Survey

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Survey

Document related concepts

Large numbers wikipedia , lookup

Wiles's proof of Fermat's Last Theorem wikipedia , lookup

Index of cryptography articles wikipedia , lookup

Elementary mathematics wikipedia , lookup

Proofs of Fermat's little theorem wikipedia , lookup

List of prime numbers wikipedia , lookup

Collatz conjecture wikipedia , lookup

Transcript

1 Section 2.1: Shift Ciphers and Modular Arithmetic Practice HW from Barr Textbook (not to hand in) p.66 # 1, 2, 3-6, 9-12, 13, 15 The purpose of this section is to learn about modular arithmetic, which is one of the fundamental mathematical concepts we will need to implement the cryptographical techniques that we will study this semester. Afterwards, we will introduce basic concepts in cryptography and illustrate a basic cryptographical involving shift ciphers. Modular Arithmetic In grade school, we first learned how to divide numbers. Example 1: Consider 40 3 40 . Determine the quotient and remainder and write the 3 result as an equation. Solution: As you learned in grade school, we set up the following division tableau: 13 3 40 Divisor Quotient Dividend 3 10 9 1 Remainder We write the result of the division as: Dividend Re mainder Quotient . Divisor Divisor or 40 1 13 . 3 3 Multiplying both sides of the previous equation by 3 gives 1 40 3 13 3 3 3 which simplifies to 40 13 3 1 . █ 2 The previous example illustrates a special case of the division algorithm which we state next. Before stating this algorithm, recall that the integers are the numbers in the following set: Integers: { 4, 3, 2, 1, 0, 1, 2, 3, 4, } Division algorithm: Let m be a positive integer ( m 0 ) and let b be any integer. Then there is exactly one pair of integers q (called the quotient) and r (called the remainder) such that b qm r where 0 r m . A number of primary interest in this class will be the remainder r that we obtain the division of two numbers. We will find the remainder so often that we use a special term that is used to describe its computation. This is done in the following definition. Definition: We say that r is equal to b MOD m , written as r b MOD m , if r is the integer remainder of b divided by m . We define the variable m as the modulus. Example 2: Determine 25 MOD 7, 31 MOD 5, 26 MOD 2, and 5 MOD 7. Solution: The following provides the result of each problem with explanation. 25 MOD 7 = 4 since 7 divides into 25 three times (quotient q 3 ) with a remainder of r 4 . 31 MOD 5 = 1 since 5 divides into 31 six times (quotient q 6) with a remainder of r 1 . 26 MOD 2 = 0 since 2 divides into 26 evenly (quotient q 13) with no remainder. 5 MOD 7 = 5 since 7 divides into 5 zero times (quotient q 0 ) with a remainder of r 5 . █ Note: In the division algorithm, the remainder r is non-negative, that is, r 0 This fact means that when doing modular arithmetic that we will never obtain a negative remainder. To compute b MOD m when b 0 correctly, we must always look for the largest number that m evenly divides that is less than b . The next example illustrates this fact. Example 3: Compare computing 23 MOD 9 with -23 MOD 9. Solution: To compute 23 MOD 9, we divide 9 into 23 and find the remainder. We look for the largest number less than 23 that 9 divides into. That number is 18. Hence, we see 3 that 9 divides into 23 twice (it divides into 18 two times for a quotient of q 2) with a remainder of r 5 . Hence, 23 MOD 9 = 5. In contrast, when computing -23 MOD 9, the largest number less than -23 that 9 divides into is -27 (note that -18 is not less than -23). Thus, 9 divides into -23 negative three times (it divides into -27 for a quotient of q 3 ) with a remainder of r 4 (since -27 + 4 = -23). Hence -23 MOD 9 = 4. █ Doing Modular Arithmetic For Larger Numbers With A Calculator To do modular arithmetic with a calculator, we use the fact from the division algorithm that b qm r , and solve for the remainder to obtain r b qm . We put this result in division tableau format as follows: m q b Truncated Quotient (chop digits to right of decimal) qm b qm r (1) Remainder Example 4: Compute 1024 MOD 37: 1024 27.68 . Then q = trunc(27.68) = 37 27. Assigning b = 1024 and m = 37 in (1), we obtain 27.68 37 1024 . Solution: We first use a calculator to compute 999 25 Note the slash mark in the above division tableau indicates that the digits to right of the decimal point have been truncated. The result of the division indicates that we obtain a remainder of r = 25. Thus 1024 mod 37 = 25. █ Example 5: Compute 500234 MOD 10301 500234 48.6 . Hence, we assign q = 10301 trunc(48.6) = 48. If we let b= 500234 and m = 10301 in (2), then Solution: Using a calculator, we obtain 4 48.6 10301 500234 . 494448 5786 The remainder of the division is r = 5786. Hence, 500234 mod 10301 = 5786. █ Example 6: Compute -3071 MOD 107 3071 28.7 . Hence, we assign 107 q = trunc(-28.7) = -28. If we let b= -3071 and m = 107 in (2), then 28.7 107 3071 Solution: Using a calculator, we obtain 2996 75 Note in the division process that we always subtract the product of the quotient -28 and the divisor 107, which results in -2996, from the divisor -3071. Subtracting the negative number -2996 is equivalent to adding positive 2996. However, the remainder r = -75, is negative and we want the remainder to be positive. This occurs because -2996 is a number that the divisor 107 divides evenly into that is not less than the dividend -3071. We can fix this problem by decreasing the quotient q = -28 by -1 to q = -29 Hence, the previous tableau would become: 29 107 3071 3103 32 █ Thus, -3071 MOD 107 = 32. Generalization of Modular Arithmetic In number theory, modular arithmetic has a more formal representation which we now give a brief description of. This idea can be expressed with the following example. Example 7: Find solution)s b to the equation b MOD 7 = 4 5 Solution: One answer is b 4 since 4 MOD 7 = 4. However there are many other answers. Here are several: b 10 since -10 MOD 7 = 4 b 3 since -3 MOD 7 = 4 b 4 since 4 MOD 7 = 4 b 11 since 11 MOD 7 = 4 b 18 since 18 MOD 7 = 4 b 25 since 25 MOD 7 = 4. As can be seen, a pattern results in that to get from one solution to another, we add or subtract multiples of 7. In general, we can say that b 4 7k , where k is an integer. This produces the infinite set of solutions {, 17, 10, 3, 4, 11, 18, 25, 32, } █ The numbers {, 17, 10, 3, 4, 11, 18, 25, 32, } from the previous example that give a remainder of 4 MOD 7 represents a congruence class. We define this idea more precisely in the following definition. Definition: Let m be a positive integer (the modulus of our arithmetic). Two integers a and b are said to be congruent modulo m if a b is divisible by m . We write a b mod m (note the lower case “mod”) 7 Note: The previous definition can be thought of more informally as follows. We say that a b mod m if a and b give the same integer remainder r when divide by m . That is, a b mod m if r = a MOD m = b MOD m . The following example illustrates this idea: Example 8: Illustrate why 25 11mod 7 . Solution: 25 11mod 7 since 7 evenly divides 25 – 11 = 14. Because of this, 25 and 11 are in the same congruence class. This is also true since 25 MOD 7 = 11 MOD 7 = 4, that is, they both give the same integer remainder MOD 7. In fact we can say that 32 25 18 11 4 mod 7 , that is, all of these give an integer remainder of 4 when divided by 7. Hence, 32, 25, 18, 11, and 4 are in the same congruence class. █ The last example illustrates that when the uppercase MOD notation is used, we are interested in only the specific integer remainder r when a number is divided by a modulus. The lowercase mod notation with the notation is used when we are looking 6 for a set of numbers that have the same integer remainder when divided by a modulus. In this class, we will primarily use the MOD notation. *Note: When considering b MOD m , since 0 r m , the only possible remainders are 0, 1, 2, , m 1. This causes the remainders to “wrap” around when performing modular arithmetic. This next example illustrates this idea. Example 9: Make a table of y values for the equation y = ( x 5) MOD 9 Solution: In MOD 9 arithmetic, the only possible remainders are 0, 1, 2, 3, 4, 5, 6, 7, and 8. We let x assume these values. x 0 y (0 5) MOD 9 5 MOD 9 5 x 1 y (1 5) MOD 9 6 MOD 9 6 x 2 y (2 5) MOD 9 7 MOD 9 7 x 3 y (3 5) MOD 9 8 MOD 9 8 x 4 y (4 5) MOD 9 9 MOD 9 0 x 5 y (5 5) MOD 9 10 MOD 9 1 x 6 y (6 5) MOD 9 11 MOD 9 2 x 7 y (7 5) MOD 9 12 MOD 9 3 x 8 y (8 5) MOD 9 13 MOD 9 4 Using the above values, we can form the following table. Notice the “wrapping” effect for the values of y . x y = (x+5) MOD 26 0 5 1 6 2 7 3 8 4 0 5 1 6 2 7 3 8 4 █ Fact: Solving equations (and congruences) if modular arithmetic is similar to solving equations in the real number system. That is, if a b mod m then 7 a k b k mod m and a k b k mod m for any number k . The next example makes use of these facts. Example 10: Make a list of five solutions to x 7 2 MOD 8 Solution: We solve using the following steps: x 7 2 MOD 8 x 7 7 2 7 MOD 8 (Subtract 7 from both sides) x 5 MOD 8 (Simplify) x3 (Compute the integer remainder) To get the other solutions, we are looking for numbers that give an integer remainder of 3 in MOD 8 arithmetic. We can simply find these by taking the solution x = 3 above and adding multiplies of 8. Hence, five solutions are: x = 3, x = 3 + 8 = 11, x = 11 + 8 = 19, x = 19 + 8 = 27, and x = 27 + 8 = 35. Of course, we can continually add or subtract multiples of 8 to find as many solutions as we want. █ Basic Concepts of Cryptography Cryptography is the art of transmitting information in a secret manner. We next describe some of the basic terminology and concepts we will use in this class involving cryptography. Plaintext – the actual undisguised message (usually an English message) that we want to send. Ciphertext – the secret disguised message that is transmitted. Encryption (encipherment) – the process of converting plaintext to ciphertext. Decryption (decipherment) – process of converting ciphertext back to plaintext. 8 Notation: Z m represents all possible remainders in a MOD m system, that is, Z m {0, 1, 2, , m 2, m 1} For representing our alphabet, we use a MOD 26 system Z 26 {0, 1, 2, , 24, 25} and perform a one to one correspondence between the alphabet letters and the elements of this set. Alphabet Assignment A0 K 10 U 20 B1 L 11 C2 M 12 V 21 W 22 D3 N 13 X 23 E4 O 14 Y 24 F 5 P 15 Z 25 G6 Q 16 H7 R 17 I 8 S 18 J9 T 19 Monoalphabetic Ciphers Monoalphabetic Ciphers are substitution ciphers in which the correspondents agree on a rearrangement (permutation) of the alphabet. In this class, we examine 3 basic types of monoalphabetic ciphers Types of Monoalphabetic Ciphers 1. Shift Ciphers (covered in Section 2.1) 2 Affine Ciphers (covered in Section 2.2) 3. Substitution Ciphers (covered in Section 2.3) Shift Ciphers If x is a numerical plaintext letter, we encipher x by computing the Enciphering formula for Shift Ciphers y ( x k ) MOD 26, where k is in Z 26 . Here y will be the numerical ciphertext letter. 9 *Note: k is called the key of the cipher and represents the shift amount. Example 11: The Caesar cipher, developed by Julius Caesar Figure 1: Julius Caesar is a shift cipher given by y ( x 3) MOD 26 Note that the key k = 3. Use the Caesar cipher to create a cipher alphabet. Then use it to encipher the message “RADFORD”. Solution: To create the cipher alphabet, we substitute the MOD 26 alphabet assignment number for each letter into the Caesar shift cipher formula and calculate the corresponding ciphertext letter number as follows: A x 0 y (0 3) MOD 26 3 MOD 26 3 D B x 1 y (1 3) MOD 26 4 MOD 26 3 E C x 2 y (2 3) MOD 26 5 MOD 26 5 F D x 3 y (3 3) MOD 26 6 MOD 26 6 G W x 22 y (22 3) MOD 26 25 MOD 26 25 Z X x 23 y (23 3) MOD 26 26 MOD 26 0 A Y x 24 y (24 3) MOD 26 27 MOD 26 1 B Z x 25 y (25 3) MOD 26 28 MOD 26 2 C This gives the corresponding correspondence between the plain and ciphertext alphabets Plain A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Cipher D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Using the above table, we can encipher the message “RADFORD” as follows 10 Plaintext: R A D F O R D Ciphertext: U D G I R U G Hence, the ciphertext is “UDGIRUG” █ Of course, in the last example we did not have to create the entire plain and ciphertext alphabets to encipher the message. We could instead just used the shift cipher formula y ( x 3) MOD 26 directly. We will illustrate this idea more generally in the next example given below. The Caesar cipher is just a special case of a shift cipher with a key of k 3 . In a general shift cipher, the key k can be any value in a MOD 26 system, that is, any value in the set {0, 1, 2, , 24, 25} . The next example illustrates a more general shift cipher. Example 12: Encipher the message “SEINFELD” using a 12 shift cipher. Solution: A 12 shift cipher is a cipher with key k 12 . Hence, the shift cipher formula y ( x k ) MOD 26 becomes y ( x 12) MOD 26 Recall that the variable x is the numerical representation of a plaintext letter and y numerical representation of a ciphertext letter. Using the MOD 26 alphabet assignment, we encipher each letter in the message as follows: S x 18 y (18 12) MOD 26 30 MOD 26 4 E E x 4 y (4 12) MOD 26 16 MOD 26 16 Q I x 8 y (8 12) MOD 26 20 MOD 26 20 U N x 13 y (13 12) MOD 26 25 MOD 26 21 Z F x 5 y (5 12) MOD 26 17 MOD 26 16 R E x 4 y (4 12) MOD 26 16 MOD 26 16 Q L x 11 y (11 12) MOD 26 23 MOD 26 23 X D x 3 y (3 12) MOD 26 15 MOD 26 15 P Hence, the ciphertext is “EQUZRQXP”. █ Deciphering Shift Ciphers Given a key k , plaintext letter number x , and ciphertext letter number y , we decipher as follows: 11 y ( x k ) MOD 26 y k ( x k k ) MOD 26 (subtract k from both sides and simplify) x ( y k ) MOD 26 (rearrange both sides of the equation) This gives the Deciphering formula for shift ciphers x ( y k ) MOD 26 where y is the numerical ciphertext letter, x is the numerical plaintext letter, and k is the key of the cipher (the shift amount). *Note: In the deciphering shift cipher formula, k MOD 26 can be converted to its equivalent positive form by finding a positive reminder. The next two examples illustrate how to deciphering process works. Example 13: Suppose we received the ciphertext “YLUJLQLD” that was encrypted using a Caesar cipher (shift k 3 ). Decipher this message. Solution: Using the shift cipher formula y ( x 3) MOD 26 . Recall in this formula that x represents the alphabet assignment number for the plaintext and y represents the alphabet assignment number for the cipher-text. Since we want to decipher the above cipher-text, we must solve the above equation for x. Rearranging first gives: x 3 y MOD 26 . To solve for x, we must subtract 17 from both sides. This gives: x ( y 3) MOD 26 (*) Note that since 3 MOD 26 23 (this can be computed simply by taking –3 + 26 = 23), we can write equation (*) as: x ( y 9) MOD 26 (**) 12 Either equations (*) or (**) can be used to decipher the message. We will use equation (**). Taking each letter of the cipher-text “YLUJLQLD” and using the MOD 26 alphabet assignment, we obtain: Y y 24 x (24 23) MOD 26 47 MOD 26 21 V L y 11 x (11 23) MOD 26 34 MOD 26 8 I U y 20 x (20 23) MOD 26 43 MOD 26 17 R J y 9 x (9 23) MOD 26 32 MOD 26 6 G L y 11 x (11 23) MOD 26 34 MOD 26 8 I Q y 16 x (16 23) MOD 26 39 MOD 26 13 N L y 11 x (11 23) MOD 26 34 MOD 26 8 I D y 3 x (3 23) MOD 26 26 MOD 26 0 A Hence, the plaintext is “VIRGINIA”. █ Example 14: Decipher the message “EVZCJZXDFE” that was enciphered using a 17 shift cipher. Solution: Using the shift cipher formula y ( x k ) MOD 26 , we see that the key k for this cipher must be k 17. Hence the formula becomes y ( x 17) MOD 26 . Recall in this formula that x represents the alphabet assignment number for the plaintext and y represents the alphabet assignment number for the cipher-text. Since we want to decipher the above cipher-text, we must solve the above equation for x. Rearranging first gives: x 17 y MOD 26 . To solve for x, we must subtract 17 from both sides. This gives: x ( y 17) MOD 26 (*) Note that since 17 MOD 26 9 (this can be computed simply by taking –17 + 26 = 9), we can write equation (*) as: x ( y 9) MOD 26 (**) 13 Either equations (*) or (**) can be used to decipher the message. We will use equation (**). Taking each letter of the cipher-text “EVZCJZXDFE” and using the MOD 26 alphabet assignment, we obtain: E y 4 x (4 9) MOD 26 13 MOD 26 13 N V y 21 x (21 9) MOD 26 30 MOD 26 4 E Z y 25 x (25 9) MOD 26 34 MOD 26 8 I C y 2 x (2 9) MOD 26 11 MOD 26 11 L J y 9 x (9 9) MOD 26 18 MOD 26 18 S Z y 25 x (25 9) MOD 26 34 MOD 26 8 I X y 23 x (23 9) MOD 26 32 MOD 26 6 G D y 3 x (3 9) MOD 26 12 MOD 26 12 M F y 5 x (5 9) MOD 26 14 MOD 26 14 O E y 4 x (4 9) MOD 26 13 MOD 26 13 N Hence, the plaintext is “NEIL SIGMON”. █ Cryptanalysis of Shift Ciphers As the last two examples illustrate, one must know the key k used in a shift cipher when deciphering a message. This leads to an important question. How can we decipher a message in a shift cipher if we do not know the key k ? Cryptanalysis is the process of trying to break a cipher by finding its key. Cryptanalysis in general is not an easy problem. The more secure a cipher is, the harder it is to cryptanalyze. We will soon see that a shift cipher is not very secure and is relatively easy to break. Methods for Breaking a Shift Cipher 1. Knowing x ( y k ) MOD 26, we can test all possibilities for k (there are 26 total in a MOD 26 alphabet {0, 1, 2, , 24, 25} ) until we recover a message that makes sense. 2. Frequency analysis: Uses the fact that the most frequently occurring letters in the ciphertext produced by shift cipher has a good chance of corresponding to the most frequently occurring letters in the standard English alphabet. The most frequently occurring letters in English are E, T, A, O, I, N, and T (see the English frequency table). We will demonstrate these techniques using Maple.