Extended Euclidean Algorithm | Cryptography - Class Notes | MAT 447, Study notes of Cryptography and System Security

Material Type: Notes; Class: Cryptography; Subject: Mathematics; University: Arizona State University - Tempe; Term: Spring 2008;

Typology: Study notes

Pre 2010

Uploaded on 09/02/2009

koofers-user-vh7
koofers-user-vh7 🇺🇸

10 documents

1 / 3

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Algorithms
Extended Euclidean Algorithm (a, b)
s0= 1, s1= 0, t0= 0, t1= 1
Compute ri2=ri1qi1+riand si=si2qi1si1,ti=ti2qi1ti1
as long as ri>0.
Solovay-Strassen(n)
Select a random integer awith 1 an1 and compute x:= a
n
(How?)
If x= 0 then return ”composite” (Why is this step correct?)
Compute y:= a(n1)/2mod n(How?)
Check if xymod n. If yes then return ”prime” else return ”compos-
ite”.
Miller-Rabin(n)
First find m, k so that n1 = 2kmand mis odd.
Choose a random integer awith 1 an1 and compute b:=
ammod n(How?)
If b1 mod nreturn ”prime”
Iterate ktimes: (a) if b 1 mod nreturn ”prime” (b)b:= b2mod n
return ”composite”
Pollard algorithm(n, B)
Compute a:= 2B!mod n(How?)
Find d=gcd(a1, n) and if 1 < d < n return delse return ”fail”
1
pf3

Partial preview of the text

Download Extended Euclidean Algorithm | Cryptography - Class Notes | MAT 447 and more Study notes Cryptography and System Security in PDF only on Docsity!

Algorithms

Extended Euclidean Algorithm (a, b)

  • s 0 = 1, s 1 = 0, t 0 = 0, t 1 = 1
  • Compute ri− 2 = ri− 1 qi− 1 +ri and si = si− 2 −qi− 1 si− 1 , ti = ti− 2 −qi− 1 ti− 1 as long as ri > 0.

Solovay-Strassen(n)

  • Select a random integer a with 1 ≤ a ≤ n − 1 and compute x :=

( a n

)

(How?)

  • If x = 0 then return ”composite” (Why is this step correct?)
  • Compute y := a(n−1)/^2 mod n (How?)
  • Check if x ≡ y mod n. If yes then return ”prime” else return ”compos- ite”.

Miller-Rabin(n)

  • First find m, k so that n − 1 = 2km and m is odd.
  • Choose a random integer a with 1 ≤ a ≤ n − 1 and compute b := am^ mod n (How?)
  • If b ≡ 1 mod n return ”prime”
  • Iterate k times: (a) if b ≡ −1 mod n return ”prime” (b)b := b^2 mod n
  • return ”composite”

Pollard algorithm(n, B)

  • Compute a := 2B!^ mod n (How?)
  • Find d = gcd(a − 1 , n) and if 1 < d < n return d else return ”fail”

Proofs

  1. Number of kyes in the affine cipher: Show x → ax + b is injective if and only if gcd(a, m) = 1.
  2. Size of Z m∗: Show that a has an inverse if and only if x → ax is injective.
  3. Characterization of perfect secrecy:
    • For the forward implication, first note that |C| = |K| gives |{eK (x)|K ∈ K}| = |K| and so eK 1 (x) 6 = eK 2 (x) when K 1 6 = K 2.
    • Then conclude that for every x, y there is unique K such that eK (x) = y.
    • Now fix y and use Bayes’ Theorem to argue P r[Ki] = P r[y|xi] = P r[y]
    • For the backward implication, compute P r[y], P r[y|x] and apply the Bayes’ Theorem.
  4. Key equivocation H(K|C) = H(K) + H(P ) − H(C): Compute H(K, P, C) in two different ways: (1) H(C|K, P )+H(K, P ) = H(K)+ H(P ) (2) H(P |K, C) + H(K, C) = H(K|C) + H(C).
  5. Lagrange Theorem: Consider H = {hi|i = 0... m} with m order of h in G and show that sets aH = {ahi|i = 0... m} partition G.
  6. Fermat Theorem: If p does not divide b then b ∈ Z p∗ and its order must divide p − 1.
  7. RSA: Use φ(n) = (p − 1)(q − 1) and note that ab = φ(n)l+1. Ob- serve that dK (eK (x)) ≡ x (mod p) and dK (eK (x)) ≡ x (mod q) by using Fermat Theorem. Now invoke the uniqueness of CRT to claim dK (eK (x)) ≡ x (mod n).
  8. Euler’s Criterion: For the forward implication, use the Fermat The- orem. For the converse, use a primitive elements α giving a = αi^ and argue that i must be even by using the fact αk^ ≡ 1 (mod p) gives (p − 1)|k.