DTTF/NB479: Dszquphsbqiz Day 9 Announcements: Homework 2 due now - - PowerPoint PPT Presentation

DTTF/NB479: Dszquphsbqiz Day 9 Announcements:

 Homework 2 due now  Computer quiz Thursday on chapter 2

Questions? Today:

 Wrap up congruences  Fermat’s little theorem  Euler’s theorem  Both really important for RSA – pay careful attention!

The Chinese Remainder Theorem establishes an equivalence A single congruence mod a composite number is equivalent to a system of congruences mod its factors Two-factor form

 Given gcd(m,n)=1. For integers a and b, there exists

exactly 1 solution (mod mn) to the system:

) (mod ) (mod n b x m a x ≡ ≡

CRT Equivalences let us use systems of congruences to solve problems Solve the system: How many solutions?

 Find them.

) 15 (mod 5 ) 7 (mod 3 ≡ ≡ x x

) 35 (mod 1

2 ≡

x

Chinese Remainder Theorem n-factor form

 Let m1, m2,… mk be integers such that gcd(mi, mj)=1

when i ≠ j. For integers a1, … ak, there exists exactly 1 solution (mod m1m2…mk) to the system:

) (mod ... ) (mod ) (mod

2 2 1 1 k k

m a x m a x m a x ≡ ≡ ≡

Modular Exponentiation is extremely efficient since the partial results are always small Compute the last digit of 32000 Compute 32000 (mod 19) Idea:

 Get the powers of 3 by repeatedly squaring 3, BUT

taking mod at each step. Q

Modular Exponentiation Technique and Example

Compute 32000 (mod 19) Technique:

 Repeatedly square

3, but take mod at each step.

 Then multiply the

terms you need to get the desired power.

Book’s powermod()

17 3 6 3 5 3 9 256 16 3 16 4 3 4 289 17 3 ) 2 ( 17 36 6 3 6 25 5 3 5 81 9 3 9 3

1024 512 256 2 128 2 64 2 32 2 16 2 8 2 4 2

≡ ≡ ≡ ≡ ≡ ≡ ≡ = ≡ ≡ = − ≡ ≡ = ≡ ≡ = ≡ ≡ = ≡

• r

) 19 (mod 9 3 ) 1248480 ( 3 ) 17 )( 16 )( 9 )( 5 )( 6 )( 17 ( 3 ) 3 )( 3 )( 3 )( 3 )( 3 )( 3 ( 3

2000 2000 2000 16 64 128 256 512 1024 2000

≡ ≡ ≡ ≡

(All congruences are mod 19)

Modular Exponentiation Example

Compute 32000 (mod 152) 17 3 25 3 81 3 9 3 73 18769 137 3 137 289 17 3 17 625 25 3 25 6561 81 3 81 9 3 9 3

1024 512 256 128 2 64 2 32 2 16 2 8 2 4 2

≡ ≡ ≡ ≡ ≡ ≡ = ≡ ≡ = ≡ ≡ = ≡ ≡ = ≡ = ≡

) 152 (mod 9 3 ) 384492875 ( 3 ) 17 )( 73 )( 9 )( 81 )( 25 )( 17 ( 3 ) 3 )( 3 )( 3 )( 3 )( 3 )( 3 ( 3

2000 2000 2000 16 64 128 256 512 1024 2000

≡ ≡ ≡ ≡

Fermat’s Little Theorem: If p is prime and gcd(a,p)=1, then a(p-1)≡1(mod p)

8

1-2

Fermat’s Little Theorem: If p is prime and gcd(a,p)=1, then a(p-1)≡1(mod p) Examples:

 22=1(mod 3)  64 =1(mod ???)  (32000)(mod 19)

9

1 2 3 4 5 6 S= f(1)=2 f(2)=4 f(3)=6 f(4)=1 f(5)=3 f(6)=5 Example: a=2, p=7

1-2

The converse when a=2 usually holds Fermat: If p is prime and doesn’t divide a, Converse:

If , then p is prime and doesn’t divide a. This is almost always true when a = 2. Rare counterexamples:

 n = 561 =3*11*17, but  n = 1729 = 7*13*19  Can do first one by hand if use Fermat and combine results with

Chinese Remainder Theorem

) (mod 1

1

p a p ≡

−

) (mod 1

1

p a p ≡

−

) 561 (mod 1 2560 ≡

Primality testing schemes typically use the contrapositive of Fermat

Even? div by other small primes? Prime by Factoring/ advanced techn.? n no no yes prime

Primality testing schemes typically use the contrapositive of Fermat

Use Fermat as a filter since it’s faster than factoring (if calculated using the powermod method).

1 ) (mod 2

? 1

≡

−

n

n

Even? div by other small primes? Prime by Factoring/ advanced techn.? n no no yes yes prime

Fermat: p prime 2p-1 ≡ 1 (mod p) Contrapositive?

Why can’t we just compute 2n-1(mod n) using Fermat if it’s so much faster?

) (mod 1 2

? 1

n

n

≡

−

3

Euler’s Theorem is like Fermat’s, but for composite moduli If gcd(a,n)=1, then So what’s φ(n)?

13

) (mod 1

) (

n a

n ≡ φ

4

φ(n) is the number of integers a, such that 1 ≤ a ≤ n and gcd(a,n) = 1. Examples:

1.

φ(10) = 4.

2.

When p is prime, φ(p) = ____

3.

When n =pq (product of 2 primes), φ(n) = ____

14

5

The general formula for φ(n)

Example: φ(12)=4

[Bill Waite, RHIT 2007]

∏

        − =

n p

p p n n

|

1 ) ( φ

6

p are distinct primes

Euler’s Theorem can also lead to computations that are more efficient than modular exponentiation as long as gcd(a,n) = 1 Examples:

1.

Find last 3 digits of 7803

2.

Find 32007 (mod 12)

3.

Find 26004 (mod 99)

4.

Find 26004 (mod 101) Basic Principle: when working mod n, view the exponents mod φ(n).

) (mod 1

) (

n a

n ≡ φ

7-10