Survey

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Large numbers wikipedia , lookup

Wiles's proof of Fermat's Last Theorem wikipedia , lookup

Index of cryptography articles wikipedia , lookup

Elementary mathematics wikipedia , lookup

Arithmetic wikipedia , lookup

Proofs of Fermat's little theorem wikipedia , lookup

List of prime numbers wikipedia , lookup

Collatz conjecture wikipedia , lookup

Cryptanalysis wikipedia , lookup

Transcript
```1
Section 2.1: Shift Ciphers and Modular Arithmetic
Practice HW from Barr Textbook (not to hand in)
p.66 # 1, 2, 3-6, 9-12, 13, 15
The purpose of this section is to learn about modular arithmetic, which is one of the
fundamental mathematical concepts we will need to implement the cryptographical
techniques that we will study this semester. Afterwards, we will introduce basic concepts
in cryptography and illustrate a basic cryptographical involving shift ciphers.
Modular Arithmetic
In grade school, we first learned how to divide numbers.
Example 1: Consider 40  3 
40
. Determine the quotient and remainder and write the
3
result as an equation.
Solution: As you learned in grade school, we set up the following division tableau:
13
3 40
Divisor
Quotient
Dividend
3
10
9
1
Remainder
We write the result of the division as:
Dividend
Re mainder
 Quotient 
.
Divisor
Divisor
or
40
1
 13  .
3
3
Multiplying both sides of the previous equation by 3 gives
1
 40 

  3  13   3
3
 3 

which simplifies to
40  13  3  1 .
█
2
The previous example illustrates a special case of the division algorithm which we state
next. Before stating this algorithm, recall that the integers are the numbers in the
following set:
Integers: {  4, 3, 2, 1, 0, 1, 2, 3, 4, }
Division algorithm: Let m be a positive integer ( m  0 ) and let b be any integer. Then
there is exactly one pair of integers q (called the quotient) and r (called the remainder)
such that
b  qm  r where 0  r  m .
A number of primary interest in this class will be the remainder r that we obtain the
division of two numbers. We will find the remainder so often that we use a special term
that is used to describe its computation. This is done in the following definition.
Definition: We say that r is equal to b MOD m , written as r  b MOD m , if r is the
integer remainder of b divided by m . We define the variable m as the modulus.
Example 2: Determine 25 MOD 7, 31 MOD 5, 26 MOD 2, and 5 MOD 7.
Solution: The following provides the result of each problem with explanation.
25 MOD 7 = 4
since 7 divides into 25 three times (quotient q  3 ) with a remainder
of r  4 .
31 MOD 5 = 1
since 5 divides into 31 six times (quotient q  6) with a remainder
of r  1 .
26 MOD 2 = 0
since 2 divides into 26 evenly (quotient q  13) with no remainder.
5 MOD 7 = 5
since 7 divides into 5 zero times (quotient q  0 ) with a remainder
of r  5 .
█
Note: In the division algorithm, the remainder r is non-negative, that is, r  0 This fact
means that when doing modular arithmetic that we will never obtain a negative
remainder. To compute b MOD m when b  0 correctly, we must always look for the
largest number that m evenly divides that is less than b . The next example illustrates
this fact.
Example 3: Compare computing 23 MOD 9 with -23 MOD 9.
Solution: To compute 23 MOD 9, we divide 9 into 23 and find the remainder. We look
for the largest number less than 23 that 9 divides into. That number is 18. Hence, we see
3
that 9 divides into 23 twice (it divides into 18 two times for a quotient of q  2) with a
remainder of r  5 . Hence, 23 MOD 9 = 5.
In contrast, when computing -23 MOD 9, the largest number less than -23 that 9 divides
into is -27 (note that -18 is not less than -23). Thus, 9 divides into -23 negative three
times (it divides into -27 for a quotient of q  3 ) with a remainder of r  4 (since -27 +
4 = -23). Hence -23 MOD 9 = 4.
█
Doing Modular Arithmetic For Larger Numbers With A Calculator
To do modular arithmetic with a calculator, we use the fact from the division algorithm
that
b  qm  r ,
and solve for the remainder to obtain
r  b  qm .
We put this result in division tableau format as follows:
m
q
b
Truncated Quotient (chop digits to
right of decimal)
 qm
b  qm  r
(1)
Remainder
Example 4: Compute 1024 MOD 37:
1024
 27.68 . Then q = trunc(27.68) =
37
27. Assigning b = 1024 and m = 37 in (1), we obtain
27.68
37 1024 .
Solution: We first use a calculator to compute
 999
25
Note the slash mark in the above division tableau indicates that the digits to right of the
decimal point have been truncated. The result of the division indicates that we obtain a
remainder of r = 25. Thus 1024 mod 37 = 25.
█
Example 5: Compute 500234 MOD 10301
500234
 48.6 . Hence, we assign q =
10301
trunc(48.6) = 48. If we let b= 500234 and m = 10301 in (2), then
Solution: Using a calculator, we obtain
4
48.6
10301 500234 .
 494448
5786
The remainder of the division is r = 5786. Hence, 500234 mod 10301 = 5786.
█
Example 6: Compute -3071 MOD 107
 3071
 28.7 . Hence, we assign
107
q = trunc(-28.7) = -28. If we let b= -3071 and m = 107 in (2), then
 28.7
107  3071
Solution: Using a calculator, we obtain

  2996
 75
Note in the division process that we always subtract the product of the quotient -28 and
the divisor 107, which results in -2996, from the divisor -3071. Subtracting the negative
number -2996 is equivalent to adding positive 2996. However, the remainder r = -75, is
negative and we want the remainder to be positive. This occurs because -2996 is a
number that the divisor 107 divides evenly into that is not less than the dividend -3071.
We can fix this problem by decreasing the quotient q = -28 by -1 to q = -29 Hence, the
previous tableau would become:
 29
107  3071

  3103
32
█
Thus, -3071 MOD 107 = 32.
Generalization of Modular Arithmetic
In number theory, modular arithmetic has a more formal representation which we now
give a brief description of. This idea can be expressed with the following example.
Example 7: Find solution)s b to the equation
b MOD 7 = 4
5
Solution: One answer is b  4 since 4 MOD 7 = 4. However there are many other
b  10 since -10 MOD 7 = 4
b  3 since -3 MOD 7 = 4
b  4 since 4 MOD 7 = 4
b  11 since 11 MOD 7 = 4
b  18 since 18 MOD 7 = 4
b  25 since 25 MOD 7 = 4.
As can be seen, a pattern results in that to get from one solution to another, we add or
subtract multiples of 7. In general, we can say that b  4  7k , where k is an integer.
This produces the infinite set of solutions
{, 17, 10, 3, 4, 11, 18, 25, 32, }
█
The numbers {, 17, 10, 3, 4, 11, 18, 25, 32, } from the previous example that
give a remainder of 4 MOD 7 represents a congruence class. We define this idea more
precisely in the following definition.
Definition: Let m be a positive integer (the modulus of our arithmetic). Two integers a
and b are said to be congruent modulo m if a  b is divisible by m . We write
a  b mod m (note the lower case “mod”)
7
Note: The previous definition can be thought of more informally as follows. We say that
a  b mod m if a and b give the same integer remainder r when divide by m . That
is,
a  b mod m if r = a MOD m = b MOD m .
The following example illustrates this idea:
Example 8: Illustrate why 25  11mod 7 .
Solution: 25  11mod 7 since 7 evenly divides 25 – 11 = 14. Because of this, 25 and 11
are in the same congruence class. This is also true since 25 MOD 7 = 11 MOD 7 = 4, that
is, they both give the same integer remainder MOD 7. In fact we can say that
