Cryptology(W2)

Chapter 2
Mathematics of Cryptography
Part I : Modular Arithmetic, Congruence, and Matrices

Euclid Algorithms

전북대학교 전자공학부 송상섭

Catch me if you can…

2
Table of Contents
Cryptography and Network Security
Chapter 1 Introduction

Part 1 Symmetric-Key Encipherment

Chapter 2 Mathematics of Cryptography
Chapter 3 Traditional Symmetric-Key Ciphers
Chapter 4 Mathematics of Cryptography
Chapter 5 Introduction to Modern Symmetric-Key Ciphers
Chapter 6 Data Encryption Standard (DES)
Chapter 7 Advanced Encryption Standard (AES)
Chapter 8 Encipherment Using Modern Symmetric-Key Ciphers

Part 2 Asymmetric-Key Encipherment

Chapter 9 Mathematics of Cryptography
Chapter 10 Asymmetric-Key Cryptography

Part 3 Integrity, Authentication, and Key Management

Chapter 11 Message Integrity and Message Authentication
Chapter 12 Cryptographic Hash Functions
Chapter 13 Digital Signature
Chapter 14 Entity Authentication
Chapter 15 Key Management

Part 4 Network Security

Chapter 16 Security at the Application Layer: PGP and S/MIME
Chapter 17 Security at the Transport Layer: SSL and TLS
Chapter 18 Security at the Network Layer: IPSec
3
Euclid Algorithm
§ GCD (a, b) = the greatest common divisor of integers a and b.

4
Example 2.7
Find the greatest common divisor of 2740 and 1760.

i ri
0 2740
1 1760
2 980
3 780
4 200
5 180
6 20
7 0

We have gcd (2740, 1760) = 20.

gcd (2740, 1760)

5
Example 2.8
Find the greatest common divisor of 25 and 60.

We have gcd (25, 60) = 5.

6
Extended Euclid Algorithm
§ Given two integers a and b, we often need to find other two integers, s
and t, such that

Example : gcd (161, 28) = 7, s = −1 and t = 6.

( -1) ´ 161 + 6 ´ 28 = 7

The extended Euclidean algorithm can calculate the gcd (a, b) and at
the same time calculate the value of s and t.

7
Extended Euclidean algorithm

8
Example 2.9

Given a = 161 and b = 28, find gcd (a, b) and the values of s and t.

i ri qi si ti
0 161 1 0
1 28 5 0 1
2 21 1 1 -5
3 7 3 -1 6
4 0

We get gcd (161, 28) = 7, s = −1 and t = 6.

9
Linear Diophantine Equation
A linear Diophantine equation of two variables is ax + by = c.
d = gcd(a, b).
When d | c, there is no solution.
When d |c, there are infinite number of solutions. Divide the equation by d.
a1 x + b1 y = c1
a1s + b1t = 1
Particular solution: x0 = (c/d)s and y0 = (c/d)t
General solutions: x = x0 + k (b/d) and y = y0 − k(a/d), where k is an integer.

21x + 14y = 35 d = gcd(21, 14) = 7, and 7 | 35 infinitely many solutions:

3x + 2y = 5
3s + 2t = 1 s = 1, t = -1

10
Cashing a Check…
For example, imagine we want to cash a $100 check and get some $20
and some $5 bills. We have many choices, which we can find by solving
the corresponding Diophantine equation 20x + 5y = 100. Since d = gcd
(20, 5) = 5 and 5 | 100, the equation has an infinite number of solutions,
but only a few of them are acceptable in this case.

The general solutions with x and y nonnegative are

(0, 20), (1, 16), (2, 12), (3, 8), (4, 4), (5, 0).

20x + 5y = 100

11
 2.2.2 Set of Residues
The modulo operation creates a set, which in modular arithmetic is referred
to as the set of least residues modulo n, or Zn.
Figure 2.9 Division algorithm and modulo operator

12
 2.2.3 Congruence

Our clock system uses modulo 12 arithmetic. However, instead of a 0

we use the number 12.

13
2.2.4 Binary Operations in Zn
Perform the following operations
(the inputs come from either Z or Zn):
a. Add 17 to 27 in Z14.
b. Subtract 43 from 12 in Z13.
c. Multiply 123 by −10 in Z19.

14
2.2.5 Inverses in Zn
In Zn, two numbers a and b are additive inverses of each other if

In Zn, two numbers a and b are the multiplicative inverse of each other if

15
Additive Inverses in Zn
In Zn, two numbers a and b are additive inverses of each other if

Find all additive inverse pairs in Z10.

The six pairs of additive inverses are
(0, 0), (1, 9), (2, 8), (3, 7), (4, 6), and (5, 5).

16
Multiplicative Inverses in Zn
In Zn, two numbers a and b are the multiplicative inverse of each other
if

Find all multiplicative inverses in Z10.

There are only three pairs: (1, 1), (3, 7) and (9, 9). The numbers 0, 2, 4, 5, 6,
and 8 do not have a multiplicative inverse.

Find all multiplicative inverse pairs in Z11.

We have six pairs: (1, 1), (2, 6), (3, 4), (5, 9), (7, 8), and (10, 10).

The inverse of b exists only if gcd (n, b) = 1 (mod n)

17
How to find the multiplicative inverse
of b in Zn ?
The inverse of b exists only if gcd (n, b) = 1 (mod n)

( s ´ n ) + (t ´ b) = 1
t ´ b = 1 (mod n )
-1
t = b (mod n )

18
Finding Multiplicative Inverses
Using extended Euclidean algorithm

Inverse exists only if gcd (n, b) = 1

The extended Euclidean algorithm finds the multiplicative inverses of b in Zn when n and
b are given and gcd (n, b) = 1.

The multiplicative inverse of b is the value of t after being mapped to Zn.

19
Find the multiplicative inverse of 11 in Z26.

i ri qi si ti
0 26 1 0
1 11 2 0 1
2 4 2 1 -2
3 3 1 -2 5
4 1 3 3 -7
5 0

The gcd (26, 11) is 1; the inverse of 11 is -7 or 19.

The extended Euclidean algorithm finds the multiplicative inverses of b in Zn when n and
b are given and gcd (n, b) = 1.

The multiplicative inverse of b is the value of t after being mapped to Zn.

20
Find the multiplicative inverse of 23 in Z100.

i ri qi si ti
0 100 1 0
1 23 4 0 1
2 8 2 1 -4
3 7 1 -2 9
4 1 7 3 -13
5 0
The gcd (100, 23) is 1; the inverse of 23 is -13 or 87.

21
2.2.6 Addition and Multiplication Tables

22
2-4 LINEAR CONGRUENCE

Cryptography often involves solving an equation or a set of equations

of one or more variables with coefficient in Zn.

Topics discussed in this section:

2.4.1 Single-Variable Linear Equations
2.4.2 Set of Linear Equations

23
2.4.1 Single-Variable Linear Equations
Equations of the form ax ≡ b (mod n) might have no solution or a
limited number of solutions.

Assume that the gcd (a, n ) = d.

there are d solutions.

1. Reduce the equation by dividing both sides by d.
a1 x º b1 mod n1
2. Particular solution.
x0 = a1-1b1 mod n1
3. General solutions
x = x0 + k ( n / d ) for k = 0,1,...,( d - 1)
= x0 + kn1

24
Example 2.35
Solve the equation 10 x ≡ 2(mod 15).

Solution
First we find the gcd (10, 15) = 5. Since 5 does not divide 2, we have
no solution.

Example 2.36
Solve the equation 14 x ≡ 12 (mod 18).
Solution gcd (14, 18 ) = 2. there are 2 solutions.

25
Example 2.37
Solve the equation 3x + 4 ≡ 6 (mod 13).

Solution

First we change the equation to the form ax ≡ b (mod n). We add −4

(the additive inverse of 4) to both sides, which give
3x ≡ 2 (mod 13). Because gcd (3, 13) = 1, the equation has only one
solution, which is x0 = (2 × 3−1) mod 13 = 18 mod 13 = 5. We can see
that the answer satisfies the original equation:
3 × 5 + 4 ≡ 6 (mod 13).

26
 2.4.2 Set of Linear Equations
We can also solve a set of linear equations with the same modulus if
the matrix formed from the coefficients of the variables is invertible.

Figure 2.27 Set of linear equations

27
 Example 2.38

Solve the set of following three equations:

Solution
The result is x ≡ 15 (mod 16), y ≡ 4 (mod 16), and z ≡ 14 (mod 16).
We can check the answer by inserting these values into the equations.

28
Assignment 1 (Due to March 21)
§ Programming in C : algorithm for finding the multiplicative inverse.

§ Chapter 2 Exercises 24, 25, 29, 31, 32, 35, 37(b)(d), 40(b).

29