DTTF/NB479: Dszquphsbqiz DTTF/NB479: Dszquphsbqiz Day 9 Day 9 Announcements: Announcements: Homework 2 due now Homework 2 due now Computer quiz Thursday on chapter 2 Computer quiz Thursday on chapter 2 Questions? Questions? Today: Today: Wrap up congruences Wrap up congruences Fermat’s little theorem Fermat’s little theorem Euler’s theorem Euler’s theorem Both really important for RSA – pay Both really important for RSA – pay careful attention! careful attention!
Transcript
DTTF/NB479: DszquphsbqizDTTF/NB479: Dszquphsbqiz Day 9 Day 9
Announcements:Announcements: Homework 2 due nowHomework 2 due now Computer quiz Thursday on chapter 2Computer quiz Thursday on chapter 2
Questions?Questions?
Today: Today: Wrap up congruencesWrap up congruences Fermat’s little theoremFermat’s little theorem Euler’s theoremEuler’s theorem Both really important for RSA – pay careful attention!Both really important for RSA – pay careful attention!
The Chinese Remainder Theorem establishes an The Chinese Remainder Theorem establishes an equivalenceequivalence
A single congruence mod a A single congruence mod a composite number composite number is equivalent to a system of congruences mod is equivalent to a system of congruences mod its factorsits factors
Two-factor formTwo-factor form Given gcd(m,n)=1. For integers a and b, there exists Given gcd(m,n)=1. For integers a and b, there exists
exactly 1exactly 1 solution (mod mn) to the system: solution (mod mn) to the system:
)(mod
)(mod
nbx
max
CRT Equivalences let us use systems of CRT Equivalences let us use systems of congruences to solve problemscongruences to solve problems
Solve the system:Solve the system:
How many solutions?How many solutions? Find them.Find them.
)15(mod5
)7(mod3
x
x
)35(mod12 x
Q
Chinese Remainder TheoremChinese Remainder Theorem
n-factor formn-factor form Let mLet m11, m, m22,… m,… mkk be integers such that gcd(m be integers such that gcd(mii, m, mjj)=1 )=1
when i ≠ j. For integers awhen i ≠ j. For integers a11, … a, … akk, there exists , there exists exactly exactly
11 solution (mod m solution (mod m11mm22…m…mkk) to the system:) to the system:
)(mod
...
)(mod
)(mod
22
11
kk max
max
max
Modular Exponentiation is extremely efficient since Modular Exponentiation is extremely efficient since the partial results are always smallthe partial results are always small
Compute the last digit of 3Compute the last digit of 320002000
Compute 3Compute 320002000 (mod 19) (mod 19) Idea:Idea:Get the powers of 3 by repeatedly squaring 3, BUT Get the powers of 3 by repeatedly squaring 3, BUT taking mod at each step.taking mod at each step.
Q
Modular Exponentiation Technique and ExampleModular Exponentiation Technique and Example
The converse when a=2 usually holds The converse when a=2 usually holds
Fermat: Fermat: If p is prime and doesn’t divide a,If p is prime and doesn’t divide a,
Converse: Converse: IfIf , then p is prime and doesn’t divide a. , then p is prime and doesn’t divide a.
This isThis is almost almost always true when a = 2. Rare counterexamples: always true when a = 2. Rare counterexamples: n = 561 =3*11*17, butn = 561 =3*11*17, but
n = 1729 = 7*13*19n = 1729 = 7*13*19 Can do first one by hand if use Fermat and combine results with Chinese Can do first one by hand if use Fermat and combine results with Chinese
Remainder TheoremRemainder Theorem
)(mod11 pa p
)(mod11 pa p
)561(mod12560
Primality testing schemes typically use the Primality testing schemes typically use the contrapositive of Fermatcontrapositive of Fermat
Even?
div by other small primes?
Prime by Factoring/advanced techn.?
n
no
no
yes
prime
Primality testing schemes typically use the Primality testing schemes typically use the contrapositive of Fermatcontrapositive of Fermat
Use Fermat as a filter since it’s Use Fermat as a filter since it’s faster than factoring (if faster than factoring (if calculated using the powermod calculated using the powermod method).method).
1)(mod2?
1 nn
Even?
div by other small primes?
Prime by Factoring/advanced techn.?
n
no
no
yes
yes
prime
Fermat: p primeFermat: p prime 2 2p-1p-1 ≡ 1 (mod p) ≡ 1 (mod p)Contrapositive?Contrapositive?
Why can’t we just compute 2n-1(mod n)using Fermat if it’s so much faster?
)(mod12?
1 nn
3
Euler’s Theorem is like Fermat’s, but for composite Euler’s Theorem is like Fermat’s, but for composite modulimoduli
If gcd(a,n)=1, thenIf gcd(a,n)=1, then
So what’s So what’s (n)?(n)?
13
)(mod1)( na n
4
(n) is the number of integers a, (n) is the number of integers a, such that 1 ≤ a ≤ n and gcd(a,n) = 1.such that 1 ≤ a ≤ n and gcd(a,n) = 1.
Examples: Examples: 1.1. (10) = 4.(10) = 4.
2.2. When p is prime, When p is prime, (p) = ____(p) = ____
3.3. When n =pq (product of 2 primes), When n =pq (product of 2 primes), (n) = ____(n) = ____
14
5
The general formula for The general formula for (n)(n)
Example: Example: 11
[Bill Waite, RHIT 2007]
np p
pnn
|
1)(
6
p are distinct primes
Euler’s Theorem can also lead to computations Euler’s Theorem can also lead to computations that are more efficient than modular exponentiationthat are more efficient than modular exponentiation
as long as gcd(a,n) = 1as long as gcd(a,n) = 1
Examples:Examples:1.1. Find last 3 digits of 7Find last 3 digits of 7803803
2.2. Find 3Find 320072007 (mod 12) (mod 12)
3.3. Find 2Find 260046004 (mod 99) (mod 99)
4.4. Find 2Find 260046004 (mod 101) (mod 101)
BasicBasicPrinciple: when working mod n, view the exponents mod Principle: when working mod n, view the exponents mod (n).(n).
