Professional Documents
Culture Documents
EE418 HW2 Solutions
EE418 HW2 Solutions
EE418 HW2 Solutions
Homework 2 – Solutions
Assigned: Tuesday, October 11, 2016, Due: Tuesday, October 25, 2016
Instructor: Tamara Bonaci
Department of Electrical Engineering
University of Washington, Seattle
Problem 1
For each of the following pairs of integers (x, y), first determine whether x−1 mod y exists. Then find x−1
(mod y) if it exists. Show all work.
(a) x = 5, y = 25
(b) x = 12, y = 29
(c) x = 24, y = 35
(d) x = 17, y = 101
Solution:
(a) x = 5, y = 25
There does not exist an inverse x−1 (mod y) for a pair x = 5, y = 25, since
x = 5
y = 25 = 52 , hence
gcd(x = 5, y = 25) = 5 6= 1
(b) x = 12, y = 29
There does exist an inverse x−1 (mod y) for a pair x = 12, y = 29, since gcd(x = 12, y = 29) = 1. Let’s
show that using the Eucliedan Algorithm:
12 = 0(29) + 12
29 = 2(12) + 5
12 = 2(5) + 2
5 = 2(2) + 1
2 = 2(1) + 0
Now, let’s use the Extended Eucliedan Algorithm to find the inverse x−1 (mod y) for a pair x = 12, y = 29:
1 = 5 − 2(2)
= 5 − 2[12 − 2(5)] = 5(5) − 2(12)
= 5[29 − 2(12)] − 2(12) = 5(29) − 12(12) (1)
1
Solution: (c) x = 24, y = 35
There does exist an inverse x−1 (mod y) for a pair x = 24, y = 35, since gcd(x = 24, y = 35) = 1. Let’s
show that by factorizing x and y:
x = 23 · 3
y = 5·7 (2)
From (2), it follows that x and y do not have any common factors, hence gcd(x = 24, y = 35) = 1.
Let’s now use the Extended Euclidean Algorithm to find the inverse x−1 (mod y) for a pair x = 24, y = 35:
24 = 0(35) + 24
35 = 1(24) + 11 → 11 = 35 − 1(24)
24 = 2(11) + 2 → 2 = 24 − 2(11)
11 = 5(2) + 1 → 1 = 11 − 5(2)
1 = 11 − 5(2)
= 11 − 5[(24) − 2(11)] = 11(11) − 5(24)
= 11[(35) − (24)] − 16(24) = 11(35) − 16(24) (3)
x = 87 = 29 · 3
y = 102 = 2 · 3 · 17 (4)
From (4), it follows that x and y do have common factor, d = 3, hence gcd(x = 87, y = 102) = 3.
Solution I:
In order to prove the statement given by equation (5), let’s use the remainder theorem to represent a as:
a=b·m+r (6)
We next multiply both sides of equation (6) by -1 and rearrange the equation in the following way:
−a = −b · m − r
= −b · m + m − m − r
= −(b + 1) · m + m − r (7)
2
Equation (7) is, however, nothing but another application of the remainder theorem:
−a = − (b + 1) m + (m − r) = q1 · m + r1 (8)
| {z } | {z }
q1 r1
−a mod m = r1
= m−r
= m − a mod m (9)
Solution II:
Part one:
Suppose that a, m > 0 and a 6≡ 0 mod m, hence for some integers q and r, where 0 ≤ r < m, we can write a
as a = mq + r, according to division theorem. By simple algebra, −a = −mq − r, which is −a = m(−q) − r.
Then we take mod m on both side. (−a) mod m = (−r) mod m. However, it is equivalent to
(−a) mod m = m − r mod m. Since 0 < r < m, then 0 < m − r < m, and m − r mod m = m − r, as the
result (−a) mod m = m − r.
Part two:
On the other hand, since a = mq + r, then a mod m = r, hence −(a mod m) = −r. By adding m on both
side, we get
m − (a mod m) = m − r
By comparing result from both part,
(−a) mod m = m − r, m − (a mod m) = m − r, we conclude they are equal, and hence it completes the
proof.
Solution:
In order to find all involutory keys in Shift Cipher over Z26 , let’s first represent the 5-tuple that defines the
cipher:
P = C = K = Z26
y = eK (x) = (x + K) mod 26
x = dK (y) = (y − K) mod 26 (10)
3
From equation (11), if follows that:
x = eK (eK (x))
= eK [(x + K) mod 26]
= [(x + K) mod 26 + K] mod 26
= (x + 2K) mod 26 (12)
From equation (12), the condition for a key to be an involutory key in Shift Cipher over Z26 is given as:
2 · K mod 26 = 0 (13)
From equation(13), we conclude that there are two involutory keys in Shift Cipher over Z26 :
K1 = 0; K2 = 13
Solution:
Let’s start solving this problem by recalling the definition of the Affine cipher:
P = C = Zm
K = {(a, b) : a ∈ Zm and gcd(a, m) = 1, b ∈ Zm }
y = eK (x) = (ax + b) mod m
x = dK (y) = a−1 (y − b) mod m (14)
From equation (14), it follows that the number of keys in an Affine Cipher over Zm depends on the cardinality
of the subset Z̃m , that contains all the elements x ∈ Z̃m , such that gcd(x, m) = 1. The cardinality of the
subset Z̃m is determined by the Euler totient (φ) function:
n
Y
φ(m) = (pei i − piei −1 ) (15)
i=1
Qn
where i=1 pei i represents a unique prime factorization of number m.
From equation (15), the number of distinct keys in an affine cipher over Zm is defined as:
n
Y
# of distinct keys = N (m) = m · φ(m) = m (pei i − piei −1 ) (16)
i=1
4
For m = 30, 100, 1225, we can write:
30 = 2·3·5
Yn
φ(30) = pei i = (2 − 1) · (3 − 1) · (5 − 1) = 8
i=1
n
Y
N (30) = m · φ(m) = m (pei i − pei i −1 ) = 30 · 8 = 240
i=1
100 = 22 · 52
Yn
φ(100) = pei i = (22 − 2) · (52 − 5) = 2 · 20 = 40
i=1
n
Y
N (100) = m · φ(m) = m (pei i − pei i −1 ) = 100 · 40 = 4 · 103
i=1
1225 = 52 · 72
Yn
φ(1225) = pei i = (52 − 5) · (72 − 7) = 20 · 42 = 840
i=1
n
Y
N (1225) = m · φ(m) = m (pei i − pei i −1 ) = 1225 · 840 = 1029000
i=1
Solution:
An Affine Cipher over Z29 is defined by the following 5-tuple:
P = C = Z29
K = {(a, b) : a ∈ Z29 and gcd(a, 29) = 1, b ∈ Z29 }
y = eK (x) = (ax + b) mod 29
x = dK (y) = a−1 (y − b) mod 29 (17)
(a) In order to express the decryption rule (equation (17)) in the form:
let’s first find the multiplicative inverse of a = 5 over Z29 using Extended Euclidean Algorithm:
29 = 5(5) + 4
5 = 1(4) + 1
1 = 5 − 1(4)
1 = 5 − 1(29 − 5(5))
1 = 6(5) − 29 (19)
5
From equation (19), it follows that a−1 = 6. We can now write:
Therefore, decryption rule dK (y) can be expressed as dK (y) = (6y + 19) mod 29
(b)We next prove that dK (eK (x)) = x for all x ∈ Z29 .
In order to prove that dK (eK (x)) = x, let’s express dK (eK (x)) in the following way:
edsgickxhuklzveqzvkxwkzukcvuh
The first two letter of the plaintext are if . Please decrypt.
Solution:
The plaintext is: if you can read this thank a teacher
Let’s recall that the first two ciphertext letters, ”ed” (4,3) correspond to plaintext ”if” (8,5). We can apply
that to the definition of affine decryption, dk (y) = a−1 (y − b) mod 26, to get the following system of
equations:
8 = a−1 (4 − b)
5 = a−1 (3 − b)
8a = (4 − b) mod 26
5a = (3 − b) mod 26
3a = 1 mod 26
We observe that a−1 = 3, and substitute that back into 5 = a−1 (3 − b), which allows us to solve for b = 10.
Using the key (a, b) = (3, 10), we can use any software to increase the decryption speed. Below is an example
of Matlab code.
6
a inv = 3;
b = 10;
a = uint8('a');
s = lower(s);
for i=1:length(s)
t = uint8(s(i));
if t < a
numArray(i) = −1;
else
numArray(i) = double(t − a);
end
end
%numArray = uint8(s) − a;
numArray = double(numArray);
a = uint8('a');
%x = x + a;
str = char(uint8(x)+a);
Solution:
The inverse of a can easily be found to be equal to 9. A simple approach to finding b is to iterate over all 26
possibilities, from 0 to 25, and see what would be reasonable. The plaintext is,
twenty six possibilities
and below is an example Matlab code you can use to decrypt the given ciphertext:
clear all;clc
ciphertext str = 'tcabtiqmfheqqmrmvmtmaq';
ciphertext = convertToNumbers(ciphertext str);
a inv = 9;
plaintext set = [];
for b = 0:25;
plaintext = mod(a inv *(ciphertext − b),26);
plaintext str = convertToString(plaintext);
plaintext set = [plaintext set;plaintext str];
end
plaintext set
7
Problem 8 (Stinson, Problem 1.15)
Determine the inverses of the following matrices over Z26 .
2 5
(a) M1 =
9 5
1 11 12
(b) M2 = 4 23 2
7 15 9
8
Solution:
Let’s recall that the inverse of the matrix M1 over Z26 exists if the determinant of the given matrix and
number 26 are coprime:
gcd(det(M1 ), 26) = 1 (22)
(a) We first calculate the determinant det M1 and its inverse over Z26 :
2 5
det M1 = det = −35 (mod 26) = 17 (mod 26);
9 5
(det M1 )−1 = −3 (mod 26) = 23 (mod 26)
Since gcd(det M1 , 26) = gcd(17, 26) = 1, the inverse M1−1 over Z26 exists and can be calculated as:
5 −5
M1−1 = (det M1 )−1 (mod 26)
−9 2
5 −5
= 23 (mod 26)
−9 2
115 −115
= (mod 26)
−207 46
11 15
= (mod 26)
1 20
(b) Similarly, the determinant and its inverse of the matrix M2 over Z26 can be calculated as follows:
1 11 12
det M2 = det 4 23 2 = −3817 (mod 26) = 5 (mod 26);
17 15 9
(det M2 )−1 = −5 (mod 26) = 21 (mod 26)
Since gcd(det M2 , 26) = gcd(21, 26) = 1, the inverse of M2 over Z26 exists and can be calculated as:
177 −2 −331
M2−1 = 21 81 −195 172 (mod 26)
−254 6 −21
21 3 6
= 21 24 13 20 (mod 26)
7 16 5
441 63 126
= 504 273 420 (mod 26)
147 336 105
25 11 22
= 10 13 4 (mod 26)
17 24 1
x 1 2 3 4 5 6 7 8
π(x) 4 1 6 2 7 3 8 5
9
(a) Compute the permutation π −1 .
(b) Decrypt the following ciphertext, for a Permutation Cipher with m = 8, which was encrypted using the
key π:
TGEEMNELNNTDROEOAAHDOETCSHAEIRLM
Solution:
(a) In every Permutation Cipher, given a permutation π of the set {1, . . . , m}, an associated m × m permu-
tation matrix Kπ = (kij ) can be defined according to the formula:
(
1 if i = π(j)
ki,j = (23)
0 otherwise
For the given permutation π, the permutation matrix Kπ and its inverse Kπ−1 are defined as follows:
0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0
1 0 0 0 0 0 0 0 1 0 0 1 0 0 0 0
0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0
0 1 0 0 0 0 0 0 , Kπ−1 = 0 0 0 0 0 0 0 0
Kπ =
0
0 0 0 0 0 1 0
0 0 0
0 0 0 0 1
0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 0
0 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0
0 0 0 0 1 0 0 0 0 0 0 0 0 0 1 0
Reading the Kπ−1 matrix, we obtain the decryption permutation presented in table .
(b) In order to decrypt the given ciphertext, we first divide it in blocks of size m = 8:
TGEEMNEL — NNTDROEO — AAHDOETC — SHAEIRLM
Using the decryption table, we finally decrypt the ciphertext: Gentlemen do not read each other’s
mail.
x 1 2 3 4 5 6 7 8
−1
π (x) 2 4 6 1 8 3 5 7
10
Solution:
(a) If Alice uses the Shift cipher to repeatedly encrypt a single letter, Eve will recognize that the plaintext
is just one repeated letter by simply observing that the ciphertext consists of a single letter repeated
multiple times. Having access only to the ciphertext, however, Eve won’t be able to deduce what the
cryptographic key using the brute force method since every shift will result in a string of repeated
letters, and Eve won’t have a way of knowing which letter did Alice choose.
(b) If Alice uses the Affine cipher to repeatedly encrypt a single letter, Eve will again easily recognize that
the plaintext is just one repeated letter. Similar to the Shift cipher, however, Eve again won’t be able
to deduce what the cryptographic key is by looking only at the ciphertext. The reason for that is
that the cryptographic key in the Affine cipher consists of two parts, scaling element, a, and shifting
element, b. Having an access to a ciphertext consisting of a single letter repeated multiple time, Eve
won’t be able to find both a and b.
(c) If Eve is able to guess the Alice is using the Vigenere cipher to encrypt a single letter repeated multiple
times, then Eve can easily deduce the length of the cryptographic key, by simply observing when a letter
repeats for the first time in the given ciphertext. If Eve makes an assumption that the cryptographic
key is an English word of the length between 8 and 12 characters, in order to deduce what that key is,
she will apply the same brute force approach as she would in the ciphertext only attack against
the Shift cipher. The difference here is that the meaningful word that Eve will eventually find is
actually the key, and the string of repeated letters is the plaintext.
11