L29&30 - RSA Cryptography

Similar documents
Introduction to Modular Arithmetic

Final exam. Question Points Score. Total: 150

Discrete Mathematics & Mathematical Reasoning Multiplicative Inverses and Some Cryptography

CHAPTER 2. Modular Arithmetic

Foundations of Cryptography

Data security (Cryptography) exercise book

Assignment 2. Due: Monday Oct. 15, :59pm

Public Key Encryption

Public Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014

NUMBER THEORY AMIN WITNO

MAT Modular arithmetic and number theory. Modular arithmetic

p 1 MAX(a,b) + MIN(a,b) = a+b n m means that m is a an integer multiple of n. Greatest Common Divisor: We say that n divides m.

Number Theory/Cryptography (part 1 of CSC 282)

Algorithmic Number Theory and Cryptography (CS 303)

Number Theory - Divisibility Number Theory - Congruences. Number Theory. June 23, Number Theory

The Chinese Remainder Theorem

Algorithmic Number Theory and Cryptography (CS 303)

LECTURE 3: CONGRUENCES. 1. Basic properties of congruences We begin by introducing some definitions and elementary properties.

Lecture 32. Handout or Document Camera or Class Exercise. Which of the following is equal to [53] [5] 1 in Z 7? (Do not use a calculator.

Introduction. and Z r1 Z rn. This lecture aims to provide techniques. CRT during the decription process in RSA is explained.

Solutions for the Practice Questions

Primitive Roots. Chapter Orders and Primitive Roots

Mathematics Explorers Club Fall 2012 Number Theory and Cryptography

DUBLIN CITY UNIVERSITY

PT. Primarity Tests Given an natural number n, we want to determine if n is a prime number.

Math 319 Problem Set #7 Solution 18 April 2002

Math 127: Equivalence Relations

MA/CSSE 473 Day 9. The algorithm (modified) N 1

Cryptography. 2. decoding is extremely difficult (for protection against eavesdroppers);

Cryptography, Number Theory, and RSA

Math 255 Spring 2017 Solving x 2 a (mod n)

Solutions for the Practice Final

b) Find all positive integers smaller than 200 which leave remainder 1, 3, 4 upon division by 3, 5, 7 respectively.

CS70: Lecture 8. Outline.

Applications of Fermat s Little Theorem and Congruences

Collection of rules, techniques and theorems for solving polynomial congruences 11 April 2012 at 22:02

Modular Arithmetic. Kieran Cooney - February 18, 2016

ON THE EQUATION a x x (mod b) Jam Germain

Cryptography Math 1580 Silverman First Hour Exam Mon Oct 2, 2017

UNIVERSITY OF MANITOBA DATE: December 7, FINAL EXAMINATION TITLE PAGE TIME: 3 hours EXAMINER: M. Davidson

6. Find an inverse of a modulo m for each of these pairs of relatively prime integers using the method

Solutions to Exam 1. Problem 1. a) State Fermat s Little Theorem and Euler s Theorem. b) Let m, n be relatively prime positive integers.

Number Theory. Konkreetne Matemaatika

Discrete Math Class 4 ( )

MATH 13150: Freshman Seminar Unit 15

Wilson s Theorem and Fermat s Theorem

Application: Public Key Cryptography. Public Key Cryptography

Xor. Isomorphisms. CS70: Lecture 9. Outline. Is public key crypto possible? Cryptography... Public key crypography.

Diffie-Hellman key-exchange protocol

Exam 1 7 = = 49 2 ( ) = = 7 ( ) =

The Chinese Remainder Theorem

University of British Columbia. Math 312, Midterm, 6th of June 2017

Fermat s little theorem. RSA.

SOLUTIONS TO PROBLEM SET 5. Section 9.1

SOLUTIONS FOR PROBLEM SET 4

Number-Theoretic Algorithms

Public-key Cryptography: Theory and Practice

Public-Key Cryptosystem Based on Composite Degree Residuosity Classes. Paillier Cryptosystem. Harmeet Singh

Chinese Remainder. Discrete Mathematics Andrei Bulatov

Congruence. Solving linear congruences. A linear congruence is an expression in the form. ax b (modm)

EE 418: Network Security and Cryptography

Degree project NUMBER OF PERIODIC POINTS OF CONGRUENTIAL MONOMIAL DYNAMICAL SYSTEMS

Related Ideas: DHM Key Mechanics

Number Theory and Public Key Cryptography Kathryn Sommers

Problem Set 6 Solutions Math 158, Fall 2016

MA 111, Topic 2: Cryptography

Introduction to Number Theory 2. c Eli Biham - November 5, Introduction to Number Theory 2 (12)

1 Introduction to Cryptology

DUBLIN CITY UNIVERSITY

Discrete Mathematics and Probability Theory Spring 2018 Ayazifar and Rao Midterm 2 Solutions

Discrete Square Root. Çetin Kaya Koç Winter / 11

MAT 302: ALGEBRAIC CRYPTOGRAPHY. Department of Mathematical and Computational Sciences University of Toronto, Mississauga.

Calculators will not be permitted on the exam. The numbers on the exam will be suitable for calculating by hand.

Modular Arithmetic: refresher.

The congruence relation has many similarities to equality. The following theorem says that congruence, like equality, is an equivalence relation.

Introduction. Asymmetric ciphers. Online Trusted Third Party (TTP) Online Trusted Third Party (TTP)

Sheet 1: Introduction to prime numbers.

To be able to determine the quadratic character of an arbitrary number mod p (p an odd prime), we. The first (and most delicate) case concerns 2

The Chinese Remainder Theorem

Cryptography CS 555. Topic 20: Other Public Key Encryption Schemes. CS555 Topic 20 1

Carmen s Core Concepts (Math 135)

A4M33PAL, ZS , FEL ČVUT

Example Enemy agents are trying to invent a new type of cipher. They decide on the following encryption scheme: Plaintext converts to Ciphertext

The number theory behind cryptography

MATH 324 Elementary Number Theory Solutions to Practice Problems for Final Examination Monday August 8, 2005

THE NUMBER OF PERMUTATIONS WHICH FORM ARITHMETIC PROGRESSIONS MODULO m

Modular Arithmetic and Doomsday

x 8 (mod 15) x 8 3 (mod 5) eli 2 2y 6 (mod 10) y 3 (mod 5) 6x 9 (mod 11) y 3 (mod 11) So y = 3z + 3u + 3w (mod 990) z = (990/9) (990/9) 1

Solutions to Problem Set 6 - Fall 2008 Due Tuesday, Oct. 21 at 1:00

Classical Cryptography

An interesting class of problems of a computational nature ask for the standard residue of a power of a number, e.g.,

MTH 3527 Number Theory Quiz 10 (Some problems that might be on the quiz and some solutions.) 1. Euler φ-function. Desribe all integers n such that:

Modular Arithmetic. claserken. July 2016

Calculators will not be permitted on the exam. The numbers on the exam will be suitable for calculating by hand.

Cryptography Made Easy. Stuart Reges Principal Lecturer University of Washington

Lecture 8. Outline. 1. Modular Arithmetic. Clock Math!!! 2. Inverses for Modular Arithmetic: Greatest Common Divisor. 3. Euclid s GCD Algorithm

CMPSCI 250: Introduction to Computation. Lecture #14: The Chinese Remainder Theorem David Mix Barrington 24 February 2012

MA10103: Foundation Mathematics I. Lecture Notes Week 3

ORDER AND CHAOS. Carl Pomerance, Dartmouth College Hanover, New Hampshire, USA

MATH 433 Applied Algebra Lecture 12: Sign of a permutation (continued). Abstract groups.

Transcription:

L29&30 - RSA Cryptography CSci/Math 2112 20&22 July 2015 1 / 13

Notation We write a mod n for the integer b such that 0 b < n and a b (mod n). 2 / 13

Calculating Large Powers Modulo n Example 1 What is 8 7 mod 71? 3 / 13

Calculating Large Powers Modulo n Example 1 What is 8 7 mod 71? Example 2 What is 5 11 mod 600? 3 / 13

Integers Modulo n Let n and a be positive integers such that gcd(a, n) = 1. Theorem Let x Z n. If x[a] = [0] then x = [0]. 4 / 13

Integers Modulo n Let n and a be positive integers such that gcd(a, n) = 1. Theorem Let x Z n. If x[a] = [0] then x = [0]. Proof. Let x Z n and x[a] = [0]. Let x = [b] for some integer 0 b < n. Then n (ab). Since gcd(a, n) = 1, we have n b, thus x = [0]. 4 / 13

Integers Modulo n Let n and a be positive integers such that gcd(a, n) = 1. Theorem Let x Z n. If x[a] = [0] then x = [0]. Proof. Let x Z n and x[a] = [0]. Let x = [b] for some integer 0 b < n. Then n (ab). Since gcd(a, n) = 1, we have n b, thus x = [0]. Theorem Let x, y Z n. If x[a] = y[a], then x = y. 4 / 13

Integers Modulo n Let n and a be positive integers such that gcd(a, n) = 1. Theorem Let x Z n. If x[a] = [0] then x = [0]. Proof. Let x Z n and x[a] = [0]. Let x = [b] for some integer 0 b < n. Then n (ab). Since gcd(a, n) = 1, we have n b, thus x = [0]. Theorem Let x, y Z n. If x[a] = y[a], then x = y. Proof. Let x, y Z n and x[a] = y[a]. Then x[a] y[a] = (x y)[a] = [0]. Since [a] [0], we have x y = [0], showing x = y. 4 / 13

Inverse Modulo n If gcd(x, n) = 1 then we can find a [y] Z n such that [x][y] = [1], i.e. xy 1 (mod n). The integer y is called the inverse of x modulo n. Example 3 Find the inverse of 4 modulo 7. 5 / 13

Inverse Modulo n If gcd(x, n) = 1 then we can find a [y] Z n such that [x][y] = [1], i.e. xy 1 (mod n). The integer y is called the inverse of x modulo n. Example 3 Find the inverse of 4 modulo 7. Example 4 Find the inverse of 9 modulo 50. 5 / 13

Fermat s Little Theorem Lemma If p is a prime and k an integer such that 0 < k < p then p ( p k). 6 / 13

Fermat s Little Theorem Lemma If p is a prime and k an integer such that 0 < k < p then p ( p k). Theorem (Fermat s Little Theorem) If p is a prime and a is an integer, then a p a (mod p). 6 / 13

Fermat s Little Theorem Lemma If p is a prime and k an integer such that 0 < k < p then p ( p k). Theorem (Fermat s Little Theorem) If p is a prime and a is an integer, then a p a (mod p). Example 5 Find 8 6 mod 7. 6 / 13

Euler s Totient Function Euler s Totient Function of n, denoted by φ(n), is the number of positive integers a less than (or equal to) n such that gcd(a, n) = 1. Example 6 Find φ(1), φ(9), φ(12), φ(23) and φ(6). 7 / 13

Euler s Totient Function Euler s Totient Function of n, denoted by φ(n), is the number of positive integers a less than (or equal to) n such that gcd(a, n) = 1. Example 6 Find φ(1), φ(9), φ(12), φ(23) and φ(6). Proposition If gcd(m, n) = 1, then φ(mn) = φ(m)φ(n). 7 / 13

Euler s Totient Function Euler s Totient Function of n, denoted by φ(n), is the number of positive integers a less than (or equal to) n such that gcd(a, n) = 1. Example 6 Find φ(1), φ(9), φ(12), φ(23) and φ(6). Proposition If gcd(m, n) = 1, then φ(mn) = φ(m)φ(n). Example 7 Find φ(207). 7 / 13

Euler s Totient Function Proposition For a prime p we have φ(p) = p 1. 8 / 13

Euler s Totient Function Proposition For a prime p we have φ(p) = p 1. Proposition ) For a prime p we have φ(p k ) = p k p k 1 = p (1 k 1 p. 8 / 13

Euler s Totient Function Proposition For a prime p we have φ(p) = p 1. Proposition ) For a prime p we have φ(p k ) = p k p k 1 = p (1 k 1 p. Proposition For any positive integer n we have φ(n) = n ( 1 1 ). p p n 8 / 13

Euler s Totient Function Proposition For a prime p we have φ(p) = p 1. Proposition ) For a prime p we have φ(p k ) = p k p k 1 = p (1 k 1 p. Proposition For any positive integer n we have φ(n) = n ( 1 1 ). p p n Example 8 Find φ(345). 8 / 13

Euler s Theorem Theorem (Euler s Theorem) Let a, n N with gcd(a, n) = 1. Then a φ(n) 1 (mod n). 9 / 13

Euler s Theorem Theorem (Euler s Theorem) Let a, n N with gcd(a, n) = 1. Then a φ(n) 1 (mod n). Example 9 Find 7 176 mod 345. 9 / 13

RSA Cryptography Alice wants to send Bob a secure message. 10 / 13

RSA Cryptography Alice wants to send Bob a secure message. They decide to use an RSA code. 10 / 13

RSA Cryptography Alice wants to send Bob a secure message. They decide to use an RSA code. Bob will do the following: 10 / 13

RSA Cryptography Alice wants to send Bob a secure message. They decide to use an RSA code. Bob will do the following: Pick two primes p and q. 10 / 13

RSA Cryptography Alice wants to send Bob a secure message. They decide to use an RSA code. Bob will do the following: Pick two primes p and q. Calculate n = pq and φ(n) = (p 1)(q 1). 10 / 13

RSA Cryptography Alice wants to send Bob a secure message. They decide to use an RSA code. Bob will do the following: Pick two primes p and q. Calculate n = pq and φ(n) = (p 1)(q 1). Pick an integer e such that gcd(e, φ(n)) = 1. 10 / 13

RSA Cryptography Alice wants to send Bob a secure message. They decide to use an RSA code. Bob will do the following: Pick two primes p and q. Calculate n = pq and φ(n) = (p 1)(q 1). Pick an integer e such that gcd(e, φ(n)) = 1. Calculate the inverse d of e modulo φ(n). 10 / 13

RSA Cryptography Alice wants to send Bob a secure message. They decide to use an RSA code. Bob will do the following: Pick two primes p and q. Calculate n = pq and φ(n) = (p 1)(q 1). Pick an integer e such that gcd(e, φ(n)) = 1. Calculate the inverse d of e modulo φ(n). Make n and e public. 10 / 13

RSA Cryptography Alice wants to send Bob a secure message. They decide to use an RSA code. Bob will do the following: Pick two primes p and q. Calculate n = pq and φ(n) = (p 1)(q 1). Pick an integer e such that gcd(e, φ(n)) = 1. Calculate the inverse d of e modulo φ(n). Make n and e public. Alice calculates r x e (mod n) where x is her message, and sends r to Bob. 10 / 13

RSA Cryptography Alice wants to send Bob a secure message. They decide to use an RSA code. Bob will do the following: Pick two primes p and q. Calculate n = pq and φ(n) = (p 1)(q 1). Pick an integer e such that gcd(e, φ(n)) = 1. Calculate the inverse d of e modulo φ(n). Make n and e public. Alice calculates r x e (mod n) where x is her message, and sends r to Bob. Bob calculates r d mod n. 10 / 13

RSA Cryptography Example 10 Bob decides to use p = 5 and q = 7. Then n = 35 and φ(n) = 24. He picks e = 5, thus d = 5. He then makes n and e public. Alice wants to send HI to Bob, which becomes the two separate messages 8 and 9. Which numbers should she send to Bob? 11 / 13

RSA Cryptography Example 10 Bob decides to use p = 5 and q = 7. Then n = 35 and φ(n) = 24. He picks e = 5, thus d = 5. He then makes n and e public. Alice wants to send HI to Bob, which becomes the two separate messages 8 and 9. Which numbers should she send to Bob? Example 11 Bob receives the following message: 33, 15, 9, 10. What was Alice s original message? 11 / 13

RSA Cryptography Example 10 Bob decides to use p = 5 and q = 7. Then n = 35 and φ(n) = 24. He picks e = 5, thus d = 5. He then makes n and e public. Alice wants to send HI to Bob, which becomes the two separate messages 8 and 9. Which numbers should she send to Bob? Example 11 Bob receives the following message: 33, 15, 9, 10. What was Alice s original message? Example 12 Thief C intercepted a message from Alice to Bob. They know that Bob has n = 391 and e = 7. They also know that they need to find d to decypher the message. What should they do? 11 / 13

RSA Cryptography Example 13 12 / 13

RSA Cryptography Why is Bob able to decypher Alice s message? Since de 1 (mod φ(n)), we have de = kφ(n) + 1 for some integer k. 13 / 13

RSA Cryptography Why is Bob able to decypher Alice s message? Since de 1 (mod φ(n)), we have de = kφ(n) + 1 for some integer k. Using Euler s Theorem, we have x de = x (x φ(n)) k x (1) k (mod n) x (mod n). 13 / 13

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback