Number Theory/Cryptography (part 1 of CSC 282)

Similar documents
Solutions for the Practice Questions

Number Theory - Divisibility Number Theory - Congruences. Number Theory. June 23, Number Theory

Applications of Fermat s Little Theorem and Congruences

b) Find all positive integers smaller than 200 which leave remainder 1, 3, 4 upon division by 3, 5, 7 respectively.

The congruence relation has many similarities to equality. The following theorem says that congruence, like equality, is an equivalence relation.

6. Find an inverse of a modulo m for each of these pairs of relatively prime integers using the method

Discrete Math Class 4 ( )

Calculators will not be permitted on the exam. The numbers on the exam will be suitable for calculating by hand.

Carmen s Core Concepts (Math 135)

NUMBER THEORY AMIN WITNO

Data security (Cryptography) exercise book

SOLUTIONS FOR PROBLEM SET 4

Cryptography, Number Theory, and RSA

CHAPTER 2. Modular Arithmetic

Math 255 Spring 2017 Solving x 2 a (mod n)

Calculators will not be permitted on the exam. The numbers on the exam will be suitable for calculating by hand.

Collection of rules, techniques and theorems for solving polynomial congruences 11 April 2012 at 22:02

Fermat s little theorem. RSA.

PT. Primarity Tests Given an natural number n, we want to determine if n is a prime number.

Distribution of Primes

SOLUTIONS TO PROBLEM SET 5. Section 9.1

Final exam. Question Points Score. Total: 150

CMPSCI 250: Introduction to Computation. Lecture #14: The Chinese Remainder Theorem David Mix Barrington 4 October 2013

Modular Arithmetic. Kieran Cooney - February 18, 2016

CMPSCI 250: Introduction to Computation. Lecture #14: The Chinese Remainder Theorem David Mix Barrington 24 February 2012

Assignment 2. Due: Monday Oct. 15, :59pm

Introduction to Modular Arithmetic

1.6 Congruence Modulo m

L29&30 - RSA Cryptography

p 1 MAX(a,b) + MIN(a,b) = a+b n m means that m is a an integer multiple of n. Greatest Common Divisor: We say that n divides m.

ALGEBRA: Chapter I: QUESTION BANK

The Chinese Remainder Theorem

Solutions to Problem Set 6 - Fall 2008 Due Tuesday, Oct. 21 at 1:00

Exam 1 7 = = 49 2 ( ) = = 7 ( ) =

MA/CSSE 473 Day 9. The algorithm (modified) N 1

Primitive Roots. Chapter Orders and Primitive Roots

University of British Columbia. Math 312, Midterm, 6th of June 2017

Modular Arithmetic. claserken. July 2016

Overview. The Big Picture... CSC 580 Cryptography and Computer Security. January 25, Math Basics for Cryptography

Cryptography Math 1580 Silverman First Hour Exam Mon Oct 2, 2017

Modular arithmetic Math 2320

Solutions to Exam 1. Problem 1. a) State Fermat s Little Theorem and Euler s Theorem. b) Let m, n be relatively prime positive integers.

Numbers (8A) Young Won Lim 5/22/17

Introduction. and Z r1 Z rn. This lecture aims to provide techniques. CRT during the decription process in RSA is explained.

Numbers (8A) Young Won Lim 6/21/17

Math 127: Equivalence Relations

Numbers (8A) Young Won Lim 5/24/17

Lecture 8. Outline. 1. Modular Arithmetic. Clock Math!!! 2. Inverses for Modular Arithmetic: Greatest Common Divisor. 3. Euclid s GCD Algorithm

Discrete Mathematics & Mathematical Reasoning Multiplicative Inverses and Some Cryptography

The Chinese Remainder Theorem

Sheet 1: Introduction to prime numbers.

LECTURE 3: CONGRUENCES. 1. Basic properties of congruences We begin by introducing some definitions and elementary properties.

Number Theory. Konkreetne Matemaatika

The Chinese Remainder Theorem

Modular Arithmetic and Doomsday

Mathematics Explorers Club Fall 2012 Number Theory and Cryptography

An interesting class of problems of a computational nature ask for the standard residue of a power of a number, e.g.,

Math 412: Number Theory Lecture 6: congruence system and

Public Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014

Solutions for the 2nd Practice Midterm

Foundations of Cryptography

1 = 3 2 = 3 ( ) = = = 33( ) 98 = = =

Wilson s Theorem and Fermat s Theorem

MAT Modular arithmetic and number theory. Modular arithmetic

CS70: Lecture 8. Outline.

Problem Set 6 Solutions Math 158, Fall 2016

Discrete Square Root. Çetin Kaya Koç Winter / 11

Linear Congruences. The solutions to a linear congruence ax b (mod m) are all integers x that satisfy the congruence.

Solutions for the Practice Final

Number Theory for Cryptography

Cryptography. 2. decoding is extremely difficult (for protection against eavesdroppers);

Discrete Mathematics and Probability Theory Spring 2018 Ayazifar and Rao Midterm 2 Solutions

Modular Arithmetic: refresher.

The number theory behind cryptography

Practice Midterm 2 Solutions

EE 418: Network Security and Cryptography

Algorithmic Number Theory and Cryptography (CS 303)

Algorithmic Number Theory and Cryptography (CS 303)

MODULAR ARITHMETIC II: CONGRUENCES AND DIVISION

DUBLIN CITY UNIVERSITY

To be able to determine the quadratic character of an arbitrary number mod p (p an odd prime), we. The first (and most delicate) case concerns 2

1111: Linear Algebra I

6.2 Modular Arithmetic

Constructions of Coverings of the Integers: Exploring an Erdős Problem

ON THE EQUATION a x x (mod b) Jam Germain

1 Introduction to Cryptology

SESAME Modular Arithmetic. MurphyKate Montee. March 2018 IN,Z, We think numbers should satisfy certain rules, which we call axioms:

Public Key Encryption

Goldbach Conjecture (7 th june 1742)

MAT199: Math Alive Cryptography Part 2

Implementation / Programming: Random Number Generation

MATH 324 Elementary Number Theory Solutions to Practice Problems for Final Examination Monday August 8, 2005

CMath 55 PROFESSOR KENNETH A. RIBET. Final Examination May 11, :30AM 2:30PM, 100 Lewis Hall

Example Enemy agents are trying to invent a new type of cipher. They decide on the following encryption scheme: Plaintext converts to Ciphertext

x 8 (mod 15) x 8 3 (mod 5) eli 2 2y 6 (mod 10) y 3 (mod 5) 6x 9 (mod 11) y 3 (mod 11) So y = 3z + 3u + 3w (mod 990) z = (990/9) (990/9) 1

Congruence. Solving linear congruences. A linear congruence is an expression in the form. ax b (modm)

MA10103: Foundation Mathematics I. Lecture Notes Week 3

MAT 302: ALGEBRAIC CRYPTOGRAPHY. Department of Mathematical and Computational Sciences University of Toronto, Mississauga.

Two congruences involving 4-cores

Xor. Isomorphisms. CS70: Lecture 9. Outline. Is public key crypto possible? Cryptography... Public key crypography.

Transcription:

Number Theory/Cryptography (part 1 of CSC 282) http://www.cs.rochester.edu/~stefanko/teaching/11cs282 1 Schedule The homework is due Sep 8 Graded homework will be available at noon Sep 9, noon. EXAM #1 will be on Tuesday, Sep. 13. 2 List of algorithms covered in the class (B-basic, I-intermediate, A-advanced): B: Addition (p.11, DSV). B: Multiplication (p.15, DSV). B: Division (p.15, DSV). B: Modular exponentiation (p.19, DSV). B: Euclid s algorithm (p.20, DSV). I: Extended Euclid s algorithm (p.21, DSV). A: Primality testing (p.25, DSV). A: Generating random primes (p.28, DSV). A: RSA (p.33, DSV). 3 Basic material Important concepts, problems, theorems, and algorithms: Modular arithmetic, Fermat s little theorem. Theorem: Let p be a prime and let a be an integer such that gcd(a, p) = 1. Then a p 1 1 (mod p). Theorem: Let p be a prime and let a be an integer. Then a p a (mod p). Simple (computational) questions: Compute a b mod c. (c will be a prime smaller than 20.) Trace the execution of Euclid s gcd algorithm. Compute the multiplicative inverse of a modulo b. Apply Fermat s little theorem in a computation (see problems 1.1, 1.4, 1.5, below). Example problems (solve, but do NOT turn in): 1.1 Compute 3 80 mod 5. 1.2 Compute gcd(30, 81). Compute gcd(55, 34). Use Euclid s gcd algorithm. Show all steps. 1.3 Compute the multiplicative inverse of 26 modulo 677. 1.4 Is 4 200 9 100 divisible by 35? Use Fermat s little theorem to prove your answer. 1.5 What is 3 3100 mod 5? (as usual, a bc is a raised to the b c -th power). 1

1.6 Prove that for every integer x, either x 2 0 (mod 4) or x 2 1 (mod 4). 1.7 Let p, q be two different primes. Let x, y be such that x y (mod p) and x y (mod q). Prove that x y (mod pq). 4 Basic Homework - solve and turn in 1.8 (due Sep 8) Solve the following system of congruences: x 20 (mod 21), x 21 (mod 22), x 22 (mod 23). That is, find x {0,..., 10625} that satisfies all 3 congruences above. (Hint: Chinese remainder theorem.) 1.9 (due Sep 8) Let p be a prime and let a, b be two integers such that a 2 b 2 (mod p). Prove that either a b (mod p) or a b (mod p). (Hint: you will need to use the following fact about primes and divisibility. If p is a prime and p cd then p c or p d.) 1.10 (due Sep 8) For each of the following prove or disprove (clearly state which of the two are you doing): For all x Z such that gcd(x, 19) = 1 we have x 18 1 (mod 19). For all x Z such that gcd(x, 21) = 1 we have x 18 1 (mod 21). For all x Z we have x 37 x (mod 37). For all x Z we have x 37 x (mod 35). 5 Advanced Homework solve and turn in Please, make sure that the basic homework and the advanced homework are on separate sheets of paper. 1.11 (due Sep 8) Let p be a prime such that p 3 (mod 4). We would like to have an algorithm which on input x computes the square root of x, that is, y such that y 2 x (mod p). Show that we can let y := x (p+1)/4 (mod p). 1.12 (due Sep 8) Let x, y be unknown positive integers. Let A = xy and B = x + y. Give a polynomial-time algorithm which on input A, B computes x, y. Clearly state and analyze the running time of your algorithm. 1.13 (due Sep 8) Professor A designed a black-box which on input a computes a 2 in time O(log a). We would like to use the black-box to multiply numbers, i. e., on input a, b we want to compute ab. We want our algorithm to run in time O(log(ab)). a) Give such an algorithm. b) Suppose now, that instead of x x 2 black-box, we have x x 3 black-box. Show how we can use the new black-box to multiply numbers a, b in time O(log(ab)). c) Suppose now, that instead of x x 2 black-box, we have x x 4 black-box. Show how we can use the new black-box to multiply numbers a, b in time O(log(ab)). In parts a), b), c) you can assume that we can add two numbers c, d in O(log(cd))-time. You can also assume that for any constant f we can divide d by f in O(log d)-time. 1.14 (due Sep 8) Fibonnaci numbers are defined as follows: F 0 = 0, F 1 = 1, and F n = F n 1 + F n 2 for n 2. Give a polynomial-time algorithm which on input n and M outputs (F n mod M). (Note that the input length is Θ(log n + log M), and your algorithm has to run in time polynomial in the input length). 2

6 Additional problems from the book (do NOT turn in) Try to solve the following problems. A few of them will be on the quiz. 1.1, 1.4, 1.5, 1.10, 1.11, 1.14, 1.15, 1.19, 1.20, 1.22, 1.23, 1.25, 1.26, 1.31, 1.32, 1.37, 1.39. 3

7 Additional problems (do NOT turn in) Solve the problems below; use the answer key below to check your answers. Definitions: Z = {..., 2, 1, 0, 1, 2,... } denotes the set of integers, N = {1, 2, 3,... } denotes the set of natural numbers (which we define to be positive integers). For a, b Z we say a divides b (notation: a b) if there exists c Z such that b = ac. For a, b, m Z we say a is congruent to b modulo m (notation: a b (mod m)) if m (a b). We say that a natural number n is a prime if there are exactly 2 natural numbers that divide n (they are 1 and n, with n 1). For a natural number m we let Z m = {a {1,..., m 1} gcd(a, m) = 1}, that is, Z m are the numbers from {1,..., m 1} that are co-prime with m. 1. If p, q are different primes then gcd(p, q) = 1. 2. If 2 (a + b) then a b (mod 2). 3. If p is a prime and p (a + b) then a b (mod p). 4. If m (a b) then a b (mod m). 5. If ab 1 mod c then gcd(a, c) = 1. 6. If ab 1 mod c then gcd(a, b) = 1. 7. If a b and b c then a c. 8. If a bc then a b or a c. 9. If p is a prime, p (b + c), and p (b c) then p c. 10. If gcd(a, c) = 1 and gcd(b, c) = 1 then gcd(ab, c) = 1. 4

11. If gcd(a, c) = 1 and gcd(b, c) = 1 then gcd(a + b, c) = 1. 12. If gcd(a, b) = 1 and gcd(c, d) = 1 then gcd(ac, bd) = 1. 13. If p is a prime and p a 2 then p a. 14. If p is an odd prime then 3 (p 1)/2 1 (mod p). 15. If p is an odd prime then 4 (p 1)/2 1 (mod p). 16. If p is an odd prime, p (b + c), and p (b 2 + c 2 ) then p c. 17. If a c and b c then ab c. 18. Let p be a prime. If a k 1 (mod p) and b k 1 (mod p) then (ab) k 1 (mod p). 19. Let m 2. If a k 1 (mod m) and b k 1 (mod m) then (ab) k 1 (mod m). 20. Let m 2. If for all a {1,..., m 1} we have a m 1 1 (mod m) then m is a prime. 21. Let m 2. If for all a Z m we have a m 1 1 (mod m) then m is a prime. 5

22. Let p be a prime. If a 1 (mod p 1) and gcd(p, b) = 1 then b a b (mod p). 23. Let p be a prime. If a 1 (mod p 1) and gcd(p, b) = 1 then a b a (mod p). 24. Let p be a prime. If a 1 (mod p) and gcd(p 1, b) = 1 then b a b (mod p). 25. Let p be a prime. If a 1 (mod p) and gcd(p 1, b) = 1 then a b a (mod p). 26. If 2 (a + b) then a 2 b 2 (mod 2). 27. Assume a, b, c N. If a b 1 (mod c) then gcd(a, c) = 1. 28. Assume a, b, c N. If a b 1 (mod c) then gcd(b, c) = 1. 29. If p is an odd prime then 4 (p+1)/2 4 (mod p). 30. If gcd(a + b, c) = 1 and gcd(b, c) = 1 then gcd(a, c) = 1. 31. Let p be a prime, a {2,..., p 1}, and b N. If a b a (mod p) then gcd(b, p 1) = 1. 6

Solutions. 1. If p, q are different primes then gcd(p, q) = 1. (WHY: w.l.o.g. p < q; assume, for the sake of contradiction, that gcd(p, q) = a > 1; then a q, yet a 1 and a q (since a p < q), contradicting the assumption that q is a prime.) 2. If 2 (a + b) then a b (mod 2). (WHY: if 2 (a + b) then either both a, b are even or both a, b are odd; in both cases a b (mod 2).) 3. If p is a prime and p (a + b) then a b (mod p). (WHY: p = 3, a = 1, b = 2 is a counterexample.) 4. If m (a b) then a b (mod m). (WHY: definition of a b (mod m).) 5. If ab 1 mod c then gcd(a, c) = 1. (WHY: assume, for the sake of contradiction, that gcd(a, c) = t > 1; then t a and t (1 ab), hence t 1, and hence t = 1, a contradiction (we used the fact that t A and t B implies t (A + B) (used with A = ab and B = 1 ab).) 6. If ab 1 mod c then gcd(a, b) = 1. (WHY: p = 7, a = 2, b = 4 is a counterexample.) 7. If a b and b c then a c. (WHY: we have X Z such that b = ax and Y Z such that c = by ; hence c = a(xy ), thus, a c.) 8. If a bc then a b or a c. (WHY: a = 4, b = 2, c = 2 is a counterexample.) 9. If p is a prime, p (b + c), and p (b c) then p c. (WHY: p = 2, a = 1, b = 1 is a counterexample.) 10. If gcd(a, c) = 1 and gcd(b, c) = 1 then gcd(ab, c) = 1. (WHY: no prime divides both a and c; no prime divides both b and c; hence no prime divides both ab and c (since the set of primes dividing ab is the union of the set of primes dividing a and the set of primes dividing b).) 7

11. If gcd(a, c) = 1 and gcd(b, c) = 1 then gcd(a + b, c) = 1. (WHY: a = 1, b = 1, c = 2 is a counterexample.) 12. If gcd(a, b) = 1 and gcd(c, d) = 1 then gcd(ac, bd) = 1. (WHY: a = 1, b = 2, c = 2, d = 1 is a counterexample.) 13. If p is a prime and p a 2 then p a. (WHY: this follows from that fact that if p is a prime and p XY then p X or p Y (used with X = Y = a).) 14. If p is an odd prime then 3 (p 1)/2 1 (mod p). (WHY: p = 3 is a counterexample.) 15. If p is an odd prime then 4 (p 1)/2 1 (mod p). (WHY: since 4 = 2 2 we have theorem.) 4 (p 1)/2 2 p 1 1 (mod p), the last congruence follows from Fermat s little 16. If p is an odd prime, p (b + c), and p (b 2 + c 2 ) then p c. (WHY: p (b + c) implies p (b 2 c 2 ), which combined with p (b 2 + c 2 ) implies p 2c 2 ; now since p is odd we cannot have p 2 and hence p c 2 which, in turn, implies p c.) 17. If a c and b c then ab c. (WHY: a = 2, b = 2, c = 2 is a counterexample.) 18. Let p be a prime. If a k 1 (mod p) and b k 1 (mod p) then (ab) k 1 (mod p). (WHY: see the next problem.) 19. Let m 2. If a k 1 (mod m) and b k 1 (mod m) then (ab) k 1 (mod m). (WHY: (ab) k = a k b k ; A B (mod m) and C D (mod m) implies AC BD (mod m).) 20. Let m 2. If for all a {1,..., m 1} we have a m 1 1 (mod m) then m is a prime. (WHY: if m is not a prime then take a m where a {2,..., m 1}; then a a m 1 ; then a (a m 1 1); hence m (a m 1 1) and hence a m 1 1 (mod m).) 21. Let m 2. If for all a Z m we have a m 1 1 (mod m) then m is a prime. (WHY: Carmichael numbers, for example m = 561, are a counterexample.) 8

22. Let p be a prime. If a 1 (mod p 1) and gcd(p, b) = 1 then b a b (mod p). (WHY: We have a = 1 + k(p 1) for some k Z; then b a b(b p 1 ) k b (mod p), using Fermat s little theorem in the last congruence.) 23. Let p be a prime. If a 1 (mod p 1) and gcd(p, b) = 1 then a b a (mod p). (WHY: p = 3, a = 5, b = 2 is a counterexample.) 24. Let p be a prime. If a 1 (mod p) and gcd(p 1, b) = 1 then b a b (mod p). (WHY: p = 3, a = 4, b = 5 is a counterexample.) 25. Let p be a prime. If a 1 (mod p) and gcd(p 1, b) = 1 then a b a (mod p). (WHY: If a 1 (mod p) then a b 1 (mod p) for any b N.) 26. If 2 (a + b) then a 2 b 2 (mod 2). (WHY: if 2 (a + b) then either both a, b are even or both a, b are odd; in both cases a 2 b 2 (mod 2).) 27. Assume a, b, c N. If a b 1 (mod c) then gcd(a, c) = 1. (WHY: if gcd(a, c) = t > 1 then t a b ; hence t (a b 1); hence c (a b 1); hence a b 1 (mod c).) 28. Assume a, b, c N. If a b 1 (mod c) then gcd(b, c) = 1. (WHY: a = 1, b = 2, c = 2 is a counterexample.) 29. If p is an odd prime then 4 (p+1)/2 4 (mod p). (WHY: since 4 = 2 2 we have little theorem) 4 (p+1)/2 2 p+1 2 2 (mod p), where in the last congruence we used Fermat s 30. If gcd(a + b, c) = 1 and gcd(b, c) = 1 then gcd(a, c) = 1. (WHY: a = 2, b = 1, c = 2 is a counterexample) 31. Let p be a prime, a {2,..., p 1}, and b N. If a b a (mod p) then gcd(b, p 1) = 1. (WHY: p = 7, a = 2, b = 4 is a counterexample) 9

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback