yslinformation security -- public-key cryptography1 prime and relatively prime numbers divisors: we...
TRANSCRIPT
![Page 1: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/1.jpg)
YSL Information Security -- Public-Key Cryptography 1
Prime and Relatively Prime Numbers
• Divisors: We say that b 0 divides a if a = mb for some m, where a, b and m are integers.
• b divides a if there is no remainder on division.
• The notation b|a is commonly used to mean that b divides a.
• If b|a, we say that b is a divisor of a.
![Page 2: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/2.jpg)
YSL Information Security -- Public-Key Cryptography 2
Prime and Relatively Prime Numbers (cont’d)
• If a|1, then a = 1.
• If a|b and b|a, then a = b.
• Any b 0 divides 0.
• If b|g and b|h, then b|(mg + nh) for arbitrary integers m and n.
![Page 3: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/3.jpg)
YSL Information Security -- Public-Key Cryptography 3
Prime and Relatively Prime Numbers (cont’d)
![Page 4: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/4.jpg)
YSL Information Security -- Public-Key Cryptography 4
Prime and Relatively Prime Numbers (cont’d)
2 3 5 7 11 1 3 1 7 1 9 2 3 2 9 3 1 3 7 4 1 4 3 4 7 5 3 5 9 6 1 6 7 7 1 7 3 7 9 8 3 8 9 9 7
1 0 1 1 0 3 1 0 7 1 0 9 11 3 1 2 7 1 3 1 1 3 7 1 3 9 1 4 9 1 5 1 1 5 7 1 6 3 1 6 7 1 7 3 1 7 9 1 8 1 1 9 1 1 9 3 1 9 7 1 9 9
2 1 1 2 2 3 2 2 7 2 2 9 2 3 3 2 3 9 2 4 1 2 5 1 2 5 7 2 6 3 2 6 9 2 7 1 2 8 1 2 8 3 2 9 3
3 0 7 3 11 3 1 3 3 1 7 3 3 1 3 3 7 3 4 7 3 4 9 4 4 9 4 5 7 4 6 1 4 6 3 4 6 7 4 7 9 4 8 7 4 9 1 4 9 9
4 0 1 4 0 9 4 1 9 4 2 1 4 3 1 4 3 3 4 3 9 4 4 3 4 4 9 4 5 7 4 6 1 4 6 3 4 6 7 4 7 9 4 8 7 4 9 1 4 9 9
5 0 3 5 0 9 5 2 1 5 2 3 5 4 1 5 4 7 5 5 7 5 6 3 5 6 9 5 7 1 5 7 7 5 8 7 5 9 3 5 9 9
6 0 1 6 0 7 6 1 3 6 1 7 6 1 9 6 3 1 6 4 1 6 4 3 6 4 7 6 5 3 6 5 9 6 6 1 6 7 3 6 7 7 6 8 3 6 9 1
7 0 1 7 0 9 7 1 9 7 2 7 7 3 3 7 3 9 7 4 3 7 5 1 7 5 7 7 6 1 7 6 9 7 7 3 7 8 7 7 9 7
8 0 9 8 11 8 2 1 8 2 3 8 2 7 8 2 9 8 3 9 8 5 3 8 5 7 8 5 9 8 6 3 8 7 7 8 8 1 8 8 3 8 8 7
9 0 7 9 11 9 1 9 9 2 9 9 3 7 9 4 1 9 4 7 9 5 3 9 6 7 9 7 1 9 7 7 9 8 3 9 9 1 9 9 7
1 0 0 9 1 0 1 3 1 0 1 9 1 0 2 1 1 0 3 1 1 0 3 3 1 0 3 9 1 0 4 9 1 0 5 1 1 0 6 1 1 0 6 3 1 0 6 9 1 0 8 7 1 0 9 1 1 0 9 3 1 0 9 7
11 0 3 1 1 0 9 1 11 7 11 2 3 11 2 9 1 1 5 1 1 1 5 3 11 6 3 11 7 1 1 1 8 1 1 1 8 7 11 9 3
1 2 0 1 1 2 1 3 1 2 1 7 1 2 2 3 1 2 2 9 1 2 3 1 1 2 3 7 1 2 4 9 1 2 5 9 1 2 7 7 1 2 7 9 1 2 8 3 1 2 8 9 1 2 9 1 1 2 9 7
1 3 0 1 1 3 0 3 1 3 0 7 1 3 1 9 1 3 2 1 1 3 2 7 1 3 6 1 1 3 6 7 1 3 7 3 1 3 8 1 1 3 9 9
1 4 0 9 1 4 2 3 1 4 2 7 1 4 2 9 1 4 3 3 1 4 3 9 1 4 4 7 1 4 5 1 1 4 5 3 1 4 5 9 1 4 7 1 1 4 8 1 1 4 8 3 1 4 8 7 1 4 8 9 1 4 9 3 1 4 9 9
1 5 11 1 5 2 3 1 5 3 1 1 5 4 3 1 5 4 9 1 5 5 3 1 5 5 9 1 5 6 7 1 5 7 1 1 5 7 9 1 5 8 3 1 5 9 7
1 6 0 1 1 6 0 7 1 6 0 9 1 6 1 3 1 6 1 9 1 6 2 1 1 6 2 7 1 6 3 7 1 6 5 7 1 6 6 3 1 6 6 7 1 6 6 9 1 6 9 3 1 6 9 7 1 6 9 9
1 7 0 9 1 7 2 1 1 7 2 3 1 7 3 3 1 7 4 1 1 7 4 7 1 7 5 3 1 7 5 9 1 7 7 7 1 7 8 3 1 7 8 7 1 7 8 9
1 8 0 1 1 8 1 1 1 8 2 3 1 8 3 1 1 8 4 7 1 8 6 1 1 8 6 7 1 8 7 1 1 8 7 3 1 8 7 7 1 8 7 9 1 8 8 91 9 0 1 1 9 0 7 1 9 1 3 1 9 3 1 1 9 3 3 1 9 4 9 1 9 5 1 1 9 7 3 1 9 7 9 1 9 8 7 1 9 9 3 1 9 9 7 1 9 9 9
Table 7.1 Primes under 2000
![Page 5: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/5.jpg)
YSL Information Security -- Public-Key Cryptography 5
Prime and Relatively Prime Numbers (cont’d)
• The above statement is referred to as the prime number theorem, which was proven in 1896 by Hadaward and Poussin.
x (x) x/ln x ((x) ln x)/x103 168 144.8 1.160104 1229 1085.7 1.132105 9592 8685.9 1.104106 78498 74382.4 1.085107 664579 620420.7 1.071108 5761455 5428681.0 1.061109 50847534 48254942.4 1.0541010 455052512 434294481.9 1.048
![Page 6: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/6.jpg)
YSL Information Security -- Public-Key Cryptography 6
Prime and Relatively Prime Numbers (cont’d)
![Page 7: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/7.jpg)
YSL Information Security -- Public-Key Cryptography 7
Prime and Relatively Prime Numbers (cont’d)
• Whether there exists a simple formula to generate prime numbers?
• An ancient Chinese mathematician conjectured that if n divides 2n - 2 then n is prime. For n = 3, 3 divides 6 and n is prime. However, For n = 341 = 11 31, n dives 2341 - 2.
• Mersenne suggested that if p is prime then Mp = 2p - 1 is prime. This type of primes are referred to as Mersenne primes. Unfortunately, for p = 11, M11 = 211 -1 = 2047 = 23 89.
![Page 8: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/8.jpg)
YSL Information Security -- Public-Key Cryptography 8
Prime and Relatively Prime Numbers (cont’d)
• Fermat conjectured that if Fn = 22n
+ 1, where n is a non-negative integer, then Fn is prime. When n is less than or equal to 4, F0 = 3, F1 = 5, F2 = 17, F3 = 257 and F4 = 65537 are all primes. However, F5 = 4294967297 = 641 6700417 is not a prime bumber.
• n2 - 79n + 1601 is valid only for n < 80.• There are an infinite number of primes of the form
4n + 1 or 4n + 3.• There is no simple way so far to gererate prime nu
mbers.
![Page 9: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/9.jpg)
YSL Information Security -- Public-Key Cryptography 9
Prime and Relatively Prime Numbers (cont’d)
• Factorization of an integer as a product of prime numbers
• Example: 91 = 7 13; 11011 = 7 112 13.
• Useful for checking divisibility and relative primality to be discussed later.
• Factorization is in gereral difficult.
![Page 10: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/10.jpg)
YSL Information Security -- Public-Key Cryptography 10
Prime and Relatively Prime Numbers (cont’d)
• Define notation gcd(a,b) to mean the greatest common divisor of a and b.
• The positive integer c is said to be the gcd of a and b if– c|a and c|b– any divisor of a and b is a dividor of c.
• Equivalently, gcd(a,b) = max[k, such that k|a and k|b]
• gcd(a,b) = gcd(-a,b) = gcd(a,-b) = gcd(-a,-b) =gcd(|a|,|b|)
![Page 11: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/11.jpg)
YSL Information Security -- Public-Key Cryptography 11
Prime and Relatively Prime Numbers (cont’d)
• gcd(a,0) = |a|.• Factorization is one possible but in general in
efficient way to calculate gcd. Whereas, Euclid‘s algorithm (to be discussed later) is more efficient.
• Relative primality– the integers a and b are relatively prime if they ha
ve no prime factors in common– or equivalently, their only common factor is 1– or equivalently, gcd(a,b) = 1
![Page 12: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/12.jpg)
YSL Information Security -- Public-Key Cryptography 12
Modular Arithmetic
![Page 13: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/13.jpg)
YSL Information Security -- Public-Key Cryptography 13
Modular Arithmetic (cont’d)
• Examples:– a = 11; n = 7; 11 = 1 7 + 4; r = 4.– a = -11; n = 7; -11 = (-2) 7 + 3; r = 3.
• If a is an integer and n is a positive integer, define a mod n to be the remainder when a is divided by n.
• Then, a = a/n n + (a mod n);Example: 11 mod 7 = 4; -11 mod 7 = 3.
![Page 14: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/14.jpg)
YSL Information Security -- Public-Key Cryptography 14
Modular Arithmetic (cont’d)
The modulo operator has the following properties:
1. a≡ b mod n if n|(a-b).2. (a mod n)=(b mod n) implies a≡ b mod n.3. a≡ b mod n implies b≡ a mod n.4. a≡ b mod n and b≡ c mod n imply a≡ c mod n.
23≡ 8 (mod 5) because 23-8=15=5× 3-11≡ 5 (mod 8) because -11-5=-16=8× (-2)81≡ 0 (mod 27) because 81-0=81=27× 3
![Page 15: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/15.jpg)
YSL Information Security -- Public-Key Cryptography 15
Modular Arithmetic (cont’d)
• Properties of modular arithmetic operations
• Proof of Property 1:Define (a mod n) = ra and (b mod n) = rb. Then a = ra + jn and b =
rb + kn for some integers j and k. Then,
(a+b) mod n = (ra + jn + rb + kn) mod n
= (ra + rb + (j + k)n) mod n
= (ra + rb) mod n = [(a mod n) + (b mod n)] mod n
1. [(a mod n)+(b mod n)] mod n=(a+b) mod n2. [(a mod n)-(b mod n)] mod n=(a-b) mod n3. [(a mod n) × (b mod n)] mod n=(a × b) mod n
![Page 16: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/16.jpg)
YSL Information Security -- Public-Key Cryptography 16
Modular Arithmetic (cont’d)
11 mod 8=3; 15 mod 8=7[(11 mod 8)+(15 mod 8)] mod 8=10 mod 8=2(11+15) mod 8=26 mod 8=2[(11 mod 8)-(15 mod 8)] mod 8=-4 mod 8=4(11-15) mod 8=-4 mod 8=4[(11 mod 8)× (15 mod 8)] mod 8=21 mod 8=5(11× 15)mod 8=165 mod 8=5
Examples for the above three properties
![Page 17: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/17.jpg)
YSL Information Security -- Public-Key Cryptography 17
Modular Arithmetic (cont’d)
• Properties of modular arithmetic– Let Zn = {0,1,2,…,(n-1)} be the set of residues
modulo n.Property ExpressionCommunicative laws
Associative laws
Distributive lawIdentities
Additive inverse(-w)
(w+x) mod n = (x+w) mod n(w× x) mod n = (x× w) mod n[(w+x)+y] mod n = [w+(x+y)] mod n[(w× x)× y] mod n = [w× (x× y)] mod n[w× (x+y)] mod n = [(w× x)+(w× y)] mod n(0+w) mod n = w mod n(1× w) mod n = w mod nFor each wZn, there exists a z such that w+z≡ 0 mod n
![Page 18: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/18.jpg)
YSL Information Security -- Public-Key Cryptography 18
Modular Arithmetic (cont’d)
• Properties of modular arithmetic (cont’d)– if (a + b) (a + c) mod n, then b c mod n (due to
the existence of an additive inverse)– if (a b) (a c) mod n, then b c mod n (only if
a is relatively prime to n; due to the possible absence of a multiplicative inverse)
e.g. 6 3 = 18 2 mod 8 and 6 7 = 42 2 mod 8 but 3 7 mod 8 (6 is not relatively prime to 8)– If n is prime then the property of multiplicative
inverse holds (from a ring to a field).
![Page 19: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/19.jpg)
YSL Information Security -- Public-Key Cryptography 19
Modular Arithmetic (cont’d)
• Properties of modular arithmetic (cont’d)Table 7.3 Arithmetic Modulo 7
+ 0 1 2 3 4 5 60 0 1 2 3 4 5 61 1 2 3 4 5 6 02 2 3 4 5 6 0 13 3 4 5 6 0 1 24 4 5 6 0 1 2 35 5 6 0 1 2 3 46 6 0 1 2 3 4 5
(a)Addition modulo7
* 0 1 2 3 4 5 60 0 0 0 0 0 0 01 0 1 2 3 4 5 62 0 2 4 6 1 3 53 0 3 6 2 5 1 44 0 4 1 5 2 6 35 0 5 3 1 6 4 26 0 6 5 4 3 2 1
(b)Multiplication modulo7
w -w w^-10 0 ---1 6 12 5 43 4 54 3 25 2 36 1 6
(c)Additive and multiplicative inverses modulo 7
![Page 20: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/20.jpg)
YSL Information Security -- Public-Key Cryptography 20
Fermat’s and Euler’s Theorems
• Fermat’s theorem
Fermat’s Theorem
Fermat’s theorem states the following: If p is prime and a is a positive integer not
divisible by p,then
a^(p-1)≡ 1 mod p (7.3)
Proof:From our previous discussion, we know that if all the elements of Zp are
multiplied by a, modulo p, the result consists of the elements of Zp in some order.
Furthermore, a*0≡ 0 mod p. Therefore, the (p-1) numbers {a mod p, 2a mod p, …,(p-1)a
mod p}are just the numbers {1,2,…,(p-1)}in some order. Multiply these number together:
a * 2a * … * ((p-1)a) ≡ [(a mod p) * (2a mod p) * … *((p-1)a mod p)]mod p
≡ (p-1)! mod p
But
a * 2a * … *((p-1)a) = (p-1)!a (p-1)
Therefore,
(p-1)!a (p-1) ≡ (p-1)! mod p
We can cancel the (p-1)! term because it is relatively prime to p [see Equation (7.2)]. This
yields Equation (7.3).
a = 7,p = 19
7 2 = 49 ≡ 11 mod 19
7 4 ≡ 121 ≡ 7 mod 19
7 8 ≡ 49 ≡ 11 mod 19
7 16 ≡ 121 ≡ 7 mod 19
a (p-1) = 7 18 = 7 16 * 7 2 ≡ 7*11 ≡ 1 mod 19
![Page 21: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/21.jpg)
YSL Information Security -- Public-Key Cryptography 21
Fermat’s and Euler’s Theorems (cont’d)
• Fermat’s theorem (cont’d)– alternative form
if p is prime and a is any positive integer, then
ap a mod p
example: p = 5, a = 3, 35 = 243 3 mod 5
![Page 22: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/22.jpg)
YSL Information Security -- Public-Key Cryptography 22
Fermat’s and Euler’s Theorems (cont’d)
• Euler’s totient functionTable 7.4 Some Values of Euler’s Totient Function φ( n)
n φ (n)1 12 13 24 25 46 27 68 49 610 4
n φ (n)11 1012 413 1214 615 816 817 1618 619 1820 8
n φ (n)21 1222 1023 2224 825 2026 1227 1828 1229 2830 8
![Page 23: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/23.jpg)
YSL Information Security -- Public-Key Cryptography 23
Fermat’s and Euler’s Theorems (cont’d)
![Page 24: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/24.jpg)
YSL Information Security -- Public-Key Cryptography 24
Fermat’s and Euler’s Theorems (cont’d)
• Euler’s totient function (cont’d)– if n is the product of two primes p and q
φ(n) = pq – [(q – 1)+(p –1) + 1]
= pq – (p + q) + 1
= (p – 1) (q – 1)
= φ (p) φ (q)
![Page 25: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/25.jpg)
YSL Information Security -- Public-Key Cryptography 25
Fermat’s and Euler’s Theorems (cont’d)
• Euler’s theoremE u l e r ’ s t h e o r e m s t a t e s t h a t f o r e v e r y a a n d n t h a t a r e r e l a t i v e l y p r i m e ,
na n mo d1
11mo d11 0 2 42;1 0)11(;11;2
1 0mo d18 13;4)1 0(;1 0;31 0
4
na
na
P r o o f : E q u a t i o n ( 7 . 5 ) i s t r u e i f n i s p r i m e , b e c a u s e i n t h a t c a s e )1()( nn , a n d
F e r m a t ’ s t h e o r e m h o l d s . H o w e v e r , i t a l s o h o l d s f o r a n y i n t e g e r n . R e c a l l t h a t )( n
i s t h e n u m b e r o f p o s i t i v e i n t e g e r s l e s s t h a n n t h a t a r e r e l a t i v e l y p r i m e t o n . C o n s i d e r
t h e s e t o f s u c h i n t e g e r s , l a b e l e d a s f o l l o w s :
},,,{ )(21 nxxxR
N o w m u l t i p l y e a c h e l e m e n t b y a , m o d u l o n :
)}mo d(,),mo d(),mo d{( )(21 na xna xna xS n
( 7 . 5 )
![Page 26: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/26.jpg)
YSL Information Security -- Public-Key Cryptography 26
Fermat’s and Euler’s Theorems (cont’d)
• Euler’s totient function (cont’d)T h i s s e t i s a p e r m u t a t i o n o f R , b y t h e f o l l o w i n g l i n e o f r e a s o n i n g :
1 . B e c a u s e a i s r e l a t i v e l y p r i m e t o n a n d ix i s r e l a t i v e l y p r i m e t o n , iax m u s t a l s o b e r e l a t i v e l y
p r i m e t o n .
2 . T h e r e a r e n o d u p l i c a t e s i n S . R e f e r t o E q u a t i o n ( 7 . 2 ) . I f iax m o d n = jax m o d n , t h e n ji xx .T h e r e f o r e ,
)(mod1
)(mod
)(mod
)mod(
)(
)(
1
)(
1
)(
)(
1
)(
1
)(
1
)(
1
na
nxxa
nxax
xnax
n
n
ii
n
ii
n
n
ii
n
ii
n
ii
n
ii
A n a l t e r n a t i v e f o r m o f t h e t h e o r e m i s a l s o u s e f u l :
)(mod1)( naa n ( 7 . 6 )
![Page 27: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/27.jpg)
YSL Information Security -- Public-Key Cryptography 27
Testing for Primality
• If p is an odd prime, then the equation
x2 1 (mod p) has only two solutions, 1 and -1.x²≡ 1 (mod 7) x²≡ 1 (mod 8)Using Table 7.3b: Using Table 7.2b:1²≡ 1 mod 7 1²≡ 1 mod 86²≡ 36 mod 7≡ 1 mod 7;6≡ -1 mod7
3²≡ 9 mod 8≡ 1 mod 8
Solutions: 1, -1 5²≡ 25 mod 8≡ 1 mod 8;5≡ -3 mod 87²≡ 49 mod 8≡ 1 mod 8;7≡ -1 mod 8Solutions: 1, -1, 3, -3
![Page 28: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/28.jpg)
YSL Information Security -- Public-Key Cryptography 28
Testing for Primality (cont’d)
![Page 29: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/29.jpg)
YSL Information Security -- Public-Key Cryptography 29
Testing for Primality (cont’d)
• Probabilistic primality testWITNESS (a, n)
1. let bkbk-1…b0 be the binary representation of (n-1)
2. d 1
3. for i k downto 0
4. do x d
5. d (d× d) mod n
6. if d=1 and x≠ 1 and x≠ n-1
7. then return TRUE
8. if bi=1
9. then d (d× a) mod n
10. if d≠ 1
11. then return TRUE
12. return FALSE
![Page 30: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/30.jpg)
YSL Information Security -- Public-Key Cryptography 30
Euclid’s Algorithm
![Page 31: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/31.jpg)
YSL Information Security -- Public-Key Cryptography 31
Euclid’s Algorithm (cont’d)
EUCLID(d,f)
1. X ← f ; Y← d
2. If Y=0 return X=gcd(d,f)
3. R=X mod Y
4. X← Y
5. Y← R
6. Go to 2
![Page 32: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/32.jpg)
YSL Information Security -- Public-Key Cryptography 32
Euclid’s Algorithm (cont’d)
![Page 33: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/33.jpg)
YSL Information Security -- Public-Key Cryptography 33
Euclid’s Algorithm (cont’d)
![Page 34: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/34.jpg)
YSL Information Security -- Public-Key Cryptography 34
Extended Euclid’s Algorithm
EXTENDED EUCLID(d,f)
1.(X1,X2,X3) ←(1,0,f);(Y1,Y2,Y3) ←(0,1,d)
2.if Y3=0 return X3=gcd(d,f); no inverse
3.if Y3=1 return Y3=gcd(d,f); Y2=d-1 mod f
4.Q=
3
3
Y
X
5.(T1,T2,T3) ← (X1-QY1,X2-QY2,X3-QY3)
6.(X1,X2,X3) ← (Y1,Y2,Y3)
7.(Y1,Y2,Y3) ← (T1,T2,T3)
8. goto 2
![Page 35: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/35.jpg)
YSL Information Security -- Public-Key Cryptography 35
Chinese Remainder Theorem
![Page 36: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/36.jpg)
YSL Information Security -- Public-Key Cryptography 36
Chinese Remainder Theorem (cont’d)
![Page 37: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/37.jpg)
YSL Information Security -- Public-Key Cryptography 37
Discrete Logarithms
Table 7.6 Powers of Integers, Modulo 19
a 2a
3a
4a
5a
6a
7a
8a
9a
10a
11a
12a
13a
14a
15a
16a
17a
18a
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 12 4 8 16 13 7 14 9 18 17 15 11 3 6 12 5 10 13 9 8 5 15 7 2 6 18 16 10 11 14 4 12 17 13 14 16 7 9 17 11 6 5 1 4 16 7 9 17 11 6 5 15 6 11 17 9 7 16 4 1 5 6 11 17 9 7 16 4 16 17 7 4 5 11 9 16 1 6 17 7 4 5 11 9 16 17 11 1 7 11 1 7 11 1 7 11 1 7 11 1 7 11 18 7 18 11 12 1 8 7 18 11 12 1 8 7 18 11 12 19 5 7 6 16 11 4 17 1 9 5 7 6 16 11 4 17 110 5 12 6 3 11 15 17 18 9 14 7 13 16 8 4 2 111 7 1 11 7 1 11 7 1 11 7 1 11 7 1 11 7 112 11 18 7 8 1 12 11 18 7 8 1 12 11 18 7 8 113 17 12 4 14 11 10 16 18 6 2 7 15 5 8 9 3 114 6 8 17 10 7 3 4 18 5 13 11 2 9 12 16 15 115 16 12 9 2 11 13 5 18 4 3 7 10 17 8 6 14 116 9 11 5 4 7 17 6 1 16 9 11 5 4 7 17 6 117 4 11 16 6 7 5 9 1 17 4 11 16 6 7 5 9 118 1 18 1 18 1 18 1 18 1 18 1 18 1 18 1 18 1
![Page 38: YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b 0 divides a if a = mb for some m, where](https://reader031.vdocuments.us/reader031/viewer/2022032206/56649efc5503460f94c0ee15/html5/thumbnails/38.jpg)
YSL Information Security -- Public-Key Cryptography 38
Discrete Logarithms (cont’d)
Table 7.7 Tables of Discrete Logarithms, Modulo 19
(a) Discrete logarithms to the base 2, modulo 19
a 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18Ind2,19(a) 18 1 13 2 16 14 6 3 8 17 12 15 5 7 11 4 10 9
(b) Discrete logarithms to the base 3, modulo 19
a 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18Ind3,19(a) 18 7 1 14 4 8 6 3 2 11 12 15 17 13 5 10 16 9
(c) Discrete logarithms to the base 10, modulo 19
a 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18Ind10,19(a) 18 17 5 16 2 4 12 15 10 1 6 3 13 11 7 14 8 9
(d) Discrete logarithms to the base 13, modulo 19
a 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18Ind13,19(a) 18 11 17 4 14 10 12 15 16 7 6 3 1 5 13 8 2 9
(e) Discrete logarithms to the base 14, modulo 19
a 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18Ind14,19(a) 18 13 7 8 10 2 6 3 14 5 12 15 11 1 17 16 14 9
(f) Discrete logarithms to the base 15, modulo 19
a 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18Ind15,19(a) 18 5 11 10 8 16 12 15 4 13 6 3 7 17 1 2 12 9s