48
6.1 Primes and Related 

Power Point Slides Chapter 09

Embed Size (px)

Citation preview

Page 1: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 1/48

6.1

Primes and Related 

Page 2: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 2/48

9.2

99--1 PRIMES1 PRIMES

 Asymmetric Asymmetric--keykey cryptographycryptography usesuses primes primes extensivelyextensively. .

TheThe topictopic of of primes primes isis aa largelarge part  part of of anyany book book onon

number number theorytheory. .

9.1.1 Definition

9.1.2 Cardinality of Primes

9.1.3 Checking for Primeness

9.1.4 Euler¶s Phi-Function

9.1.5 Fermat¶s Little Theorem

9.1.6 Euler¶s Theorem

9.1.7 Generating Primes

Topics discussed in this section:Topics discussed in this section:

Page 3: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 3/48

9.3

9  .1.1 Definition

Figure 9.1 Three groups of positive integers

A prime is divisible only by itself and 1.

 Note

Page 4: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 4/48

9.4

9  .1.1 Continued 

Many public-key cryptographic algorithms require selectingone or more large prime integers.

So an important concern in public-key cryptography is to

test a randomly selected integer for its primality.

An integer is prime if it has exactly two distinct divisors,

the integer 1 and itself.

We will also be very interested in two integers beingrelatively prime to each other. Such integers are also called

coprimes. Two integers m and n are coprimes if and only if 

gcd(m, n) = 1. Therefore, whereas 4 and 9 are coprimes,

Page 5: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 5/48

9.5

9  .1.1 Continued 

What is the smallest prime?Example 9.1

Solution

The smallest prime is 2, which is divisible by 2 (itself) and 1.

List the primes smaller than 10.

Example 9.2

Solution

There are four primes less than 10: 2, 3, 5, and 7. It is interestingto note that the percentage of primes in the range 1 to 10 is 40%.

The percentage decreases as the range increases.

Page 6: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 6/48

9.6

9 .1.2 Cardinality of Primes

 Infinite Number of Primes

There is an infinite number of primes.

 Note

 Number of Primes

Page 7: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 7/48

9.7

9  .1.2 Continued 

Find the number of primes less than 1,000,000.

Example 9.4

Solution

The approximation gives the range 72,383 to 78,543. The actual

number of primes is 78,498.

Page 8: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 8/48

9.8

G iven a number n, how can we determine if n is a prime?The answer is that we need to see if the number is

divisible by all primes less than

9 .1.3 Checking for Primeness

We know that this method is inefficient, but it is a good 

start.

Page 9: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 9/48

9.9

9  .1.3 Continued 

Is 97 a prime?

Example 9.5

Solution

The floor of 97 = 9. The primes less than 9 are 2, 3, 5, and 7.Weneed to see if 97 is divisible by any of these numbers. It is not, so

97 is a prime.

Is 301 a prime?

Example 9.6

Solution

The floor of 301 = 17.We need to check 2, 3, 5, 7, 11, 13, and 17.

The numbers 2, 3, and 5 do not divide 301, but 7 does. Therefore

301 is not a prime.

Page 10: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 10/48

9.10

9  .1.3 Continued 

Prime numbers only have divisors of 1 and self * they cannot be written as a product of other numbers

* note: 1 is prime, but is generally not of interest

eg. 2,3,5,7 are prime, 4,6,8,9,10 are not

Prime numbers are central to number theory

List of prime number less than 200 is:

2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71 73 79

83 89 97 101 103 107 109 113 127 131 137 139 149 151 157 163

167 173 179 181 191 193 197 199

Page 11: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 11/48

9.11

9  .1.3 Prime Factorisation

To factor a number n is to write it as a product of other numbers:

n=a × b × c

Any integer a > 1 can be factored in a unique way as

where p1 < p2 < ... < pt are prime numbers and where each is a

positive integer.

91 = 7 x 13

3600 = 24 x 32 x 52

11011 = 7 x 112 x 13

Page 12: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 12/48

9.12

9 .1.3 Prime Factorisation

If P is the set of all prime numbers, then any positive integer a can

be written uniquely in the following form:

The prime factorisation of a number n is when its written as aproduct of primes .

Page 13: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 13/48

9.13

9  .1.3 Relatively Prime Numbers &G CD

Two numbers a, b are relatively prime if have no common divisorsapart from 1

eg. 8 & 15 are relatively prime since factors of 8 are 1,2,4,8 andof 15 are 1,3,5,15 and 1 is the only common factor

Conversely can determine the greatest common divisor bycomparing their prime factorizations and using least powers

eg. 300=21×31×52

18=21×32 .

Hence GCD(18,300)=21×31×50=6

Page 14: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 14/48

9.14

9  .1.5 Fermat¶s Little Theorem

First Version

a p a mod p

a p í 1 1 mod p

 Second Version

Page 15: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 15/48

9.15

9 .1.3 Fermat¶s Little Theorem

a p-1

 mod p = 1

where p is prime and gcd(a, p)=1

Also known as Fermat¶s Little Theorem

Useful in public key and primality testing

Page 16: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 16/48

9.16

9  .1.3 Proof.

Consider the set of positive integers less than p:{1,2,..., p-1}

and multiply each element by a modulo p, to get the set

X = {a mod p, 2a mod p, . . . (p-1)a mod p}.

None of the elements of X is equal to zero because p does not

divide a.

Therefore, the (p-1) numbers are just the numbers {1,2,..., p-1} in

some order.

Page 17: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 17/48

9.17

9  .1.3 Proof.

Multiplying the number in both sets and taking the result mod p«

a x 2a x ... x ((p-1)a) [(a mod p) x (2a mod p) x...x ((p-1)a)mod p]

[1 x 2 x 3 x . . . x (p-1)] mod p

(p-1)! mod p

a x 2a x ... x ((p-1)a) = (p-1)! ap-1

Therefore

(p-1)! ap-1 (p-1)! mod p

We can cancel the (p-1)! Because it is relatively prime to p.

So a p-1

1 mod p

Page 18: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 18/48

9.18

9  .1.3 Alternate Approach

If p is prime and a is any positive integer, then

a p a mod p

Proof: If a and p are coprime, we multiply both side of the

congurence using the result of the previous theorem.

If p | a, then ap a 0 (mod p)

Page 19: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 19/48

9.19

9  .1.5 Continued 

Find the result of 610 mod 11.

Example 9.12

Solution

We have 610 mod 11 = 1. This is the first version of Fermat¶s little

theorem where p = 11.

Find the result of 312 mod 11.

Example 9.13

Solution

Here the exponent (12) and the modulus (11) are not the same.With substitution this can be solved using Fermat¶s little theorem.

Page 20: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 20/48

9.20

 M ultiplicative Inverses

9  .1.5 Continued 

aí1 mod p = a p í 2 mod p

The answers to multiplicative inverses modulo a prime can be

found without using the extended Euclidean algorithm:

Example 9.14

Page 21: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 21/48

9.21

 E uler¶s phi-function, J ( n), which is sometimes called the

 E uler¶s totient function plays a very important role in

cryptography.

9 .1.4  E uler¶s Phi-Function/ Totient Function

 E uler¶s phi-function, J ( n), where J ( n) is the number of 

 positive integers less than n and relatively prime to n.

Page 22: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 22/48

9.22

 Determine J ( 37) and J ( 35).

 Because 37 is prime, all of the positive integers from 1

through 36 are relatively prime to 37. Thus J ( 37) = 36.

To determine J ( 35),

1, 2, 3, 4, 6, 8, 9 , 11, 12, 13, 16, 17, 18,

19 , 22, 23, 24, 26, 27, 29 , 31, 32, 33, 34.

There are 24 numbers on the list, so J ( 35) = 24.

9 .1.4  E uler¶s Phi-Function/ Totient Function

Page 23: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 23/48

9.23

9 .1.4  E uler¶s Totient Function

Page 24: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 24/48

9.24

 It should be clear that for a prime number p,

J(  p) = p-1

 Now suppose that we have two prime numbers p and q,

with pq . Then we can show that for n = pq,

J ( n) = J(  pq) = J(  p) x J( q) = (  p-1) x ( q-1)

J  ( n) = J  (  p) x J  ( q), consider that the set of positive

integers less that n is the set {1,..., (  pq-1)}.

The integers in this set that are not relatively prime to n

are the set {p,2 p,..., ( q-1)p} and the set {q,2q,..., (  p-1)q}

and 0, Accordingly.

9 .1.4  E uler¶s Phi-Function/ Totient Function

Page 25: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 25/48

9.25

J( 21) = J( 3) x J( 7) = ( 3-1) x ( 7-1) = 2 x 6 = 12

where the 12 integers are {1,2,4,5,8,10,11,13,16,17,19 ,20}

9 .1.4  E uler¶s Phi-Function/ Totient Function

Page 26: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 26/48

9.26

We can combine the above four rules to find the value of J ( n). For example, if n can be factored as

n = p1e

1 × p2e2 × « × pk 

ek 

then we combine the third and the fourth rule to find 

9  .1.4 Continued 

The difficulty of finding J(n) depends on the

difficulty of finding the factorization of n.

 Note

Page 27: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 27/48

9.27

9  .1.4 Continued 

What is the value of J(13)?

Example 9.7

Solution

Because 13 is a prime, J(13) = (13 í1) = 12.

What is the value of J(10)?

Example 9.8

Solution

We can use the third rule: J(10) = J(2) × J(5) = 1 × 4 = 4, because 2

and 5 are primes.

Page 28: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 28/48

9.28

9  .1.4 Continued 

What is the value of J(240)?

Example 9.9

Solution

We can write 240 = 24 × 31 × 51. Then

J(240) = (24 í23) × ( 31 í 30) × ( 51 í 50) = 6 4

Can we say that J(49) = J(7) × J( 7 ) = 6 × 6 = 3 6 ?

Example 9.10

Solution

No. The third rule applies when m and n are relatively prime.

Here 49 = 72.We need to use the fourth rule: J(49) = 72 í 71 = 42.

Page 29: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 29/48

9.29

9  .1.4 Continued 

What is the number of elements in Z14*?

Example 9.11

Solution

The answer is J(14) = J(7) × J(2) = 6 × 1 = 6. The members are 1,

3, 5, 9, 11, and 13.

Interesting point: If n > 2, the value of J(n) is even.

 Note

Page 30: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 30/48

9.30

9 .1.6   E uler¶s Theorem

First Version

aJ ( n) 1 ( mod n)

 Second Version

a k × J ( n) + 1 a ( mod n)

The second version of Euler¶s theorem is used in the

RSA cryptosystem.

 Note

Page 31: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 31/48

9.31

9  .1.5 Continued 

Find the result of 624 mod 35.

Example 9.15

Solution

We have 624

mod 35 = 6J(35)

mod 35 = 1.

Find the result of 2062 mod 77.

Example 9.16

Solution

If we let k = 1 on the second version, we have

2062 mod 77 = (20 mod 77) (20J(77) + 1 mod 77) mod 77

= (20)(20) mod 77 = 15.

Page 32: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 32/48

9.32

 M ultiplicative Inverses E uler¶s theorem can be used to find multiplicative

inverses modulo a composite.

9  .1.6 Continued 

aí1 mod n = aJ ( n)í1 mod n

Page 33: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 33/48

9.33

9  .1.5 Continued 

The answers to multiplicative inverses modulo a composite can be

found without using the extended Euclidean algorithm if we know

the factorization of the composite:

Example 9.17

Page 34: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 34/48

9.34

9 .1.7  G enerating Primes

 M ersenne Primes

A number in the form M p = 2 p í 1 is called a

Mersenne number and may or may not be a prime.

 Note

Page 35: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 35/48

9.35

Fermat Primes

9  .1.7 Continued 

F 0 = 3 F 1 = 5 F 2 = 17 F  3 = 257 F 4 = 65537 F 5 = 4294967297 = 641 × 6700417  Not a prime

Page 36: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 36/48

9.36

99--4 CHINESE REMAINDER THEOREM4 CHINESE REMAINDER THEOREM

TheThe ChineseChinese remainder remainder theoremtheorem ( CRT)( CRT) isis used used toto solvesolve

aa set set of of congruent congruent equationsequations withwith oneone variablevariable but but 

different different moduli moduli, , whichwhich areare relativelyrelatively prime, prime, asas shownshown

belowbelow::

 Above Above equationequation havehave thethe uniqueunique solutionsolution if if thethe moduli moduli 

areare relativelyrelatively prime prime

Page 37: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 37/48

9.37

99--4 Continued4 Continued

The following is an example of a set of equations with different

moduli:

Example 9.35

The solution to this set of equations is given in the next section; for

the moment, note that the answer to this set of equations is x = 23.This value satisfies all equations: 23 2 (mod 3), 23 3 (mod 5),

and 23 2 (mod 7).

Page 38: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 38/48

9.38

99--4 Continued4 Continued

Solution To Chinese Remainder Theorem

1. Find M = m1 × m2 × « × mk . This is the common modulus.

2. Find M1

= M/m1

, M2

= M/m2

, «, Mk 

= M/mk 

.

3. Find the multiplicative inverse of M1, M2, «, Mk  using the

corresponding moduli (m1, m2, «, mk ). Call the inverses

M1í1, M2

í1, « , Mk í1.

4. The solution to the simultaneous equations is

Page 39: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 39/48

9.39

99--4 Continued4 Continued

Find the solution to the simultaneous equations:

Example 9.36

Solution

W

e follow the four steps.

1. M = 3 × 5 × 7 = 105

2. M1 = 1 0 5 / 3 = 3 5 , M2 = 1 0 5 / 5 = 2 1 , M3 = 1 0 5 / 7 = 1 5

3. The inverses are M1í1 = 2 , M2

í1 = 1 , M3í1 = 1

4 . x = ( 2 × 3 5 × 2 + 3 × 2 1 × 1 + 2 × 1 5 × 1 ) m o d 1 0 5 = 2 3 m o d 1 0 5

Page 40: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 40/48

9.40

99--4 Continued4 Continued

Find an integer that has a remainder of 3 when divided by 7 and

13, but is divisible by 12.

Example 9.37

Solution

This is a CRT problem.W

e can form three equations and solvethem to find the value of x.

If we follow the four steps, we find x = 276. We can check that

276 = 3 mod 7, 276 = 3 mod 13 and 276 is divisible by 12 (the

quotient is 23 and the remainder is zero).

Page 41: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 41/48

9.41

99--4 Continued4 Continued

Assume we need to calculate z = x + y where x = 123 and y = 334,but our system accepts only numbers less than 100. These

numbers can be represented as follows:

Example 9.38

Adding each congruence in x with the corresponding congruence

in y gives

Now three equations can be solved using the Chinese remainder

theorem to find z. One of the acceptable answers is z = 457.

Page 42: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 42/48

9.42

99--6 EXPONENTIATION AND LOGARITHM6 EXPONENTIATION AND LOGARITHM

9.6.1 Discrete Logarithmic

Topics discussed in this section:Topics discussed in this section:

Page 43: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 43/48

9.43

First let¶s define what is meant by a primitive root moduloa positive number N.

You already know that when p is a prime, the set of 

remainders, Z  p , is a finite field  .

We can show similarly that for any positive integer N, the

set of all integers i < N that are coprime to N form a

  group with modulo N multiplication as the groupoperator.

9  .6.2 Logarithm

Page 44: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 44/48

9.44

For example, when N = 8, the set of coprimes is {1, 3, 5,7}. This set forms a group with modulo N multiplication

as the group operator.

What that implies immediately is that the result of multiplying modulo N any two elements of the set is

contained in the set.

For example, 3×7 mod 8 = 5..

The identity element for the group operator is, of course,

1.

9  .6.2 Logarithm

Page 45: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 45/48

9.45

 And  every element has its inverse with respect to theidentity element within the set.

For example, the inverse of 3 is 3 itself since 3 × 3 mod 8

= 1. (  By the way, each element of {1, 3, 5, 7} is its owninverse in the group.)

For any positive integer N, the set of all coprimes modulo

 N is denoted (  Z/NZ)× or Z  

 N  . Obviously, when N = p is a prime, we can also just use the notation Z  p .

9  .6.2 Logarithm

Page 46: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 46/48

9.46

For some values of N, the set  (  Z/NZ)×

contains anelement whose various powers, when computed modulo

 N, are all distinct and span the entire set (  Z/NZ)× .

 Such an element is called the primitive element of the set (  Z/NZ)× or primitive root modulo N.

9  .6.2 Logarithm

Page 47: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 47/48

9.47

Consider, for example, N = 9 . We have

 Z 9 = {0, 1, 2, 3, 4, 5, 6, 7, 8}

(  Z/ 9 Z)× = {1, 2, 4, 5, 7, 8}

 Now we will show that 2 is a primitive element of the

 group (  Z/ 9 Z)× , which is the same as primitive root mod 9 .

Consider:

7 is a primitive element of mod 19

 A primitive root can serve as the base of what is known as

a discrete logarithm.

9  .6.2 Logarithm

Page 48: Power Point Slides Chapter 09

8/8/2019 Power Point Slides Chapter 09

http://slidepdf.com/reader/full/power-point-slides-chapter-09 48/48

9 48

20

= 1, 21

= 222 = 4, 23 = 8

24 7 ( mod 9 )

25 5 ( mod 9 )

26 

1 ( mod 9 )27  2 ( mod 9 )

28 4 ( mod 9 )

 ...

  It is clear that for the group (  Z/ 9 Z)×  , as we raise the

element 2 to all possible powers of the elements of Z 9 , we

recover all the elements of  (  Z/ 9 Z)× . That makes 2 a

primitive root mod 9

9  .6.2 Logarithm