CCCCCCCCCCCCCCCCCC

Secure Schemes for Secret Sharing and KeyDistribution using Number Theory

byDr. N. Chandramowliswaran

ProfessorSchool of Advanced Sciences, VIT

FEB. 12, 2013

Dr. N. Chandramowliswaran (VIT) INVITED TALK FEB. 12, 2013 1 / 38

The principle of induction

If Q is set of integers such that

1 ∈ Q

n ∈ Q ⇒ n+ 1 ∈ Q then

all integers ≥ 1 belongs to Q


The well-ordering principle

If A is a nonempty set of positive integers, then A contains asmallest member


Divisibility

We say d divides n and d ∣ n whenever n = cd for some c(n is multiple of d, that d is a divisor of n, or that d is a factor of n)

If d does not divide n we write d ∤ n


Properties

n ∣ n (reflexive)

d ∣ n and n ∣ m then d ∣ m (transitive)

d ∣ n and d ∣ m then d ∣ an+ bm (linearity)

d ∣ n then ad ∣ an (multiplication)

ad ∣ an and a ∕= 0 then d ∣ n (cancellation)

1 ∣ n

n ∣ 0

0 ∣ n ⇒ n = 0

d ∣ n and n ∕= 0 ⇒∣ d ∣≤∣ d ∣ (comparison)


Greatest common divisor

If d divides two integers a and b, then d is called a common divisorof a and b.

Theorem Given any two integers a and b, there is a commondivisor d of a and b of the form

d = ax+ by,where x and y are integers. Moreover every common divisor of aand b divides this d.


Theorem Given any two integers a and b, there is one and onlyone number d with the following properties:

(a) d ≥ 0(b) d ∣ a and d ∣ b(c) e ∣ a and e ∣ b implies e ∣ d

Note. d = 0 if, and only if a = b = 0. Otherwise d ≥ 1


The number d of the above theorem is called the greatestcommon divisor (gcd) of a and b.

It is denoted by (a, b)

If (a, b) = 1 then a and b are said to be relatively prime


The gcd has the following properties

(a, b) = (b, a) (commutative)

(a, (b, c)) = ((a, b), c) (associative)

(ac, bc) =∣ c ∣ (a, b) (distributive)

(a, 1) = (1, a) = 1 and (a, 0) = (0, a) = 0

If a ∣ bc and if (a, b) = 1, then a ∣ c


Defnition . An integer n is called prime if n > 1 and if the only positivedivisors of n are 1 and n. When an integer n is not prime, we say that nis composite


If a prime p does not divide a, then (p, a) = 1,

If a prime p divides ab, then p ∣ a or p ∣ b


Fundamental theorem of arithmetic

in only one way, apart from the order of the factors.

Every integer n > 1 can be represented as a product of prime factors


The division algorithm

Given integers a and b with b > 0, there exist a unique pair of integers qand r such that

a = bq + r, with 0 ≤ r < b.

Moreover, r = 0 if, and only if, b ∣ a


Mobius function �(n)

Definition : The mobius function � is defined as follows:

�(1) = 1

If n > 1, write n = pa11 pa22 . . . pakk . Then�(n) = (−1)k if a1 = a2 = ⋅ ⋅ ⋅ = ak = 1�(n) = 0 otherwise

Note: �(n) = 0 if and only if n has a square factor


Euler’s totient function �(n)

Let n ≥ 1 the Euler’s totient �(n) is defined to be the number ofpositive integers not exceeding n which are relatively prime to n.


Divisor sum

Euler classical formula∑

d∣n �(d) = n,

where the sum is over all positive divisors d of n.


�(d) is also equal to the number of possible generators of thecyclic group Cd, specifically, if Cd =< g >, then gk is a generatorfor every k coprime to d. Since every element of Cn generates acyclic subgroup, and all �(d) subgroups of Cd ≤ Cn are generatedby some element of Cn.


�(n) =∣ {k : 1 ≤ k ≤ n, gcd(n, k) = 1} ∣

�(n) = n∏

p∣n

(

1− 1p

)

, where the product is over the distinct

prime numbers dividing n


Properties

�(pk) = pk − pk−1 = pk−1(p− 1) = pk(

1− 1p

)

.

�(mn) = �(m)�(n) if (m,n) = 1

�(mn) = �(m)�(n)( d�(d)) if (m,n) = d

a ∣ b implies �(a) ∣ �(b)

�(n) is even for n ≥ 3. Moreover, if n has r distinct odd primefactors, then 2r ∣ �(n)


Congruences

Definition: Given integers a, b,m with m > 0. We say a iscongruent to b modulo m, and we write

a ≡ b(mod m) ⇐⇒ m ∣ (a− b)


Properties

Congruence is an equivalence relation

If a ≡ b(mod m) and � ≡ �(mod m), then we have(a) ax+ �y ≡ bx+ �y(mod m) for all integers x and y

(b) a� ≡ b�(mod m)

(c) an ≡ bn(mod m) for every positive integer

(d) f(a) ≡ f(b)(mod m) for every polynomial f with integercoefficients


Theorem: If c > 0 then a ≡ b(mod m) if, and only if,ac ≡ bc(mod m)

Theorem: If ac ≡ bc(mod m) and if d = (m, c), then a ≡ b(mod md)

Theorem: If a ≡ b(mod m). If d ∣ m and d ∣ a d ∣ b


Theorem: If a ≡ b(mod m) (a,m) = (b,m)

Theorem: If a ≡ b(mod m) and if 0 ≤∣ b− a ∣< m, then a = b

Theorem: If a ≡ b(mod m) and a ≡ b(mod n) where (m,n) = 1,then a ≡ b(mod mn)


Theorem: Assume (a,m) = 1. Then the linear congruenceax ≡ b(mod m)has exactly one solution

Theorem: Assume (a,m) = d. Then the linear congruenceax ≡ b(mod m)has solutions if, and only if, d ∣ b

Theorem: Assume (a, b) = d there exists integers x and y suchthat ax+ by = d


Euler-Fermat Theorem: Assume (a,m) = 1. Then we havea�(m) ≡ 1 (mod m)

Theorem: If a prime p does not divide a thenap−1 ≡ 1 (mod m)

Little Fermat Theorem: For any integer a and any prime p wehave

ap ≡ a (mod m)


CRT


Problem : Let n be a composite positive integer and let p be the

smallest prime divisor of n with np= n1. Prove that if q > n

1

3

1 thenn1

qis prime where q be the smallest prime divisor of n1.

Solution: Suppose n1

q= ab where 1 < a, b < n1

q

Let r and s be the prime divisors of a and b respectively, then rand s are also prime divisors of n1, so that

r ≥ q and s ≥ q.This implies thatq3 = q.q.q ≤ q.r.s ≤ q.a.b,that is, q3 ≤ n1 which is a contradiction. Therefore, n1

qis prime.


Problem : Let n be a composite positive integer and let p be thesmallest prime divisor of n such that p2 ∣ n. Prove that if p2 > n

p2

then np2

is prime.

Solution: Suppose np2

= ab where 1 < a, b < np2

Let r and s be the prime divisors of a and b respectively, then rand s are also prime divisors of n, so that

r ≥ p and s ≥ p.This implies thatp4 = p2.p.p ≤ p2.r.s ≤ p2.a.b,that is, p4 ≤ n which is a contradiction. Therefore, n

p2is prime.


Group theory

Definition: Given sets X and Y, the cartesian product of X and Yis

X × Y = {(x, y) ∣x ∈ X and y ∈ Y }.

Definition: Given a set A, a binary relation ∼ on A is a subset R ofA × A. If (u, v) ∈ R, we say that u is related to v and we writeu ∼ v. If (u, v) /∈ R, we say that u is not related to v.


Definition: A binary relation ∼ on A is said to be an equivalencerelation on A if for all a, b, c ∈ A1. a ∼ a (reflexivity),2. a ∼ b ⇒ b ∼ a (symmetry),3. a ∼ b and b ∼ c ⇒ a ∼ c (transitivity).

For a ∈ A, the equivalence class of a is the setcl(a) = {x ∈ A ∣ a ∼ x}.


Theorem : The distinct equivalence classes of an equivalencerelation on A provide us with a decomposition of A as a union ofmutually disjoint subsets.


Definition : Given any set A we call a mapping of A × A into A abinary operation on A. If ∗ : A × A → A is a binary operation onA, then ∗((a′, a′′)), the image of the ordered pair (a′, a′′) under ∗, isdenoted by a′ ∗ a′′.


Definition of a group

Definition : A nonempty set of elements G is said to form a groupif in G there is defined a binary operation, called the product anddenoted by ⋅, such that1. a, b ∈ G ⇒ a ⋅ b ∈ G (closure).2. a, b, c ∈ G ⇒ a ⋅ ( b ⋅ c) = ( a ⋅ b ) ⋅ c (associative law).3. There exists an element e ∈ G such that a ⋅ e = a = e ⋅ a forall a ∈ G(the existence of an identity element in G).4. For every a ∈ G there exists an element a−1 ∈ G such thata ⋅ a−1 = e = a−1 ⋅ a (the existence of inverses in G).


Properties

If G is a group, then1. The identity element of G is unique.2. Every a ∈ G has a unique inverse in G.3. For any a ∈ G, (a−1)−1 = a.4. For all a, b ∈ G, (a ⋅ b)−1 = b−1 ⋅ a−1.5. If elements a, b, c ∈ G satisfy ab = ac or ba = ca, then b = c


definition : A group G is said to be abelian (or commutative) if forevery a, b ∈ G, a ⋅ b = b ⋅ a.

A group which is not abelian is called non-abelian.

The number of elements in G is called the order of G and it isdenoted by o(G).

If o(G) is finite, then we say that G is a finite group.


Definition : A nonempty subset H of a group G is said to be asubgroup of G if, under the product in G, H itself forms a group.

Let K ⊆ H ⊆ G. If H is a subgroup of G and K is a subgroup ofH, then K is a subgroup of G.

Theorem A nonempty subset H of a group G is a subgroup of G ifand only if1. a, b ∈ H ⇒ ab ∈ H.2. a ∈ H ⇒ a−1 ∈ H.


Powers of an element

If a ∈ G we define an for any positive integer na0 = e, an = aan−1, a−n = (a−1)

n


If a ∈ G, any two powers of a commute, and for all integers m andn we haveaman = am+n, (am)n = amn = (an)m

Moreover, if a and b commute we have anbn = (ab)n


Documents

CCCCCCCCCCCCCCCCCC