Download Vectors and Vector Operations

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
Document related concepts

Wiles's proof of Fermat's Last Theorem wikipedia , lookup

Large numbers wikipedia , lookup

Georg Cantor's first set theory article wikipedia , lookup

Addition wikipedia , lookup

Elementary mathematics wikipedia , lookup

Collatz conjecture wikipedia , lookup

List of prime numbers wikipedia , lookup

Proofs of Fermat's little theorem wikipedia , lookup

Quadratic reciprocity wikipedia , lookup

Transcript 
3.6 RSA Cryptography
Cryptography is the science of coding and decoding messages. Over the years many
methods for coding messages have been developed. Many of them involve converting
the text to numbers and using some algebraic method for coding the corresponding
numbers. Quite a few of these methods involve modular arithmetic. In this section we
look at the RSA cryptography method developed in the 1970's and named after Ron
Rivest, Adi Shamir and Leonard Adleman.
3.6.1 The Method
RSA cryptography is very simple in principle. It is based on powers and roots mod p. If
someone wants to send a message to you, they convert the text to a sequence m1, m2 …mR
of numbers, raise each number to a power e and mod by another number n.
(1)
cj = (mj)e mod n
j = 1, 2, …, R
The coded message is then this new sequence of c1, c2 …cR of number which they send to
you.
To decode the message, you take the eth root of each of the cj, i.e.
mj =
e
cj mod n = (cj)1/e mod n
j = 1, 2, …, R
It turns out that the operation of taking eth roots mod n is equivalent to raising to a
complementary power d that depends on the factorization of n. If n = pq where p and q
are primes then d is the reciprocal of e mod (p-1)(q-1).
To summarize, to decode the message, raise each of the numbers c1, c2 …cR in the coded
message to the complementary power d and mod by the same number n.
(2)
mj = (cj)d mod n
j = 1, 2, …, R
The result is the original sequence m1, m2 …mR of numbers that you convert back to the
original text.
The numbers n and e are not arbitrary. You begin by choosing two primes p and q and
forming the number n = pq as the product of p and q. In practice, the primes are very
large. Currently they each need to be at least 200 digits long.
Then you choose the power e to be a number that has no factor in common with p – 1 and
q – 1. Also e should be less than (p – 1)(q – 1).
Finally, the complementary power d is the inverse of e mod (p – 1)(q – 1)
3.6.1 - 1
d = e-1 mod (p - 1)(q – 1)
You tell the world n and e. There is no secret to n and e. However, you keep the
factorization of n as n = pq a secret. You also keep d a secret. With current factoring
methods there is no way someone else can find the factorization of n and hence d in a
reasonable amount of time.
If someone wants to send you a confidential message, they convert the message to a
sequence of numbers each less than n. Then they use (1) to code the sequence and send
the coded sequence to you. They don't have to keep the coded sequence a secret either.
When you receive the message, you decode it using (2). No one else can decode it since
they don't know d.
Example 1. Let's do an example with small numbers to illustrate this.
To begin with you need to choose two primes p and q. Since we are using small numbers,
let's take p = 3 and q = 11. Then n = pq = (3)(11) = 33.
Next we need to choose the power e so that it has no factor in common with p – 1 and
q - 1. Here p – 1 = 2 and q - 1 = = 10. So e should have no factor in common with 2 and
10. In other words e should not have 2 or 5 as a factor. We can choose e = 3.
Finally we choose d to be the inverse of e mod (p – 1)(q – 1). In this case
(p - 1)(q - 1) = (2)(10) = 20. So d is the inverse of 3 mod 20. Thus d satisfies
3d mod 20 = 1. Ordinarily we would use the Euclidean algorithm to find d. However, in
this case we can see that d = 7 since (3)(7) = 21 and 21 mod 20 = 1.
We also have to decide on a method for converting the text of a message to numbers.
Since this is just an illustrative example, let's do this as simply as possible. We convert
each letter in the message to the number which is its position in the alphabet. Thus a is
converted to 1, b to 2, and so on with z being converted to 26. Let's convert a space to 27.
We tell the world n = 33, d = 3 and this method to convert text to a sequence of numbers.
Now suppose someone wants to send you a confidential message. For example, suppose
Sue wants to send you the message
(3)
go blue
First she converts each letter to its position in the alphabet with a space being converted
to 27. This gives the following sequence of numbers
(4)
m1, m2, m3, m4, m5, m6, m7 = 7, 15, 27, 2, 12, 21, 5
Next she codes each number mj using (1). For example
3.6.1 - 2
c1 = (m1)e mod n = 73 mod 33 = 343 mod 33 = 13
After doing this the sequence (4) is converted to
(5)
c1, c2, c3, c4, c5, c6, c7 = 13, 9, 15, 8, 12, 21, 26
This sequence of numbers is the coded message which she sends to you.
When you receive it you decode it by first decoding each number cj using (2). For
example,
m1 = (c1)d mod n = 137 mod 33 = 62748517 mod 33 = 7
After doing this the sequence (5) is converted back to (2) which you then convert back to
the text (3).
Why does RSA work?
The reason why RSA works relies on some elementary properties of mod and one not as
elementary property of mod. Here is what happens with the first letter of the above
message
convert to
number

letter
g

code

decode

73 mod 33 = 18
7
187 mod 33 = 7
convert back
to letter

g
If we disregard the conversions between letters and numbers, then what we have is the
following
number
m

code

me mod n = c
decode

cd mod n
So in order for the decoding to give the original number m we need
(6)
(me mod n)d mod n = m
Recalling the algebraic properties of mod from section 3.4, in particular formula (6)
in Propostion 1, then (6) is equivalent to
med mod n = m
Since d is the reciprocal of e mod (p – 1)(q – 1) one has
ed = 1 + k(p – 1)(q – 1)
3.6.1 - 3
for some integer k. So we need to show
(7)
m1 + k(p – 1)(q – 1) mod n = m
The starting point for showing this is Fermat's little theorem.
Theorem 1. If p is a prime then
(8)
p-1
m
 1
mod p = 
 0
if m is not divisible by p
if m is divisible by p
We postpone the proof until the end. However, let's look at a few examples.
Example 2. Verify (8) if p = 5.
Solution. In this case p – 1 = 4, so (8) says m4 mod 5 = 1 if m is not divisible by 5. One
has
14 mod 5 = 1 mod 5 = 1
24 mod 5 = 16 mod 5 = 1
34 mod 5 = 81 mod 5 = 1
44 mod 5 = 256 mod 5 = 1
It follows form (8) that
k(p-1)(q-1)
m
 1
mod p = 
 0
if m is not divisible by p
if m is divisible by p
 m mod p
m1 + k(p-1)(q-1) mod p = 
 0
if m is not divisible by p
if m is divisible by p
= m mod p
By symmetry it follows that
m1 + k(p-1)(q-1) mod q = m mod q
The remaining ingredient in the proof (7) is the Chinese Remainder Theorem
3.6.1 - 4
Theorem 2. If p and q are primes and a is a number between 0 and p – 1 and b is a
number between 0 and q – 1, then there is a unique number m between 0 and pq – 1 such
that both of the following hold.
m mod p = a
m mod q = b
Before showing this, let's do an example.
Example 3. Find m between 0 and 32 shuch that
m mod 3 = 2
m mod 11 = 6
Solution. Since
3.6.1 - 5
Related documents
REVIEW SENTENCE, FRAGMENT, RUN
REVIEW SENTENCE, FRAGMENT, RUN
Problem Set 8 The getting is
Problem Set 8 The getting is
[Part 2]
[Part 2]
(1) Find all prime numbers smaller than 100. (2) Give a proof by
(1) Find all prime numbers smaller than 100. (2) Give a proof by
MAS144 – Computational Mathematics and Statistics A (Statistics)
MAS144 – Computational Mathematics and Statistics A (Statistics)
Name: Math 111 - Midterm 1 Review Problems
Name: Math 111 - Midterm 1 Review Problems
Math 4707 Intro to combinatorics and graph theory
Math 4707 Intro to combinatorics and graph theory
Determine the number of odd binomial coefficients in the expansion
Determine the number of odd binomial coefficients in the expansion
ppt
ppt
Solving Linear Congruence
Solving Linear Congruence
1 - Seneca College
1 - Seneca College
Primality Tests (2pp.)
Primality Tests (2pp.)