1 / 103

NUMBER THEORY AND ALGEBRA

NUMBER THEORY AND ALGEBRA. ℤ  set of integers { . . . . -3, -2, -1, 0, 1, 2, 3, . . . } a , b , c , d - integers & belong to set ℤ algebraic operations –: “+”, “-”, and “  ” – valid with set a + b , a – b , a + b + c + d , a  b , b  d

lois-gaines
Download Presentation

NUMBER THEORY AND ALGEBRA

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NUMBER THEORY AND ALGEBRA

  2. ℤ  set of integers { . . . . -3, -2, -1, 0, 1, 2, 3, . . . } • a, b, c, d - integers & belong to set ℤ • algebraic operations –: “+”, “-”, and “” – valid with set • a + b, a – b, a + b + c + d, ab, bd •  all integers &belong to set ℤ • members of ℤ satisfy • {addition, subtraction, multiplication} rules • {commutation, association, distribution} laws

  3. Associative laws: • (a + b) + c = a + (b + c) • (ab) c = a (bc) • Commutative laws: • a + b = b + a • ab = ba • Distributive law: • (a + b) c = ac + bc • ring  set members satisfy • addition, subtraction, multiplication & • associative, distributive laws • commutative ring  satisfies commutative property - additional

  4. commutative ring examples - set of real numbers, set of complex numbers • infinite commutative rings  set with infinite number of members other examples of rings, commutative rings, infinite commutative rings? • Division • a, b – integers: a > b. • a divisible by b? • Yes  quotient q: integer & q ℤ • b ‌∣ a ‘b divides a’ • c ∤ a ‘c does not divide a’

  5. a, b, & c ← integers • c ∣ a & c ∣ b c common factor of a & b • 80808 & 31863 ← 3, 13 – common factors • greatest common denominator – gcd (80808, 31863)  related & important concept • school book approach to get gcd  Factorize 80808 & 31863 as product of prime numbers • 80808 = 2  2 2  3  7 13  37 • {2, 2, 2, 3, 7, 13, 37}← factor set of 80808 • 31863 = 3  13 19  43 • {3, 13, 19, 43} ← factor set of 31863 • {3, 13 } ← common factors set of 80808 & 31863 • 3  13 = 39 ← desired gcd. •  gcd(80808, 31863) = 39

  6. Euclidean algorithm - Division for Euclidean algorithm

  7. Division for Euclidean algorithm – cont’d

  8. remainder = 0 ?  stop • previous remainder – 39  desired gcd • Generalize for set (a, b) with a > b • a = q2 b + r2: q2 quotient & r2 remainder • b = q3 r2 + r3 continue until remainder = 0 • r2 = q4 r3 + r4 • r3 = q5 r4 + r5 . • . . . . • rn-2 = qn rn-1 + rn • rn-1 = qn+1 rn + 0 •  gcd(a, b) = rn

  9. rn ∣ rn-1 gcd(rn , rn-1 ) = rn • ri = qi+2 ri+1 + ri+2 • Any divisor of ri & ri+1 divisor of ri+2 • gcd(ri , ri+1 ) = gcd(ri+1 , ri+2 ) • equation valid for all i • gcd(a , b ) = rn .

  10. Algorithm 1.1 Euclidean Algorithm Input: a, b Output: gcd (a, b) r0 ←a r1 ←b n ←1 while rn ≠ 0 n ← n – 1 gcd (a, b) ← rn

  11. Euclidean algorithm - Computational process flow & Results

  12. Retrace steps of Euclidean Algorithm •  ‘Extended Euclidean Algorithm’ • r2 = a - q2b; Substitute in Equation for r3 • r3 = b - q3 (a - q2b) • = - q3a + (q2q3 + 1) b; Substitute in Equation for r4 • r4 = r2- q4 (b - q3r2) • = (q3q4 + 1) a - (q2 + q4 + q2q3q4) b: Continue until rn • rn = ua + vb: u & v – integers •  expresses gcd (a, b) as linear combination of a & b. • Let gcd (a, b) = c  • u a + vb = c ← linear Diophantine equation in u and v • Given a, b, & c, infinite set of solutions for the (u, v) pair • Wade through sequence of equations in Euclidean algorithm to get gcd (a, b) & get (u, v) pair values

  13. Algorithm 1.2 Extended Euclidean Algorithm Input: a, b: Output: gcd (a, b); u, v r0 ← a; r1 ← b u0 ← 1; u1 ← 0 v0 ← 0; v1 ← 0 n ← 1 while (rn+1 ≠ 0) n ← n -1 gcd(a, b) ← rn; u ← un; v ← vn

  14. Computational process flow for extended Euclidean algorithm

  15. Solve linear Diophantine equation for (a = 80808, b = 31863) • use extended Euclidean algorithm  get u & v values

  16. • u a + vb = c • Extended Euclidean algorithm  set (u0, v0):  Add & subtract  (u0 + kb) a + (v0 – k b ) = c ←generalized version • Diophantine equation  infinite number of solutions • set (u0, v0)  particular solution

  17. Modular algebra • a & m integers: a > m • express a as • a = qm + rq - quotient & r- remainder • r – ‘residue’ – obtained by dividing a by m • residue r can represent a • r called ‘a modulus m’ - expressed as  • r≡a (mod m ) • r ← representation can be generalized and used for all a ℤ. • Examples • 2 ≡ 14 (mod 12) • 2 ≡ 26 (mod 24) • 2 ≡ 38 (mod 36) • representation - visualized as arranging integers in circular fashion as with a clock

  18. Integers arranged to conform to congruence modulo 12

  19. 2 ≡ - 10 (mod 12) ←negative numbers •  addpositive / negative multiples of 12 (in general m) to number & • bring result within (0, 1, 2, 3, . . . ,11) range. • . – 22,-10, 2,14, 26, . same representation  2 • . – 23,-11,1,13, 25, . same representation  1 • . – 22, -10, 2, 14, 26, . ‘congruent modulo 12’ Generalize:a, b, & c - 3 integers: • a (mod m) = b (mod m) = c (mod m) • a, b, & c – ‘congruent’

  20. congruence property expressed as • a≡b (mod m) • ≡c (mod m) •  a - b, b - c, a – c divisible by m • additional examples: • 12 ≡ 18 (mod 15) • - 3 ≡ -18 (mod 15) • 12 ≡ - 3 (mod 15) • 7 ≡ 18 (mod 11) • 4 ≡ - 18 (mod 11) • [0, 1, 2, . . . ,m-1]←‘the set of least residues’-ℤm. Cryptography starts here 

  21. set of integers {. . . -2m, -m, 0, m, 2m, . . } •  same representation – 0 – in ℤm • set of integers {. . -2m+a, -m+a, a, m+a, 2m+a, . . . }  same representation – a – in ℤm • set – {. . -2m+a, -m+a, a, m+a, 2m+a, . . . } – is called ‘the residue class [a]m’ • [3]13 = {. . . -23, -10, 3, 16, 29, . . } • [0]13 = {. . . -26, -13, 0, 13, 26, . . . } • smallest positive number of a residue class is present in the set of least residues • given integer c, identifying an a ℤm such that • a≡c (mod m)  ‘reducing c modulo m’.

  22. extend concepts of basic algebraic operations to ℤm • add 25 & 47 with m = 7 • (25 + 47)(mod 7) ≡ 72 (mod 7) ≡ 2 • same can be obtained as • (25(mod 7) + 47(mod 7))(mod 7) ≡ (4 + 5) (mod 7) ≡ 2 • Similarly (25 – 47)(mod 7) ≡ (-22) (mod 7) ≡ 6 • Alternatively • (25 – 47)(mod 7) ≡ (25(mod 7) – 47(mod 7))(mod 7) • ≡ (4 – 5) (mod 7) ≡ 6 • add two integers in ℤ7; reduce result modulo 7,  result in ℤ7 See table for general addition of two numbers a and b (mod 7) 

  23. Addition of a & b modulo 7 • modular addition / subtraction using of look-up table not practical • Use relations • (a + b)(mod m) ≡ (a(mod m) + b(mod m))( mod m) • (a – b)(mod m) ≡ (a(mod m) – b(mod m))( mod m)

  24. extend concept to modular multiplication • (25  47)(mod 7) ≡ (25(mod 7)  47(mod 7))(mod 7) • ≡ (4  5)(mod 7) ≡ 20(mod 7 ) ≡ 6 • same result obtained as • (25  47)(mod7) ≡ 1175(mod7) ≡ 6 • multiply two integers in ℤ7 are & reduce result modulo 7  result in ℤ7 • Modular multiplication of a & b (mod 7) ? •  use table 

  25. Table for ‘mod 7’ multiplication • Modular multiplication using table is not practical • Use relation • (ab)(mod m) ≡ (a(mod m) b(mod m))(mod m)

  26. Consider integers 3 & 4 in ℤ7 • (3 + 4)(mod 7) ≡ 0 • role of 4 in ℤ7 same as that of -3 in ℤ • 4 ‘additive inverse’ of 3 in ℤ7 & vice versa • Every element in ℤ7 has an additive inverse •  a unique inverse ← also an element of ℤ7 • generalized version: • For any integer a ℤm, b ℤm is the additive inverse of a if (a + b)(mod m) ≡ 0 • a is the additive inverse of b • Additive inverse - a unique element in ℤm • m - even integer? inverse of m/2 is m/2 itself.

  27. Extend concept of inverses to multiplicative inverses • a & b ℤm : • b is multiplicative inverse of a if ab≡ 1(mod m) • multiplicative inverse of a designated a-1  a-1≡b • roleof a-1 in ℤm same as reciprocal of a as a real number • multiplication of c ℤm by a-1 ← analogous to dividing c by a in the set of real numbers • When m is a small integer, use ‘table of multiplicative inverses’ for modular algebra All non-zero elements of ℤ7 & their respective inverses • Two facts  • Every integer in ℤ7 has a multiplicative inverse. • a given integer has one & only one multiplicative inverse

  28. Table  multiplication table for ℤ6 • 5 has an inverse which is 5 itself 5-1 = 5 • No multiplicative inverses for 2,3,&4 in ℤ6 •  they have a common divisor with 6! • With a, bℤm, a has multiplicative inverse b • iff gcd (a, m) =1

  29. Proof: • Let a≡b-1(mod m) •  ab≡ 1(mod m) • = 1 + mc for some cℤ •  ab – mc = 1 • Invoke Diophantone! •  gcd (a, m) = 1 •  aℤm has multiplicative inverse iffgcd (a, m) = 1

  30. Use multiplicative inverse to carry out equivalent of division in ℤm • Example in ℤ7: • 3/4  3  4-1 • Use table of inverses •  4-1 ≡ 2 (mod 7) • (mod 7) • ≡ 6 (mod 7)

  31. Similarly • m is small? •  Use table of inverses & multiply by inverse of divisor • for‘division’ • Not practical with values of m used in cryptography • Use extended Euclidean algorithm • Solve Diophantine Equation •  get multiplicative inverse • & do ‘division’

  32. Obtain 3407-1(mod 4363) • (Incidentally 3407 and 4363 are primes) • Use extended Euclidean algorithm • -1536  4363 + 1967  3407 = 1 • Or • 1967  3407 = 1 + 1536  4363 • 3407-1≡ 1967 (mod 4363)

  33. gcd (a, b) =1 a & brelatively prime •  also called ‘coprimes’. • 27 & 28 ← coprimes. • 27 & 30 not relatively prime - not coprimes • ℤ*m← All numbers relatively prime to m in ℤm • ℤ*m. = {all a ℤm such that (a, m) = 1} • ℤ*14 = {1, 3, 5, 9, 11, 13} • 7  ℤ*14 • All elements in ℤ*m have inverses (mod m) • 3 has inverse in ℤ14 ; 7 does not have inverse

  34. total number of elements in ℤ*m  (m) • (m) ←‘Euler phi function’ or ‘Euler totient function’ • ℤ*14 = {1, 3, 5, 9, 11, 13}  (14) = 6 • ℤ*7 = {1, 2, 3, 4, 5, 6}  (7) = 6 • If p is prime number •  all a ℤp relatively prime to p •  ℤ*p = ℤp  (p) = p – 1 • 7 is a prime  ℤ*7 = ℤ7 • (7) = 6 • 29 is a prime number  (29) = 28

  35. * • m = 9, n =5, and r = 2 • Table lists values (2 + 5i )(mod 9) for all i from 0 to 8 • (2 + 5i )(mod 9) congruent to  elements of ℤm • r, n, m ℤ, m & n being relatively prime  • r, r+n, r+2n, . . . r + (m-1)n ← congruent to ℤm (= {0, 1, 2, . . . m-1}) • Let i, j ℤ both being less than m: • Suppose in + r≡jn + r (mod m) This implies i n ≡jn (mod m) ← contradicts the assumption • in + r ≠ (jn + r) (mod m) r, r+n, r+2n, . . . r + (m-1)n • distinct from each other - form elements of ℤm in some order

  36. Multiplicative property of : gcd (m, n) = 1 (mn) =(m) (n) * • Arrange integers 1 to mn in matrix form as in Table • n columns and m rows

  37. * • Let i ℤm* i has common factor with m •  All elements in ith row have common factor with m • Generalize  elements in all such rows not in ℤmn* •  restrict to rows with index i ℤm* to identify elements in ℤmn* • Consider numbers in first (top) row in Table • According to above lemma, they are congruent modulo n to ℤn • (n) of these are in ℤm* and hence in ℤmn* • Similarly with all (m) rows in [4] above • (mn) = (m) (n)

  38. Generalize • m1, m2, m3, . . mk – relatively prime •  (m1 m2 m3. . . mk) = ( m1) ( m2) ( m3). . . . ( mk) •  Withp1 and p2 – two primes • (p1p2) = (p1- 1) (p2– 1) • Generalize • p1, p2, . . ,pk are all prime •  (p1p2. . .pk )= (p1- 1) (p2– 1). . (pk– 1)

  39. Obtain (630) • 630 = 18  35 • (630) = (18)(35) • ℤ18* = {1, 5, 7, 11, 13, 17} • (18) = 6 • (35) = (5)(7) • = 4  6 (since 5 and 7 are primes) • = 24 • (630) = 6  24 • = 144

  40. p is prime & e positive integer : • numbers a for which gcd(a, pe)  1, are all multiples of p less than pe • These are p, 2 p, 3 p, , . . . pe-1 p • There are pe-1of these • ( pe ) = pe - pe-1 • (113 ) = 113 – 112 • = 1210

  41. p1 & p2 be primes; e1& e2← positive integers •  gcd( ) = 1 • ( ) = ( )( ) • = • m = 

  42. Combine properties of (m) & use  • Find (1323) 1323 = 33 72 • (1323) = (33) (7 2) • = (33 – 32) (72 – 7) • = 756 • Find (287375)  287375 = 53 112 19 • (287375) = (53)(112)(19) • (287375) = 287375 • = = 198000

  43. Modular exponentiation of large numbers • Repeated multiplication & modular - tedious • Repeated squaring & selective multiplication - more appealing • Compute 23971(mod 503) • 971 = 29 + 28 + 27 + 26 + 23 + 21 + 20

  44. Continue similarly

  45.  23971≡ 380  216  242  285  252  95  23 (mod 503) • ≡ 401(mod 503)

  46. Generalized procedure to compute c≡ab(mod m) • Express b as binary number as • b = bn-12n-1 + bn-22n-2 + bn-32n-3 + . . . b020 • Make c = 1 & i = 0; make d≡ (mod m) • Get c≡cb0d(mod m). • Make i = i +1;d≡ dd(mod m); c≡cbid(mod m) • Repeat step 6 for all i up to & including i = n-1 • Each number in the sequence (mod m) •  square of the previous one • Procedure given as Algorithm 1.3.

  47. Algorithm 1.3 Fast Exponentiation Algorithm • Input: a, b, m • Output: c≡ab(mod m) • c ← 1; i ← 0; d ← • while (i ≠ n) (b is an n bit number)

  48. prime numbers • p ℤ← not divisible by 1 to p – 1 •  p a prime number • 1,2,3,5,7, 11, 13, 17, 19, 23 ←prime numbers. Properties:. • If a < p gcd(a, p) = 1 • ℤ*p = ℤp • (p) = p – 1 • Every integer ← product of powers of primes. • 84 = 22 3  7 • 84721 = 73 13  19

  49. n ℤp  gcd(n, p) = 1 •  every element in ℤp has a multiplicative inverse • (Additional to additive inverse = p – n) • Algebraic operations - addition, subtraction, multiplication, & division in any combination  ok in ℤp • Get y≡ (435 + 962  321 – 276  3407-1) 751 3407-1(mod 4363) • Substitute 3407-1≡ 1967 (mod 4363) • y ≡ (435 + 962  321 – 276  1967)  751 1967(mod 4363) ≡- 457 (mod 4363) ≡ • ≡ 3906 (mod 4363)

  50. Fermat’s little theorem • a ℤ  p ∤ a  ap-1 ≡ 1(mod p) & • p ∣ a ≡ap-1 ≡ 0(mod p) • Proof: • p ∣ a a = kp where kℤ •  ap-1 = kp-1pp-1 ≡ 0(mod p) • p ∤ a  • b = ak where k ℤp • a & k not divisible by p ak not divisible by p • ak(mod p)  non-zero for every k ℤp

More Related