Number Theory and Cryptography
Dec 14, 2015
Number Theory and Cryptography
• Cryptology -science concerned with communications in secure and secret form
• Encompasses cryptography and cryptanalysis• Cryptography-study and application of the principles and
techniques by which information is rendered unintelligible to all but the intended receiver
• Cryptanalysis-science and art of solving cryptosystems to recover such information
• Modern cryptology focuses on information protection which covers not only secrecy but also authentication, integrity, verifiability, non repudiation
Terminology
• Secrecy ensures information flow between the sender and receiver is unintelligible to outsiders-protects information against threats based on eavesdropping
• Authenticity allows receiver of messages to determine the true identity of the sender-guards messages against impersonation, substitution or spoofing
• Integrity-enables the receiver to verify whether the message has been tampered with by outsiders while in transit via an insecure channel
• Nonrepudiation-prevents the sender of a message from claiming that they have not sent the message
• Encryption –used to ensure secrecy or confidentiality of information transmitted across an insecure communication channel• Takes a piece of information(message, message block or
plaintext )and translates into a cryptogram (ciphertext or codeword) using a cryptographic key.
• Decryption-reverse operation to encryption
• Encryption (or decryption) algorithm-step by step description of encryption (or decryption)
• If there is no need to distinguish encryption from decryption –ciphers, cryptoalgorithms or cryposystems
• Private key or symmetric cryptosystems-same key for encryption and decryption
• Public key or asymmetric cryptosystems-use different keys for encryption and decryption
• Hashing-cryptograhic operation that generates a relatively short digest for messages of arbitrary length
• one-way functions – functions for which it is easy to compute their values from their arguments but it difficult to reverse them
• Electronic signature – public and relatively short string of characters that can be used to verify the authorship of an electronic document by anybody
• Unconditionally secure design-immune against attacker with unlimited computational power
• conditionally secure design-security depends on the difficulty of reversing the underlying cryptographic problem
• Attack- some protected elements of the design computed quicker tan specified by the designer
• Ciphertext only attack – crptanalyst knows the encrypted messages only. Task is to find cryptographic key applied or decrypt one or more cryptograms
• Known plain text attack – adversary has access to a collection of pair and wants to determine the key or decrypt some new cryptograms not included in the collection
• Chosen plain text attack - Known plain text attack for which the cryptanalyst can choose messages and read corresponding cryptograms
• Chosen cipher text attack- enemy can select is own cryptograms and observe the corresponding messages for him and find out the secret key
Background Theory
• Set of natural numbers N ={1,2,….}• Set of integers Z ={ ….,-1,0,+1,….}• Set of rational numbers Q• Set of irrational numbers I• Set of real numbers R
Rational Numbers
• Real number r is called rational if Z, r = p / q where q!=0
• All real numbers which are not rational are called irrational
• Every integer is a rational number• Every rational number is not an integer• Sum of any two rational numbers is a
rational number
Divisibility
• Integer n is a divisible by an integer d, when k Z, n = d * k
• Notation: d | n (d divides n)• Synonymous statements:
• n is a multiple of d• d is a factor of n• d is a divisor of n• d divides n• n is divisible by d
Divisibility- Properties• If n|a and n|b then n divides both (a+b) and (a-b)
(set of multiples of n is closed under addition)• Divisibility is transitive: for all integers a, b, c, if a
divides b and b divides c, then a divides c• For any nonzero b Є Z, if n|a, then n divides ab• For any nonzero b Є Z, |a|≤ |b| if a|b• Any integer greater than 1 is divisible by a prime
number• If a | b and b | a, then |a| =|b|• Any integer can be uniquely represented in the
standard factored form:
n = p1e1 * p2
e2 * … * pkek, p1 < p2 < … < pk, pi is a prime
number
Exercises
• Prove or provide counterexample:• For integers a, b, c: (a | b) (a | bc)• For integers a, b, c: (a | (b + c)) (a | b a | c)
• If 2 * 3 * 4 * 5 * 6 * 7 * 8 * 9 * m = 151 * 150 * 149 * 148 * 147 * 146 * 145 * 144 * 143, does 151 | m?
• Show that an integer is divisible by 9 iff the sum of its digits is divisible by 9. Prove the same for divisibility by 3.
• Show that an integer is divisible by 11 iff the alternate sum of its digits is divisible by 11
Primes
•A positive integer p greater than 1 is called prime if the only positive factors of p are 1 and p.
•A positive integer that is greater than 1 and is not prime is called composite.
•The fundamental theorem of arithmetic:
•Every positive integer can be written uniquely as the product of primes, where the prime factors are written in order of increasing size.
