View
38
Download
0
Category
Preview:
DESCRIPTION
ADVANCED ALGORITHMS. Number-Theoretic Algorithms (UNIT-4). Elementary Number-theoretic Notions : a) Divisibility and Divisors : The notation d | a (d divides a) means : a = kd for some integer k. Here, ‘a’ is multiple of ‘d’. - PowerPoint PPT Presentation
Citation preview
ADVANCED ALGORITHMS
ADVANCED ALGORITHMSNumber-Theoretic Algorithms (UNIT-4)
12Elementary Number-theoretic Notions :
a) Divisibility and Divisors : The notation d | a (d divides a) means : a = kd for some integer k.
Here, a is multiple of d.
Here, if d 0, then d is divisor of a.The trivial divisors of a are : 1, aThe nontrivial divisors of a are called factors of a Ex-1 : Find the divisors and trivial divisors of 24.The trivial divisors of 24 : 124
The divisors of 24 : 1,2,3,4,6,8,12, and 24The factors of 24 : 2,3,4,6,8,123b) Prime and Composite Numbers : An integer a > 1, whose only divisors are trivial divisors 1 and a is a Prime Number.
An integer a > 1, which is not a prime number, is called Composite Number.
Ex-2 : Find all the first 5 prime numbers.
2,3,5,7,1139 is a composite no. since it divides by 3.1 is called unit & is neither prime nor composite.Similarly 0 and all ve nos. are neither prime nor composite.4TH-4.1 : Division Theorem
For any integer a and any positive integer n, there exists unique integers q and r such that 0 r < n and a = qn + r.The value q = a/n is the quotient of the division.
The value r = a mod n is the remainder of the division.
Here n | a ( n divides a), if and only if a mod n = 0.Ex-3 : Find the quotient and remainder of 12 and 67.The quotient : 5The remainder :75c) Common Divisors & Greatest CD : If d is a divisor of a and d is also divisor of b then d is a common divisor of a and b.
Note : a) 1 is a common divisor of any two integers.
b) If a | b and b | a then a = bEx-4: Find all the common divisors of 24 and 30.
1236Important Property :
If d | a and d | b then d | (a + b) & d | (a b)
If d | a and d | b then d | (ax + by) 6Greatest Common Divisor :
The GCD of two integers a and b , not both Zero, is the largest of the common divisors of a and b.
GCD(24, 30) = 6
Note : GCD(a,0) = |a|Relatively Prime Integers :
Two integers a and b are relatively primeif their only common divisor is 1.
i.e.,gcd(a,b) = 1The relatively primes are :(8,15)
-do-:(10,21)7TH-4.2 : If a and b are any two integers, then gcd(a,b) is the smallest positive element s of the sets = (ax + by).
Ex-5: Let a =6 & b = 21, Find the values of x , y.TH-4.3 : For any integers a, b and p, if both gcd(a,p) = 1 and gcd(b,p) = 1, then gcd(ab,p) = 1.TH-4.4 : For all primes p and all integers a and b, if p | ab then p | a or p | b or both.Unique Factorization : There is exactly one way to write any composite integer a as a product of the forma = p1^ e1. p2^ e2. p3^ e3 pr^ erwhere all pi are prime, p1 1
a ^ (n) 1 (mod n) for all a Zn* Ex-16 : Prove the Euler theorem for the following.
Let n = 7 (n) = 6 & a = {1, 2, 4}6 (b) Fermats Theorem :
If p is a prime, then ap - 1 1 (mod p)
Note that if p is a prime, then a ^ (p) = p - 1307. RSA Cryptosystem :
In RSA Cryptosystem, the public and private keys are generated as follows :
a) Select at random two large prime numbersp and q such that p q.
b) Compute n = pq c) Select a small odd integer e that is relatively prime to p-1 and q-1. (public exponent)
d) Compute the integer d (private exponent) from e, p and q such that de 1 mod L, where L = LCM [ (p-1), (q-1) ]31e) Publish P = (e,n) RSA Public Key Secret S = (d,n)RSA Secret KeyHere, e = ENCRYPT(m) = me mod n
d = DECRYPT(c) = cd mod nEx-17 : Apply RSA algorithm for the following.p = 5 q = 11 e = 3Here n = pq = 55 (n) = 40
andd : ed 1 mod L L = 20
So,d = 732Let A = Message(m)B = m2 mod n C = m3 mod n (encrypted message)
D = c2 mod n E = c3 mod n F = c6 mod n G = c7 mod n (decrypted message) ABCDEHG
0000000
111111124891714239271448493
4169261431433ABCDEHG
52515520155
636511646266
749134529789171418498
926 143149369
Here, the first column is message sent.
the third column is cipher text
the last column is decrypted message.348. Primality Testing :
a) Carmichael number
A Carmichael number is a composite positive integer which satisfies the following formula.
bn-1 1 ( mod n)for all integers b which are relativelyprime to n.Def : A positive composite integer n is a CN, iff n is square-free and for all prime divisorsp of n, it is true that (p 1) | (n 1).
The first Carmichael Number is : 561
35b) MILLER-RABIN (n,s)
for j = 1 to sa = RANDOM(1, n-1)if WITNESS (a,n)return COMPOSITEreturn PRIMEThe Procedure MILLER-RABIN is a probabilistic search for a proof that n is composite.
In the following procedure, s is the number oftimes the value of a is to be chosen at random.36c) WITNESS(a,n)
1. Let t and u be such that t 1. u is odd, and n-1 = 2t u
2. x0 = MODULAR-EXPONENTIATION(a,u,n) 3. for i = 1 to t 4. xi = x2i-1 mod n 5. if ( xi = = 1) and ( xi-1 1) and ( xi-1 n-1) 6. return TRUE 7. if xt 1 8. return TRUE 9. return FALSE37d) MODULAR-EXPONENTIATION (a, b, n)
1. c = 0d = 13. Let (bk , bk-1 , ..,b1 , b0 ) for i = k downto 0 c = 2c6. d = (d.d) mod n 7. if bi = = 18. c = c + 19. d = (d.a) mod n10. return d38Ex-18 : Let n be a carmichael number. n = 561
So, here n 1 = 560
If n 1 is written in the form of n-1 = 2t u, thent = 4 and u = 35
Let the value of a is chosen from the algorithm as : 7
From the WITNESS algorithm, find the value of x0. Here, call the MODULAR_EXPONENTIATION(a,u,n)
where a = 7 & u = 35 & n = 56139Here, d = ac mod n(c = b = u)
From above, the value of d returned is : 241
Here, x0 a35 241 (mod 561).
iinit543210bi --100011
c012481735d1749157526160 241Note :Further we can have
a70 298 (mod n) a140 166 (mod n)
a280 67 (mod n) a560 1 (mod n)40So, the sequence is : (241, 298, 166, 67, 1)
Thus, WITNESS discovers 1 in the last squaring step, since a560 1 (mod n)Therefore, a = 7 is the witness to the compo- siteness of n.WITNESS(7,N) returns TRUE.
MILLER-RABINreturns COMPOSITENote : 561 = 3 . 11 . 17419. Integer Factorization :
This is the process of integer factorization into a product of primes.Pollards rho heuristic :This heuristic here helps in finding the productof primes for the given integer.POLLARD-RHO(n)
1. i = 1 x1 = RANDOM(0, n-1)y = x1 k = 2425. While TRUE i = i + 1
xi = (x2i-1 - 1 ) mod n d = gcd(y xi , n)
if ( d 1) and (d n) print d
11. if ( i = = k)12. y = xi 13. k = 2kNote : The above algorithm generates a set of factors which are primes for the given integer.43Ex-19 : Pollards Rho Heuristic
Let n = 1387
So, Initialization : i = 1 x1 = 2y = 2k = 2WHILE :STEP-1 :i= 2
xi = (x2i-1 - 1 ) mod n x2 = 3
d = gcd(y xi , n) d = 1
if [ (d 1) and ( d n) ] FALSE
if ( i = =k) TRUEy = 3k = 444STEP-2 :i= 3
xi = (x2i-1 - 1 ) mod n x3 = 8
d = gcd(y xi , n) d = 1
if [ (d 1) and ( d n) ] FALSE
if ( i = =k) FALSESTEP-3 :i= 4
xi = (x2i-1 - 1 ) mod n x4 = 63
d = gcd(y xi , n) d = 1
if [ (d 1) and ( d n) ] FALSE
if ( i = =k) TRUE y = 63k = 845STEP-4 :i= 5
xi = (x2i-1 - 1 ) mod n x5 = 1194
d = gcd(y xi , n) d = 1
if [ (d 1) and ( d n) ] FALSE
if ( i = = k) FALSESTEP-5 :i = 6
xi = (x2i-1 - 1 ) mod n x6 = 1186
d = gcd(y xi , n) d = 1
if [ (d 1) and ( d n) ] FALSE
if ( i = = k) FALSE
46STEP-6 :i = 7
xi = (x2i-1 - 1 ) mod n x7 = 177
d = gcd(y xi , n) d = 19
if [ (d 1) and ( d n) ] TRUE Print d = 19
if ( i = = k) FALSEIf the process is continued like this, we get another factor : 73
The relation among the Xi values are shown in thenext slide : 47310996 396 814 84 x7 177
x6 1186120
x5 1194 339 529
x4 63 595 1053
x3 8
x2 3
x12
Recommended