prime numbers cryptography
play

Prime numbers (cryptography) 2 GCD Let d | a mean Example: 5 | - PowerPoint PPT Presentation

Mar 09, 2023 •272 likes •611 views

1 Prime numbers (cryptography) 2 GCD Let d | a mean Example: 5 | 10, as 10 = 2 * 5 The greatest common divisor between a and b is: gcd(a,b) = max x s.t. x | a and x | b 3 GCD Oddly, another definition of gcd is: gcd also has

  1. 1 Prime numbers (cryptography)

  2. 2 GCD Let d | a mean Example: 5 | 10, as 10 = 2 * 5 The greatest common divisor between a and b is: gcd(a,b) = max x s.t. x | a and x | b

  3. 3 GCD Oddly, another definition of gcd is: gcd also has properties: 1. gcd(an, bn) = n gcd(a,b) 2. if n | ab and gcd(a,n) = 1, then n | b 3. if gcd(a,p)=1 and gcd(b,p)=1, then gcd(ab,p) = 1

  4. 4 GCD We can recursively find gcd by: gcd(a, b) if b == 0, return a; else, return gcd(b, a mod b) a mod b will always decrease, thus this will terminate

  5. 5 Modular linear equations Suppose we wanted to solve: a x mod n = b E.g. 18 x mod 80 = 33 How would you do this?

  6. 6 Modular linear equations Let d = gcd(a, n) Let x' and y' be integer solutions to: d = a*x' + n*y' If d | b, then: There are d solutions, namely: for i = 0 to d-1 print x'(b/d) + i(n/d) mod n else, no solutions

  7. 7 Chinese remainder theorem Let n = n 1 * n 2 * ... * n k , where n i is pairwise relatively prime Then there is a unique solution for x: x mod n i = a i for all i=1, 2, ... k, when x < n

  8. 8 Chinese remainder theorem This is a specific extension of solving a single equation (mod n) The “loopy” nature of modulus comes in handy many places Some implementations of FFT use the Chinese remainder theorem

  9. 9 Chinese remainder theorem You can compute this solution as: mod n i for finding m i -1 Let m i = n/n i not a math op Then c i = m i (m i -1 mod n i ) Then x = ∑c i *a i mod n (m i -1 is such that m i *m i -1 mod n i = 1)

  10. 10 Chinese remainder theorem Example, solve for x: x mod 5 = 2 (a 1 ) x mod 11 = 7 (a 2 ) n = 55, m 1 = 11, m 2 = 5 m 1 -1 = 1, m 2 -1 = 9 c 1 =11*1=11, c 2 =5*9=45 x = 11*2 + 7*45 mod 55=337%55=7

  11. 11 CRT vs. interpolation There is actually some similarity between the CRT and interpolation Both of them find a partial answer that simply modifies one sub-problem Then combines these partial answers

  12. 12 CRT vs. interpolation Find polynomial given 3 points: (0,1), (1, 4), (2, 4) (x-0)(x-1) is zero on x=0,1 (first 2) 2(x-0)(x-1) is correct for last (x=2) Combine by adding up a polynomial for each point (not effecting others)

  13. 13 CRT vs. interpolation Solve k systems of linear modular equations x mod n 1 = a 1 , x mod n 2 = a 2 , ... x mod n k = a k If n = n 1 *n 2 *...*n k , and m i = n/n i , then m i has no effect on x mod n j for any j except i (as n j | m i ) So we find c i such that c i m i = x (mod n i ) Then add these terms together (not effect other)

  14. 14 RSA Encryption RSA person A has two keys: P A = public key S A = secret key (private key) The key is that these functions are inverse, namely for some message M: P A (S A (M)) = S A (P A (M)) = M

  15. 15 RSA Encryption Thus, if person B wants to send a secret message to person A, they do: 1. Encrypt the message using public key: C = P A (M) 2. Then A can decrypt it using the secret key: M = S A (C)

  16. 16 RSA Encryption If A does not share S A , no one else knows the proper way to decrypt C P A (P A (M)) ≠ M ... and ... S A not easily computable from P A

  17. 17 RSA Encryption RSA algorithm: 1. Select two large primes p, q (p≠q) 2. Let n = p * q 3. Let e be: gcd(e, (p - 1)*(q - 1)) = 1 4. Let d be: e*d mod (p-1)*(q-1) = 1 (use “extended euclidean” in book) 5. Public key: P = (e, n) 6. Secret key: S = (d, n)

  18. 18 RSA Encryption Specifically: P A (M) = M e mod n S A (C) = C d mod n A key assumption is that M < n, as we want: M mod n = M Pick large p,q or encode per byte

  19. 19 RSA Encryption Example: p=7, q=11... n = p*q = 77 e=13 (does not need to be prime) as gcd(13,(7-1)(11-1))=gcd(13,60) = 1 d=37 as 13*37 mod 60 = 1 If M = 20, then... C = 20 13 mod 77 = 69 C = 69, 69 37 mod 77 = 20

  20. 20 RSA Encryption + CRT Computing large powers can require a lot of processor power Can more efficiently get the result with Chinese remainder theorem: (backwards) Have: number mod product Want: smaller system of equations

  21. 21 RSA Encryption + CRT Using CRT: m1 = C d mod p-1 mod p // less compute m2 = C d mod q-1 mod q // much smaller qI = q -1 mod p h = qI * (m1 - m2) m = m2 + h*q (see: rsa.cpp)

  22. 22 Primes RSA (and many other applications) require large prime numbers We need to find these efficiently (not brute force!) The common methods are actually probabilistic (no guarantee)

  23. 23 Primes First, are there actually large primes? Density of primes around x is about 1/ln(x) (i.e. 3 per 100 when x=10 10 )

  24. 24 Prime finding To find them, we just make a smart guess then check if it really is prime Smart guess: last digit not: 2, 4, 5, 6, 8 or 0 This eliminates 60% of numbers!

  25. 25 Prime finding Both of these methods use Fermat's theorem, for a prime p: So we simply check if: 2 p-1 mod p == 1 If this is, probably prime

  26. 26 Prime finding This simplistic method works surprisingly well: Error rate less than 0.2% (if around 512 bit range, 1 in 10 20 ) Has two major issues: 1. More accurate for large numbers 2. Carmichael numbers(e.g. 561, rare)

  27. 27 Prime finding Computation time also goes up with number size Carmichael numbers are composite, but have: a p-1 mod p = 1 for all a These are quite rare though (only 255 less than 100,000,000)

  28. 28 Miller-Rabin primality test Again, we will basically test Fermat's theorem but with a twist We let: n-1 = u * 2 t , for some u and t Then compute: As: (more efficient, as we can square it)

  29. 29 Miller-Rabin primality test Witness(a, n) find (t,u) such that t>1 and n-1=u*2 t x 0 = a u mod n for i = 1 to t x i =x 2 i-1 mod n if x i == 1 and x i-1 ≠ 1 and x i-1 ≠ n-1 return true if x i ≠ 1 return true return false

  30. 30 Miller-Rabin primality test If Witness returns true, the number is composite If Witness returns false, there is a 50% probability that it is a prime Thus testing “s” different values of “a” (range 0 to n-1) gives error 2 -s

  31. 31 Composites To find composites of n takes (we think) O(sqrt(n)) This is the same asymptotic running time as brute force (i.e. n%2 ==0, n%3==0, ...)

  32. 32 Composites Many security systems depend on the fact that factoring numbers is (we think) a hard problem In RSA, if you could factor n into p and q, anyone can get private key However, no one has been able to prove that this is hard

  33. 33 Composites The book does give an algorithm to compute composites Similar to security hashing: (finding hash collision) Still O(sqrt(n)) (smaller coefficient)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Prime numbers (cryptography) 2 Announcements Test next Tuesday Homework due Sunday 3 GCD

Prime numbers (cryptography) 2 Announcements Test next Tuesday Homework due Sunday 3 GCD

1 Prime numbers (cryptography) 2 Announcements Test next Tuesday Homework due Sunday 3 GCD Let d | a mean Example: 5 | 10, as 10 = 2 * 5 The greatest common divisor between a and b is: gcd(a,b) = max x s.t. x | a and x | b 4 GCD

490 views • 34 slides
T-79.159 Cryptography and Data Security Lecture 6: Modular Arithmetic Kaufman et al: Ch 7

T-79.159 Cryptography and Data Security Lecture 6: Modular Arithmetic Kaufman et al: Ch 7

T-79.159 Cryptography and Data Security Lecture 6: Modular Arithmetic Kaufman et al: Ch 7 -Prime numbers Stallings: Ch 8 -Euclids algorithm -Chinese remainder theorem -Eulers totient function -Eulers theorem 1 Prime Numbers

730 views • 6 slides
Cryptography Generation of Big Prime Numbers Uwe Egly Vienna University of Technology Institute

Cryptography Generation of Big Prime Numbers Uwe Egly Vienna University of Technology Institute

Cryptography Generation of Big Prime Numbers Uwe Egly Vienna University of Technology Institute of Information Systems Knowledge-Based Systems Group 1 / 18 Overview Generation of big primes, e.g., for RSA Randomly generated primes

594 views • 18 slides
What do you notice? What do you wonder? Notice All the red ones are prime numbers If

What do you notice? What do you wonder? Notice All the red ones are prime numbers If

What do you notice? What do you wonder? Notice All the red ones are prime numbers If you go down all the even numbers will be orange The greens go diagonal - all divisible by three Colors based off prime factors All

306 views • 28 slides
Prime Numbers Prime Numbers Prime number : an integer p&gt;1 that is divisible only by 1 and

Prime Numbers Prime Numbers Prime number : an integer p&gt;1 that is divisible only by 1 and

Prime Numbers Prime Numbers Prime number : an integer p&gt;1 that is divisible only by 1 and itself, ex. 2, 3,5, 7, 11, 13, 17 Composite number : an integer n&gt;1 that is not prime p g p Prime Numbers Fact : there are

472 views • 15 slides
Handout 9 Summary of this handout: RSA Generating Prime Numbers Arithmetic Modulo a

Handout 9 Summary of this handout: RSA Generating Prime Numbers Arithmetic Modulo a

06-20008 Cryptography The University of Birmingham Autumn Semester 2012 School of Computer Science Eike Ritter 22 November, 2012 Handout 9 Summary of this handout: RSA Generating Prime Numbers Arithmetic Modulo a Composite IV.4 RSA

498 views • 10 slides
Distinguishing prime numbers from composite numbers: the state of the art D. J. Bernstein

Distinguishing prime numbers from composite numbers: the state of the art D. J. Bernstein

Distinguishing prime numbers from composite numbers: the state of the art D. J. Bernstein University of Illinois at Chicago Is it easy to determine whether a given integer is prime? If easy means computable: Yes, of course. If

684 views • 35 slides
A: Use of arrays (space) to improve efficiency of algorithms B: Dictionary Prime Numbers:

A: Use of arrays (space) to improve efficiency of algorithms B: Dictionary Prime Numbers:

A: Use of arrays (space) to improve efficiency of algorithms B: Dictionary Prime Numbers: Given n find all prime numbers from 2 to n. Generalises earlier strategy One approach is to do test_prime(n) for all numbers upto n. Not

288 views • 24 slides
Structure and randomness in the prime numbers A small selection of results in number theory

Structure and randomness in the prime numbers A small selection of results in number theory

Structure and randomness in the prime numbers A small selection of results in number theory Science colloquium January 17, 2007 Terence Tao (UCLA) 1 Prime numbers A prime number is a natural number larger than 1 which cannot be expressed

629 views • 37 slides
RSA the Key Generation Example 1. Randomly choose two prime numbers p and q . We choose p =

RSA the Key Generation Example 1. Randomly choose two prime numbers p and q . We choose p =

RSA the Key Generation Example 1. Randomly choose two prime numbers p and q . We choose p = 11 and q = 13. 2. Compute n = pq . We compute n = pq = 11 13 = 143. Tutorial on Public Key Cryptography RSA 3. Randomly choose an odd number

178 views • 3 slides
CSE not every positive integer is prime 311 some positive integer is not prime prime

CSE not every positive integer is prime 311 some positive integer is not prime prime

Negations of quantifiers CSE not every positive integer is prime 311 some positive integer is not prime prime numbers do not exist Foundations of every positive integer is not prime Computing I Fall 2014 Negations of

351 views • 6 slides
Nilsequences and the primes (The lack of) hidden patterns in the prime numbers Fields Medalists

Nilsequences and the primes (The lack of) hidden patterns in the prime numbers Fields Medalists

Nilsequences and the primes (The lack of) hidden patterns in the prime numbers Fields Medalists Symposium April 26, 2007 Ben Green (Cambridge) Terence Tao (UCLA) 1 Analytic prime number theory Analytic prime number theory studies the

633 views • 35 slides
On the Prime Number Subset of the Fibonacci Numbers Lacey Fish 1 Brandon Reid 2 Argen West 3 1

On the Prime Number Subset of the Fibonacci Numbers Lacey Fish 1 Brandon Reid 2 Argen West 3 1

Introduction to Sieves Fibonacci Numbers Fibonacci sequence mod a prime Probability of Fibonacci Primes Matrix Approach On the Prime Number Subset of the Fibonacci Numbers Lacey Fish 1 Brandon Reid 2 Argen West 3 1 Department of Mathematics

1.06k views • 95 slides
Pythagorean Triples, Complex Numbers, Abelian Groups and Prime Numbers Amnon Yekutieli

Pythagorean Triples, Complex Numbers, Abelian Groups and Prime Numbers Amnon Yekutieli

Pythagorean Triples, Complex Numbers, Abelian Groups and Prime Numbers Amnon Yekutieli Department of Mathematics Ben Gurion University email: amyekut@math.bgu.ac.il Notes available at http://www.math.bgu.ac.il/~amyekut/lectures written 7

1.4k views • 121 slides
Tutorial on Public Key Cryptography RSA Eli Biham - May 3, 2005 c 386 Tutorial on Public

Tutorial on Public Key Cryptography RSA Eli Biham - May 3, 2005 c 386 Tutorial on Public

Tutorial on Public Key Cryptography RSA Eli Biham - May 3, 2005 c 386 Tutorial on Public Key Cryptography RSA (14) RSA the Key Generation Example 1. Randomly choose two prime numbers p and q . We choose p = 11 and q = 13. 2.

259 views • 22 slides
Questions about Prime Numbers Proving Existential Statements Is 1 prime? Prove existential

Questions about Prime Numbers Proving Existential Statements Is 1 prime? Prove existential

Even/Odd Numbers CSE 20 Discrete Math An integer n is even iff n equals twice some integer. An integer n is odd iff n equals twice some integer plus 1. Summer, 2006 July 12 (Day 3) Number Theory Methods of Proof Instructor: Neil Rhodes 2

270 views • 8 slides
Discrete Mathematics, Chapter 4: Number Theory and Cryptography Richard Mayr University of

Discrete Mathematics, Chapter 4: Number Theory and Cryptography Richard Mayr University of

Discrete Mathematics, Chapter 4: Number Theory and Cryptography Richard Mayr University of Edinburgh, UK Richard Mayr (University of Edinburgh, UK) Discrete Mathematics. Chapter 4 1 / 35 Outline Divisibility and Modular Arithmetic 1 Primes

822 views • 40 slides
Public Key Cryptography and Cryptographic Hashes CS461/ECE422 Fall 2009 Reading Computer

Public Key Cryptography and Cryptographic Hashes CS461/ECE422 Fall 2009 Reading Computer

Public Key Cryptography and Cryptographic Hashes CS461/ECE422 Fall 2009 Reading Computer Security: Art and Science Chapter 9 Handbook of Applied Cryptography, Chapter 8 http://www.cacr.math.uwaterloo.ca/hac/ Public-Key

486 views • 47 slides
Tools for Censorship Resistance Rachel Greenstadt greenie@eecs.harvard.edu CIH2K5 March 2005

Tools for Censorship Resistance Rachel Greenstadt greenie@eecs.harvard.edu CIH2K5 March 2005

Tools for Censorship Resistance Rachel Greenstadt greenie@eecs.harvard.edu CIH2K5 March 2005 Tools for Censorship Resistance p.1/36 Overview Approaches to Censorship Circumvention methods Case study: China Censorship in a free

628 views • 36 slides
Theoretical Background on Cryptographic Primitives Bogdan Groza This material intends to be a

Theoretical Background on Cryptographic Primitives Bogdan Groza This material intends to be a

Theoretical Background on Cryptographic Primitives Bogdan Groza This material intends to be a brief introduction to symmetric and asymmetric cryptographic primitives, pointing out some relevant design principles and security properties.

532 views • 26 slides
Cryptography Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.Washington.edu Thanks to Dan Boneh,

Cryptography Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.Washington.edu Thanks to Dan Boneh,

CSE 484 / CSE M 584: Computer Security and Privacy Cryptography Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.Washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Ada Lerner, John Manferdelli, John Mitchell, Franziska Roesner,

369 views • 17 slides
Definitions Topic 18 Binary Trees A tree is an abstract data type root node internal one entry

Definitions Topic 18 Binary Trees A tree is an abstract data type root node internal one entry

Definitions Topic 18 Binary Trees A tree is an abstract data type root node internal one entry point, the root nodes &quot;A tree may grow a Each node is either a leaf or an internal node thousand feet tall, but An internal node has 1 or

286 views • 13 slides
The Aldous diffusion on continuum trees Soumik Pal University of Washington, Seattle Vienna

The Aldous diffusion on continuum trees Soumik Pal University of Washington, Seattle Vienna

The Aldous diffusion on continuum trees Soumik Pal University of Washington, Seattle Vienna probability seminar Jun 11, 2019 Noah Forman, Douglas Rizzolo, Matthias Winkel arXiv:1804.01205, 1802.00862, 1609.06707 Thanks to NSF, UW RRF, EPSRC

1.03k views • 46 slides
INFO 4300 / CS4300 Information Retrieval slides adapted from Hinrich Sch utzes, linked from

INFO 4300 / CS4300 Information Retrieval slides adapted from Hinrich Sch utzes, linked from

INFO 4300 / CS4300 Information Retrieval slides adapted from Hinrich Sch utzes, linked from http://informationretrieval.org/ IR 23/25: Hierarchical Clustering &amp; Text Classification Redux Paul Ginsparg Cornell University, Ithaca, NY

908 views • 73 slides

More recommend