Math From Scratch Lesson 20: The Chinese Remainder Theorem

Similar documents
MATH 433 Applied Algebra Lecture 4: Modular arithmetic (continued). Linear congruences.

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

10 Problem 1. The following assertions may be true or false, depending on the choice of the integers a, b 0. a "

Q 2.0.2: If it s 5:30pm now, what time will it be in 4753 hours? Q 2.0.3: Today is Wednesday. What day of the week will it be in one year from today?

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

MATH 25 CLASS 12 NOTES, OCT Contents 1. Simultaneous linear congruences 1 2. Simultaneous linear congruences 2

[Part 2] Asymmetric-Key Encipherment. Chapter 9. Mathematics of Cryptography. Objectives. Contents. Objectives

CHAPTER 3. Congruences. Congruence: definitions and properties

COMP239: Mathematics for Computer Science II. Prof. Chadi Assi EV7.635

MATH 145 Algebra, Solutions to Assignment 4

Number Theory and Group Theoryfor Public-Key Cryptography

Solution Sheet (i) q = 5, r = 15 (ii) q = 58, r = 15 (iii) q = 3, r = 7 (iv) q = 6, r = (i) gcd (97, 157) = 1 = ,

Integers and Division

3 The fundamentals: Algorithms, the integers, and matrices

The security of RSA (part 1) The security of RSA (part 1)

ax b mod m. has a solution if and only if d b. In this case, there is one solution, call it x 0, to the equation and there are d solutions x m d

Numbers. Çetin Kaya Koç Winter / 18

Chinese Remainder Theorem

CS 5319 Advanced Discrete Structure. Lecture 9: Introduction to Number Theory II

4 Number Theory and Cryptography

CPSC 467b: Cryptography and Computer Security

Chapter 5. Modular arithmetic. 5.1 The modular ring

Number Theory Proof Portfolio

Chinese Remainder Algorithms. Çetin Kaya Koç Spring / 22

a the relation arb is defined if and only if = 2 k, k

Homework #2 solutions Due: June 15, 2012

Mathematical Foundations of Public-Key Cryptography

CSC 5930/9010 Modern Cryptography: Number Theory

Number Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.

Math 109 HW 9 Solutions

Mathematics of Cryptography

Number Theory. Modular Arithmetic

Discrete Structures Lecture Solving Congruences. mathematician of the eighteenth century). Also, the equation gggggg(aa, bb) =

Intermediate Math Circles February 29, 2012 Linear Diophantine Equations I

Number theory (Chapter 4)

This is a recursive algorithm. The procedure is guaranteed to terminate, since the second argument decreases each time.

The Chinese Remainder Theorem

Elementary Algebra Chinese Remainder Theorem Euclidean Algorithm

Simultaneous Linear, and Non-linear Congruences

Math From Scratch Lesson 29: Decimal Representation

Arithmetic and Algebra

2.3 In modular arithmetic, all arithmetic operations are performed modulo some integer.

Notes on Systems of Linear Congruences

Math 131 notes. Jason Riedy. 6 October, Linear Diophantine equations : Likely delayed 6

Basic elements of number theory

Basic elements of number theory

MATH 361: NUMBER THEORY FOURTH LECTURE

3.2 Solving linear congruences. v3

Lecture notes: Algorithms for integers, polynomials (Thorsten Theobald)

Intermediate Math Circles February 26, 2014 Diophantine Equations I

MATH 3240Q Introduction to Number Theory Homework 4

Lecture 2. The Euclidean Algorithm and Numbers in Other Bases

Number Theory: Applications. Number Theory Applications. Hash Functions II. Hash Functions III. Pseudorandom Numbers

8 Primes and Modular Arithmetic

Lecture 7: Number Theory Steven Skiena. skiena

Applied Cryptography and Computer Security CSE 664 Spring 2017

4.4 Solving Congruences using Inverses

Iterated Encryption and Wiener s attack on RSA

Number Theory A focused introduction

Elementary Number Theory Review. Franz Luef

Introduction. What is RSA. A Guide To RSA by Robert Yates. Topics

Math 299 Supplement: Modular Arithmetic Nov 8, 2013

Lecture 7 Number Theory Euiseong Seo

The Chinese Remainder Theorem

Elementary Number Theory. Franz Luef

The Euclidean Algorithm and Multiplicative Inverses

Number theory (Chapter 4)

MATH 501 Discrete Mathematics. Lecture 6: Number theory. German University Cairo, Department of Media Engineering and Technology.

Carmen s Core Concepts (Math 135)

MATH 310: Homework 7

Lecture Notes. Advanced Discrete Structures COT S

Wednesday, February 21. Today we will begin Course Notes Chapter 5 (Number Theory).

Chapter 9 Mathematics of Cryptography Part III: Primes and Related Congruence Equations

Algebra. Modular arithmetic can be handled mathematically by introducing a congruence relation on the integers described in the above example.

PREPARATION NOTES FOR NUMBER THEORY PRACTICE WED. OCT. 3,2012

3.7 Non-linear Diophantine Equations

CPSC 467: Cryptography and Computer Security

Chuck Garner, Ph.D. May 25, 2009 / Georgia ARML Practice

Number Theory Notes Spring 2011

Chapter 5. Number Theory. 5.1 Base b representations

Some Facts from Number Theory

Discrete Mathematics and Probability Theory Fall 2014 Anant Sahai Homework 5. This homework is due October 6, 2014, at 12:00 noon.

3+4=2 5+6=3 7 4=4. a + b =(a + b) mod m

Modular Arithmetic and Elementary Algebra

A Guide to Arithmetic

A Readable Introduction to Real Mathematics

CS March 17, 2009

Modular Arithmetic Instructor: Marizza Bailey Name:

Math 312/ AMS 351 (Fall 17) Sample Questions for Final

LECTURE 4: CHINESE REMAINDER THEOREM AND MULTIPLICATIVE FUNCTIONS

MTH 346: The Chinese Remainder Theorem

CHAPTER 6. Prime Numbers. Definition and Fundamental Results

Number Theory Alex X. Liu & Haipeng Dai

Introduction to Public-Key Cryptosystems:

Number Theory Solutions Packet

NUMBER SYSTEMS. Number theory is the study of the integers. We denote the set of integers by Z:

Math Circle Beginners Group February 28, 2016 Euclid and Prime Numbers Solutions

Clock Arithmetic. 1. If it is 9 o clock and you get out of school in 4 hours, when do you get out of school?

ALGEBRA. 1. Some elementary number theory 1.1. Primes and divisibility. We denote the collection of integers

A Few Primality Testing Algorithms

Transcription:

Math From Scratch Lesson 20: The Chinese Remainder Theorem W. Blaine Dowler January 2, 2012 Contents 1 Relatively Prime Numbers 1 2 Congruence Classes 1 3 Algebraic Units 2 4 Chinese Remainder Theorem 2 4.1 A Concrete Example......................... 4 5 Next 5 1 Relatively Prime Numbers A quick definition: two numbers n and m are considered relatively prime or coprime if they have no common prime factors. Thus, any two prime numbers are coprime. Similarly, 32 = 2 5 and 729 = 3 6 are coprime because they have no common prime factors. Their greatest common factor is 1. 2 Congruence Classes A congruence class [a], also known as an equivalence class, is the set of all integers x such that x = a (mod n) for a specified n. Although it is a set, it is customary to use the symbol [a] as though it is a variable when we really mean an element of the set [a]. In modular arithmetic, the final solutions to algebra will not depend upon which specific element of [a] is being used, so the lazy notation is used without fear of ambiguity. 1

3 Algebraic Units When we first examined modular arithmetic, we learned that some elements have inverses, but others do not. In particular, all non-zero elements of Z 3 had inverses, but several elements of Z 6 did not. Before moving forward, we need to determine the conditions under which an element will have an inverse for a given modulus n. Let us assume that m < n and the greatest common factor of m and n is gcd (m, n) = g. 1 If m has an inverse d in Z n, then there is some value of k for which md = kn + 1 We will now show that this implies gcd (m, n) = g = 1 any time m has such an inverse. If gcd (m, n) = g, then m = lg and n = jg for some l, n. Thus, md = kn + 1 lgd = kjg + 1 (ld kj) g = 1 These steps were performed in Z, not in Z n. Thus, the only possible solution to the equations is that ld kj = 1 and g = 1. Thus, if m has an inverse in Z n, then gcd (m, n) = 1 is required. If m has an inverse in Z n, then m is a unit of Z n. If n is prime, then every element of in Z n is a unit. 4 Chinese Remainder Theorem The Chinese Remainder Theorem was named for the culture that discovered the theorem centuries before anyone else. It was first published by Sun Tzu, better known for publishing The Art of War. Theorem 4.1 The Chinese Remainder Theorem states that, given coprime in- 1 The greatest common factor g of m and n is the largest number such that m = k g and n = l g for some values of k and l. 2

tegers n 1, n 2, n 3,..., n k then the system x a 1 (mod n 1 ) x a 2 (mod n 2 ) x a 3 (mod n 3 ). x a k (mod n k ) has a solution, which is unique up to modulo N = n 1 n 2 n 3... n k. To prove the theorem we need to prove both the existence and the uniqueness of the solution x. We start by proving the existence by constructing such a solution. Let c i = N n i. As our moduli n i are all prime, we know that all c i are units modulo n i, so that there exist numbers y such that yc i = 1 (mod n i ). If d = gcd(a, n), then ax b (modn) has a solution if and only if d divides b. This is a proof identical to that used for diophantine equations in the last lesson. This amounts to saying that ax = kn+b for some k, so that ax kn = b. As gcd(a, n) = d, the left hand side is divisible by d, so the right hand side (b) is also divisible by d. Thus, in our example with gcd(c i, n i ) = 1, we can guarantee that d i c i = 1 (mod n i ) for some d i. Knowing this, we can construct a solution x 0 as follows: x 0 = a 1 c 1 d 1 + a 2 c 2 d 2 +... + a k c k d k When taken mod n i, we find that a i c i d i = a i by construction, while a j c j d j = 0 for any i j, as c j will be a multiple of n i. Thus, this is a general solution to our system of linear equations. We now need to prove that this is unique. Let x be an arbitrary solution to the system. Then we know that x a i x 0 (mod n i ) for all i. Therefore, x x 0 0 (mod n i ), showing that x x 0 is divisible by n i. Notice that the subscript i appears only on the n i, which means every n i divides into x x 0. Since the numbers n i are coprime, then x x 0 is divisible by N, proving that this set of solutions is unique. 2 2 A set of solutions is unique if every solution is a part of that set. It is not required that there is only one solution. 3

4.1 A Concrete Example This is fairly abstract, so we ll use a concrete example. We will be examining statements such as x a i (mod n j ) in these examples. We then choose prime numbers for the different possible values of n j, such that n 1 = 2, n 2 = 3, n 3 = 5, and n 4 = 7. Let us reproduce one of the earliest applications of the theorem. Imagine you have an assembly of x soldiers in the Chinese army, and you do not know what x is. You ask all soldiers to pair off and count the remainder of 1. You then ask them to get into groups of 3 and have 2 remainder, and so forth. When grouped in fives, there is again one soldier left over. We can use the Chinese Remainder Theorem to determine what the value of x is. Here is what we know: x = 1 (mod 2) x = 2 (mod 3) x = 1 (mod 5) x = 3 (mod 7) We can use the Chinese Remainder Theorem to start calculating x. The answer will not be unique amongst all integers, but we can quickly narrow down the options. Let us assume that the space our soldiers are in cannot hold more than 200 soldiers at a time. We can use brute force to solve the problem, by listing all numbers between 1 and 200 which satisfy the first condition, then all such numbers satisfying the second condition, and so forth, and then cross referencing our lists to determine what the solution is. The Chinese Remainder Theorem effectively allows us to turn all of these conditions into a single solution, which can then be reduced to the correct modulus. We have taken four arrangements of soldiers because the result is only unique up to modulus n 1 n 2... n k and 2 3 5 7 = 210 is the smallest combination that is greater than the 200 soldier limit to the field. (Taking the first three gives a solution unique modulo 30, which isn t enough to guarantee the exact solution.) First, we find our values of d i. We find values such that c i d i 1 (mod n i ). For the first condition, we find that 105d 1 1 (mod 2). The simplest number that satisfies this condition is d 1 = 1. Similarly, 70d 2 1 (mod 3) can be solved with d 2 = 1. The next condition is more challenging: 42d 3 1 (mod 5) can be solved by first applying modular multiplication rules to turn it into 2d 3 1 (mod 5). If d 3 = 3, then the condition is satisfied. The fourth and final condition is 30d 4 1 (mod 7), or 2d 4 8 (mod 7), which can be easily solved 4

by d 4 = 4. Now we have our values of a i (given in the problem), c i (computed by multiplying all of the moduli together except n i ) and d i (found in the previous paragraph.) We can substitute this into our general solution and get x 0 = a 1 c 1 d 1 +a 2 c 2 d 2 +a 3 c 3 d 3 +a 4 c 4 d 4 = (1)(105)(1)+(2)(70)(1)+(1)(42)(3)+(3)(30)(4) = 731 This is one possible solution. We can find our particular solution as 731 101 (mod 210), or 101. There are 101 soldiers. 5 Next We will next define and manipulate Euler s totient function. That function is one of the core pieces in RSA encryption. 5

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback