Home> Schools> Carnegie Mellon University> Computer Science (CS) > CS 15251> lecture
Unformatted text preview:

15 251 Raising numbers to powers Cyrptography and RSA Lecture 14 February 26 2009 Great Theoretical Ideas in Computer Science p 1 p 1 How do you compute 58 using few multiplications First idea How do you compute 58 Better idea 5 52 53 54 55 56 57 58 52 5 5 5 5 52 54 58 52 4 54 52 5 5 5 Used only 3 mults instead of 7 How do you compute Repeated squaring calculates k a2 in k multiply operations compare with 2k 1 multiply operations used by the na ve method 513 Use repeated squaring again 5 52 54 58 516 too high what now assume no divisions allowed 1 How do you compute To compute am Suppose 2k m 2k 1 513 a a2 a4 a8 Use repeated squaring again 5 k This takes k multiplies 58 54 52 a2 Now write m as a sum of distinct powers of 2 Note that 13 8 4 1 1310 1101 2 So a13 a8 a4 a1 say m 2k 2i1 2i2 2it k i1 am a2 a2 a2 it at most k more multiplies Two more multiplies How do you compute Hence we can compute am while performing at most 2 log2 m multiplies 513 mod 11 First idea Compute 513 using 5 multiplies 1 220 703 125 5 52 54 58 512 513 4 12 5 5 58 5 then take the answer mod 11 1220703125 mod 11 4 How do you compute 513 mod 11 Better idea keep reducing the answer mod 11 5 52 25 11 3 54 11 9 58 512 Hence we can compute am mod n while performing at most 2 log2 m multiplies 513 11 81 11 36 11 15 11 4 11 3 11 4 where each time we multiply together numbers with log2 n 1 bits 2 How do you compute 5121242653 mod 11 The current best idea would still need about 54 calculations OK need a little more number theory for this one answer 4 Can we exponentiate any faster First recall Zn 0 1 2 n 1 Zn x Zn GCD x n 1 Fundamental lemmas mod n If x n y and a n b Then 1 x a n y b 2 x a n y b 3 x a n y b 4 cx n cy a n b i e if c in Zn Euler Phi Function n Fundamental lemma of powers n size of Zn If x n y Then ax n ay p prime p p 1 NO p q distinct primes pq p 1 q 1 2 3 5 but it is not the case that 22 3 25 3 Correct Fundamental lemma of powers How do you compute 5121242653 mod 11 If a Zn and x n y then ax n ay 121242653 mod 10 3 Equivalently 53 mod 11 125 mod 11 4 for a Zn ax n ax mod n Why did we take mod 10 for a Zn ax n ax mod n Hence we can compute am mod n while performing at most 2 log2 n multiplies where each time we multiply together numbers with log2 n 1 bits Correct Fundamental lemma of powers If a Zn and x n y then ax n ay 343281327847324 mod 39 Step 1 reduce the base mod 39 Step 2 reduce the exponent mod 39 24 NB you should check that gcd 343280 39 1 to use lemma of powers Step 3 use repeated squaring to compute 34 taking mods at each step How do you prove the lemma for powers Use Euler s Theorem For a Zn a n n 1 Equivalently Corollary Fermat s Little Theorem for a Zn ax n ax mod n For p prime a Zp ap 1 p 1 4 Proof of Euler s Theorem for a Zn a n n 1 Please remember Define a Zn a n x x Zn for a Zn Euler s Theorem By the permutation property Zn aZn For a Zn a n n 1 x n ax as x ranges over Zn x n x a size of Zn 1 n asize of Zn Commutativity Corollary Fermat s Little Theorem Cancellation a n n 1 For p prime a Zp ap 1 p 1 One Time Pads Basic Cryptography One Time Pads But reuse is bad XOR they give perfect security Can do other attacks as well 5 Agreeing on a secret One time pads rely on having a shared secret Alice and Bob have never talked before but they want to agree on a secret A couple of small things A value g in Zn generates Zn if g g2 g3 g4 g n contains all elements of Zn But for prime p Zp always has a generator How can they do this Might not exist for composite n Diffie Hellman Key Exchange Alice Picks prime p and a generator g in Zp Picks random a in Zp Sends over p g ga mod p Bob Picks random b in Zp and sends over gb mod p Now both can compute gab mod p What about Eve Alice Picks prime p and a generator g in Zp Picks random a in Zp Sends over p g ga mod p Bob Picks random b in Zp and sends over gb mod p Now both can compute gab mod p If Eve s just listening in she sees p g ga gb It s believed that computing gab mod p from just this information is not easy also discrete logarithms seem hard Discrete Log Given p g ga mod p compute a Diffie Hellman requires both parties to exchange information to share a secret How fast can you do this If you can do discrete logs fast you can solve the Diffie Hellman problem fast can we get rid of this assumption How about the other way If you can break the DH key exchange protocol do discrete logs fast 6 Our dramatis personae The RSA Cryptosystem Euler Pick secret random large primes p q Multiply n p q Publish n Adleman Shamir Rivest Fermat p q random primes e random Z n n p q e d 1 mod n n p q p 1 q 1 Pick random e Z n Publish e Compute d inverse of e in Z n Hence e d 1 mod n Private Key d n e is my public key Use it to send me a message p q prime e random Z n n p q e d 1 mod n n e message m me mod n me d n m 7 How hard is cracking RSA If we can factor products of two large primes can we crack RSA If we know n and n can we crack RSA How about the other way Does cracking RSA mean we must do one of these two We don t know yet Fast exponentiation Fundamental lemma of powers Euler phi function n Zn Euler s theorem Fermat s little theorem Diffie Hellman Key Exchange Here s What You Need to Know RSA algorithm 8

View Full Document

CMU CS 15251 - lecture

School: Carnegie Mellon University
Course: Cs 15251- Great Theoretical Ideas in Computer Science
Pages: 8
Documents in this Course
lecture

lecture

66 pages

lecture

lecture

79 pages

lecture

lecture

111 pages

lecture

lecture

85 pages

lecture17

lecture17

64 pages

Lecture

Lecture

85 pages

Lecture

Lecture

71 pages

Lecture

Lecture

70 pages

Lecture

Lecture

11 pages

Lecture

Lecture

45 pages

Lecture

Lecture

50 pages

Lecture

Lecture

93 pages

Lecture

Lecture

93 pages

Lecture

Lecture

35 pages

Lecture

Lecture

98 pages

Lecture

Lecture

74 pages

Lecture

Lecture

13 pages

Lecture

Lecture

15 pages

Lecture

Lecture

66 pages

Lecture

Lecture

82 pages

Lecture

Lecture

15 pages

Lecture

Lecture

47 pages

Lecture

Lecture

69 pages

Lecture

Lecture

13 pages

Lecture

Lecture

67 pages

Lecture

Lecture

68 pages

Lecture

Lecture

69 pages

lecture03

lecture03

44 pages

Lecture

Lecture

69 pages

Lecture

Lecture

68 pages

Lecture

Lecture

55 pages

Lecture

Lecture

79 pages

Lecture

Lecture

85 pages

Lecture

Lecture

87 pages

Lecture

Lecture

85 pages

Lecture

Lecture

103 pages

Lecture

Lecture

9 pages

Lecture

Lecture

83 pages

Lecture

Lecture

8 pages

lecture03

lecture03

68 pages

lecture24

lecture24

78 pages

lecture10ho

lecture10ho

12 pages

lecture03

lecture03

72 pages

Thales

Thales

129 pages

lecture13

lecture13

81 pages

Lecture

Lecture

64 pages

lecture01

lecture01

59 pages

lecture11

lecture11

105 pages

Lecture

Lecture

89 pages

Lecture

Lecture

74 pages

lecture25

lecture25

57 pages

Graphs I

Graphs I

8 pages

Lecture

Lecture

99 pages

lecture

lecture

50 pages

lecture

lecture

14 pages

Lecture

Lecture

78 pages

lecture28-orig

lecture28-orig

65 pages

Lecture

Lecture

98 pages

lecture

lecture

83 pages

lecture23

lecture23

88 pages

lecture

lecture

64 pages

lecture

lecture

72 pages

Lecture

Lecture

88 pages

lecture

lecture

79 pages

Lecture

Lecture

60 pages

lecture

lecture

74 pages

lecture13-pre

lecture13-pre

87 pages

lecture19

lecture19

72 pages

lecture25

lecture25

86 pages

lecture

lecture

13 pages

lecture17

lecture17

79 pages

lecture

lecture

91 pages

lecture

lecture

78 pages

Lecture

Lecture

11 pages

Lecture

Lecture

54 pages

lecture

lecture

72 pages

lecture

lecture

119 pages

lecture

lecture

167 pages

lecture

lecture

73 pages

lecture

lecture

73 pages

lecture

lecture

83 pages

lecture

lecture

49 pages

lecture

lecture

16 pages

lecture

lecture

67 pages

lecture

lecture

81 pages

lecture

lecture

72 pages

lecture

lecture

57 pages

lecture16

lecture16

82 pages

lecture 24

lecture 24

15 pages

lecture 28

lecture 28

65 pages

lecture 15

lecture 15

11 pages

lecture17-orig

lecture17-orig

49 pages

Lecture 11

Lecture 11

45 pages

lecture 06

lecture 06

14 pages

lecture 21

lecture 21

46 pages

lecture 07

lecture 07

14 pages

lecture 21

lecture 21

9 pages

lecture 11

lecture 11

68 pages

lecture 19

lecture 19

8 pages

lecture 24

lecture 24

52 pages

lecture21

lecture21

46 pages

Lecture

Lecture

92 pages

lecture 22-orig

lecture 22-orig

51 pages

lecture 04

lecture 04

34 pages

Lecture

Lecture

14 pages

Lecture 14

Lecture 14

48 pages

Lecture

Lecture

49 pages

Lecture

Lecture

132 pages

Lecture

Lecture

101 pages

Lecture

Lecture

98 pages

Lecture

Lecture

59 pages

Lecture

Lecture

64 pages

Lecture

Lecture

106 pages

Lecture

Lecture

70 pages

Lecture

Lecture

80 pages

lecture 10

lecture 10

44 pages

Lecture

Lecture

76 pages

Lecture

Lecture

91 pages

Lecture

Lecture

112 pages

Lecture

Lecture

91 pages

Lecture

Lecture

10 pages

Lecture

Lecture

39 pages

Lecture

Lecture

79 pages

Lecture

Lecture

74 pages

Lecture

Lecture

44 pages

Lecture

Lecture

39 pages

Lecture

Lecture

99 pages

Lecture

Lecture

44 pages

Lecture

Lecture

59 pages

1525lecture26

1525lecture26

62 pages

Lecture

Lecture

36 pages

lecture17

lecture17

36 pages

lecture

lecture

71 pages

lecture

lecture

79 pages

lecture

lecture

12 pages

lecture

lecture

43 pages

lecture

lecture

87 pages

lecture

lecture

35 pages

The Mathematics Of 1950’s Dating: Who wins The Battle of The Sexes?

The Mathematics Of 1950’s Dating: Who wins The Battle of The Sexes?

11 pages

lecture03

lecture03

23 pages

lecture

lecture

68 pages

lecture

lecture

74 pages

lecture

lecture

21 pages

lecture

lecture

79 pages

lecture

lecture

15 pages

lecture

lecture

83 pages

lecture

lecture

13 pages

Lecture

Lecture

53 pages

lecture

lecture

55 pages

Counting II: Pigeons, Pirates and Pascal

Counting II: Pigeons, Pirates and Pascal

15 pages

lecture

lecture

49 pages

lecture

lecture

10 pages

On Time Versus Input Size

On Time Versus Input Size

72 pages

Great Theoretical Ideas in Computer Science

Great Theoretical Ideas in Computer Science

51 pages

lecture

lecture

70 pages

Great Theoretical Ideas In Computer Science

Great Theoretical Ideas In Computer Science

98 pages

Great Theoretical Ideas in Computer Science

Great Theoretical Ideas in Computer Science

61 pages

Turing’s Legacy: The Limits Of Computation

Turing’s Legacy: The Limits Of Computation

66 pages

lecture

lecture

12 pages

Great Theoretical Ideas in Computer Science

Great Theoretical Ideas in Computer Science

11 pages

Modular Arithmetic and the RSA Cryptosystem

Modular Arithmetic and the RSA Cryptosystem

91 pages

URINARY AND BINARY

URINARY AND BINARY

104 pages

Turing Machines

Turing Machines

99 pages

Lecture

Lecture

105 pages

Lecture

Lecture

9 pages

Lecture

Lecture

72 pages

Lecture

Lecture

66 pages

Lecture

Lecture

54 pages

Lecture

Lecture

98 pages

Lecture

Lecture

57 pages

Lecture

Lecture

75 pages

Lecture

Lecture

48 pages

lecture

lecture

53 pages

Lecture

Lecture

72 pages

Lecture

Lecture

53 pages

Lecture

Lecture

84 pages

Lecture

Lecture

55 pages

Lecture

Lecture

15 pages

Lecture

Lecture

6 pages

Lecture

Lecture

38 pages

Lecture

Lecture

71 pages

Lecture

Lecture

110 pages

Lecture

Lecture

70 pages

lecture

lecture

48 pages

Deterministic Finite Automata

Deterministic Finite Automata

7 pages

lecture

lecture

76 pages

lecture

lecture

48 pages

lecture

lecture

52 pages

152lecture15

152lecture15

61 pages

Generating Functions

Generating Functions

10 pages

lecture

lecture

43 pages

lecture

lecture

81 pages

lecture

lecture

82 pages

lecture

lecture

83 pages

lecture

lecture

64 pages

lecture

lecture

71 pages

lecture

lecture

65 pages

Turing's Legacy: The Limits Of Computation

Turing's Legacy: The Limits Of Computation

62 pages

lecture

lecture

56 pages

lecture

lecture

12 pages

lecture

lecture

66 pages

lecture

lecture

50 pages

lecture

lecture

86 pages

lecture

lecture

70 pages

Lecture

Lecture

74 pages

Lecture

Lecture

54 pages

Lecture

Lecture

90 pages

lecture

lecture

78 pages

lecture

lecture

87 pages

Lecture

Lecture

55 pages

Lecture

Lecture

12 pages

lecture21

lecture21

66 pages

Lecture

Lecture

11 pages

lecture

lecture

83 pages

Lecture

Lecture

53 pages

Lecture

Lecture

69 pages

Lecture

Lecture

12 pages

lecture04

lecture04

97 pages

Lecture

Lecture

14 pages

lecture

lecture

75 pages

Lecture

Lecture

74 pages

graphs2

graphs2

8 pages

lecture

lecture

82 pages

Lecture

Lecture

8 pages

lecture

lecture

47 pages

lecture

lecture

91 pages

lecture

lecture

76 pages

lecture

lecture

73 pages

lecture

lecture

10 pages

lecture

lecture

63 pages

lecture

lecture

91 pages

lecture

lecture

79 pages

lecture

lecture

9 pages

lecture

lecture

70 pages

lecture

lecture

86 pages

lecture

lecture

102 pages

lecture-Algebraic Structures: Group Theory

lecture-Algebraic Structures: Group Theory

64 pages

lecture

lecture

145 pages

Modular Arithmetic and the RSA Cryptosystem

Modular Arithmetic and the RSA Cryptosystem

17 pages

lecture

lecture

91 pages

Number Theory and Modular Arithmetic

Number Theory and Modular Arithmetic

73 pages

Lecture

Lecture

87 pages

Dos and Donts in Inductive Proofs

Dos and Donts in Inductive Proofs

3 pages

lecture

lecture

87 pages

Notes

Notes

19 pages

Great Theoretical Ideas in Computer Science

Great Theoretical Ideas in Computer Science

18 pages

Lecture

Lecture

50 pages

Lecture

Lecture

13 pages

Lecture

Lecture

97 pages

Lecture

Lecture

98 pages

Lecture

Lecture

83 pages

Lecture

Lecture

77 pages

Lecture

Lecture

102 pages

Lecture

Lecture

63 pages

Lecture

Lecture

104 pages

lecture

lecture

41 pages

lecture

lecture

14 pages

Lecture

Lecture

87 pages

Lecture

Lecture

94 pages

lecture

lecture

9 pages

Lecture

Lecture

96 pages

Lecture

Lecture

72 pages

Lecture

Lecture

35 pages

Lecture

Lecture

77 pages

Lecture

Lecture

98 pages

Lecture

Lecture

48 pages

Lecture

Lecture

66 pages

Lecture

Lecture

53 pages

lecture18

lecture18

101 pages

Lecture

Lecture

10 pages

Lecture

Lecture

70 pages

Lecture

Lecture

12 pages

Lecture

Lecture

74 pages

graphs

graphs

10 pages

Lecture

Lecture

62 pages

Lecture

Lecture

11 pages

Lecture

Lecture

71 pages

Lecture

Lecture

42 pages

lecture20-handout

lecture20-handout

11 pages

lecture15

lecture15

72 pages

Lecture

Lecture

82 pages

Load more

Please select your school

Login

Join to view lecture and access 3M+ class-specific study document.

Continue
or
We will never post anything without your permission.
Don't have an account?

We couldn't create a GradeBuddy account using Facebook because there is no email address associated with your Facebook account.

Link an email address with your Facebook below or create a new account.

Sign Up

Join to view lecture and access 3M+ class-specific study document.

Continue
or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?

We couldn't create a GradeBuddy account using Facebook because there is no email address associated with your Facebook account.

Link an email address with your Facebook below or create a new account.