1 / 118

1.18k likes | 1.29k Views

Security in Computing Chapter 12, Cryptography Explained Part 2. Summary created by Kirk Scott. This set of overheads corresponds to the second portion of section 12.1 in the book The overheads for Chapter 12 roughly track the topics in the chapter Keep this in mind though:

Download Presentation
## Security in Computing Chapter 12, Cryptography Explained Part 2

**An Image/Link below is provided (as is) to download presentation**
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.
Content is provided to you AS IS for your information and personal use only.
Download presentation by click this link.
While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

**Security in ComputingChapter 12, Cryptography ExplainedPart**2 Summary created by Kirk Scott**This set of overheads corresponds to the second portion of**section 12.1 in the book • The overheads for Chapter 12 roughly track the topics in the chapter • Keep this in mind though: • On some topics I simply go over the book’s material • On other topics I expand on the book’s material in a significant way • You are responsible not just for what’s in the book, but also what’s in the overheads that’s not in the book**Book Section 12.1, Mathematics for CryptographySubsection**Heading: Properties of Arithmetic • These are the sub-subheadings covered in this portion of the overheads: • Inverses • Primes • Greatest Common Divisor • Euclidean Algorithm • Modular Arithmetic • Example • These topics may be covered in a different order and in more or less detail than in the book**Math for Encryption**• 1. Thinking Concretely about Division and Remainders. The Euclidean Algorithm for Finding the Greatest Common Divisor. • 2. Algebraic Background • 3. Modular Arithmetic and Modular Fields**1. Thinking Concretely about Division and Remainders. The**Euclidean Algorithm for Finding the Greatest Common Divisor.**Prime Number, Definition**• Any integer greater than 1 that has only 1 and itself as factors is prime. • Historically, the number 1 has occasionally been treated as a prime number. • It is certainly true that it only has 1 and itself as factors. • It is generally not included in the definition of primes, not because it fails in some way, but because it has so many other unique characteristics, that classifying simply as prime does not do it justice.**Composite Number, Definition**• A number which is not 1 and not prime is composite. • In other words, an integer greater than 1 which has factors other than 1 and itself is composite.**Greatest Common Divisor, Definition**• The greatest common divisor is the largest integer which is a factor of two other integers. • The notation is usually given as follows: • Given a and b, positive integers, gcd(a, b) = x is the largest integral factor of a and b. • Note that x <= a and x <= b.**Relatively Prime, Definition**• Given 2 positive integers, a and b, if the gcd(a, b) = 1, then a and b are relatively prime. • Both a and b may be composite. • If you did a prime factorization of a and b you would find that they have no prime factors in common.**Finding the gcd(a, b)**• One approach to finding the greatest common divisor of 2 positive integers: • Find the prime factorization of each. • The product of the prime factors they have in common forms the greatest common factor or greatest common divisor.**Example of Finding the gcd(a, b)**• For example: • 72 = 2 * 2 * 3 * 3 • 30 = 2 * 3 * 5 • The common prime factors of the two numbers are 2 and 3. • 2 * 3 = 6 is their greatest common divisor.**The Euclidean Algorithm**• This is an algorithm for finding the gcd • It is iterative in nature • It is suitable for implementation in a computer program • It does not involve finding the prime factorizations of a and b**An Explanation of the Euclidean Algorithm without Proof**• Let x = gcd(a, b) • Suppose a > b • Suppose you did modular arithmetic: • a % b remainder r • x also goes into r evenly**Informally, this is why:**• a is a multiple of x • b is a multiple of x • subtract one multiple of x from another and what’s left should be a multiple of x • Then gcd(a, b) = gcd(b, r)**This is iterative; repeat the process**• r < b • b % r new, smaller r1 • If x went into b and r, it will go into r1 evenly • The gcd(a, b) = gcd(b, r) = gcd(r, r1) • This will eventually converge to rn = 0 • At that point, you can conclude that rn-1 = x**A More Formal Explanation of the Euclidean Algorithm**• Let integers a and b be given. • Let x = gcd(a, b) • Without loss of generality, assume that a > b. Then it is possible to write the following: • a = m • b + r**a = m • b + r**• Since x = gcd(a, b), then there must be some values a1 and b1 such that: • a = a1x, and b = b1x • Now substitute these expressions for a and b into the expression relating a and b: • a1x = mb1x + r**a1x = mb1x + r**• Now solve the expression for r: • r = mb1x – a1x • r = x(mb1 – a1) • Conclusion: • x, the gcd(a, b), is also a factor of r • x goes evenly into r**So you know that gcd(a, b) = x goes into r**• There are now two intertwined questions: • Is x the gcd(b, r)? • Is the gcd(b, r) = gcd(a, b)? • In other words, is the following true: • gcd(a, b) = x = gcd(b, r)**The way to show this is to consider and eliminate two cases:**• 1. gcd(b, r) = y is less than gcd(a, b) = x • 2. gcd(b, r) = y is greater than gcd(a, b) = x • If you can eliminate theses cases, the conclusion is that x = gcd(b, r) = gcd(a, b)**Case 1:**• Could this be true? gcd(b, r) = y < x = gcd(a, b). • By definition, gcd(a, b) is a factor of b. • The preceding sequence of steps showed that gcd(a, b) is also a factor of r. • Thus, gcd(a, b) goes into both b and r • This means that gcd(b, r) has to be at least as big as gcd(a, b) • In other words, y cannot be less than x**Case 2:**• Could this be true? gcd(b, r) = y > x = gcd(a, b). • Since y = gcd(b, r), there must be some values b2 and r2 such that: • b = b2y and r = r2y • Now go back to the original expression relating a, b, and r: • a = mb + r**a = mb + r**• Now substitute the expressions in y for b and r in the expression relating a, b and r: • a = mb2y + r2y • Factoring the previous expression gives: • a = y(mb2 + r2)**In other words, y is a factor of a.**• y is also a factor of b. • As a common factor of a and b, y cannot be greater than gcd(a, b)**Case 1 showed that y = gcd(b, r) is at least as big as x =**gcd(a, b) • Case 2 showed that y = gcd(b, r) can’t be greater than x = gcd(a, b) • Therefore y = gcd(b, r) = x = gcd(a, b) • Having shown this for the first step, with r, the same reasoning applies at every step, for ri**An Outline of the Iteration**• Given a and b, it is possible using integer division and modulus to find b and r. • The process can then be repeated on b and r. • a = mb + r0gcd(a, b) = gcd(b, r0) • b = m1r0 + r1gcd(b, r0) = gcd(r0, r1) • r0 = m2r1 + r2gcd(r0, r1) = gcd(r1, r2) • … • You stop when you reach a remainder of 0.**An Illustrative Example**• Let a = 72 and b = 30. • 72 = 2 * 30 + 12 a = 72, m =2, b = 30, r0 = 12 • 30 = 2 * 12 + 6 b = 30, m1 = 2, r0 = 12, r1 = 6 • 12 = 2 * 6 + 0 r0 = 12, m2 = 2, r1 = 6, r2 = 0 • The final remainder is 0 and the remainder before that was 6. • According to the algorithm, gcd(72, 30) = gcd(30, 12) = gcd(12, 6) = gcd(6, 0) • gcd(a, b) = gcd(6, 0) = 6 because anything divides 0 and 6 is the largest divisor of 6**Another Example**• Consider the case where a and b are relatively prime. • You know their gcd should come out as 1. • Let a = 17 and b = 6 • 17 = 2 * 6 + 5 • 6 = 1 * 5 + 1 • 5 = 5 * 1 + 0 • The gcd(17, 6) = gcd(1, 0) = 1**How Do You Know This Really Converges to 0?**• Consider the following points: • At every step, rj < ri. • All ri >= 0. • All ri are integers. • Logic tells you that r is eventually going to reach 0. • That may not be very satisfying. • There may be a more intuitive argument, but I won’t pursue that.**Algebras in general are defined in terms of one or more**operators and a set of values which the operators can be applied to. • For the purposes of the initial exposition below, let a single operator be represented by • and the set of interest be S. • Within an algebraic system, certain properties can be defined.**Properties of Algebra**• Here are the definitions of some of the properties of an algebraic system: • Closure: Given a, b ε S, a • b ε S. • The result of the operation is also in the set • Identity: Given some arbitrary a ε S, there is an i ε S such that a • i = i • a = a. • The identity gives the element a back. • For the familiar operations + and * the identities are 0 and 1, respectively.**Inverse: For some a ε S, its inverse is a-1 ε S such that**a • a-1 = i. • a and its inverse give the identity back. • In a regular system of arithmetic over the reals, note that the additive identity, 0, does not have a multiplicative inverse • There’s nothing you can multiply 0 by to get 1 back as a result; you only get 0 back as a result.**The Associative Property: For a, b, c ε S, (a • b) • c**= a • (b • c). • It doesn’t matter how you group the operands. • The Commutative Property: For a, b ε S, a • b = b • a. • The order of the operands doesn’t matter.**The Distributive Property: Given two operations on the set,**+ and *, * distributes over + if the following holds: • For a, b, c ε S, a * (b + c) = (a * b) + (a * c). • In regular arithmetic, multiplication distributes over addition; addition doesn’t distribute over multiplication. • In a two operation system, (the inverses of) the operations do not have exactly the same characteristics.**Commentary on Alternative Systems, Commutativity, and the**Inverse • We are accustomed to the way things work with the familiar arithmetic operations + and *. • In the real numbers all elements have inverses except for a multiplicative inverse of 0. • For example, the additive inverse of 1 is -1 and the multiplicative inverse of 7 is 1/7. • Depending on the set of values and the operation of a system, some values may not have inverses. • If you restrict yourself to the set of integers, no values except 1 and -1 have multiplicative inverses. • If you restrict yourself to the set of positive integers, there are no additive inverses.**Other systems can have even stranger characteristics.**• In the reals, the inverse is commutative • a • a-1 = a-1 • a = i . • In some systems the commutative property may not hold for inverses. • Elements of the set could have a left inverse which was not an inverse on the right, and vice-versa.**Algebraic Structures**• The algebraic structures will seem obscure at the moment. • What good are they? • It turns out that significant encryption systems are based on modular arithmetic • Modular arithmetic is not like regular arithmetic • It behaves differently**You will eventually see that modular arithmetic embodies one**of the algebraic structures that will be presented. • The behavior of modular arithmetic IS the behavior of that algebraic structure. • A sequence of structures will be presented. • The definitions of the later structures are stated in terms of the definitions of the earlier ones.**There are three basic algebraic structures:**• Groups • Rings • Fields • To cut to the chase, modular arithmetic embodies an algebraic field • In order to understand what a field is, you have to proceed through the definitions of groups and rings • These algebraic structures will be presented below.**Algebraic Groups**• An algebraic group consists of a set S • The group has one operation, say • • The set and operation have these 4 properties: • Closure under •. • Identity under •. • An inverse for all elements of the set under •. • Associativity under •.**Commentary on Groups**• Notice that commutativity is NOT one of the properties of a group. • There are groups which are commutative and it is generally easier to think of an example of a commutative group than a plain group. • For instance, consider the positive and negative integers under addition. • This satisfies all four of the requirements for a group. • In addition the commutative property holds.**A Biographical Interlude**• From Widipedia: • “NielsHenrik Abel (5 August 1802 – 6 April 1829) was a noted Norwegianmathematician[1] who proved the impossibility of solving the quintic equation in radicals… he invented (independently of Galois) an extremely important branch of mathematics known as group theory…”**From Wikipedia, continued:**• “Mathematician Felix Klein wrote about Abel: • ‘…I will not sound absurd if I compare his kind of productivity and his personality with Mozart's…’”**Commutative groups are known as abelian groups in his honor.****Matrix Algebra: A System that Differs from the Reals**• What follows is not a full exposition of the questions of commutativity and inverses. • It is simply an illustration of the fact that you have encountered mathematical constructs where not all of the familiar rules of algebra in the integers or reals apply. • Matrix algebra has characteristics that differ.**Let A be an m x n matrix.**• Let B be an n x p matrix. • Let the • represent standard matrix multiplication. • Then A • B is a well defined operation because A has the same number of columns as B has rows.**On the other hand, A • B ≠ B • A because B • A is**not even a valid product, assuming that p ≠ m. • Thus, in general, matrix multiplication is NOT commutative. • It is commutative only in the special case of square matrices.**The zero matrix of any size has no inverse.**• A non-zero matrix might also have no inverse. • A given non-zero matrix might also have an inverse on one side but not the other. • Examples will be given. • If the matrix is not square, even if it had inverses on both sides, those inverses couldn’t be the same because they would have different numbers of rows and columns.**First of all, consider any zero matrix such as the**following: • There is no 2 x 2 matrix that it can be multiplied by to arrive at the identity:

More Related