Computing k th Roots Quickly (4/4) • Via the Fast Exp algorithm, we know we can quickly compute large powers of large numbers modulo large numbers. • What about finding roots rather than powers? • Specifically, can we quickly solve the congruence x k b (mod m) ? Said another way, can we quickly find the k th root of b modulo m, that is, can we find a positive number u such that (b u ) k b (mod m) ? • The answer is (sort of) yes, and the technique is a beautiful application of the Euler-Fermat Theorem and the Extended Euclidean Algorithm (which we already know is fast) applied to k and (m).

Computing k th Roots Quickly (4/4) Via the Fast Exp algorithm, we know we can quickly compute large powers of large numbers modulo large numbers. What

Download PPTX Report

Upload
derek-sherman
View
218
Download
0

Embed Size (px)

Citation preview

Computing kth Roots Quickly (4/4)• Via the Fast Exp algorithm, we know we can quickly

compute large powers of large numbers modulo large numbers.

• What about finding roots rather than powers?• Specifically, can we quickly solve the congruence

xk b (mod m) ? Said another way, can we quickly find the kth root of b modulo m, that is, can we find a positive number u such that (bu)k b (mod m) ?

• The answer is (sort of) yes, and the technique is a beautiful application of the Euler-Fermat Theorem and the Extended Euclidean Algorithm (which we already know is fast) applied to k and (m).

Page 2: Computing k th Roots Quickly (4/4) Via the Fast Exp algorithm, we know we can quickly compute large powers of large numbers modulo large numbers. What

How It Works• Recall: Theorem (Euler-Fermat). If GCD(b, m) = 1,

then b(m) 1 (mod m). • Recall: If GCD(k, (m)) = 1, then using the Extended

Euclidean Algorithm, we can write 1 as a linear combination of k and (m), i.e., we can find u and v such that u k + v (m) = 1, and moreover, by adding or subtracting multiples of (m), we can assure that 1 u < (m).

• But now, combining these two ideas, and provided that GCD(b, m) = 1 and GCD(k, (m)) = 1, we get b = bu k + v (m) = (bu)k (b(m))v (bu)k (1)v = (bu)k (mod m), i.e., bu is the kth root of b modulo m.

Page 3: Computing k th Roots Quickly (4/4) Via the Fast Exp algorithm, we know we can quickly compute large powers of large numbers modulo large numbers. What

An Example• What is the 7th root of 5 modulo 77?• We first check the two necessary conditions: Are 5 and 77

relatively prime? Yes, so we can apply E-F. Also, are 7 and (77) = 60 relatively prime? Yes.

• Running the EEA, we get (-17)(7) + (2)(60) = 1, i.e, u = -17 + 60 = 43.

• Hence the 7th root of 5 (mod 77) is 543 (mod 77), which by Fast Exp is 26.

• Let’s check. By Fast Exp, 267 (mod 77) = 5, as desired.• Filling in the sequence of steps:

5 = 5(-17)(7)+(2)(60) = 5(43)(7)+(-5)(60) = (543)7(560)-5 (543)7(1)-5 = (543)7 267 (mod 77).

Page 4: Computing k th Roots Quickly (4/4) Via the Fast Exp algorithm, we know we can quickly compute large powers of large numbers modulo large numbers. What

Will It Work on Large Numbers?• The answer is: “Sort of”, and the snag is in a place you

might not at first expect it.• Let’s look back at the algorithm and see if we can spot the

trouble point.• This snag may seem unfortunate, but it turns out that it is

exactly this snag which makes “RSA encryption” work.• Assignment for Monday: 1. Read Chapter 17,

2. By hand compute the 5th root of 2 mod 19, 3. Do Exercise 17.2. I strongly suggest you fire up Mathematica and make use of the functions PowerMod, GCD, ExtendedGCD, and/or FactorInteger. If you’re clever, they can be solved by applying a single line of code. Answers are (I think): a. 37 b. 559