Number Theory and Cryptography

Number Theory and Cryptography

• Cryptology -science concerned with communications in secure and secret form

• Encompasses cryptography and cryptanalysis• Cryptography-study and application of the principles and

techniques by which information is rendered unintelligible to all but the intended receiver

• Cryptanalysis-science and art of solving cryptosystems to recover such information

• Modern cryptology focuses on information protection which covers not only secrecy but also authentication, integrity, verifiability, non repudiation

Terminology

• Secrecy ensures information flow between the sender and receiver is unintelligible to outsiders-protects information against threats based on eavesdropping

• Authenticity allows receiver of messages to determine the true identity of the sender-guards messages against impersonation, substitution or spoofing

• Integrity-enables the receiver to verify whether the message has been tampered with by outsiders while in transit via an insecure channel

• Nonrepudiation-prevents the sender of a message from claiming that they have not sent the message

• Encryption –used to ensure secrecy or confidentiality of information transmitted across an insecure communication channel• Takes a piece of information(message, message block or

plaintext )and translates into a cryptogram (ciphertext or codeword) using a cryptographic key.

• Decryption-reverse operation to encryption

• Encryption (or decryption) algorithm-step by step description of encryption (or decryption)

• If there is no need to distinguish encryption from decryption –ciphers, cryptoalgorithms or cryposystems

• Private key or symmetric cryptosystems-same key for encryption and decryption

• Public key or asymmetric cryptosystems-use different keys for encryption and decryption

• Hashing-cryptograhic operation that generates a relatively short digest for messages of arbitrary length

• one-way functions – functions for which it is easy to compute their values from their arguments but it difficult to reverse them

• Electronic signature – public and relatively short string of characters that can be used to verify the authorship of an electronic document by anybody

• Unconditionally secure design-immune against attacker with unlimited computational power

• conditionally secure design-security depends on the difficulty of reversing the underlying cryptographic problem

• Attack- some protected elements of the design computed quicker tan specified by the designer

• Ciphertext only attack – crptanalyst knows the encrypted messages only. Task is to find cryptographic key applied or decrypt one or more cryptograms

• Known plain text attack – adversary has access to a collection of pair and wants to determine the key or decrypt some new cryptograms not included in the collection

• Chosen plain text attack - Known plain text attack for which the cryptanalyst can choose messages and read corresponding cryptograms

• Chosen cipher text attack- enemy can select is own cryptograms and observe the corresponding messages for him and find out the secret key

Background Theory

• Set of natural numbers N ={1,2,….}• Set of integers Z ={ ….,-1,0,+1,….}• Set of rational numbers Q• Set of irrational numbers I• Set of real numbers R

Rational Numbers

• Real number r is called rational if Z, r = p / q where q!=0

• All real numbers which are not rational are called irrational

• Every integer is a rational number• Every rational number is not an integer• Sum of any two rational numbers is a

rational number

Divisibility

• Integer n is a divisible by an integer d, when k Z, n = d * k

• Notation: d | n (d divides n)• Synonymous statements:

• n is a multiple of d• d is a factor of n• d is a divisor of n• d divides n• n is divisible by d

Divisibility- Properties• If n|a and n|b then n divides both (a+b) and (a-b)

(set of multiples of n is closed under addition)• Divisibility is transitive: for all integers a, b, c, if a

divides b and b divides c, then a divides c• For any nonzero b Є Z, if n|a, then n divides ab• For any nonzero b Є Z, |a|≤ |b| if a|b• Any integer greater than 1 is divisible by a prime

number• If a | b and b | a, then |a| =|b|• Any integer can be uniquely represented in the

standard factored form:

n = p1e1 * p2

e2 * … * pkek, p1 < p2 < … < pk, pi is a prime

number

Exercises

• Prove or provide counterexample:• For integers a, b, c: (a | b) (a | bc)• For integers a, b, c: (a | (b + c)) (a | b a | c)

• If 2 * 3 * 4 * 5 * 6 * 7 * 8 * 9 * m = 151 * 150 * 149 * 148 * 147 * 146 * 145 * 144 * 143, does 151 | m?

• Show that an integer is divisible by 9 iff the sum of its digits is divisible by 9. Prove the same for divisibility by 3.

• Show that an integer is divisible by 11 iff the alternate sum of its digits is divisible by 11

Primes

•A positive integer p greater than 1 is called prime if the only positive factors of p are 1 and p.

•A positive integer that is greater than 1 and is not prime is called composite.

•The fundamental theorem of arithmetic:

•Every positive integer can be written uniquely as the product of primes, where the prime factors are written in order of increasing size.

14

Prime Factorisation

• to factor a number n is to write it as a product of other numbers: n=a × b × c

• note that factoring a number is relatively hard compared to multiplying the factors together to generate the number

• the prime factorisation of a number n is when its written as a product of primes • eg. 91=7×13 ; 3600=24×32×52

Primes

•Examples:

16

3·5

48 =

17 =

100 =

512 =

515 =

28 =

15 =

2·2·2·2·3 = 24·3

17

2·2·5·5 = 22·52

2·2·2·2·2·2·2·2·2 = 29

5·103

2·2·7

Least Common Multiples

•Using prime factorizations:

•a = p1a1 p2

a2 … pnan , b = p1

b1 p2b2 … pn

bn ,

•where p1 < p2 < … < pn and ai, bi N for 1 i n

•lcm(a, b) = p1max(a1, b1 ) p2

max(a2, b2 ) … pnmax(an, bn )

•Example:

17

a = 60 = 22 31 51

b = 54 = 21 33 50

lcm(a, b) = 22 33 51 = 4275 = 540

Least Common Multiples•Definition:

•The least common multiple of the positive integers a and b is the smallest positive integer that is divisible by both a and b.

•We denote the least common multiple of a and b by lcm(a, b).

•Examples:

18

lcm(3, 7) = 21

lcm(4, 6) = 12

lcm(5, 10) = 10

Greatest Common Divisors•Let a and b be integers, not both zero.•The largest integer d such that d | a and d | b is called the greatest common divisor of a and b.•The greatest common divisor of a and b is denoted by gcd(a, b).

•Example 1: What is gcd(48, 72) ?•The positive common divisors of 48 and 72 are 1, 2, 3, 4, 6, 8, 12, 16, and 24, so gcd(48, 72) = 24.

•Example 2: What is gcd(19, 72) ?•The only positive common divisor of 19 and 72 is1, so gcd(19, 72) = 1. 19

Greatest Common Divisors

•Using prime factorizations:

•a = p1a1 p2

a2 … pnan , b = p1

b1 p2b2 … pn

bn ,

•where p1 < p2 < … < pn and ai, bi N for 1 i n

•gcd(a, b) = p1min(a1, b1 ) p2

min(a2, b2 ) … pnmin(an, bn )

•Example:

20

a = 60 = 22 31 51

b = 54 = 21 33 50

gcd(a, b) = 21 31 50 = 6

LCM and GCD

• LCM of a and b is the smallest integer which is divisible by both a and b

a=ai b=bi

Lcm(a,b)=max(ai, bi)

(gcda,b)=min(ai, bi)

Euclid algorithm

Initialize r0=a and r1=b

E2: Compute the following sequence of equations

r0=q1r1 + r2

r1=q2r2 + r3

rn-3=qn-2rn-2 + rn-1

rn-2=qn-1rn-1 + rn

Until there is a step for which rn=0 while rn-1≠0

E3:The greatest common divisor is equal to rn-1.

C implementationlong gcd(long a, long b)

{

long r0, r1, r2;

if (a==0 || b==0) return (0);

r0=a;

r1=b;

r2=r0%r1;

while(r2)

{ r0=r1;

r1=r2;

r2=r0%r1;

}

if (r1>0)

return (r1);

else

return (-r1);

}

Relatively Prime Integers•Definition:

•Two integers a and b are relatively prime if gcd(a, b) = 1.

•Examples:

•Are 15 and 28 relatively prime?•Yes, gcd(15, 28) = 1.•Are 55 and 28 relatively prime?•Yes, gcd(55, 28) = 1.•Are 35 and 28 relatively prime?•No, gcd(35, 28) = 7. 24

Relatively Prime Numbers & GCD

• two numbers a, b are relatively prime if have no common divisors apart from 1 • eg. 8 & 15 are relatively prime since factors of 8 are 1,2,4,8

and of 15 are 1,3,5,15 and 1 is the only common factor • conversely can determine the greatest common divisor

by comparing their prime factorizations and using least powers• eg. 300=21×31×52 18=21×32 hence GCD(18,300)=21×31×50=6

PrimesSieve of Eratosthenes-determines all primes smaller than N

S1: Create an initial set of all numbers N N ={2,3,4,… N-1} smaller than N

S2:For all integers n<

S3:The final reduced set N N contains all primes smaller than N

Twin primes and Mersenne PrimesA couple of primes (p,q) are said to be twins if q=p+2. Except for the couple (2,3), this is clearly the smallest possible distance between two primes. • Example 2 (3,5),(5,7),(11,13),(17,19),(29,31),...,

(419,421),... are twin primes

Mersenne NumberA Mersenne Number is an integer of the form

Mp = 2p - 1 where p is a prime

If a Mersenne Number is itself prime then it is called Mersenne prime

The three smallest Mersenne primes are

M2 = 3, M3 = 7, M5 = 31.

While it is true that only Mersenne numbers Mp, where p = 2, 3, 5, … could be prime, often Mp is not prime even for a prime exponent p

The smallest counterexample is the Mersenne number

M11 = 211 − 1 = 2047 = 23 × 89, which is not prime, even though 11 is a prime number

The largest known prime number (243,112,609 − 1) is a Mersenne prime