Download presentation

Presentation is loading. Please wait.

Published byMae Richards Modified over 2 years ago

1
Week 3 - Friday

2
What did we talk about last time? AES Public key cryptography

6
Matt Shank

8
RSA depends in large part on the difficulty of factoring large composite numbers (particularly those that are a product of only 2 primes) Recall that an integer p is prime if p > 1 p is not divisible by any positive integers other than 1 and itself Trivia: The largest prime currently known is 2 57885161 – 1 It has 17,425,170 digits in base 10

9
Any integer greater than 1 can be factored into a unique series of prime factors: Example: 52 = 2 2 ∙ 13 Two integers a and b (greater than 1) are relatively prime or coprime if and only if a shares no prime factors with b

10
We won't get into the number theory behind this (yet) A Rabin-Miller primality test works as follows: Let n be the number you want to prove if it's prime or not n must be odd, thus n – 1 is even (n – 1) = 2 s d where s and d are positive integers and d is odd If n is prime, then for any integer 1 < a < n, exactly one of the two is true: ▪ a d 1 (mod n) or ▪ a 2 r d -1 (mod n), 1 ≤ r < s Pick several a values, see if either of the two cases hold If it ever doesn't, you know you have a composite

11
What if we want to see if 221 is prime? n – 1 = 220 = 2 2 ∙55 s = 2 d = 55 Attempt 1: Let a = 174 a 2 0 ·d mod n = 174 55 mod 221 = 47 ≠ 1, n − 1 a 2 1 ·d mod n = 174 110 mod 221 = 220 = n − 1 Check! Attempt 2: Let a = 137 a 2 0 ·d mod n = 137 55 mod 221 = 188 ≠ 1, n − 1 a 2 1 ·d mod n = 137 110 mod 221 = 205 ≠ n − 1 Oh no! Every successful attempt means there is only a 25% chance that the number is composite So, after k attempts, there is a 4 -k chance that the number is composite

12
The greatest common divisor or GCD of two numbers gives the largest factor they have in common Example: GCD( 12, 18 ) = GCD( 42, 56 ) = For small numbers, we can determine GCD by doing a complete factorization

13
For large numbers, we can use Euclid's algorithm to determine the GCD of two numbers Algorithm GCD( a, b) 1. If b = 0 ▪ Return a 2. Else ▪ temp = a mod b ▪ a = b ▪ b = temp 3. Goto Step 1 Example: GCD( 1970, 1066)

14
We can extend Euclid's algorithm to give us the multiplicative inverse for modular arithmetic Example: Find the inverse of 120 mod 23 Let a be the number Let b be the modular base Find Inverse(a, b) x = 0 lastx = 1 y = 1 lasty = 0 while b ≠ 0 ▪ quotient = a div b ▪ temp = b ▪ b = a mod b ▪ a = temp ▪ temp = x ▪ x = lastx-quotient*x ▪ lastx = temp ▪ temp = y ▪ y = lasty-quotient*y ▪ lasty = temp Return lastx

16
If p is prime and a is a positive integer not divisible by p, then: a p –1 1 (mod p)

17
Assume a is positive and less than p Consider the sequence a, 2a, 3a, …, (p – 1)a If these are taken mod p, we will get: 1, 2, 3, …, p – 1 This bit is the least obvious part of the proof However (because p is prime) if you add any non-zero element repeatedly, you will eventually get back to the starting point, covering all values (except 0) once Multiplying this sequence together gives: a ∙ 2a ∙ 3a ∙ … ∙ (p – 1)a 1 ∙ 2 ∙ 3 ∙ … ∙ (p – 1) (mod p) a p – 1 (p – 1)! (p – 1)! (mod p) a p – 1 1 (mod p)

18
Euler’s totient function (n) (n) = the number of positive integers less than n and relatively prime to n (including 1) If p is prime, then (p) = p – 1 If we have two primes p and q (which are different), then: (pq) = (p)∙ (q) = (p – 1)(q – 1)

19
Euler’s Theorem: For every a and n that are relatively prime, a (n) 1 (mod n) This generalizes Fermat’s Theorem because (p) = p – 1 if p is prime Proof is messier

21
Named for Rivest, Shamir, and Adleman Take a plaintext M converted to an integer Create an ciphertext C as follows: C = M e mod n Decrypt C back into M as follows: M = C d mod n = (M e ) d mod n = M ed mod n

22
TermDetailsSource MMessage to be encryptedSender CEncrypted messageComputed by sender nModulus, n = pqKnown by everyone pPrime numberKnown by receiver qPrime numberKnown by receiver eEncryption exponentKnown by everyone dDecryption exponentComputed by receiver (n)(n) Totient of nKnown by receiver

23
To encrypt: C = M e mod n e is often 3, but is always publically known To decrypt: M = C d mod n = M ed mod n We get d by finding the multiplicative inverse of e mod (n) So, ed 1 (mod (n))

24
We know that ed 1 (mod (n)) This means that ed = k (n) + 1 for some nonnegative integer k M ed = M k (n) + 1 M∙(M (n) ) k (mod n) By Euler’s Theorem M (n) 1 (mod n) So, M∙(M (n) ) k M (mod n)

25
M = 26 p = 17, q = 11, n = 187, e = 3 C = M 3 mod 187 = 185 (n) = (p – 1)(q – 1) = 160 d = e -1 mod 160 = 107 C d = 185 107 mod 187 = 26 If you can trust my modular arithmetic

26
You can’t compute the multiplicative inverse of e mod (n) unless you know what (n) is If you know p and q, finding (n) is easy Finding (n) is equivalent to finding p and q by factoring n No one knows an efficient way to factor a large composite number

28
Key management issues Cryptographic hash functions Yuki Gage presents

29
Finish reading Section 2.7 and 12.3 Start reading Section 2.8 Finish Assignment 1 Due tonight by midnight

Similar presentations

OK

CSE 321 Discrete Structures Winter 2008 Lecture 10 Number Theory: Primality.

CSE 321 Discrete Structures Winter 2008 Lecture 10 Number Theory: Primality.

© 2018 SlidePlayer.com Inc.

All rights reserved.

Ads by Google

Ppt on sanskritization Ppt on types of parallelograms Ppt on single phase and three phase dual converter circuit Ppt on tata trucks commercial vehicle Ppt on permanent magnet dc motor Ppt on power system optimization Ppt on ministry of corporate affairs government Ppt on plain cement concrete Ppt on db2 mainframes computer Ppt on web designing software