crypto chap1

8/12/2019 Crypto Chap1

http://slidepdf.com/reader/full/crypto-chap1 1/21

Introduction toComputer Security

Benoit Donnet

Academic Year 2013 - 2014

1

INFO0045 - ULg - 2013/2014 - Benoit Donnet

Agenda

• Chapter 1: Mathematics for Cryptography- Modular Arithmetic- Euclidean Algorithms- Euler's Function- Fermat Theorem- Chinese Remainder Theorem

• Chapter 2: Symmetric Cryptography

• Chapter 3: Asymmetric Cryptography

• Chapter 4: Authentication

• Chapter 5: Key Distribution

2

Cryptography




Agenda

3

• Chapter 1: Mathematics for Cryptography- Modular Arithmetic

! Division! Congruence! n Arithmetic

- Euclide Algorithms-

Euler's Function- Fermat's Theorem- Chinese Remainder Theorem


Division• Let a ! and n !

- a = q ! n + r ! 0 " r < n! q = "a/n#

- r is the remainder - q is the quotient - Examples

! a = 11, n = 7 $ 11 = 1 ! 7 + 4 $ r = 4! a = -11, n = 7 $ -11 = -2 ! 7 + 3 $ r = 3

• If a, n ! and n > 0- a mod n refers to the remainder when a is divided by n

! modulo operator

- a = "a/n# + (a mod n)

4




Division (2)

• Modulo example- a = 59; n = 7

! 59 = 8 ! 7 + 3! r = 3, q = 8! 59 mod 7 = 3

5


Division (3)

• Let a, b, and m ! - b (" 0) divides a if a = m ! b- b is a divisor of a

• Notation: b|a

• Example:- divisors of 24 are 1, 2, 3, 4, 6, 8, 12, 24

6




Congruence

• Two integers, a and b, are said equal modulo n ifn|a-b

• Two integers, a and b, are said congruent modulo n

if a mod n = b mod n- Notation

! a # b mod n- a and b are equivalent in the modulo n class

9


Congruence (2)

• Congruence examples- 26 # 12 mod 7

! 26 mod 7 = 5! 12 mod 7 = 5

- 21 # -9 mod 10! 21 mod 10 = 1! -9 mod 10 = 1

10




Congruence (3)

• Properties- a # b mod n iff n|a-b- a # b mod n iff ca # cb mod cn- a # b mod n iff ac # bc mod n- a # b mod n iff b # a mod n- if a # b mod n, then (a-b) mod n = 0- if a # b mod n, then b # a mod n

! symmetry- if a # b mod n, b # c mod n, then a # c mod n

! transitivity

11


Congruence (4)

• Examples- 26 # 12 mod 7! (26-12) mod 7 = 14 mod 7 = 0! 12 # 26 mod 7 car 12 mod 7 = 26 mod 7

- 26 # 12 mod 7, 12 # 19 mod 7! 26 # 19 mod 7

! 26 mod 7 = 5! 19 mod 7 = 5

12




Congruence (5)• Properties (cont.)

- (x+y) mod n = (x mod n + y mod n) mod n- modular addition- examples

! (54 + 49) mod 15" (54+49) mod 15 = 103 mod 15 = 13" 54 mod 15 = 9" 49 mod 15 = 4" (54 mod 15 + 49 mod 15) = 9 + 4 = 13

! 13 mod 15 = 13!

(42 + 52) mod 15" (42+52) mod 15 = 94 mod 15 = 4" 42 mod 15 = 12" 52 mod 15 = 7" (42 mod 15 + 52 mod 15) = 12 + 7 = 19

! 19 mod 15 = 4

13


Congruence (6)• Properties (cont.)

- (x ! y) mod n = (x mod n ! y mod n) mod n- modular multiplication- examples

! (49!

54) mod 15" (49 ! 54) mod 15 = 2646 mod 15 = 6" 49 mod 15 = 4" 54 mod 15 = 9

" (49 mod 15 ! 54 mod 15) = 9 * 4 = 36! 36 mod 15 = 6

! (42 ! 52) mod 15" (42 ! 52) mod 15 = 2184 mod 15 = 9" 42 mod 15 = 12" 52 mod 15 = 7

" (42 mod 15 ! 52 mod 15) = 12 * 7 = 84! 84 mod 15 = 9

14




Congruence (7)

• Properties (cont.)- it is possible to extend the modular multiplication- (a ! b ! c) mod n

! = ((a mod n) ! (b mod n) ! (c mod n)) mod n! = (((a mod n) ! (b mod n) mod n) ! c mod n)) mod n

- (a ! b ! c ! d) mod n!

= ((a mod n) ! (b mod n) ! (c mod n) ! (d mod n)) mod n- (a ! b ! c ! d ! e) mod n- etc.

15


Congruence (8)

• Example: (42 ! 56 ! 98 ! 108) mod 15

• Brute force approach- (42 ! 56 ! 98 ! 108) mod 15 = 234,893,568 mod 15 = 3

• Smart approach, v.1- 42 mod 15 = 12- 56 mod 15 = 11- 98 mod 15 = 8- 108 mod 15 = 3

16

} (12 ! 11 ! 8 ! 3) mod 15 =

3168 mod 15 = 3




Congruence (9)

17

• Smart approach, v.21. (42 ! 56) mod 15

! ((42 mod 15) ! (56 mod 15)) mod 15 = (12 ! 11) mod 15 = 12

2. (42 ! 56 ! 98) mod 15! (12 ! 98) mod 15 = ((12 mod 15) ! (98 mod 15)) mod 15! (12 ! 8) mod 15 = 6

3. (42 ! 56 ! 98 ! 108) mod 15! (6 ! 108) mod 15 = ((6 mod 15) ! (108 mod 15)) mod 15! (6 ! 3) mod 15 = 3


Congruence (10)

18

• Modular exponentiation- how to quickly compute be mod m?

! right-to-left binary algorithm

• Right-to-left binary algorithm

- convert e into binary notation

- be can also be rewritten

-

the solution becomes

be = b

Pn−1

i=0 ai·2

i

=n−1Y

i=0

(b2i

)ai

be mod m =

n−1Y

i=0

(b2i

)aimod m

e =

n−1X

i=0

ai · 2i

with ai ∈ {0, 1}, for 0 ≤ i < n − 1 and an−1 = 1




Congruence (11)

19

• Example: 541 mod 9

• Brute force approach

- 541 mod 9- 45,474,735,088,646,411,895,751,953,125 mod 9 = 2

• Right-to-left binary approach- write 41 in binary

! 41 = 32 + 8 + 1 = 101001! 541 = 532 ! 58 ! 51

- compute various exponents!

5

1

mod 9 = 5 mod 9 = 5! 52 mod 9! (51 ! 51) mod 9 = (5 ! 5) mod 9 = 25 mod 9 = 7

! 54 mod 9! (52 ! 52) mod 9 = ((52 mod 9) ! (52 mod 9)) mod 9! 49 mod 9 = 4

32 16 8 4 2 1

1 0 1 0 0 1


Congruence (12)

20

! 58 mod 9! (54 ! 54) mod 9 = (54 mod 9 ! 54 mod 9) mod 9! (4 ! 4) mod 9 = 7



- it comes! 541 mod 9

! (532 ! 58 ! 51) mod 9! (7 ! 7 ! 5) mod 9!

(49 mod 9 ! 5 mod 9) mod 9! (4 ! 5) mod 9! 2



INFO0045 - ULg - 2013/2014 - Benoit Donnet 21

• The “modulo n” operator maps all integers

(negatives and positives) that are congruent modulo

n in the set {0, 1, ..., n-1}- residue class modulo n- mathematical notation: n

• One can label the residue classes (mod n) as [0],[1], ..., [n-1], where

- [r] = {a: a ! , a # r mod n}

• Examples for n=4- [0] = {..., -16, -12, -8, -4, 0, 4, 8, 12, 16, ...}- [1] = {..., -15, -11, -7, -3, 1, 5, 9, 13, 17, ...}- [2] = {..., -14, -10, -6, -2, 2, 6, 10, 14, 18, ...}- [3] = {..., -13, -9, -5, -1, 3, 7, 11, 15, 19, ...}

n Arithmetic


• Properties of modular arithmetic in n

- commutativity! (w + x) mod n = (x + w) mod n! (w ! x) mod n = (x ! w) mod n

- associativity! [(w + x) + y] mod n = [w + (x + y)] mod n! [(w ! x) ! y] mod n = [w ! (x ! y)] mod n

- distributivity! [w ! (x + y)] mod n = [(w ! x) + (w ! y)] mod n

- identity! (0 + w) mod n = w mod n! (1 ! w) mod n = w mod n

- additive inverse (-w)! for each w ! n, % z such that w + z # 0 mod n

22

n Arithmetic (2)




• Properties of modular arithmetic in n (cont.)-

addition! (a + b) # (a + c) mod n $ b # c mod n! example: (5 + 23) # (5 + 7) mod 8 $ 23 # 7 mod 8

- multiplication! if a and n relatively prime, then a ! b # a ! c mod n $ b # c

mod n! the condition must be satisfied otherwise, the property does

not hold

! example:" 6 ! 3 " 6 ! 7 mod 8" but 3 !7 mod 8

23

n Arithmetic (2)


Agenda

24

• Chapter 1: Mathematics for Cryptography- Modular Arithmetic- Euclidean Algorithms

! gcd! Extended Euclidean Algorithm! Equation

- Euler's Function- Fermat's Theorem- Chinese Remainder Theorem




GCD

• Greatest Common Divisor

• Let c ! , c = gcd(a, b) if - c is a divisor of a and b- any divisor of a and b is a divisor of c

• Equivalent definition- gcd(a, b) = max{k, such that k|a and k|b}

• The gcd must be a positive- gcd(a, b) = gcd(a, -b) = gcd(-a, b) = gcd(-a, -b)- gcd(a, b) = gcd(|a|, |b|)

25


GCD (2)

• Interesting use of gcd- two integers are relatively prime if their only common

factor is 1- let a and c be relatively prime

! (a, c) = 1! gcd(a, c) = 1

26




GCD (3)

• Euclidean algorithm for finding the gcd

27

gcd(int a, int b){if(b == 0)return a;

else

return gcd(b, a mod b);}//end gcd()


GCD (4)

• Example: gcd(1970, 1066)

28

Step a b call

1 1066 1970 mod 1066 = 904 gcd(1066, 904)

2 904 1066 mod 904 = 162 gcd(904, 162)

3 162 904 mod 162 = 94 gcd(162, 94)

4 94 162 mod 94 = 68 gcd(94, 68)

a few recursive calls later ...

10 2 0




Extended Euclide

• There exists an extension to the Euclideanalgorithm

- it not only finds the gcd- but also two additional integers, x and y, satisfying

! ax + by = gcd(a, b)! Bezout's identity

• When a et b are relatively prime- x is the multiplicative inverse of a mod b- y is the multiplicative inverse of b mod a

• Extended Euclidean Algorithm

29


Extended Euclide (2)

• The algorithm

30

extended_euclidean(int a, int b){x = 0; y = 1;lastx = 1; lasty = 0;

while(b ! 0)quotient = a div b;(a, b) = (b, a mod b);(x, lastx) = (lastx-quotient*x, x);(y, lasty) = (lasty-quotient*y, y);

return (lastx, lasty);}//end extended_euclidean()




Extended Euclide (3)

• Example: find x, y such that 53x + 30y = 1

31

quotient a b x lastx y lasty

/ 53 30 0 1 1 0

1 30 23 1 0 -1 1

1 23 7 -1 1 2 -1

3 7 2 4 -1 -7 2

3 2 1 -13 4 23 -7

2 1 0 30 -13 -53 23


Equation• Euclide allows us to solve equations of the form

- ax # b mod n

• How to solve?- algorithm

32

equation(a, b, n){(d, x', y') = extended_euclidean(a, n);

if(d|b)x0 = (x' " (b/d)) mod nfor i=0 until d-1 write (x0 + i " (n/d)) mod n

else

write "no solution"

}//end equation()

last value of 'a'




Euler's Function

35

• Euler's Totient Function- $(n)- number of integers between 0 and n-1 that are prime with

n

• It also corresponds to the number of elementshaving an inverse in the class modulo n

• By convention- $(0) = 0-

$(1) = 1• Example

- $(8) = 4! because 1, 3, 5, 7 are prime with 8


Euler's Function (2)

36

!"" #" $" %" &" '" ("

!"

"

#"

$"

%"

&"

'"

("

!

" ! #




Euler's Function (3)

37

• A few theorems about $(n)

- an integer p is prime iff ! $(p) = p-1

- if n and m ! 0 and relatively prime! then $(n ! m) = $(n) ! $(m)

- if p is prime and n=pk

! then $(n) = pk ! (1 - 1/p)=pk - pk-1 ! example

! n = 9! #(9) = #(32) = 32 ! (1 - 1/3) = 9 ! 2/3 = 6

- si n = p ! q, p et q premiers! alors $(n) = (p-1) ! (q-1)


Agenda

38

• Chapter 1: Mathematics for Cryptography- Modular Arithmetic- Euclidean Algorithms- Euler's Function- Fermat's Theorem- Chinese Remainder Theorem




Fermat

39

• Little Fermat's Theorem- If m is prime and gcd(a, m) = 1

! then am-1 # 1 mod m

• One can generalise Fermat's theorem with Euler'sfunction

- If gcd(a, m) = 1! then a$(m) # 1 mod m

• Application to modular inverse- if gcd(a, m) = 1

! the multiplicative inverse of a in the modulo class m isa$(m)-1

! a$(m)-1 # a-1 mod m! in the particular case in which m is prime

! a-1 # am-2 mod m


Agenda

40

• Chapter 1: Mathematics for Cryptography- Modular Arithmetic- Euclidean Algorithms- Euler's Function- Fermat's Theorem- Chinese Remainder Theorem




Chinese Remainder

• Let m1 , m2 , ..., mr , all positive integers and

relatively prime two by two. Then, the congruencesystem:

41

x ≡ a1 mod m1

x ≡ a2 mod m2

. . .

x ≡ ar mod mr

gives a unique solution x mod M = m1 ×m2 × . . .×mr :

x = a1M 1y1 + a2M 2y2 + . . . + arM ryrwith M i = M

mi

and yiM i ≡ 1 mod mi

Chinese Remainder (2)• Example

x ≡ 1 mod 3

x ≡ 2 mod 5

x ≡ 3 mod 7

Let M = 3 × 5 × 7 = 105. We have

M 1 = 105

3 = 35 y1 × 35 ≡ 1 mod 3 y1 = 2

M 2 = 105

5 = 21 y2 × 21 ≡ 1 mod 5 y2 = 1

M 3 = 105

7 = 15 y3 × 15 ≡ 1 mod 7 y3 = 1

It comes

x ≡ 1 × 35 × 2 + 2 × 21 × 1 + 3 × 15 × 1 ≡ 157 ≡ 52 mod 105

crypto chap1

Documents