NCM Graph theory talk

Secure Schemes for Secret Sharing and KeyDistribution using Graph Theory

byDr. N. Chandramowliswaran

Professor & HeadDepartment of Applied Sciences, ITM University, Gurgaon, Haryana

JAN. 05, 2014

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 1 / 49

Divisibility

We say d divides n and d ∣ n whenever n = cd for some c

(n is multiple of d, that d is a divisor of n, or that d is a factor of n)

If d does not divide n we write d ∤ n

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 2 / 49

Properties

n ∣ n (reflexive)

d ∣ n and n ∣ m then d ∣ m (transitive)

d ∣ n and d ∣ m then d ∣ an+ bm (linearity)

d ∣ n then ad ∣ an (multiplication)

ad ∣ an and a ∕= 0 then d ∣ n (cancellation)

1 ∣ n

n ∣ 0

0 ∣ n⇒ n = 0

d ∣ n and n ∕= 0⇒∣ d ∣≤∣ d ∣ (comparison)

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 3 / 49

Greatest common divisor

If d divides two integers a and b, then d is called a common divisorof a and b.

Theorem Given any two integers a and b, there is a commondivisor d of a and b of the form

d = ax+ by,

where x and y are integers. Moreover every common divisor of aand b divides this d.

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 4 / 49

Theorem Given any two integers a and b, there is one and onlyone number d with the following properties:

(a) d ≥ 0(b) d ∣ a and d ∣ b(c) e ∣ a and e ∣ b implies e ∣ d

Note. d = 0 if, and only if a = b = 0. Otherwise d ≥ 1

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 5 / 49

The number d of the above theorem is called the greatestcommon divisor (gcd) of a and b.

It is denoted by (a, b)

If (a, b) = 1 then a and b are said to be relatively prime

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 6 / 49

The gcd has the following properties

(a, b) = (b, a) (commutative)

(a, (b, c)) = ((a, b), c) (associative)

(ac, bc) =∣ c ∣ (a, b) (distributive)

(a, 1) = (1, a) = 1 and (a, 0) = (0, a) = 0

If a ∣ bc and if (a, b) = 1, then a ∣ c

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 7 / 49

Defnition . An integer n is called prime if n > 1 and if the only positivedivisors of n are 1 and n. When an integer n is not prime, we say that nis composite

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 8 / 49

If a prime p does not divide a, then (p, a) = 1,

If a prime p divides ab, then p ∣ a or p ∣ b

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 9 / 49

Fundamental theorem of arithmetic

in only one way, apart from the order of the factors.

Every integer n > 1 can be represented as a product of prime factors

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 10 / 49

The division algorithm

Given integers a and b with b > 0, there exist a unique pair of integers q

and r such that

a = bq + r, with 0 ≤ r < b.

Moreover, r = 0 if, and only if, b ∣ a

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 11 / 49

Mobius function �(n)

Definition : The mobius function � is defined as follows:

�(1) = 1

If n > 1, write n = pa11 pa22 . . . pakk . Then

�(n) = (−1)k if a1 = a2 = ⋅ ⋅ ⋅ = ak = 1�(n) = 0 otherwise

Note: �(n) = 0 if and only if n has a square factor

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 12 / 49

Euler’s totient function �(n)

Let n ≥ 1 the Euler’s totient �(n) is defined to be the number ofpositive integers not exceeding n which are relatively prime to n.

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 13 / 49

�(n) =∣ {k : 1 ≤ k ≤ n, gcd(n, k) = 1} ∣

�(n) = n∏

p∣n

(

1− 1p

)

, where the product is over the distinct

prime numbers dividing n

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 14 / 49

Divisor sum

Euler classical formula∑

d∣n �(d) = n,

where the sum is over all positive divisors d of n.

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 15 / 49

Properties

�(pk) = pk − pk−1 = pk−1(p− 1) = pk(

1− 1p

)

.

