Introduction to Number Theory 2. c Eli Biham - November 5, Introduction to Number Theory 2 (12)

Similar documents
Example: Modulo 11: Since Z p is cyclic, there is a generator. Let g be a generator of Z p.

Math 124 Homework 5 Solutions

Solutions to Exam 1. Problem 1. a) State Fermat s Little Theorem and Euler s Theorem. b) Let m, n be relatively prime positive integers.

MT 430 Intro to Number Theory MIDTERM 2 PRACTICE

Quadratic Residues. Legendre symbols provide a computational tool for determining whether a quadratic congruence has a solution. = a (p 1)/2 (mod p).

MATH 324 Elementary Number Theory Solutions to Practice Problems for Final Examination Monday August 8, 2005

MTH 3527 Number Theory Quiz 10 (Some problems that might be on the quiz and some solutions.) 1. Euler φ-function. Desribe all integers n such that:

Is 1 a Square Modulo p? Is 2?

To be able to determine the quadratic character of an arbitrary number mod p (p an odd prime), we. The first (and most delicate) case concerns 2

6. Find an inverse of a modulo m for each of these pairs of relatively prime integers using the method

NUMBER THEORY AMIN WITNO

Collection of rules, techniques and theorems for solving polynomial congruences 11 April 2012 at 22:02

30 HWASIN PARK, JOONGSOO PARK AND DAEYEOUL KIM Lemma 1.1. Let =2 k q +1, k 2 Z +. Then the set of rimitive roots modulo is the set of quadratic non-re

Exam 1 7 = = 49 2 ( ) = = 7 ( ) =

Assignment 2. Due: Monday Oct. 15, :59pm

UNIVERSITY OF MANITOBA DATE: December 7, FINAL EXAMINATION TITLE PAGE TIME: 3 hours EXAMINER: M. Davidson

Foundations of Cryptography

LECTURE 9: QUADRATIC RESIDUES AND THE LAW OF QUADRATIC RECIPROCITY

On the Fibonacci Sequence. By: Syrous Marivani LSUA. Mathematics Department. Alexandria, LA 71302

b) Find all positive integers smaller than 200 which leave remainder 1, 3, 4 upon division by 3, 5, 7 respectively.

SIZE OF THE SET OF RESIDUES OF INTEGER POWERS OF FIXED EXPONENT

MAT Modular arithmetic and number theory. Modular arithmetic

Discrete Square Root. Çetin Kaya Koç Winter / 11

Conjectures and Results on Super Congruences

L29&30 - RSA Cryptography

Number Theory/Cryptography (part 1 of CSC 282)

LECTURE 7: POLYNOMIAL CONGRUENCES TO PRIME POWER MODULI

The Chinese Remainder Theorem

The Chinese Remainder Theorem

Wilson s Theorem and Fermat s Theorem

LECTURE 3: CONGRUENCES. 1. Basic properties of congruences We begin by introducing some definitions and elementary properties.

Solutions to Problem Set 6 - Fall 2008 Due Tuesday, Oct. 21 at 1:00

An interesting class of problems of a computational nature ask for the standard residue of a power of a number, e.g.,

SOLUTIONS TO PROBLEM SET 5. Section 9.1

MATH 118 PROBLEM SET 6

Cryptography CS 555. Topic 20: Other Public Key Encryption Schemes. CS555 Topic 20 1

1.6 Congruence Modulo m

Primitive Roots. Chapter Orders and Primitive Roots

Low Complexity Tail-Biting Trellises for Some Extremal Self-Dual Codes

p 1 MAX(a,b) + MIN(a,b) = a+b n m means that m is a an integer multiple of n. Greatest Common Divisor: We say that n divides m.

Discrete Math Class 4 ( )

CHAPTER 2. Modular Arithmetic

A REMARK ON A PAPER OF LUCA AND WALSH 1. Zhao-Jun Li Department of Mathematics, Anhui Normal University, Wuhu, China. Min Tang 2.

Computational Complexity of Generalized Push Fight

by Michael Filaseta University of South Carolina

Modular Arithmetic: refresher.

Static Program Analysis

Two congruences involving 4-cores

Number Theory - Divisibility Number Theory - Congruences. Number Theory. June 23, Number Theory

Solution: Alice tosses a coin and conveys the result to Bob. Problem: Alice can choose any result.

ON MODULI FOR WHICH THE FIBONACCI SEQUENCE CONTAINS A COMPLETE SYSTEM OF RESIDUES S. A. BURR Belt Telephone Laboratories, Inc., Whippany, New Jersey

Escaping from a Labyrinth with One-way Roads for Limited Robots

The congruence relation has many similarities to equality. The following theorem says that congruence, like equality, is an equivalence relation.

Degree project NUMBER OF PERIODIC POINTS OF CONGRUENTIAL MONOMIAL DYNAMICAL SYSTEMS

Discrete Mathematics & Mathematical Reasoning Multiplicative Inverses and Some Cryptography

Introduction to Modular Arithmetic

DUBLIN CITY UNIVERSITY

PT. Primarity Tests Given an natural number n, we want to determine if n is a prime number.

Chapter 4 Cyclotomic Cosets, the Mattson Solomon Polynomial, Idempotents and Cyclic Codes

SQUARING THE MAGIC SQUARES OF ORDER 4

Zhanjiang , People s Republic of China

Public Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014

Algorithmic Number Theory and Cryptography (CS 303)

Congruence properties of the binary partition function

Carmen s Core Concepts (Math 135)

Modular Arithmetic. claserken. July 2016

RESIDUE NUMBER SYSTEM. (introduction to hardware aspects) Dr. Danila Gorodecky

Modular arithmetic Math 2320

Groups, Modular Arithmetic and Geometry

MA/CSSE 473 Day 9. The algorithm (modified) N 1

Solutions for the Practice Questions

Public-Key Cryptosystem Based on Composite Degree Residuosity Classes. Paillier Cryptosystem. Harmeet Singh

Number Theory. Konkreetne Matemaatika

Basic Communication Operations (cont.) Alexandre David B2-206

Algorithmic Number Theory and Cryptography (CS 303)

Math 412: Number Theory Lecture 6: congruence system and

Introduction. and Z r1 Z rn. This lecture aims to provide techniques. CRT during the decription process in RSA is explained.

Solutions for the Practice Final

x 8 (mod 15) x 8 3 (mod 5) eli 2 2y 6 (mod 10) y 3 (mod 5) 6x 9 (mod 11) y 3 (mod 11) So y = 3z + 3u + 3w (mod 990) z = (990/9) (990/9) 1

SOLUTIONS FOR PROBLEM SET 4

BAND SURGERY ON KNOTS AND LINKS, III

Math 319 Problem Set #7 Solution 18 April 2002

Diffie-Hellman key-exchange protocol

ON THE EQUATION a x x (mod b) Jam Germain

#A3 INTEGERS 17 (2017) A NEW CONSTRAINT ON PERFECT CUBOIDS. Thomas A. Plick

Final exam. Question Points Score. Total: 150

Fermat s little theorem. RSA.

ALGEBRA: Chapter I: QUESTION BANK

Math 127: Equivalence Relations

Sheet 1: Introduction to prime numbers.

Lecture 8. Outline. 1. Modular Arithmetic. Clock Math!!! 2. Inverses for Modular Arithmetic: Greatest Common Divisor. 3. Euclid s GCD Algorithm

University of British Columbia. Math 312, Midterm, 6th of June 2017

EE 418: Network Security and Cryptography

SESAME Modular Arithmetic. MurphyKate Montee. March 2018 IN,Z, We think numbers should satisfy certain rules, which we call axioms:

ON SPLITTING UP PILES OF STONES

Constructions of Coverings of the Integers: Exploring an Erdős Problem

CMPSCI 250: Introduction to Computation. Lecture #14: The Chinese Remainder Theorem David Mix Barrington 24 February 2012

Math 255 Spring 2017 Solving x 2 a (mod n)

Data security (Cryptography) exercise book

Arithmetic Properties of Combinatorial Quantities

Transcription:

Introduction to Number Theory c Eli Biham - November 5, 006 345 Introduction to Number Theory (1)

Quadratic Residues Definition: The numbers 0, 1,,...,(n 1) mod n, are called uadratic residues modulo n. Numbers which are not uadratic residues modulo n are called uadratic non-residues modulo n. Examle: Modulo 11: i 0 1 3 4 5 6 7 8 9 10 i mod 11 0 1 4 9 5 3 3 5 9 4 1 There are six uadratic residues modulo 11: 0, 1, 3, 4, 5, and 9. There are five uadratic non-residues modulo 11:, 6, 7, 8, 10. c Eli Biham - November 5, 006 346 Introduction to Number Theory (1)

Quadratic Residues (cont.) Lemma: Let be rime. Exactly half of the numbers in Z are uadratic residues. With 0, exactly +1 numbers in Z are uadratic residues. Proof: There are at most +1 uadratic residues, since 0 1 ( 1) (mod ) ( ). (mod ) i ( i). (mod ) i Thus, all the elements in Z san at most +1 uadratic residues. There are at least +1 uadratic residues, otherwise, for some i j 1 / it holds that i = ( i) = j = ( j), in contrast to Lagrange theorem that states that the euation x i = 0 has at most two solutions (mod ). c Eli Biham - November 5, 006 347 Introduction to Number Theory (1)

Quadratic Residues (cont.) Since Z is cyclic, there is a generator. Let g be a generator of Z. 1. g is a uadratic non-residue modulo, since otherwise there is some b such that b g (mod ). Clearly, b 1 1 (mod ), and thus g 1 b 1 1 (mod ). However, the order of g is 1. Contradiction.. g, g 4,...,g ( 1) mod are uadratic residues, and are distinct, therefore, there are at least 1 uadratic residues. 3. g,g 3,g 5,...,g ( ) mod are uadratic non-residues, since if any of them is a uadratic residue, g is also a uadratic residue. QED c Eli Biham - November 5, 006 348 Introduction to Number Theory (1)

Euler s Criterion Theorem: Let be a rime, and let a Z. Then, a is a uadratic residue modulo iff a 1 1 (mod ). Proof: ( ) If a is a uadratic residue, there is some b such that a b Thus, a 1 (b ) 1 b 1 1 (mod ). (mod ). c Eli Biham - November 5, 006 349 Introduction to Number Theory (1)

Euler s Criterion (cont.) ( ) If a is a uadratic non-residue: For any r there is a uniue s such that rs a (mod ), i.e., s = ar 1, and there is no r r such that s = ar 1. Since a is a uadratic non-residue, r s (mod ). Thus, the numbers 1,, 3,..., 1 are divided into 1 distinct airs (r 1, s 1 ), (r,s ),..., (r 1, s 1), such that r i s i = a, and we get a 1 by Wilson s theorem. QED r 1 s 1 r s...r 1 s 1 1... ( 1) 1 (mod ) c Eli Biham - November 5, 006 350 Introduction to Number Theory (1)

Quadratic Residues Modulo n = Let and be large rimes and let n = (as in RSA). Theorem: Let m Z n. If m is a uadratic residue modulo n, then m has exactly four suare roots modulo n in Z n. Proof: Assume α m (mod n). Then gcd(m, n) = 1 gcd(α, n) = 1 gcd(α, n) = 1 α Z n. and since then m α (mod n) m α (mod ) m α (mod ) m has two suare roots modulo (α mod and α mod ) and two suare roots modulo (α mod and α mod ). c Eli Biham - November 5, 006 351 Introduction to Number Theory (1)

Quadratic Residues Modulo n = (cont.) Look at the systems of euations x ±α (mod ) x ±α (mod ) which reresent four systems (one of each ossible choice of ±). Each system has an uniue solution modulo n which satisfies and thus satisfies x m (mod ) x m (mod ) x m (mod n) All the four solutions are roots of m modulo n. These are all the roots. Otherwise there must be more than two roots either modulo or modulo. QED c Eli Biham - November 5, 006 35 Introduction to Number Theory (1)

Quadratic Residues Modulo n = (cont.) Conclusion: Exactly a uarter of the numbers in Z n are uadratic residues modulo n. c Eli Biham - November 5, 006 353 Introduction to Number Theory (1)

Legendre s Symbol Definition: Let be a rime such that a. Legendre s symbol of a over is a = +1, if a is a uadratic residue modulo ; 1, if a is a uadratic non-residue modulo. By Euler: a a 1 (mod ). c Eli Biham - November 5, 006 354 Introduction to Number Theory (1)

Legendre s Symbol (cont.) Proerties of Legendre s symbol: 1. a a (mod ) ( a. ( 1 ) = ( c ) = 1 c. ) = ( a 3. ( ) 1 1, if = 4k + 1; = 1, if = 4k + 3. Proof: ). 1 ( 1) 1 (mod ) ( 1) 4k+1 1 ( 1) 4k+3 1 ( 1) k 1, if = 4k + 1; ( 1) k+1 1, if = 4k + 3. c Eli Biham - November 5, 006 355 Introduction to Number Theory (1)

4. ( ) = ( 1) 1 8. (given without a roof). 5. ( ) ( ) ( ) ab = a b. Proof: Legendre s Symbol (cont.) Let g be a generator modulo. Then, i,a g i (mod ) and j, b g j (mod ). a is a uadratic residue iff i is even, b is a uadratic residue iff j is even, and ab is a uadratic residue iff i + j is even. Thus, by Euler: ab ( 1) i+j ( 1) i ( 1) j a b (mod ). c Eli Biham - November 5, 006 356 Introduction to Number Theory (1)

Legendre s Symbol (cont.) 6. The recirocity law: if are both odd rimes then = ( 1) 1 1. (given without a roof). c Eli Biham - November 5, 006 357 Introduction to Number Theory (1)

Jacobi s Symbol Jacobi s symbol is a generalization of Legendre s symbol to comosite numbers. Definition: Let n be odd, and let 1,,..., k be the rime factors of n (not necessarily distinct) such that n = 1 k. Let a be corime to n. Jacobi s symbol of a over n is a n = a 1 a k a. In articular, for n = a n = a = a a. c Eli Biham - November 5, 006 358 Introduction to Number Theory (1)

Jacobi s Symbol (cont.) Remarks: 1. a Z n is a uadratic residue modulo n iff the Legendre s symbols over all the rime factors are 1.. When Jacobi s symbol is 1, a is not necessarily a uadratic residue. 3. When Jacobi s symbol is -1, a is necessarily a uadratic non-residue. c Eli Biham - November 5, 006 359 Introduction to Number Theory (1)

Proerties of Jacobi s symbol: Jacobi s Symbol (cont.) Let m and n be integers, and let a and b be corime to m and n. Assume that n is odd and that the factorization of n is n = 1 k. 1. a b (mod n) ( ( ) a n) = b n.. ( ) 1 n = 1 n (1 is a uadratic residue modulo any n). 3. ( ) 1 n 1 n = ( 1). Proof: oening arentheses: = n = 1 k = (( 1 1) + 1)(( 1) + 1) (( k 1) + 1) S {1,,...,k} ( i 1) i S c Eli Biham - November 5, 006 360 Introduction to Number Theory (1)

= Jacobi s Symbol (cont.) S {1,,...,k} S ( i 1) i S + i {1,,...,k} ( i 1) + 1 = [( 1 1)( 1) ( k 1) +...] + ( 1 1) + ( 1) +... + ( k 1) + 1 where all the terms with S (in the brackets) are multiles of four, and all the i 1 are even. Thus, and n 1 1 = n ( 1 1) 1 1 + ( 1) 1 1 k +... + ( k 1) (mod ), = ( 1) ( 1 1)/ ( 1) ( 1)/ ( 1) ( k 1)/ = ( 1) ( 1 1)/+( 1)/+...+( k 1)/ = ( 1) (n 1)/. c Eli Biham - November 5, 006 361 Introduction to Number Theory (1)

Jacobi s Symbol (cont.) 4. ( ) n n = ( 1) 1 8. Proof: We saw that ( ) = ( 1) 1 8, thus: n = 1 k = ( 1) 1 1 8 + 1 8 + + k 1 8 It remains to show that n 1 8 1 1 8 + 1 8 + + k 1 8 (mod ) 1 = (1 + ( 1 1))(1 + ( 1)) = 1 + ( 1 1) + ( 1) + ( 1 1)( 1) But 8 ( 1 1) and 8 ( 1), thus 64 ( 1 1)( 1). Therefore, 1 1 + ( 1 1) + ( 1) (mod 16) c Eli Biham - November 5, 006 36 Introduction to Number Theory (1)

Jacobi s Symbol (cont.) And, 1 3 (1 + ( 1 1))(1 + ( 1))(1 + ( 3 1)) (mod 16) 1 + ( 1 1) + ( 1) + ( 3 1) (mod 16) etc., thus, n 1 + ( 1 1) + ( 1) + + ( k 1) (mod 16) n 1 8 1 1 8 + 1 8 + + k 1 8 (mod ) c Eli Biham - November 5, 006 363 Introduction to Number Theory (1)

Jacobi s Symbol (cont.) 5. The first multilication roerty: ( ( ( ) a mn) = a a m) n. (if a is corime to mn it is corime to m and to n; the rest is derived directly from the definition). 6. The second multilication roerty: ( ) ( ) ( ) ab n = a b n n. (if ab is corime to n, the both a and b are corime to n; the rest is derived since this roerty holds for Legendre s symbol). c Eli Biham - November 5, 006 364 Introduction to Number Theory (1)

Jacobi s Symbol (cont.) 7. The recirocity law: if m, n are corime and odd then n m = ( 1) m 1 n 1 m n. Proof: First assume that m = is a rime, thus, n = 1 By the recirocity law of Legendre s symbol we know that Thus, i n = ( 1) 1 = ( 1) i 1 1 ( 1 1 +...+ k 1 ) 1 k i.. k }{{} c Eli Biham - November 5, 006 365 Introduction to Number Theory (1) ( n).

We saw in roerty 3 that, Jacobi s Symbol (cont.) thus, n 1 ( 1 1) Now for any odd m: + ( 1) n = ( 1) 1 +... + ( k 1) n 1 n. (mod ), n m = = n 1 1 n n = ( 1) m 1 n l l n n n 1 m n ( 1) n 1 ( 1 1 +...+ l 1 ) QED c Eli Biham - November 5, 006 366 Introduction to Number Theory (1)

Alication of Jacobi s Symbol: Jacobi s Symbol (cont.) Using the roerties of Jacobi s symbol, it is easy to calculate Legendre s symbols in olynomial time. Examle: 117 71 37 117 6 = 71 7 +1 = 117 1 = 117 7 = 37 1 37 3 3 = 6 = 37 37 4 ( 1) = 37 7 ( 1)(+1) 1 = 1 ( 1)(+1) = 3 ( 1)(+1)1 = 1 37 3 71 is rime, therefore ( ) 117 71 can also be comuted by: 117 117 71 1 117 135 1 (mod 71). 71 c Eli Biham - November 5, 006 367 Introduction to Number Theory (1)

Comlexity: Jacobi s Symbol (cont.) The only reuired arithmetic oerations are modular reductions and division by owers of two. Clearly, a division (rule 6) reduces the numerator by a factor of two. A modular reduction (using rule 7 and then rule 1), reduces the number by at least two: as if a > b then a = b + r b + r > r + r, thus r < a/, i.e, a mod b < a/. Therefore, at most O(log n) modular reductions/divisions are erformed, each of which takes O((log n) ) time. This shows that the comlexity is O((log n) 3 ), which is olynomial in log n. A more recise analysis of this algorithm shows that the comlexity can be reduced to O((log n) ). c Eli Biham - November 5, 006 368 Introduction to Number Theory (1)

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback