Applied Symbolic Computation (CS 300) Modular Arithmetic


Similar presentations
1 Lect. 12: Number Theory. Contents Prime and Relative Prime Numbers Modular Arithmetic Fermat’s and Euler’s Theorem Extended Euclid’s Algorithm.

Primality Testing Patrick Lee 12 July 2003 (updated on 13 July 2003)
1 Chapter 7– Introduction to Number Theory Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Complexity1 Pratt’s Theorem Proved. Complexity2 Introduction So far, we’ve reduced proving PRIMES  NP to proving a number theory claim. This is our next.
Congruence of Integers
and Factoring Integers
Lecture 3.2: Public Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.
Fall 2002CMSC Discrete Structures1 Let us get into… Number Theory.
CS555Spring 2012/Topic 61 Cryptography CS 555 Topic 6: Number Theory Basics.
Great Theoretical Ideas in Computer Science.
1 Properties of Integers Objectives At the end of this unit, students should be able to: State the division algorithm Apply the division algorithm Find.
Module :MA3036NI Cryptography and Number Theory Lecture Week 7
Prelude to Public-Key Cryptography Rocky K. C. Chang, February
Rational Numbers and Fields
Chinese Remainder Theorem Dec 29 Picture from ………………………
1 Network and Computer Security (CS 475) Modular Arithmetic and the RSA Public Key Cryptosystem Jeremy R. Johnson.
Network and Computer Security (CS 475) Modular Arithmetic
1 Section Congruences In short, a congruence relation is an equivalence relation on the carrier of an algebra such that the operations of the algebra.
1 Thinking the Impossible “Modern Cryptography” Jeremy R. Johnson.
1 Fast Polynomial and Integer Multiplication Jeremy R. Johnson.
Tuesday’s lecture: Today’s lecture: One-way permutations (OWPs)
Great Theoretical Ideas in Computer Science for Some.
Modular Arithmetic and the RSA Cryptosystem Great Theoretical Ideas In Computer Science John LaffertyCS Fall 2005 Lecture 9Sept 27, 2005Carnegie.
Ref: Pfleeger96, Ch.31 Properties of Arithmetic Reference: Pfleeger, Charles P., Security in Computing, 2nd Edition, Prentice Hall, 1996.
Great Theoretical Ideas In Computer Science COMPSCI 102 Fall 2010 Lecture 16October 27, 2010Duke University Modular Arithmetic and the RSA Cryptosystem.
Applied Symbolic Computation1 Applied Symbolic Computation (CS 567) The Fast Fourier Transform (FFT) and Convolution Jeremy R. Johnson TexPoint fonts used.
Divisibility and Modular Arithmetic
May 9, 2001Applied Symbolic Computation1 Applied Symbolic Computation (CS 680/480) Lecture 6: Multiplication, Interpolation, and the Chinese Remainder.
Chapter 4 With Question/Answer Animations 1. Chapter Motivation Number theory is the part of mathematics devoted to the study of the integers and their.
Number Theory Lecture 1 Text book: Discrete Mathematics and its Applications, 7 th Edition.
Great Theoretical Ideas in Computer Science.
MA/CSSE 473 Day 07 Extended Euclid's Algorithm Modular Division Fermat's little theorem intro.
Number Theory. Introduction to Number Theory Number theory is about integers and their properties. We will start with the basic principles of divisibility,
Discrete Math II Howon Kim
Modular Arithmetic and the RSA Cryptosystem
B504/I538: Introduction to Cryptography
Topic 12: Number Theory Basics (2)
Great Theoretical Ideas in Computer Science
Prelude to Public-Key Cryptography
Advanced Algorithms Analysis and Design
Lecture 3.2: Public Key Cryptography II
Number-Theoretic Algorithms (UNIT-4)
Introduction to Number Theory
Number Theory and Modular Arithmetic
September 4, 1997 Applied Symbolic Computation (CS 300) Fast Polynomial and Integer Multiplication Jeremy R. Johnson.
Great Theoretical Ideas in Computer Science
Applied Symbolic Computation (CS 300) Modular Arithmetic
GROUPS & THEIR REPRESENTATIONS: a card shuffling approach
Applied Symbolic Computation
Prime and Relatively Prime Numbers
September 4, 1997 Applied Symbolic Computation (CS 300) Fast Polynomial and Integer Multiplication Jeremy R. Johnson.
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Applied Symbolic Computation (CS 300) Modular Arithmetic
Modular Arithmetic and the RSA Cryptosystem
Systems Architecture I
Classical Ciphers – 2 CSCI284 Spring 2004 GWU
September 4, 1997 Applied Symbolic Computation (CS 567) Fast Polynomial and Integer Multiplication Jeremy R. Johnson.
Applied Symbolic Computation (CS 300) Modular Arithmetic
Applied Symbolic Computation
Lecture 3.1: Public Key Cryptography I
Algorithmic Number Theory and Cryptography (CS 303) Modular Arithmetic
Applied Symbolic Computation
Divisibility and Modular Arithmetic
Applied Symbolic Computation (CS 300) Modular Arithmetic
CSCI284 Spring 2009 GWU Sections 5.1, 5.2.2, 5.3
Applied Symbolic Computation (CS 300) Modular Arithmetic
Patrick Lee 12 July 2003 (updated on 13 July 2003)
Rayat Shikshan Sanstha’s S.M.Joshi College, Hadapsar -28
Clements MAΘ October 30th, 2014
Fast Polynomial and Integer Multiplication
Presentation transcript:

Applied Symbolic Computation (CS 300) Modular Arithmetic September 4, 1997 Applied Symbolic Computation (CS 300) Modular Arithmetic Jeremy R. Johnson

September 4, 1997 Introduction Objective: To become familiar with modular arithmetic and some key algorithmic constructions that are important for computer algebra algorithms. Modular Arithmetic Modular inverses and the extended Euclidean algorithm Fermat’s theorem Euler’s Identity Chinese Remainder Theorem References: Rivest, Shamir, Adelman.

