Download presentation

Presentation is loading. Please wait.

1
MS 101: Algorithms Instructor Neelima Gupta ngupta@cs.du.ac.in

2
Table of Contents Number Theoretic Problems

3
Problems to be discussed Addition of two large intergers Multiplication of two large intergers x^n x^n modulo m Gcd(a,b) Primes(x) –Simple Exponential –Pseudoprimality (polynomial time) –Miller-Rabin randomized primality (polynomial time) –AKS primality (polynomial time) RSA public-key cryptosystem

4
Computing x^n Iterative: x n-1 * x T(n) = T(n-1) + c (n-1) log 2 x = O(n 2 log 2 x) Divide and Conquer: x n/2 * x n/2 T(n) = T(n/2) + c n 2 log 2 x = O(n 2 log 2 x) Both Exponential in the input size B = (log x + log n)

5
Computing x^n modulo m x n modulo m never becomes too large (never more than m) i*log x = O(log m) Iterative: x n-1 * x modulo m T(n) <= T(n-1) + log x * log m = O(n * log x * log m) Exponential in the input size B = (log x + log n) Divide and Conquer: x n/2 * x n/2 modulo m T(n) = T(n/2) + log 2 m = O(log n * log 2 m) Polynomial in the input size.

6
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

7
Correctness of Euclid Follows from For any non-ve integer a and +ve integer b, gcd(a,b) = gcd(b, a mod b) Prove it yourself, its very simple.

8
Time Complexity Number of recursive calls k satisfies the following: Theorem: If a>b and the invocation EUCLID(a,b) performs k>=1 recursive calls, then a>=F k+2 and b>=F K+1. ( F k is fibonacci number) Proof: Omitted

9
Since F k is approximately Φ k / sqrt(5), where Φ is the golden ratio (1 + sqrt(5))/2, the number of recursive calls is O(lg b) (where b< a).

10
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

11
RSA Cryptosystem (Rivest, Shamir and Adleman, 1977) 1.Select two large prime numbers (say 100 digit) p and q at random. 2.Compute n = pq 3.Select a small odd integer e that is relatively prime to Φ(n). Φ(n) is the number of positive integers relatively prime to n and = (p-1)(q-1). 4.Compute d as the multiplicative inverse of e, modulo Φ(n). 5.Pair P =(e, n) is the public key. 6.S= (d, n) is the private/secret key

12
Primality Testing Prime distribution function π(n) is the number of primes <= n. Prime Number Theorem: lim n→∞ π(n) / (n/ ln n) = 1 i.e for large n the number of primes <= n is (n/ ln n) i.e we need to check about ln n numbers <= n for primality to find a prime that is of same length as n. Thus step 1 of RSA can be done in polynomial time using Rabin-Miller or AKS algorithm.

13
Modular Linear Equations ax ≡ b (mod n), n > 0 There are Modular Linear Equations Solver which solve the system in polynomial time for large a,b and n. Thus step 4 can be done in polynomial time with b = 1.

14
Encryption and Decryption using RSA Encryption: P(M) = M e (mod n) Decryption: S(C) = C d (mod n) Note that S(P(M)) = M since de = 1 (mod n) Clearly, these steps can be done in polynomial time using power function modulo n.

15
How difficult it is to crack RSA? The eavesdropper has M and d but he doesn’t have e. He could get e if knew n. How does he get n? He tries all numbers, factor a number into primes and obtain p and q, gets phi(n) (he can’t find phi(n) without p and q; phi(n) = n* product of (1- 1/p) of all prime factors of n), computes e and its inverse e’. If e’ matches d, he is done. Factoring a number into primes is a hard problem And that makes RSA difficult to crack.

16
b + (a mod b) = b + (a – floor(a/b) b) = a + (b - floor(a/b) b) ≤ a ( as a>b>0 => floor(a/b) ≥ 1) a ≥ b + (a mod b) = a k-1 + b k-1 ≥ F k+1 + F k (by induction hypo.) = F k+2. And, b k = a k-1 ≥ F k+1 (by induction hypo.) Note: a’s and b’s above are a k ’s and b k ’s resp.

17
Primality Testing Fermat’s Theorem If p is prime, then a p-1 ≡ 1 (mod p) for all a relatively prime to p Converse If a n-1 ≡ 1 (mod n) for all a relatively prime to n, is n prime? Ans: Not true for all n

18
Carmichael numbers These composite numbers for which the converse does not hold are called Carmichael numbers. Carmichael numbers are extremely rare: Only 255 less than 100,000,000.

Similar presentations

OK

The Complexity of Primality Testing. What is Primality Testing? Testing whether an integer is prime or not. – An integer p is prime if the only integers.

The Complexity of Primality Testing. What is Primality Testing? Testing whether an integer is prime or not. – An integer p is prime if the only integers.

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google

Ppt on queen victoria Ppt on diode family Convert pdf ppt to ppt online training Ppt on rational numbers for class 7 free download Appt only salon Ppt on history of atomic structure Ppt on any one mathematician Converter pub to ppt online ticket Heart anatomy and physiology ppt on cells Ppt on my school life