08

E3
N
C
U
AC

Cryptography and Network Security

Finite Fields Galois G(2n)
88
Dr. Abdellatif Elkouny
Introduction 89

08
will now introduce finite fields

E3
of increasing importance in cryptography

N
• AES, Elliptic Curve, IDEA, Public Key

C
concern operations on “numbers”
U
• where what constitutes a “number” and the type of
AC

operations varies considerably

start with basic number theory concepts

Dr. Abdellatif Elkouny

Divisors 90

08
E3
• say a non-zero number b divides a if for some m have a=mb (a,b,m
all integers)

N
• that is b divides into a with no remainder
• denote this b|a
C
U
• and say that b is a divisor of a
AC

• eg. all of 1,2,3,4,6,8,12,24 divide 24

• eg. 13 | 182; –5 | 30; 17 | 289; –3 | 33

Dr. Abdellatif Elkouny

 Division Algorithm 91
• if divide a by n get integer quotient q and integer remainder r

08
a = qn + r

E3
• where 0 <= r < n; remainder r often referred to as a residue

N
q = floor(a/n)

C
U
AC

Dr. Abdellatif Elkouny

 Modular Arithmetic 92
• define modulo operator “a mod n” to be remainder when a is

08
divided by n

E3
• where integer n is called the modulus
• r is called a residue (remainder) of a mod n

N
• q is called a quotient of a mod n
C
• since with integers can always write: a = qn + r
U
• usually chose smallest positive remainder as residue
AC

• ie. 0 <= r <= n-1

• process is known as modulo reduction
• eg. -12 mod 7 = -5 mod 7 = 2 mod 7 = 9 mod 7
• a & b are congruent if: a mod n = b mod n
• when divided by n, a & b have same remainder
• eg. 8 mod 5 = 23 mod 5 = 3
Dr. Abdellatif Elkouny
Modulo 8 Addition
/Multiplication Example 93

+ 0 1 2 3 4 5 6 7 * 0 1 2 3 4 5 6 7

08
0 0 1 2 3 4 5 6 7 0 0 0 0 0 0 0 0 0

E3
1 1 2 3 4 5 6 7 0 1 0 1 2 3 4 5 6 7

N
2 2 3 4 5 6 7 0 1 2 0 2 4 6 0 2 4 6
C
U
3 3 4 5 6 7 0 1 2 3 0 3 6 1 4 7 2 5
AC

4 4 5 6 7 0 1 2 3 4 0 4 0 4 0 4 0 4

Dr. Abdellatif Elkouny

5 5 6 7 0 1 2 3 4 5 0 5 2 7 4 1 6 3
6 6 7 0 1 2 3 4 5 6 0 6 4 2 0 6 4 2
7 7 0 1 2 3 4 5 6 7 0 7 6 5 4 3 2 1
 Greatest Common Divisor (GCD)
Euclidean Algorithm 94

08
 a common problem in number theory
 GCD (a,b) of a and b is the largest integer that divides evenly
into both a and b

E3
 eg GCD(60,24) = 12
 define gcd(0, 0) = 0

N
 often, we want no common factors (except 1) define such
numbers as relatively prime
C
U
 eg GCD(8,15) = 1
 hence 8 & 15 are relatively prime
AC

 Euclidean Algorithm consist of two main important

properties :
 gcd(x , 0)=x
 gcd(x , y) = gcd (y , r) where r = remainder of x/y

Dr. Abdellatif Elkouny

Example GCD(1970,1066) 95

08
1970 = 1 x 1066 + 904 gcd(1066, 904)
1066 = 1 x 904 + 162 gcd(904, 162)

E3
904 = 5 x 162 + 94 gcd(162, 94)

N
162 = 1 x 94 + 68 gcd(94, 68)
94 = 1 x 68 + 26 gcd(68, 26)
68 = 2 x 26 + 16
C gcd(26, 16)
U
26 = 1 x 16 + 10 gcd(16, 10)
AC

16 = 1 x 10 + 6 gcd(10, 6)
10 = 1 x 6 + 4 gcd(6, 4)
6 = 1 x 4 + 2 gcd(4, 2)
4 = 2 x 2 + 0 gcd(2, 0)

Dr. Abdellatif Elkouny

Extended Euclidean Algorithm
Finding Inverses 96

08
EXTENDED EUCLID(m, b)
1. (A1, A2, A3)=(1, 0, m);

E3
(B1, B2, B3)=(0, 1, b)
2. if B3 = 0

N
return A3 = gcd(m, b); no inverse
3. if B3 = 1

C
return B3 = gcd(m, b); B2 = b–1 mod m
U
4. Q = A3 / B3
5. (T1, T2, T3)=(A1 – Q B1, A2 – Q B2, A3 – Q B3)
AC

6. (A1, A2, A3)=(B1, B2, B3)

7. (B1, B2, B3)=(T1, T2, T3)
8. goto 2
• Thus, if gcd(m,b)=1 then it has an inverse

Dr. Abdellatif Elkouny

Inverse of 550 in GF(1759) 97

08
Q A1 A2 A3 B1 B2 B3

E3
Q=A3/B3 A1 – Q B1 A2 – Q B2 A3 – Q B3

— 1 0 1759 0 1 550

N
3 0 1 C 550 1 –3 109
U
5 1 –3 109 –5 16 5
AC

21 –5 16 5 106 –339 4
1 106 –339 4 –111 355 1

Dr. Abdellatif Elkouny

Group 98

08
• a set of elements or “numbers” with a binary operator (.) whose result is
always in the set and has the following properties ex G= {Zn ,+} where Zn

E3
is set of all integers mod n
• Closure: if a and b are in set G then c = a . b will always result in value

N
which is in set G
• obeys:
C
• associative law: (a.b).c = a.(b.c) ex (a+b)+c = a+(b+c)
U
• Has identity e: e.a = a.e = a 0+a = a+0 = a
AC

• Has inverses a-1: a.a-1 = e a +(-a) = 0

• if commutative a.b = b.a a + b = b + a
• then forms an abelian group

If Zn is a group, this mean that we can do

Dr. Abdellatif Elkouny the inverse operation thus subtraction
 Dr. Abdellatif Elkouny

Group 99

08
E3
N
C
U
AC
 Ring 100

08
• a set of “numbers”
• with two operations (addition and multiplication) which form:

E3

Dr. Abdellatif Elkouny

• an abelian group with addition operation
• and multiplication:

N
• has closure
• is associative C
U
• is distributive over addition: a(b+c) = ab + ac
AC

• if multiplication operation is commutative, it forms a commutative

ring
• if multiplication operation has an identity and no zero divisors, it
forms an integral domain

A ring is a set in which we can do addition, subtraction [a – b = a + (–b)],

and multiplication without leaving the set, and which obeys the
associative and distributive laws. We denote a Ring as {R,+,.}
 Fields 101
• a set of numbers

08
• with two operations which form:

E3
• abelian group for addition

N
• abelian group for multiplication (ignoring 0) (Identity element in
C
the first operation (+) does not have an inverse in the second
U
operation)
AC

• ring
• have hierarchy with more axioms/laws
• group -> ring -> field

Dr. Abdellatif Elkouny

 Dr. Abdellatif Elkouny

Fields 102

08
Initially (t1=0,t2=1)
t = t1 - q* t2
If r1 = 1 then have

E3
inverse and is
equal to t1

N
C
U
AC
 Dr. Abdellatif Elkouny

Group, Ring, Field 103

08
E3
N
C
U
AC
Finite (Galois) Fields 104

08
• finite fields play a key role in cryptography

E3
• can show number of elements in a finite field
must be a power of a prime pn

N
• known as Galois fields
• denoted GF(pn) C
U
AC

• in particular often use the fields:

• GF(p)
• GF(2n)

Dr. Abdellatif Elkouny

Galois Fields GF(p) 105

08
• GF(p) is the set of integers {0,1, … , p-1} with

E3
arithmetic operations modulo prime p
• these form a finite field

N
• since have multiplicative inverses

C
• find inverse with Extended Euclidean algorithm
U
• hence arithmetic is “well-behaved” and can-do
AC

addition, subtraction, multiplication, and division

without leaving the field GF(p)

Dr. Abdellatif Elkouny

 Dr. Abdellatif Elkouny

Finite (Galois) GF(p) 106

08
E3
N
C
U
AC

Mod p
p=2
 Dr. Abdellatif Elkouny

Modulo 8 107

08
E3
N
C
U
AC
Justification of Galois Field 108

08
• We need to perform +,-,* and /. So we need something that
qualifies for a Field.

E3
• Zp qualifies to be a Field.
• Problems:

N
• If we have 3 bits representation, then we are dealing with Z8
domain. C
U
• For 8 bits representation we have Z256.
AC

• All these are even integer domains and none of them except Z2
are in Zp
• Z8 and Z256 are commutative rings
• Thus, the best solution is to have GF(2n)
Dr. Abdellatif Elkouny
 Dr. Abdellatif Elkouny

GF(23) ≈ GF(pn)
109

08
Calculation is a bit deference ex 3 + 5 = 6 not 8 mod 8 =0

E3
a = -a

N
C
U
AC
 Modular polynomial Arithmatic 110

08
E3
N
C
U
AC

For n = 3 max order of the

polynomial =2 X2+X+1

Dr. Abdellatif Elkouny

 Dr. Abdellatif Elkouny

Operation on Mod poly. Arith. 111

08
E3
111 = 7 101 = 5 Residual poly max. power =n pn=23
max=3
(prime number) 1011 = (11)dec

N
C
U
010 = 2
AC

x2 + x2 = 2 x2 Coefficient is 2 Mod p; p =2; 2 mod 2 =0 Thus x2 + x2 =0

Addition act as XOR

110 = 6

Multiplication act as shift and XOR

7+ 5 = 2 and 7 * 5 = 6 look at the previous table

 112

08
E3
N
C
U
AC

Dr. Abdellatif Elkouny

Summary 113

08
• have considered:

E3
• divisibility & GCD
• modular arithmetic with integers

N
• concept of groups, rings, fields
•
C
Euclid’s algorithm for GCD & Inverse
U
• finite fields GF(p)
AC

• polynomial arithmetic in general and in GF(2n)

Dr. Abdellatif Elkouny