780 likes | 1.77k Views
Extended Euclidean Algorithm. Presented by Lidia Abrams Anne Cheng. Euclidean Algorithm THEOREM. If m and n are any integers, not both zero, then the Greatest Common Divisor of m and n , denoted gcd(m,n) is the largest of the common divisors of m and n. FORMULA.
E N D
Extended Euclidean Algorithm Presented by Lidia Abrams Anne Cheng
Euclidean Algorithm THEOREM • If m and n are any integers, not both zero, then the Greatest Common Divisor of m and n, denoted gcd(m,n) is the largest of the common divisors of m and n.
FORMULA • To compute the gcd of two numbers m and n, let r0 = m, let r1 = n, and compute successive quotients and remainders ri-1 = qi+1 xri + ri+1 for i = 1,2,…until some remainder rn+1 is 0. The last nonzero remainder rn is then the greatest common divisor of m and n.
FLOWCHART Ensure m ≥ n Find remainder Is r = 0 No Interchange Yes Terminate
ALGORITHM //Computes gcd(m, n) by Euclid’s algorithm //Input: Two nonnegative, not-both-zero integers m and n //Output: Greatest common divisor of m and n //***************************************************** 1. If m < n, exchange m and n 2. If n = 0, return m, terminate; else step 3. 3. Divide m by n and let r be the remainder. (0 ≤ r < n) 4. If r = 0, terminate; n is the answer. 5.Set m = n, n = r, and go back to step 3.
ALGORITHM -- Pseudocode Euclid(m , n) • If n = 0 • then return m • else return Euclid(n, m mod n)
EXAMPLE Calculate: gcd(22, 60) = gcd(60,22) 60 = 2 x 22 + 16 = Euclid(22,16) 22 = 1 x 16 + 6 = Euclid(16,6) 16 = 2 x 6 + 4 = Euclid(6,4) 6 = 1 x 4 + 2 gcd = Euclid(4,2) 4 = 2 x 2 + 0 = Euclid(2,0) = 2.
Extended Euclid’s AlgorithmTHEOREM • If m and n are any positive integers, not both zero, gcd(m, n) is the smallest positive element of the set {am + bn: a,b in Z} of linear combinations of m and n. Thus: am + bn = gcd(m, n) =d
Start a=0 a’=1 c=m b=1 b’=0 d=n q=quotient(c%d) r=remainder(c%d) Yes Stop r = 0? No c = d, d = r t=a’, a’=a, a= t - qa; t=b’, b’=b, b=t - qb; FLOWCHART S1: m > 0, n >0 S2: c = m > 0, d = n > 0, a = b’= 0, a’b = 1. S3: am+bn = d, a’m+b’n = c = qd + r, 0 ≤ r < d, gcd(c,d) = gdc(m,n) S4: am + bn = f = gcd(m, n). S5: am+bn = d, a’m+b’n = c = qd + r, 0 < r < d m gcd(c,d) = gcd(m,n). S6: am+bn = d, a’m+b’n = c, d > 0, gcd(c,d) = gcd(m,n)
ALGORITHM //Input: Two positive integers m and n //Output: Greatest common divisor d and two integers a and b, such that am + bn = d //***************************************************** • Set a’ = b = 1, a = b’ = 0, c = m, d = n. • Let q, r be the quotient and remainder, respectively, of c divided by d. (We have c = qd + r, 0 ≤ r < d) • If r = 0, terminate; we have in this case am + bn = d as desired. • Set c = d, d = r, t = a’, a’ = a, a = t – qa, t = b’, b’ = b, b = t – qb, and go back to step 2.
ALGORITHM – Pseudocode Extended-Euclid(m, n) • If n = 0 • then return (m, 1, 0) • (d’, a’, b’) = Extended-Euclid(n, m mod n) • (d , a , b) = (d’, b’, a’ – floor(a/b)b’) • return (d, a, b)
EFFICIENCY • The number of recursive calls made in Euclid is equal to the number of recursive calls made in Extended-Euclid, the running times of both algorithms are the same, to within a constant factor. • For a > b > 0, the number of recursive calls is O(logn).
EXAMPLE m = 2 x n + 16 n = 1 x 16 + 6 16 = 2 x 6 + 4 6 = 1 x 4 + 2 4 = 2 x 2 + 0 16 = m – 2n 6 = n – 1 x 16 = n – 1 x (m – 2n) = -m + 3n 4 = 16 – 2 x 6 = (m – 2n) – 2 x ( -m + 3n) = (3m – 8n) 2 = 6 – 1 x 4 = (-m + 3n) – 1 x (3m – 8n) = -4m + 11n
Example – cont. m n r q a b a = 1 - 2*0 = 1 b = 0 - 2*1 = -2 Next a = next-to-last a - q*(last a) Next b = next-to-last b - q*(last b)
Example – cont. m n r q a b a = 0 - 1*1 = -1 b = 1 - 1*(-2) = 3
Example – cont. m n r q a b a = 1 - 2*(-1) = 3 b = -2 - 2*3 = -8
Example – cont. m n r q a b a = -1 - 1*3 = -4 b = 3 - 1*(-8) = 11
Euclid’s Game !! The game is really very simple. It helps clarify the Euclid's algorithm and the notion of the Greatest Common Divisor of two integers. The difference of any two numbers is divisible by their gcd. Assuming the two original numbers are N and M and N>M (In the applet they are never equal.) Then the only numbers that could be obtained by taking differences are the multiples of gcd(N,M). Furthermore, all such numbers will eventually appear on the board regardless of the sequence of moves (why?). Therefore, the total number of integers that will be written on the board equals N/gcd(N,M). From here you may calculate whether it's preferable to start or let the computer make the first move. http://www.cut-the-knot.com/blue/EuclidAlg.shtml
CRYPTOGRAPHY-- RSA • Background: RSA was developed by 3 MIT researchers: Ronald Rivest, Adi Shamir, and Leonard Adleman • Searching for a more complete Public Key Cryptography approach than Diffie-Hellman. • Published in 1977 and Patented in September 2000. • 2 sets of keys, public and private keys. • Strength of RSA comes from the difficulty of factoring large prime numbers. • RSA algorithm is based on the fact that there is no efficient way to factor very large numbers. Deducing an RSA key, therefore, requires an extraordinary amount of computer processing power and time. • RSA PROVING: http://www.di-mgt.com.au/rsa_theory.html
Encryption:: P(M)– public key pair (e,n) C = P(M), where C = Me mod n e = public exponent, which is relative prime number to (p-1)(q-1) Decryption:: S(m)– private key pair (d,n). S(C ) = M, where M = Cd mod n d = private exponent, which is any integer satisfies (ed-1)/ (p-1)(q-1) is an integer. RSA ConceptsM = message C = encrypted message
RSA– Steps to encrypt data • Select 2 prime numbers: p & q. • Find the n = p*q, where n is the public and private key pairs • Find e. e must be relative prime to (p-1)(q-1) • Find d. d must be chosen so (ed-1)/(p-1)(q-1) is an integer by using Extended Euclidean Algorithm. If d satisfies the equation, then d will be the multiplicative inverse of e. • Discard p and q. only the public key(e,n) and private(d,n) are needed now.
How to get Key pairs??? • Select 2 prime numbers: p = 11, q = 3 • Find n = p*q : n = 11*3=33 • Find e, relative prime, to (11-1)*(3-1) = 20: e = 3 • Find d, making (ed-1)/(p-1)(q-1) is an integer. • (3d-1)/10 = k, where k is an integer become • 3d -1 = 10k 3d + (-10) k = 1 using Extended Euclidean Algorithm to find integer d, k d = 7 k = 2, it satisfies the eqn • (3*7-1)/10 = 2 (=k) is an integer. • Discard p,q: public pair(e,n) vs. private pair(d,n) public(3,33) vs. private(7,33)
How to encrypt data “G” now??? Since we have the public key pairs(3,33) and private key pairs(7,33), we can encrypt our data now. For example, we want to encrypt “GO.” In alphabet, G = 7 and O = 15. First, we encrypt “G.” We know: C = P(M) = encrypted data. Thus, M = 7 and find C? C = P(7) = Me mod n = 73 mod 33 = 13 C = 13
How to decrypt data “G” now?? Since we have C = 13 and private key pair is (7,33), M = S( C)= Cd mod n.We can apply: M = 137 mod 33 = M = 7. Then, according to alphabet , M = 7 is the location of “G” Note: a = bc mod n = (b mod n) * (c mod n)
To encrypt vs. decrypt “O” Public(e,n) = public(3,33) Private(d,n) = private(7,33) To encrypting: C = Me mod n O = 15 M C = P(M) = P(15) = 153 mod 33 = 9 To decrypting: M = Cd mod n M = 97 mod 33 = 15. http://sci.vu.edu.au/~drw/scriptlets/rsa.html
Issue?? The n is 33. there are 0-32 n’s maps to a unique code C in the same range in a sort of random manner. In this case, we have 9 values of m to the same value of C – these are know as unconcealed message. We always have the issue of M=0 or M = 1 no matter how large n is . However, in practice, higher values shouldn’t be a problem when we use large values of n.
RSA Conclusion • Bigger is Better: In practice, large values for p and q should be used to create keys of about 100 digits, or even more. The larger the key strings are, the more difficult • By convenient accident, the program doesn’t echo the values of p and q. That is just as well, because those two numbers must never be revealed. After you have your key numbers, you no longer need p and q, so all traces of those two numbers can and probably should be erased. • To do the encryption (C = me mod n) is very easy, but it is very difficult to decrypt M = cd mod n.
QUESTIONS & ANSWERS