Presentation is loading. Please wait.

Presentation is loading. Please wait.

Announcements: 1. Congrats on reaching the halfway point once again! 2. Reminder: HW5 due tomorrow, HW6 due Tuesday after break 3. Term project groups.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Announcements: 1. Congrats on reaching the halfway point once again! 2. Reminder: HW5 due tomorrow, HW6 due Tuesday after break 3. Term project groups."— Presentation transcript:

1 Announcements: 1. Congrats on reaching the halfway point once again! 2. Reminder: HW5 due tomorrow, HW6 due Tuesday after break 3. Term project groups and topics due by Friday. Questions? This week: Primality testing, factoring Primality testing, factoring Discrete Logs Discrete Logs DTTF/NB479: DszquphsbqizDay 21

2 Use Ch 10 – 19 as inspiration. Elliptic curves? Elliptic curves? Quantum crypto? Quantum crypto? Security protocols? Security protocols?Deliverables: A paper demonstrating your understanding of the topic A paper demonstrating your understanding of the topic A 20-min in-class presentation 9 th /10 th week A 20-min in-class presentation 9 th /10 th week Groups of 4 to bound presentation time. Preliminary details posted Preliminary details posted Term projects

3 Plus-delta Please give me 5 minutes of your time for feedback on the course so far

4 Pulling 479 back into cache RSA: public-key system: n, e known Easy to encrypt Easy to encrypt But need factorization of n (pq) to find d to decrypt. But need factorization of n (pq) to find d to decrypt. Factorization is a “one-way” function Factorization is a “one-way” function Builds on lots of ch 3 number theory, like Euclid, Fermat, and Euler. Builds on lots of ch 3 number theory, like Euclid, Fermat, and Euler. Relationship between RSA and AES in http://www.grc.com/securitynow.htm#183, starting at 51:57 (Thanks to Matthew Jacobs for reference) Relationship between RSA and AES in http://www.grc.com/securitynow.htm#183, starting at 51:57 (Thanks to Matthew Jacobs for reference) http://www.grc.com/securitynow.htm#183 You used Maple to send messages You looked at some “implementation mistakes” (for example, using small values for e)

5 Compositeness testing Oops, did I say primality testing? Today, we discuss three techniques that can guarantee a number is composite, and guess when one is prime. 1.Square Root Compositeness Theorem + 2.Fermat’s Theorem = 3.Miller-Rabin Compositeness Test

6 The Square Root Compositeness Theorem gives a way to factor certain composite numbers Given integers n, x, and y: Then n is composite, and gcd(x-y, n) is a non-trivial factor Proof: on board Toy example showing 21 is composite using x=2 and y=16. 1

7 Review: Fermat can be used to test for compositeness, but doesn’t give factors Fermat’s little theorem: If n is prime and doesn’t divide a, then If n is prime and doesn’t divide a, thenContrapositive: If then n is composite If then n is composite In practice, If then n is probably prime If then n is probably prime Rare counterexamples (15k of first 10B pos integers) called pseudoprimes Rare counterexamples (15k of first 10B pos integers) called pseudoprimesNotes Never gives factors Never gives factors Compute using powermod Compute using powermod A is… \ a n-1 =1≠1 Prime Usually true None Composite Rare pseudoprime All 2

8 Even? div by other small primes? Prime by Factoring/ advanced techn.? n no yes prime Review: Primality testing schemes typically use the contrapositive of Fermat

9 The Miller-Rabin Compositeness Test just reorders the Fermat test’s powermod to catch pseudoprimes Observe: n is odd and n>1 Trick: write n-1=2 k m, where k >=1 b0b0 ? ? We’ll compute powers from inside out, checking if the result is +1 or -1 at each step

10 It uses the Square Root Compositeness Theorem to catch most pseudoprimes Given odd n>1, write n-1=2 k m, where k >=1. Choose a base a randomly (or just pick a=2) Let b 0 =a m (mod n) If b 0 =+/-1, stop. n is probably prime by Fermat For i = 1..k-1 Compute b i =b i-1 2. If b i =1(mod n), stop. n is composite by SRCT, and gcd(b i-1 -1,n) is a factor. If b i =-1(mod n), stop. n is probably prime by Fermat. If b k =1 (mod n), stop. n is composite by SRCT Else n is composite by Fermat. k b0b0 b1b1 bkbk b0b0

Download ppt "Announcements: 1. Congrats on reaching the halfway point once again! 2. Reminder: HW5 due tomorrow, HW6 due Tuesday after break 3. Term project groups."

Similar presentations

WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Primality Testing) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Primality Testing) Prof. Dr. Th. Ottmann.
Cryptography and Network Security

Cryptography and Network Security
Chapter 8 – Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other.

Chapter 8 – Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other.
MS 101: Algorithms Instructor Neelima Gupta

MS 101: Algorithms Instructor Neelima Gupta
Announcements: 1. Congrats on reaching the halfway point once again! 2. DES graded soon 3. Short “pop” quiz on Ch 3. (Thursday at earliest) 4. Reminder:

Announcements: 1. Congrats on reaching the halfway point once again! 2. DES graded soon 3. Short “pop” quiz on Ch 3. (Thursday at earliest) 4. Reminder:
Data encryption with big prime numbers

Data encryption with big prime numbers
Week 3 - Friday.  What did we talk about last time?  AES  Public key cryptography.

Week 3 - Friday.  What did we talk about last time?  AES  Public key cryptography.
Lecture 8: Primality Testing and Factoring Piotr Faliszewski

Lecture 8: Primality Testing and Factoring Piotr Faliszewski
Primality Testing By Ho, Ching Hei Cheung, Wai Kwok.

Primality Testing By Ho, Ching Hei Cheung, Wai Kwok.
COM 5336 Cryptography Lecture 7a Primality Testing

COM 5336 Cryptography Lecture 7a Primality Testing
Notation Intro. Number Theory Online Cryptography Course Dan Boneh

Notation Intro. Number Theory Online Cryptography Course Dan Boneh
Announcements: 1. Term project groups and topics due midnight 2. HW6 due next Tuesday. Questions? This week: Primality testing, factoring Primality testing,

Announcements: 1. Term project groups and topics due midnight 2. HW6 due next Tuesday. Questions? This week: Primality testing, factoring Primality testing,
15-251 Great Theoretical Ideas in Computer Science.

Great Theoretical Ideas in Computer Science.
Announcements: See schedule for weeks 8 and 9 See schedule for weeks 8 and 9 Project workdays, due dates, exam Project workdays, due dates, exam Projects:

Announcements: See schedule for weeks 8 and 9 See schedule for weeks 8 and 9 Project workdays, due dates, exam Project workdays, due dates, exam Projects:
Announcements: 1. Term project groups and topics due tomorrow midnight Waiting for posts from most of you. Questions? This week: Primality testing, factoring.

Announcements: 1. Term project groups and topics due tomorrow midnight Waiting for posts from most of you. Questions? This week: Primality testing, factoring.
Announcements: 1. Pass in Homework 5 now. 2. Term project groups and topics due by Friday 1.Can use discussion forum to find teammates 3. HW6 posted, due.

Announcements: 1. Pass in Homework 5 now. 2. Term project groups and topics due by Friday 1.Can use discussion forum to find teammates 3. HW6 posted, due.
Announcements: Computer exam next class Computer exam next classQuestions? DTTF/NB479: DszquphsbqizDay 10.

Announcements: Computer exam next class Computer exam next classQuestions? DTTF/NB479: DszquphsbqizDay 10.
HW6 due tomorrow Teams T will get to pick their presentation day in the order Teams T will get to pick their presentation day in the orderQuestions? Review.

HW6 due tomorrow Teams T will get to pick their presentation day in the order Teams T will get to pick their presentation day in the orderQuestions? Review.
Announcements: HW4 – DES due midnight HW4 – DES due midnight So far the record is less than 15 sec on 1 million iters Quiz on ch 3 postponed until after.

Announcements: HW4 – DES due midnight HW4 – DES due midnight So far the record is less than 15 sec on 1 million iters Quiz on ch 3 postponed until after.
The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.

The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.

Similar presentations

Ads by Google