Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
11 views

Module 1

Uploaded by

supriya.baghel03082004
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
11 views

Module 1

Uploaded by

supriya.baghel03082004
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 50

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Guidelines to be followed
BCSE309L
Cryptography and Network Security 1. Be on time for class.
2. Be attentive and clarify your doubts immediately.
3. Don’t indulge in other actives when the class is in progress.
By,
Dr.Swetha.N.G., 4. Complete the Assignments/Quiz within the deadline provided.
Assistant Professor Senior, 5. Maintain a dedicated notebook in class.
Department of Analytics,
School of Computer Science and Engineering,
Vellore Institute of Technology, Vellore.

Email: swetha.ng@vit.ac.in Mobile: 8903580808 Cabin: PRP 217-16


Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Course Objectives Course Outcomes


1. To explore the concepts of basic number theory and cryptographic After successfully completing the course the student should be
techniques. able to
2. To impart concept of Hash and Message Authentication, Digital CO 1: To know the fundamental mathematical concepts related to
Signatures and authentication protocols. security.
3. To reveal the basics of transport layer security, Web Security and CO 2: To understand concept of various cryptographic techniques.
various types of System Security. CO 3: To apprehend the authentication and integrity process of data for
various applications
CO 4: To know fundamentals of Transport layer security, web security,
E-Mail Security and IP Security

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 1 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Modules Books
Module 1: Fundamentals of Number Theory Recommended Text Book
Module 2: Symmetric Encryption Algorithms 1. Cryptography and Network Security-Principles and Practice, 8th
Module 3: Asymmetric Encryption Algorithm and Key Exchange Edition, by Stallings William, published by Pearson, 2020.
Module 4: Message Digest and Hash Functions Reference Books
Module 5: Digital Signature and Authentication Protocols 1. Cryptography and Network Security, 3rd Edition, by Behrouz A
Forouzan and Depdeep Mukhopadhyay, published by McGrawHill,
Module 6: Transport Layer Security and IP Security 2015.
Module 7: E-mail, Web and System Security

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Internal Assessment Pattern WhatsApp Group


Internal Component Total Mark Mark Consolidation Mode of Conduct
Digital Assignment 10 10 VTOP
• E1 – Slot
Quiz 1 (Before CAT 1) 10 10 MS Forms • Join the Whatsapp group using
Quiz 2 10 10 MS Forms the QR Code
CAT 1 50 15 Offline Mode by COE
CAT 2 50 15 Offline Mode by COE
Total Internal Marks 60

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 2 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

WhatsApp Group Module 1 - Fundamentals of Number Theory


• E2 – Slot Finite Fields and Number Theory: Modular arithmetic, Euclidian
• Join the Whatsapp group using Algorithm, Primality Testing: Fermats and Eulers theorem, Chinese
the QR Code Reminder theorem, Discrete Logarithms.
(5 hours)

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Introduction to Number Theory –


Set of Integers
Integer Arithmetic
• In integer arithmetic, we use a set and a few operations. • The set of integers, denoted by Z, contains all integral numbers (with
• You are familiar with this set and the corresponding operations, but they no fraction) from negative infinity to positive infinity.
are reviewed here to create a background for modular arithmetic.
Topics discussed in this section:
• Set of Integers
• Binary Operations
• Integer Division
• Divisibility
• Euclidean Algorithm
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 3 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Binary Operations Binary Operations


• In cryptography, we are interested in three binary operations applied • The following shows the results of the three binary operations on two
to the set of integers. integers.
• A binary operation takes two inputs and creates one output. • Because each input can be either positive or negative, we can have
four cases for each operation.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Integer Division Integer Division


• In integer arithmetic, if we divide a by n (a/n), we can get q and r. • Assume that a = 255 and n = 11.
• The relationship between these four integers can be shown as, • We can find q = 23 and r = 2 using the division algorithm.

a=q×n+r

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 4 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Integer Division / Division Algorithm Integer Division


• Division algorithm for integers • Assume that a = -255 and n = 11.
• We can find q = -23 and r = -2 using the division algorithm.
-

-
+
-
-

-
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Integer Division Integer Division


• Assume that a = -255 and n = 11. • Assume that a = -255 and n = 11.
• We can find q = -23 and r = -2 using the division algorithm. • We can find q = -23 and r = -2 using the division algorithm.
- - To convert a negative reminder into non
negative reminder do the following,
- -
+ + 1. Decrement the value of q by 1.
- -
2. Add the value of n to r to make r
- - positive.

Reminder must be non q = q-1


- negative !!! - r = r+n
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 5 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Integer Division
Integer Division
• Assume that a = -255 and n = 11.
• We can find q = -23 and r = -2 using the division algorithm.
- Conversion:
q = q-1
- r = r+n
+
-
q=-23  -23-1 = -24
- r= -2  -2+11 = 9

a = (q x n) + r
-
-255 = (-24 x 11) + 9
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Divisibility Divisibility Example


• If a is not zero and we let r = 0 in the division relation, we get • 32/4 • 42/8
• a=32 • a=42
• n=4 • n=8
a=q×n
• Relationship: 32= (8 x 4) + 0 • Relationship: 42= (5 x 8) + 2
• q=8; r=0 • q=5; r=2
• If the remainder is zero, n|a
• Representation: 4|32 • Representation: 8 | 42
• If the remainder is not zero, n|a • 4 divides 32 • 8 does not divide 42
NOTE • 4 is a divisor of 32 • 8 is not a divisor of 42
• n|a
• n divides a
• n is a divisor of a

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 6 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Properties of Divisibility Properties of Divisibility


1. Divisor of 1 is either +1 or -1.
2. A number divides itself (+ or -)
3. 0 has no divisor but 0 is a divident of all
numbers.
 25/0  not defined
 0/25  0
 0|25
4. 11|66 and 66|198
 11|198

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Common divisors of two integers


Divisibility
Greatest Common Divisor (GCD)

Fact 1: The integer 1 has only one divisor, itself.

Fact 2: Any positive integer has at least two divisors, 1


and itself (but it can have more).

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 7 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Greatest Common Divisor (GCD) Greatest Common Divisor (GCD)


• The greatest common divisor of two positive integers is the largest integer • More formally, the positive integer c is said to be the greatest
that can divide both integers. common divisor of a and b if
• GCD (a,b) of a and b is the largest integer that divides evenly into both a • c is a divisor of a and of b.
and b. • any divisor of a and b is a divisor of c.

eg GCD(60,24) = 12
• Mathematical Definition
• gcd(a, b) = max[k, such that k|a and k|b]
• We define gcd(0, 0) = 0
• we require that the greatest common divisor be positive,
• We define gcd(a,0) = |a| • gcd(a,b) = gcd(a,-b) = gcd(-a,b) = gcd(-a,-b)
• When gcd(a,b)=1, it implies that there are no common divisor except 1. • In general, gcd(a,b) = gcd(|a|,|b|)
• So, a and b are said to be relatively prime to each other. • Eg: gcd(60,-24) = gcd(60,24) = 12
• Eg: gcd(8,15)=1 • gcd (a, b) = gcd (b, r), where r is the remainder of dividing a by b
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Euclidean Algorithm Euclidean Algorithm


• Find the greatest common divisor of 25 and 60.

q r1 r2 r
Divide 25/60 = 0.4166
0 25 60 25
q=0
r = 25 (0.416*60)

When gcd (a, b) = 1, we say that a and b are


relatively prime.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 8 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Euclidean Algorithm Euclidean Algorithm


• Find the greatest common divisor of 25 and 60. • Find the greatest common divisor of 25 and 60.

q r1 r2 r q r1 r2 r
Divide 60/25 = 2.4 Divide 25/10 = 2.5
0 25 60 25 0 25 60 25
q=2 q=2
2 60 25 10 2 60 25 10
r = 10 (0.4*25) r = 5 (0.5*10)
2 25 10 5

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Euclidean Algorithm Euclidean Algorithm


• Find the greatest common divisor of 25 and 60. • Find the greatest common divisor of 25 and 60.

q r1 r2 r q r1 r2 r
Divide 10/5 = 2 When r2=0
0 25 60 25 0 25 60 25
q=2 Stop
2 60 25 10 2 60 25 10
r=0
2 25 10 5 2 25 10 5
2 10 5 0 2 10 5 0
5 0

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 9 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Euclidean Algorithm Euclidean Algorithm


• Find the greatest common divisor of 25 and 60. • Find the greatest common divisor of 2740 and 1760.

q r1 r2 r
0 25 60 25
2 60 25 10 GCD(25,60)=5
2 25 10 5
2 10 5 0
5 0

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Euclidean Algorithm
Euclidean Algorithm
• gcd(1160718174, 316258250)=?
• Find the greatest common divisor of 2740 and 1760.

q r1 r2 r
1 2740 1760 980
1 1760 980 780 GCD(2740,1760)=20
1 980 780 200
3 780 200 180
1 200 180 20
9 180 20 0
20 0
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 10 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Euclidean Algorithm • gcd(1160718174, 316258250)=?

q r1 r2 r
Homework
3 1160718174 316258250 211943424
1 316258250 211943424 104314826
• GCD(1970,1066) = ? Answer: 2
2 211943424 104314826 3313772
31 104314826 3313772 1587894
2 3313772 1587894 137984
11 1587894 137984 70070
1 137984 70070 67914
1 70070 67914 2156
31 67914 2156 1078
2 2156 1078 0
1078 0
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Extended Euclidean Algorithm Extended Euclidean Algorithm


• For given integers a and b, the extended Euclidean algorithm not only
calculates the greatest common divisor d but also two additional
integers s and t that satisfy the following equation.
a.s + b.t = d = gcd(a, b)
• s and t will have opposite signs.
• Eg: gcd (161, 28) = 7, s = −1 and t = 6

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 11 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Extended Euclidean Algorithm Extended Euclidean Algorithm


• Given a = 161 and b = 28, find gcd (a, b) and the values of s and t.

q r1 r2 r s1 s2 s t1 t2 t a=161 b=28
------------------------------------
5 161 28 21 1 0 1 0 1 -5 161/28 = 5.75
q= 5
r= 21
------------------------------------
s=s1-(q*s2)
s=1-(5*0)
s=1
-------------------------------------
t=t1-(q*t2)
t=0-(5*1)
t=-5
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Extended Euclidean Algorithm Extended Euclidean Algorithm


• Given a = 161 and b = 28, find gcd (a, b) and the values of s and t. • Given a = 161 and b = 28, find gcd (a, b) and the values of s and t.

q r1 r2 r s1 s2 s t1 t2 t a=28 b=21 q r1 r2 r s1 s2 s t1 t2 t a=21 b=7


------------------------------------ ------------------------------------
5 161 28 21 1 0 1 0 1 -5 28/21 = 1.333 5 161 28 21 1 0 1 0 1 -5 21/7 = 3
1 28 21 7 0 1 -1 1 -5 6 q= 1 1 28 21 7 0 1 -1 1 -5 6 q= 3
r= 7 r= 0
3 21 7 0 1 -1 4 -5 6 -23
------------------------------------ ------------------------------------
s=s1-(q*s2) s=s1-(q*s2)
s=0-(1*1) s=1-(3*-1)
s=-1 s=4
------------------------------------- -------------------------------------
t=t1-(q*t2) t=t1-(q*t2)
t=1-(1*-5) t=-5-(3*6)
t=6 t=-23
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 12 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Extended Euclidean Algorithm Extended Euclidean Algorithm


• Given a = 161 and b = 28, find gcd (a, b) and the values of s and t. • Given a = 17 and b = 0, find gcd (a, b) and the values of s
and t.
q r1 r2 r s1 s2 s t1 t2 t Stop when r2 becomes 0
-----------------------------------
5 161 28 21 1 0 1 0 1 -5 GCD(161,28)=7
1 28 21 7 0 1 -1 1 -5 6 And the two integers are as
follows,
3 21 7 0 1 -1 4 -5 6 -23
7 0 -1 4 6 -23 s=-1
t=6
-------------------------------------
s*a + t*b = GCD(a,b)
(-1*161)+(6*28) = 7
-161+168 = 7
7=7
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Extended Euclidean Algorithm Extended Euclidean Algorithm


• Given a = 17 and b = 0, find gcd (a, b) and the values of s • Given a = 0 and b = 45, find gcd (a, b) and the values of s
and t. and t.
q r1 r2 r s1 s2 s t1 t2 t Stop when r2 becomes 0 q r1 r2 r s1 s2 s t1 t2 t a=0 b=45
----------------------------------- -------------------------------------
17 0 1 0 0 1 GCD(17,0)=17 0 0 45 0 1 0 1 0 1 0 0/45 = 0
And the two integers are as q=0
follows, r=0
-------------------------------------
s=1 s=s1-(q*s2)
t=0 s=1-(0*0)
------------------------------------- s=1
s*a + t*b = GCD(a,b) --------------------------------------
(1*17)+(0*0) = 17 t=t1-(q*t2)
17+0 = 17 t=0-(0*1)
17 = 17 t=0
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 13 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Extended Euclidean Algorithm Homework


• Given a = 0 and b = 45, find gcd (a, b) and the values of s
and t. • Given a = 1759 and b = 550, find gcd (a, b) and the values of x and y.
Stop when r2 becomes 0 • Answer: GCD(1759,550) = 1; x= -111; y=355
q r1 r2 r s1 s2 s t1 t2 t
-----------------------------------
0 0 45 0 1 0 1 0 1 0 GCD(0,45)=45
45 0 0 1 1 0 And the two integers are as
follows,

s=0
t=1
-------------------------------------
s*a + t*b = GCD(a,b)
(0*0)+(1*45) = 45
0+45 = 45
45 = 45
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Modular Arithmetic Modulo Operator


• The division relationship (a = q × n + r) discussed in the previous section • The modulo operator is shown as mod.
has two inputs (a and n) and two outputs (q and r).
• In modular arithmetic, we are interested in only one of the outputs, the • The second input (n) is called the modulus.
remainder r. • The output r is called the residue.
• Topics discussed in this section:
• Modular Operator
• Set of Residues
• Congruence
• Operations in Zn
• Addition and Multiplication Tables
• Different Sets
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore.
Division algorithm and modulo operator
Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 14 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Modulo Operator Modulo Operator


• Find the result of the following • Find the result of the following
operations: operations:
• 27 mod 5 = ? • 27 mod 5 = 2
• 27/5 = 5.4
• q=5
• r=(5.4-5)*5=2

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Modulo Operator Modulo Operator


• Find the result of the following • Find the result of the following
operations: operations:
• 27 mod 5 = 2 • 27 mod 5 = 2
• 27/5 = 5.4 • 27/5 = 5.4
• q=5 • q=5
• r=(5.4-5)*5=2 • r=(5.4-5)*5=2
• 36 mod 12 = ? • 36 mod 12 = 0
• 36/12 = 3  r=0

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 15 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

• −18 mod 14 = ? • −18 mod 14 = 10


Modulo Operator Modulo Operator • -18/14= -1.2857
• q= -1
• Find the result of the following • Find the result of the following • r= (-1.2857+1)*14 = -4
operations: operations: • Decrement q by 1 and add n to r.
• 27 mod 5 = 2 • 27 mod 5 = 2 q=-2 ; r= -4+14 = 10
• 27/5 = 5.4 • 27/5 = 5.4
• q=5 • q=5
• r=(5.4-5)*5=2 • r=(5.4-5)*5=2
• 36 mod 12 = 0 • 36 mod 12 = 0
• 36/12 = 3  r=0 • 36/12 = 3  r=0

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

• −18 mod 14 = 10 • −18 mod 14 = 10


Modulo Operator • -18/14= -1.2857
Modulo Operator • -18/14= -1.2857
• q= -1 • q= -1
• Find the result of the following • r= (-1.2857+1)*14 = -4 • Find the result of the following • r= (-1.2857+1)*14 = -4
operations: • Decrement q by 1 and add n to r. operations: • Decrement q by 1 and add n to r.
• 27 mod 5 = 2 q=-2 ; r= -4+14 = 10 • 27 mod 5 = 2 q=-2 ; r= -4+14 = 10
• 27/5 = 5.4 • −7 mod 10 = ? • 27/5 = 5.4 • −7 mod 10 = 3
• q=5 • q=5 • -7/10 =- 0.7
• r=(5.4-5)*5=2 • r=(5.4-5)*5=2 • q= 0
• 36 mod 12 = 0 • 36 mod 12 = 0 • r= (-0.7*10)= -7
• Decrement q by 1 and add n to r.
• 36/12 = 3  r=0 • 36/12 = 3  r=0
q=-1 ; r= -7+10 = 3

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 16 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Set of Residues Congruence


• The modulo operation creates a set, which in modular arithmetic is • Congruence: The quality or state of agreeing, coinciding
referred to as the set of least residues modulo n, or Zn. • Two integers a and b are said to be congruent modulo n, if
(a mod n) = (b mod n)
• This is written as a ≡ b (mod n)

Some Zn sets

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Congruence Properties of Congruences

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 17 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Operation in Zn Operation in Zn
• The three binary operations that we discussed for the set Z can also Perform the following operations (the inputs come from Zn):
be defined for the set Zn. • Add 7 to 14 in Z15
• The result may need to be mapped to Zn using the mod operator.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Operation in Zn Operation in Zn
Perform the following operations (the inputs come from Zn): Perform the following operations (the inputs come from Zn):
• Add 7 to 14 in Z15 • Add 7 to 14 in Z15
• (7+14) mod 15 = 21 mod 15 = 6 • (7+14) mod 15 = 21 mod 15 = 6
• Subtract 11 from 7 in Z13

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 18 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Operation in Zn Operation in Zn
Perform the following operations (the inputs come from Zn): Perform the following operations (the inputs come from Zn):
• Add 7 to 14 in Z15 • Add 7 to 14 in Z15
• (7+14) mod 15 = 21 mod 15 = 6 • (7+14) mod 15 = 21 mod 15 = 6
• Subtract 11 from 7 in Z13 • Subtract 11 from 7 in Z13
• (7-11) mod 13 = -4 mod 13 = 9 mod 13 = 9 • (7-11) mod 13 = -4 mod 13 = 9 mod 13 = 9
• Multiply 11 by 7 in Z20

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Operation in Zn Operation in Zn
Perform the following operations (the inputs come from Zn): Properties
1. [(a mod n) + (b mod n)] mod n = (a + b) mod n
• Add 7 to 14 in Z15
• (7+14) mod 15 = 21 mod 15 = 6 2. [(a mod n) – (b mod n)] mod n = (a – b) mod n
3. [(a mod n) x (b mod n)] mod n = (a x b) mod n
• Subtract 11 from 7 in Z13
• (7-11) mod 13 = -4 mod 13 = 9 mod 13 = 9
Example
• Multiply 11 by 7 in Z20 1. [(11 mod 8) + (15 mod 8)] mod 8 = 10 mod 8 = 2 ; (11 + 15) mod 8 = 26 mod 8 = 2
• (11*7) mod 20 = 77 mod 20 = 17 2. [(11 mod 8) – (15 mod 8)] mod 8 = –4 mod 8 = 4 ; (11 – 15) mod 8 = –4 mod 8 = 4
3. [(11 mod 8) x (15 mod 8)] mod 8 = 21 mod 8 = 5 ; (11 x 15) mod 8 = 165 mod 8 = 5

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 19 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Operation in Zn Inverses
• In arithmetic, we often need to find the remainder of powers of 10 • When we are working in modular arithmetic, we often need to find
when divided by an integer. the inverse of a number relative to an operation.

We are normally looking for


• An additive inverse (relative to an addition operation) or
• A multiplicative inverse (relative to a multiplication operation).

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Inverses: Additive Inverses: Additive


• In Zn, two numbers a and b are additive inverses of each other if • Find all additive inverse pairs in Z10.

Solution:
• Z10 = {0,1,2,3,4,5,6,7,8,9}
• Consider ‘0’ the additive inverse is itself ‘0’ [0+0] ≡ 0 mod 10
In modular arithmetic, each integer has an additive inverse.
The sum of an integer and its additive inverse is congruent to • ‘1’ additive inverse is ‘9’, [1+9] ≡ 0 mod 10
0 modulo n. • 2 additive inverse is 8, [2+8] ≡ 0 mod 10
• The six pairs of additive inverses are
(0, 0), (1, 9), (2, 8), (3, 7), (4, 6), and (5, 5).
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 20 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Inverses: Multiplicative
Inverses: Multiplicative • Find all multiplicative inverses in Z10.

• In Zn, two numbers a and b are the multiplicative inverse of each Solution
other if • Z10 = {0,1,2,3,4,5,6,7,8,9}
• 0 * NA ≡ 1 mod 10
• 0 has no multiplicative inverse under modulo 10.
• 1*? ≡ 1 mod 10
• 1*1 ≡ 1 mod 10
In modular arithmetic, an integer may or may not • The multiplicative inverse of 1 is 1 under modulo 10.
have a multiplicative inverse. • 2*? ≡ 1 mod 10
• 2 has no multiplicative inverse under modulo 10.
When it does, the product of the integer and its
• 3*? ≡ 1 mod 10
multiplicative inverse is congruent to • 3*7 ≡ 1 mod 10
1 modulo n. • The multiplicative inverse of 3 is 7 under modulo 10.
• There are only three pairs: (1, 1), (3, 7) and (9, 9).
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of • The numbers 0, 2, 4, 5, 6, and 8by:do
Prepared not have
Dr.Swetha.N.G., a Senior,
Asst Prof multiplicative
Dept of inverse.
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Inverses: Multiplicative Inverses: Multiplicative


• Find the multiplicative inverse of 8 in Z10.
The extended Euclidean algorithm finds the
Solution multiplicative inverses of b in Zn when n and b are
• Multiplicative inverse for a number only exists if the number and given and
the modulo operator are relatively prime to each other. gcd (n, b) = 1.
• There is no multiplicative inverse because gcd (10, 8) = 2 ≠ 1. The multiplicative inverse of b is the value of t after
being mapped to Zn.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 21 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Inverses: Multiplicative Inverses: Multiplicative


• Using extended Euclidean algorithm to find multiplicative inverse • Find the multiplicative inverse of 11 in Z26.
• Solution

• The gcd (26, 11) is 1; the inverse of 11 is -7 or 19

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Inverses: Multiplicative Inverses: Multiplicative


• Find the multiplicative inverse of 23 in Z100. • Find the inverse of 12 in Z26.
• Solution
• Solution

• The gcd (100, 23) is 1; the inverse of 23 is -13 or 87. • The gcd (26, 12) is 2; the inverse does not exist.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 22 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Addition and Multiplication Tables Different Sets

We need to use Zn when additive inverses are


needed;
we need to use Zn* when multiplicative inverses are
needed.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Algebraic Structures Groups (G)


• Cryptography requires sets of integers and specific operations that • A group (G) is a set of elements with a binary operation (•) that
are defined for those sets. satisfies four properties (or axioms).
• Closure : if a, b are in G, then a•b in G
• The combination of the set and the operations that are applied to • Associativity : if a, b, c are in G, then (a•b) •c = a• (b•c)
the elements of the set is called an algebraic structure. • Existence of identity: For all a in G, there is an identity element (e), such that
• In this section, we will define three common algebraic structures: e•a = a•e = a
• Existence of inverse: For each a in G, there is an element a’ called inverse of
• Groups a, such that a•a’= a’•a = e
• Rings • A commutative group (Abelian Group) satisfies an extra property,
• Fields commutativity.
• Commutativity : For all a and b in G, a•b = b•a (Abelian G)

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 23 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Groups Groups: Application


• Although a group involves a single operation, the properties imposed
on the operation allow the use of a pair of operations as long as they
are inverses of each other.
Example:1
• The set of residue integers with the addition operator,
G = < Zn , +>
Operation: • is a commutative group.
1.Addition • We can perform addition and subtraction on the elements of this set
2.Multiplication without moving out of the set.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Groups: Application Groups: Finite Group


Example:2 • A group is said to be a finite group if the set has a finite number of
• The set Zn* with the multiplication operator, G = <Zn*, ×>, is also an elements.
abelian group. • Otherwise, it is an infinite group.

• Let us define a set G = < {a, b, c, d}, •> and the operation as shown in • Eg: <Z,+>  Infinite Group
Table below. • Eg: <Z10,+>  Finite Group
This user defined
operation • Forms an
Abelian Group.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 24 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Groups: Order of a Group Groups: Sub Group


• The order of a group |G|, is the number of elements in the group. • A subset H of a group G is a subgroup of G if
• If the group is not finite, its order is infinite. • H itself is a group with respect to the operation on G.

• If the group is finite, the order is finite. • If G=<S, •> is a group, H=<T, •> is a group under the same operation
., and T is a non empty subset of S.
• This implies that, H=<T, •> is a sub group of G.
• Eg: G= <Z10,+>
• |G| = 10

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Groups: Sub Group Groups: Sub Group


• Is the group H = <Z10, +> a subgroup of the group G = <Z12, +>? • Is the group H = <Z10, +> a subgroup of the group G = <Z12, +>?
Solution:
• The answer is no.
• Although H is a subset of G, the operations defined for these two
groups are different.
• The operation in H is addition modulo 10; the operation in G is
addition modulo 12.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 25 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Groups: Cyclic Subgroups Groups: Cyclic Subgroups


• If a subgroup of a group can be generated using the power of an • Four cyclic subgroups can be made from the group G = <Z6, +>.
element, the subgroup is called the cyclic subgroup. • They are H1 = <{0}, +>, H2 = <{0, 2, 4}, +>, H3 = <{0, 3}, +>, and H4 = G.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Groups: Cyclic Subgroups Ring


• Three cyclic subgroups can be made from the group • A set of “numbers” with two operations (addition and multiplication)
G = <Z*10, X>. which form:
• G has only four elements: 1, 3, 7, and 9. • An abelian group with addition operation and
• The cyclic subgroups are H1 = <{1}, ×>, H2 = <{1, 9}, ×>, and H3 = G. • Multiplication operation:
• has closure
• is associative
• distributive over addition: a(b+c) = ab + ac
• If multiplication operation is commutative, it forms a commutative
ring

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 26 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Ring Ring
• A ring, R = <{…}, •, >, is an algebraic structure with two operations. • The set Z with two operations, addition and multiplication, is a
commutative ring.
• We show it by R = <Z, +, ×>.
• Addition satisfies all of the five properties
• Multiplication satisfies only three properties.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Field
• A set of numbers Group, Ring, Field
• with two operations which form:
• abelian group for addition
• abelian group for multiplication (ignoring 0)
• A field, denoted by F = <{…}, •, > is a commutative ring in which the
second operation satisfies all five properties defined for the first
operation except that the identity of the first operation has no
inverse.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 27 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Finite (Galois) Fields Finite (Galois) Fields


• Galois showed that for a field to be finite, the number of elements • GF(p) is the set of integers {0,1, … , p-1} with arithmetic operations
should be pn, where p is a prime and n is a positive integer. modulo prime p.
• Denoted as GF(pn)
• In particular often use the fields: • These form a finite field
• GF(p) • Since they have multiplicative inverses
• GF(2n) • Inverse can be found with Extended Euclidean algorithm

A Galois field, GF(pn), is a finite field with pn • Hence arithmetic is “well-behaved” and can do addition, subtraction,
multiplication, and division without leaving the field GF(p)
elements.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Finite (Galois) Fields: GF(p) Fields Finite (Galois) Fields: GF(p) Fields
• When n = 1, we have GF(p) field. Example:
• This field can be the set Zp, {0, 1, …, p − 1}, with two arithmetic • We can define GF(5) on the set Z5 (5 is a prime) with addition and
operations. multiplication operators
Example:
• A very common field in this category is GF(2) with the set {0, 1} and
two operations, addition and multiplication.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
XOR Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 28 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Finite (Galois) Fields: GF(p) Fields GF(2n) Fields


Summary • In cryptography, we often need to use binary operations.
• In other words, we need to use fields.
• We can work in GF(2𝑛) and uses a set of 2n elements.
• The elements in this set are n-bit words.

Topics discussed in this section:


• Polynomials (Polynomial Arithmetic)
• Using a Generator

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

GF(2n) Fields : Polynomial Arithmetic GF(2n) Fields : Polynomial Arithmetic


• Let us define a GF(22) field in which the set has four 2-bit words: {00, • A polynomial of degree n − 1 is an expression of the form
01, 10, 11}.
• We can redefine addition and multiplication for this field in such a • where xi is called the ith term and ai is called coefficient of the ith term.
way that all properties of these operations are satisfied.
Several alternatives available:
• ordinary polynomial arithmetic
• poly arithmetic with coefs mod p
Based on Polynomial
Multiplication • poly arithmetic with coefs mod p and polynomials mod m(x)

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 29 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

GF(2n) Fields : Polynomial Arithmetic GF(2n) Fields : Polynomial Arithmetic


• we can represent the 8-bit word (10011001) using a polynomials. • To find the 8-bit word related to the polynomial x5 + x2 + x, we first
supply the omitted terms.
• Since n = 8, it means the polynomial is of degree 7.
• The expanded polynomial is

• This is related to the 8-bit word 00100110.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Polynomial Arithmetic Operations Ordinary Polynomial Arithmetic


• It involves two operations: • Add or subtract corresponding coefficients
• Operation on Coefficients • multiply all terms by each other
• Operation on two Polynomials
• Example:
• i.e we have to define two Fields, one for coefficients and one for the
 let f(x) = x + x + 2 and g(x) = x – x + 1
3 2 2
polynomial
 f(x) + g(x) = x + 2x – x + 3
3 2
• Since Coefficients are made of 0 or 1 we use GF(2) field
 f(x) – g(x) = x + x + 1
3
• For the Polynomials we use GF(2n) field So, Ordinary polynomial arithmetic
 f(x) x g(x) = x + 3x – 2x + 2
5 2
cannot be used for our computation.
Polynomials representing n-bit words use two As, Coefficients and Exponents are out
fields: GF(2) and GF(2n). of the defined limit !!!
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 30 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Polynomial Arithmetic : Addition Polynomial Arithmetic : Addition


• Let us do (x5 + x2 + x)  (x3 + x2 + 1) in GF(28). • There is also another short cut. Because the addition in GF(2) means
• We use the symbol  to show that we mean polynomial addition. the exclusive-or (XOR) operation.
• The following shows the procedure: • So we can exclusive-or the two words, bits by bits, to get the result.
• In the previous example,
• x5 + x2 + x is 00100110
• x3 + x2 + 1 is 00001101.
• The result is 00101011 or
• in polynomial notation x5 + x3 + x + 1.
XOR

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Polynomial Arithmetic : Addition Polynomial Arithmetic : Multiplication


• Additive Identity: 1. The coefficient multiplication is done in GF(2).
• 0 polynomial
• Additive Inverse: 2. Multiplying xi by xj results in xi+j.
• The polynomial itself

3. The multiplication may create terms with degree more than n − 1,


Addition and Subtraction Operations on which means the result needs to be reduced using a modulus
polynomials are the same operations. polynomial.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 31 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Polynomial Arithmetic : Modulus Polynomial Arithmetic : Modulus


• Addition of two polynomials doesn’t create a polynomial out of a List of irreducible polynomials:
set. [XOR]
• But, in multiplication of two polynomials it may create a polynomial
out of a set with degree more than n-1.
• We need to divide the result by a modulus and keep only the reminder.
• For the sets of polynomials in GF(2n), a group of polynomials of
degree n is defined as the modulus.
• The modulus in this case act as a prime polynomial
• Such polynomials are referred to as irreducible polynomials.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Polynomial Arithmetic : Multiplication Polynomial Arithmetic : Multiplication


• Find the result of (x5 + x2 + x) ⊗ (x7 + x4 + x3 + x2 + x) in GF(28) with • Polynomial division with coefficients in GF(2)
irreducible polynomial (x8 + x4 + x3 + x + 1).
• Note that we use the symbol ⊗ to show the multiplication of two polynomials.
• Solution:

• To find the final result, divide the polynomial of degree 12 by the


polynomial of degree 8 (the modulus) and keep only the remainder.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 32 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Polynomial Arithmetic : Multiplication Polynomial Arithmetic : Multiplication


• Multiplicative Identity: Example:
• GF(28)=00000001 • In GF (24), find the inverse of (x2 + 1) modulo (x4 + x + 1).
• Multiplicative Inverse: Solution
• Extended Euclidean Algorithm must be applied to the modulus and the
polynomial. • The answer is (x3 + x + 1) as shown in
Extended Euclidean algorithm

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of 1) ⊗ (x


[(x2 + Prepared by:3 Dr.Swetha.N.G.,
+ x + 1)] mod (x4 Senior,
Asst Prof + x +Dept
1)=1
of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Polynomial Arithmetic : Multiplication Primes


• Example: • Asymmetric-key cryptography uses primes extensively.
• In GF(28), find the inverse of (x5) modulo (x8 + x4 + x3 + x + 1).
Solution Topics discussed in this section:
• The answer is (x5 + x4 + x3 + x) as shown in • Definition
Extended Euclidean algorithm • Checking for Primes
• Fermat’s Little Theorem
• Euler’s Phi-Function
• Euler’s Theorem

[(x5) ⊗ Prepared
(x5 + xby:
4 + x3 + x)] mod (x8 + x4 + x3 + x + 1)=1
Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 33 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

PRIMES: Definition PRIMES: Definition


• Three groups of Positive Integers • What is the smallest prime?
Solution
• The smallest prime is 2, which is divisible by 2 (itself) and 1.

• List the primes smaller than 10.


Solution
• There are four primes less than 10: 2, 3, 5, and 7.
• It is interesting to note that the percentage of primes in the range 1 to 10 is
40%.
A prime is divisible only by itself and 1. • The percentage decreases as the range increases.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

PRIMES: Checking for Primes PRIMES: Checking for Primes


• Given a number n, how can we determine if n is a prime?

• The answer is that we need to see if the number is divisible by all


primes less than

• We know that this method is inefficient, but it is a good start.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 34 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

PRIMES: Checking for Primes PRIMES: Checking for Primes


• Is 97 a prime?
Solution
• The floor of √97 = 9. The primes less than 9 are 2, 3, 5, and 7. We need to
see if 97 is divisible by any of these numbers. It is not, so 97 is a prime.

• Is 301 a prime?
Solution
• The floor of √301 = 17. We need to check 2, 3, 5, 7, 11, 13, and 17. The
numbers 2, 3, and 5 do not divide 301, but 7 does. Therefore 301 is not a
prime.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Fermat’s (Little) Theorem Fermat’s (Little) Theorem


• First Version • Find the result of 610 mod 11.
ap − 1 ≡ 1 mod p Solution ap − 1 ≡ 1 mod p
• We have 6 mod 11 = 1.
10
• Multiply by a on both sides: Second Version ap ≡ a mod p • This is the first version of Fermat’s little theorem where p = 11.
----------------------------------------------------------------------------------------------
• where p is prime and gcd(a,p)=1 • Find the result of 312 mod 11.
Solution
ap ≡ a mod p
• Here the exponent (12) and the modulus (11) are not the same. With
substitution this can be solved using Fermat’s little theorem.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 35 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Fermat’s (Little) Theorem Euler’s Phi-Function


• Multiplicative Inverses: [First version/a] • Euler’s phi-function, f(n), which is sometimes called the Euler’s
totient function plays a very important role in cryptography.
a−1 mod p = a p − 2 mod p

• The answers to multiplicative inverses modulo a prime can be found


without using the extended Euclidean algorithm:

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Euler’s Phi-Function Euler’s Phi-Function


• We can combine the above four rules to find the value of f(n). • What is the value of f(13)?
• For example, if n can be factored as Solution
n = p1e × p2e × … × pke
1 2 k • Because 13 is a prime, f(13) = (13 −1) = 12.
• we combine the third and the fourth rule to find f(n)
• What is the value of f(10)?
Solution
• We can use the third rule: f(10) = f(2) × f(5) = 1 × 4 = 4, because 2
The difficulty of finding f(n) depends on the difficulty and 5 are primes.
of finding the factorization of n.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 36 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Euler’s Phi-Function Euler’s Phi-Function


• What is the value of f(240)? • What is the number of elements in Z14*?
Solution Solution
• We can write 240 = 24 × 31 × 51. Then • The answer is f(14) = f(7) × f(2) = 6 × 1 = 6. The members are 1, 3, 5,
• f (240) = (24 −23) × (31 − 30) × (51 − 50) = 64 9, 11, and 13.
-----------------------------------------------------------------------------------------------------
• Can we say that f(49) = f(7) × f(7) = 6 × 6 = 36? Interesting point: If n > 2, the value of f(n) is even.
Solution
• No. The third rule applies when m and n are relatively prime. Here 49 = 72.
• We need to use the fourth rule: f(49) = 72 − 71 = 42.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Euler’s Theorem Euler’s Theorem


• First Version af(n) ≡ 1 (mod n) • Find the result of 624 mod 35.
af(n) ≡ 1 (mod n)
Solution
• Second Version • We have 624 mod 35 = 6f(35) mod 35 = 1.
----------------------------------------------------------------------------------------------
a k × f(n) + 1 ≡ a (mod n) • Find the result of 2062 mod 77.
a k × f(n) + 1 ≡ a (mod n)
Solution
• If we let k = 1 on the second version, we have
The second version of Euler’s theorem is used in the
• 2062 mod 77 = (20 mod 77) (20f(77) + 1 mod 77) mod 77
RSA cryptosystem
• = (20)(20) mod 77 = 15.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 37 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Euler’s Theorem Euler’s Theorem a−1 mod n = af(n)−1 mod n

Multiplicative Inverses: • The answers to multiplicative inverses modulo a composite can be


• Euler’s theorem can be used to find multiplicative inverses modulo a found without using the extended Euclidean algorithm if we know the
composite. factorization of the composite:

a−1 mod n = af(n)−1 mod n


11*17

(2^2)*(5^2)

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Chinese Remainder Theorem Chinese Remainder Theorem


The Chinese remainder theorem (CRT) is used to solve a set of • It is used to speed up modulo computations
congruent equations with one variable but different moduli, which • if modulo can be represented as a product of numbers
are relatively prime, as shown below: • eg. mod M = m1m2..mk

• Chinese Remainder theorem lets us work in each moduli mi


separately
• Since computational cost is proportional to size, this is faster than
working in the full modulus M

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 38 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Chinese Remainder Theorem Chinese Remainder Theorem


Example: Example:
• The following is an example of a set of equations with different • The following is an example of a set of equations with different moduli:
moduli:

• Find x? (Trial and Error Method)


• Find x? (Trial and Error Method) • The answer to this set of equations is x = 23.
• This value satisfies all equations: 23 ≡ 2 (mod 3), 23 ≡ 3 (mod 5), and 23 ≡ 2
(mod 7).
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Chinese Remainder Theorem Chinese Remainder Theorem


Solution using Chinese Remainder Theorem: (steps) Solution: Follow the four steps
1. Find M = m1 × m2 × … × mk. This is the common modulus. 1. M = 3 × 5 × 7 = 105
2. M1 = 105 / 3 = 35, M2 = 105 / 5 = 21, M3 = 105 / 7 = 15
2. Find M1 = M/m1, M2 = M/m2, …, Mk = M/mk.
3. The inverses are M1−1 = 2, M2−1 = 1, M3 −1 = 1
3. Find the multiplicative inverse of M1, M2, …, Mk using the corresponding 1. M1−1 mod m1 ; M2−1 mod m2 ; M3−1 mod m3
4. x = (2 × 35 × 2 + 3 × 21 × 1 + 2 × 15 × 1) mod 105 = 23 mod 105
moduli (m1, m2, …, mk). Call the inverses M1−1, M2−1, …, Mk −1.

4. The solution to the simultaneous equations is

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 39 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Chinese Remainder Theorem Chinese Remainder Theorem


Example: Example:
• Find an integer that has a remainder of 3 when divided by 7 and 13, • Find an integer that has a remainder of 3 when divided by 7 and 13, but is
divisible by 12.
but is divisible by 12.
Solution:
• This is a CRT problem. We can form three equations and solve them to find
the value of x.

• we find x = 276.
• We can check that 276 = 3 mod 7, 276 = 3 mod 13 and 276 is divisible by 12
(the quotient is 23 and the remainder is zero).
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Chinese Remainder Theorem Primality Testing


Example: • In cryptography large prime numbers are used in the process of encryption
• Assume we need to calculate z = x + y where x = 123 and y = 334, but our and decryption.
system accepts only numbers less than 100. • When we fail to generate larger prime numbers, we can randomly
Solution: generate a large number and check if it is prime or not.
• Primality testing comes handy for this.
• Finding an algorithm to correctly and efficiently test a very large integer
• Adding each congruence in x with the corresponding congruence in y gives and find if its prime or composite is a challenging task.
• The algorithms that are developed for this issue is categorized into two,
• Deterministic Algorithm – It always gives the correct answer
• Probabilistic Algorithm – It gives the answer that is correct most of the times
• z = 457.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 40 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

1.Deterministic Algorithm 1.1 Divisibility Algorithm


• It accepts an integer and outputs if it is prime or composite. • Most elementary technique to find if the number is prime or not.
• It was found that, all deterministic algorithms are inefficient at • We divide the given number with all divisors less than square root of n.
finding larger prime numbers. • If all the numbers does not divide it, it is prime.
• So, the deterministic algorithms are considered infeasible. • If any one divides it, it is a composite number.
-----------------------------------------------------------------------------------------
• This was later improved as follows,
• We divide the given number with all prime divisors less than square root
of n.
• If all the numbers does not divide it, it is prime.
• If any one divides it, it is a composite number.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

2. Probabilistic Algorithms 2.1 Fermat Test


• Algorithms to test the primality can either be decisional or If n is a prime number, the following holds,
randomized. an-1 ≡ 1 mod n
• Yes or no answer – Decisional Problems Where, 1<= a <= n-1
• Make random choices – Randomized Algorithms
• Monte Carlo Algorithms
• It is a Yes or No biased Algorithm False positive results are possible when we apply fermat test.
• Las Vegas Algorithm
• Algorithm may not give any answer, but if it gives an answer it will be correct. If the fermat test concludes a composite number as a prime number, we refer
• A probabilistic algorithm does not guarantee the correctness of the to this number as Carmichael Number.
result.
• But we can make the probability of error small. So, the fermat test only returns a pseudo prime number or a composite
number.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 41 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Fermat Test Fermat Test


• Is 5 prime? • Is 7 prime?

1<= a <= n-1  a takes the values [1,2,3,4] 1<= a <= n-1  a takes the values [1,2,3,4,5,6]
a=1 1(5-1) mod 5 = 14 mod 5 = 1 Pass a=1 1(7-1) mod 7 = 16 mod 7 = 1 Pass
a=2 2(5-1) mod 5 = 24 mod 5 = 16 mod 5 = 1 Pass a=2 2(7-1) mod 7 = 26 mod 7 = 64 mod 7 = 1 Pass
a=3 3(5-1) mod 5 = 34 mod 5 = 81 mod 5 = 1 Pass a=3 3(7-1) mod 7 = 36 mod 5 = 729 mod 7 = 1 Pass
a=4 4(5-1) mod 5 = 44 mod 5 = 256 mod 5 = 1 Pass a=4 4(7-1) mod 7 = 46 mod 5 = 4096 mod 7 = 1 Pass
a=5 5(7-1) mod 7 = 56 mod 5 = 15625 mod 7 = 1 Pass
a=6 6(7-1) mod 7 = 66 mod 5 = 46656 mod 7 = 1 Pass
5 is a prime number !!!
7 is a prime number !!!
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

When the numbers are big, the


values of a are chosen randomly and
Fermat Test checked. 2.2 Rabin Miller Method
• Michael Oser Rabin, Garu Lee Miller
• Probabilistic Primality Test
• Is the number probably prime or not.
• Similar to fermats test

561 – Carmichael Number

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 42 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Rabin Miller Method – Example 1


Rabin Miller Method n= 561
Find the values of k and m n-1 = 2k . m 561-1=560
= 24 . 35

k=4 m=35
Decide on the value of a 1 < a < n-1 a= 2
Initial Computation T = am mod n T = 235 mod 561
= 263
T is not equal to +1 or -1
Loop Count: 1 to k-1 1 to 3
1 T = T2 mod n T = 2632 mod 561
= 166
2 T = T2 mod n T = 1662 mod 561
= 67
3 T = T2 mod n T = 672 mod 561
=1
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of 561by:
Prepared is Dr.Swetha.N.G.,
a composite AsstNumber
Prof Senior, !!!
Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Rabin Miller Method – Example 2 Rabin Miller Method – Example 3


n= 61
n= 27
Find the values of k and m n-1 = 2k . m 61-1= 60
Find the values of k and m n-1 = 2k . m 27-1= 26
= 22 . 15
= 21 . 13
k=2 m=15
k=1 m=13
Decide on the value of a 1 < a < n-1 a= 2
Decide on the value of a 1 < a < n-1 a= 2
Initial Computation T = am mod n T = 215 mod 61
Initial Computation T = am mod n T = 213 mod 27
= 11
= 11
T is not equal to +1 or -1
T is not equal to +1 or -1
Loop Count: 1 to k-1 1 to 1
Loop Count: 1 to k-1 1 to 0  No looping
1 T = T2 mod n T = 112 mod 61
27 is a Composite Number !!!
= 60 mod 61 = -1
61 is a prime Number !!!

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 43 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Recommended Primality Test Recommended Primality Test


• Today, one of the most popular primality test is a combination of the divisibility • The number 4033 is a composite (37 × 109). Does it pass the
test and the Miller-Rabin test.
• Following are the recommended steps:
recommended primality test?
1. Choose an odd integer, because all even integers (except 2) are definitely
composites.
2. Do some trivial divisibility tests on some known primes such as 3, 5, 7, 11, 13,
and so on to be sure that you are not dealing with an obvious composite. If the
number passes all of these tests, move to the next step. If the number fails any
of these tests, go back to step 1 and choose another odd number.
3. Choose a set of bases for testing. A large set of bases is preferable.
4. Do Miller-Rabin tests on each of the bases. If any of them fails, go back to step
1 and choose another odd number. If the test passes for all bases, declare the
number a strong pseudoprime.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Recommended Primality Test Discrete Logarithm


• In cryptography, we also need to discuss modular logarithm.
• If exponentiation is used for encryption or decryption, the attacker can
use logarithm to attack.
• We need to know how hard it is to reverse the exponentiation.

• Method: Discrete Logarithm


• To understand the concept of Discrete Logarithm we should understand
certain properties of multiplicative groups.
• Finite Multiplicative Group
• Order of the Group To solve : x = logay(mod n)
• Order of an Element
Solution is : y = ax mod n
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 44 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Discrete Logarithm Discrete Logarithm


Order of the Group:
Finite Multiplicative Group:
• Order of a Finite Group is, G
• G = <Zn*, X> , is the Finite Multiplicative Group. • G , to be the number of elements in the Group G
• G = <Zn*, X>, the order of the group will be f(n)
• Zn*: has integers from 1 to n-1 that are relatively prime to n Example:
• What is the order of group G = <Z21*, X>? |G| = f(21) = f(3) × f(7) = 2 × 6
• If the modulus of the Group is prime, then G = <Zp*, X> =12.
• There are 12 elements in this group: 1, 2, 4, 5, 8, 10, 11, 13, 16, 17, 19, and
20.
• All are relatively prime with 21.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Discrete Logarithm Discrete Logarithm


Euler’s Theorem:
Order of an Element:
• If ‘a’ is the member of G = <Zn*, X>, then af(n)≡ 1 (mod n)
• Order of an Element a is, ord (a)
• The relationship 𝑎𝑖 ≡ e (mod n) holds when i = f(n).
• ord (a), is the smallest integer ‘i’ such that 𝒂𝒊 ≡ e (mod n)
• where , e is the identity element
Example:
Example: • The result of 𝑎𝑖 ≡ x (mod 8) for the group G = <Z8*, X>
• Find the order of all elements in G = <Z10*, ×>. • f(8) = 4, i.e., (1,3,5,7)
• This group has only f(10) = 4 elements: 1, 3, 7, 9.
• We can find the order of each element by trial and error.
• 11 ≡ 1 mod (10) → ord(1) = 1.
• 34 ≡ 1 mod (10) → ord(3) = 4.
• 74 ≡ 1 mod (10) → ord(7) = 4.
• 92 ≡ 1 mod (10) → ord(9) =Prepared
2. by:Analytics,
Dr.Swetha.N.G., Asst Prof Senior, Dept of
SCOPE, VIT, Vellore.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 45 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Discrete Logarithm Discrete Logarithm


Primitive Roots
• In the group G = <Zn*, ×>, when the order of an element is the same as f(n),
that element is called the primitive root of the group.
• Example:

The table reveals two points:


• The shaded area: when i = f(8), the result is x=1 fore every ‘a’.
• The value of x can be 1 for may values of i.
• The table shows that there are no primitive roots in G = <Z8*, ×> because
• The first time when x = 1, the value of i gives the order of the no element has the order equal to f(8) = 4.
element. • The order of elements are all smaller than 4.
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Discrete Logarithm Discrete Logarithm


• Primitive Roots
Primitive Roots
The group G = <Zn*, ×> has primitive roots only if n is
• The result of ai ≡ x (mod 7) for the group G = <Z7*, ×> is shown below.
2, 4, pt, or 2pt.
In this group, f(7) = 6.
Example
• For which value of n, does the group G = <Zn*, ×> have primitive roots: 17, 20, 38,
and 50?
Solution
• G = <Z17∗, ×> has primitive roots, 17 is a prime.
• G = <Z20∗, ×> has no primitive roots.
• G = <Z38∗, ×> has primitive roots, 38 = 2 × 19 prime.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of


• G = <Z50∗, ×> has primitive Prepared
roots, 50 = 2 × 52 and 5 is a prime.
by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 46 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Discrete Logarithm Discrete Logarithm


Cyclic Group
If the group G = <Zn*, ×> has any primitive root, • If g is a primitive root in the group, we can generate the set Zn* as Zn∗
= {g1, g2, g3, …, gf(n)}.
the number of primitive roots is f(f(n)).
Example:
• The group G = <Z10*, ×> has two primitive roots because f(10) = 4 and f(f(10)) =
2.
• It can be found that the primitive roots are 3 and 7.
• The following shows how we can create the whole set Z10* using each primitive
root.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Discrete Logarithm Discrete Logarithm


The idea of Discrete Logarithm
• Properties of G = <Zp*, ×> :
1. Its elements include all integers from 1 to p − 1.
2. It always has primitive roots.
3. It is cyclic. The elements can be created using gx where
x is an integer from 1 to f(n) = p − 1.
4. The primitive roots can be thought as the base of logarithm.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 47 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Modular Exponentiation
• If the base and the modulus are closer to each other, convert the base
into a negative number.
• Choose whichever is the smallest to operate on.
Additional Input • If the exponent is greater, then divide the exponent into smaller
numbers and get the result. Finally combine all the answers obtained.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

1. 233 mod 30 2. 31500 mod 30 887 mod 187

23-30= -7 31-30= 1 882 * 882 * 882 * 881 (mod 187)


77 * 77 * 77 * 88 (mod 187)
233 mod 30=(-7)3 mod 30 31500 mod 30=1500 mod 30 66 * 88 (mod 187)
= -13 =1 11
= 17

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 48 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

Successive Squaring 1113 mod 53


111 mod 53 = 11
• Find the answer in terms of squares, 112 mod 53 = 15
• a1, a2, a4, a8, a16, a32, a64, …… 114 mod 53 = 13
• Finally combine the required powers to get the answer.
118 mod 53 = 10

1113 mod 53 = 118 * 114 * 11 (mod 53)


= 10 * 13 * 11 (mod 53)
= 52

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

413 mod 497=?


Memory Efficient Method 41 mod 497 = (1*4) mod 497 = 4
42 mod 497 = (4*4) mod 497 = 16
• Find the answer by increment the exponent by 1 every time, 43 mod 497 = (16*4) mod 497 = 64
• a1, a2, a3, a4, a5, a6, …. aexponent 44 mod 497 = (64*4) mod 497 = 256
• This saves memory internally as only one variable is used. 45 mod 497 = (256*4) mod 497 = 30
46 mod 497 = (30*4) mod 497 = 120
47 mod 497 = (120*4) mod 497 = 480
48 mod 497 = (480*4) mod 497 = 429
49 mod 497 = (429*4) mod 497 = 225
410 mod 497 = (225*4) mod 497 = 403
411 mod 497 = (403*4) mod 497 = 121
412 mod 497 = (121*4) mod 497 = 484
413 mod 497 = (484*4) mod 497 = 445
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 49 of 50
Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore.

5117 mod 19
Fast Modular Exponentiation Binary Equivalent of 117= 1 1 1 0 1 0 1
26 25 24 22 20
• ab mod m
5 mod 19= 5 * 5 * 5 * 532 * 564 (mod 19)
117 1 4 16
• Find the binary equivalent of b.
= 5 * 17 * 16 * 9 * 5 (mod 19)
• Replace each 1 in the equivalent with 2Position.
=1
• Raise a to the power of each 2Position.
• Solve it to get the answer.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of
Analytics, SCOPE, VIT, Vellore. Analytics, SCOPE, VIT, Vellore.

Prepared by: Dr.Swetha.N.G., Asst Prof Senior, Dept of Analytics, SCOPE, VIT, Vellore. Page 50 of 50

You might also like