Introduction to the Mathematics of Computer Security

Introduction to Computer Security
Benoit Donnet Academic Year 2013 - 2014
Agenda
Cryptography
Chapter 1: Mathematics for Cryptography
Modular Arithmetic Euclidean Algorithms Euler's Function Fermat Theorem Chinese Remainder Theorem Chapter 2: Symmetric Cryptography Chapter 3: Asymmetric Cryptography Chapter 4: Authentication Chapter 5: Key Distribution
-
INFO0045 - ULg - 2013/2014 - Benoit Donnet
Agenda
-
Modular Arithmetic
Division Congruence n Arithmetic
! ! !
Euclide Algorithms Euler's Function Fermat's Theorem Chinese Remainder Theorem
Division
Let a ! and n !
-
a=q!n+r
! !
0"r<n q = "a/n#
r is the remainder q is the quotient Examples

! !
a = 11, n = 7 $ 11 = 1 ! 7 + 4 $ r = 4 a = -11, n = 7 $ -11 = -2 ! 7 + 3 $ r = 3
If a, n !
!
and n > 0
a mod n refers to the remainder when a is divided by n

modulo operator
INFO0045 - ULg - 2013/2014 - Benoit Donnet 4
a = "a/n# + (a mod n)
Division (2)
Modulo example
-
a = 59; n = 7
! !
59 = 8 ! 7 + 3
r = 3, q = 8 59 mod 7 = 3
Division (3)
Let a, b, and m !
-
Notation: b|a Example:

-
b (" 0) divides a if a = m ! b b is a divisor of a
divisors of 24 are 1, 2, 3, 4, 6, 8, 12, 24
Division (4)
Properties
-
Demonstrating Prop. 4
-
if a|1 then a = 1 if a|b and b|a then a = b any b " 0 divides 0 if b|g and b|h then b|(mg + nh), for any m, n if a = 0 mod n then n|a if b|g, then g = b ! g1 if b|h, then h = b ! h1 it comes
mg + nh = mgb1 + nbh1 = b ! (mg1 + nh1)
Division (5)
Divisibility criteria
-
2|n if n ends with 0, 2, 4, 6, 8 3|n if the sum of n numbers are divisible by 3 4|n if last 2 n numbers are divisible by 4
example: 256,628
5|n if n ends with 0, 5 8|n if last 3 n numbers are divisible by 8

!
example: 176,072 example: 37,521
9|n if the sum of n numbers are divisible by 9

!
Congruence
Two integers, a and b, are said equal modulo n if
n|a-b Two integers, a and b, are said congruent modulo n if a mod n = b mod n
-
Notation
!
a # b mod n
a and b are equivalent in the modulo n class
Congruence (2)
Congruence examples
-
26 # 12 mod 7
26 mod 7 = 5 12 mod 7 = 5
! !
21 # -9 mod 10
! !
21 mod 10 = 1 -9 mod 10 = 1
10
Congruence (3)
Properties
-
a # b mod n iff n|a-b a # b mod n iff ca # cb mod cn a # b mod n iff ac # bc mod n a # b mod n iff b # a mod n if a # b mod n, then (a-b) mod n = 0 if a # b mod n, then b # a mod n
symmetry transitivity
if a # b mod n, b # c mod n, then a # c mod n

!
11
Congruence (4)
Examples
! !
26 # 12 mod 7
(26-12) mod 7 = 14 mod 7 = 0 12 # 26 mod 7 car 12 mod 7 = 26 mod 7
26 # 12 mod 7, 12 # 19 mod 7 ! 26 # 19 mod 7

! !
26 mod 7 = 5 19 mod 7 = 5
12
Congruence (5)
Properties (cont.)
-
(x+y) mod n = (x mod n + y mod n) mod n modular addition examples

(54 + 49) mod 15
" " " "
(54+49) mod 15 = 103 mod 15 = 13 54 mod 15 = 9 49 mod 15 = 4 (54 mod 15 + 49 mod 15) = 9 + 4 = 13
!
13 mod 15 = 13
!
" " " "
(42 + 52) mod 15

(42+52) mod 15 = 94 mod 15 = 4 42 mod 15 = 12 52 mod 15 = 7 (42 mod 15 + 52 mod 15) = 12 + 7 = 19
!
19 mod 15 = 4
Properties (cont.)
-
Congruence (6)
(x ! y) mod n = (x mod n ! y mod n) mod n modular multiplication examples ! (49 ! 54) mod 15 (49 ! 54) mod 15 = 2646 mod 15 = 6
" " " "
49 mod 15 = 4 54 mod 15 = 9 (49 mod 15 ! 54 mod 15) = 9 * 4 = 36

!
36 mod 15 = 6
!
" " " "
(42 ! 52) mod 15

(42 ! 52) mod 15 = 2184 mod 15 = 9 42 mod 15 = 12 52 mod 15 = 7 (42 mod 15 ! 52 mod 15) = 12 * 7 = 84
!
84 mod 15 = 9
14
Congruence (7)
Properties (cont.)
-
it is possible to extend the modular multiplication (a ! b ! c) mod n ! = ((a mod n) ! (b mod n) ! (c mod n)) mod n ! = (((a mod n) ! (b mod n) mod n) ! c mod n)) mod n (a ! b ! c ! d) mod n ! = ((a mod n) ! (b mod n) ! (c mod n) ! (d mod n)) mod n (a ! b ! c ! d ! e) mod n etc.
15
Congruence (8)
Example: (42 ! 56 ! 98 ! 108) mod 15 Brute force approach
-
Smart approach, v.1

-
(42 ! 56 ! 98 ! 108) mod 15 = 234,893,568 mod 15 = 3 42 mod 15 = 12 56 mod 15 = 11 98 mod 15 = 8 108 mod 15 = 3
(12 ! 11 ! 8 ! 3) mod 15 = 3168 mod 15 = 3
16
Congruence (9)
Smart approach, v.2
1. (42 ! 56) mod 15 ! ((42 mod 15) ! (56 mod 15)) mod 15 = (12 ! 11) mod 15 = 12 2. (42 ! 56 ! 98) mod 15
! !
(12 ! 98) mod 15 = ((12 mod 15) ! (98 mod 15)) mod 15 (12 ! 8) mod 15 = 6 (6 ! 108) mod 15 = ((6 mod 15) ! (108 mod 15)) mod 15 (6 ! 3) mod 15 = 3
3. (42 ! 56 ! 98 ! 108) mod 15

! !
17
Congruence (10)
Modular exponentiation
!
how to quickly compute be mod m?

right-to-left binary algorithm
Right-to-left binary algorithm

-
convert e into binary notation

e=
n 1 X i=0
ai 2i
be can also be rewritten

be = b
with ai {0, 1}, for 0 i < n 1 and an1 = 1

Pn1
i=0
ai 2
the solution becomes n1

b mod m =
e i=0
n 1 Y i=0
i
(b2 )ai
(b2 )ai mod m

18
Congruence (11)
Example: 541 mod 9 Brute force approach
-
Right-to-left binary approach

-
541 mod 9 45,474,735,088,646,411,895,751,953,125 mod 9 = 2 write 41 in binary

32 16 1 0 8 1 4 0 2 0 1 1
! !
41 = 32 + 8 + 1 = 101001 541 = 532 ! 58 ! 51 51 mod 9 = 5 mod 9 = 5 52 mod 9

!
compute various exponents

! !
(51 ! 51) mod 9 = (5 ! 5) mod 9 = 25 mod 9 = 7 (52 ! 52) mod 9 = ((52 mod 9) ! (52 mod 9)) mod 9 49 mod 9 = 4
54 mod 9
! !
Congruence (12)
!
58 mod 9
! !
(54 ! 54) mod 9 = (54 mod 9 ! 54 mod 9) mod 9 (4 ! 4) mod 9 = 7 (58 ! 58) mod 9 = (58 mod 9 ! 58 mod 9) mod 9 (7 ! 7) mod 9 = 4 (516 ! 516) mod 9 = (516 mod 9 ! 516 mod 9) mod 9 (4 ! 4) mod 9 = 7
516 mod 9
! !
532 mod 9
! !
it comes
!
541 mod 9
! ! ! ! !
(532 ! 58 ! 51) mod 9 (7 ! 7 ! 5) mod 9 (49 mod 9 ! 5 mod 9) mod 9 (4 ! 5) mod 9 2

n Arithmetic
The modulo n operator maps all integers
-
(negatives and positives) that are congruent modulo n in the set {0, 1, ..., n-1}
residue class modulo n mathematical notation:
n
One can label the residue classes (mod n) as [0],

[1], ..., [n-1], where
-
Examples for n=4

-
[r] = {a: a ! , a # r mod n} [0] = {..., -16, -12, -8, -4, 0, 4, 8, 12, 16, ...} [1] = {..., -15, -11, -7, -3, 1, 5, 9, 13, 17, ...} [2] = {..., -14, -10, -6, -2, 2, 6, 10, 14, 18, ...} [3] = {..., -13, -9, -5, -1, 3, 7, 11, 15, 19, ...}
n Arithmetic
Properties of modular arithmetic in
-
(2)
n
commutativity
! !
(w + x) mod n = (x + w) mod n (w ! x) mod n = (x ! w) mod n [(w + x) + y] mod n = [w + (x + y)] mod n [(w ! x) ! y] mod n = [w ! (x ! y)] mod n [w ! (x + y)] mod n = [(w ! x) + (w ! y)] mod n (0 + w) mod n = w mod n (1 ! w) mod n = w mod n for each w !
n,
associativity
! !
distributivity
!
identity
! !
additive inverse (-w)

!
% z such that w + z # 0 mod n

22
n Arithmetic
Properties of modular arithmetic in
-
(2)
n (cont.)
addition
! !
(a + b) # (a + c) mod n $ b # c mod n example: (5 + 23) # (5 + 7) mod 8 $ 23 # 7 mod 8 if a and n relatively prime, then a ! b # a ! c mod n $ b # c mod n the condition must be satisfied otherwise, the property does not hold example:
" "
multiplication
! !
6 ! 3 " 6 ! 7 mod 8 but 3 !7 mod 8
23
Agenda
-
Modular Arithmetic Euclidean Algorithms
! ! !
gcd Extended Euclidean Algorithm Equation
Euler's Function Fermat's Theorem Chinese Remainder Theorem
24
GCD
Greatest Common Divisor Let c ! , c = gcd(a, b) if
-
Equivalent definition
-
c is a divisor of a and b any divisor of a and b is a divisor of c gcd(a, b) = max{k, such that k|a and k|b} gcd(a, b) = gcd(a, -b) = gcd(-a, b) = gcd(-a, -b) gcd(a, b) = gcd(|a|, |b|)
The gcd must be a positive
25
GCD (2)
Interesting use of gcd
-
two integers are relatively prime if their only common factor is 1 let a and c be relatively prime
(a, c) = 1 gcd(a, c) = 1
! !
26
GCD (3)
Euclidean algorithm for finding the gcd
gcd(int a, int b){ if(b == 0) return a; else return gcd(b, a mod b); }//end gcd()
27
GCD (4)
Example: gcd(1970, 1066)
Step
1 2 3 4 10
a
1066 904 162 94 2
b
1970 mod 1066 = 904 1066 mod 904 = 162 904 mod 162 = 94 162 mod 94 = 68 a few recursive calls later... 0
call
gcd(1066, 904) gcd(904, 162) gcd(162, 94) gcd(94, 68)
28
Extended Euclide
There exists an extension to the Euclidean
algorithm
! !
it not only finds the gcd but also two additional integers, x and y, satisfying
ax + by = gcd(a, b) Bezout's identity
When a et b are relatively prime

-
Extended Euclidean Algorithm
x is the multiplicative inverse of a mod b y is the multiplicative inverse of b mod a
29
Extended Euclide (2)

The algorithm
extended_euclidean(int a, int b){ x = 0; y = 1; lastx = 1; lasty = 0; while(b ! 0) quotient = a (a, b) = (b, (x, lastx) = (y, lasty) =
div b; a mod b); (lastx-quotient*x, x); (lasty-quotient*y, y);
return (lastx, lasty); }//end extended_euclidean()
30
Extended Euclide (3)

Example: find x, y such that 53x + 30y = 1
quotient
/ 1 1 3 3 2
a
53 30 23 7 2 1
b
30 23 7 2 1 0
x
0 1 -1 4 -13 30
lastx
1 0 1 -1 4 -13
y
1 -1 2 -7 23 -53
lasty
0 1 -1 2 -7 23
31
Equation
Euclide allows us to solve equations of the form
-
How to solve?
-
ax # b mod n algorithm
equation(a, b, n){ (d, x', y') = extended_euclidean(a, n); if(d|b) x0 = (x' " (b/d)) mod n for i=0 until d-1 write (x0 + i " (n/d)) mod n else write "no solution" }//end equation()
last value of 'a'
32
Equation (2)
Example:
-
Solution
!
6x # 9 mod 15 applying extended Euclide

d = 3, x' = -2, y' = 1 x0 = (-2 ! (9/3)) mod 15 = -6 mod 15 = 9 iteration
" " "
3 is a divisor of 9
! !
i=0, 9 mod 15 i=1, 9 + (15/3) mod 15 => 14 mod 15 i=2, 9 + 2 ! (15/3) mod 15 => 19 mod 15
33
Agenda
-
Modular Arithmetic Euclidean Algorithms Euler's Function Fermat's Theorem Chinese Remainder Theorem
34
Euler's Function
Euler's Totient Function
-
It also corresponds to the number of elements

having an inverse in the class modulo n By convention
-
$(n) number of integers between 0 and n-1 that are prime with n
Example
!
$(0) = 0 $(1) = 1 $(8) = 4
because 1, 3, 5, 7 are prime with 8

Euler's Function (2)

!" (" '" &" %" $" #" "
"!#
"
#"
$"
%"
&"
'"
("
!"
!
Euler's Function (3)

A few theorems about $(n)
-
an integer p is prime iff

$(p) = p-1
0
if n and m !
! ! !
and relatively prime
then $(n ! m) = $(n) ! $(m) then $(n) = pk ! (1 - 1/p)=pk - pk-1 example

! !
if p is prime and n=pk

n=9 #(9) = #(32) = 32 ! (1 - 1/3) = 9 ! 2/3 = 6
si n = p ! q, p et q premiers
!
alors $(n) = (p-1) ! (q-1)
37
Agenda
-
38
Fermat
Little Fermat's Theorem
!
If m is prime and gcd(a, m) = 1

then am-1 # 1 mod m
One can generalise Fermat's theorem with Euler's

function
!
If gcd(a, m) = 1
then a$(m) # 1 mod m
Application to modular inverse

-
if gcd(a, m) = 1
! !
the multiplicative inverse of a in the modulo class m is a$(m)-1 a$(m)-1 # a-1 mod m in the particular case in which m is prime
!
a-1 # am-2 mod m

Agenda
-
40
Chinese Remainder
Let m1, m2, ..., mr, all positive integers and
x x ... x
relatively prime two by two. Then, the congruence system:

a1 a2 ar mod m1 mod m2 mod mr
gives a unique solution x mod M = m1 m2 . . . mr : x = a 1 M 1 y 1 + a 2 M2 y 2 + . . . + a r Mr y r M and yi Mi 1 mod mi with Mi = m i

Chinese Remainder (2)

Example
x x x 1 2 3 mod 3 mod 5 mod 7
Let M = 3 5 7 = 105. We have M1 = M2 = M3 =

105 3 105 5 105 7
= 35 y1 35 1 mod 3 = 21 y2 21 1 mod 5 = 15 y3 15 1 mod 7
y1 = 2 y2 = 1 y3 = 1
It comes x 1 35 2 + 2 21 1 + 3 15 1 157 52 mod 105


Introduction to the Mathematics of Computer Security

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Introduction to the Mathematics of Computer Security

Uploaded by

Copyright:

Available Formats

Introduction to Computer Security

Benoit Donnet Academic Year 2013 - 2014

INFO0045 - ULg - 2013/2014 - Benoit Donnet

Euclide Algorithms Euler's Function Fermat's Theorem Chinese Remainder Theorem

INFO0045 - ULg - 2013/2014 - Benoit Donnet

r is the remainder q is the quotient Examples

a = 11, n = 7 $ 11 = 1 ! 7 + 4 $ r = 4 a = -11, n = 7 $ -11 = -2 ! 7 + 3 $ r = 3

a mod n refers to the remainder when a is divided by n

INFO0045 - ULg - 2013/2014 - Benoit Donnet

Notation: b|a Example:

b (" 0) divides a if a = m ! b b is a divisor of a

divisors of 24 are 1, 2, 3, 4, 6, 8, 12, 24

INFO0045 - ULg - 2013/2014 - Benoit Donnet

mg + nh = mgb1 + nbh1 = b ! (mg1 + nh1)

INFO0045 - ULg - 2013/2014 - Benoit Donnet

5|n if n ends with 0, 5 8|n if last 3 n numbers are divisible by 8

example: 176,072 example: 37,521

9|n if the sum of n numbers are divisible by 9

INFO0045 - ULg - 2013/2014 - Benoit Donnet

a and b are equivalent in the modulo n class

INFO0045 - ULg - 2013/2014 - Benoit Donnet

INFO0045 - ULg - 2013/2014 - Benoit Donnet

if a # b mod n, b # c mod n, then a # c mod n

INFO0045 - ULg - 2013/2014 - Benoit Donnet

26 # 12 mod 7, 12 # 19 mod 7 ! 26 # 19 mod 7

INFO0045 - ULg - 2013/2014 - Benoit Donnet

(x+y) mod n = (x mod n + y mod n) mod n modular addition examples

(42 + 52) mod 15

49 mod 15 = 4 54 mod 15 = 9 (49 mod 15 ! 54 mod 15) = 9 * 4 = 36

(42 ! 52) mod 15

INFO0045 - ULg - 2013/2014 - Benoit Donnet

INFO0045 - ULg - 2013/2014 - Benoit Donnet

Smart approach, v.1

(12 ! 11 ! 8 ! 3) mod 15 = 3168 mod 15 = 3

INFO0045 - ULg - 2013/2014 - Benoit Donnet

3. (42 ! 56 ! 98 ! 108) mod 15

INFO0045 - ULg - 2013/2014 - Benoit Donnet

how to quickly compute be mod m?

Right-to-left binary algorithm

convert e into binary notation

be can also be rewritten

with ai {0, 1}, for 0 i < n 1 and an1 = 1

the solution becomes n1

INFO0045 - ULg - 2013/2014 - Benoit Donnet

(b2 )ai mod m

Right-to-left binary approach

541 mod 9 45,474,735,088,646,411,895,751,953,125 mod 9 = 2 write 41 in binary

41 = 32 + 8 + 1 = 101001 541 = 532 ! 58 ! 51 51 mod 9 = 5 mod 9 = 5 52 mod 9

compute various exponents

(532 ! 58 ! 51) mod 9 (7 ! 7 ! 5) mod 9 (49 mod 9 ! 5 mod 9) mod 9 (4 ! 5) mod 9 2

One can label the residue classes (mod n) as [0],

Examples for n=4

additive inverse (-w)

% z such that w + z # 0 mod n

INFO0045 - ULg - 2013/2014 - Benoit Donnet

6 ! 3 " 6 ! 7 mod 8 but 3 !7 mod 8

INFO0045 - ULg - 2013/2014 - Benoit Donnet

Modular Arithmetic Euclidean Algorithms

gcd Extended Euclidean Algorithm Equation

Euler's Function Fermat's Theorem Chinese Remainder Theorem

INFO0045 - ULg - 2013/2014 - Benoit Donnet

The gcd must be a positive

div b; a mod b); (lastx-quotientx, x); (lasty-quotienty, y);