ADVANCED ALGORITHMS. Number-Theoretic Algorithms (UNIT-4). Elementary Number-theoretic Notions : a) Divisibility and Divisors : The notation d | a (d divides a) means : a = kd for some integer k. Here, ‘a’ is multiple of ‘d’. - PowerPoint PPT Presentation
ADVANCED ALGORITHMS
ADVANCED ALGORITHMSNumber-Theoretic Algorithms (UNIT-4)
12Elementary Number-theoretic Notions :
a) Divisibility and Divisors : The notation d | a (d divides a)
means : a = kd for some integer k.
Here, a is multiple of d.
Here, if d 0, then d is divisor of a.The trivial divisors of a
are : 1, aThe nontrivial divisors of a are called factors of a Ex-1
: Find the divisors and trivial divisors of 24.The trivial divisors
of 24 : 124
The divisors of 24 : 1,2,3,4,6,8,12, and 24The factors of 24 :
2,3,4,6,8,123b) Prime and Composite Numbers : An integer a > 1,
whose only divisors are trivial divisors 1 and a is a Prime
Number.
An integer a > 1, which is not a prime number, is called
Composite Number.
Ex-2 : Find all the first 5 prime numbers.
2,3,5,7,1139 is a composite no. since it divides by 3.1 is
called unit & is neither prime nor composite.Similarly 0 and
all ve nos. are neither prime nor composite.4TH-4.1 : Division
Theorem
For any integer a and any positive integer n, there exists
unique integers q and r such that 0 r < n and a = qn + r.The
value q = a/n is the quotient of the division.
The value r = a mod n is the remainder of the division.
Here n | a ( n divides a), if and only if a mod n = 0.Ex-3 :
Find the quotient and remainder of 12 and 67.The quotient : 5The
remainder :75c) Common Divisors & Greatest CD : If d is a
divisor of a and d is also divisor of b then d is a common divisor
of a and b.
Note : a) 1 is a common divisor of any two integers.
b) If a | b and b | a then a = bEx-4: Find all the common
divisors of 24 and 30.
1236Important Property :
If d | a and d | b then d | (a + b) & d | (a b)
If d | a and d | b then d | (ax + by) 6Greatest Common Divisor
:
The GCD of two integers a and b , not both Zero, is the largest
of the common divisors of a and b.
GCD(24, 30) = 6
Note : GCD(a,0) = |a|Relatively Prime Integers :
Two integers a and b are relatively primeif their only common
divisor is 1.
i.e.,gcd(a,b) = 1The relatively primes are :(8,15)
-do-:(10,21)7TH-4.2 : If a and b are any two integers, then
gcd(a,b) is the smallest positive element s of the sets = (ax +
by).
Ex-5: Let a =6 & b = 21, Find the values of x , y.TH-4.3 :
For any integers a, b and p, if both gcd(a,p) = 1 and gcd(b,p) = 1,
then gcd(ab,p) = 1.TH-4.4 : For all primes p and all integers a and
b, if p | ab then p | a or p | b or both.Unique Factorization :
There is exactly one way to write any composite integer a as a
product of the forma = p1^ e1. p2^ e2. p3^ e3 pr^ erwhere all pi
are prime, p1 1
a ^ (n) 1 (mod n) for all a Zn* Ex-16 : Prove the Euler theorem
for the following.
Let n = 7 (n) = 6 & a = {1, 2, 4}6 (b) Fermats Theorem :
If p is a prime, then ap - 1 1 (mod p)
Note that if p is a prime, then a ^ (p) = p - 1307. RSA
Cryptosystem :
In RSA Cryptosystem, the public and private keys are generated
as follows :
a) Select at random two large prime numbersp and q such that p
q.
b) Compute n = pq c) Select a small odd integer e that is
relatively prime to p-1 and q-1. (public exponent)
d) Compute the integer d (private exponent) from e, p and q such
that de 1 mod L, where L = LCM [ (p-1), (q-1) ]31e) Publish P =
(e,n) RSA Public Key Secret S = (d,n)RSA Secret KeyHere, e =
ENCRYPT(m) = me mod n
d = DECRYPT(c) = cd mod nEx-17 : Apply RSA algorithm for the
following.p = 5 q = 11 e = 3Here n = pq = 55 (n) = 40
andd : ed 1 mod L L = 20
So,d = 732Let A = Message(m)B = m2 mod n C = m3 mod n (encrypted
message)
D = c2 mod n E = c3 mod n F = c6 mod n G = c7 mod n (decrypted
message) ABCDEHG
0000000
111111124891714239271448493
4169261431433ABCDEHG
52515520155
636511646266
749134529789171418498
926 143149369
Here, the first column is message sent.
the third column is cipher text
the last column is decrypted message.348. Primality Testing
:
a) Carmichael number
A Carmichael number is a composite positive integer which
satisfies the following formula.
bn-1 1 ( mod n)for all integers b which are relativelyprime to
n.Def : A positive composite integer n is a CN, iff n is
square-free and for all prime divisorsp of n, it is true that (p 1)
| (n 1).
The first Carmichael Number is : 561
35b) MILLER-RABIN (n,s)
for j = 1 to sa = RANDOM(1, n-1)if WITNESS (a,n)return
COMPOSITEreturn PRIMEThe Procedure MILLER-RABIN is a probabilistic
search for a proof that n is composite.
In the following procedure, s is the number oftimes the value of
a is to be chosen at random.36c) WITNESS(a,n)
1. Let t and u be such that t 1. u is odd, and n-1 = 2t u
2. x0 = MODULAR-EXPONENTIATION(a,u,n) 3. for i = 1 to t 4. xi =
x2i-1 mod n 5. if ( xi = = 1) and ( xi-1 1) and ( xi-1 n-1) 6.
return TRUE 7. if xt 1 8. return TRUE 9. return FALSE37d)
MODULAR-EXPONENTIATION (a, b, n)
1. c = 0d = 13. Let (bk , bk-1 , ..,b1 , b0 ) for i = k downto 0
c = 2c6. d = (d.d) mod n 7. if bi = = 18. c = c + 19. d = (d.a) mod
n10. return d38Ex-18 : Let n be a carmichael number. n = 561
So, here n 1 = 560
If n 1 is written in the form of n-1 = 2t u, thent = 4 and u =
35
Let the value of a is chosen from the algorithm as : 7
From the WITNESS algorithm, find the value of x0. Here, call the
MODULAR_EXPONENTIATION(a,u,n)
where a = 7 & u = 35 & n = 56139Here, d = ac mod n(c = b
= u)
From above, the value of d returned is : 241
Here, x0 a35 241 (mod 561).
iinit543210bi --100011
c012481735d1749157526160 241Note :Further we can have
a70 298 (mod n) a140 166 (mod n)
a280 67 (mod n) a560 1 (mod n)40So, the sequence is : (241, 298,
166, 67, 1)
Thus, WITNESS discovers 1 in the last squaring step, since a560
1 (mod n)Therefore, a = 7 is the witness to the compo- siteness of
n.WITNESS(7,N) returns TRUE.
MILLER-RABINreturns COMPOSITENote : 561 = 3 . 11 . 17419.
Integer Factorization :
This is the process of integer factorization into a product of
primes.Pollards rho heuristic :This heuristic here helps in finding
the productof primes for the given integer.POLLARD-RHO(n)
1. i = 1 x1 = RANDOM(0, n-1)y = x1 k = 2425. While TRUE i = i +
1
xi = (x2i-1 - 1 ) mod n d = gcd(y xi , n)
if ( d 1) and (d n) print d
11. if ( i = = k)12. y = xi 13. k = 2kNote : The above algorithm
generates a set of factors which are primes for the given
integer.43Ex-19 : Pollards Rho Heuristic
Let n = 1387
So, Initialization : i = 1 x1 = 2y = 2k = 2WHILE :STEP-1 :i=
2
xi = (x2i-1 - 1 ) mod n x2 = 3
d = gcd(y xi , n) d = 1
if [ (d 1) and ( d n) ] FALSE
if ( i = =k) TRUEy = 3k = 444STEP-2 :i= 3
xi = (x2i-1 - 1 ) mod n x3 = 8
d = gcd(y xi , n) d = 1
if [ (d 1) and ( d n) ] FALSE
if ( i = =k) FALSESTEP-3 :i= 4
xi = (x2i-1 - 1 ) mod n x4 = 63
d = gcd(y xi , n) d = 1
if [ (d 1) and ( d n) ] FALSE
if ( i = =k) TRUE y = 63k = 845STEP-4 :i= 5
xi = (x2i-1 - 1 ) mod n x5 = 1194
d = gcd(y xi , n) d = 1
if [ (d 1) and ( d n) ] FALSE
if ( i = = k) FALSESTEP-5 :i = 6
xi = (x2i-1 - 1 ) mod n x6 = 1186
d = gcd(y xi , n) d = 1
if [ (d 1) and ( d n) ] FALSE
if ( i = = k) FALSE
46STEP-6 :i = 7
xi = (x2i-1 - 1 ) mod n x7 = 177
d = gcd(y xi , n) d = 19
if [ (d 1) and ( d n) ] TRUE Print d = 19
if ( i = = k) FALSEIf the process is continued like this, we get
another factor : 73
The relation among the Xi values are shown in thenext slide :
47310996 396 814 84 x7 177
x6 1186120
x5 1194 339 529
x4 63 595 1053
x3 8
x2 3
x12
