Upcoming SlideShare
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Standard text messaging rates apply

# The Mathematical Perspective of Cryptological Functions

2,141

Published on

1 Like
Statistics
Notes
• Full Name
Comment goes here.

Are you sure you want to Yes No
• Be the first to comment

Views
Total Views
2,141
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
96
0
Likes
1
Embeds 0
No embeds

No notes for slide

### Transcript

• If a,b are integers where b≠0 and q and r are nonnegative integers such that a = bq + r, where 0 ≤ r < b, (remember r is the remainder, q is the quotient, and b is the divisor) then gcd(a,b)=gcd(b,r).
• 2. gcd(a, 0)=a
Proof: (Lemma 1)<br />Since we are trying to prove that the gcds are equal to each other, it will be straightforward if the proof is presented in two steps. Step 1 is gcd(a,b)≤ gcd(b,r). Step 2 is gcd(b,r)≥ gcd(a,b). Since we are proving that each gcd is less than or equal to and greater than or equal to the other, then the two greatest common divisors have to be equal.<br />
• Prove gcd(a,b)≤ gcd(b,r).
• 3. In order to show that the gcd of a and b is less than the gcd of b and r, we need to first show that any common divisor of a and b is also a common divisor of b and r.
• 4. Let c be a common divisor of a and b. Then c|a and c|b, and so, by definition of divisibility, a=nc, and b=mc, for some integers n and m. Now substitute into the equation
• 5. a=bq+r
• 6. to obtain
• 7. nc=(mc)q+r
• 8. Then solve for r:
• 9. r=nc-(mc)q
• 10. r=(n-mq)c.
• 11. But n-mq is an integer, and so, by definition of divisibility, c|r. Because we already know that c|b, we can conclude that c is a common divisor of b and r. Which is what was to be shown.
• 12. Prove that gcd(a,b)≤ gcd(b,r).
• 13. Since we already proved that a is a common divisor of a, b, and r, now we need to prove that gcd(a,b)≤ gcd(b,r).
• 14. From part a, every common divisor of a and b is a common divisor of b and r. It follows that the greatest common divisor of a and b is a common divisor of b and r. But then gcd(a,b) (being one of the common divisors of b and r) is less than or equal to the greatest common divisor of b and r:
• 15. gcd(a,b)≤gcd(b,r).
• 16. Prove gcd(b,r)≤ gcd(a,b).
• 17. First we need to show that there is a common divisor p of b and r.
• 18. Let p be a common divisor of b and r. Then p|b and p|r. By definition of divisibility b=np and r=mp for some integers m and n.
• 19. Now we want to show that p is a common divisor of a and b.
• 20. a=bq+r
• 21. a= (np)q+mp substituting b=np and r=mp
• 22. a= pnq+mpby distributive property
• 23. a= p(nq+m)by distributive property
• 24. But nq+m is an integer because adding integers still produces an integer. Now we can see that p|a by definition of divisibly. Since we know that p is a divisor of b and r, and p is a divisor of a, then we know that p is a common divisor of a and b.
• 25. Now we need to show that gcd(b,r)≤ gcd(a,b).
• 26. From above in part a we showed that every common divisor of b and r is a common divisor of a and b. However, gcd(b,r)≤ gcd(a,b) because gcd(b.r) is one of the common divisors of a and b; the gcd(b,r), being one of the common divisors of a and b, is less than or equal to the greatest common divisor of a and b:
• 27. gcd(b,r)≤gcd(a,b).
Proof: (Lemma 2) <br />We want to show that a common divisor of a and 0 is a.<br />Suppose a is a positive integer. We know that a divides 0 because every positive integer divides 0. We also know that a divides a because everything divides itself. Therefore, we can conclude that a is a common divisor of a and 0. <br />Now we want to show that a is the greatest common divisor of a and 0.<br />We know that a must be the largest common divisor of a because no integer larger than a can divide a. This means that no integer larger than a can be a common divisor of a and 0. Threfore, this means that a is the greatest common divisor of a and 0, which is what we wanted to prove.<br />Now that we have shown the proof of the Euclidean algorithm, it is useful to understand how to use it. In order to find the greatest common divisor of two integers a and b, there are three steps that need to be completed:<br />
• Check to see if a>b≥0.
• 28. If this is satisfied, then check to see if b=0.
• 29. If b=0, use lemma 2 of the Euclidean algorithm to produce gcd(a,b)=b.If b>0 then the division algorithm states that a=bq+r and when a is divided by b a quotient q and a remainder r is left such that 0 ≤ r < b. Now we can use lemma 1 to find the gcd(b,r) instead of finding the gcd(a,b). This may seem like more work finding more greatest common divisors, but the pair of integers b and r are smaller than the pair of integers a and b because we know that 0 ≤ b < a, since our integers are greater than or equal to 0. We also know that 0 ≤ r < b because of the division algorithm and now we can say that 0 ≤ r < b < a. Therefore, we can see that (b,r)<(a,b).
