Computing k th Roots Quickly (4/4) Via the Fast Exp algorithm, we know we can quickly compute large powers of large numbers modulo large numbers. What.

Slides:



Advertisements
Similar presentations
The Euler Phi-Function Is Multiplicative (3/3)
Advertisements

Richard Fateman CS 282 Lecture eea1 Extended Euclidean Algorithm Lecture eea.
Section 4.1: Primes, Factorization, and the Euclidean Algorithm Practice HW (not to hand in) From Barr Text p. 160 # 6, 7, 8, 11, 12, 13.
22C:19 Discrete Structures Integers and Modular Arithmetic
Fermat’s Little Theorem (2/24) Theorem (flt). If p is prime and GCD(a, p) = 1, then a p – 1  1 (mod p). Again, this says that in a mod p congruence, we.
The Inverse of a Matrix (10/14/05) If A is a square (say n by n) matrix and if there is an n by n matrix C such that C A = A C = I n, then C is called.
Great Theoretical Ideas in Computer Science.
Announcements: Homework 1 returned. Comments from Kevin? Homework 1 returned. Comments from Kevin? Matlab: tutorial available at
Chapter 3 Coding Theory.
Congruence of Integers
Chapter 4 – Finite Fields Introduction  will now introduce finite fields  of increasing importance in cryptography AES, Elliptic Curve, IDEA, Public.
CSC 2300 Data Structures & Algorithms January 30, 2007 Chapter 2. Algorithm Analysis.
Mathematics of Cryptography Part I: Modular Arithmetic, Congruence,
DTTF/NB479: Dszquphsbqiz Day 9 Announcements: Homework 2 due now Homework 2 due now Computer quiz Thursday on chapter 2 Computer quiz Thursday on chapter.
Dan Boneh Intro. Number Theory Modular e’th roots Online Cryptography Course Dan Boneh.
CSE 311 Foundations of Computing I Lecture 12 Primes, GCD, Modular Inverse Spring
CS555Spring 2012/Topic 61 Cryptography CS 555 Topic 6: Number Theory Basics.
BY MISS FARAH ADIBAH ADNAN IMK
Mathematics of Cryptography Part I: Modular Arithmetic, Congruence,
Proof of Euler-Fermat (2/28) Here’s an outline of the proof of the Euler-Fermat Theorem, which mirrors the proof of flt. Given any m, let B = {b i | 0.
Section 2.2: Affine Ciphers; More Modular Arithmetic Practice HW (not to hand in) From Barr Textbook p. 80 # 2a, 3e, 3f, 4, 5a, 7, 8 9, 10 (Use affinecipherbreaker.
Introduction to Modular Arithmetic and Public Key Cryptography.
COMP 170 L2 Page 1 L05: Inverses and GCDs l Objective: n When does have an inverse? n How to compute the inverse? n Need: Greatest common dividers (GCDs)
Module :MA3036NI Cryptography and Number Theory Lecture Week 7
Mathematics of Cryptography Modular Arithmetic, Congruence,
CPSC 3730 Cryptography and Network Security
Upcoming MA 214 Schedule (2/21) The mid-term exam will be entirely take-home (with very specific “ground rules”). It will be handed out on Wednesday March.
RSA and its Mathematics Behind
Complexity of the Euclidean Algorithm (2/7) The complexity of an algorithm is the approximate number of steps necessary for the algorithm to finish as.
Prelude to Public-Key Cryptography Rocky K. C. Chang, February
Cryptography Inverses and GCD Piotr Faliszewski. GCD(a,b) gcd(a, 0) = a gcd(a, b) = gcd(b, a mod b) a = b*q + r Here: q =  a / b  r = a mod b (a –
Modular Arithmetic with Applications to Cryptography Lecture 47 Section 10.4 Wed, Apr 13, 2005.
Copyright © Zeph Grunschlag, Basic Number Theory Zeph Grunschlag.
Fast Exponentiation (3/31) What is the most efficient way to compute (mod 32591)? We will need an efficient algorithm in order to do “RSA cryptography”,
RSA and its Mathematics Behind July Topics  Modular Arithmetic  Greatest Common Divisor  Euler’s Identity  RSA algorithm  Security in RSA.
Chinese Remainder Theorem Dec 29 Picture from ………………………
Section 2.2: Affine Ciphers; More Modular Arithmetic Shift ciphers use an additive key. To increase security, we can add a multiplicative parameter. –For.
Chinese Remainder Theorem. How many people What is x? Divided into 4s: remainder 3 x ≡ 3 (mod 4) Divided into 5s: remainder 4 x ≡ 4 (mod 5) Chinese Remainder.
The Euler-Fermat Theorem Our text calls this “Euler’s Formula”, but I prefer the above name, giving due credit to Fermat. Obvious question: Can Fermat’s.
MA/CSSE 473 Day 08 Extended Euclid's Algorithm Modular Division Fermat's little theorem.
Cryptography and Network Security Chapter 4. Introduction  will now introduce finite fields  of increasing importance in cryptography AES, Elliptic.
Congruences (2/17) If m (the modulus) is positive and if a and b are integers, then we say a is congruent to b mod m, writing a  b (mod m), provided that.
Application: Algorithms Lecture 20 Section 3.8 Wed, Feb 21, 2007.
Implementation Issues for Public Key Algorithms
AF2. Turn off your phones Primes, gcd, some examples, reading.
Primality Testing. Introduction The primality test provides the probability of whether or not a large number is prime. Several theorems including Fermat’s.
Lecture 3.1: Public Key Cryptography I CS 436/636/736 Spring 2015 Nitesh Saxena.
CSE 311: Foundations of Computing Fall 2013 Lecture 12: Primes, GCD, modular inverse.
Application: Algorithms Lecture 19 Section 3.8 Tue, Feb 20, 2007.
Cryptography Lecture 14 Arpita Patra © Arpita Patra.
Remarks on Fast Exp (4/2) How do we measure how fast any algorithm is? Definition. The complexity of an algorithm is a measure of the approximate number.
Chapter 1 Algorithms with Numbers. Bases and Logs How many digits does it take to represent the number N >= 0 in base 2? With k digits the largest number.
AF2. Turn off your phones Primes, gcd, some examples, reading.
RSA Cryptosystem Great Theoretical Ideas In Computer Science S. Rudich V. Adamchik CS Spring 2006 Lecture 8Feb. 09, 2006Carnegie Mellon University.
CS/COE 1501 Recitation RSA Encryption/Decryption Extended Euclidean Algorithm Digital Signatures.
CS480 Cryptography and Information Security
Order of Operations Oral examples x 5 x x 5 ÷ ÷ 5 x ÷ 5 ÷ 2 9.
CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 3. Mathematics of Cryptography.
MA/CSSE 473 Day 07 Extended Euclid's Algorithm Modular Division Fermat's little theorem intro.
Rabin & Karp Algorithm. Rabin-Karp – the idea Compare a string's hash values, rather than the strings themselves. For efficiency, the hash value of the.
Revision. Cryptography depends on some properties of prime numbers. One of these is that it is rather easy to generate large prime numbers, but much harder.
Advanced Algorithms Analysis and Design
MATH301- DISCRETE MATHEMATICS Copyright © Nahid Sultana Dr. Nahid Sultana Chapter 4: Number Theory and Cryptography.
Number Theory (Chapter 7)
CS/COE 1501 Recitation RSA Encryption/Decryption
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
The Extended Euclidean Algorithm (2/10)
Modular Inverses Recall the simple encryption function
Mathematical Background for Cryptography
Algebra 5 Congruence Classes.
Presentation transcript:

Computing k th Roots Quickly (4/4) Via the Fast Exp algorithm, we know we can quickly compute large powers of large numbers modulo large numbers. What about finding roots rather than powers? Specifically, can we quickly solve the congruence x k  b (mod m) ? Said another way, can we quickly find the k th root of b modulo m, that is, can we find a positive number u such that (b u ) k  b (mod m) ? The answer is (sort of) yes, and the technique is a beautiful application of the Euler-Fermat Theorem and the Extended Euclidean Algorithm (which we already know is fast) applied to k and  (m).

How It Works Recall: Theorem (Euler-Fermat). If GCD(b, m) = 1, then b  (m)  1 (mod m). Recall: If GCD(k,  (m)) = 1, then using the Extended Euclidean Algorithm, we can write 1 as a linear combination of k and  (m), i.e., we can find u and v such that u k + v  (m) = 1, and moreover, by adding or subtracting multiples of  (m), we can assure that 1  u <  (m). But now, combining these two ideas, and provided that GCD(b, m) = 1 and GCD(k,  (m)) = 1, we get b = b u k + v  (m) = (b u ) k (b  (m) ) v  (b u ) k (1) v = (b u ) k (mod m), i.e., b u is the k th root of b modulo m.

An Example What is the 7 th root of 5 modulo 77? We first check the two necessary conditions: Are 5 and 77 relatively prime? Yes, so we can apply E-F. Also, are 7 and  (77) = 60 relatively prime? Yes. Running the EEA, we get (-17)(7) + (2)(60) = 1, i.e, u = = 43. Hence the 7 th root of 5 (mod 77) is 5 43 (mod 77), which by Fast Exp is 26. Let’s check. By Fast Exp, 26 7 (mod 77) = 5, as desired. Filling in the sequence of steps: 5 = 5 (-17)(7)+(2)(60) = 5 (43)(7)+(-5)(60) = (5 43 ) 7 (5 60 ) -5  (5 43 ) 7 (1) -5 = (5 43 ) 7  26 7 (mod 77).

Will It Work on Large Numbers? The answer is: “Sort of”, and the snag is in a place you might not at first expect it. Let’s look back at the algorithm and see if we can spot the trouble point. This snag may seem unfortunate, but it turns out that it is exactly this snag which makes “RSA encryption” work. Assignment for Monday: 1. Read Chapter 17, 2. By hand compute the 5 th root of 2 mod 19, 3. Do Exercise I strongly suggest you fire up Mathematica and make use of the functions PowerMod, GCD, ExtendedGCD, and/or FactorInteger. If you’re clever, they can be solved by applying a single line of code. Answers are (I think): a. 37 b. 559

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.