14
Prime Factorisation
• to factor a number n is to write it as a product of other numbers: n=a × b × c
• note that factoring a number is relatively hard compared to multiplying the factors together to generate the number
• the prime factorisation of a number n is when its written as a product of primes • eg. 91=7×13 ; 3600=24×32×52
Primes
•Examples:
16
3·5
48 =
17 =
100 =
512 =
515 =
28 =
15 =
2·2·2·2·3 = 24·3
17
2·2·5·5 = 22·52
2·2·2·2·2·2·2·2·2 = 29
5·103
2·2·7
Least Common Multiples
•Using prime factorizations:
•a = p1a1 p2
a2 … pnan , b = p1
b1 p2b2 … pn
bn ,
•where p1 < p2 < … < pn and ai, bi N for 1 i n
•lcm(a, b) = p1max(a1, b1 ) p2
max(a2, b2 ) … pnmax(an, bn )
•Example:
17
a = 60 = 22 31 51
b = 54 = 21 33 50
lcm(a, b) = 22 33 51 = 4275 = 540
Least Common Multiples•Definition:
•The least common multiple of the positive integers a and b is the smallest positive integer that is divisible by both a and b.
•We denote the least common multiple of a and b by lcm(a, b).
•Examples:
18
lcm(3, 7) = 21
lcm(4, 6) = 12
lcm(5, 10) = 10
Greatest Common Divisors•Let a and b be integers, not both zero.•The largest integer d such that d | a and d | b is called the greatest common divisor of a and b.•The greatest common divisor of a and b is denoted by gcd(a, b).
•Example 1: What is gcd(48, 72) ?•The positive common divisors of 48 and 72 are 1, 2, 3, 4, 6, 8, 12, 16, and 24, so gcd(48, 72) = 24.
•Example 2: What is gcd(19, 72) ?•The only positive common divisor of 19 and 72 is1, so gcd(19, 72) = 1. 19
Greatest Common Divisors
•Using prime factorizations:
•a = p1a1 p2
a2 … pnan , b = p1
b1 p2b2 … pn
bn ,
•where p1 < p2 < … < pn and ai, bi N for 1 i n
•gcd(a, b) = p1min(a1, b1 ) p2
min(a2, b2 ) … pnmin(an, bn )
•Example:
20
a = 60 = 22 31 51
b = 54 = 21 33 50
gcd(a, b) = 21 31 50 = 6
LCM and GCD
• LCM of a and b is the smallest integer which is divisible by both a and b
a=ai b=bi
Lcm(a,b)=max(ai, bi)
(gcda,b)=min(ai, bi)
Euclid algorithm
Initialize r0=a and r1=b
E2: Compute the following sequence of equations
r0=q1r1 + r2
r1=q2r2 + r3
rn-3=qn-2rn-2 + rn-1
rn-2=qn-1rn-1 + rn
Until there is a step for which rn=0 while rn-1≠0
E3:The greatest common divisor is equal to rn-1.
C implementationlong gcd(long a, long b)
{
long r0, r1, r2;
if (a==0 || b==0) return (0);
r0=a;
r1=b;
r2=r0%r1;
while(r2)
{ r0=r1;
r1=r2;
r2=r0%r1;
}
if (r1>0)
return (r1);
else
return (-r1);
}
Relatively Prime Integers•Definition:
•Two integers a and b are relatively prime if gcd(a, b) = 1.
•Examples:
•Are 15 and 28 relatively prime?•Yes, gcd(15, 28) = 1.•Are 55 and 28 relatively prime?•Yes, gcd(55, 28) = 1.•Are 35 and 28 relatively prime?•No, gcd(35, 28) = 7. 24
Relatively Prime Numbers & GCD
• two numbers a, b are relatively prime if have no common divisors apart from 1 • eg. 8 & 15 are relatively prime since factors of 8 are 1,2,4,8
and of 15 are 1,3,5,15 and 1 is the only common factor • conversely can determine the greatest common divisor
by comparing their prime factorizations and using least powers• eg. 300=21×31×52 18=21×32 hence GCD(18,300)=21×31×50=6
PrimesSieve of Eratosthenes-determines all primes smaller than N
S1: Create an initial set of all numbers N N ={2,3,4,… N-1} smaller than N
S2:For all integers n<
S3:The final reduced set N N contains all primes smaller than N
Twin primes and Mersenne PrimesA couple of primes (p,q) are said to be twins if q=p+2. Except for the couple (2,3), this is clearly the smallest possible distance between two primes. • Example 2 (3,5),(5,7),(11,13),(17,19),(29,31),...,
(419,421),... are twin primes
Mersenne NumberA Mersenne Number is an integer of the form
Mp = 2p - 1 where p is a prime
If a Mersenne Number is itself prime then it is called Mersenne prime
The three smallest Mersenne primes are
M2 = 3, M3 = 7, M5 = 31.
While it is true that only Mersenne numbers Mp, where p = 2, 3, 5, … could be prime, often Mp is not prime even for a prime exponent p
The smallest counterexample is the Mersenne number
M11 = 211 − 1 = 2047 = 23 × 89, which is not prime, even though 11 is a prime number
The largest known prime number (243,112,609 − 1) is a Mersenne prime