} Network Security 11

Euler's Theorem Test to see if two numbers are relatively prime n-1 if n is prime if gcd(a,n) = 1, a Φ(n) mod n = 1 1.(3,11): 3 10 mod 11 = 59049 mod 11 = 1 2.(4,9): 4 6 mod 9 = 4096 mod 9 = 1 3.(5,18): 5 6 mod 18 = 15625 mod 18 = 1 4.(4,6): 4 2 mod 6 = 16 mod 6 = 4 34 Finding a Multiplicative Inverse mod n Find y such that: xy = 1 mod n Why? It is needed in RSA How? Euclid's Algorithm 35 Integer Properties/Rules Denote the set of integers as I Division: For a,b,c I, a b iff c b a = c a a If a b and b c, then a c If a b and a c, then a (bx+cy) x, y I If a b and b a, then a = ± b c = gcd(a,b) if c is the largest integer that divides both a and b Remainders: a, b I, q, r I : a = qb + r where r is the remainder of a/b r = a mod b 36 Network Security 12

Finding a GCD If (x divides a) and (x divides b), then x divides a - b For example x = 10, a = 90, b = 40: 10 divides 50 x = 5, a = 35, b = 25: 5 divides 10 x = 19, a = 95, b = 57: 19 divides 38 Finding a GCD For a>b, gcd (a,b)= gcd (b, a mod b) gcd(95,57) = gcd (57, 95 mod 57) =gcd(57,38) = gcd (38, 57 mod 38) =gcd(38,19) = gcd (19, 38 mod 19) =gcd(19,0) =gcd(95,57) = 19 38 Finding a GCD For a>b, a = qb +r gcd(95,57): 95 = 1*57 + 38 57 = 1 * 38 + 19 38 = 2 * 19 + 0 39 Network Security 13

Finding a GCD For a>b, a = qb +r gcd(81719, 6118): 81719 = 13 * 6118 + 2185 6118 = 2 * 2185 + 1748 2185 = 1 * 1748 + 437 1748 = 4 * 437 + 0 40 Finding a GCD For a>b, a = qb +r gcd(21,77): 77 = 3 * 21 + 14 21 = 1 * 14 + 7 14 = 2 * 7 + 0 17 = 8 * 2 + 1 41 Relative Primality Test For a>b, gcd (a,b) = gcd (b, a mod b) gcd(196,87) = gcd (87, 196 mod 87) =gcd(87,22) = gcd (22, 87 mod 22) =gcd(22,21) = gcd (21, 22 mod 21) =gcd(21,1) =196 and 87 are relatively prime42 Network Security 14

Multiplicative Inverse mod n m must be relatively prime to n m is in Z n iff there exists u, v such that: um + vn = 1 mod n u7 +v17 = 1 mod 17 by inspection, u = 5, v = -2 43 Euclid's Algorithm Find the multiplicative inverse u of m mod n, where m and n are relatively prime i.e. find um = 1 mod n equivalently, um differs from a multiple of n by 1, equivalently, there exists a v such that um + vn = 1 gcd (14,9) = 1, u = 2, v = -3: (2*14) + (-3*9) = 1 gcd(21, 8) = 1, u = -3, v = 8: (-3*21) + (8*8) = 1 computing gcd(m,n) can find u & v provided gcd(m,n) = 1 Any x that divides m and n, also divides m - kn for kn < m Repetitively replace <m,n> with <n,m mod n> When m mod n = 0, n is the gcd(m,n) 44 Facts for Finding a Multiplicative Inverse mod n #1: x,y I, u,v gcd(x,y) = ux + vy #2: gcd(x,y) mod n = (ux+vy) mod n #3: If x,y are relatively prime mod n, then gcd (x,y) = 1 mod n #4: If x,y are relatively prime mod n, then u,v ux + vy = 1 mod n 45 Network Security 15

