Dan Boneh Intro. Number Theory Modular e’th roots Online Cryptography Course Dan Boneh.

Slides:



Advertisements
Similar presentations
The Euler Phi-Function Is Multiplicative (3/3)
Advertisements

Number Theory Algorithms and Cryptography Algorithms Prepared by John Reif, Ph.D. Analysis of Algorithms.
Rational Root Theorem.
Computability and Complexity
Primality Testing Patrick Lee 12 July 2003 (updated on 13 July 2003)
Notation Intro. Number Theory Online Cryptography Course Dan Boneh
1 Chapter 7– Introduction to Number Theory Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.
Elementary Number Theory and Methods of Proof. Basic Definitions An integer n is an even number if there exists an integer k such that n = 2k. An integer.
Introduction to Modern Cryptography Lecture 5 Number Theory: 1. Quadratic residues. 2. The discrete log problem. Intro to Public Key Cryptography Diffie.
6/20/2015 5:05 AMNumerical Algorithms1 x x1x
Complexity1 Pratt’s Theorem Proved. Complexity2 Introduction So far, we’ve reduced proving PRIMES  NP to proving a number theory claim. This is our next.
CS470, A.SelcukPublic Key Cryptography1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
and Factoring Integers
Chapter 4 – Finite Fields Introduction  will now introduce finite fields  of increasing importance in cryptography AES, Elliptic Curve, IDEA, Public.
Lecture 3.2: Public Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.
Many quadratic equations can not be solved by factoring. Other techniques are required to solve them. 7.1 – Completing the Square x 2 = 20 5x =
Solving quadratic equations Factorisation Type 1: No constant term Solve x 2 – 6x = 0 x (x – 6) = 0 x = 0 or x – 6 = 0 Solutions: x = 0 or x = 6 Graph.
Dan Boneh Intro. Number Theory Intractable problems Online Cryptography Course Dan Boneh.
Topic 18: RSA Implementation and Security
CSE 321 Discrete Structures Winter 2008 Lecture 10 Number Theory: Primality.
CSE 311 Foundations of Computing I Lecture 12 Primes, GCD, Modular Inverse Spring
Quadratic Residuosity and Two Distinct Prime Factor ZK Protocols By Stephen Hall.
3.5 Quadratic Equations OBJ:To solve a quadratic equation by factoring.
Software Security Seminar - 1 Chapter 11. Mathematical Background 발표자 : 안병희 Applied Cryptography.
COMP 170 L2 Page 1 L05: Inverses and GCDs l Objective: n When does have an inverse? n How to compute the inverse? n Need: Greatest common dividers (GCDs)
Module :MA3036NI Cryptography and Number Theory Lecture Week 7
Solving Quadratic Equations by Factoring
OBJ: To solve a quadratic equation by factoring
Advanced Algebraic Algorithms on Integers and Polynomials Prepared by John Reif, Ph.D. Analysis of Algorithms.
Dan Boneh Public Key Encryption from trapdoor permutations Is RSA a one-way function? Online Cryptography Course Dan Boneh.
Basic Number Theory Divisibility Let a,b be integers with a≠0. if there exists an integer k such that b=ka, we say a divides b which is denoted by a|b.
Solving Quadratic Equations by Factoring. Solution by factoring Example 1 Find the roots of each quadratic by factoring. factoring a) x² − 3x + 2 b) x².
YSLInformation Security -- Public-Key Cryptography1 Prime and Relatively Prime Numbers Divisors: We say that b  0 divides a if a = mb for some m, where.
Using square roots to solve quadratic equations. 2x² = 8 22 x² = 4 The opposite of squaring a number is taking its square root √ 4= ± 2.
Ryan Henry I 538 /B 609 : Introduction to Cryptography.
Notation Intro. Number Theory Online Cryptography Course Dan Boneh
Quadratic Equations: Factoring, Square Root Methods.
Solve by factoring. x² = - 4 – 5x 2,. Solve by factoring. n² = -30 – 11n -4 and -1.
©thevisualclassroom.com To solve equations of degree 2, we can use factoring or use the quadratic formula. For equations of higher degree, we can use the.
Dan Boneh Stream ciphers Stream ciphers are semantically secure Online Cryptography Course Dan Boneh Goal: secure PRG ⇒ semantically secure stream cipher.
BY: JAREK ESSWEIN Number Theory. Problem Use the quadratic law of reciprocity to compute the following Legendre symbol (85/101)
Solve polynomial equations with complex solutions by using the Fundamental Theorem of Algebra. 5-6 THE FUNDAMENTAL THEOREM OF ALGEBRA.
Dan Boneh Stream ciphers PRG Security Defs Online Cryptography Course Dan Boneh.
Introduction to Number Theory
Pertemuan #5 Pengantar ke Number Theory Kuliah Pengaman Jaringan.
Dan Boneh Intro. Number Theory Fermat and Euler Online Cryptography Course Dan Boneh.
CSE 311: Foundations of Computing Fall 2013 Lecture 12: Primes, GCD, modular inverse.
Dan Boneh Intro. Number Theory Arithmetic algorithms Online Cryptography Course Dan Boneh.
Lecture 2-3 Basic Number Theory and Algebra. In modern cryptographic systems, the messages are represented by numerical values prior to being encrypted.
CS480 Cryptography and Information Security
MA/CSSE 473 Day 07 Extended Euclid's Algorithm Modular Division Fermat's little theorem intro.
Revision. Cryptography depends on some properties of prime numbers. One of these is that it is rather easy to generate large prime numbers, but much harder.
Number-Theoretic Algorithms
MA/CSSE 473 Day 07 Extended Euclid's Algorithm Modular Division
Assignment 4 is due! Assignment 5 is out and is due in two weeks!
Solving Quadratic Equations by the Complete the Square Method
ALGORITHM NUMBER THEORY
6*. An Introduction to Number Theory
9.3 Solving Quadratic Equations
Lecture 20 Guest lecturer: Neal Gupta
CSE 311: Foundations of Computing
Rational Root Theorem.
Quadratic Equations.
Modular Inverses Recall the simple encryption function
Mathematical Background for Cryptography
Solving Quadratic Equations by Finding Square Roots
Cryptography Lecture 16.
Lecture 2-3 Basic Number Theory and Algebra
Presentation transcript:

Dan Boneh Intro. Number Theory Modular e’th roots Online Cryptography Course Dan Boneh

Dan Boneh Modular e’th roots We know how to solve modular linear equations: a ⋅ x + b = 0 in Z N Solution: x = −b ⋅ a -1 in Z N What about higher degree polynomials? Example: let p be a prime and c ∈ Z p. Can we solve: x 2 – c = 0, y 3 – c = 0, z 37 – c = 0 in Z p

Dan Boneh Modular e’th roots Let p be a prime and c ∈ Z p. Def: x ∈ Z p s.t. x e = c in Z p is called an e’th root of c. Examples: 7 1/3 = 6 in 3 1/2 = 5 in 1 1/3 = 1 in 2 1/2 does not exist in

Dan Boneh The easy case When does c 1/e in Z p exist? Can we compute it efficiently? The easy case: suppose gcd( e, p-1 ) = 1 Then for all c in (Z p ) * : c 1/e exists in Z p and is easy to find. Proof: let d = e -1 in Z p-1. Then d ⋅ e = 1 in Z p-1 ⇒

Dan Boneh The case e=2: square roots If p is an odd prime then gcd( 2, p-1) ≠ 1 Fact: in, x x 2 is a 2-to-1 function Example: in : Def: x in is a quadratic residue (Q.R.) if it has a square root in p odd prime ⇒ the # of Q.R. in is (p-1)/ x−x x2x2

Dan Boneh Euler’s theorem Thm: x in (Z p ) * is a Q.R. x (p-1)/2 = 1 in Z p (p odd prime) Example: Note: x≠0 ⇒ x (p-1)/2 = ( x p-1 ) 1/2 = 1 1/2 ∈ { 1, -1 } in Z p Def: x (p-1)/2 is called the Legendre Symbol of x over p (1798) in : 1 5, 2 5, 3 5, 4 5, 5 5, 6 5, 7 5, 8 5, 9 5, 10 5 = , -1, -1, -1, 1, -1

Dan Boneh Computing square roots mod p Suppose p = 3 (mod 4) Lemma: if c ∈ (Z p ) * is Q.R. then √ c = c (p+1)/4 in Z p Proof: When p = 1 (mod 4), can also be done efficiently, but a bit harder run time ≈ O(log 3 p)

Dan Boneh Solving quadratic equations mod p Solve: a ⋅ x 2 + b ⋅ x + c = 0 in Z p Solution: x = (-b ± √ b 2 – 4 ⋅ a ⋅ c ) / 2a in Z p Find (2a) -1 in Z p using extended Euclid. Find square root of b 2 – 4 ⋅ a ⋅ c in Z p (if one exists) using a square root algorithm

Dan Boneh Computing e’th roots mod N ?? Let N be a composite number and e>1 When does c 1/e in Z N exist? Can we compute it efficiently? Answering these questions requires the factorization of N (as far as we know)

Dan Boneh End of Segment

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.