1 / 32

CRYPTOGRAPHY AND INFORMATION SECURITY

CRYPTOGRAPHY AND INFORMATION SECURITY. Lecturer: Dr. Nguyen Nam Hong Tel.: 048781437. Mob.: 0912312816. Email: nguyennamhong2003@yahoo.com.au Website: www.freewebs.com/namhongthanhloc Chapter 9. Introduction to Number Theory. Chapter 9. Introduction to Number Theory (1/3).

dea
Download Presentation

CRYPTOGRAPHY AND INFORMATION SECURITY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. CRYPTOGRAPHY AND INFORMATION SECURITY Lecturer: Dr. Nguyen Nam Hong Tel.: 048781437. Mob.: 0912312816. Email: nguyennamhong2003@yahoo.com.au Website: www.freewebs.com/namhongthanhloc Chapter 9. Introduction to Number Theory

  2. Chapter 9. Introduction to Number Theory (1/3) 9.01. Prime Numbers 9.02. Prime Factoriasation 9.03. Relative Prime Numbers and GCD 9.04. Fermat Theorem 9.05. Euler totient Function 9.06. Eurler Theorem 9.07. Inverses Using Euler Theorem 9.08. Primarity Testing 9.09. Miller Rabin Algorithms Dr. Nguyen Nam Hong, Le Quy Don Technical University

  3. Chapter 9. Introduction to Number Theory (2/3) 9.10. Probabilistic Considerations 9.11. Prime Distribution 9.12. Chinese Remainder Theorem 9.13. Utility of the CRT 9.14. Inverses Using the CRT 9.15. Primary Roots 9.16. Discrete Logarithms 9.17. Rapid Exponent 9.18. Summary Dr. Nguyen Nam Hong, Le Quy Don Technical University

  4. Prime Numbers (1/2) • prime numbers only have divisors of 1 and self • they cannot be written as a product of other numbers • note: 1 is prime, but is generally not of interest • eg. 2,3,5,7 are prime, 4,6,8,9,10 are not • prime numbers are central to number theory

  5. Prime Numbers (2/2) • list of prime number less than 200 is: 2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71 73 79 83 89 97 101 103 107 109 113 127 131 137 139 149 151 157 163 167 173 179 181 191 193 197 199

  6. Prime Factorisation • to factor a number n is to write it as a product of other numbers: n=a × b × c • note that factoring a number is relatively hard compared to multiplying the factors together to generate the number • the prime factorisation of a number n is when its written as a product of primes • eg. 91=7×13 ; 3600=24×32×52

  7. Relatively Prime Numbers & GCD • two numbers a, b are relatively primeif have no common divisors apart from 1 • eg. 8 & 15 are relatively prime since factors of 8 are 1,2,4,8 and of 15 are 1,3,5,15 and 1 is the only common factor • conversely can determine the greatest common divisor by comparing their prime factorizations and using least powers • eg. 300=21×31×52 18=21×32 hence GCD(18,300)=21×31×50=6

  8. Fermat's Theorem • ap-1 mod p = 1 • where p is prime and gcd(a,p)=1 • also known as Fermat’s Little Theorem • useful in public key and primality testing • Ifx = ap-2 mod p thena*x mod p = 1 so x will be the inverse of a in prime p.

  9. Euler Totient Function (n) (1/4) • when doing arithmetic modulo n • complete set of residuesis: 0..n-1 • reduced set of residuesis those numbers (residues) which are relatively prime to n • eg for n=10, • complete set of residues is {0,1,2,3,4,5,6,7,8,9} • reduced set of residues is {1,3,7,9} • number of elements in reduced set of residues is called the Euler Totient Function (n)

  10. Euler Totient Function (n) (2/4) • to compute (n) need to count number of elements to be excluded • in general need prime factorization, but • for p (p prime) (p) = p-1 • for p.q (p,q prime) (p.q) = (p-1)(q-1) • eg. • (37) = 36 • (21) = (3–1)×(7–1) = 2×6 = 12

  11. Euler Totient Function (n) (3/4) case 2: n = pk (with p prime and k an integer) (n) = (pk) = pk - pk-1(pk) = pk-1(p-1) From the pk elements of the CSR, we will subtract all the factors 1p, 2p, 3p, ...(pk-1-1)p and the zero. Example: • RSR(16) = {1,3,5,7,9,11,13,15} (16) = (24) = 24-1(2-1) = 8 • (125) = (53) = 53-1(5-1) = 100 Chapter 7 : Number Theory

  12. Euler Totient Function (n) (4/4) case 3: n = p1e1p2e2 ... ptet (pi are primes) t (n) =  piei-1 (pi - 1) i=1 Example: • RSR(20) = {1, 3, 7, 9, 11, 13, 17, 19} (20) = (22 5) = 8 • (360) = (23 325) = 96 Chapter 7 : Number Theory

  13. Euler Theorem • a generalisation of Fermat's Theorem • aø(n) mod N = 1 • where gcd(a,N)=1 • eg. • a = 3; n = 10; ø(10) = 4; hence 34 = 81 = 1 mod 10 • a = 2; n = 11; ø(11) = 10; hence 210 = 1024 = 1 mod 11

  14. Inverses using Euler theorem • If GCD(a,n)=1 then • x =a-1 mod n = a(n)-1 mod n • Example: • inv (4, 9) • (9) = 6  x = 46-1 mod 9 = 7 • Hence inv (4, 9) = 7 and inv (7, 9) = 4 Chapter 7 : Number Theory

  15. Primality Testing (1/2) • often need to find large prime numbers • traditionally sieve using trial division • ie. divide by all numbers (primes) in turn less than the square root of the number • only works for small numbers

  16. Primality Testing (2/2) • alternatively can use statistical primality tests based on properties of primes • for which all primes numbers satisfy property • but some composite numbers, called pseudo-primes, also satisfy the property

  17. Miller Rabin Algorithm • a test based on Fermat’s Theorem • algorithm is: TEST (n) is: 1. Find integers k, q, k > 0, q odd, so that (n–1) = 2kq 2. Select a random integer a, 1<a<n–1 3. if aqmod n = 1 then return (“maybe prime"); 4. for j = 0 to k – 1 do 5. if (a2jqmod n = n-1) then return(“maybe prime") 6. return ("composite“)

  18. Probabilistic Considerations • if Miller-Rabin returns “composite” the number is definitely not prime • otherwise is a prime or a pseudo-prime • chance it detects a pseudo-prime is < ¼ • hence if repeat test with different random a then chance n is prime after t tests is: • Pr(n prime after t tests) = 1-4-t • eg. for t = 10 this probability is > 0.99999

  19. Prime Distribution • prime number theorem states that primes occur roughly every (ln n) integers • since can immediately ignore evens and multiples of 5, in practice only need test 0.4 ln(n) numbers of size n before locate a prime • note this is only the “average” sometimes primes are close together, at other times are quite far apart

  20. Chinese Remainder Theorem (1/3) • used to speed up modulo computations • working modulo a product of numbers • eg. mod M = m1m2..mk • Chinese Remainder theorem lets us work in each moduli mi separately • since computational cost is proportional to size, this is faster than working in the full modulus M

  21. Chinese Remainder Theorem (2/3) • can implement CRT in several ways • to compute (A mod M) can firstly compute all (ai mod mi) separately and then combine results to get answer using:

  22. Chinese Remainder Theorem (3/3) • If n = d1d2d3 ... dtwith di = piei (p prime) • The system of equations: x mod di = xi (i = 1, 2, 3, ... t) • It has a common solution in [0, n-1 t x =  (n/di)yixi mod n i=1 with yi = inv [(n/di), di Chapter 7 : Number Theory

  23. Utility of the CRT • Calculating the inverse of a modulon through the Chinese Remainder Theorem is quite boring and quite absurd as you´ve already noticed • In the Chinese Remainder Theorem algorithm´s development for finding an inverse other inverses must be calculated and this makes no sense... • Besides other things, when we see the RSA cipher system and the chapter dedicated to Cryptographic Protocols, we'll see an interesting application of this theorem. Chapter 7 : Number Theory

  24. Inverses using CRT (1) Problem: find x = inv (49, 3.960) n= 3.960  n = 2332511 = d1d2d3d4 = 89511 a = 49 b = 1 We form the generic equations: a  xi mod di = b 49x1 mod 8 = 1 49x2 mod 9 = 1 49x3 mod 5 = 1 49x4 mod 11 = 1 Chapter 7 : Number Theory

  25. Inverses using CRT (2) 49x1 mod 8 = 1  1x1 mod 8 = 1  x1 = 1 49x2 mod 9 = 1  4x2 mod 9 = 1  x2 = 7 49x3 mod 5 = 1  4x3 mod 5 = 1  x3 = 4 49x4 mod 11 = 1  5x4 mod 11 = 1  x4 = 9 Hence x1 = 1 x2 = 7 x3 = 4 x4 = 9 Chapter 7 : Number Theory

  26. Inverses using CRT (3) We solve now the auxiliary equation of the Chinese Remainder Theorem yi = inv [(n/di), di y1 = inv [3.960/8), 8 = inv (495, 8) = 7 y2 = inv [(3.960)/9, 9 = inv (440, 9) = 8 y3 = inv [(3.960)/5, 5 = inv (792,5) = 3 y4 = inv [(3.960)/11, 11 = inv (360, 11) = 7 Hence: y1 = 7 y2 = 8 y3 = 3 y4 = 7 Chapter 7 : Number Theory

  27. Inverses using CRT (4) We finally compute x = [(n/d1)y1x1 + (n/d2)y2x2 + (n/d3)y3x3 + (n/d4)y4x4 = [49571 + 44087 + 79234 + 36079 mod 3.960 = [3.465 + 880 + 1.584 + 2.880 mod 3.960 = 889 Hence: x = inv (49, 3.960) = 889 Chapter 7 : Number Theory

  28. Primitive Roots • from Euler’s theorem have aø(n)mod n=1 • consider ammod n=1, GCD(a,n)=1 • must exist for m= ø(n) but may be smaller • once powers reach m, cycle will repeat • if smallest is m= ø(n) then a is called a primitive root • if p is prime, then successive powers of a "generate" the group mod p • these are useful but relatively hard to find

  29. Discrete Logarithms (1/2) • the inverse problem to exponentiation is to find the discrete logarithmof a number modulo p • that is to find x where ax = b mod p • written as x=loga b mod p or x=inda,p(b)

  30. Discrete Logarithms (2/2) • if a is a primitive root then always exists, otherwise may not • x = log3 4 mod 13 (x st 3x = 4 mod 13) has no answer • x = log2 3 mod 13 = 4 by trying successive powers • whilst exponentiation is relatively easy, finding discrete logarithms is generally a hard problem

  31. Rapid exponentiation algorithm • Problem: Find x = AB mod n • Prepare: Obtain binary representation of the B exponent with k bits: • B2  bk-1bk-2...bi...b1b0 • Algorithm: • Do x = 1 • For i = k-1, ..., 0 do • x = x2 mod n • If (bi = 1) then x = xA mod n • Example: 1983 mod 91 = 24 • (used just 16 operations) Chapter 7 : Number Theory

  32. Summary • have considered: • prime numbers • Fermat’s and Euler’s Theorems • Primality Testing • Chinese Remainder Theorem • Discrete Logarithms • Rapid Exponentiation Algorithm

More Related