1 / 32

Modular Arithmetic & Cryptography - PowerPoint PPT Presentation

Modular Arithmetic & Cryptography. CSC2110 Tutorial 8 Darek Yung. Outline. Quick Review Examples Q & A. Quick Review. Prime Modular Arithmetic Multiplicative Inverse Turing’s Code RSA. Prime. If p is a prime, GCD(a, p) = 1 unless a is multiple of p

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

PowerPoint Slideshow about 'Modular Arithmetic & Cryptography' - basil

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Modular Arithmetic & Cryptography

CSC2110 Tutorial 8

Darek Yung

• Quick Review

• Examples

• Q & A

• Prime

• Modular Arithmetic

• Multiplicative Inverse

• Turing’s Code

• RSA

• If p is a prime, GCD(a, p) = 1 unless a is multiple of p

• If p is a prime, p | a1 * a2 * … * aN implies

p | ai for some i

• Every natural number n > 1 has a unique prime factorization

• Multiplicative inverse can be calculated by

• Repeated squaring

• Integer linear combination

• Secret: key k

• Encryption: m’ = m * k

• Decryption: m’ / k = (m * k) / k = m

• Attacked by

GCD(m1’, m2’) = GCD(m1k, m2k) = k

• Public: large prime p

• Secret: key k, k < p

• Encryption: m’ = rem(mk, p), m < p

• Decryption:

• multiplicative inverse of k (mod p) k’

• m’  mk (mod p)

• m’k’  mkk’ (mod p)  m (mod p)

• Plain text attack

• Given m’, m, p

• multiplicative inverse of m (mod p) m’’

• m’m’’  kmm’’ (mod p)  k (mod p)

• Generate two large primes p, q

• Let n = pq, T = (p-1)(q-1)

• Select e such that GCD(e,T) = 1

• Let d = multiplicative inverse of e (mod T)

• Public: n, public key e

• Secret: private key d

• Encryption: m’ = me (mod n), m < n

• Decryption: (m’)d  med  m (mod n)

• Q20: False

• Q21: False, modular arithmetic can be applied to INTEGER a, b

• Q22: True, sum of digits is divisible by 9

• Q23: True, difference between sum of even digits and sum of odd digits is divisible by 11

• Q24: False, either of a, a’ can be negative.

e.g. n = 5, a = 3, a’ = -3  k = -2

• Q25: True

• Q26: False, c may be multiple of n

• Q27: False, k may be multiple of p

• Q28: True

• Q29: False, k may be multiple of p

• Q30: False, k may be multiple of p and there is no multiplicative inverse of k (mod p)

• Q31: True (false if p1 = p2)

• Q32: True

• Q33: False, Version 1.0 use simple multiplication

• Q34: True (will show in long question)

• Q35: True

• Q36: False, unique m with respect to a specific k. A large number of (m, k) pair.

• Q37: True

• Q38: False, encrypted by public key

• Q39: True

• Q40: False, it is just to compute the power of an integer modulo another number

• It is now 5pm on Sunday, What’s the time and the day of the week after 17965 hours

• 17965 = 758(24) + 13

• 758 = 108(7) + 2  Tuesday

• 13 + (5+12) = 30 = 1(24) + 6  6am

 Wed

• Calculate 579572 (mod 21) by repeated squaring

• 72 = 64 + 8

• 5795  20 (mod 21)

• 57952 1 (mod 21)

 57954 57958 579516 1 (mod 21)

579532 579564 1 (mod 21)

• 579572 579564 * 57958 20 (mod 21)

• Calculate multiplicative inverse of 47981 (mod 95963)

• 95963 = 2(47981) + 1

 1(95963) -2(47981) = 1

 -2(47981)  1 (mod 95963)

 required multiplicative inverse = -2

• Prove ac  bc (mod p) and GCD(c, p) = 1 imply a  b (mod p) for prime p

• Since GCD(c, p) = 1, there exists

c’ = multiplicative inverse of c (mod p)

• ac  bc (mod p)

 acc’  bcc’ (mod p)

 a  b (mod p)

• Given a  b (mod p) and b  c (mod p) implies a  c (mod p)

• And a  b (mod p) implies a+cb+c (mod p)

• Prove a  b (mod p) and c  d (mod p) imply a + c  b + d (mod p) for prime p

• Prove a  b (mod p) and c  d (mod p) imply a + c  b + d (mod p) for prime p

• a  b (mod p)  a + c  b + c (mod p)

• c  d (mod p)  c + b  d + b (mod p)

 a + c  b + c  c + b  d + b (mod p)

 a + c  b + d (mod p)

• Explain why a number written in decimal is divisible by 9 if and only if the sum of its digits is a multiple of 9

• 10  1 (mod 9)

 10k 1k  1 (mod 9)

• All decimal number, d, can be written in form:

dk(10k) + dk-1(10k-1) + … + d1(101) +d0

 d  dk + dk-1 + … + d0 (mod 9)

 divisible by 9 if and only if the sum of its digits is a multiple of 9

• Explain why a number written in decimal is divisible by 11 if and only if the difference between the sum of its odd digits and sum of its even digits is a multiple of 11

• 10  -1 (mod 11)

 10k (-1)k (mod 11)

• All decimal number, d, can be written in form:

dk(10k) + dk-1(10k-1) + … + d1(101) +d0

 d  (-1)kdk + (-1)k-1dk-1 + … + (-1)0d0 (mod 11)

 d  dk - dk-1 + dk-2… - d1 + d0 (mod 11)

 divisible by 11 if and only if the difference between the sum of its odd digits and sum of its even digits is a multiple of 11

• Under Turing’s Code (Version 1.0), given key k = 47

• Encrypt message m1 = 569

• Encrypt message m2 = 751

• Get k by having m1 and m2

• Encrypt message m1 = 569

• m1’ = k * m1 = 26743

• Encrypt message m2 = 751

• m2’ = k * m2 = 35297

• How to crack?

• GCD(m1’, m2’) = GCD(m1k, m2k) = k

• 35297 = 1(26743) + 8554

• 26743 = 3(8554) + 1081

• 8554 = 7(1081) + 987

• 1081 = 1(987) + 94

• 987 = 10(94) + 47

• 94 = 2(47) + 0

 GCD(35297, 26743) = 47 = k

• Under Turing’s Code (Version 2.0), given prime p = 89, key k =48

• Encrypt message m = 78

• Compute multiplicative inverse of m (mod p)

• Show how to perform plain-text attack

• Encrypt message m = 78

• m’ = rem (mk, p) = rem (3744, 89) = 6

• Compute m’’ = multiplicative inverse of m (mod p)

• 89 = 78 + 11  11 = 89 - 78

• 78 = 7(11) + 1  1 =78 – 7(11)

 1 = 8(78) – 7(89)

 m’’ = 8

• Plain-text attack: given m’, m and p

• m’  m * k (mod p)

 m’’ * m’  m’’ * m * k  k (mod p)

• m’’ * m’ = 6 * 8  48 (mod p)

 k = 48