Modular Arithmetic & Cryptography
CSC2110 Tutorial 8
Darek Yung
Outline
Quick Review Examples Q & A
Quick Review
Prime Modular Arithmetic Multiplicative Inverse Turing’s Code RSA
Prime
If p is a prime, GCD(a, p) = 1 unless a is multiple of p
If p is a prime, p | a1 * a2 * … * aN implies
p | ai for some i Every natural number n > 1 has a unique pri
me factorization
Modular Arithmetic
Multiplicative Inverse
Multiplicative Inverse
Multiplicative inverse can be calculated by Repeated squaring Integer linear combination
Turing’ Code (Version 1)
Secret: key k Encryption: m’ = m * k Decryption: m’ / k = (m * k) / k = m Attacked by
GCD(m1’, m2’) = GCD(m1k, m2k) = k
Turing’ Code (Version 2) Public: large prime p Secret: key k, k < p Encryption: m’ = rem(mk, p), m < p Decryption:
multiplicative inverse of k (mod p) k’ m’ mk (mod p) m’k’ mkk’ (mod p) m (mod p)
Plain text attack Given m’, m, p multiplicative inverse of m (mod p) m’’ m’m’’ kmm’’ (mod p) k (mod p)
RSA
Generate two large primes p, q Let n = pq, T = (p-1)(q-1) Select e such that GCD(e,T) = 1 Let d = multiplicative inverse of e (mod T)
RSA
Public: n, public key e Secret: private key d Encryption: m’ = me (mod n), m < n Decryption: (m’)d med m (mod n)
Q20: False Q21: False, modular arithmetic can be appli
ed to INTEGER a, b Q22: True, sum of digits is divisible by 9
Examples
Examples
Q23: True, difference between sum of even digits and sum of odd digits is divisible by 11
Q24: False, either of a, a’ can be negative.
e.g. n = 5, a = 3, a’ = -3 k = -2 Q25: True
Examples
Q26: False, c may be multiple of n Q27: False, k may be multiple of p
Examples
Q28: True Q29: False, k may be multiple of p Q30: False, k may be multiple of p and there
is no multiplicative inverse of k (mod p)
Examples
Q31: True (false if p1 = p2) Q32: True Q33: False, Version 1.0 use simple
multiplication
Examples
Q34: True (will show in long question) Q35: True Q36: False, unique m with respect to a
specific k. A large number of (m, k) pair.
Examples
Q37: True Q38: False, encrypted by public key Q39: True Q40: False, it is just to compute the power
of an integer modulo another number
Examples
It is now 5pm on Sunday, What’s the time and the day of the week after 17965 hours
17965 = 758(24) + 13 758 = 108(7) + 2 Tuesday 13 + (5+12) = 30 = 1(24) + 6 6am
Wed
Examples
Calculate 579572 (mod 21) by repeated squaring
72 = 64 + 8 5795 20 (mod 21) 57952 1 (mod 21)
57954 57958 579516 1 (mod 21)
579532 579564 1 (mod 21) 579572 579564 * 57958 20 (mod 21)
Examples
Calculate multiplicative inverse of 47981 (mod 95963)
95963 = 2(47981) + 1
1(95963) -2(47981) = 1
-2(47981) 1 (mod 95963)
required multiplicative inverse = -2
Examples
Prove ac bc (mod p) and GCD(c, p) = 1 imply a b (mod p) for prime p
Since GCD(c, p) = 1, there exists c’ = multiplicative inverse of c (mod p)
ac bc (mod p) acc’ bcc’ (mod p) a b (mod p)
Examples
Given a b (mod p) and b c (mod p) implies a c (mod p)
And a b (mod p) implies a+cb+c (mod p) Prove a b (mod p) and c d (mod p) imply
a + c b + d (mod p) for prime p
Examples
Prove a b (mod p) and c d (mod p) imply a + c b + d (mod p) for prime p
a b (mod p) a + c b + c (mod p) c d (mod p) c + b d + b (mod p)
a + c b + c c + b d + b (mod p)
a + c b + d (mod p)
Examples Explain why a number written in decimal is divisible by
9 if and only if the sum of its digits is a multiple of 9
10 1 (mod 9) 10k 1k 1 (mod 9)
All decimal number, d, can be written in form:dk(10k) + dk-1(10k-1) + … + d1(101) +d0
d dk + dk-1 + … + d0 (mod 9) divisible by 9 if and only if the sum of its digits is a multiple of 9
Examples Explain why a number written in decimal is divisible by 11 if and
only if the difference between the sum of its odd digits and sum of its even digits is a multiple of 11
10 -1 (mod 11) 10k (-1)k (mod 11)
All decimal number, d, can be written in form:dk(10k) + dk-1(10k-1) + … + d1(101) +d0
d (-1)kdk + (-1)k-1dk-1 + … + (-1)0d0 (mod 11) d dk - dk-1 + dk-2… - d1 + d0 (mod 11) divisible by 11 if and only if the difference between the sum of its odd digits and sum of its even digits is a multiple of 11
Examples
Under Turing’s Code (Version 1.0), given key k = 47 Encrypt message m1 = 569
Encrypt message m2 = 751
Get k by having m1 and m2
Example
Encrypt message m1 = 569
m1’ = k * m1 = 26743
Encrypt message m2 = 751
m2’ = k * m2 = 35297
How to crack?
Examples
GCD(m1’, m2’) = GCD(m1k, m2k) = k 35297 = 1(26743) + 8554 26743 = 3(8554) + 1081 8554 = 7(1081) + 987 1081 = 1(987) + 94 987 = 10(94) + 47 94 = 2(47) + 0
GCD(35297, 26743) = 47 = k
Examples
Under Turing’s Code (Version 2.0), given prime p = 89, key k =48 Encrypt message m = 78 Compute multiplicative inverse of m (mod p) Show how to perform plain-text attack
Examples Encrypt message m = 78 m’ = rem (mk, p) = rem (3744, 89) = 6
Compute m’’ = multiplicative inverse of m (mod p) 89 = 78 + 11 11 = 89 - 78 78 = 7(11) + 1 1 =78 – 7(11)
1 = 8(78) – 7(89)
m’’ = 8
Examples
Plain-text attack: given m’, m and p m’ m * k (mod p)
m’’ * m’ m’’ * m * k k (mod p) m’’ * m’ = 6 * 8 48 (mod p)
k = 48