Code and ciphers: Julius Caesar, the Enigma and the internet
Code and ciphers: Julius Caesar, the Enigma and the internet
Code and ciphers: Julius Caesar, the Enigma and the internet
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>the</strong>n k�[ log 2 n], where [z] denotes, as usual in ma<strong>the</strong>matics, <strong>the</strong> integer<br />
part of z.<br />
If we compute X 2 , X 4 , X 8 , ....by repeated squaring we will need to carry<br />
out k squarings, that is k multiplications, to reach <strong>the</strong> power 2 k . The<br />
binary representation of n contains at most (k�1) 1s <strong>and</strong> so X n can be computed<br />
by multiplying toge<strong>the</strong>r at most (k�1) of <strong>the</strong> numbers X, X 2 , X 4 , ...<br />
<strong>and</strong> this means that at most k fur<strong>the</strong>r multiplications are required, giving<br />
a total of 2k multiplications in all.<br />
Since k� (log 2 n�1) we see that computing X n by repeated squaring<br />
involves less than 2(log 2 n�1) multiplications whereas <strong>the</strong> brute force<br />
method requires (n�1). If n is small <strong>the</strong> difference is not too great. When<br />
n�7, for example, <strong>the</strong> brute force method requires 6 multiplications <strong>and</strong><br />
<strong>the</strong> repeated squaring method requires 4. As n increases however <strong>the</strong> difference<br />
rapidly becomes very significant. When n�127, for example, <strong>the</strong><br />
brute force method requires 126 multiplications whereas repeated squaring<br />
needs only 12. For <strong>the</strong> really large exponents which are likely to occur<br />
in RSA encipherment/decipherment astronomical numbers of multiplications<br />
are replaced by a few hundred.<br />
M27 Expected number of false hits in <strong>the</strong> ‘meet-in-<strong>the</strong>middle’<br />
attack on <strong>the</strong> DES<br />
When we encipher a text using 2 56 different keys we will obtain 2 56 different<br />
encipherments. Since <strong>the</strong>re are 2 64 different 64-bit binary vectors<br />
<strong>the</strong>re is only one vector in 256 (�2 8 ) that will appear in <strong>the</strong> list of encipherments.<br />
The same is true when we decipher a text using 2 56 different<br />
keys. If we now compare <strong>the</strong> two lists <strong>the</strong> chance that a vector in <strong>the</strong> encipherment<br />
list also occurs in <strong>the</strong> decipherment list is one in 256.<br />
There are 2 56 vectors in <strong>the</strong> encipherment list <strong>and</strong> one in 256 of <strong>the</strong>m<br />
would be expected to appear in <strong>the</strong> decipherment list. We <strong>the</strong>refore<br />
expect 2 48 agreements in all. All but one of <strong>the</strong>se will be false, <strong>and</strong> one or<br />
more fur<strong>the</strong>r tests must be applied to find <strong>the</strong> true solution.<br />
M28 Elliptic Curve Cryptography<br />
Despite <strong>the</strong> name <strong>the</strong> curves in question are not ellipses but are of <strong>the</strong> type<br />
Y 2 �X 3 �aX�b<br />
Ma<strong>the</strong>matical aspects 215<br />
where a <strong>and</strong> b are integers. We are interested in pairs (X, Y) which are also<br />
integers; all arithmetic being carried out (mod p) for some (very large)<br />
prime p. Curves of this type can be parametrised by Weierstrass elliptic<br />
functions, hence <strong>the</strong> name.