- 119 Views
- Uploaded on
- Presentation posted in: General

§3.6: Integers & Algorithms

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

- Topics:
- Base-b representations of integers.
- Especially: binary, hexadecimal, octal.
- Also: Two’s complement representation of negative numbers.

- Algorithms for computer arithmetic:
- Binary addition, multiplication, division.

- Euclidean algorithm for finding GCD’s.

- Base-b representations of integers.

- Ordinarily, we write base-10 representations of numbers, using digits 0-9.
- But, 10 isn’t special! Any base b>1 will work.
- For any positive integers n,b, there is a unique sequence ak ak-1… a1a0of digitsai<b such that:

The “base b expansionof n”

Used only because we have 10 fingers

- Base b=10 (decimal):10 digits: 0,1,2,3,4,5,6,7,8,9.
- Base b=2 (binary):2 digits: 0,1. (“Bits”=“binary digits.”)
- Base b=8 (octal):8 digits: 0,1,2,3,4,5,6,7.
- Base b=16 (hexadecimal):16 digits: 0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F

Usedinternally in all modern computers

Octal digits correspond to groups of 3 bits

Hex digits give groups of 4 bits

10, 11, 12, 13, 14, 15

(An algorithm, informally stated.)

- To convert any integer n to any base b>1:
- To find the value of the rightmost (lowest-order) digit, simply compute n mod b.
- Now, replace n with the quotient n/b.
- Repeat above two steps to find subsequent digits, until n is gone (=0).

Consider a 4-bit binary number

Examples of binary arithmetic:

3 + 2 = 53 + 3 = 6

Decimal

Binary

Decimal

Binary

0

0000

4

0100

1

0001

5

0101

2

0010

6

0110

3

0011

7

0111

1

1

1

0

0

1

1

0

0

1

1

+

0

0

1

0

+

0

0

1

1

0

1

0

1

0

1

1

0

procedureadd(an−1…a0, bn−1…b0: binary representations of non-negative integers a,b)

carry := 0

forbitIndex := 0 to n−1 {go through bits}

bitSum := abitIndex+bbitIndex+carry {2-bit sum}

sbitIndex := bitSummod 2 {low bit of sum}

carry := bitSum / 2 {high bit of sum}

sn := carry

returnsn…s0: binary representation of integer s

- In binary, negative numbers can be conveniently represented using two’s complement notation.
- In this scheme, a string of n bits can represent any integer i such that −2n−1 ≤ i < 2n−1.
- The bit (msb) in the highest-order bit-position (n−1) represents a coefficient multiplying −2n−1;
- The other positions i < n−1 just represent 2i, as before.

- The negation of any n-bit two’s complement number a = an−1…a0 is given by an−1…a0 + 1.

The bitwise logical complement of the n-bit string an−1…a0.

- Positive numbers: normal binary representation
- Negative numbers: flip bits (0 1) , then add 1

Decimal

-8

-7

-6

-5

-4

-3

-2

-1

0

1

…

7

Two’s Complement Binary

1000

1001

1010

1011

1100

1101

1110

1111

0000

0001

…

0111

Smallest 4-bit

number: -8

Biggest 4-bit

number: 7

proceduresub(a,b)

begin

returna + (2’s complement of b)

end

- Uses simple adder for + and – numbers
7 + (- 6) = 1 3 + (- 5) = -2

1

1

1

1

1

0

1

1

1

0

0

1

1

+

1

0

1

0

+

1

0

1

1

0

0

0

1

1

1

1

0

- Negation
- flip bits and add 1. (Magic! Works for + and -)
- Might cause overflow.

- Extend sign when loading into larger register
- +3 => 0011, 00000011, 0000000000000011
- -3 => 1101, 11111101, 1111111111111101

- Overflow detection (need to raise “exception” when answer can’t be represented)
01015

+01106

1011 -5 ??!!!

0

0

1

0

1

1

0

0

0

0

1

0

2

1

1

0

0

- 4

+

0

0

1

1

3

+

1

1

1

0

- 2

0

1

0

1

5

1

0

1

0

- 6

0

1

1

1

1

0

1

0

0

1

1

1

7

1

1

0

0

- 4

3

- 5

+

0

0

1

1

+

1

0

1

1

1

0

1

0

-6

0

1

1

1

7

Overflow is signaled by carry out of most-significant bit being different from carry from next bit!

proceduremultiply(an−1…a0, bn−1…b0: binary representations of a,bN)

product := 0

fori := 0 to n−1

ifbi = 1 then

product := add(an−1…a00i, product)

returnproduct

i extra 0-bits appended afterthe digits of a

procedurediv-mod(a,d Z+)

n := length of a in bits-length of d in bits

q := 0;

fori := n−1downto 0

ifa ≥ d0i then

qi:=1{This bit of quotient is 1.}

a := a − d0i{Subtract to get remainder.}

else qi:= 0{This bit of quotient is 0.}

r := a

returnq,r{q = quotient, r = remainder}

- In cryptography, it’s important to calculate bnmodm efficiently. E.g. 2644mod 645.
- procedureME(b:integer, ak−1 ak−2…a0:binary representation of n, m: positive integer)
x := 1; power := bmodm

fori := 0 to k−1

begin

ifai = 1 then x := (x．power) modm

power := (power．power) modm

end

returnx

- Finding GCDs by comparing prime factorizations can be difficult when the prime factors are not known!
- Euclid discovered: For all ints. a, b,gcd(a, b) = gcd((a mod b), b).
- Sort a,b so that a>b, and then (given b>1)(a mod b) < a, so problem is simplified.

- gcd(372,164) = gcd(372 mod 164, 164).
- 372 mod 164 = 372164372/164 = 372164·2 = 372328 = 44.

- gcd(164,44) = gcd(164 mod 44, 44).
- 164 mod 44 = 16444164/44 = 16444·3 = 164132 = 32.

- gcd(44,32) = gcd(44 mod 32, 32) = gcd(12, 32) = gcd(32 mod 12, 12) = gcd(8,12) = gcd(12 mod 8, 8) = gcd(4,8) = gcd(8 mod 4, 4) = gcd(0,4) = 4.

procedure gcd(a, b: positive integers)

whileb 0 begin

r≔amodb; a≔b; b≔r; end

return a

Fast! Number of while loop iterationsturns out to be O(log(max(a,b))).

- Theorem: If a and b are positive integers, then there exists integers s and t such that gcd(a,b)=sa+tb(so called Linear Combination of GCD).
- E.g. Express gcd(252,198)=18 in a linear combination of 252 and 198
- 252=1* 198+54 198=3*54+36
- 54=1*36+18 36=2*18
- Hence gcd(252,198)=4*252-5*198

Lemma 1: If a, b, and c are positive integers such that gcd(a,b)=1 and a|bc, then a|c.

Theorem 2: Let m be a positive integer and let a, b, and c be integers. If and gcd(c,m)=1, then .

Proof: Since , we have

.

Since gcd(c,m)=1, it follows that m|a-b by Lemma1. We conclude that

Theorem3: If gcd(a,m)=1 and m>1, then

Proof:

Since m>1, we have

Suppose

Hence

Since gcd(a,m)=1, (Theorem2)

existence

uniqueness

- Find an inverse of 3 modulo 7.
Since gcd(3,7)=1, by Euclidean algorithm:, we see that . This shows that –2 is an inverse of 3 modulo 7.

Variations of the following have been used to encrypt messages for thousands of years.

- Convert a message to capitals.
- Think of each letter as a number between 1 and 26.
- Apply an invertible modular function to each number.
- Convert back to letters (0 becomes 26).

Let the encryption function be

f (a) = (3a + 9) mod 26

Encrypt “Stop Thief”

- STOP THIEF (capitals)
- 19,20,15,16 20,8,9,5,6
- 14,17,2,5 17,7,10,24,1
- NQBE QGJXA

Decryption works the same, except that you apply the inverse function.

EG: Find the inverse of f (a) = (3a + 9) mod 26

If we didn’t have to deal with mod 26, inverse would be g (a) = 3-1 (a - 9)

We’ll see that since gcd(3,26) = 1, the inverse of 3 is actually well defined modulo 26 and is the number 9. This gives:

g (a) = 9(a - 9) mod 26 = (9a – 3) mod 26

- Caesar’s Cipher: f (a) = (a+3) mod 26

- Setup:
- n = pq, withpandqprimes
- e relatively prime to f(n) = (p- 1) (q- 1)
- dinverse of e in Zf(n)

- Keys:
- Public key: KE = (n, e)
- Private key: KD = d

- Plaintext M in Zn
- Encryption:C=Memodn
- Decryption:M=Cdmodn

- Setup:
- p = 5, q = 11
- n = 511 = 55
- f(n) = 410 = 40
- e = 3
- d = 27

- Encryption
- C = M3 mod 55

- Decryption
- M = C27 mod 55

The security of the RSA cryptosystem is based on the widely believed difficulty of factoring large numbers

The RSA challenge, sponsored by RSA Security, offers cash prizes for the factorization of given large numbers

In April 2002, prizes ranged from $10,000 (576 bits) to $200,000 (2048 bits)

Estimated resources needed to factor a number within one year

- The multiplicative group for Zn, denoted with Z*n, is the subset of elements of Znrelatively prime with n
- The totient function of n, denoted with f(n), is the size of Z*n. E.g: Z*10= { 1, 3, 7, 9 }, f(10) = 4
- If p is prime, we haveZ*p = {1, 2, …, (p - 1)}, f(p) =p - 1.
- For each element x of Z*n, we get xf(n) mod n= 1.
- E.g(n= 10): 3f(10) mod 10 = 34 mod 10 = 1

We show the correctness of the RSA cryptosystem for the case when the plaintext M does not divide n

Namely, we show that(Me)dmodn=M

Since edmod f(n) = 1, there is an integer ked=kf(n) + 1

Since M does not divide n, by Euler’s theorem we have

Mf(n)modn= 1

Thus, we obtain

(Me)d≡Med≡Mkf(n) + 1≡MMkf(n)≡M (Mf(n))k≡M (Mf(n)modn)k≡M (1)k≡M(modn)

the proof of correctness in the case when the plaintext M divides nis rather complex.

- A congruence of the form is called a linear congruence, where m is a positive integer, a and b are integers, and x is a variable.
- How to solve? Multiply both side of linear congruence by inverse.
- What are the solution of?
Sol.: Since -2 is the inverse of 3 modulo 7, we have -2‧3x ≡ -2‧4(mod 7),So x ≡ 6(mod 7).

Let m1,m2,…,mn be pairwise relatively prime positive integers. The system

has a unique solution modulo m, where

(That is, there is a solution x with, and all other solutions are congruent modulo m to this solution)

- Proof: Let Mk=m/mk for k=1,2,…,n.
- Since gcd(mi, mk)=1 for , gcd(mk, Mk)=1.
- Consequently, .
- Let .
- Since whenever .
- Since , , for k=1,2,…,n.

- Find a number x such that have remainders of 1 when divided by 3, 2 when divided by 5 and 3 when divided by 7. i.e.
- x =1 mod 3
- x = 2 mod 5
- x = 3 mod 7
Sol: 2*35≡1(mod 3) 1*21≡1(mod 5) 1*15≡1(mod 7),

so x ≡ 1*2*35+2*1*21+3*1*15 ≡52 (mod 105)

- Represent 973 in Z1813 as a k-tuple:
- Answer:
- M = 1813 = 37 * 49 m1 = 37 & m2 = 49
- A = 973
- A = (A mod m1, A mod m2) = (11, 42)

- We can recover its value using Chinese remainder theorem.
- Applied in computer arithmetic with large integers.