Multiplicative Inverse mod n gcd (m,n) = um + vn for all m and n gcd (35,50) by inspection: 35u + 50v = 35(3)+50(-2) = 105-100 = 5 gcd(42,56) um & vn differ by 14 at a multiple of 56 56, 112 u=3, v=-2 42, 126 46 Using Euclid to Find Inverses Mod N find 7-1 mod 51, or find ux + vy = 1 or ux = 1 - vy where x = 7 and y = 51 Opportunities for 7u = 1 mod 51 or 7u = 1-51v, occur at [v] (multiples of 51)+ 1 (52, 103, 154, 205, etc.) So we look for one of these that 7 divides evenly and recognize 154. (7*22) + (-3 * 51) = 1 mod 51 or (7*22) = 1- (-3 * 51) - 1 + (3*51) Thus 7 * 22 = 154 = 1 mod 51 and that 7-1 = 22 mod 51 u = 8 u = 15 u = 22 0 7 14 21 28 35 42 49 56 63 70 77 84 91 98 105 112 119 126 133 140 137 154 1 51 102 153 Paydirt v = -1 v = -2 v = -3 47 Set Up n q n r n u n v n -2-323 1 0-1 - 18209 0 1 0-323 1 0 1 3 4 48 Network Security 16

n q n r n u n v n -2 323 1 0-1 u n = u n-2 -(q n * u n-1 ) 18209 0 1 0 v n = v n-2 -(q n * v n-1 ) 323 1 0 1 56 121-56 1 2 3 18209 div 323 0-(56*1) 4 18209 mod 323 1-(56*0) 49 n q n r n u n v n -2 323 1 0-1 u n = u n-2 -(q n * u n-1 ) 18209 0 1 0 v n = v n-2 -(q n * v n-1 ) 323 1 0 1 56 121-56 1 2 2 81 113-2 3 4 323 div 121 323 mod 121 1-(2*-56) 0-(2*1) 50 n q n r n u n v n -2 323 1 0-1 u n = u n-2 -(q n * u n-1 18209 ) 0 1 0 v n = v n-2 -(q n * v n-1 ) 323 1 0 1 56 121-56 1 2 2 81 113-2 3 1 40-169 3 4 121 div 81 323 mod 121-56-(1*-113) 1-(1*-2) 51 Network Security 17

n q n r n u n v n -2 323 1 0-1 u n = u n-2 -(q n * u n-1 18209 ) 0 1 0 v n = v n-2 -(q n * v n-1 ) 323 1 0 1 56 121-56 1 2 2 81 113-2 3 1 40-169 3 4 2 1 451-8 81 div 40 81 mod 40 113-(2*-169) -2-(2*-3) 52 n q n r n u n v n -2 323 1 0-1 u n = u n-2 -(q n * u n-1 ) 18209 0 1 0 v n = v n-2 -(q n * v n-1 ) 323 1 0 1 56 121-56 1 2 2 81 113-2 3 1 40-169 3 4 2 1 451-8 5 40 0 1 = 323*451 mod 18209 40 div 1 40 mod 1 53 Compute the inverse of 17 mod 71 n qn r n un vn -2 17 1 0-1 71 0 1 0 0 17 1 0 1 4 3-4 1 2 5 2 21-5 3 1 1-25 6 4 For n = 1: (-4*17) + (1*71) = -68 + 71 = 3 (which is r 1 ) For n = 2: (21*17) + (-5*71) = 357 + 355 = 2 (which is r 2 ) For n = 3: (-25*17) + (6*71) = -425 + 426 = 1 (which is r 3 ) 54 Recall that u n = u n-2 -(q n * u n-1 ) and v n = v n-2 -(q n * v n-1 ) Network Security 18

Negative Inverses, Mod N find 7-1 mod 51, or find ux + vy = 1 or ux = 1 - vy where x = 7 and y = 51 We may also consider places where vy = 1 - ux (4 * 51) = (1 - (7 * -29)) u = -29 u = -15 204 = (1 - (-203)) = 204 r = -1 u = -15 u = -8 203 196 189 182 175 168 161 154 147 140 133 126 119 112 105 98 91 84 77 70 63 56 49 42 35 28 21 14 7 0 +204 + 153 +102 +51 + 1 v = 4 v = 3 v = 2 v = 1 Still Paydirt 55 Negatives Modulo Numbers OK, so is -25 the answer? Yes but, 17-1 = -25 mod 71 = (71-25) mod 71 = 46 mod 71 which is a better answer 56 Questions? 57 Network Security 19

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback