Cryptology - Unofficial St. Mary's College of California Web Site

More documents

Recommendations

Info

232 CHAPTER 12. RSA At this point in discussing a new cipher there are always two questions we ask: “How to decipher” and, “What is the security” Answering the first, if you think about it for a bit, will be difficult. To undo cubing we must take the cube root, But what we want to take the cube root of is not the ciphernumber but the cube of the plainnumber. So we have the problem of trying to determine the cubed plainnumber from the ciphernumber. As for the security, just as always adding 3 or always multiplying by 3 is insecure, always raising to the 3rd power is insecure. We should choose as our key some integer to take powers with. And large integers would have to be a possibility if we are to prevent the enemy from simply trying each possible power. But this leads to a new problem: what letter does the power 33 encipher S to 19 33 = 1580770532156861979997149793605296459437459 consists of 42 digits, and so is far too big for a calculator to handle. Similarly, 19 125 has 159 digits, and 125 is not a very large number. Or how can we determine the remainder when 26 divides 19 392 , a number of over 500 digits! There is a third, more devious, problem. 1 3 = 1 so a is enciphered to A, but 3 3 = 27 ≡ 1 (mod 26) so c is also enciphered to A. Similarly, d and f both become L. Why is this, and how can we prevent this Despite these difficulties, the idea of developing a cryptosystem around the raising of numbers to powers is a very good one. It will lead us to one of the most popular cryptosystem of all time. But before we get there we need to surmount the difficulties we’ve just discussed. 12.1 Fermat’s Theorem Our first need is to learn how to compute values like 133 719 %101. As you know, the “mod” just is shorthand for “find the remainder when divided by”, so in some sense we are not learning anything new. All one has to do is to compute 133 719 , divide by 101, and find the remainder. However, 133 719 is galactically far too large for you calculator to directly compute. 1 How then to do this Some help is provided by a 360 year-old theorem. Theorem 3 Fermat’s Little Theorem 2 (1640). If p is a prime number and p does not divide a, then a p−1 ≡ 1 (mod p). 1 It has over 1500 digits in it. For comparison, the traditional estimate for the number of elementary particles in the universe is 10 80 , i.e., a number of 80 digits. 2 Pierre (de) Fermat, 1601-1665, was one of the last truly great amateur mathematicians. During the day he was a lawyer/councilor for his local parliament. At night he read famous math books and added his thoughts and comments to the margins. It took over 350 years before one of these notes, Fermat’s Last Theorem, was determined to actually be true. Another, Fermat’s Little Theorem (to differentiate it from the Last Theorem) is what interests us here.
12.1. FERMAT’S THEOREM 233 Example: Since 13 is prime and doesn’t divide 5, we have (5 12 )%13 = 1. Similarly, 37 and 101 are primes, and they don’t divide 52 and 133, respectively, so (52 36 )%37 = 1, and (133 100 )%101 = 1. ⋄ This is a beautiful, deep and powerful theorem. The beauty lies in its simplicity: Choose any prime number and any other number that is not a multiple of that prime. Then, the second number, when raised to the prime minus first power, will be one less than a multiple of the prime. In other words, the remainder upon division is always 1. No special conditions, no separate cases, just a 1. OK, there is one condition: that p doesn’t divide the number. But if p does divide a, then a ≡ 0 (mod p) so a p−1 ≡ 0 (mod p). Thus, we perfectly understand a p−1 %p for all a’s: If a is a multiple of p then the answer is 0, otherwise it is 1. Since 1 ∗ a ≡ a (mod p) we may multiply a p−1 ≡ 1 by a to see that a p ≡ a (mod p) when a is not a multiple of p. And, since both sides of this equivalence are 0 when a is a multiple of p we have the following corollary: Corollary 1 If p is a prime number and a is any integer, then a p ≡ a (mod p). The depth of this theorem is what it tells us about arithmetic. One might think that raising integers to powers leads to somewhat arbitrary results. But Fermat’s Theorem says otherwise: raising to powers modulo a prime number produces a definite structure. 3 The power of the theorem lies our application of it. Suppose we wish to compute 33 125 %41. Since 41 does not divide 33, by Fermat’s Theorem we know that 33 40 ≡ 1 (mod 41). So ( 33 40) 2 ≡ 1 2 ≡ 1 (mod 41) and, likewise, ( ) 33 40 3 ≡ 1 3 ≡ 1 (mod 41). Because 125 = 3 ∗ 40 + 5, we then have 33 125 = 33 3∗40+5 = 33 3∗40 · 33 5 = ( 33 40) 3 · 33 5 ≡ 1 3 · 33 5 ≡ 33 5 (mod 41). So 33 125 is the same as 33 5 modulo 41. Because 33 5 %41 = 32 is small enough to compute on a calculator, we conclude that 33 125 %41 = 32. Fermat’s Theorem has turned the seemingly impossible 33 125 (mod 41) into a calculation that is easy. Example: Compute 20 236 %59. Since 59 − 1 = 58 and 236 = 4 ∗ 58 + 4, we have 20 236 = 20 4∗58+4 = 20 4∗58 · 20 4 = ( 20 58) 4 · 20 4 ≡ 1 4 · 20 4 ≡ 20 4 ≡ 51 (mod 59). ⋄ 3 In fact, it can be said that Fermat’s Little Theorem is the first important result in the subject of Abstract Algebra, a subject that, along with Analysis, constitutes most of modern mathematics.
Page 1 and 2:
Cryptology: An Historical Introduct
Page 3 and 4:
Contents List of Figures 8 1 Caesar
Page 5 and 6:
CONTENTS 5 9 Digraphic Ciphers 167
Page 7 and 8:
List of Figures 1.1 Saint Cyr Slide
Page 9 and 10:
Chapter 1 Caesar Ciphers There are
Page 11 and 12:
11 Examples: Encipher or decipher t
Page 13 and 14:
1.1. SAINT CYR SLIDE 13 paper turne
Page 15 and 16:
1.3. FREQUENCY ANALYSIS 15 PX PBEE
Page 17 and 18:
1.3. FREQUENCY ANALYSIS 17 A bit mo
Page 19 and 20:
1.3. FREQUENCY ANALYSIS 19 Examples
Page 21 and 22:
1.4. LINQUIST’S METHOD 21 the cip
Page 23 and 24:
1.7. EXERCISES 23 12. What is the m
Page 25 and 26:
1.7. EXERCISES 25 (d) VTXLTKBTG LXV
Page 27 and 28:
1.7. EXERCISES 27 (d) IKSUT JKIOT K
Page 29 and 30:
Chapter 2 Cryptologic Terms Cryptog
Page 31 and 32:
Chapter 3 The Introduction of Numbe
Page 33 and 34:
3.1. THE REMAINDER OPERATOR 33 Exam
Page 35 and 36:
3.1. THE REMAINDER OPERATOR 35 Perf
Page 37 and 38:
3.1. THE REMAINDER OPERATOR 37 As a
Page 39 and 40:
3.2. MODULAR ARITHMETIC 39 While %
Page 41 and 42:
3.3. DECIMATION CIPHERS 41 previous
Page 43 and 44:
3.4. DECIPHERING DECIMATION CIPHERS
Page 45 and 46:
3.6. KOBLITZ’S KID-RSA AND PUBLIC
Page 47 and 48:
3.6. KOBLITZ’S KID-RSA AND PUBLIC
Page 49 and 50:
3.9. EXERCISES 49 8. How do we enci
Page 51 and 52:
3.9. EXERCISES 51 (c) Encipher 54 4
Page 53 and 54:
3.9. EXERCISES 53 (b) Encipher secr
Page 55 and 56:
Chapter 4 The Euclidean Algorithm I
Page 57 and 58:
4.2. GCD’S AND THE EUCLIDEAN ALGO
Page 59 and 60:
4.3. MULTIPLICATIVE INVERSES 59 (2)
Page 61 and 62:
4.3. MULTIPLICATIVE INVERSES 61 (2)
Page 63 and 64:
4.4. DECIPHERING DECIMATION AND LIN
Page 65 and 66:
4.5. BREAKING DECIMATION AND LINEAR
Page 67 and 68:
4.6. SUMMARY 67 To put it more blun
Page 69 and 70:
4.8. EXERCISES 69 5. Here we work w
Page 71 and 72:
Chapter 5 Monoalphabetic Ciphers He
Page 73 and 74:
5.2. KEYWORD MIXED CIPHERS 73 Examp
Page 75 and 76:
5.4. INTERRUPTED KEYWORD CIPHERS 75
Page 77 and 78:
5.6. BASIC LETTER CHARACTERISTICS 7
Page 79 and 80:
5.7. ARISTOCRATS 79 the 69971 or 42
Page 81 and 82:
5.9. TOPICS AND TECHNIQUES 81 5.9 T
Page 83 and 84:
5.10. EXERCISES 83 (h) DYVTP KKIQ.
Page 85 and 86:
5.10. EXERCISES 85 13. Ciphers in w
Page 87 and 88:
5.10. EXERCISES 87 17. General Pier
Page 89 and 90:
Chapter 6 Decrypting Monoalphabetic
Page 91 and 92:
6.2. DECRYPTING MONOALPHABETIC CIPH
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
6.3. SUKHOTIN’S METHOD FOR FINDIN
Page 99 and 100:
6.4. FINAL MONOALPHABETIC TRICKS 99
Page 101 and 102:
6.5. SUMMARY 101 our ciphertext muc
Page 103 and 104:
6.7. EXERCISES 103 Frequency count:
Page 105 and 106:
6.7. EXERCISES 105 53++!305))6*;482
Page 107 and 108:
6.7. EXERCISES 107 93 93 82 48 39 6
Page 109 and 110:
Chapter 7 Vigenère Ciphers It was
Page 111 and 112:
7.2. TRITHEMIUS, THE FATHER OF BIBL
Page 113 and 114:
7.3. BELASO, THE UNKNOWN AND PORTA,
Page 115 and 116:
7.4. VIGENÈRE CIPHERS 115 to encip
Page 117 and 118:
7.6. HOW TO BREAK VIGENÈRE CIPHERS
Page 119 and 120:
7.6. HOW TO BREAK VIGENÈRE CIPHERS
Page 121 and 122:
7.7. THE KASISKI TEST 121 Kasiski
Page 123 and 124:
7.8. SUMMARY 123 Repetition Start P
Page 125 and 126:
7.10. EXERCISES 125 2. Little Miss
Page 127 and 128:
7.10. EXERCISES 127 to Gen. E. K. S
Page 129 and 130:
7.10. EXERCISES 129 MEJMY JKXCD LCN
Page 131 and 132:
7.10. EXERCISES 131 22. (a) Use Kas
Page 133 and 134:
7.10. EXERCISES 133 (a) Construct a
Page 135 and 136:
Chapter 8 Polyalphabetic Ciphers Th
Page 137 and 138:
8.1. COINCIDENCES 137 (being born o
Page 139 and 140:
8.2. THE MEASURE OF ROUGHNESS 139 I
Page 141 and 142:
8.2. THE MEASURE OF ROUGHNESS 141 P
Page 143 and 144:
8.3. THE FRIEDMAN TEST 143 The Frie
Page 145 and 146:
8.4. MULTIPLE ENCIPHERINGS 145 Bein
Page 147 and 148:
8.4. MULTIPLE ENCIPHERINGS 147 Just
Page 149 and 150:
8.5. VIGENÈRE’S AUTO KEY CIPHER
Page 151 and 152:
8.5. VIGENÈRE’S AUTO KEY CIPHER
Page 153 and 154:
8.6. PERFECT SECRECY 153 invent now
Page 155 and 156:
8.8. TERMS AND TOPICS 155 multiple
Page 157 and 158:
8.9. EXERCISES 157 6. As is this on
Page 159 and 160:
8.9. EXERCISES 159 13. It has been
Page 161 and 162:
8.9. EXERCISES 161 This is Equation
Page 163 and 164:
8.9. EXERCISES 163 A: AB CDE FGH I
Page 165 and 166:
8.9. EXERCISES 165 26. Decipher SVQ
Page 167 and 168:
Chapter 9 Digraphic Ciphers Althoug
Page 169 and 170:
9.1. POLYGRAPHIC CIPHERS 169 f a g
Page 171 and 172:
9.2. HILL CIPHERS 171 th 2.96 es 1.
Page 173 and 174:
9.2. HILL CIPHERS 173 We will be us
Page 175 and 176:
9.3. RECOGNIZING AND BREAKING POLYG
Page 177 and 178:
9.4. PLAYFAIR 177 Playfair Ciphers:
Page 179 and 180:
9.5. SUMMARY 179 9.5 Summary Polygr
Page 181 and 182: 9.7. EXERCISES 181 (b) The use of
Page 183 and 184: 9.7. EXERCISES 183 10. Just as we c
Page 185 and 186: 9.7. EXERCISES 185 (d) (For those(
Page 187 and 188: 9.7. EXERCISES 187 The rules that W
Page 189 and 190: Chapter 10 Transposition Ciphers In
Page 191 and 192: 10.3. TURNING GRILLES 191 1 2 3 7 4
Page 193 and 194: 10.4. COLUMNAR TRANSPOSITION 193 co
Page 195 and 196: 10.5. TRANSPOSITION VS. SUBSTITUTIO
Page 197 and 198: 10.6. LETTER CONNECTIONS 197 F 2 G
Page 199 and 200: 10.7. BREAKING THE COLUMNAR TRANSPO
Page 201 and 202: 10.8. DOUBLE TRANSPOSITION 201 Sinc
Page 203 and 204: 10.9. TRANSPOSITION DURING THE CIVI
Page 205 and 206: 10.9. TRANSPOSITION DURING THE CIVI
Page 207 and 208: 10.10. THE BATTLE OF THE CIVIL WAR
Page 209 and 210: 10.13. EXERCISES 209 14. What is a
Page 211 and 212: 10.13. EXERCISES 211 and the second
Page 213 and 214: 10.13. EXERCISES 213 evening Adam h
Page 215 and 216: 10.13. EXERCISES 215 Several codewo
Page 217 and 218: 10.13. EXERCISES 217 4. (which is t
Page 219 and 220: Chapter 11 Knapsack Ciphers Merkle
Page 221 and 222: 11.3. AN EASY KNAPSACK PROBLEM 221
Page 223 and 224: 11.4. THE KNAPSACK CIPHER SYSTEM 22
Page 225 and 226: 11.4. THE KNAPSACK CIPHER SYSTEM 22
Page 227 and 228: 11.5. PUBLIC KEY CIPHER 227 Even wi
Page 229 and 230: 11.8. EXERCISES 229 2. Given the we
Page 231: Chapter 12 RSA Take two large prime
Page 235 and 236: 12.3. COMPLICATION II: A SUBSTANTIA
Page 237 and 238: 12.3. COMPLICATION II: A SUBSTANTIA
Page 239 and 240: 12.5. COMPLICATION IV: THE LAST ONE
Page 241 and 242: 12.6. PUTTING IT ALL TOGETHER 241 1
Page 243 and 244: 12.8. RSA 243 The RSA Algorithm Set
Page 245 and 246: 12.9. RSA AND PUBLIC KEYS 245 There
Page 247 and 248: 12.10. HOW TO BREAK RSA 247 had to
Page 249 and 250: 12.12. SUMMARY 249 cannot read the
Page 251 and 252: 12.14. EXERCISES 251 6. What is a
Page 253 and 254: 12.14. EXERCISES 253 Bob is going t
Page 255 and 256: Bibliography [Antonucci] Michael An
Page 257: BIBLIOGRAPHY 257 [Shamir] [SRA] A.
show all

Cryptology - Unofficial St. Mary's College of California Web Site

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?