1 / 4

Computing k th Roots Quickly (4/4)

Computing k th Roots Quickly (4/4). Via the Fast Exp algorithm, we know we can quickly compute large powers of large numbers modulo large numbers. What about finding roots rather than powers?

rosie
Download Presentation

Computing k th Roots Quickly (4/4)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computing kth Roots Quickly (4/4) • Via the Fast Exp algorithm, we know we can quickly compute large powers of large numbers modulo large numbers. • What about finding roots rather than powers? • Specifically, can we quickly solve the congruencexk b (mod m) ? Said another way, can we quickly find the kth root of b modulo m, that is, can we find a positive number u such that (bu)k b (mod m) ? • The answer is (sort of) yes, and the technique is a beautiful application of the Euler-Fermat Theorem and the Extended Euclidean Algorithm (which we already know is fast) applied to k and (m).

  2. How It Works • Recall: Theorem (Euler-Fermat). If GCD(b, m) = 1, then b(m)  1 (mod m). • Recall: If GCD(k, (m)) = 1, then using the Extended Euclidean Algorithm, we can write 1 as a linear combination of k and (m), i.e., we can find u and v such that u k + v(m) = 1, and moreover, by adding or subtracting multiples of (m), we can assure that 1  u < (m). • But now, combining these two ideas, and provided that GCD(b, m) = 1 and GCD(k, (m)) = 1, we get b = bu k +v (m) = (bu)k (b(m))v  (bu)k (1)v = (bu)k (mod m), i.e., bu is the kth root of b modulo m.

  3. An Example • What is the 7th root of 5 modulo 77? • We first check the two necessary conditions: Are 5 and 77 relatively prime? Yes, so we can apply E-F. Also, are 7 and (77) = 60 relatively prime? Yes. • Running the EEA, we get (-17)(7) + (2)(60) = 1, i.e, u = -17 + 60 = 43. • Hence the 7th root of 5 (mod 77) is 543 (mod 77), which by Fast Exp is 26. • Let’s check. By Fast Exp, 267(mod 77) = 5, as desired. • Filling in the sequence of steps:5 = 5(-17)(7)+(2)(60) = 5(43)(7)+(-5)(60) = (543)7(560)-5  (543)7(1)-5 = (543)7  267 (mod 77).

  4. Will It Work on Large Numbers? • The answer is: “Sort of”, and the snag is in a place you might not at first expect it. • Let’s look back at the algorithm and see if we can spot the trouble point. • This snag may seem unfortunate, but it turns out that it is exactly this snag which makes “RSA encryption” work. • Assignment for Monday: 1. Read Chapter 17,2. By hand compute the 5th root of 2 mod 19, 3. Do Exercise 17.2. I strongly suggest you fire up Mathematicaand make use of the functions PowerMod, GCD, ExtendedGCD, and/or FactorInteger. If you’re clever, they can be solved by applying a single line of code. Answers are (I think): a. 37 b. 559

More Related