modular arithmetic
Download
Skip this Video
Download Presentation
Modular Arithmetic

Loading in 2 Seconds...

play fullscreen
1 / 70

Modular Arithmetic - PowerPoint PPT Presentation


  • 123 Views
  • Uploaded on

Modular Arithmetic. p-1. 1. ´ p. n|m means that m is a an integer multiple of n. We say that “n divides m”. 7|21 7 divides 21. 2|4 2 divides 4 7|21 7 divides 21. (a mod n) means the remainder when a is divided by n. If ad + r = n, 0 · r < n Then r = (a mod n) and d = (a div n).

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Modular Arithmetic' - vidal


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide2

n|m means that m is a an integer multiple of n.

We say that “n divides m”.

7|21 7 divides 21

slide3

2|4 2 divides 4

7|21 7 divides 21

slide4

(a mod n) means the remainder when a is divided by n.

If ad + r = n, 0· r < n

Then r = (a mod n)and d = (a div n)

slide5

Egyptian Division

95 15 80* 40 20 10*

8 4 2 1

Double and Subtract

95/10 = 8+1 remainder 5

slide6

Egyptian in the exponent: Calculate ab mod n:

Except for b, work in a reduced mod system to keep all intermediate results less than b log2 (n) c + 1 bits long.

Phase I (Repeated Multiplication)

For log b steps

multiply largest so far by a

(a, a2, a4, … )

Phase II (Make ab from bits and pieces)

Expand n in binary to see how n is the sum powers of 2. Assemble ab by multiplying together appropriate powers of a.

slide7

Modular equivalence of integers a and b:

a ´ b [mod n]

a ´n b

“a and b are equivalent modulo n”

iff (a mod n) = (b mod n)iff n|(a-b)

slide9

Fundamental lemma of plus, minus, and times modulo n:

If (x ´n y) and (a ´n b)

Then: x+a ´n y+b x-a ´n y-b

xa ´n yb

slide10

Fundamental lemma of plus minus, and times modulo n:

When doing plus, minus, and times modulo n, I can at any time in the calculation replace a number with a number in the same residue class modulo n

slide11

Please calculate in your head:

329 * 666 mod 331

-2 * 4 = -8 = 323

slide12

The reduced system modulo n:

Zn = {0, 1, 2, …, n-1}

Define +n and *n:

a +n b = (a+b mod n)

a *n b = (a*b mod n)

slide13

The reduced system modulo 3

Z3 = {0, 1, 2}

Two binary, associative operators on Z3:

slide14

The reduced system modulo 2

Z2 = {0, 1}

Two binary, associative operators on Z2:

slide15

The Boolean interpretation of

Z2 = {0, 1}

0 means FALSE 1 means TRUE

slide16

The reduced system

Z4 = {0, 1,2,3}

slide17

The reduced system

Z5 = {0, 1,2,3,4,5}

slide18

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=3.

slide19

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=3.

slide20

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=3.

slide21

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=3.

slide22

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=3.

slide23

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=3.

slide24

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=3.

slide25

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=3.

slide26

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=3.

slide27

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=4.

slide28

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=4.

slide29

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=8.

slide30

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=6.

slide31

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=6.

slide32

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=6.

slide33

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=6.

slide34

0

7

1

2

6

5

3

4

Theorem: There are exactly n/(c,n) distinct multiples of c modulo n. Example: n=8, c=6.

slide35

0

7

1

2

6

5

3

4

The multiples of c modulo n is the set:

{0, c, c +n c, c +n c +n c, ….}

= {kc mod n | 0· k · n-1}

Multiples of 6

slide36

Theorem: There are exactly n/(c.n) distinct multiples of c modulo n: {kc mod n | 0· k < n/(c,n)}

Let k= n/(c,n), which implies ck ´n 0

There are · k distinct multiples of c mod n: c*0, c*1, c*2, …, c*(k-1)

cx ´n cy $ n|c(x-y) $ (x-y) ¸n/(c.n) = k

There are ¸ k multiples of c

slide37

Is there a fundamental lemma of division modulo n?

cx ´n cy ) x ´n y ?

2*2 ´6 2*5, but not 2 ´6 5.

slide38

Repaired fundamental lemma of division modulo n?

c 0 (mod n), cx ´n cy ) x ´n y ?

6*3 ´10 6*8, but not 3 ´10 8.

slide39

Which c are safe for cancellation mod n, i.e., cx ´n cy ) x ´n y ?

Hint: There are only n/(n,c) distinct multiples of c.

slide40

Which c are safe for cancellation mod n, i.e., cx ´n cy ) x ´n y ?

Hint: There are only n/(n,c) distinct multiples of c.

If (c,n)\neq 1, then there exists distinct x,y<n s.t. cx=cy.

slide41

Fundamental lemma of division modulo n.

(c,n)=1, ca ´n cb ) a ´n b

slide42

A sense in which you can always cancel by c:

Theorem:

cx ´n cy ) x ´n/(c,n) y

cx ´n cy ) cx ´n/(c,n) cy and ( c, n/(c,n) )=1 ) x ´n/(c,n) y

slide43

Fundamental lemma of division modulo n.

(c,n)=1, ca ´n cb ) a ´n b

Zn* = {x 2 Zn | GCD(x,n) =1}

Multiplication over Zn* will have the cancellation property.

slide46

The column permutation property is equivalent to the right cancellation property:

[b * a = c * a] ) b=c

slide47

The row permutation property is equivalent to the left cancellation property:

[a * b = a *c] ) b=c

slide49

Euler Phi Function

(n) = size of zn*

= number of 1<k<n that are relatively prime to n.

p prime ) Zp*= {1,2,3,…,p-1})(p) = p-1

slide50

The additive inverse of a2 Zn is the unique b2 Zn such that a +n b ´n 0. We denote this inverse by “–a”.

It is trivial to calculate:

“-a” = (n-a).

slide51

The multiplicative inverse of a2 Zn* is the unique b2 Zn*such that

a *n b ´n 1. We denote this inverse by “a-1” or “1/a”.

The unique inverse of a must exist because the a row contains a permutation of the elements and hence contains a unique 1.

slide52

Zn = {0, 1, 2, …, n-1}

Zn* = {x 2 Zn | GCD(x,n) =1}

Define +n and *n:

a +n b = (a+b mod n) a *n b = (a*b mod n)

c *n ( a +n b) ´n (c *n a) +n (c*n b)

  • <Zn, +n>
  • Closed
  • Associative
  • 0 is identity
  • Additive Inverses
  • Cancellation
  • Commutative
  • <Zn*, *n>
  • Closed
  • Associative
  • 1 is identity
  • Multiplicative Inverses
  • Cancellation
  • Commutative
slide53

The multiplicative inverse of a2 Zn* is the unique b2 Zn*such that

a *n b ´n 1. We denote this inverse by “a-1” or “1/a”.

Efficient algorithm to compute a-1 from a and n.

Execute the Extended Euclid Algorithm on a and n (previous lecture). It will give two integers r and s such that:

ra + sn = (a,n) = 1

Taking both sides mod n, we obtain:

rn ´n 1

Output r, which is the inverse of a

slide54
What is 1/29 mod 67?Euclid’s Extended GCD algorithm Input: X,Y Output: r,s,d such that rX+sY = d = GCD(X,Y)

67=<1,0> 29=<0,1>

Euclid(67,29) 9=67 – 2*29 9 =<1,-2>

Euclid(29,9) 2=29 – 3*9 2=<-3,7>

Euclid(9,2) 1=9 – 4*2 1=<13,-30>

Euclid(2,1) 0=2 – 2*1 2=<-3,7>

Euclid(1,0) outputs 1 = 13*67 – 30*29

HENCE 1/29 = 30.

slide55

Fundamental lemma of powers?

If (a ´n b)

Then xa´n xb ?

slide56

If (a ´n b) Then xa´n xb ?

NO!

(16 ´15 1) , but it is not the case that: 21´15 216

slide57

Two names for the same set:

Zn* = Zna

Zna = {a *n x | x 2 Zn*}, a2 Zn*

slide58

Two products on the same set:

  • Zn* = Zna
  • Zna = {a *n x | x 2 Zn*}, a2 Zn*
  • x ´n  ax [as x ranges over Zn* ]
  • x ´n  x (asize of Zn*) [Commutativity]

1 = asize of Zn* [Cancellation] a(n) = 1

slide59

Euler’s Theorem

a2 Zn*, a(n)´n 1

Fermat’s Little Theorem

p prime, a2 Zp*)ap-1´p 1

f pq p 1 q 1 if p q distinct primes
f(pq) = (p-1)(q-1) if p,q distinct primes
  • pq = # of numbers from 1 to pq
  • p = # of multiples of q up to pq
  • q = # of multiples of p up to pq
  • 1 = # of multiple of both p and q up to pq
  • f(pq) = pq – p – q + 1 = (p-1)(q-1)
slide61

Fundamental lemma of powers.

Suppose x2 Zn*, and a,b,n are naturals.

If a ´(n) b Then xa´n xb

Equivalently,

xa mod (n)´n xb mod (n)

slide62

Zn = {0, 1, 2, …, n-1}

Zn* = {x 2 Zn | GCD(x,n) =1}

Quick raising to power.

  • <Zn, +n>
  • Closed
  • Associative
  • 0 is identity
  • Additive InversesFast + amd -
  • Cancellation
  • Commutative
  • <Zn*, *n>
  • Closed
  • Associative
  • 1 is identity
  • Multiplicative InversesFast * and /
  • Cancellation
  • Commutative
slide63

Euler Phi Function

(n) = size of zn*

= number of 1<k<n that are relatively prime to n.

p prime ) Zp*= {1,2,3,…,p-1})(p) = p-1

f pq p 1 q 1 if p q distinct primes1
f(pq) = (p-1)(q-1) if p,q distinct primes
  • pq = # of numbers from 1 to pq
  • p = # of multiples of q up to pq
  • q = # of multiples of p up to pq
  • 1 = # of multiple of both p and q up to pq
  • f(pq) = pq – p – q + 1 = (p-1)(q-1)
the rsa cryptosystem
The RSA Cryptosystem
  • Rivest, Shamir, and Adelman (1978)
  • RSA is one of the most used cryptographic protocols on the net. Your browser uses it to establish a secure session with a site.
slide66

Pick secret, random k-bit primes: p,q

“Publish”: n = p*q

(n) = (p) (q) = (p-1)*(q-1)

Pick random e  Z*(n)

“Publish”: e

Compute d = inverse of e in Z*(n)

Hence, e*d = 1 [ mod (n) ]

“Private Key”: d

slide67

p,q random primes, e random  Z*(n)

n = p*q

e*d = 1 [ mod (n) ]

n,e is my public key. Use it to send a message to me.

slide68

p,q prime, e random  Z*(n)

n = p*q

e*d = 1 [ mod (n) ]

n,e

m

slide69

p,q prime, e random  Z*(n)

n = p*q

e*d = 1 [ mod (n) ]

n,e

m

me [mod n]

slide70

p,q prime, e random  Z*(n)

n = p*q

e*d = 1 [ mod (n) ]

n,e

m

me [mod n]

(me)d ´n m

ad