CS483 Design and Analysis of Algorithms

Similar documents
Discrete Mathematics GCD, LCM, RSA Algorithm

Encryption: The RSA Public Key Cipher

NUMBER THEORY AND CODES. Álvaro Pelayo WUSTL

Number-theoretic algorithms 1

basics of security/cryptography

Number Theory. Modular Arithmetic

INTEGERS. In this section we aim to show the following: Goal. Every natural number can be written uniquely as a product of primes.

Public Key Cryptography

Number Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.

Topics in Cryptography. Lecture 5: Basic Number Theory

CIS 551 / TCOM 401 Computer and Network Security

Cryptography. pieces from work by Gordon Royle

Lecture 5: Arithmetic Modulo m, Primes and Greatest Common Divisors Lecturer: Lale Özkahya

Addition. Ch1 - Algorithms with numbers. Multiplication. al-khwārizmī. al-khwārizmī. Division 53+35=88. Cost? (n number of bits) 13x11=143. Cost?

cse 311: foundations of computing Spring 2015 Lecture 12: Primes, GCD, applications

Course MA2C02, Hilary Term 2013 Section 9: Introduction to Number Theory and Cryptography

CS 5319 Advanced Discrete Structure. Lecture 9: Introduction to Number Theory II

Public Key Cryptography. All secret key algorithms & hash algorithms do the same thing but public key algorithms look very different from each other.

Elementary Number Theory Review. Franz Luef

OWO Lecture: Modular Arithmetic with Algorithmic Applications

Course 2BA1: Trinity 2006 Section 9: Introduction to Number Theory and Cryptography

cse 311: foundations of computing Fall 2015 Lecture 12: Primes, GCD, applications

Basic elements of number theory

Basic elements of number theory

Applied Cryptography and Computer Security CSE 664 Spring 2017

ICS141: Discrete Mathematics for Computer Science I

Algorithms (II) Yu Yu. Shanghai Jiaotong University

CS 580: Algorithm Design and Analysis

during transmission safeguard information Cryptography: used to CRYPTOGRAPHY BACKGROUND OF THE MATHEMATICAL

Asymmetric Encryption

1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2

Chapter 8 Public-key Cryptography and Digital Signatures

Introduction to Cryptography. Lecture 6

Introduction to Cryptography k. Lecture 5. Benny Pinkas k. Requirements. Data Integrity, Message Authentication

Asymmetric Cryptography

Chapter 4 Asymmetric Cryptography

Simple Math: Cryptography

Introduction to Public-Key Cryptosystems:

Mathematical Foundations of Public-Key Cryptography

Integers and Division

Security Issues in Cloud Computing Modern Cryptography II Asymmetric Cryptography

CS March 17, 2009

Review. CS311H: Discrete Mathematics. Number Theory. Computing GCDs. Insight Behind Euclid s Algorithm. Using this Theorem. Euclidian Algorithm

CSCI3390-Lecture 16: Probabilistic Algorithms: Number Theory and Cryptography

Algorithms with numbers

CPSC 467: Cryptography and Computer Security

3 The fundamentals: Algorithms, the integers, and matrices

Theme : Cryptography. Instructor : Prof. C Pandu Rangan. Speaker : Arun Moorthy CS

Number Theory & Modern Cryptography

Number theory (Chapter 4)

Notes. Number Theory: Applications. Notes. Number Theory: Applications. Notes. Hash Functions I

Number Theory: Applications. Number Theory Applications. Hash Functions II. Hash Functions III. Pseudorandom Numbers

Introduction to Modern Cryptography. Benny Chor

Numbers. Çetin Kaya Koç Winter / 18

Ma/CS 6a Class 3: The RSA Algorithm

Mathematics of Cryptography

2 Arithmetic. 2.1 Greatest common divisors. This chapter is about properties of the integers Z = {..., 2, 1, 0, 1, 2,...}.

10 Modular Arithmetic and Cryptography

University of Tokyo: Advanced Algorithms Summer Lecture 6 27 May. Let s keep in mind definitions from the previous lecture:

4 Number Theory and Cryptography

CPSC 467b: Cryptography and Computer Security

Lemma 1.2. (1) If p is prime, then ϕ(p) = p 1. (2) If p q are two primes, then ϕ(pq) = (p 1)(q 1).

CSE 311: Foundations of Computing. Lecture 12: Two s Complement, Primes, GCD

Algorithms lecture notes 1. Hashing, and Universal Hash functions

10 Public Key Cryptography : RSA

CHAPTER 6. Prime Numbers. Definition and Fundamental Results

Cosc 412: Cryptography and complexity Lecture 7 (22/8/2018) Knapsacks and attacks

COMS W4995 Introduction to Cryptography September 29, Lecture 8: Number Theory

Mathematical Foundations of Cryptography

ECE 646 Lecture 5. Mathematical Background: Modular Arithmetic

An integer p is prime if p > 1 and p has exactly two positive divisors, 1 and p.

Linear Congruences. The equation ax = b for a, b R is uniquely solvable if a 0: x = b/a. Want to extend to the linear congruence:

Public Key Algorithms

W3203 Discrete Mathema1cs. Number Theory. Spring 2015 Instructor: Ilia Vovsha. hcp://

19. Coding for Secrecy

Intro to Public Key Cryptography Diffie & Hellman Key Exchange

Lecture 6: Introducing Complexity

The set of integers will be denoted by Z = {, -3, -2, -1, 0, 1, 2, 3, 4, }

This is a recursive algorithm. The procedure is guaranteed to terminate, since the second argument decreases each time.

Introduction to Number Theory. The study of the integers

Arithmetic Algorithms, Part 1

Number Theory and Group Theoryfor Public-Key Cryptography

CRYPTOGRAPHY AND LARGE PRIMES *

download instant at

Cryptography and RSA. Group (1854, Cayley) Upcoming Interview? Outline. Commutative or Abelian Groups

THE CUBIC PUBLIC-KEY TRANSFORMATION*

Definition: For a positive integer n, if 0<a<n and gcd(a,n)=1, a is relatively prime to n. Ahmet Burak Can Hacettepe University

Lecture 14: Hardness Assumptions

Finite Fields. Mike Reiter

Introduction to Cybersecurity Cryptography (Part 4)

Elementary Number Theory MARUCO. Summer, 2018

Cryptography. P. Danziger. Transmit...Bob...

COMP239: Mathematics for Computer Science II. Prof. Chadi Assi EV7.635

Lecture: Analysis of Algorithms (CS )

Finite Fields and Error-Correcting Codes

2.3 In modular arithmetic, all arithmetic operations are performed modulo some integer.

MATH 433 Applied Algebra Lecture 4: Modular arithmetic (continued). Linear congruences.

Chapter 9 Mathematics of Cryptography Part III: Primes and Related Congruence Equations

COT 3100 Applications of Discrete Structures Dr. Michael P. Frank

Lecture 4: Number theory

Transcription:

CS483 Design and Analysis of Algorithms Lectures 2-3 Algorithms with Numbers Instructor: Fei Li lifei@cs.gmu.edu with subject: CS483 Office hours: STII, Room 443, Friday 4:00pm - 6:00pm or by appointments Course web-site: http://www.cs.gmu.edu/ lifei/teaching/cs483 fall08/ Figures unclaimed are from books Algorithms and Introduction to Algorithms.

Chapter 1 of DPV Algorithms with Numbers Foundations 1. Basic Arithmetic 2. Modular Arithmetic 3. Primality Testing Applications 1. Cryptography 2. Universal Hashing

Basic Arithmetic Addition Theorem The sum of any three single-digit numbers is at most two digits long, no matter what the base is Proof.? 9 + 9 + 9 = 27, in decimal 1 + 1 + 1 = 11, in binary

Basic Arithmetic Addition Remark Each individual sum is a two-digit number, the carry is always a single digit, and so at any given step, three single-digit numbers are added Addition runs in linear O(n), when two n-bits numbers are added

Basic Arithmetic Multiplication 1. Is it correct? 2. Running time? 3. Can we do better? Divide-and-Conquer: O(n 1.59 ) (in Chapter 2)

Basic Arithmetic Division Input: Two n-bit integers x and y, where y 1 Output: The quotient and remainder of x divided by y function divide(x, y) if (x = 0) return (q, r) = (0, 0); (q, r) = divide( x / 2, y); q = 2 q; r = 2 r; if (x is odd) r = r + 1; if (r y) r = r - y; q = q + 1; return (q, r);

Chapter 1 of DPV Algorithms with Numbers Foundations 1. Basic Arithmetic 2. Modular Arithmetic 3. Primality Testing Applications 1. Cryptography 2. Universal Hashing

Modular Arithmetic Definition Modular arithmetic is a system limiting numbers to a predefined range [0, 1,..., N 1] x and y are congruent modulo N N divides (x y) x modulo N is r x = q N + r x r (mod N), with 0 r < N Figure: http://www.mathworks.com

Modular Arithmetic Modular arithmetic deals with all integers and divide them into N equivalence classes, each of the form {i + k N, k Z} for some i between 0 and N 1 For each class, i is the representative Remark Substitution rule. If x x (mod N) and y y (mod N), then, x + y x + y (mod N) and x y x y (mod N) x + (y + z) (x + y) + z (mod N), Associativity x y y x (mod N), Commutativity x (y + z) x y + y z (mod N), Distributivity 2 345? (mod 31)

Modular Addition and Multiplication

Modular Addition and Multiplication 1. Modular addition A regular addition (0 x + y 2 (N 1)) and possibly a subtraction Running time O(n), where n = log N

Modular Addition and Multiplication 1. Modular addition A regular addition (0 x + y 2 (N 1)) and possibly a subtraction Running time O(n), where n = log N 2. Modular multiplication A regular multiplication (0 x y (N 1) 2 ) and divide it by N Running time O(n 3 )

Modular Addition and Multiplication 1. Modular addition A regular addition (0 x + y 2 (N 1)) and possibly a subtraction Running time O(n), where n = log N 2. Modular multiplication A regular multiplication (0 x y (N 1) 2 ) and divide it by N Running time O(n 3 ) 3. Modular exponentiation Algorithms for x y (mod N)? Running time? 4. Modular division Algorithms for a? 1 (mod N)? Running time?

Module Exponentiation (x y mod N =?) 1. Worst approach Calculate x y, then calculate x y mod N (2 19 ) 219 = 2 19 524288

Module Exponentiation (x y mod N =?) 1. Worst approach Calculate x y, then calculate x y mod N (2 19 ) 219 = 2 19 524288 2. Bad approach Calculate x y mod N by repeatedly multiplying by x modulo N x mod N x 2 mod N x 3 mod N..., x y mod N y 1 2 500 multiplications, if y has 500 bits

Module Exponentiation (x y mod N =?) 1. Worst approach Calculate x y, then calculate x y mod N (2 19 ) 219 = 2 19 524288 2. Bad approach Calculate x y mod N by repeatedly multiplying by x modulo N x mod N x 2 mod N x 3 mod N..., x y mod N y 1 2 500 multiplications, if y has 500 bits 3. Best approach (geometrically calculate the product) x mod N x 2 mod N x 4 mod N..., x 2 log y mod N.

Euclid Algorithm (gcd(a, b)) Given two integers a and b, what is the largest integer that divides both greatest common divisor? Theorem Let a b. gcd(a, b) = gcd(b, a mod b) = gcd(a b, b). Proof.? gcd(25, 11) =?

Extension of Euclid s Algorithm Assume d is the greatest common divisor of a and b, how can we check this? Lemma If d divides both a and b, and d = a x + b y for some integers of x and y, then necessarily d = gcd(a, b). Proof.? 1. gcd(65, 40) =? 2. 65 x + 40 y = gcd(65, 40) 3. gcd(1239, 735) =? 4. 1239 x + 735 y = gcd(65, 40)

Modular Division a x 1 (mod N) Definition x is the multiplicative inverse of a modulo N if a x 1 (mod N) Lemma x, if it exists, is unique. Proof.? Lemma If gcd(a, N) = 1, x must exist. Proof.?

Chapter 1 of DPV Algorithms with Numbers Foundations 1. Basic Arithmetic 2. Modular Arithmetic 3. Primality Testing Applications 1. Cryptography 2. Universal Hashing

Primality Testing Tell whether a number is a prime without factoring it. Theorem Fermat s little theorem. If p is prime, then for every 1 a < p, a p 1 1 (mod p) Lemma (S = {1, 2,..., p 1} a) mod p = S (p 1)! a p 1 (p 1)! (mod p)

Fermat s Last Theorem Figure: http://jeff560.tripod.com Figure: http://www.fafamonge.com/images

Generate Random Primes Theorem Langange s prime number theorem. Let π(x) be the number of primes x. Then π(x) x ln x, or more precisely, lim x + π(x) (x/ ln x) = 1 function random-prime(n) while() Pick a random n-bit number N; Run a primality test on N; if (test is passed) return N;

Chapter 1 of DPV Algorithms with Numbers Foundations 1. Basic Arithmetic 2. Modular Arithmetic 3. Primality Testing Applications 1. Cryptography 2. Universal Hashing

Rivest-Shamir-Adelman (RSA) Public Key System 1. Anybody can send a message to anybody else using publicly available information 2. Each person has a public key known to the whole world and a secret key known only to him- or herself 3. When Alice wants to send message x to Bob, she encodes it using Bobs public key. Bob decrypts it using his secret key

Rivest-Shamir-Adelman (RSA) Public Key System 1. Anybody can send a message to anybody else using publicly available information 2. Each person has a public key known to the whole world and a secret key known only to him- or herself 3. When Alice wants to send message x to Bob, she encodes it using Bobs public key. Bob decrypts it using his secret key 4. Approach Think of messages from Alice to Bob as numbers (mod N)

Public Key Cryptography Pick any 2 primes p and q. Let N = p q For any e 1 (mod (p 1) (q 1)):

Public Key Cryptography Pick any 2 primes p and q. Let N = p q For any e 1 (mod (p 1) (q 1)): 1. The mapping x x e mod N is a bijection on {0, 1,..., N 1}. A reasonable way to encode x

Public Key Cryptography Pick any 2 primes p and q. Let N = p q For any e 1 (mod (p 1) (q 1)): 1. The mapping x x e mod N is a bijection on {0, 1,..., N 1}. A reasonable way to encode x 2. Let d be the inverse of e mod (p 1) (q 1). Then, x {0, 1,..., N 1}: (x e ) d x (mod N) A reasonable way to decode x

Proof of RSA 1. (2.) implies (1.) since the mapping is invertible 2. e is invertible module (p 1) (q 1) because e is relatively prime to this number 3. e d 1 mod (p 1) (q 1), then, e d = 1 + k (p 1) (q 1) for some k. Show is always 0 (mod N) x e d x = x 1+k (p 1) (q 1) x

RSA: R Rivest, A. Shamir and L. Adleman (MIT) http://www.usc.edu/dept/molecular-science/pictures 1. Bob picks up 2 large prime numbers p and q. His public key is (N = p q, e). e 1 (mod (p 1) (q 1)) Bob s secret key is d, d e 1 (mod (p 1) (q 1)) 2. Alice sends Bob y = x e mod N 3. Bob decodes x by computing y d mod N 1. Given N, e, and y = x e mod N, it is computational intractable to determine x 2. FACTORING is HARD

Chapter 1 of DPV Algorithms with Numbers Foundations 1. Basic Arithmetic 2. Modular Arithmetic 3. Primality Testing Applications 1. Cryptography 2. Universal Hashing

Hashing Table Dictionary Given a universe U of possible elements, maintain a subset S U so that inserting, deleting, and searching in S is efficient Challenge Universe U can be extremely large so defining an array of size U is infeasible Applications File systems, databases, Google, compilers, checksums P2P networks, associative arrays, cryptography, web caching, etc

Hashing Table fast access + efficient storage random function + consistent function distribution is unknown

Hashing 1. Hash function h : U {0, 1,..., n 1} 2. Hashing Create an array H of size n. When processing element u U, access array element H[h(u)] 3. Collision When h(u) = h(v) but u v A collision is expected after Ω( n) random insertions Why? birthday paradox next Lecture Separate chaining H[i] stores linked list of elements u with h(u) = i

Hashing Performance 1. Idealistic hash function Maps m elements uniformly at random to n hash slots a. Running time depends on length of chains b. Average length of chain = m/n c. Choose n m on average O(1) per insert, lookup, or delete 2. Universal hashing a. For any pair of elements u, v U b. Can select random h efficiently c. Can compute h(u) efficiently Pr h H [h(u) = h(v)] 1 n

Universal Hashing Theorem Universal hashing property. Assume H be a universal class of hash functions. Let h H be chosen uniformly at random from H; and let u U. Then, for any subset S U of size at most n, the expected number of items in S that collide with u is at most 1 Proof.?

A Universal Hashing For any 4 coefficients a 1, a 2, a 3, a 4 {0, 1,..., n 1}, write a = (a 1, a 2, a 3, a 4 ) and define h a (x 1, x 2, x 3, x 4 ) = 4 (a i x i mod n) i=1 Theorem Consider any pair of distinct IP addresses x = (x 1, x 2, x 3, x 4 ) and y = (y 1, y 2, y 3, y 4 ). If the coefficients a = (a 1, a 2, a 3, a 4 ) are chosen uniformly at random from {0, 1,..., n 1}, then Pr{h a (x 1, x 2, x 3, x 4 ) = h a (y 1, y 2, y 3, y 4 )} = 1 n Proof.?

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback