Foundations of Cryptography

Similar documents
CHAPTER 14. Ideals and Factor Rings

Algebra Review. Instructor: Laszlo Babai Notes by Vincent Lucarelli and the instructor. June 15, 2001

Many of the groups with which we are familiar are arithmetical in nature, and they tend to share key structures that combine more than one operation.

Groups, Rings, and Finite Fields. Andreas Klappenecker. September 12, 2002

Section 18 Rings and fields

5 Group theory. 5.1 Binary operations

Mathematics for Cryptography

Rings. Chapter 1. Definition 1.2. A commutative ring R is a ring in which multiplication is commutative. That is, ab = ba for all a, b R.

LECTURE NOTES IN CRYPTOGRAPHY

Section 10: Counting the Elements of a Finite Group

Name: Solutions Final Exam

MATH 101: ALGEBRA I WORKSHEET, DAY #3. Fill in the blanks as we finish our first pass on prerequisites of group theory.

Ideals, congruence modulo ideal, factor rings

Supplement. Dr. Bob s Modern Algebra Glossary Based on Fraleigh s A First Course on Abstract Algebra, 7th Edition, Sections 0 through IV.

Coding Theory ( Mathematical Background I)

CHAPTER I. Rings. Definition A ring R is a set with two binary operations, addition + and

( ) 3 = ab 3 a!1. ( ) 3 = aba!1 a ( ) = 4 " 5 3 " 4 = ( )! 2 3 ( ) =! 5 4. Math 546 Problem Set 15

Rings and Fields Theorems

Groups Subgroups Normal subgroups Quotient groups Homomorphisms Cyclic groups Permutation groups Cayley s theorem Class equations Sylow theorems

MA441: Algebraic Structures I. Lecture 18

Groups in Cryptography. Çetin Kaya Koç Winter / 13

Elementary Algebra Chinese Remainder Theorem Euclidean Algorithm

Example 2: Let R be any commutative ring with 1, fix a R, and let. I = ar = {ar : r R},

Kevin James. MTHSC 412 Section 3.1 Definition and Examples of Rings

ALGEBRA I (LECTURE NOTES 2017/2018) LECTURE 9 - CYCLIC GROUPS AND EULER S FUNCTION

Total 100

Finite Fields. Saravanan Vijayakumaran Department of Electrical Engineering Indian Institute of Technology Bombay

CSIR - Algebra Problems

Algebraic Structures Exam File Fall 2013 Exam #1

Quizzes for Math 401

Algebraic structures I

(Rgs) Rings Math 683L (Summer 2003)

Discrete Mathematics with Applications MATH236

Chapter 3. Rings. The basic commutative rings in mathematics are the integers Z, the. Examples

Math Introduction to Modern Algebra

Finite Fields. Sophie Huczynska. Semester 2, Academic Year

Math 2070BC Term 2 Weeks 1 13 Lecture Notes

The number of ways to choose r elements (without replacement) from an n-element set is. = r r!(n r)!.

Public-key Cryptography: Theory and Practice

ECEN 5022 Cryptography

Modern Algebra I. Circle the correct answer; no explanation is required. Each problem in this section counts 5 points.

To hand in: (a) Prove that a group G is abelian (= commutative) if and only if (xy) 2 = x 2 y 2 for all x, y G.

SUMMARY ALGEBRA I LOUIS-PHILIPPE THIBAULT

Some practice problems for midterm 2

Chapter 5. Modular arithmetic. 5.1 The modular ring

2 ALGEBRA II. Contents

Math 546, Exam 2 Information.

MATH 433 Applied Algebra Lecture 19: Subgroups (continued). Error-detecting and error-correcting codes.

Lecture 7 Cyclic groups and subgroups

Lecture 7: Polynomial rings

Math 4400, Spring 08, Sample problems Final Exam.

Modern Algebra (MA 521) Synopsis of lectures July-Nov 2015 semester, IIT Guwahati

0 Sets and Induction. Sets

INTRODUCTION TO THE GROUP THEORY

Definition List Modern Algebra, Fall 2011 Anders O.F. Hendrickson

1. Group Theory Permutations.

School of Mathematics and Statistics. MT5836 Galois Theory. Handout 0: Course Information

SUMMARY OF GROUPS AND RINGS GROUPS AND RINGS III Week 1 Lecture 1 Tuesday 3 March.

MATH 25 CLASS 21 NOTES, NOV Contents. 2. Subgroups 2 3. Isomorphisms 4

Theorems and Definitions in Group Theory

First Semester Abstract Algebra for Undergraduates

Prime Rational Functions and Integral Polynomials. Jesse Larone, Bachelor of Science. Mathematics and Statistics

MT5836 Galois Theory MRQ

I216e Discrete Math (for Review)

A. (Groups of order 8.) (a) Which of the five groups G (as specified in the question) have the following property: G has a normal subgroup N such that

Note that a unit is unique: 1 = 11 = 1. Examples: Nonnegative integers under addition; all integers under multiplication.

May 6, Be sure to write your name on your bluebook. Use a separate page (or pages) for each problem. Show all of your work.

Practice problems for first midterm, Spring 98

Basic Definitions: Group, subgroup, order of a group, order of an element, Abelian, center, centralizer, identity, inverse, closed.

Euler s, Fermat s and Wilson s Theorems

RINGS: SUMMARY OF MATERIAL

NOTES ON FINITE FIELDS

Basic elements of number theory

Basic elements of number theory

Modular Arithmetic and Elementary Algebra

Applied Cryptography and Computer Security CSE 664 Spring 2018

Group Theory. 1. Show that Φ maps a conjugacy class of G into a conjugacy class of G.

Congruences and Residue Class Rings

Ideals: Definitions & Examples

Downloaded from

ALGEBRA QUALIFYING EXAM SPRING 2012

Kevin James. MTHSC 412 Section 3.4 Cyclic Groups

Section 15 Factor-group computation and simple groups

ENTRY GROUP THEORY. [ENTRY GROUP THEORY] Authors: started Mark Lezama: October 2003 Literature: Algebra by Michael Artin, Mathworld.

Algebra Homework, Edition 2 9 September 2010

Page Points Possible Points. Total 200

PRACTICE FINAL MATH , MIT, SPRING 13. You have three hours. This test is closed book, closed notes, no calculators.

We begin with some definitions which apply to sets in general, not just groups.

Abstract Algebra: Chapters 16 and 17

Ph.D. Qualifying Examination in Algebra Department of Mathematics University of Louisville January 2018

Part II. Number Theory. Year

Math 4400 First Midterm Examination September 21, 2012 ANSWER KEY. Please indicate your reasoning and show all work on this exam paper.

φ(a + b) = φ(a) + φ(b) φ(a b) = φ(a) φ(b),

MATH HL OPTION - REVISION SETS, RELATIONS AND GROUPS Compiled by: Christos Nikolaidis

Discrete Logarithms. Let s begin by recalling the definitions and a theorem. Let m be a given modulus. Then the finite set

ELG 5372 Error Control Coding. Lecture 12: Ideals in Rings and Algebraic Description of Cyclic Codes

CHAPTEER - TWO SUBGROUPS. ( Z, + ) is subgroup of ( R, + ). 1) Find all subgroups of the group ( Z 8, + 8 ).

Math 121 Homework 5: Notes on Selected Problems

MATH 3030, Abstract Algebra FALL 2012 Toby Kenney Midyear Examination Friday 7th December: 7:00-10:00 PM

Introduction to Information Security

Transcription:

Foundations of Cryptography Ville Junnila viljun@utu.fi Department of Mathematics and Statistics University of Turku 2015 Ville Junnila viljun@utu.fi Lecture 7 1 of 18

Cosets Definition 2.12 Let G be a group, H G and a G. Then we have the following definitions: ah = {ah G h H} is the left coset of H in G defined by a and Ha = {ha G h H} is the right coset of H in G defined by a. Theorem 2.9 Let H be a subgroup of G. Then for any a, b G the following statements are equivalent: 1 ah = bh, 2 a bh, i.e., a = bh for some h H and 3 b 1 a H. Ville Junnila viljun@utu.fi Lecture 7 2 of 18

Cosets Definition 2.13 If H G, then the set of all cosets of H is denoted by G/H. Theorem 2.10 Let H G. 1 Each element of G belongs to exactly on left coset of H. 2 If G is finite, then each left coset has the same number of elements. 3 The subgroup H itself is a coset; H = 1 H. Ville Junnila viljun@utu.fi Lecture 7 3 of 18

Cosets Theorem 2.11 (Lagrange s theorem) Let G be a finite group and H G. If the number of left cosets of H is i, then we have G = i H. In particular, G is divided by H. Example Let G be a finite group with 21 elements. Consider the possible orders of subgroups of G. Ville Junnila viljun@utu.fi Lecture 7 4 of 18

Order of group element Definition 2.14 Let G be a group. If a G is such that a k 1 G for all k Z \ {0}, then the order of a is infinite. Otherwise, the order of a G is the smallest positive integer n such that a n = 1 G. Theorem Let G be a finite cyclic group, G = c. If n is the smallest positive integer such that c n = 1 G, then G = n and G = {1, c, c 2,..., c n 1 }. Theorem 2.12 Let G be a group and a G. The order of a is equal to the order of a = {a k k Z}. Ville Junnila viljun@utu.fi Lecture 7 5 of 18

Order of group element Theorem 2.13 Let G be a finite group and a G. Then the order of a G divides G since a divides G by Lagrange s theorem. Therefore, Example a G = 1 G. Consider the group (Z 25, ). Determine the order of 2 Z 25. Ville Junnila viljun@utu.fi Lecture 7 6 of 18

Order of group element Theorem 2.14 (Euler s theorem) Considering the group (Z n, ), we have a ϕ(n) = 1 for all a Z n. In other words, for all a Z such that gcd(a, n) = 1, we have a ϕ(n) 1 (mod n). Theorem 2.15 (Fermat s little theorem) If p P and a Z is not divisible by p, then a p 1 1 (mod p). Ville Junnila viljun@utu.fi Lecture 7 7 of 18

Rings Definition 2.15 A triplet (R, +, ) is called a ring, if + and are binary operations defined over R and the following conditions hold: Re1 (R, +) is an abelian group (the additive group of the ring) Re2 a(bc) = (ab)c multiplication) a, b, c R (the associativity of Re3 there exists 1 R such that 1 a = a 1 = a element or identity element of the ring) Re4 a(b + c) = ab + ac; (a + b)c = ac + bc (distributivity). a R (unit a, b, c R If multiplication is also commutative, i.e., ab = ba a, b R, we call R a commutative ring. Remark The unit element 1 of the ring is unique. Ville Junnila viljun@utu.fi Lecture 7 8 of 18

Rings Example 2.11 Each of the sets Z, Q and R form a commutative ring under the usual + and. Example 2.12 (Polynomial ring) The set of polynomials R[x] = {a o + a 1 x + + a n x n n 0, a k R (k = 0, 1,..., n)} with the operations (f, g R[x]) (f + g)(x) = f (x) + g(x) and (fg)(x) = f (x)g(x) for all x R is a commutative ring. Similarly, Z[x] and Q[x] are commutative rings. Ville Junnila viljun@utu.fi Lecture 7 9 of 18

Rings Example 2.13 (Quotient ring or residue class ring) The set Z m is a commutative ring under the following + and : a + b = a + b and a b = ab. The zero element is 0 and the unit element 1. The ring is finite and commutative. Definition 2.16 Let R be a ring. A subset I R is an ideal in R if I1 (I, +) is a subgroup of (R, +), I2 ra I for all r R and a I, and I3 ar I for all r R and a I. Ville Junnila viljun@utu.fi Lecture 7 10 of 18

Ideals Example Consider the ring (Z, +, ). Let us show that m = mz is an ideal of Z. Example 2.14(a) Consider the polynomial ring (R[x], +, ). Let us show that is an ideal in R[x]. I = {p(x) R[x] p(0) = 0} Ville Junnila viljun@utu.fi Lecture 7 11 of 18

Ideals Example 2.14(c) Let us show that I = {a m x m + a m+1 x m+1 + + a n x n R[x] n m} is an ideal in R[x]. Definition If S 1, S 2,..., S k are subsets of a ring R, then S 1 + S 2 + + S k = {r 1 + r 2 + + r k r i S i }. Ville Junnila viljun@utu.fi Lecture 7 12 of 18

Ideals Theorem 2.16 Let R be a ring. 1 If I and J are ideals in R, then I + J is an ideal. Generally, if I 1, I 2,..., I n are ideals in R, then I 1 + I 2 + + I n is an ideal. 2 If I and J are ideals in R, then I J is an ideal. Generally, if I i (i I) are ideals in R, then the intersection i I I i is an ideal. Definition (Generating an ideal) Let R be a ring. A subset S R generates an ideal S = I, S I where I goes through all such ideals in R. Indeed, by Theorem 2.16, S is an ideal. Ville Junnila viljun@utu.fi Lecture 7 13 of 18

Ideals Remark The ideal S is the smallest one including S, i.e., if J is an ideal such that S J, then S J. Definition If S is a finite set, say S = {a 1, a 2,..., a k }, then we denote S = a 1, a 2,..., a k and say that the ideal S is finitely generated. An ideal generated by one element, say a, is called a principal ideal. Example 2.15 The trivial ideals R and {0} are principal ideal since R = 1 and {0} = 0. Ville Junnila viljun@utu.fi Lecture 7 14 of 18

Ideals Example 2.16 The ideals of the ring Z are principal ideals m = mz (m 0) (by Theorem 2.6). Example 2.17 Consider the principal ideal x m in the polynomial ring R[x]. By the definition of ideal, p(x)x m x m for any p(x) R[x]. Therefore, the ideal (of Example 2.14(c)) I = {a m x m + a m+1 x m+1 + + a n x n R[x] n m} is such that I x m. Since x m I, then by the minimality of x m, we have x m I. Thus, I = x m. Ville Junnila viljun@utu.fi Lecture 7 15 of 18

Ideals Theorem 2.17 If R is a commutative ring, then for any a 1, a 2,..., a k R we have a 1, a 2,..., a k = {r 1 a 1 + r 2 a 2 + + r k a k r i R}. Ville Junnila viljun@utu.fi Lecture 7 16 of 18

Quotient ring Remark Let (R, +, ) be a ring and I an ideal in R. Recall that I R under the addition +. Hence, we may consider the cosets a + I in the group (R, +). Recall that R/I denoted the set of all cosets. Theorem 2.18 Let (R, +, ) be a ring and I an ideal in R. The equations (a + I ) + (b + I ) = (a + b) + I and (a + I )(b + I ) = ab + I give well-defined binary operations from R/I R/I to R/I that form a ring (R/I, +, ). Ville Junnila viljun@utu.fi Lecture 7 17 of 18

Quotient ring Remark Recall that if I is an ideal in a ring R, then (I, +) is a subgroup of (R, +). Theorem 2.9 Let H be a subgroup of G. Then for any a, b G the following statements are equivalent: 1 ah = bh, 2 a bh, i.e., a = bh for some h H and 3 ab 1 H. Example Consider the ring (Z/3Z, +, ). Ville Junnila viljun@utu.fi Lecture 7 18 of 18

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback