Announcements: 1. Congrats on reaching the halfway point once again! 2. DES graded soon 3. Short “pop” quiz on Ch 3. (Thursday at earliest) 4. Reminder:

Slides:



Advertisements
Similar presentations
WS Algorithmentheorie 03 – Randomized Algorithms (Primality Testing) Prof. Dr. Th. Ottmann.
Advertisements

Chapter 8 – Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other.
MS 101: Algorithms Instructor Neelima Gupta
Primality Testing Patrick Lee 12 July 2003 (updated on 13 July 2003)
Public Key Cryptosystems - RSA Receiver Sender Eavesdroppe r p q p q p q p and q prime.
Data encryption with big prime numbers
Lecture 8: Primality Testing and Factoring Piotr Faliszewski
COM 5336 Cryptography Lecture 7a Primality Testing
Notation Intro. Number Theory Online Cryptography Course Dan Boneh
Great Theoretical Ideas in Computer Science.
Announcements: See schedule for weeks 8 and 9 See schedule for weeks 8 and 9 Project workdays, due dates, exam Project workdays, due dates, exam Projects:
Announcements: 1. Term project groups and topics due tomorrow midnight Waiting for posts from most of you. Questions? This week: Primality testing, factoring.
and Factoring Integers (I)
Announcements: 1. Pass in Homework 5 now. 2. Term project groups and topics due by Friday 1.Can use discussion forum to find teammates 3. HW6 posted, due.
Announcements: Computer exam next class Computer exam next classQuestions? DTTF/NB479: DszquphsbqizDay 10.
Announcements: HW4 – DES due midnight HW4 – DES due midnight So far the record is less than 15 sec on 1 million iters Quiz on ch 3 postponed until after.
The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.
Announcements: 1. Presentations start Friday 2. Cem Kaner presenting O th block today. Questions? This week: DSA, Digital Cash DSA, Digital Cash.
Announcements: 1. Short “pop” quiz on Ch 3 (today?) 2. Term project groups and topics due midnight 3. HW6 due Tuesday. Questions? This week: Primality.
Announcements:Questions? This week: Birthday attacks, Digital signatures, DSA Birthday attacks, Digital signatures, DSA DTTF/NB479: DszquphsbqizDay 30.
Announcements: 1. Short “pop” quiz on Ch 3 (not today) 2. Term project groups and topics due tomorrow midnight Waiting for posts from 22 of you. 3. HW6:
Pass in HW6 now Can use up to 2 late days Can use up to 2 late days But one incentive not to burn them all: teams will get to pick their presentation day.
Cryptography Lecture 11: Oct 12. Cryptography AliceBob Cryptography is the study of methods for sending and receiving secret messages. adversary Goal:
Announcements: 1. Congrats on reaching the halfway point once again! 2. Reminder: HW5 due tomorrow, HW6 due Tuesday after break 3. Term project groups.
CS470, A.SelcukPublic Key Cryptography1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Announcements: HW3 updated. Due next Thursday HW3 updated. Due next Thursday Written quiz today Written quiz today Computer quiz next Friday on breaking.
Announcements: HW3 updated. Due next Thursday HW3 updated. Due next Thursday Written quiz tomorrow on chapters 1-2 (next slide) Written quiz tomorrow on.
Announcements: How was last Saturday’s workshop? How was last Saturday’s workshop? DES due now DES due now Chapter 3 Exam tomorrow Chapter 3 Exam tomorrow.
Announcements: 1. Pass in worksheet on using RSA now. 2. DES graded soon 3. Short “pop” quiz on Ch 3 (Thursday at earliest) 4. Term project groups and.
Chapter 8 – Introduction to Number Theory Prime Numbers  prime numbers only have divisors of 1 and self they cannot be written as a product of other numbers.
Announcements: HW4 – DES due Friday midnight HW4 – DES due Friday midnight Any volunteers to help config C/C# later today? Who’s using Scheme? Quiz on.
CSE 321 Discrete Structures Winter 2008 Lecture 8 Number Theory: Modular Arithmetic.
Theory I Algorithm Design and Analysis (9 – Randomized algorithms) Prof. Dr. Th. Ottmann.
Chapter 8 – Introduction to Number Theory Prime Numbers
DTTF/NB479: Dszquphsbqiz Day 9 Announcements: Homework 2 due now Homework 2 due now Computer quiz Thursday on chapter 2 Computer quiz Thursday on chapter.
Chapter 8 – Introduction to Number Theory Prime Numbers  prime numbers only have divisors of 1 and self they cannot be written as a product of other numbers.
Announcements: Homework 2 due now Homework 2 due now Quiz this Friday on concepts from chapter 2 Quiz this Friday on concepts from chapter 2 Practical.
Lecture 6: Public Key Cryptography
The RSA Algorithm Based on the idea that factorization of integers into their prime factors is hard. ★ n=p . q, where p and q are distinct primes Proposed.
Topic 18: RSA Implementation and Security
CSE 321 Discrete Structures Winter 2008 Lecture 10 Number Theory: Primality.

RSA Parameter Generation Bob needs to: - find 2 large primes p,q - find e s.t. gcd(e, Á (pq))=1 Good news: - primes are fairly common: there are about.
Prabhas Chongstitvatana 1 Primality Testing Is a given odd integer prime or composite ? No known algorithm can solve this problem with certainty in a reasonable.
MA/CSSE 473 Day 08 Randomized Primality Testing Carmichael Numbers Miller-Rabin test.
Cryptography Dec 29. This Lecture In this last lecture for number theory, we will see probably the most important application of number theory in computer.
Announcements: HW4 – DES due Thursday HW4 – DES due Thursday I have installed, or will install: Java, C (gcc), Python. What other languages? Please make.
MA/CSSE 473 Day 11 Primality testing summary Data Encryption RSA.
Cryptography Lecture 7: RSA Primality Testing Piotr Faliszewski.
The RSA Algorithm. Content Review of Encryption RSA An RSA example.
Remaining course content Remote, fair coin flipping Remote, fair coin flipping Presentations: Protocols, Elliptic curves, Info Theory, Quantum Crypto,
CSE 20: Discrete Mathematics for Computer Science Prof. Shachar Lovett.
Lecture 6.1: Misc. Topics: Number Theory CS 250, Discrete Structures, Fall 2011 Nitesh Saxena.
ENCRYPTION TAKE 2: PRACTICAL DETAILS David Kauchak CS52 – Spring 2015.
Ch1 - Algorithms with numbers Basic arithmetic Basic arithmetic Addition Addition Multiplication Multiplication Division Division Modular arithmetic Modular.
RSA cryptosystem--preview Suppose n=p  q and  (n)=(p-1)(q-1), where p and q are big primes. Select (find) a and b, such that a  b=1 mod  (n). K=(n,p,q,a,b),
6.3 Primality Testing. p2. (1) Prime numbers 1. How to generate large prime numbers? (1) Generate as candidate a random odd number n of appropriate size.
Week 4 - Wednesday.  What did we talk about last time?  Finished DES  AES.
Introduction to Number Theory
Primality Testing. Introduction The primality test provides the probability of whether or not a large number is prime. Several theorems including Fermat’s.
Data encryption with big prime numbers DANIEL FREEMAN, SLU.
Chapter 1 Algorithms with Numbers. Bases and Logs How many digits does it take to represent the number N >= 0 in base 2? With k digits the largest number.
MA/CSSE 473 Day 10 Primality Testing. MA/CSSE 473 Day 10 In-class exam: Friday, Sept 28 –You may bring a two-sided 8.5x11 inch piece of paper containing.
MA/CSSE 473 Day 9 Primality Testing Encryption Intro.
A Prime Example CS Lecture 20 A positive integer p  2 is prime if the only positive integers that divide p are 1 and p itself. Positive integers.
RSA Encryption Greg Gronn Laura Trimmer. RSA Encryption  Requires two 30 digit prime numbers to create an encoding/decryption key.  Goal: analyze different.
Public Key Encryption Major topics The RSA scheme was devised in 1978
DTTF/NB479: Dszquphsbqiz Day 22
Randomness and Computation: Some Prime Examples
Presentation transcript:

Announcements: 1. Congrats on reaching the halfway point once again! 2. DES graded soon 3. Short “pop” quiz on Ch 3. (Thursday at earliest) 4. Reminder: pass in worksheet on using RSA today or tomorrow. 5. Term project groups and topics due by Friday. Questions? This week: Primality testing, factoring Primality testing, factoring Discrete Logs Discrete Logs DTTF/NB479: DszquphsbqizDay 21

Plus-delta 5-min

Use Ch 10 – 19 as inspiration. Elliptic curves? Elliptic curves? Quantum crypto? Quantum crypto? Security protocols? Security protocols?Deliverables: A paper demonstrating your understanding of the topic A paper demonstrating your understanding of the topic A 20-min in-class presentation 9 th /10 th week A 20-min in-class presentation 9 th /10 th week Groups of ~3 to bound presentation time. Term projects

Pulling 479 back into cache RSA: public-key system: n, e known Easy to encrypt Easy to encrypt But need factorization of n (pq) to find d to decrypt. But need factorization of n (pq) to find d to decrypt. Factorization is a “one-way” function Factorization is a “one-way” function Builds on lots of ch 3 number theory, like Euclid, Fermat, and Euler. Builds on lots of ch 3 number theory, like Euclid, Fermat, and Euler. You used Maple to send messages You looked at some “implementation mistakes” (for example, using small values for e)

Compositeness testing Oops, did I say primality testing? Today, we discuss three techniques that can guarantee a number is composite, and guess when one is prime. 1.Square Root Compositeness Theorem + 2.Fermat’s Theorem = 3.Miller-Rabin Compositeness Test

Square Root Compositeness Theorem Given integers n, x, and y: Then n is composite, and gcd(x-y, n) is a non-trivial factor Proof: live in class Toy example showing 35 is composite using x=2 and y=12.

Review Fermat’s little theorem: If n is prime and doesn’t divide a, then If n is prime and doesn’t divide a, thenContrapositive: If then n is composite If then n is composite In practice, If then n is probably prime If then n is probably prime Rare counterexamples (15k our of first 10B ints) called pseudoprimes Rare counterexamples (15k our of first 10B ints) called pseudoprimesNotes Never gives factors Never gives factors Compute using powermod Compute using powermod=1 Not 1 PrimeMostNone Composite Rare pseudoprime All

Miller-Rabin Compositeness Test To test whether n is prime or composite Given odd n>1, write n-1=2 k m, where k >=1. Choose a base a randomly (or just pick a=2) Let b 0 =a m (mod n) If b 0 =+/-1, stop. n is probably prime by Fermat For i = 1..k-1 Compute b i =b i-1 2. If b i =1(mod n), stop. n is composite by SRCT, and gcd(b i-1 -1,n) is a factor. If b i =-1(mod n), stop. n is probably prime by Fermat. If b k =1 (mod n), stop. n is composite by SRCT Else n is composite by Fermat.

Miller-Rabin Given odd n>1, write n-1=2 k m, where k >=1. Choose a base a randomly (or just pick a=2) Let b 0 =a m (mod n) If b 0 =+/-1, stop. n is probably prime by Fermat For i = 1..k-1 Compute b i =b i-1 2. If b i =1(mod n), stop. n is composite by SRCT, and gcd(b i-1 -1,n) is a factor. If b i =-1(mod n), stop. n is probably prime by Fermat. If b k =1 (mod n), stop. n is composite by SRCT Else n is composite by Fermat. So: k b0b0 b1b1 bkbk Big picture: Fermat on steroids By doing a little extra work (finding k to change the order of the powermod), we can call some pseudoprimes composite and find some of their factors

Examples of Miller-Rabin Given odd n>1, write n-1=2 k m, where k >=1. Choose a base a randomly (or just pick a=2) Let b 0 =a m (mod n) If b 0 =+/-1, stop. n is probably prime by Fermat For i = 1..k-1 Compute b i =b i-1 2. If b i =1(mod n), stop. n is composite by SRCT, and gcd(b i-1 -1,n) is a factor. If b i =-1(mod n), stop. n is probably prime by Fermat. If b k =1 (mod n), stop. n is composite by SRCT Else n is composite by Fermat. 1.n=189 2.n=561 (Fermat says prob prime) Big picture: Fermat on steroids By doing a little extra work (finding k to change the order of the powermod), we can call some pseudoprimes composite and find some of their factors Those composites that even get by M-R are called strong pseudoprimes (~20% of pseudoprimes < 10B). Why does it work?

Using within a primality testing scheme Odd? div by other small primes? Prime by Factoring/ advanced techn.? n no yes prime Fermat?

Using within a primality testing scheme Finding large probable primes #primes < x = #primes < x = Density of primes: ~1/ln(x) For 100-digit numbers, ~1/230. So ~1/115 of odd 100-digit numbers are prime Can start with a random large odd number and iterate, applying M-R to remove composites. We’ll soon find one that is a likely prime. Maple’s nextprime() appears to do this, but also runs the Lucas test: math473.htm math473.htm math473.htm Odd? div by other small primes? Prime by Factoring/ advanced techn.? n no yes prime Pass M-R?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.