lecture 12 inverses proof review
play

Lecture 12. Inverses? Proof review. Claim: a 1 ( mod m ) exists - PowerPoint PPT Presentation

Jun 01, 2023 •380 likes •420 views

Lecture 12. Inverses? Proof review. Claim: a 1 ( mod m ) exists when gcd ( a , m ) = 1 . Fact: ax = ay ( mod m ) for x = y { 0 ,... m 1 } Proof of Fact: Let ax = ay ( mod m ) , x = y { 0 ,..., m 1 } Its Friday.

  1. Lecture 12. Inverses? Proof review. Claim: a − 1 ( mod m ) exists when gcd ( a , m ) = 1 . Fact: ax � = ay ( mod m ) for x � = y ∈ { 0 ,... m − 1 } Proof of Fact: Let ax = ay ( mod m ) , x � = y ∈ { 0 ,..., m − 1 } It’s Friday. ax = ay + km When does a have inverse ( mod m ) ? Will let out early today! a ( x − y ) = km When gcd ( a , m ) = 1! Consider prime factorization: 61A midterm makeup afterwards. a = a 1 ... a ℓ . Today: A bit of review, RSA, signature schemes. m = m 1 ... m z . Do any a i = m j ? Yes? No? No! gcd ( a , m ) = 1! Therefore a ( x − y ) = km only if factorization of ( x − y ) contains all factors of m . = ⇒ ( x − y ) ≥ m or ( x − y ) = 0. Contradiction. Excursion: Bijections. Modular arithmetic examples. Inverses: continued. f : S → T is one-to-one mapping . f : S → T is one-to-one mapping . one-to-one: f ( x ) � = f ( x ′ ) for x , x ′ ∈ S and x � = x ′ . Not 2 to 1! one-to-one: f ( x ) � = f ( x ′ ) for x , x ′ ∈ S and x � = y . Claim: a − 1 ( mod m ) exists when gcd ( a , m ) = 1 . f ( · ) is onto f ( · ) is onto Fact: ax � = ay ( mod m ) for x � = y ∈ { 0 ,... m − 1 } if for every y ∈ T there is x ∈ S where y = f ( x ) . if for every y ∈ T there is x ∈ S where y = f ( x ) . Consider T = { 0 a ( mod m ) , 1 a ( mod m ) ,...,... ( m − 1 ) a ( mod m ) } Bijection is one-to-one and onto function. Recall: f ( red ) = 1, f ( yellow ) = 2 , f ( blue ) = 3 Consider S = { 0 , 1 ,...,... ( m − 1 ) } Two sets have the same size One-to-one if inverse: g ( 1 ) = red , g ( 2 ) = yellow , g ( 3 ) = blue . S = T . Why? if and only if there is a bijection between them! Is f ( x ) = x + 1 ( mod m ) one-to-one? g ( x ) = x − 1 ( mod m ) . T ⊆ S since ax ( mod m | ) ∈ { 0 ,..., m − 1 } Same size? Onto: range is subset of domain. One-to-one mapping from S to T ! { red , yellow , blue } and { 1 , 2 , 3 } ? Is f ( x ) = ax ( mod m ) one-to-one? = ⇒ | T | ≥ | S | If gcd ( a , m ) = 1, ax � = ax ′ ( mod m ) . f ( red ) = 1, f ( yellow ) = 2, f ( blue ) = 3. Same set. { red , yellow , blue } and { 1 , 2 } ? Injective? Surjective? Why does a have inverse? T is S and therefore contains 1 ! ! ! f ( red ) = 1, f ( yellow ) = 2, f ( blue ) = 2. We tend to use one-to-one and onto. two to one! not one to one. Why am I excited? There is an x where ax = 1. Bijection is one-to-one and onto function. { red , yellow } and { 1 , 2 , 3 } ? There is an inverse of a ! ! ! Two sets have the same size f ( red ) = 1, f ( yellow ) = 2. if and only if there is a bijection between them! Misses 3. not onto.

  2. Fermat from Bijection. RSA and Fermat. Fermat: a seeming excursion? Thm: m ed = m ( mod pq ) if ed = 1 ( mod ( p − 1 )( q − 1 )) RSA: Fermat’s Little Theorem: For prime p , and a �≡ 0 ( mod p ) , Seems like magic! a p − 1 ≡ 1 ( mod p ) . Alice: Fermat’s Little Theorem: For prime p , and a �≡ 0 ( mod p ) , Primes: p , q . N = pq . Proof: Consider T = { a · 1 ( mod p ) ,..., a · ( p − 1 ) ( mod p ) } . a p − 1 ≡ 1 ( mod p ) . Encryption Key: e where gcd ( e , ( p − 1 )( q − 1 ))) = 1 Decryption Key: d = e − 1 ( mod ( p − 1 )( q − 1 )) T is range of function f ( x ) = ax mod ( p ) for set S = { 1 ,..., p − 1 } . 3 6 ( mod 7 ) ? 1. Invertible function: one-to-one. 3 7 ( mod 7 ) ? 3. Message: m T ⊆ S since 0 �∈ T . Encryption: y = E ( m ) = m e ( mod N ) . Bob. p is prime. Decryption: D ( y ) = y d ( mod N ) . Alice. Involves exponents and gets 3 back. = ⇒ T = S . Seems like magic. Result: m ed ( mod N ) Product of elts of T = Product of elts of S . Corollary: a k ( p − 1 )+ 1 = a ( mod p ) Example: ( a · 1 ) · ( a · 2 ) ··· ( a · ( p − 1 )) ≡ 1 · 2 ··· ( p − 1 ) mod p , x = 2 Get a back when exponent is 1 ( mod p − 1 ) . p = 7 , 1 = 11 . N = 77 y = 2 7 ( mod 77 ) Bob. Since multiplication is commutative. A little like RSA. e = 7 gcd ( 7 , 60 ) = 1. y 43 = 2 ( mod 77 ) Alice. a ed ( mod ( p − 1 )( q − 1 )) is a a ( p − 1 ) ( 1 ··· ( p − 1 )) ≡ ( 1 ··· ( p − 1 )) mod p . d = 43 7 ∗ 43 = 1 ( mod 60 ) . Alice got Bob’s message! when exponent is 1 ( mod ( p − 1 )( q − 1 )) . Each of 2 ,... ( p − 1 ) has an inverse modulo p , mulitply by inverses to Want D ( E ( x )) = x Proof of Corollary. If a = 0, a k ( p − 1 )+ 1 = 0 ( mod m ) . get... Thm: x ed = x ( mod N ) Otherwise a 1 + k ( p − 1 ) ≡ a 1 ∗ ( a p − 1 ) k ≡ a ∗ ( 1 ) b ≡ a ( mod p ) a ( p − 1 ) ≡ 1 mod p . Alice got message back!!! Idea: Fermat removes the k ( p − 1 ) from the exponent! ...Decoding correctness... RSA decodes correctly.. Construction of keys.. .. Lemma 1: For any prime p and any a , b , 1. Find large (100 digit) primes p and q ? a 1 + b ( p − 1 ) ≡ a ( mod p ) Lemma 2: For any two different primes p , q and any x , k , Prime Number Theorem: π ( N ) number of primes less than x 1 + k ( p − 1 )( q − 1 ) ≡ x ( mod pq ) N .For all N ≥ 17 Lemma 2: For any two different primes p , q and any x , k , x 1 + k ( p − 1 )( q − 1 ) ≡ x ( mod pq ) Theorem: RSA correctly decodes! π ( N ) ≥ N / ln N . Recall Let a = x , b = k ( p − 1 ) and apply Lemma 1 with modulus q . x 1 + k ( p − 1 )( q − 1 ) ≡ x ( mod q ) Choosing randomly gives approximately 1 / ( ln N ) chance of D ( E ( x )) = ( x e ) d = x ed ≡ x ( mod pq ) , number being a prime. (How do you tell if it is prime? ... x 1 + k ( q − 1 )( p − 1 ) − x ≡ 0 mod ( q ) = ⇒ multiplie of q . cs170..Miller-Rabin test.. Primes in P ). Let a = x , b = k ( q − 1 ) and apply Lemma 1 with modulus p . where ed ≡ 1 mod ( p − 1 )( q − 1 ) = ⇒ ed = 1 + k ( p − 1 )( q − 1 ) For 1024 bit number, 1 in 710 is prime. x 1 + k ( p − 1 )( q − 1 ) ≡ x ( mod p ) x ed ≡ x k ( p − 1 )( q − 1 )+ 1 ≡ x ( mod pq ) . 2. Choose e with gcd ( e , ( p − 1 )( q − 1 )) = 1. x 1 + k ( q − 1 )( p − 1 ) − x ≡ 0 mod ( p ) = ⇒ multiplie of p . Use gcd algorithm to test. x 1 + k ( q − 1 )( p − 1 ) − x is multiple of p and q . 3. Find inverse d of e modulo ( p − 1 )( q − 1 ) . x 1 + k ( q − 1 )( p − 1 ) − x ≡ 0 mod ( pq ) = ⇒ x 1 + k ( q − 1 )( p − 1 ) = x mod pq . Use extended gcd algorithm. All steps are polynomial in O ( log N ) , the number of bits.

  3. Security of RSA. Much more to it..... If Bobs sends a message (Credit Card Number) to Alice, Eve sees it. Security? Eve can send credit card again!! 1. Alice knows p and q . The protocols are built on RSA but more complicated; For example, several rounds of challenge/response. 2. Bob only knows, N (= pq ) , and e . Does not know, for example, d or factorization of N . One trick: Bob encodes credit card number, c , 3. Breaking this scheme = ⇒ factoring N . concatenated with random k -bit number r . Don’t know how to factor N . Never sends just c . Again, more work to do to get entire system. CS161...

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Lecture 21: Midterm 2 Review. Modular Arithmetic Inverses and GCD Example: p = 7, q = 11.

Lecture 21: Midterm 2 Review. Modular Arithmetic Inverses and GCD Example: p = 7, q = 11.

Lecture 21: Midterm 2 Review. Modular Arithmetic Inverses and GCD Example: p = 7, q = 11. Professor Walrand. x has inverse modulo m if and only if gcd ( x , m ) = 1 . N = 77 . Wrapping up his lectures for other course this week. ( p 1 )( q

208 views • 5 slides
Midterm 2 Review. Midterm format Modular Arithmetic Inverses and GCD Midterm Topics: Notes 6-14.

Midterm 2 Review. Midterm format Modular Arithmetic Inverses and GCD Midterm Topics: Notes 6-14.

Midterm 2 Review. Midterm format Modular Arithmetic Inverses and GCD Midterm Topics: Notes 6-14. Modular Arithmetic. Inverses. GCD/Extended-GCD. x has inverse modulo m if and only if gcd ( x , m ) = 1 . Time: 120 minutes Proof Idea:

282 views • 5 slides
cse 311: foundations of computing Spring 2015 Lecture 13: Primes, GCDs, modular inverses

cse 311: foundations of computing Spring 2015 Lecture 13: Primes, GCDs, modular inverses

cse 311: foundations of computing Spring 2015 Lecture 13: Primes, GCDs, modular inverses review: repeated squaring Since a mod m a (mod m) for any a we have a 2 mod m = (a mod m) 2 mod m and a 4 mod m = (a 2 mod m) 2 mod m

485 views • 21 slides
Graphs Lecture 2 Today BFS/DFS Review; proof about DFS tree Implementation Running time

Graphs Lecture 2 Today BFS/DFS Review; proof about DFS tree Implementation Running time

Graphs Lecture 2 Today BFS/DFS Review; proof about DFS tree Implementation Running time Bipartite testing Topological sort BFS/DFS Review Examples on board Breadth-First Search Property. Let T be a BFS tree of G = (V , E), and let (x,

527 views • 26 slides
Inverses problems and Regularized Solutions Lecture 9 Part A - Yvon JARNY Laboratoire de

Inverses problems and Regularized Solutions Lecture 9 Part A - Yvon JARNY Laboratoire de

Inverses problems and Regularized Solutions Lecture 9 Part A - Yvon JARNY Laboratoire de Thermocintique de Nantes (LTN), UMR CNRS 6607 Universit de Nantes PolytechNantes 44306 Nantes cedex 3 Metti5 Roscoff 1 June 13-18, 2011

1.2k views • 51 slides
CSE 311: Foundations of Computing announcements Fall 2013 Reading assignment Lecture 13:

CSE 311: Foundations of Computing announcements Fall 2013 Reading assignment Lecture 13:

CSE 311: Foundations of Computing announcements Fall 2013 Reading assignment Lecture 13: Modular inverses, induction Induction 5.1-5.2, 7 th edition 4.1-4.2, 6 th edition review: GCD review: euclids algorithm Repeatedly use the GCD fact

508 views • 6 slides
Logic for Computer Science 06 Proof strategies Wouter Swierstra University of Utrecht 1

Logic for Computer Science 06 Proof strategies Wouter Swierstra University of Utrecht 1

Logic for Computer Science 06 Proof strategies Wouter Swierstra University of Utrecht 1 Last time Proof strategies 2 This lecture Wrap-up Review 3 Proofs There is no single defjnition of what is a proof it depends on

1.13k views • 55 slides
Lecture 8. Outline. 1. Modular Arithmetic. Clock Math!!! 2. Inverses for Modular Arithmetic:

Lecture 8. Outline. 1. Modular Arithmetic. Clock Math!!! 2. Inverses for Modular Arithmetic:

Lecture 8. Outline. 1. Modular Arithmetic. Clock Math!!! 2. Inverses for Modular Arithmetic: Greatest Common Divisor. 3. Euclids GCD Algorithm Clock Math If it is 1:00 now. What time is it in 5 hours? 6:00! What time is it in 15 hours?

321 views • 11 slides
Previously... Forward and converse proof of the rate-distortion theorem S. Cheng (OU-Tulsa)

Previously... Forward and converse proof of the rate-distortion theorem S. Cheng (OU-Tulsa)

Lecture 14 Review Previously... Forward and converse proof of the rate-distortion theorem S. Cheng (OU-Tulsa) November 28, 2017 1 / 27 Lecture 14 Overview This time Method of types Universal source coding Large deviation theory S. Cheng

1.66k views • 133 slides
TOURNAMENT PAPER WORK REVIEW TOURNAMENT PLAYER VERIFICATION FORM Proof of Age Proof of

TOURNAMENT PAPER WORK REVIEW TOURNAMENT PLAYER VERIFICATION FORM Proof of Age Proof of

TOURNAMENT PAPER WORK REVIEW TOURNAMENT PLAYER VERIFICATION FORM Proof of Age Proof of Residency School Enrollment Player Information Proof of Age (BC) Proof of Residency OR School Enrollment Waivers Signatures Proof of Residency:

480 views • 32 slides
Whats on todays menu? F Wrap up of Proof Techniques F Review of Chapter 1 F Introduction to

Whats on todays menu? F Wrap up of Proof Techniques F Review of Chapter 1 F Introduction to

Whats on todays menu? F Wrap up of Proof Techniques F Review of Chapter 1 F Introduction to Sets R. Rao, CSE 311 Chapter 1 review 1 Existence Proofs F Goal: Prove x P( x ) 1 st way: F Two ways: 2 nd way: Constructive proof Destructive

264 views • 5 slides
General inverses of matrices Ivana M. Staniev University of Belgrade, Technical faculty in Bor

General inverses of matrices Ivana M. Staniev University of Belgrade, Technical faculty in Bor

General inverses of matrices Ivana M. Staniev University of Belgrade, Technical faculty in Bor Vienna, December 17 20, 2016. 1 Ivana M. Staniev General inverses of matrices Indefinite inner products Moore-Penrose inverse

452 views • 23 slides
15-251 Great Theoretical Ideas in Computer Science Lecture 2: On Proofs and Pancakes September

15-251 Great Theoretical Ideas in Computer Science Lecture 2: On Proofs and Pancakes September

15-251 Great Theoretical Ideas in Computer Science Lecture 2: On Proofs and Pancakes September 3rd, 2015 1. What is a proof ? 2. How do you find a proof ? 3. How do you write a proof ? 1. What is a proof ? 2. How do you find a proof ?

919 views • 61 slides
Inverses Today: finding inverses quickly. Euclids Algorithm. Runtime. Euclids Extended

Inverses Today: finding inverses quickly. Euclids Algorithm. Runtime. Euclids Extended

Inverses Today: finding inverses quickly. Euclids Algorithm. Runtime. Euclids Extended Algorithm. Refresh Does 2 have an inverse mod 8? No. Does 2 have an inverse mod 9? Yes. 5 2 ( 5 ) = 10 = 1 mod 9. Does 6 have an inverse mod 9? No.

354 views • 19 slides
3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof

3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof

Griffith University 3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof by construction 2. Proof by equivalence 3. Proof by contradiction 4. Proof by case analysis 5. Proof by induction

549 views • 11 slides
Formalization of Proof What is proof? GORM: Good Old Regular Mathematics Four Color

Formalization of Proof What is proof? GORM: Good Old Regular Mathematics Four Color

15-251: Great Theoretical Ideas in Computer Science Lecture 3 Formalization of Proof What is proof? GORM: Good Old Regular Mathematics Four Color Theorem GORM is the math youve been doing all your life 1852 conjecture: GORM is

353 views • 11 slides
Today Color Reading: Chapter 6, Forsyth & Ponce Optional reading: Chapter

Today Color Reading: Chapter 6, Forsyth & Ponce Optional reading: Chapter

Today Color Reading: Chapter 6, Forsyth & Ponce Optional reading: Chapter 4 of Wandell, Foundations of Vision, Sinauer, 1995 has a good treatment of this. Feb. 17, 2005 MIT 6.869 Prof. Freeman Why does a visual system

1.11k views • 68 slides
ILLUMINATION MODELS & ALGORITHMS Graphics & Visualization: Principles & Algorithms

ILLUMINATION MODELS & ALGORITHMS Graphics & Visualization: Principles & Algorithms

Graphics & Visualization Chapter 12 ILLUMINATION MODELS & ALGORITHMS Graphics & Visualization: Principles & Algorithms Chapter 12 Introduction Representation of illumination phenomena in CG :

2.28k views • 125 slides
BAIS2: Burned Area Index for Sentinel-2 Federico Filipponi federico.filipponi@gmail.com Problem

BAIS2: Burned Area Index for Sentinel-2 Federico Filipponi federico.filipponi@gmail.com Problem

BAIS2: Burned Area Index for Sentinel-2 Federico Filipponi federico.filipponi@gmail.com Problem Sentinel-2 satellites, equipped with MSI sensor with specific spectral bands to record data in the vegetation red-edge spectral domain, opened the

463 views • 13 slides
Neural Network in Computer Graphics Reveal the order of the world where top-down meets

Neural Network in Computer Graphics Reveal the order of the world where top-down meets

Neural Network in Computer Graphics Reveal the order of the world where top-down meets bottom-up Liqian Ma Megvii (Face++) Researcher maliqian@megvii.com Nov 2017 Raise your hand and ask, whenever you have questions... Outline

895 views • 62 slides
Functions - Part 2 Supartha Podder One-to-One and Onto Functions A function f : A B is said

Functions - Part 2 Supartha Podder One-to-One and Onto Functions A function f : A B is said

Functions - Part 2 Supartha Podder One-to-One and Onto Functions A function f : A B is said to be one-to-one, or an injunction, if and only if f ( a ) = f ( b ) implies that a = b for all a , b A . A function is said to be injective if it

3.23k views • 65 slides
Algorithmics of Checking First Result: . . . Whether a Mapping Is How Efficient Are the . . .

Algorithmics of Checking First Result: . . . Whether a Mapping Is How Efficient Are the . . .

Introduction First Problem: . . . Second Problem: . . . Case of Semi- . . . Algorithmics of Checking First Result: . . . Whether a Mapping Is How Efficient Are the . . . Polynomial Mapping . . . Injective, Surjective, Case of Analytical .

223 views • 19 slides
MA/CSSE 473 Day 11 Data Encryption MA/CSSE 473 Day 11 HW 5 is due tomorrow. HW 6 due

MA/CSSE 473 Day 11 Data Encryption MA/CSSE 473 Day 11 HW 5 is due tomorrow. HW 6 due

MA/CSSE 473 Day 11 Data Encryption MA/CSSE 473 Day 11 HW 5 is due tomorrow. HW 6 due Friday Poll results: Tomorrow I hope to discuss the Knuth interview, and Brute Force Algorithms Student Questions Cryptography

523 views • 7 slides
Announcements ICS 6B Quiz schedule online * Will allow you to drop 1 quiz Boolean Algebra

Announcements ICS 6B Quiz schedule online * Will allow you to drop 1 quiz Boolean Algebra

Announcements ICS 6B Quiz schedule online * Will allow you to drop 1 quiz Boolean Algebra & Logic * Subject to change Homework is online Lecture Notes for Summer Quarter, 2008 Michele Rousseau Set 4 Ch. 2.2, 2.3, 8.1 2

371 views • 7 slides

More recommend