Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Cubic function wikipedia , lookup
System of polynomial equations wikipedia , lookup
Quartic function wikipedia , lookup
Eisenstein's criterion wikipedia , lookup
Fundamental theorem of algebra wikipedia , lookup
Polynomial greatest common divisor wikipedia , lookup
Factorization wikipedia , lookup
Root of unity wikipedia , lookup
Factorization of polynomials over finite fields wikipedia , lookup
Cryptology and Number Theory Practice Midterm Exam II Nov. 16, 2016 Instructions Please answer all five questions below. Write clearly and circle your final answers. Show your work for partial credit. The questions will be graded with equal weight. You may use a calculator and one page of notes. Good luck. 1. (a) Find one square root of 7 mod 19. We can compute 7 8.) 19+1 4 ≡ 75 ≡ 11 mod 19. So 11 is one square root of 7. (The other is (b) Find one square root of 374 mod 713 = 23 ∗ 31. 23+1 We can reduce 374 ≡ 6 mod 23, and then compute 6 4 ≡ 66 ≡ 12 mod 23, so 12 is a square root of 374 mod 23. We can also reduce 374 ≡ 2 mod 31, and then compute 31+1 2 4 ≡ 28 ≡ 8 mod 31, so 8 is a square root of 374 mod 31. We now combine these solutions using Sun Ze’s theorem. First, by the Euclidean algorithm, 3 ∗ 31 − 4 ∗ 23 = 1. Then the combined solution, 3 ∗ 31 ∗ 12 − 4 ∗ 23 ∗ 8 = 380 is a square root of 376 mod 713. (The other square roots are 287, 333, and 476.) (c) One square root of 36 mod 423491 is 117203. Using this information, factor 423491 easily. In addition to 117203, 36 has another obvious square root, namely 6. These two roots must be equal modulo some factors of 423491 but not others. Thus we use Euclid’s algorithm to find gcd(117203 − 6, 423491) = 719. We see that 423491 = 719 ∗ 589. 2. Alice has RSA key with modulus 703 and encryption exponent 7. Factor 703 by Pollard’s rho method. Then find Alice’s decryption exponent. To initialize Pollard’s rho method, set x0 ≡ y0 ≡ 2 mod 703. Step 1: x1 ≡ x20 + 2 ≡ 6 mod 703, y1 ≡ (y02 + 2)2 + 2 ≡ 38 mod 703, gcd(38 − 2, 703) = 1. Step 2: x2 ≡ x21 +2 ≡ 38 mod 703, y2 ≡ (y12 +2)2 +2 ≡ 196 mod 703, gcd(196−38, 703) = 1. Step 3: x3 ≡ x22 +2 ≡ 40 mod 703, y3 ≡ (y22 +2)2 +2 ≡ 553 mod 703, gcd(553−40, 703) = 19. We can then factor 703 = 19 ∗ 37. With this factorization, we can compute φ(703) = φ(19) ∗ φ(37) = 18 ∗ 36 = 648. The RSA decryption exponent d ≡ 7−1 ≡ 463 mod 648. 3. Find the 18th cyclotomic polynomial, φ18 (x). How many primitive roots are there modulo 19? Find them all. We can factor x18 − 1 = φ1 (x)φ2 (x)φ3 (x)φ6 (x)φ9 (x)φ18 (x) = (x − 1)(x + 1)(x2 + x + 1)(x2 − x + 1)(x6 + x3 + 1)(x6 − x3 + 1) The last factor, x6 − x3 + 1 is the 18th cyclotomic polynomial. Since this has degree 6, there are 6 primitive roots mod 19. We just need to find the roots of the polynomial equation x6 − x3 + 1 ≡ 0 mod 19. Trial and error shows that 2 is a root. The six roots are all of the form 2r , where r is coprime to 18. They are 21 ≡ 2, 25 ≡ 13, 27 ≡ 14, 211 ≡ 15, 213 ≡ 3, and 21 7 ≡ 10 mod 19. 4. Use the Miller-Rabin test to show that 337 is prime with a less than 1/64 chance of error. First we factor 337 − 1 = 24 ∗ 21. In order to get a 1/43 chance of error, we need to do Miller-Rabin with three different bases. I’ll use b = 2, 3, 5. For b = 2, we compute 221 ≡ 1 mod 337. Then all subsequent powers will also be 1 and the test is passed. For b = 3, we compute 321 ≡ 252, 342 ≡ 148, 384 ≡ −1, 3168 ≡ 1 mod 337. The test is passed. For b = 5, we compute 521 ≡ 191, 542 ≡ 85, 584 ≡ 148, 5168 ≡ −1, 5336 ≡ 1 mod 337. The test is passed. We conclude that 337 is very likely to be prime. 5. Design a key exchange for three people, similar to the Diffie-Hellman key exchange. The goal is for Alice, Bob, and Carl to agree upon a shared secret. Even if Evil Eve intercepts all the communication between them, she cannot recover the secret without doing a prohibitively difficult computation. Here is an elegant solution: the three participants agree on a prime p and primitive element b mod p. Alice chooses random integer x, Bob chooses random integer y, and Carl chooses random integer z. They keep these integers secret. Alice sends Bob bx , Bob sends Carl by , and Carl sends Alice bz . Alice computes (bz )x and sends it to Bob; Bob computes (bx )y and sends it to Carl; Carl computes (by )z and sends it to Alice. Now the shared secret is bxyz , which Alice can compute as ((by )z )x , Bob can compute as ((bz )x )y , and Carl can compute as ((bx )y )z . Even if Eve intercepts all their communication, she cannot recover the secret unless she knows x, y, or z, which is a discrete log problem. Here is an ugly but equally effective solution: Bob and Carl each set up a public key cryptosystem like RSA or El Gamal. Alice simply chooses the shared secret and sends it, encrypted, to each of them.