Modular Arithmetic (Zn) Definition: a  b (mod n)  n | (b - a) Alternatively, a = qn + b Properties (equivalence relation) a  a (mod n) [Reflexive] a  b (mod n)  b  a (mod n) [Symmetric] a  b (mod n) and b  c (mod n)  a  c (mod n) [Transitive] Definition: An equivalence class mod n [a] = { x: x  a (mod n)} = { a + qn | q  Z}

Modular Arithmetic (Zn) It is possible to perform arithmetic with equivalence classes mod n. [a] + [b] = [a+b] [a] * [b] = [a*b] In order for this to make sense, you must get the same answer (equivalence) class independent of the choice of a and b. In other words, if you replace a and b by numbers equivalent to a or b mod n you end of with the sum/product being in the same equivalence class. a1  a2 (mod n) and b1  b2 (mod n)  a1+ b1  a2 + b2 (mod n) a1* b1  a2 * b2 (mod n) (a + q1n) + (b + q2n) = a + b + (q1 + q2)n (a + q1n) * (b + q2n) = a * b + (b*q1 + a*q2 + q1* q2)n

Representation of Zn The equivalence classes [a] mod n, are typically represented by the representatives a. Positive Representation: Choose the smallest positive integer in the class [a] then the representation is {0,1,…,n-1}. Symmetric Representation: Choose the integer with the smallest absolute value in the class [a]. The representation is {-(n-1)/2 ,…, n/2 }. When n is even, choose the positive representative with absolute value n/2. E.G. Z6 = {-2,-1,0,1,2,3}, Z5 = {-2,-1,0,1,2}

Modular Inverses Definition: x is the inverse of a mod n, if ax  1 (mod n) The equation ax  1 (mod n) has a solution iff gcd(a,n) = 1. By the Extended Euclidean Algorithm, there exist x and y such that ax + ny = gcd(a,n). When gcd(a,n) = 1, we get ax + ny = 1. Taking this equation mod n, we see that ax  1 (mod n) By taking the equation mod n, we mean applying the mod n homomorphism: m Z  Zm, which maps the integer a to the equivalence class [a]. This mapping preserves sums and products. I.E. m(a+b) = m(a) + m(b), m(a*b) = m(a) * m(b)

Fermat’s Theorem Theorem: If a  0  Zp, then ap-1  1 (mod p). More generally, if a  Zp, then ap  a (mod p). Proof: Assume that a  0  Zp. Then a * 2a * … (p-1)a = (p-1)! * ap-1 Also, since a*i  a*j (mod p)  i  j (mod p), the numbers a, 2a, …, (p-1)a are distinct elements of Zp. Therefore they are equal to 1,2,…,(p-1) and their product is equal to (p-1)! mod p. This implies that (p-1)! * ap-1  (p-1)! (mod p)  ap-1  1 (mod p).

Euler phi function Definition: phi(n) = #{a: 0 < a < n and gcd(a,n) = 1} Properties: (p) = p-1, for prime p. (p^e) = (p-1)*p^(e-1)  (m*n) =  (m)* (n) for gcd(m,n) = 1. (p*q) = (p-1)*(q-1) Examples: (15) = (3)* (5) = 2*4 = 8. = #{1,2,4,7,8,11,13,14} (9) = (3-1)*3^(2-1) = 2*3 = 6 = #{1,2,4,5,7,8}

Euler’s Identity The number of elements in Zn that have multiplicative inverses is equal to phi(n). Theorem: Let (Zn)* be the elements of Zn with inverses (called units). If a  (Zn)*, then a(n)  1 (mod n). Proof. The same proof presented for Fermat’s theorem can be used to prove this theorem.

Chinese Remainder Theorem Theorem: If gcd(m,n) = 1, then given a and b there exist an integer solution to the system: x  a (mod m) and x = b (mod n). Proof: Consider the map x  (x mod m, x mod n). This map is a 1-1 map from Zmn to Zm  Zn, since if x and y map to the same pair, then x  y (mod m) and x  y (mod n). Since gcd(m,n) = 1, this implies that x  y (mod mn). Since there are mn elements in both Zmn and Zm  Zn, the map is also onto. This means that for every pair (a,b) we can find the desired x.

Alternative Interpretation of CRT Let Zm  Zn denote the set of pairs (a,b) where a  Zm and b  Zn. We can perform arithmetic on Zm  Zn by performing componentwise modular arithmetic. (a,b) + (c,d) = (a+b,c+d) (a,b)*(c,d) = (a*c,b*d) Theorem: Zmn  Zm  Zn. I.E. There is a 1-1 mapping from Zmn onto Zm  Zn that preserves arithmetic. (a*c mod m, b*d mod n) = (a mod m, b mod n)*(c mod m, d mod n) (a+c mod m, b+d mod n) = (a mod m, b mod n)+(c mod m, d mod n) The CRT implies that the map is onto. I.E. for every pair (a,b) there is an integer x such that (x mod m, x mod n) = (a,b).

Constructive Chinese Remainder Theorem Theorem: If gcd(m,n) = 1, then there exist em and en (orthogonal idempotents) em  1 (mod m) em  0 (mod n) en  0 (mod m) en  1 (mod n) It follows that a*em + b* en  a (mod m) and  b (mod n). Proof. Since gcd(m,n) = 1, by the Extended Euclidean Algorithm, there exist x and y with m*x + n*y = 1. Set em = n*y and en = m*x