Seminar #2 Infosecurity

Number theory. Group, ring and field theory

Kolybelnikov Alexander

kisttan@gmail.com

Agenda

•Number theory–Modular arithmetic–GCD (greatest common divisor)

• Fermat theorem, Euler function, modulo inverse value

• Group, ring, field theory

Number theoryModular arithmetic

Modular arithmetic. Definitions

•Two integer numbers a and b are comparable in absolute value n (modulo n parity) if a and b give the same remainder of division by n.

•Example: 32 and −10 are comparable in absolute value 7 because 32 = 7∙4 + 4, −10 = 7∙(-2) + 4.

•Statement «a and b are comparable in absolute value n» is commonly expressed as:

a ≡b (mod n)

Modular arithmetic. Characteristics

•Comparison relation means a relation of equivalence and is characterized by many properties of common equations.•For instance, addition and multiplication are allowed in following cases:

•a1≡b1(mod n) a2≡b2(mod n)

•a1 a2 ≡b1b2 (mod n) a1 +a2 ≡b1+b2 (mod n)

••••то

•Если и тогде m = [m1,m2]

Prime numbers and methods of their detection

Prime numbers

•Prime number is a natural number that has exactly two different natural divisors: unit and itself. All other numbers except unit element are called composite numbers. So all natural numbers greater than unit are divided into prime and composite. Number theory studies properties of prime numbers. In ring theory irreducible elements correspond to prime numbers.

Tests detecting prime numbers

•Sieve of Eratosthenes•Fermat test•For the next seminars:–Miller Rabin test

–AKS test

Sieve of Eratosthenes

•Choosing of a random number N;

•Dividing of N by all numbers from 1 to N/2.

Fermat test

•If p is a prime number then

• a p − 1 ≡ 1 (mod p)

•The probability that p is a prime number increases with large amount of testing a and equals to 1/2n , n means amount of a.

•

•

Prime numbers properties•If p is a prime number and p is divisible by ab then p is divisible bya and by b. (Euclidean lemma, this is used in the proof of fundamental theorem of arithmetic.

•Residue ring is considered to be a field if and only if n is a prime number.

•Field characteristic is zero or a prime number.

•If p is a prime number and a is a natural number then (ap − a) is divisible by p (Fermat little theorem).

•If G is a finite group of pn elements then G contains an element of p order.

•If G is a finite group and pn is the maximum power of p that divides | G | then G has a subgroup of pn order (Sylov subgroup) and the number of Sylov subgroups is equal to pk + 1 for an integer k (Sylov's theorems).

•Natural number p > 1 is a prime number if and only if ((p − 1)! + 1) is divisible by p (Vilson theorem).

•If n > 1 is a natural number then a prime number p is defined as follows:

•n < p < 2n (Bertrand postulate).

Greatest common divisor (GCD)

GCD. Definition

Greatest common divisor (GCD) for two integer numbers m and n is the greatest from their common divisors.Example: for numbers 70 and 105 GCD = 35

GCD calculation. Euclidean algorithm

•Provides a and b are integer numbers that are never both zero together and number sequence

•

is defined in the way that each rk is a remainder of division of previous but one by previous number

and the last but one number is divisible by the last number (without a remainder):

a = bq0 + r1 b = r1q1 + r2 r1 = r2q2 + r3 rk − 2 = rk − 1qk − 1 + rk rn − 1 = rnqn Then GCD (a,b) = rn ; rn is the last non-zero member of the sequence.

•The presence of r1,r2,..(that means possibility of division of m by n with a remainder for any integer m and n) is proved by induction on m.

•The following statement: if a = bq + r then GCD(a,b) = GCD(b,r) leads to the correctness of this algorithm.

Inverse element calculation

•Input: integer numbers а, b: 0 < b ≤ а.

•Output: d = GCD(а, b); integer numbers х, у: ах+ by = d.

•1. Initiate r0 ← а, r1 ← b, х0 ← 1, x1 ← 0, у0 ← 0, y1 ←1, i ← 1

•2. Divide ri–1 by ri with a remainder: ri–1 = qiri +ri+1

•3. If ri+1 = 0 then initiate d ← ri , х ← xi у ← yi. Else initiate xi+1 ← xi–1 – qixi, yi+1 ← yi–1 – qiyi, i← i + 1 and go to step 2.

•4. Result: d, х, у.

Extended Euclidean algorithm

•Is used for:–GCD calculation;–Modulo inverse element calculation.

•Example:–calculate GCD (462, 1071);–Calculate modulo inverse element for 109 in Galois field GF(28).

Example# 1 – GCD calculation•Calculate GCD (462, 1071)

•1. Subtract a multiple value of 462 from 1071 before a remainder is less than 462. q0 = 2, remainder = 147

1071 = 2 × 462 + 147

•2. Subtract a multiple value of 147 from 462 before a remainder is less than 147. q1 = 3, remainder = 21.

462 = 3 × 147 + 21

Example# 1 – GCD calculation

•3. Subtract a multiple value of 21 from 147 before a remainder is less than 21.

•q2 = 7, remainder = 0.

147 = 7 × 21 + 0.

The last remainder is equal to 0, subsequently, the algorithm output is 21;

GCD(1071, 462)=21.

Example#2 — Modulo inverse element calculation

•Given: a = 1769, b = 551.

•Using extended Euclidean algorithm find integer numbers x и y: d = ax + by,

•d = GCD(a, b).

•

Example#2 — Modulo inverse element calculation

1. Initiate a0 = 1, a1 = 0, b0 = 0, b1 = 1, a= 1769, b = 551.

2. Quotient q = a/b = 1769/551 = 3, remainder r = 116.

3. If r = 0 then go to the last step (6).4. Initiate: a = 551; b = 116; t = a0 = 1; a0 = a1 =0;

a1 = t – a1q = 1 – 0 · = 1 t = b0 = 0; b0 = b1 = 1; b1 = t – b1q = – 3;

Result of the step : a= 551, b = 116, a0 = 0, a1 = 1, b0 = 1, b1 = – 3.

Example#2 — Modulo inverse element calculation

1. Parameters values: a = 551, b = 116, a0 = 0, a1 = 1, b0 = 1, b1 = – 3.

2. Quotient q = a/b = 551/116 = 4, remainder r = 87.

3. If r = 0 then go to the last step (6).4. Initiate: a = 116; b = 87; t = a0 = 0; a0 = a1 =1;

a1 = t – a1q = 0 – 1 · 4 = – 4t = b0 = 1;b0 = b1 = – 3; b1 = t – b1q = 1 – ( – 3) 4 = 13;

Result of the step : a= 116, b = 87, a0 = 1, a1 = – 4, b0 = – 3, b1 = 13.

Example#2 — Modulo inverse element calculation

1. Parameters values: a=116, b =87, a0 =1, a1 = –4, b0 = –3, b1=13

2. Quotient q = a/b = 116/87 = 1, remainder r = 29.3. If r = 0 then go th the last step (6).4. Initiate: a = 87; b = 29; t = a0 = 1; a0 = a1 = – 4: a1 = t – a1q = 1 – ( – 4) · 1 = 5; t = b0 = – 3; b0 = b1 = 13; b1 = t – b1q = – 3 – (13) · 1 = – 16;

Result of the step: a= 87, b = 29, a0 = – 4, a1 = 5, b0 = 13, b1 = – 16.

Example#2 — Modulo inverse element calculation

1. Parameters values: a= 87, b = 29, a0 = –4, a1 =5, b0 =13, b1 = –16.

2. Quotient q = a/b = 87/29 = 3, remainder r = 0.3. If r = 0 then go to the last step (6).4. Initiate: a = 87; b = 29; t = a0 = – 4; a0 = a1 = 5; – 4 – 5·3 = – 19; t = b0 = 13;

b0 = b1 = – 16; b1 = t – b1q = 13 – ( – 16)·3 = 61;

Result of the step: a= 87, b = 29, a0 = 5, a1 = – 19, b0 = – 16, b1 =6

Result

Calculate GCD according to formula d = ax + by,x = x0 = 5, y = y0 = – 16, a= 1769, b = 551.

According to parameters values:d = ax + by = 1769 · 5 – 551 · 16 = 8845 – 8816 =29.

•If p is a prime number and integer number a is not divisible by p then

•a p − 1 ≡ 1 (mod p)  (a p − 1 − 1 is divisible by p).

Fermat little theorem

Euler function

•Euler function (n is a natural number) is equal to a number of natural numbers that are non-greater than n and are coprime with n. It is named after Euler who was the first used it in his works on number theory.

Group, ring and field theory.

Brief information

Group. Definition•Group is a nonempty multitude with defined binary operation.

•Axioms for a group:

•Associativity:(a*b)*c=a*(b*c)

•The presence of neutral element: e*a=a*e=a

•The presence of inverse element:

•a*a-1=a-1*a=e

Ring•Ring is a nonempty multitude with two binary operations defined on it.•Axioms for ring:•Addition commutativity: a+b=b+a•Addition associativity: (a+b)+c=a+(b+c)•Addition neutral element: a+0=0+a=a•Addition inverse element: a+b=b+a=0•Multiplication associativity a*(b*c)=(a*b)*c•Multiplication commutativity: a*b=b*a•Distributivity: a*(b+c)=a*b+a*c•

Field of numbers

Field is a commutative, associative ring with unit element and reversible non-zero elements.

Galois fields

•Finite field (Galois field) is a field that contains finite number of elements.•Finite field is commonly expressed as GF(q), q is a number of the field elements.•Simple example of finite field is residue ring modulo a prime number p.

Galois fields•Field GF(pn) defining (p is a prime number, n is a natural number) starts with defining of

its prime subfield GF(p) (that is equal to the whole field for n=1).

•Prime field GF(p) is defined as a residue ring modulo p, that doesn't have zero divisors and

is a field (because p is a prime number).

•Elements are numbers. Operate with elements like integer numbers, reducting a result on p

modulo.

•Field GF(pn) for n>1 is defined as a factor ring, f(x) is a prime polynomial of degree n on

the field. So to define a field from pn elements it is enough to find a polynomial of degree n

that is a prime for the field.

•Field elements are polynomials of degree less than n. Arithmetic operations (addition and

multipliciation) are on modulo of polynomial f(x), so the result corresponding to an

operation is a remainder from division by f(x) with reduction of coefficients on modulo p.

Literature

•Number theory. Vinogradov I. M.

•Groups, rings, fields. Zelvensky I.G. SPbGETU