32  25  18  11  4 mod 7 , that is, all of these give an integer remainder of 4 when
divided by 7. Hence, 32, 25, 18, 11, and 4 are in the same congruence class.
█
The last example illustrates that when the uppercase MOD notation is used, we are
interested in only the specific integer remainder r when a number is divided by a
modulus. The lowercase mod notation with the  notation is used when we are looking
6
for a set of numbers that have the same integer remainder when divided by a modulus. In
this class, we will primarily use the MOD notation.
*Note: When considering b MOD m , since 0  r  m , the only possible remainders are
0, 1, 2,  , m  1. This causes the remainders to “wrap” around when performing
modular arithmetic. This next example illustrates this idea.
Example 9: Make a table of y values for the equation
y = ( x  5) MOD 9
Solution: In MOD 9 arithmetic, the only possible remainders are 0, 1, 2, 3, 4, 5, 6, 7, and
8. We let x assume these values.
x  0  y  (0  5) MOD 9  5 MOD 9  5
x  1  y  (1  5) MOD 9  6 MOD 9  6
x  2  y  (2  5) MOD 9  7 MOD 9  7
x  3  y  (3  5) MOD 9  8 MOD 9  8
x  4  y  (4  5) MOD 9  9 MOD 9  0
x  5  y  (5  5) MOD 9  10 MOD 9  1
x  6  y  (6  5) MOD 9  11 MOD 9  2
x  7  y  (7  5) MOD 9  12 MOD 9  3
x  8  y  (8  5) MOD 9  13 MOD 9  4
Using the above values, we can form the following table. Notice the “wrapping” effect
for the values of y .
x
y = (x+5) MOD 26
0
5
1
6
2
7
3
8
4
0
5
1
6
2
7
3
8
4
█
Fact: Solving equations (and congruences) if modular arithmetic is similar to solving
equations in the real number system. That is, if
a  b mod m
then
7
a  k  b  k mod m
and
a  k  b  k mod m
for any number k . The next example makes use of these facts.
Example 10: Make a list of five solutions to
x  7  2 MOD 8
Solution: We solve using the following steps:
x  7  2 MOD 8
x  7  7  2  7 MOD 8
(Subtract 7 from both sides)
x  5 MOD 8
(Simplify)
x3
(Compute the integer remainder)
To get the other solutions, we are looking for numbers that give an integer remainder of 3
in MOD 8 arithmetic. We can simply find these by taking the solution x = 3 above and
adding multiplies of 8. Hence, five solutions are:
x = 3, x = 3 + 8 = 11, x = 11 + 8 = 19, x = 19 + 8 = 27, and x = 27 + 8 = 35.
Of course, we can continually add or subtract multiples of 8 to find as many solutions as
we want.
█
Basic Concepts of Cryptography
Cryptography is the art of transmitting information in a secret manner. We next describe
some of the basic terminology and concepts we will use in this class involving
cryptography.
Plaintext – the actual undisguised message (usually an English message) that we want to
send.
Ciphertext – the secret disguised message that is transmitted.
Encryption (encipherment) – the process of converting plaintext to ciphertext.
Decryption (decipherment) – process of converting ciphertext back to plaintext.
8
Notation: Z m represents all possible remainders in a MOD m system, that is,
Z m  {0, 1, 2, , m  2, m  1}
For representing our alphabet, we use a MOD 26 system
Z 26  {0, 1, 2, , 24, 25}
and perform a one to one correspondence between the alphabet letters and the elements of
this set.
Alphabet Assignment
A0
K  10
U  20
B1
L  11
C2
M  12
V  21
W  22
D3
N  13
X  23
E4
O  14
Y  24
F 5
P  15
Z  25
G6
Q  16
H7
R  17
I 8
S  18
J9
T  19
Monoalphabetic Ciphers
Monoalphabetic Ciphers are substitution ciphers in which the correspondents agree on a
rearrangement (permutation) of the alphabet. In this class, we examine 3 basic types of
monoalphabetic ciphers
Types of Monoalphabetic Ciphers
1. Shift Ciphers (covered in Section 2.1)
2 Affine Ciphers (covered in Section 2.2)
3. Substitution Ciphers (covered in Section 2.3)
Shift Ciphers
If x is a numerical plaintext letter, we encipher x by computing the
Enciphering formula for Shift Ciphers
y  ( x  k ) MOD 26, where k is in Z 26 .
Here y will be the numerical ciphertext letter.
9
*Note: k is called the key of the cipher and represents the shift amount.
Example 11: The Caesar cipher, developed by Julius Caesar
Figure 1: Julius Caesar
is a shift cipher given by
y  ( x  3) MOD 26
Note that the key k = 3. Use the Caesar cipher to create a cipher alphabet. Then use it to
Solution: To create the cipher alphabet, we substitute the MOD 26 alphabet assignment
number for each letter into the Caesar shift cipher formula and calculate the
corresponding ciphertext letter number as follows:
A  x  0  y  (0  3) MOD 26  3 MOD 26  3  D
B  x  1  y  (1  3) MOD 26  4 MOD 26  3  E
C  x  2  y  (2  3) MOD 26  5 MOD 26  5  F
D  x  3  y  (3  3) MOD 26  6 MOD 26  6  G

W  x  22  y  (22  3) MOD 26  25 MOD 26  25  Z
X  x  23  y  (23  3) MOD 26  26 MOD 26  0  A
Y  x  24  y  (24  3) MOD 26  27 MOD 26  1  B
Z  x  25  y  (25  3) MOD 26  28 MOD 26  2  C
This gives the corresponding correspondence between the plain and ciphertext alphabets
Plain
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Cipher D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Using the above table, we can encipher the message “RADFORD” as follows
10
Plaintext:
R A D F O R D
Ciphertext: U D G I R U G
Hence, the ciphertext is “UDGIRUG”
█
Of course, in the last example we did not have to create the entire plain and ciphertext
alphabets to encipher the message. We could instead just used the shift cipher formula
y  ( x  3) MOD 26 directly. We will illustrate this idea more generally in the next
example given below.
The Caesar cipher is just a special case of a shift cipher with a key of k  3 . In a general
shift cipher, the key k can be any value in a MOD 26 system, that is, any value in the set
{0, 1, 2, , 24, 25} . The next example illustrates a more general shift cipher.
Example 12: Encipher the message “SEINFELD” using a 12 shift cipher.
Solution: A 12 shift cipher is a cipher with key k  12 . Hence, the shift cipher formula
y  ( x  k ) MOD 26 becomes
y  ( x  12) MOD 26
Recall that the variable x is the numerical representation of a plaintext letter and y
numerical representation of a ciphertext letter. Using the MOD 26 alphabet assignment,
we encipher each letter in the message as follows:
S  x  18  y  (18  12) MOD 26  30 MOD 26  4  E
E  x  4  y  (4  12) MOD 26  16 MOD 26  16  Q
I  x  8  y  (8  12) MOD 26  20 MOD 26  20  U
N  x  13  y  (13  12) MOD 26  25 MOD 26  21  Z
F  x  5  y  (5  12) MOD 26  17 MOD 26  16  R
E  x  4  y  (4  12) MOD 26  16 MOD 26  16  Q
L  x  11  y  (11  12) MOD 26  23 MOD 26  23  X
D  x  3  y  (3  12) MOD 26  15 MOD 26  15  P
Hence, the ciphertext is “EQUZRQXP”.
█
Deciphering Shift Ciphers
Given a key k , plaintext letter number x , and ciphertext letter number y , we decipher
as follows:
11
y  ( x  k ) MOD 26
y  k  ( x  k  k ) MOD 26
(subtract k from both sides and simplify)
x  ( y  k ) MOD 26
(rearrange both sides of the equation)
This gives the
Deciphering formula for shift ciphers
x  ( y  k ) MOD 26
where y is the numerical ciphertext letter, x is the numerical plaintext letter, and k is the
key of the cipher (the shift amount).
*Note: In the deciphering shift cipher formula,  k MOD 26 can be converted to its
equivalent positive form by finding a positive reminder.
The next two examples illustrate how to deciphering process works.
Example 13: Suppose we received the ciphertext “YLUJLQLD” that was encrypted
using a Caesar cipher (shift k  3 ). Decipher this message.
Solution: Using the shift cipher formula
y  ( x  3) MOD 26 .
Recall in this formula that x represents the alphabet assignment number for the plaintext
and y represents the alphabet assignment number for the cipher-text. Since we want to
decipher the above cipher-text, we must solve the above equation for x. Rearranging first
gives:
x  3  y MOD 26 .
To solve for x, we must subtract 17 from both sides. This gives:
x  ( y  3) MOD 26
(*)
Note that since  3 MOD 26  23 (this can be computed simply by taking –3 + 26 =
23), we can write equation (*) as:
x  ( y  9) MOD 26
(**)
12
Either equations (*) or (**) can be used to decipher the message. We will use equation
(**). Taking each letter of the cipher-text “YLUJLQLD” and using the MOD 26 alphabet
assignment, we obtain:
Y  y  24  x  (24  23) MOD 26  47 MOD 26  21  V
L  y  11  x  (11  23) MOD 26  34 MOD 26  8  I
U  y  20  x  (20  23) MOD 26  43 MOD 26  17  R
J  y  9  x  (9  23) MOD 26  32 MOD 26  6  G
L  y  11  x  (11  23) MOD 26  34 MOD 26  8  I
Q  y  16  x  (16  23) MOD 26  39 MOD 26  13  N
L  y  11  x  (11  23) MOD 26  34 MOD 26  8  I
D  y  3  x  (3  23) MOD 26  26 MOD 26  0  A
Hence, the plaintext is “VIRGINIA”.
█
Example 14: Decipher the message “EVZCJZXDFE” that was enciphered using a 17
shift cipher.
Solution: Using the shift cipher formula
y  ( x  k ) MOD 26 ,
we see that the key k for this cipher must be k  17. Hence the formula becomes
y  ( x  17) MOD 26 .
Recall in this formula that x represents the alphabet assignment number for the plaintext
and y represents the alphabet assignment number for the cipher-text. Since we want to
decipher the above cipher-text, we must solve the above equation for x. Rearranging first
gives:
x  17  y MOD 26 .
To solve for x, we must subtract 17 from both sides. This gives:
x  ( y 17) MOD 26
(*)
Note that since  17 MOD 26  9 (this can be computed simply by taking –17 + 26 =
9), we can write equation (*) as:
x  ( y  9) MOD 26
(**)
13
Either equations (*) or (**) can be used to decipher the message. We will use equation
(**). Taking each letter of the cipher-text “EVZCJZXDFE” and using the MOD 26
alphabet assignment, we obtain:
E  y  4  x  (4  9) MOD 26  13 MOD 26  13  N
V  y  21  x  (21  9) MOD 26  30 MOD 26  4  E
Z  y  25  x  (25  9) MOD 26  34 MOD 26  8  I
C  y  2  x  (2  9) MOD 26  11 MOD 26  11  L
J  y  9  x  (9  9) MOD 26  18 MOD 26  18  S
Z  y  25  x  (25  9) MOD 26  34 MOD 26  8  I
X  y  23  x  (23  9) MOD 26  32 MOD 26  6  G
D  y  3  x  (3  9) MOD 26  12 MOD 26  12  M
F  y  5  x  (5  9) MOD 26  14 MOD 26  14  O
E  y  4  x  (4  9) MOD 26  13 MOD 26  13  N
Hence, the plaintext is “NEIL SIGMON”.
█
Cryptanalysis of Shift Ciphers
As the last two examples illustrate, one must know the key k used in a shift cipher when
deciphering a message. This leads to an important question. How can we decipher a
message in a shift cipher if we do not know the key k ? Cryptanalysis is the process of
trying to break a cipher by finding its key. Cryptanalysis in general is not an easy
problem. The more secure a cipher is, the harder it is to cryptanalyze. We will soon see
that a shift cipher is not very secure and is relatively easy to break.
Methods for Breaking a Shift Cipher
1. Knowing x  ( y  k ) MOD 26, we can test all possibilities for k (there are 26 total in
a MOD 26 alphabet {0, 1, 2, , 24, 25} ) until we recover a message that makes
sense.
2. Frequency analysis: Uses the fact that the most frequently occurring letters in the
ciphertext produced by shift cipher has a good chance of corresponding to the most
frequently occurring letters in the standard English alphabet. The most frequently
occurring letters in English are E, T, A, O, I, N, and T (see the English frequency
table).
We will demonstrate these techniques using Maple.
```