DTTF/NB479: Dszquphsbqiz Day 9 Announcements: Homework 2 due now - PowerPoint PPT Presentation

DTTF/NB479: Dszquphsbqiz Day 9 Announcements:  Homework 2 due now  Computer quiz Thursday on chapter 2 Questions? Today:  Wrap up congruences  Fermat’s little theorem  Euler’s theorem  Both really important for RSA – pay careful attention!

The Chinese Remainder Theorem establishes an equivalence A single congruence mod a composite number is equivalent to a system of congruences mod its factors Two-factor form  Given gcd(m,n)=1. For integers a and b, there exists exactly 1 solution (mod mn) to the system: ≡ (mod ) x a m ≡ (mod ) x b n

CRT Equivalences let us use systems of congruences to solve problems ≡ 3 (mod 7 ) x Solve the system: ≡ 5 (mod 15 ) x How many solutions? 2 ≡ 1 (mod 35 ) x  Find them.

Chinese Remainder Theorem n-factor form  Let m 1 , m 2 ,… m k be integers such that gcd(m i , m j )=1 when i ≠ j. For integers a 1 , … a k , there exists exactly 1 solution (mod m 1 m 2 …m k ) to the system: ≡ (mod ) x a m 1 1 ≡ (mod ) x a m 2 2 ... ≡ (mod ) x a m k k

Q Modular Exponentiation is extremely efficient since the partial results are always small Compute the last digit of 3 2000 Compute 3 2000 (mod 19) Idea:  Get the powers of 3 by repeatedly squaring 3, BUT taking mod at each step.

Modular Exponentiation Technique and Example (All congruences are mod 19) ≡ 2 3 9 Compute 3 2000 = ≡ ≡ 4 2 3 9 81 5 (mod 19) = ≡ ≡ 8 2 3 5 25 6 = ≡ ≡ − 16 2 Technique: 3 6 36 17 ( 2 ) or = ≡ ≡  Repeatedly square 32 2 3 17 289 4 3, but take mod at = ≡ 64 2 3 4 16 each step . ≡ ≡ ≡ 128 2 3 16 256 9 ≡  Then multiply the 256 3 5 terms you need to ≡ 512 3 6 get the desired power. ≡ 1024 3 17 ≡ 2000 1024 512 256 128 64 16 3 ( 3 )( 3 )( 3 )( 3 )( 3 )( 3 ) Book’s ≡ 2000 3 ( 17 )( 6 )( 5 )( 9 )( 16 )( 17 ) powermod() ≡ 2000 3 ( 1248480 ) ≡ 2000 3 9 (mod 19 )

Modular Exponentiation Example ≡ 2 3 9 Compute 3 2000 = ≡ (mod 152) 4 2 3 9 81 = ≡ ≡ 8 2 3 81 6561 25 = ≡ ≡ 16 2 3 25 625 17 = ≡ ≡ 32 2 3 17 289 137 = ≡ ≡ 64 2 3 137 18769 73 ≡ 128 3 9 ≡ 256 3 81 ≡ 512 3 25 ≡ 1024 3 17 ≡ 2000 1024 512 256 128 64 16 3 ( 3 )( 3 )( 3 )( 3 )( 3 )( 3 ) ≡ 2000 3 ( 17 )( 25 )( 81 )( 9 )( 73 )( 17 ) ≡ 2000 3 ( 384492875 ) ≡ 2000 3 9 (mod 152 )

1-2 Fermat’s Little Theorem: If p is prime and gcd(a,p)=1, then a (p-1) ≡1(mod p) 8

1-2 Fermat’s Little Theorem: If p is prime and gcd(a,p)=1, then a (p-1) ≡1(mod p) S= 1 f(1)=2 2 f(2)=4 Example: a=2, p=7 3 f(3)=6 4 f(4)=1 5 f(5)=3 6 f(6)=5 Examples:  2 2 =1(mod 3)  6 4 =1(mod ???)  (3 2000 )(mod 19) 9

The converse when a=2 usually holds Fermat: − ≡ 1 a p 1 (mod ) p If p is prime and doesn’t divide a, Converse: − ≡ 1 a p 1 (mod ) p If , then p is prime and doesn’t divide a. This is almost always true when a = 2. Rare counterexamples: 2 560 ≡ 1 (mod 561 )  n = 561 =3*11*17, but  n = 1729 = 7*13*19  Can do first one by hand if use Fermat and combine results with Chinese Remainder Theorem

Primality testing schemes typically use the contrapositive of Fermat n Even? no div by other small primes? no Prime by Factoring/ advanced techn.? yes prime

3 Primality testing schemes typically use the contrapositive of Fermat n Even? no div by other small primes? Use Fermat as a filter since it’s faster than factoring (if no calculated using the powermod method). ? ? − − ≡ ≡ 1 1 n n 2 (mod ) 1 2 1 (mod ) n n yes Fermat: p prime  2 p-1 ≡ 1 (mod p) Contrapositive? Prime by Factoring/ advanced techn.? Why can’t we just compute 2 n-1 (mod n) yes using Fermat if it’s so much faster? prime

4 Euler’s Theorem is like Fermat’s, but for composite moduli If gcd(a,n)=1, then n ≡ φ ( ) 1 (mod ) a n So what’s φ (n)? 13

φ (n) is the number of integers a, 5 such that 1 ≤ a ≤ n and gcd(a,n) = 1. Examples: φ (10) = 4. 1. When p is prime, φ (p) = ____ 2. When n =pq (product of 2 primes), φ (n) = ____ 3. 14

The general formula for φ (n) 6   − 1 p ∏   φ = ( ) n n     p | p n p are distinct primes Example: φ(12)=4 [Bill Waite, RHIT 2007]

7-10 Euler’s Theorem can also lead to computations that are more efficient than modular exponentiation n ≡ φ ( ) 1 (mod ) a n as long as gcd(a,n) = 1 Basic Principle: when working mod n, view the exponents mod φ (n). Examples: Find last 3 digits of 7 803 1. Find 3 2007 (mod 12) 2. Find 2 6004 (mod 99) 3. Find 2 6004 (mod 101) 4.