Download
1 / 13
150 likes | 339 Views
Introduction to Number Theory. Department of Computer Engineering Sharif University of Technology 3/8/2006. Prime Numbers. Any integer a > 1 can be factored in a unique way a = p 1 p 2 … p t ( p 1 > p 2 > … > p t , α i > 0 )
E N D
Introduction to Number Theory Department of Computer Engineering Sharif University of Technology 3/8/2006
Prime Numbers • Any integer a > 1 can be factored in a unique way • a = p1 p2 … pt(p1 > p2 > … > pt , αi > 0) • a = ΠP (pap)(P: the set all of prime numbers) • Thus • k = mn kp = mp + npfor all p • a|b ap ≤ bp for all p • k = gcd(a, b) kp = min(ap, bp)for all p
Modular Arithmetic • a = qn + r a ºr modn • a º b modn and b º cmodn a º cmodn • [(amodn) + (bmodn)] modn = (a + b) modn • [(amodn) - (bmodn)] modn = (a - b) modn • [(amodn) * (bmodn)] modn = (a * b) modn • (a + b)º(a + c)modn b º cmodn
Modular Arithmetic (cont’d) • If a is relatively prime to n (a * b)º(a * c)modn b º cmod n • Zn = {0, 1, …, (n – 1)} • For each a relatively prime to n, there is b in Zn a * b º 1 modn b= a -1 = Multiplicative inverse of a • Proof key : [(a * Zn) mod n] = Znpermuted {0 mod n, a mod n, 2a mod n, …, (n – 1)a mod n} = Zn
Fermat’s Theorem • If p is prime and a is a positive integer not divisible by p • a p-1º 1 mod p (a pº a modp) • Proof : • a * 2a * … * (p – 1)aº (p – 1)! a p-1mod p • (a * {1, 2, …, p – 1}) mod p = {1, 2, …, (p – 1)} a * 2a * … * (p – 1)aº (p – 1)! mod p • (p – 1)! a p-1º(p – 1)! mod p a p-1º 1 mod p
Euler’s Totient Function • Euler’s Totient Function • f(n) = number of positive integers less than n and relatively prime to n • For a prime number p • f(p) = p – 1 • For n = pq where p and q are prime • f(n) = (p – 1)(q – 1)
Euler’s Theorem • For every a and n that are relatively prime • a f(n)º 1 modn (a f(n)+1ºamodn) • Proof : • The set of positive integers less than n and relatively prime to n = R = {x1 , x2 , … , xf (n)} • S = (a * R) mod n = {axi mod n | 1 <= i <= f (n)} • S = R because S’s elements are relatively prime to n No duplication in S
Euler’s Theorem (cont’d) • Proof (cont’d) : • S = R ΠR = ΠS Π(axi) º Π(xi) (mod n) • af (n) * Π(xi) º Π(xi) (mod n) • af (n)º 1 mod n • Corollary useful in RSA : For n = pq where p and q are prime and 0 < m < n : • mf (n) + 1ºmmodn (also mkf (n) + 1ºm)
Euler’s Theorem (cont’d) • Proof of corollary : • gcd(m, n) = 1 clear • gcd(m, n) = p (or q) p | m gcd(m, q) = 1 mf (q)º 1 modq mf (n)º 1 modq mf (n)= 1 + kq mf (n) + 1=m + kq * k’p mf (n) + 1ºmmodn
Testing for Primality • x2º 1 modp (p is an odd prime) only two solutions • xº 1 and xº -1 modp • Corollary : • A solution except ±1 n is not prime • WITNESS(a, n) (textbook) • True n is definitely not prime • False n may be prime • returns false with a prob. < 0.5 • Repeatedly invoke it (until returns true) • after s times, n is prime with a prob. >= (1 – 2-s)
Discrete Logarithms • amº 1 modn (gcd(a,n) = 1) • At least one integer m (namely f (n)) • Least positive m is called • The order of a (mod n) • The exponent to which a belongs (mod n) • The length of the period generated by a • m is at most f (n), if m = f (n) • a is a primitive root of n • a, a2, …, af (n) (mod n) are distinct and rel. prime to n
Discrete Logarithms (cont’d) • For any integer b and a primitive root a of prime number p • A unique i satisfies bºai mod n (0 <= i <=f (n) – 1) • i is the index of b for the base a (mod n) = inda,n (b) • inda,n (1) = 0 • inda,n (a) = 1 • Example: • n = 9 f (n) = 6 • a = 2 (a primitive root) • ind2, 9(7) = 4
Discrete Logarithms (cont’d) • Any z can be expressed as z = q + kf(n) • af(n)º 1 modn azºaqmodn • x = amodn , y = amodn • (amodn) (amodn) = xy = amodn = amodn inda,n (x) inda,n (y) inda,n (x) inda,n (y) inda,n (x) + inda,n (y) inda,n (xy) • inda,n (xy)= [inda,n (x) + inda,n (y)] mod f(n) • inda,n (xr)= [r * inda,n (x)] mod f(n)