�(mn) = �(m)�(n) if (m,n) = 1

�(mn) = �(m)�(n)( d�(d)) if (m,n) = d

a ∣ b implies �(a) ∣ �(b)

�(n) is even for n ≥ 3. Moreover, if n has r distinct odd primefactors, then 2r ∣ �(n)

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 16 / 49

Congruences

Definition: Given integers a, b,m with m > 0. We say a iscongruent to b modulo m, and we write

a ≡ b(mod m)⇐⇒ m ∣ (a− b)

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 17 / 49

Properties

Congruence is an equivalence relation

If a ≡ b(mod m) and � ≡ �(mod m), then we have(a) ax+ �y ≡ bx+ �y(mod m) for all integers x and y

(b) a� ≡ b�(mod m)

(c) an ≡ bn(mod m) for every positive integer

(d) f(a) ≡ f(b)(mod m) for every polynomial f with integercoefficients

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 18 / 49

Theorem: If c > 0 then a ≡ b(mod m) if, and only if,ac ≡ bc(mod m)

Theorem: If ac ≡ bc(mod m) and if d = (m, c), then a ≡ b(mod md)

Theorem: If a ≡ b(mod m). If d ∣ m and d ∣ a d ∣ b

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 19 / 49

Theorem: If a ≡ b(mod m) (a,m) = (b,m)

Theorem: If a ≡ b(mod m) and if 0 ≤∣ b− a ∣< m, then a = b

Theorem: If a ≡ b(mod m) and a ≡ b(mod n) where (m,n) = 1,then a ≡ b(mod mn)

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 20 / 49

Theorem: Assume (a,m) = 1. Then the linear congruenceax ≡ b(mod m)has exactly one solution

Theorem: Assume (a,m) = d. Then the linear congruenceax ≡ b(mod m)has solutions if, and only if, d ∣ b

Theorem: Assume (a, b) = d there exists integers x and y suchthat ax+ by = d

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 21 / 49

Euler-Fermat Theorem: Assume (a,m) = 1. Then we havea�(m) ≡ 1 (mod m)

Theorem: If a prime p does not divide a thenap−1 ≡ 1 (mod m)

Little Fermat Theorem: For any integer a and any prime p wehave

ap ≡ a (mod m)

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 22 / 49

Theorem (Chinese Remainder Theorem)Suppose that m1,m2, . . . ,mr are pairwise relatively prime positiveintegers, and let a1, a2, . . . , ar be integers.

Then the system of congruences,x ≡ ai(mod mi) for 1 ≤ i ≤ r, has a unique solution moduloM = m1×m2× . . .×mr,

which is given by: x ≡ a1M1y1 + a2M2y2 + . . .+ arMryr(mod M),where Mi =

Mmi

and yi ≡ (Mi)−1(mod mi) for 1 ≤ i ≤ r.

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 23 / 49

Identities on Number Theory

TheoremLet a, b be the given positive integers with (a, b) = 1 then

a�(b) + b�(a) ≡ 1 (mod ab)

a�(ab) + b�(ab) ≡ 1 (mod ab)

(a, b) = 1⇐⇒ (ab, a+ b) = 1

(ab)�(a+b) + (a+ b)�(ab) ≡ 1 (mod (a2b+ ab2)

Let p, q be two distinct primes thenpq−1 + qp−1 ≡ 1 (mod pq)

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 24 / 49

Consider the three very large odd primes p, q and r with(qr−1 + rq−1) ∕≡ 0 (mod p), (rp−1 + pr−1) ∕≡ 0 (mod q)

and (pq−1 + qp−1) ∕≡ 0 (mod r).

LemmaLet p, q and r be three given distinct odd primes.Then there exist integers k1, k2 and k3 such that

k1p(qr−1+ rq−1)+k2q(p

r−1+ rq−1)+k3r(pq−1+ qp−1)+2≡ 0 (mod pqr).

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 25 / 49

TheoremLet S be the given secret and N = pqr where p, q and r are distinctlarge odd primes.Define three secret shareholders Y1, Y2, Y3 as follows:

Y1≡(−Sk1p(qr−1 + rq−1)) (mod N),

Y2≡(−Sk2q(pr−1 + rp−1)) (mod N) and

Y3≡(−S(k3r(pq−1 + qp−1) + 1)) (modN) then

S=Y1 + Y2 + Y3(mod N)

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 26 / 49

TheoremLet a and b be the two positive integers with

(a, b) = 1⇐⇒ (a, a+ b) = 1

a�(a+b) + (a+ b)�(a) ≡ 1 (mod a2 + ab)

(a, b) = 1⇐⇒ (b, a+ b) = 1

b�(a+b) + (a+ b)�(b) ≡ 1 (mod b2 + ab)

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 27 / 49

TheoremLet a, b and c be any three positive integers with

(a, b)=(a, c)=(b, c)=1

Then a�(bc) + b�(ac) + c�(ab) ≡ 2 (mod abc)

Let x and y be any two positive integers with

x≡y (mod a),x≡y (mod b) andx≡y (mod c)

Then x≡y (mod abc)

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 28 / 49

TheoremLet m1,m2, . . . ,mr (r ≥ 2) be any distinct r mutually co-primepositive integers. Define M = m1m2 . . .mr

Then∑

ri=1m

�( Mmi

)

i ≡ r − 1 (mod M)

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 29 / 49

Managing the shortage of Login ID Problems in Petersen Networks

b

b b

bb

b

b b

bb b

ID1

user

7

user

1

user 13

user10 user 9

user 8user 6

user 2

user 4

user5

user

3user11

user 15

user

12user

14

ID3 ID4

ID2 ID5

ID6

ID10

ID9

ID7

ID8

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 30 / 49

There are 10 Login ID and 15 fifteen users in the given network

Any two Login IDs can be utilized by at most one user

Every Login ID is used by exactly three users

Represent the Login IDs by the nodes (vertices) of the graph G

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 31 / 49

If there is a user − j using Login IDs Log IDr and Log IDs, thenjoin them by an edge

b b

Log IDr Log IDs

user j

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 32 / 49

If the two users have a common Login ID then they are conflictusers, otherwise non-conflict users.

For example, Conflict users: user − 1, user − 2 and user − 7, theyhave common Login ID Log ID1 and Non-Conflict users:user − 2, user − 5 and user − 9

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 33 / 49

Define V (G) = {vi = Log IDi ∣ 1 ≤ i ≤ 10}

Define E(G) = {k = user k ∣ 1 ≤ k ≤ 15}

Define f(vi) = f(Log IDi) = �(i), where � is a permutation on theset of numbers {1, 2, . . . , 10}.

This �(i) is given for each Log IDi

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 34 / 49

Now define the graceful labeling g on the set{�(1), �(2), . . . , �(10)}g : {�(i) : 1 ≤ i ≤ 10} −→ {0, 1, 2, . . . , q − 1, q}. Suppose

b b

Log IDr Log IDs

user j

g[user j] =∣ g(�(r))− g(�(s)) ∣∈ {1, 2, . . . , q}where 1 ≤ r, s ≤ 10, r ∕= s

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 35 / 49

g : E(G)−→{1, 2, . . . , q}

g is kept secret, but g[user j] is given for each user j

g[user j] is called user − ID

b b

Log IDr Log IDs

user j

(�(r), �(s)) are two Login IDs for the user j

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 36 / 49

Entire Network is kept secret

P : V (G)−→{p1, p2, . . . , p10}

where pi, 1 ≤ i ≤ 10 are distinct odd primes with

q < min{pi}, 1 ≤ i ≤ 10, q < pj∀j (P is kept secret)

b b

Log IDr Log IDs

user j

�(r) �(s)known

g[user j] is known 1 ≤ j ≤ 15

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 37 / 49

Define ej : (ej , (pr − 1)(ps − 1)) = 1 (ej kept secret)

Define mj ≡ (g[user j])ej (mod prps)P[Log IDr] = pr,P[Log IDs] = ps, 1 ≤ r, s ≤ 10, r ∕= s

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 38 / 49

Decompose the user (edges) into subset of Non-Conflict users(set of Independent Edges)

A = {user − 2, user − 5, user − 9, user − 11, user − 13}:

user − 2←→ {Log ID1, Log ID5}

user − 5←→ {Log ID2, Log ID3}

user − 9←→ {Log ID4, Log ID8}

user − 11←→ {Log ID6, Log ID9}

user − 13←→ {Log ID7, Log ID10}

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 39 / 49

Decompose the user (edges) into subset of Non-Conflict users(set of Independent Edges)

B = {user − 1, user − 3, user − 12, user − 14}:

user − 1←→ {Log ID1, Log ID2}

user − 3←→ {Log ID5, Log ID4}

user − 12←→ {Log ID6, Log ID8}

user − 14←→ {Log ID7, Log ID9}

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 40 / 49

Decompose the user (edges) into subset of Non-Conflict users(set of Independent Edges)

C = {user − 4, user − 7, user − 8, user − 15}:

user − 4←→ {Log ID3, Log ID4}

user − 7←→ {Log ID1, Log ID6}

user − 8←→ {Log ID5, Log ID7}

user − 15←→ {Log ID8, Log ID10}

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 41 / 49

Decompose the user (edges) into subset of Non-Conflict users(set of Independent Edges)

D = {user − 6, user − 10}:

user − 6←→ {Log ID2, Log ID10}

user − 10←→ {Log ID3, Log ID9}

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 42 / 49

Define congruences equations for the set A,B,C and D as follows

x ≡ m2 (mod p1p5)x ≡ m5 (mod p2p3)x ≡ m9 (mod p4p8)x ≡ m11 (mod p6p9)x ≡ m13 (mod p7p10)

x has a unique solution (mod p1p2 . . . p10)

Thus x is the common secret shared by the group A Non-Conflictusers

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 43 / 49

y ≡ m1 (mod p1p2)y ≡ m3 (mod p4p5)y ≡ m12 (mod p6p8)y ≡ m14 (mod p7p9)

y has a unique solution (mod p1p2p4p5p6p7p8p9)

Thus y is the common secret shared by the group B Non-Conflictusers

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 44 / 49

z ≡ m4 (mod p3p4)z ≡ m7 (mod p1p6)z ≡ m8 (mod p5p7)z ≡ m15 (mod p8p10)

z has a unique solution (mod p1p3p4p5p6p7p8p10)

Thus z is the common secret shared by the group C Non-Conflictusers

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 45 / 49

w ≡ m6 (mod p2p10)w ≡ m10 (mod p3p9)

w has a unique solution (mod p2p3p9p10)

Thus w is the common secret shared by the group D Non-Conflictusers

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 46 / 49

REFERENCE

Adi Shamir, (1979), How to share a secret, Communications of theACM 22 (11) 612-613.

Asmuth, C., Bloom, J.: A modular approach to key safeguarding.IEEE Trans. inform. Theory, 29 (1983) 208U210.

R. Balakrishnan and K. Ranganathan, A textbook of GraphTheory, Second Edition, Springer-Verlag, New York, 2012.

S. Barnard, J.M. Child, Higher Algebra, The Macmillan and Co.,1952.

Beimel. A, Secret-sharing schemes: a survey, Proceedings of theThird international conference on Coding and cryptology, Berlin,Heidelberg, 2011, Springer-Verlag, IWCC’11, pages 11-46.

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 47 / 49

REFERENCE

E.R.Berlekamp, Algebraic Coding Theory, NY, McGraw-Hill, 1968.

Blakley, G. R. (1979), Safeguarding cryptographic keys,Proceedings of the National Computer Conference 48, 313-317.

Mignotte, M.: How to share a secret. Advances in Cryptology UEurocryptŠ82, LNCS, Springer-Verlag, 149 (1983) 371-375.

Muralikrishna. P, Srinivasan. S and Chandramowliswaran. N,Secure Schemes for Secret Sharing and Key Distribution usingPell’s equation, International Journal of Pure and AppliedMathematics, 85 No 5 (2013) 933-937.

E. Okamoto and K. Tanaka, Key distribution system based onidentification information, IEEE Journal on Selected Areas inCommunications, 7 No 4 (1989) 481-485.

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 48 / 49

REFERENCE

Srinivasan. S, Muralikrishna. P and Chandramowliswaran. N,Authenticated Multiple Key Distribution using Simple ContinuedFraction, International Journal of Pure and Applied Mathematics,87 No 2 (2013) 349-354.

Ivan Niven, Herbert S. Zuckerman and Hugh L. Montgomery, AnIntroduction to the Theory of Numbers, John Wiley.

Tom M. Apostol, Introduction to Analytic Number Theory, Springer.

N.Koblitz, A Course in Number Theory and Cryptography, 2ndEds., Springer-Verlag, 1994, B.Schneier, Applied Cryptography,2nd ed., J.Wiley& Sons, Inc., 1996.

Yang Lu and Jiguo Li, Int. J. Innov. Comput., Inf. Control, 9, No 11(2013) 4509-4518.

Dr. N. Chandramowliswaran (ITM) INVITED TALK JAN. 05, 2014 49 / 49