APPENDIXBSAGE CryptosystemsString monoidsThe main classes of string monoids are classical alphabetic string monoids, binary, andhexadecimal string monoids.sage: S = AlphabeticStrings()sage: SFree alphabetic string monoid on A-Zsage: H = HexadecimalStrings()sage: HFree hexadecimal string monoidsage: B = BinaryStrings()sage: BFree binary string monoidElements of these strings can be created either by accessing the generators:sage: S.gens()(A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z)sage: B.gens()(0, 1)sage: H.gens()(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f)For example97
sage: I = [7, 4, 11, 11, 14, 22, 14, 17, 11, 3]sage: hello = S(’’)sage: for i in I:....: hello *= S.gen(i)....:sage: helloHELLOWORLDAlternatively we can either recognize a Python string in the given string monoid:sage: S(’ABC’)ABCsage: H(’0a91’)0a91sage: B(’0110’)0110or use standard encodings to map ASCII strings to the monoid:sage: S.encoding(’abc’)ABCsage: H.encoding(’abc’)616263sage: B.encoding(’abc’)011000010110001001100011Note that the first construction gives a non-injective map from ASCII strings to uppercase (stripping away non-alphabetic characters by mapping them to the empty string).The latter two give the hexadecimal and binary encodings of the underlying ASCII bytesfor the characters. These altter are injective maps:sage: S.encoding(’abc’).decoding()ABCsage: H.encoding(’abc’).decoding()abcsage: B.encoding(’abc’).decoding()abc98 Appendix B. SAGE Cryptosystems
- Page 1 and 2:
Author (David R. Kohel) /Title (Cry
- Page 4 and 5:
CONTENTS1 Introduction to Cryptogra
- Page 6:
PrefaceWhen embarking on a project
- Page 10 and 11:
information. We introduce here some
- Page 12 and 13:
ut strings in A ∗ map injectively
- Page 14 and 15:
CHAPTERTWOClassical Cryptography2.1
- Page 16 and 17:
LV MJ CW XP QO IG EZ NB YH UA DS RK
- Page 18 and 19:
As a special case, consider 2-chara
- Page 20 and 21:
Note that if d k = 1, then we omit
- Page 22:
ExercisesSubstitution ciphersExerci
- Page 25 and 26:
Ciphertext-only AttackThe cryptanal
- Page 27 and 28:
of size n, suppose that p i is the
- Page 29 and 30:
Note that ZKZ and KZA are substring
- Page 31:
Checking possible keys, the partial
- Page 34 and 35:
sage: X = pt.frequency_distribution
- Page 36 and 37:
CHAPTERFOURInformation TheoryInform
- Page 38 and 39:
For each of these we can extend our
- Page 40 and 41:
in terms of the cryptosystem), then
- Page 42 and 43:
CHAPTERFIVEBlock CiphersData Encryp
- Page 44 and 45:
Deciphering. Suppose we begin with
- Page 46 and 47:
The Advanced Encryption Standard al
- Page 48 and 49:
1. Malicious substitution of a ciph
- Page 50 and 51:
locks M j−1 , . . . , M 1 as well
- Page 52: where X = K ⊕ M = (X 1 , X 2 , X
- Page 55 and 56: 6.2 Properties of Stream CiphersSyn
- Page 57 and 58: Exercise. Verify that the equality
- Page 59 and 60: n 2 n − 11 12 33 74 155 316 637 1
- Page 61 and 62: Exercise 6.6 In the previous exerci
- Page 63 and 64: Exercise 6.9 Compute the first 8 te
- Page 65 and 66: which holds since −4 = 17 + (−1
- Page 67 and 68: must therefore have a divisor of de
- Page 69 and 70: Shrinking Generator cryptosystemLet
- Page 72 and 73: CHAPTEREIGHTPublic Key Cryptography
- Page 74 and 75: Initial setup:1. Alice and Bob publ
- Page 76 and 77: We apply this rule in the RSA algor
- Page 78 and 79: the discrete logarithm problem (DLP
- Page 80 and 81: Man in the Middle AttackThe man-in-
- Page 82: Exercise 8.6 Fermat’s little theo
- Page 85 and 86: k < p − 1 with GCD(k, p − 1) =
- Page 88 and 89: CHAPTERTENSecret SharingA secret sh
- Page 90: using any t shares (x 1 , y 1 ), .
- Page 93 and 94: sage-------------------------------
- Page 95 and 96: sage: x.is_unit?Type:builtin_functi
- Page 97 and 98: Python (hence SAGE) has useful data
- Page 99 and 100: sage: n = 12sage: for i in range(n)
- Page 101: sage: I = [55+i for i in range(3)]
- Page 105 and 106: ExercisesRead over the above SAGE t
- Page 107 and 108: 102
- Page 109 and 110: Solution. The block length is the n
- Page 111 and 112: Solution.below.The coincidence inde
- Page 113 and 114: analysis of the each of the decimat
- Page 115 and 116: arbitrary permutation of the alphab
- Page 117 and 118: In order to understand naturally oc
- Page 119 and 120: We do this by first verifying the e
- Page 121 and 122: Solution.None provided.Linear feedb
- Page 123 and 124: Multiplying each through by the con
- Page 125 and 126: Solution. The linear complexity of
- Page 127 and 128: If a, b, and c are as above, then f
- Page 129 and 130: Exercise 8.5 Use SAGE to find a lar
- Page 131 and 132: Solution. Now we can verify that e
- Page 133 and 134: which has no common factors with p
- Page 135 and 136: sage: p = 2^32+61sage: m = (p-1).qu
- Page 137 and 138: sage: a5 := a^n5sage: c5 := c^n5sag
- Page 139 and 140: The application of this function E
- Page 141 and 142: 5. (∗) How many elements a of G h
- Page 143: 1. The value f(0) of the polynomial