Mathematics of Cryptography

Similar documents
Arithmetic and Algebra

Discrete Mathematics and Probability Theory Fall 2014 Anant Sahai Homework 5. This homework is due October 6, 2014, at 12:00 noon.

NUMBER THEORY AND CODES. Álvaro Pelayo WUSTL

Course 2BA1: Trinity 2006 Section 9: Introduction to Number Theory and Cryptography

Number Theory Notes Spring 2011

Course MA2C02, Hilary Term 2013 Section 9: Introduction to Number Theory and Cryptography

Theory of RSA. Hiroshi Toyoizumi 1. December 8,

C-N Math 207 Discrete Math

C-N Math 207 Discrete Math

Encryption: The RSA Public Key Cipher

a the relation arb is defined if and only if = 2 k, k

ASSIGNMENT Use mathematical induction to show that the sum of the cubes of three consecutive non-negative integers is divisible by 9.

Simple Math: Cryptography

Number Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.

This is a recursive algorithm. The procedure is guaranteed to terminate, since the second argument decreases each time.

Addition. Ch1 - Algorithms with numbers. Multiplication. al-khwārizmī. al-khwārizmī. Division 53+35=88. Cost? (n number of bits) 13x11=143. Cost?

1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2

Basic elements of number theory

Basic elements of number theory

Number theory (Chapter 4)

Discrete Structures Lecture Solving Congruences. mathematician of the eighteenth century). Also, the equation gggggg(aa, bb) =

CIS 6930/4930 Computer and Network Security. Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography

Integers and Division

Congruence Classes. Number Theory Essentials. Modular Arithmetic Systems

Numbers. Çetin Kaya Koç Winter / 18

MTH 346: The Chinese Remainder Theorem

The security of RSA (part 1) The security of RSA (part 1)

Number Theory and Group Theoryfor Public-Key Cryptography

10 Modular Arithmetic and Cryptography

MATH 145 Algebra, Solutions to Assignment 4

ECE596C: Handout #11

Applied Cryptography and Computer Security CSE 664 Spring 2017

Wednesday, February 21. Today we will begin Course Notes Chapter 5 (Number Theory).

Number Theory A focused introduction

basics of security/cryptography

8. Given a rational number r, prove that there exist coprime integers p and q, with q 0, so that r = p q. . For all n N, f n = an b n 2

Math From Scratch Lesson 20: The Chinese Remainder Theorem

Primes and Modular Arithmetic! CSCI 2824, Fall 2014!!

A Readable Introduction to Real Mathematics

4 Number Theory and Cryptography

Topics in Cryptography. Lecture 5: Basic Number Theory

Overview. Background / Context. CSC 580 Cryptography and Computer Security. March 21, 2017

Number Theory. Modular Arithmetic

3 The fundamentals: Algorithms, the integers, and matrices

Discrete Mathematics GCD, LCM, RSA Algorithm

2.3 In modular arithmetic, all arithmetic operations are performed modulo some integer.

COMP239: Mathematics for Computer Science II. Prof. Chadi Assi EV7.635

Beautiful Mathematics

CS483 Design and Analysis of Algorithms

Chinese Remainder Algorithms. Çetin Kaya Koç Spring / 22

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE

Number Theory and Divisibility

Public Key Cryptography

Clock Arithmetic. 1. If it is 9 o clock and you get out of school in 4 hours, when do you get out of school?

Practical assessment week 5 and 6

CS March 17, 2009

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

INTEGERS. In this section we aim to show the following: Goal. Every natural number can be written uniquely as a product of primes.

8 Primes and Modular Arithmetic

CS 5319 Advanced Discrete Structure. Lecture 9: Introduction to Number Theory II

WORKSHEET MATH 215, FALL 15, WHYTE. We begin our course with the natural numbers:

Chuck Garner, Ph.D. May 25, 2009 / Georgia ARML Practice

Cryptosystem. Traditional Cryptosystems: The two parties agree on a secret (one to one) function f. To send a message M, thesendersendsthemessage

For your quiz in recitation this week, refer to these exercise generators:

Chinese Remainder Theorem

Notes on Systems of Linear Congruences

Definition For a set F, a polynomial over F with variable x is of the form

KTH, NADA , and D1449 Kryptografins grunder. Lecture 6: RSA. Johan Håstad, transcribed by Martin Lindkvist

Clock Arithmetic and Euclid s Algorithm

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

Introduction to Cryptography. Lecture 6

1. Given the public RSA encryption key (e, n) = (5, 35), find the corresponding decryption key (d, n).

Math Circles Cryptography

7.2 Applications of Euler s and Fermat s Theorem.

University of New Mexico Department of Computer Science. Midterm Examination. CS 261 Mathematical Foundations of Computer Science Spring, 2010

THE CUBIC PUBLIC-KEY TRANSFORMATION*

ECE 646 Lecture 5. Mathematical Background: Modular Arithmetic

ICS141: Discrete Mathematics for Computer Science I

AN ALGEBRAIC PROOF OF RSA ENCRYPTION AND DECRYPTION

Introduction to Information Security

Divisibility in the Fibonacci Numbers. Stefan Erickson Colorado College January 27, 2006

2 Arithmetic. 2.1 Greatest common divisors. This chapter is about properties of the integers Z = {..., 2, 1, 0, 1, 2,...}.

Number Theory & Modern Cryptography

Some Facts from Number Theory

MATH 4400 SOLUTIONS TO SOME EXERCISES. 1. Chapter 1

PMA225 Practice Exam questions and solutions Victor P. Snaith

Introduction to Modern Cryptography. Benny Chor

MATH 25 CLASS 12 NOTES, OCT Contents 1. Simultaneous linear congruences 1 2. Simultaneous linear congruences 2

Number theory (Chapter 4)

Cryptography. P. Danziger. Transmit...Bob...

Iterated Encryption and Wiener s attack on RSA

Topic Contents. Factoring Methods. Unit 3: Factoring Methods. Finding the square root of a number

Math 299 Supplement: Modular Arithmetic Nov 8, 2013

Discrete Structures Lecture Primes and Greatest Common Divisor

MATH 433 Applied Algebra Lecture 4: Modular arithmetic (continued). Linear congruences.

Introduction to Public-Key Cryptosystems:

Admin. ! Will post sample questions soon. 1. Choose a bit-length k. 2. Choose two primes p and q which can be represented with at most k bits

Public Key Encryption

21. Factoring Numbers I

Public Key Cryptography. All secret key algorithms & hash algorithms do the same thing but public key algorithms look very different from each other.

Transcription:

Modulo arithmetic Fermat's Little Theorem If p is prime and 0 < a < p, then a p 1 = 1 mod p Ex: 3 (5 1) = 81 = 1 mod 5 36 (29 1) = 37711171281396032013366321198900157303750656 = 1 mod 29 (see http://gauss.ececs.uc.edu/courses/c472/java/fermat/fermat.html)

Number Theory Modular Arithmetic: Two numbers equivalent mod n if their difference is multiple of n example: 7 and 10 are equivalent mod 3 but not mod 4 7 mod 3 10 mod 3 = 1; 7 mod 4 = 3, 10 mod 4 = 2. Greatest Common Divisor: Largest integer that evenly divides two given numbers gcd(3, 7) = 1; gcd(294, 385) = 7; 294 = 42 7; 385 = 55 7;

Number Theory Modular Arithmetic: Two numbers equivalent mod n if their difference is multiple of n example: 7 and 10 are equivalent mod 3 but not mod 4 7 mod 3 10 mod 3 = 1; 7 mod 4 = 3, 10 mod 4 = 2. Greatest Common Divisor: Largest integer that evenly divides two given numbers gcd(3, 7) = 1; gcd(294, 385) = 7; 294 = 42 7; 385 = 55 7; Given integers m, n, suppose integer r is the smallest for which there exist integers u, v such that r > 0 and u m + v n = r then r is the greatest common divisor of m and n.

Number Theory Modular Arithmetic: Two numbers equivalent mod n if their difference is multiple of n example: 7 and 10 are equivalent mod 3 but not mod 4 7 mod 3 10 mod 3 = 1; 7 mod 4 = 3, 10 mod 4 = 2. Greatest Common Divisor: Largest integer that evenly divides two given numbers gcd(3, 7) = 1; gcd(294, 385) = 7; 294 = 42 7; 385 = 55 7; Given integers m, n, suppose integer r is the smallest for which there exist integers u, v such that r > 0 and u m + v n = r then r is the greatest common divisor of m and n. If p > r is common divisor then u m/p + v n/p = an integer = r/p < 1

Greatest Common Divisor 385 294

Greatest Common Divisor 385 294 = 1 R 91 91 = 1 385 1 294

Greatest Common Divisor 385 294 = 1 R 91 In other words we need the gcd of 91 + 294 and 294

Greatest Common Divisor 385 294 = 1 R 91 In other words we need the gcd of 91 + 294 and 294 But this is the same gcd as for 91 and 294! because (91+294)/a 294/a = 91/a which must be an integer.

Greatest Common Divisor 385 294 91 = 1 385 1 294 294 91

Greatest Common Divisor 385 294 91 = 1 385 1 294 294 91 = 3 R 21 21 = 294 3(385 294) = 3 385 + 4 294

Greatest Common Divisor 385 294 91 = 1 385 1 294 294 91 21 = 3 385 + 4 294 91 21

Greatest Common Divisor 385 294 91 = 1 385 1 294 294 91 21 = 3 385 + 4 294 91 21 = 4 R 7 7 = 1 385 1 294 4( 3 385 + 4 294) = 13 385 17 294

Greatest Common Divisor 385 294 294 91 91 21 7 = 1 385 1 294 4( 3 385 + 4 294) = 13 385 17 294 21 7

Greatest Common Divisor 385 294 294 91 91 21 7 = 1 385 1 294 4( 3 385 + 4 294) = 13 385 17 294 21 7 = 3 R 0

Greatest Common Divisor 385 294 294 91 91 21 7 = 1 385 1 294 4( 3 385 + 4 294) = 13 385 17 294 21 7 So, the gcd of 385 and 294 is 7

Finding Multiplicative Inverses Find an inverse of m mod n. That is, a number u such that u m = 1 mod n. In other words, find u such that u m + v n = 1 for some v. (see http://gauss.ececs.uc.edu/courses/c472/java/inverse/inverse.html)

Finding Multiplicative Inverses Find an inverse of m mod n. That is, a number u such that u m = 1 mod n. In other words, find u such that u m + v n = 1 for some v. Apply previous algorithm (gcd(m,n)) to get u, v but only if m and n are relatively prime. (see http://gauss.ececs.uc.edu/courses/c472/java/inverse/inverse.html)

Finding Multiplicative Inverses Find an inverse of m mod n. That is, a number u such that u m = 1 mod n. In other words, find u such that u m + v n = 1 for some v. Apply previous algorithm (gcd(m,n)) to get u, v but only if m and n are relatively prime. Example: Inverse of 89 mod 42: (see http://gauss.ececs.uc.edu/courses/c472/java/inverse/inverse.html)

Finding Multiplicative Inverses Find an inverse of m mod n. That is, a number u such that u m = 1 mod n. In other words, find u such that u m + v n = 1 for some v. Apply previous algorithm (gcd(m,n)) to get u, v but only if m and n are relatively prime. Example: Inverse of 89 mod 42: 89 2 42 = 5 (see http://gauss.ececs.uc.edu/courses/c472/java/inverse/inverse.html)

Finding Multiplicative Inverses Find an inverse of m mod n. That is, a number u such that u m = 1 mod n. In other words, find u such that u m + v n = 1 for some v. Apply previous algorithm (gcd(m,n)) to get u, v but only if m and n are relatively prime. Example: Inverse of 89 mod 42: 89 2 42 = 5 = 1 89 2 42 (see http://gauss.ececs.uc.edu/courses/c472/java/inverse/inverse.html)

Finding Multiplicative Inverses Find an inverse of m mod n. That is, a number u such that u m = 1 mod n. In other words, find u such that u m + v n = 1 for some v. Apply previous algorithm (gcd(m,n)) to get u, v but only if m and n are relatively prime. Example: Inverse of 89 mod 42: 89 2 42 = 5 = 1 89 2 42 42 8 5 = 2 (see http://gauss.ececs.uc.edu/courses/c472/java/inverse/inverse.html)

Finding Multiplicative Inverses Find an inverse of m mod n. That is, a number u such that u m = 1 mod n. In other words, find u such that u m + v n = 1 for some v. Apply previous algorithm (gcd(m,n)) to get u, v but only if m and n are relatively prime. Example: Inverse of 89 mod 42: 89 2 42 = 5 = 1 89 2 42 42 8 5 = 2 = 1 42 8(1 89 2 42) = 8 89 + 17 42 (see http://gauss.ececs.uc.edu/courses/c472/java/inverse/inverse.html)

Finding Multiplicative Inverses Find an inverse of m mod n. That is, a number u such that u m = 1 mod n. In other words, find u such that u m + v n = 1 for some v. Apply previous algorithm (gcd(m,n)) to get u, v but only if m and n are relatively prime. Example: Inverse of 89 mod 42: 89 2 42 = 5 = 1 89 2 42 42 8 5 = 2 = 1 42 8(1 89 2 42) = 8 89 + 17 42 5 2 2 = 1 (see http://gauss.ececs.uc.edu/courses/c472/java/inverse/inverse.html)

Finding Multiplicative Inverses Find an inverse of m mod n. That is, a number u such that u m = 1 mod n. In other words, find u such that u m + v n = 1 for some v. Apply previous algorithm (gcd(m,n)) to get u, v but only if m and n are relatively prime. Example: Inverse of 89 mod 42: 89 2 42 = 5 = 1 89 2 42 42 8 5 = 2 = 1 42 8(1 89 2 42) = 8 89 + 17 42 5 2 2 = 1 = 1 89 2 42 2( 8 89 + 17 42) = 17 89 36 42 (see http://gauss.ececs.uc.edu/courses/c472/java/inverse/inverse.html)

Finding Multiplicative Inverses Find an inverse of m mod n. That is, a number u such that u m = 1 mod n. In other words, find u such that u m + v n = 1 for some v. Apply previous algorithm (gcd(m,n)) to get u, v but only if m and n are relatively prime. Example: Inverse of 89 mod 42: 89 2 42 = 5 = 1 89 2 42 42 8 5 = 2 = 1 42 8(1 89 2 42) = 8 89 + 17 42 5 2 2 = 1 = 1 89 2 42 2( 8 89 + 17 42) = 17 89 36 42 Conclusion: 17 is the inverse of 89 mod 42!

Chinese Remainder Theorem There are certain things whose number is unknown. Repeatedly divided by 3, the remainder is 2; by 5 the remainder is 3; and by 7 the remainder is 2. What will be the number?

Chinese Remainder Theorem There are certain things whose number is unknown. Repeatedly divided by 3, the remainder is 2; by 5 the remainder is 3; and by 7 the remainder is 2. What will be the number? Application: An army general about 2000 years ago sent by messenger a note to the emperor telling how many troops he had. But the number was encrypted in the following way: dividing 602 by 3 gives a remainder of 2 dividing 602 by 5 gives a remainder of 2 dividing 602 by 7 gives a remainder of 0 dividing 602 by 11 gives a remainder of 8 So the message is: 2,2,0,8 It turns out that by the Chinese Remainder Theorem (CRT) it is possible to uniquely determine the number of troops provided all the divisions were by relatively prime numbers.

Chinese Remainder Theorem There are certain things whose number is unknown. Repeatedly divided by 3, the remainder is 2; by 5 the remainder is 3; and by 7 the remainder is 2. What will be the number? Application: An old Chinese woman on the way to the market came upon a horse and rider. The horse stepped on her basket and crushed the eggs in her basket. The rider offered to pay for the broken eggs and asked how many eggs were in the basket. She did not remember the exact number, but when she had taken them out two at a time, there was one egg left. The same happened when she picked them out three, four, five, and six at a time, but when she took them seven at a time they came out even. What is the smallest number of eggs she could have had?

Chinese Remainder Theorem If the prime factorization of n is n 1 n 2... n k then the system of equations: x mod n 1 = a 1 x = a 1 mod n 1 x mod n 2 = a 2 x = a 2 mod n 2 x mod n 3 = a 3 x = a 3 mod n 3...... x mod n k = a k x = a k mod n k has a unique solution x given any a 1, a 2,..., a k where x < n.

Chinese Remainder Theorem Why? Define n i = n 1 n 2... n i 1 n i+1... n k This means, for each 1 i k, there is an r i and s i such that r i n i + s i n i = 1 and r i and s i can be found using the gcd algorithm. Since n i contains all n j as factors except for n i it is evenly divisible by all but n i. Then s i n i = 0 mod n j for all i j and s i n i = 1 mod n i

Chinese Remainder Theorem Why? The solution is k x = a i s i n i mod n 1 n 2... n k i=1 Therefore, as a check x mod n 1 = a 1 1 + a 2 0 + a 3 0 +... + a k 0 = a 1 x mod n 2 = a 1 0 + a 2 1 + a 3 0 +... + a k 0 = a 2 x mod n 3 = a 1 0 + a 2 0 + a 3 1 +... + a k 0 = a 3... x mod n k = a 1 0 + a 2 0 + a 3 0 +... + a k 1 = a k

Chinese Remainder Theorem x mod n 1 = a 1 x = a 1 mod n 1 x mod n 2 = a 2 x = a 2 mod n 2 x mod n 3 = a 3 x = a 3 mod n 3...... x mod n k = a k x = a k mod n k has a unique solution x given any a 1, a 2,..., a k where x < n. First problem: M = 3 5 7, x = 2 mod 3, x = 3 mod 5, x = 2 mod 7

Chinese Remainder Theorem x mod n 1 = a 1 x = a 1 mod n 1 x mod n 2 = a 2 x = a 2 mod n 2 x mod n 3 = a 3 x = a 3 mod n 3...... x mod n k = a k x = a k mod n k has a unique solution x given any a 1, a 2,..., a k where x < n. First problem: M = 3 5 7, x = 2 mod 3, x = 3 mod 5, x = 2 mod 7 x = 2 mod 3 7 5 (M/3) 1 = 1 mod 3 (M/3) 1 mod 3 = 2

Chinese Remainder Theorem x mod n 1 = a 1 x = a 1 mod n 1 x mod n 2 = a 2 x = a 2 mod n 2 x mod n 3 = a 3 x = a 3 mod n 3...... x mod n k = a k x = a k mod n k has a unique solution x given any a 1, a 2,..., a k where x < n. First problem: M = 3 5 7, x = 2 mod 3, x = 3 mod 5, x = 2 mod 7 x = 2 mod 3 7 5 (M/3) 1 = 1 mod 3 (M/3) 1 mod 3 = 2 x = 3 mod 5 7 3 (M/5) 1 = 1 mod 5 (M/5) 1 mod 5 = 1

Chinese Remainder Theorem x mod n 1 = a 1 x = a 1 mod n 1 x mod n 2 = a 2 x = a 2 mod n 2 x mod n 3 = a 3 x = a 3 mod n 3...... x mod n k = a k x = a k mod n k has a unique solution x given any a 1, a 2,..., a k where x < n. First problem: M = 3 5 7, x = 2 mod 3, x = 3 mod 5, x = 2 mod 7 x = 2 mod 3 7 5 (M/3) 1 = 1 mod 3 (M/3) 1 mod 3 = 2 x = 3 mod 5 7 3 (M/5) 1 = 1 mod 5 (M/5) 1 mod 5 = 1 x = 2 mod 7 5 3 (M/7) 1 =1 mod 7 (M/7) 1 mod 7 = 1

Chinese Remainder Theorem x mod n 1 = a 1 x = a 1 mod n 1 x mod n 2 = a 2 x = a 2 mod n 2 x mod n 3 = a 3 x = a 3 mod n 3...... x mod n k = a k x = a k mod n k has a unique solution x given any a 1, a 2,..., a k where x < n. First problem: M = 3 5 7, x = 2 mod 3, x = 3 mod 5, x = 2 mod 7 x = 2 mod 3 7 5 (M/3) 1 = 1 mod 3 (M/3) 1 mod 3 = 2 x = 3 mod 5 7 3 (M/5) 1 = 1 mod 5 (M/5) 1 mod 5 = 1 x = 2 mod 7 5 3 (M/7) 1 =1 mod 7 (M/7) 1 mod 7 = 1 x = 2 35 2 + 3 21 1 + 2 15 1 mod 3 5 7 = 23

Chinese Remainder Theorem x mod n 1 = a 1 x = a 1 mod n 1 x mod n 2 = a 2 x = a 2 mod n 2 x mod n 3 = a 3 x = a 3 mod n 3...... x mod n k = a k x = a k mod n k has a unique solution x given any a 1, a 2,..., a k where x < n. First problem: M = 3 5 7, x = 2 mod 3, x = 3 mod 5, x = 2 mod 7 x = 2 mod 3 7 5 (M/3) 1 = 1 mod 3 (M/3) 1 mod 3 = 2 x = 3 mod 5 7 3 (M/5) 1 = 1 mod 5 (M/5) 1 mod 5 = 1 x = 2 mod 7 5 3 (M/7) 1 =1 mod 7 (M/7) 1 mod 7 = 1 x = 2 35 2 + 3 21 1 + 2 15 1 mod 3 5 7 = 23 Hence solution(s) is(are): x = 23 also (128, 233,...)

Chinese Remainder Theorem Immediate consequence: Suppose everyone's RSA public key e part is 3. Consider the same message sent to three people. These are: c[1] = m 3 mod n[1] c[2] = m 3 mod n[2] c[3] = m 3 mod n[3] By the Chinese Remainder Theorem One can compute m 3 mod n[1] n[2] n[3] Since m is smaller than any of the n[i], m 3 is known and taking the cube root finds m. (see http://gauss.ececs.uc.edu/courses/c472/java/crt/crt.html)

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback