Computational Number Theory: Euclidean Algorithm, Modular Inverses, Primitives, Slides of Cryptography and System Security

Download Computational Number Theory: Euclidean Algorithm, Modular Inverses, Primitives and more Slides Cryptography and System Security in PDF only on Docsity!

Computational

Number Theory 1

2

Extended Euclidean

Algorithm

INPUT: non-negative integers ( x, `y ) not both 0

OUTPUT: integers ( g, s, t ) with g = gcd( x,y )

and s,t satisfying sx + ty = g

(g, s, t) ExtendedGCD(x, y){

if (y == 0) return (x,1,1);

(g, s, t) = ExtendedGCD(y, x mod y);

return (g, t, );

s − t

x

y

4

Lagrange, Euler and

Fermat

DEF: Let g be an element of a finite group G.

The order of g “o( g )” is the smallest positive

number n such that.

Lagrange’s THM: Let N = | G |. The order of any

element is a divisor of N. I.e. for all g , o( g ) | N.

COR1 - Euler’s THM: Let G =. If m is rel.

prime to n , then so

COR2 - Fermat’s little THM: Let G = with

p prime. Then for all m,. If in

addition gcd( m , p )= 1 then_._

g

n

Z

∗ n

o ( m )|!( n ) m

!( n )

mod n = 1

Z

∗ p

m

p

≡ p m

m

p − 1

mod p = 1

5

Primitives Revisited

Let G be a group of cardinality N.

RECALL: g is primitive in G iff o( g ) = N.

Equivalently: all elements are powers of g. G is

called cyclic if it has a primitive element.

TESTING LEMMA: Let be the

prime factors of N = | G |. Then an element g is

primitive iff:

LEMMA: Suppose g is primitive in G. Then is

primitive iff gcd( i, N ) = 1.

Theorem: The multiplicative ring of any finite

field is cyclic. In particular is cyclic.

g

i

Z

∗ p

p 1 , p 2 ,... , pt

∀ pi , g

N

pi "= 1.

7

Validity of Primitivity

Algorithm

LEMMA: If G is cyclic with cardinality factoring

into then the probability of

success is:

COR 1 : If is cyclic, then the

probability of success is

COR2: If with p = 2 q + 1 and p, q

prime: the probability of success is^1

2

−

1

p − 1

G = Z

∗ m !(!( m ))

!( m )

G = Z

∗ p

N = p

e 1

1 p

e 2

2 · · ·^ p

et t !( N ) N

=

t

i = 1

(

1 −

1 pi

)

8

Group Exponentiation

INPUT: Element , exponent e ≥ 0

OUTPUT:

EXTERNAL: Black box for multiplication

FastExponentiation( g, e ){

= Binary( n )

a = g, b = 1

for i = 0 to k {

if , { } // using black-box

// using black-box

}

return b

}

xk xk − 1... x 0

xi == 1

g ∈ G

g

e

b = a · b

a = a · a

10

Quadratic Residues

and Legendre Symbol

DEF: A quadratic residue mod p is an

integer with a square root in. Legendre

symbol:

Notation QR ( p ) = {quadratic residues mod p }

LEMMA: For odd p and g primitive.

I.e. is a quadratic residue iff i is even.

Z

∗ p

n

p

0 , if n mod p = 0

1 , else if ∃ m , m

2

≡ p n

− 1 , else

( gi p

) = − 1 i

g

i

11

Square Roots mod- p

Following gives simple Quadratic Residue Test:

COR:

LEMMA 1 : Let p be and odd prime. For each

quadratic residue n mod p there are exactly

two square roots of n of the form ± r.

LEMMA2: Suppose also that p mod 4 = 3. If n

is a quadratic residue mod p , then a square

root of n is obtained by the formula

n

p

= n

p − 1 (^2) mod p

r = n

p + 1

4 mod p