1 / 23

Chapter 4 – Finite Fields Introduction

Chapter 4 – Finite Fields Introduction. will now introduce finite fields of increasing importance in cryptography AES, Elliptic Curve, IDEA, Public Key start with concepts of groups, rings, fields from abstract algebra. Algebraic System.

flo
Download Presentation

Chapter 4 – Finite Fields Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 4 – Finite Fields Introduction • will now introduce finite fields • of increasing importance in cryptography • AES, Elliptic Curve, IDEA, Public Key • start with concepts of groups, rings, fields from abstract algebra

  2. Algebraic System • Binary Operation: Given a nonempty set S and a function op : S×SS, then op is a binary operation on S. • Examples: S= N and op = × :the multiple of integer; S= N and op = +: the addition of integer. • Algebratic Systems: (S, op1, op2, …, opn), where S is a nonenmpty set and there are at least one binary operation on S. • Examples: (R, +, ×) and (Z, +, ×)

  3. Properties of Algebratic Systems • Closure: a op b  S, where a and b S. • Associative: (a op b) op c= a op (b op c) for (S, op), where a, b, and c S. • Communicative: a op b = b op a for (S, op) for a and b S. • (Z, -) have no communicative property. • Identity: For (S, op), eS, aS, such that a op e= e op a= a. • Example: For (Z, +), e=0, for (Z, ×), e= 1. • Inverses: For (S, op), aS, bS, such that a op b = b op a = e. • Symbol : a-1 or -a.

  4. Example: For (Z, +), the inverse of a is -a. • Example: For (R/{0}, ×), the inverse of a is a-1 while, for (Z, ×), there is no inverse for any integer. • Distribution: For (S, +, *), a*(b+c)= a*b+a*c, where a, b, and cS. • Semigroup (G,*): An algebratic system (G, *) with the following properties: Closure, association, and an identity. • Theorem: For a semigroup (G, *), the identity is unique.

  5. Groups (G, *) : A semigroup (G, *) with inverses. • Examples:(Z, +), (R/{0}, *) are groups. • Abelian (Commutative) Groups: the group with communitative property • Theorem: For a group (G, *), the inverse of an element in G is unique. • Field (F, +, *): • (F, +) is a commutative group. • (F, *) is a semigroup and (F-{0}, *) is a commutative group, where 0 is the identity for the operation +.

  6. Finite Fields • Finite Group (G, *): A group (G, *) with finite elements in G. • Example: ({0, 1, …, N-1}, +N) is a finite group, where N is an integer. • Cyclic Group (G, *): For a group (G, *), there exists an element a such that G= {an|nZ}, where an =a*a* …*a (n-1 times). • a:primitive root (with the order n=|G|). • Example: ({1, …, 6}, *7) is a cyclic group with the primitive root 3. [{3, 2, 6, 4, 5, 1}, & order= 6]

  7. Generator with order m: am=1. • Finite Fields: A field (F, +, *) with finite elements in F. • Example:GF(P)= ({0, 1, …, P-1}, +P, *P) for a prime number P. [The first finite fields].

  8. Some Famous Finite Fields [P is a prime number] • GF(P) or ZP. • GF(Pn): Given an irreducible polynomial Q(x) of degree n over GF(P). • GF(2n) for P= 2. • Example: Q(x)= x3+x+1 over GF(2) • (x+1)+ (x)= 1. • (x+1)*x2= x2+x+1.

  9. Congruences • Given integers a, b, and n 0, a, is congruent to b modulo n, written ab mod n if and only if ab = kn for some integer k. Ex. 41  93 mod13. 18  10 mod8.

  10. If ab mod n, then b is called a residue of a modulo n (conversely, a is a residue of b modulo n). • A set of n integers {r1, …, rn} is called a complete set of residues modulo n if, for every integer a, there is exactly one ri in the set such that ari mod n. • For any modulus n, the set of integers {0, 1,…, n1} forms a complete set of residues modulo n.

  11. Greatest Common Divisor (GCD) • a common problem in number theory • GCD (a,b) of a and b is the largest number that divides evenly into both a and b • eg GCD(60,24) = 12 • often want no common factors (except 1) and hence numbers are relatively prime • eg GCD(8,15) = 1 • hence 8 & 15 are relatively prime

  12. Euclidean Algorithm • an efficient way to find the GCD(a,b) • uses theorem that: • GCD(a,b) = GCD(b, a mod b) • Euclidean Algorithm to compute GCD(a,b) is: EUCLID(a,b) 1. A = a; B = b 2. if B = 0 return A = gcd(a, b) 3. R = A mod B 4. A = B 5. B = R 6. goto 2

  13. Example GCD(1970,1066) 1970 = 1 x 1066 + 904 gcd(1066, 904) 1066 = 1 x 904 + 162 gcd(904, 162) 904 = 5 x 162 + 94 gcd(162, 94) 162 = 1 x 94 + 68 gcd(94, 68) 94 = 1 x 68 + 26 gcd(68, 26) 68 = 2 x 26 + 16 gcd(26, 16) 26 = 1 x 16 + 10 gcd(16, 10) 16 = 1 x 10 + 6 gcd(10, 6) 10 = 1 x 6 + 4 gcd(6, 4) 6 = 1 x 4 + 2 gcd(4, 2) 4 = 2 x 2 + 0 gcd(2, 0)

  14. Finding Inverses EXTENDED EUCLID(m, b) 1. (A1, A2, A3)=(1, 0, m); (B1, B2, B3)=(0, 1, b) 2. if B3 = 0 return A3 = gcd(m, b); no inverse 3. if B3 = 1 return B3 = gcd(m, b); B2 = b–1 mod m 4. Q = A3 div B3 5. (T1, T2, T3)=(A1 – Q B1, A2 – Q B2, A3 – Q B3) 6. (A1, A2, A3)=(B1, B2, B3) 7. (B1, B2, B3)=(T1, T2, T3) 8. goto 2

  15. Inverse of 550 in GF(1759)

  16. Computing Inverses • Unlike ordinary integer arithmetic, modular arithmetic sometimes permits the computation of multiplicative inverse • That is, given an integer a in the range [0, n1], it may be possible to find a unique integer x in the range [0, n1] such that ax mod n = 1. • Ex. 3 and 7 are multiplicative inverses mod 10 because 21 mod 10 = 1. • Thm. If gcd(a, n) = 1, then (ai mod n)  (aj mod n) for each i, j such that 0 i < j < n.

  17. This property implies that each ai mod n (i = 0, ..., n1) is a distinct residue mod n, and that the set {ai mod n}i=0, ..., n1 • is a permutation of the complete set of residues {0, ..., n 1}. • This property does not hold when a and n have a common factor. • If gcd(a, n) = 1, then there exists an integer x, 0 < x < n, such that ax mod n = 1.

  18. Ex. n = 5 and a = 3: 30 mod 5 = 0 31 mod 5 = 3 32 mod 5 = 1 33 mod 5 = 4 34 mod 5 = 2. • Ex. n = 4 and a = 2: 20 mod 4 = 0 21 mod 4 = 2 22 mod 4 = 0 23 mod 4 = 2.

  19. Solving for Inverse • Euler's generalization of Fermat's theorem gives us an algorithm for solving the equation ax mod n = 1, where gcd(a, n) = 1. Since a(n) mod n = 1, we may compute x as axa(n) , or x = a(n)1 mod n. If n is prime, this is simply x = a(n1)1 mod n = an2 mod n.

  20. Ex. Let a = 3 and n = 7. Then x = 35 mod 7 = 5. • Ex. Let a = 2 and n = 15. Then x = 27 mod 15 = 8. • With this approach, to compute x, you have to know (n).

  21. Another Approach • x can also be computed using an extension of Euclid's algorithm for computing the greatest common divisor. • This is more suitable for computers to do. Euclid's algorithm for computing greatest common divisor : gcd(a, n) g0n g1a i 1 whilegi 0 gi+1gi1modgi ii + 1 returngi1

  22. Extended Euclid's Algorithm • Extended Euclid's algorithm for computing inverse (loop invariant: gi = uin + via): • inv(a, n) g0n; g1a; u0 1; v0 0; u1 0; v1 1; i 1 whilegi 0 ygi1divgi gi+1gi1ygi ui+1ui1yui vi+1vi1yvi ii + 1 xvi1 ifx 0 returnx else returnx + n

  23. Example • Ex. To solve 3x mod 7 = 1 using the algorithm, we have • Because v2 = 2 is negative, the solution is x = 2 + 7 = 5.

More Related