• 30. Since r≠0 yet, we need to keep repeating step 2 until r=0. This means that until the remainder is equal to 0, then the greatest common divisor of (a,b) has not been determined. Eventually the gcd(a,b) will be produced because through iterations of step 2, there will ultimately be two numbers that cannot be divided into each other any farther. This is because throughout the iterations, the previous integer b becomes the new integer a, and previous integer r becomes the new integer b. Hence r decreases each time and will eventually reach 0. When this happens, the last iteration of gcd(b,r) will be gcd(b,0) and the integer a, or the previous b, will be the gcd(a,b).
Step 3 can also be rewritten as:Let a=A, b=B and r=B.while (b QUOTE 0) r = a mod b, then a=b and b=r.end whilegcd=a. (Epp 196)<br />Here is an example of the Euclidean algorithm where a=112, and b=34:Find the gcd (112, 34): *Remember that while (b QUOTE 0) r = a mod b, then a=b and b=r.Divide 112 by 34: a=112, b=34. So r=112 mod 34. q=3 and r =10. Previous b=34, now a=34. Previous r=10, now b=10:Divide 34 by 10: a=34, b=10. So r=34 mod 10. q=3 and r =4. Previous b=10, now a=10. Previous r=4, now b=4:Divide 10 by 4: a=10, b=4. So r=10 mod 4. q=2 and r =2. Previous b=4, now a=4. Previous r=2, now b=2:Divide 4 by 2: a=4, b=2. So r=4 mod 2. q=2 and r =0. Previous b=2, now a=2. Previous r=0, now b=0:Divide 2 by 0: b=0 so therefore the gcd is a. Therefore, the gcd (112,34)= 2. <br />The Euclidean algorithm is very useful when trying to find the gcd of two integers, especially large integers. This algorithm along with the division algorithm makes computing with large much easier because it allows us to find the factors of large numbers. As you can imagine, performing operations upon factors of large numbers is much easier than trying to compute straight from the large numbers themselves. <br />2.5.3 Modular Arithmetic <br />Definition: For any positive integer, the group of integers modulo n is the set {0,1,2,…n-1} together with the operation +n.<br />The application of modular arithmetic can be explained by envisioning a clock. What happens if it is 10 o’clock and someone tells you to meet him or her in 4 hours? You know your meeting is at 2 o’clock but, how did you figure that out? We know that 10 + 4 is 14 and there is no time 14 o’clock. This is where modular arithmetic is established. Since there are 24 hours in a day and the clock is based on a 12 hour clock system, then we can determine the real time by dividing by 12; the remainder distinguishes what time it really is. In this case the remainder when 14 is divided by 12 is 2, hence 2 o’clock, the remainder, is the meeting time. The numbers in this algorithm keep wrapping around the value of 12; this proves that the modulus is 12. This theorem can also be computed by using a table of modulus 12 (Lewand 19).<br />+120123456789101100123456789101111234567891011022345678910110133456789101101244567891011012355678910110123466789101101234577891011012345688910110123456799101101234567810101101234567891111012345678910<br />By using this table, we first find 10 o’clock in the top row; we will call the numbers in the top row known. Then we find 4 in the first column; we will call the numbers in the first column shift, because they are what we are ‘shifting’ the time by. We know that our modulus is n=12. The place at which these two numbers meet tells us what time it really is. The table shows the number 2 where these numbers meet. Hence, we can write the time using the modulus 12 by using time = known+shift (mod n). This means our equation is time=10 + 4 (mod 12) or time=14(mod 12). In this case, our equation proves that 4 hours from 10 o’clock is 2 o’clock. <br />Definition: Let n be some fixed positive integer. Then two integers x and y are said to be congruent modulo n if (x-y) is divisible by n. This is also denoted as x QUOTE y (mod n) (Lewand). <br /> This means that if the difference between x and y is divisible by n, then it is evident that x and y are congruent modulo n and we can say that x QUOTE y (mod n).<br />Example: 17 QUOTE 5 (mod 3) is true because 17-5=12, which is divisible by 3. Also, 7 QUOTE 3 (mod 2) is true because 7-3=4 which is divisible by 2.<br />When two integers, x and y, are congruent to a modulo n, there are specific properties that hold which define the modular arithmetic theorem. <br />Modular Arithmetic Theorem:Let n be a fixed positive integer >1 and let w, x, y, and z be any integers. Then:<br />(Properties)<br />
• x QUOTE x (mod n)
• 31. x = y + kn for some integer k
• 32. if x QUOTE y (mod n) then, y QUOTE x (mod n)
• 33. if x QUOTE y (mod n) and y QUOTE z (mod n), then x QUOTE z (mod n)
• 34. if x QUOTE y (mod n), then xz QUOTE yz (mod n)
• 35. if x QUOTE y (mod n), then xk QUOTE yk (mod n)
• 36. if x QUOTE y (mod n) and w QUOTE z (mod n), then x + w QUOTE y + z (mod n)
Since we know that y, w, and z are any integers, and that n > 1, then by the associative and commutative properties and the subtraction rule, where associative means that the order the operations are performed does not affect the answer and commutative means the order the terms are carried out does not affect the end result, we can also deduce other properties of modular arithmetic:<br />
• (x+w) QUOTE (y+z) (mod n)
• 37. (x-w) QUOTE (y-z) (mod n)
• 38. xw QUOTE yz (mod n)
• 39. xm QUOTE ym (mod n) for all integers m
• 40. gcd(x,n)=w and gcd(y,n)=z
• 41. Now that we can see the properties of modular arithmetic state that it is commutative and associative for addition and multiplication and that it also works for subtraction, let’s take a look at some examples to better understand how it is performed under such operations.
• 42. Addition: 8(mod 3)+4(mod 3) = 12(mod 3)=0(mod 3)
• 43. because 12 is divisible by 3 with a remainder of 0
• 44. Subtraction: 8(mod 3)- 4(mod 3) = 4(mod 3)=1(mod 3)
• 45. because 4 is divisible by 3 with a remainder of 1.
• 46. Multiplication: 12(mod 3)*4(mod 3) = 48(mod 3)=0(mod 3)
• 47. because 48 is divisible by 3 with remainder of 0
• When n is an odd prime number, then the Jacobi Symbol is also called the Legendre Symbol.
• 48. If p | b then QUOTE = 0. If p does not | b then QUOTE = QUOTE .
• 49. If b1=b2 (mod p) then QUOTE = QUOTE .
• 50. QUOTE = QUOTE * QUOTE .
• Sue, the sender of the message, chooses the plaintext and coverts the message into numeric form by A=0 to Z=25.
• 51. Now Sue chooses the shift that she wants to use on her message. This shift is the key to her message, known to her and the receiver of the message.
• 52. Sue adds the shift to each term of her encrypted message to obtain her plaintext. If any numbers in the plaintext are 26 or greater, she performs mod 26.
• 53. Sue needs to encipher the ciphertext back to letters so that she can send it over an insecure channel to Rob, the receiver of the message.
• 54. When Rob receives the message, he converts the ciphertext back to numbers and then subtracts the key from each element of the ciphertext to obtain the original message. If any letters are < 0, he adds 26 to get back within the alphabet. Rob can also determine the original message by performing the additive inverse (mod 26) on each term of the ciphertext message. He can perform this by using the equation Message=(Ciphertext+(26-shift)) (mod26).
• 55. Once he converts these back to letters, he will have his original message.
• 56. Example of Shift Cipher:
• 57. Sue chooses her message and encrypts it:
• 58. Plaintext: WELLS. Enciphered: 22 4 11 11 18
• 59. She chooses shift to be n=11. In order to shift her message she adds the shift to her message to get: 33 15 22 22 29
• 60. Sine 33 and 29 are greater than 26, then 33 mod 26 = 7 and 29 mod 26 = 3. Now the ciphertext is: 7 15 22 22 3 which Sue enciphers back to letters to get HPWWD. This is what she sends to Rob over an insecure channel.
• 61. Rob first converts his message back into numeric form to get 7 15 22 22 3. Since Rob already knows the shift then he subtracts 11 from each number of the ciphertext to get -4 4 11 11 -8. Now he adds 26 to the negative numbers to get back within the alphabet. The new ciphertext is 22 4 11 11 18. Once he converts the ciphertext back to letters he gets WELLS. This is the original message from Sue! (Stinson 5)
• 62. What if Rob tries to decipher the message using the additive inverse method? Then for each term of the ciphertext message he would use Message=(Ciphertext+(26-shift)) (mod26) and plug in his values for his ciphertext and his shift. So he would get:
• 63. message=(7+(26-11)) (mod26)=22 (mod 26)=22message=(15+(26-11)) (mod26)=30 (mod 26)=4message=(22+(26-11)) (mod26)=37 (mod 26)=11message=(22+(26-11)) (mod26)=37 (mod 26)=11message=(3+(26-11)) (mod26)=18 (mod 26)=18
• 64. The new ciphertext is 22 4 11 11 18 which converts to WELLS. As it should, this method provides Rob the same ciphertext and thus same original message.
We can also find the ciphertext of a Shift Cipher using Table 1 in the Appendix. This is done by finding where the term of the top row and the side row of the table meet. Each number of each term of the message is on the top row while the shift of the message is the first column of the table. Where these two numbers meet show the letter of the ciphertext. For example if a letter in our message is G, this means its number is 6. Let’s say our shift is 4. If we go to Table 1, column 6 and row 4 produces the ciphertext number 10. This would be letter K. We can confirm that this is true by using the equation ciphertext=(message+shift)(mod26). We get ciphertext = (6+4)(mod 26) = 10 (mod 26)= 10. This proves that the table produces the right output for the ciphertext. <br />To decipher, use the row of the specific shift and find the desired number of the ciphertext message in that row. The column that this number is in is the message number. Since we know what the ciphertext is and the shift is we can find the row 4 in the table and find ciphertext 20 in that row. The column this is in is the message. This shows that column 6 is then equal to the message, so message=G, which is correct. This is a straightforward example of how modular arithmetic is employed into a simple cipher.<br />As we can see this cipher is not secure because there are only 0 to 25 possible keys (shifts) and with little mathematical computation this cipher is easily enciphered and deciphered.<br />3.1.2 Hill Cipher<br />A more interesting Private Key Cipher is the Hill Cipher. This cipher, which was first invented by Lester S. Hill in 1929, is a type of Substitution Cipher that uses matrices and linear transformations to perform the encryption and decryption of messages. There are (26n)2 possible different keys for this cipher where n is the size of an nxn matrix. <br />“The idea [of this cipher] is to take m linear combinations of the m alphabetic characters in one plaintext element, and produce m alphabetic characters in one ciphertext element” (Stinson 14). Let m=2, then the message is M=(m1,m2), and the ciphertext is C=(c1,c2) (Denning 88). The key in this matrix is a randomly chosen nxn matrix, which is invertible, and whose determinant (mod 26) is equal to 1. Written in a vector form of n dimensions, the message is n letters long. <br />3.1.2.1 Hill Cipher Encryption and Decryption Process<br />
• The sender of the message chooses random numbers for the key matrix in the form of a nxn matrix. Usually this cipher is performed using a 2x2 matrix like: QUOTE . The only catch is that the sender needs to choose the matrix such that it is invertible. This means that the matrix can be multiplied by another matrix to produce the identity matrix QUOTE . The sender also needs to make sure that the determinant of the matrix (ad-bc) has to produce a remainder of 1 after being divided by 26. This key matrix is shared between both sender and receiver of the message.
• 65. The next step that the sender of the message has to complete is to covert their message into numeric form by A=0 to Z=25.
• 66. The terms of the message are then split into linear combinations of QUOTE where it is then separated into vectors QUOTE If the message has an odd number of terms, then the last term QUOTE is substituted as a dummy variable. The ( ) brackets represent the message form.
• 67. Now that we know how the message is represented in vector form, we need to find the actual encryption of the message so it can be sent over an insecure channel. We will let QUOTE signify each term of the encrypted message where, just like the message, it is then separated into vectors QUOTE . The [ ] brackets represent the ciphertext form.
• 68. In order to encrypt the message, each message vector needs to be multiplied by the key matrix and then multiplied by modulo 25. This looks like:
• 69. QUOTE to QUOTE .
• 70. Since QUOTE , then QUOTE is the encrypted message that, when converted back to letters, can be sent to the receiver of the message over an insecure channel.
• 71. Since the equation for the encryption of a message is QUOTE , then we can find the decryption of a message by obtaining the inverse of the encryption. This means that we need to multiply both sides of the equation by the inverse of the key matrix: QUOTE . Now our decryption equation is QUOTE But we know that QUOTE , so we can substitute this into the equation as well and get QUOTE . This is also equivalent to QUOTE .
• 72. Now we need to find QUOTE (mod 26). In order to do this, we let QUOTE =x-1; now we need to find the inverse of x (mod 26).
• 73. Now our equation to decrypt the message is QUOTE .
• 74. This equation is used for each pair of message vectors. Once all of the terms of the message, QUOTE are produced, these can be turned back into letter form and the original message will be produced.
• 75. Example of Hill Cipher:
• 76. Key Generation:
• 77. The sender of the message chooses random numbers to form the 2x2 key matrix. Sue chooses QUOTE to be her key matrix for this cipher. She needs to check that it is invertible, which means she needs to find a matrix such that when it is multiplied by her matrix, it produces the identity matrix.
• 78. The matrix QUOTE produces this because QUOTE x QUOTE = QUOTE .
• 79. She also needs the determinant of her matrix to have a remainder of 1, after being divided by 26. The determinant of QUOTE The determinant is -27, but because there are no negative numbers that correspond to the conversion of letters in the alphabet the negative is disregarded. So 27 mod 26 =1. Therefore, this matrix is invertible and has a determinate such that when divided by 26 the remainder is 1. So this matrix can be used as a key matrix for this cipher.
• 80. Enciphering the Message:
• 81. Sue chooses the message that she wants to send to Rob and enciphers it into numeric form. If she wants to send the plaintext ‘Dogs’ to Rob, then this message converts to 3 14 6 18 in numeric form. Now she needs to write the message as linear combinations of QUOTE and QUOTE where they can be correspond to vectors QUOTE This message is equivalent to QUOTE QUOTE Since the message has enough terms to split up evenly into two vectors, no space holder variables are needed.
• 82. Now that we know the message vectors we can find the encryption of these vectors by the encryption equation QUOTE . So, we get:
• 83. QUOTE = QUOTE and QUOTE = QUOTE .
• 84. Since QUOTE , then QUOTE =1532222 is changed back to letters to get PDWW and is the encrypted message that Sue sends over an insecure channel.
• 85. Deciphering the Message:
• 86. Since the sender and receiver both share the key in Private Key Cipher, then Rob already knows the matrix that Sue has chosen for this message. The first step Rob needs to do is to complete the inverse of the key matrix by performing matrix row operations.
• 87. Again, we can disregard the negative in the determinant because there are no negatives in the conversion back to the alphabet.
The decryption equation is QUOTE , so Rob needs find QUOTE (mod 26)= QUOTE (mod 26)=27-1(mod 26). He needs some number y, such that when multiplied by 27 (mod 26) produces 1. This can also be characterized as 27y (mod 26)=1. We can see that y is obviously 1.<br />Since the decryption equation, after finding QUOTE (mod 26) is QUOTE , then Rob can compute the decryption of the messages.<br />1 QUOTE QUOTE = QUOTE , and QUOTE = QUOTE .<br /> Once again disregarding the negatives, Rob produces:<br /> QUOTE = QUOTE and QUOTE <br />Once all of the terms of the message, QUOTE are produced, these can be turned back in to letter form. So 3 14 6 18 yields DOGS when converted back to letters, which is the original message! <br />Since the Hill Cipher is a linear cipher, if someone were to figure out the key matrix from the invertible matrix then they would be able to decipher the message. Because this cipher is a completely linear computation, this means that it is not that secure. <br />3.1.3 Vigenere Cipher<br />The Vigenere Cipher was invented by Blaise de Vigenere in 1585. This cipher uses both a Shift Cipher and a Substitution Cipher simultaneously. The key for this cipher is some keyword, of length m, that the sender chooses it to be.<br />3.1.3.1 Vigenere Cipher Encryption and Decryption Process<br />
• The first step in encryption process is to generate the keyword. This is completed when the sender of the message enciphers the keyword into numeric form; when each letter is converted from A=0 to Z=25. This keyword is shared between both sender and receiver of the message
• 88. The next step of the encryption process is for the sender of the message to covert their message into numeric form by A=0 to Z=25.
• 89. Now the sender of the message has to arrange the keyword and the message so that they are lined up with the first letter of the each word together, the second letter of each word together, and so on. If there is not enough letters in the keyword, then the keyword is repeated until the number of letters in both the message and keyword are the same.
• 90. Since the message and keyword are aligned correctly, with no empty spaces, the sender of the message adds the message and keyword together to get the ciphertext.
• 91. If any of these numbers in the ciphertext are greater than 25, then in order for these letters to get back within the alphabet of A=0 to Z=25 these numbers are divided by 26 and the remainder becomes the new ciphertext. An equation to perform on each term in the message would be ciphertext=(keyword +message)(mod 26).
• 92. The sender converts the new ciphertext back to letter form. This is the message that is sent over an insecure channel to the receiver.
• 93. Now that the receiver of the message has the new ciphertext and the keyword, they can begin to decipher the message. They do this process just opposite of the encryption process.
• 94. The first step that the receiver of the message has to perform is to decode the message back into numeric form.
• 95. By taking the ciphertext they received and aligning the keyword directly under it (repeating the keyword to be the same length of the ciphertext), the receiver subtracts the keyword from the ciphertext to produce the original message.
• 96. If any negative numbers are produced during the subtraction of the keyword from the ciphertext, then these numbers need to be converted so that they correspond to the alphabet. Therefore, we need to acquire numbers between 0 and 25. In order to make the negative numbers positive, we can add another alphabet to the number. This means that the value 26 has to be added to the number to bring it back into the alphabetic range of numbers. For example if a number is -14, then -14+26=12 and 12 is the new number in the message. An equation to use for each term of the ciphertext to get back to the original message would be message = [(ciphertext-keyword) + 26](mod 26).
• 97. Next, convert each number back to its letter form to obtain the original message. This should match the original message that the sender wanted to send.
• 98. Example of Vigenere Cipher:
• 99. Key Generation:
• 100. Sue, the sender of the message, chooses the keyword and enciphers it:
• 101. Keyword: CIPHEREnciphered: 2 8 15 7 4 17This shows that the key for this cipher is the keyword of length m, where m is 6.
• 102. Sue does the same process for the plaintext that she chooses to send to Rob:
• 103. Plaintext: SCHOOLEnciphered: 18 2 7 14 14 11
• 104. Now the keyword and the message have to be added together to get the ciphertext. So, Sue arranges the keyword underneath the plaintext numbers and adds them together to get the ciphertext.
• 105. Keyword: 2 8 15 7 4 17
• 106. Plaintext:18 2 7 14 14 11
• 107. Ciphertext: 20 10 22 21 18 28
• 108. Since the last character in the ciphertext is greater than 25, Sue has to perform modulo 26 upon it to determine its new letter in the ciphertext. So, 28 mod 26 = 2. Now the new ciphertext is: 20 10 22 21 18 2. Sue enciphers this back to letters to get UKWVSC. Since this ciphertext is in encrypted form, no one other than the sender and receiver can read the message. Therefore the ciphertext message UKWVSC is what Sue sends to Rob over an unsafe channel.
• 109. Now that Rob has received the ciphertext message UKWVSC, he can start decrypting the message by first decoding the message back into numeric form. From this he produces ciphertext is: 20 10 22 21 18 2. Since the keyword is shared between the sender and the receiver of the message, then Rob already knows the keyword to the message; he already knows that the keyword is: 2 8 15 7 4 17.
• 110. In order for Rob to find the original message, he has to subtract the keyword from the ciphertext numbers. So Rob arranges the keyword underneath the ciphertext number and subtracts they keyword from the ciphertext to get the plaintext.
Ciphertext: 20 10 22 21 18 28Keyword: 2 8 15 7 4 17Plaintext: 18 2 7 14 14 -15<br />
• Since -14 is not in the alphabet (remember A=0…Z=25) then Rob needs to add 26 to make this number convertible to a number in the alphabet. So -15+26=11. Now the new plaintext is: 18 2 7 14 14 11. Once Rob converts these numbers back to letters he gets SCHOOL, which is the original message that the Sue wanted to send to Rob!
• 111. To show how the Vigenere Cipher works with any keyword and message I have implemented an example of the cipher in a C++ program. The code for this cipher can be found in the Appendix under the program section.
• Pick two exceptionally large prime numbers p and q; these two numbers should be around 100 digits or longer. In order to make sure that these numbers are truly prime, then p and q need to go through primality testing. If p and q both pass the primality tests, then they both are considered prime, and we can move on.
• 112. Let n=pq, where n is the modulus for both the private keys and the public keys.
• 113. Under Euler’s Totient Function we know that Ø(n)=(n-1), when n is a prime number. Since n=pq, then we can see that Ø(n)=(p-1)*(q-1) because p and q are prime numbers.
• 114. Select an integer e < Ø(n) such that e is relatively prime to Ø(n). This means that we need to find a number such that gcd(e, Ø(n))=1.
• 115. Now we calculate the multiplicative inverse of e modulo Ø(n); we will let the multiplicative inverse of e modulo Ø(n)= d. This means that we need to find an integer d such that ed=1(mod Ø(n)). We know that if gcd(e, Ø(n))=1, then there is some integer d such that ed=1(mod Ø (n)). This is true by modular arithmetic and its properties (in particular by property 1); if gcd(e, Ø(n))=1, then there exist integers c and d such that Ø(n)c+ed=1. Then ed-1= -Ø(n)c and so ed=1(mod Ø(n)). But since e and Ø(n) are relative prime, (we know this by Euler’s Theorem) then e Ø (Ø (n))=1(mod Ø(n)). Now there exists a positive integer k such that ek=1(mod Ø(n)). But, we already know that ed=1(mod Ø(n)) and now ek=1(mod Ø(n)). So now ed= ek. By dividing e from both sides we get d= ek-1. Hence the multiplicative inverse of e (modulo Ø(n)) is ek-1.
• 116. The public key is(n,e). This is known to everyone and is posted on a secure server for anyone to see.
• 117. The private key is d. This is known only to the creator of d.
• 118. This is the method that each person constructs in order to determine their private key and public key for the RSA Cipher. Once this method is complete both correspondents are ready to exchange messages!
3.2.3.2 RSA Cipher Encryption and Decryption Process<br />Although key generation is essential to accurate conversion of messages within the RSA Cipher, it is also essential that a precise way of enciphering the message is carried out. In order for a message to be enciphered correctly, it has to go through rigorous steps in order to preserve its integrity.<br />
• The first step in the encryption process is to encipher the message into numeric form. This is done by converting each letter from A=0 to Z=25 and a space=26. If the message is <n (n is one of the number of the receiver’s public key), then we can let the message =m. If the enciphered message is ≥ n, then m has to be broken into blocks. These blocks can be any size that the sender of the messages chooses them to be, but they have to be <n. These blocks of messages can then go through the same encryption process letting each block of message =mi.
• 119. Using the public key (e, n) and the private key (d), the equation for the encryption process is Ci=(Mi)e (mod pq) and the equation for the decryption process is Mi=(Ci)d (mod pq) where pq=n, C=the enciphered ciphertext message, and M=the original plaintext message.
• 120. We know that when a message is enciphered and deciphered correctly, it will ultimately be the original message. We also know that C=(M)e (mod pq) and that M=(C)d (mod pq) for each message, whether it is broken into blocks or not. This means that we can substitute the ciphertext (enciphered message) into the decryption equation and produce the correct message. So, by substitution:
• 121. M=(C)d (mod n)M=((M)e (mod n))d (mod n).
• 122. M(mod pq) =((M)e (mod n))dMed(mod n)=((M)e (mod n))d by modular arithmetic theorem (property 11)But we recognize M=((M)e (mod n))d so now Med(mod n)=M .
• 123. We know from the key generation that the inverse of e modulo Ø(n)= d because gcd(e, Ø(n))=1. This means that d is an integer such that ed=1(mod Ø(n)). We also know that this means ed=1+r(Ø(n)) for some integer r, by modular arithmetic (property 2).
• 124. Now we substitute ed=1+r(Ø(n)) into Med. Then we get:
• 125. Med= M1+r(Ø(n))
• 126. Since n=pq, then we can substitute (Øn)= (Øp)(Øq) from Euler’s Totient Theorem.
• 127. Med = M1+r(Øp)(Øq) = M1+r(p-1)(q-1) = M1MrM(p-1) M(q-1) =MMrM(p-1) M(q-1)
• 128. But we know that Fermat’s Little Theorem states that QUOTE if s is not divisible by p.
• 129. So, if M is not divisible by n then:
• 130. Med= M(M(p-1))(q-1)r =M(1(mod n))(q-1)r =M(1)(q-1)r(mod n) =M(1r)(1q-1)(mod n)=M(mod n)
• 131. Therefore Med=M(mod n) or also M=Med (mod n). But we know that d is the multiplicative inverse of e, so M=M(mod n) which is the original message!
• 132. This proves that when someone uses their private key (d) to decrypt a message that was encrypted using their public key (n,e), they get the original message!
• 133. If we let the decryption M=(C)d (mod pq) equal a function, called g(m) and let the encryption C=(M)e (mod pq) equal a function called f(m), then we have just shown that g(f(m))=m. This means that f is an inverse mapping of g, or in other words the encryption and decryption are one to one functions.
Example of RSA Cipher:<br />
• Key generation:
• 134. Rob, the receiver of the message, chooses two prime numbers p and q. In a RSA Cipher p and q are very large prime numbers (usually around 100 to 200 digits long), but to demonstrate the example of the cipher, these prime numbers are very small. p=5 and q=13n=pq=5x13 =65
• 135. Ø(n)=(p-1)(q-1)= 4x12= 48Rob chooses e such that e is relatively prime to Ø(n). By using the Euclidean algorithm, we can establish and e such that gcd(e,Ø(n))=1. If we let e=7, then gcd (7, 48) =1 and therefore e=7 is relatively prime to Ø(n)=48.
• 136. Now Sue, the sender of the message, can obtain Rob’s public keys (e, n)=(7, 65) so that she can send a message to Rob.
• 137. Enciphering the message:
• 138. Let’s say the message that Sue wants to send to Rob is ‘Hi Rob’. The first thing that needs to be done is to convert the message into numeric form. This can be done by A=0..Z=25 and a space=26.
• 139. The message ‘Hi Rob’ becomes m=07 08 26 17 14 01, where single digit letters are replaced with a 0 then their digit (ex I=09).
• 140. Since m >n (m=070826182004, and n=65), then the message has to be broken into blocks so that m<n.
• 141. We can break this message down into 6 blocks of two digits such that m1=07, m2=08, m3=26, m4=17, m5=14, and m6=01. All the m’s are <n so now we can compute the encryption of each m by the encryption equation.
• 142. Ci=(Mi)e (mod pq)
• 143. C1=(7)7 (mod 65)=58
• 144. C2=(8)7 (mod 65)=57
• 145. C3=(26)7 (mod 65)=26
• 146. C4=(17)7 (mod 65)=43
• 147. C5=(14)7 (mod 65)=14
• 148. C6=(1)7 (mod 65)=1
• 149. Now Sue can send C1, C2, C3, C4, and C5 to Rob over an insecure channel.
• 150. Deciphering the message:
• 151. Now that Rob has received the three transmitted messages, he can decrypt the messages with his decryption key (his private key) d.
• 152. The decryption key d is the inverse for e modulo Ø(n). So d is an integer such that ed=1(mod Ø(n)).
• 153. This means that Rob needs to find some integer such that 7d=1(mod 48).
• 154. In this case, d is easily found and we can see that d=7.
• 155. This number is known only to Rob.
• 156. To find the positive inverse of 7 modulo 48, we can use the division algorithm where a=bq+r and let a= Ø(n) and b=e.
• 157. So Ø(n)÷e and Ø(n)=eq+r. Then 48=7*6+6. 7*6=48-6. -7*6=6-48. -7*1=1-48.
• 158. Then -7=1-48. So we can see that 7 is the positive inverse for 7 (mod 48).
• 159. Now Rob can convert the message with the decryption equation.
• 160. Mi=(Ci)d (mod pq)
• 161. M1=(58)7 (mod 65)=
• 162. =[(58)4(mod 65)*(58)2(mod 65)*(58)1(mod 65)](mod 65)
• 163. =(61*49*58) (mod 65)
• 164. =173362 (mod 65)
• 165. M1=7=07
• 166. M2=(57)7 (mod 65)=
• 167. =[(57)4(mod 65)*(57)2(mod 65)*(57)1(mod 65)] (mod 65)
• 168. M2=8=08
• 169. M3=(26)7 (mod 65)=26
• 170. M4=(43)7 (mod 65)=17
• 171. M5=(14)7 (mod 65)=14
• 172. M6=(1)7 (mod 65)=1=01
• 173. So Rob’s message is M =M1, M2, M3, M4, M5, M6=070826171401.
• 174. Since the encrypted message was broke into 6 blocks of 2 digits to begin with, then we need to do the same for the decrypted message: 07 08 26 17 14 01.
• 175. When the decrypted message is converted back to letters we get ‘Hi Rob’, which is the original message from Sue!
• 176. By looking at Diagram 2 in the Appendix, it is much easier to obtain a visual idea of the magnitude of an RSA Cipher. This cipher in the Appendix is the RSA 100 Cipher, meaning that its module n contains 100 digits. This cipher, although not very secure because of the ‘small’ key length (most RSA Ciphers usually have keys that are around 200 digits in length), is composed of two prime numbers. By looking at this example of the RSA Cipher, we can see why trying to encipher or decipher a message with this magnitude would be too demanding for anyone.
3.2.4 ElGamal Cipher<br />The ElGamal Cipher was first established in 1985 by an Egyptian Cryptographer Taher Elgamal. This cipher is similar to that of the RSA Cipher because it too uses large prime numbers for its key generation. But unlike the RSA Cipher, this cipher depends on the discrete logarithm function and is used more so for digital signatures than encryption. We know that logarithms are easy to compute in the field of real numbers, (ex QUOTE is also stated as QUOTE , but what happens in a finite field? This is why the ElGamal Cipher is hard to compute, as well as the reason why the discrete logarithm function and primitive roots work for the encryption and decryption of this cipher. <br />Another unique aspect of the ElGamal Cipher is that distinctive encryptions of the same message can be performed by choosing different numbers during the encryption method. This is amusing because even when a different number is presented into the same message encryption, the original message is still produced correctly. <br />3.2.4.1 ElGamal Cipher Key Generation<br />In order for the ElGamal Cipher to encipher and decipher messages correctly, each entity must generate a public key and a private key, where each public key is made of three positive integers while each private key is made of one positive integer. The procedure of the key generation consists of these steps:<br />
• Pick a very large prime number p. In order to make sure that this number is truly prime, then p needs to go through the primality tests. If p passes, then it is considered prime, and we can move on.
• 177. Pick two other random numbers that are less than p-1. Let’s call them x and g where g is a primitive root of p.
• 178. Now we can compute y = gx (mod p) since we are given p, g, and x.
• 179. Public Key is (p,g,y). This is published to everyone.
• 180. Private key is (x). This is known to only the person who generated x.
3.2.4.2 ElGamal Cipher Encryption and Decryption Process<br />
• The first step in the encryption process is that the message M needs to be enciphered into numeric form. This is done by converting each letter from A=0 to Z=25.
• 181. The sender of the message needs to make sure the M < p or else this cipher will not work. If M > p, then they need to break M into groups and pass M in multiple parts to the receiver of the message.
• 182. A random number k needs to be generated such that k < p-1.
• 183. Let some variable a= gk(mod p) and another variable b= ykM (mod p), where y is our key from before to the kth power, multiplied by our message M, modr p.
• 184. This is also where k can take on different values and the original message will still be encrypted and decrypted correctly.
• 185. These values (a,b) become our ciphertext to be passed to the receiver of the message.
• 186. The receiver needs to compute (ap-1-x)(mod p) using their private key. Then they can use this as a-x to computer M= [(a-x)b](mod p) in order to recover the message.
• 187. We can prove that the decryption works because
• 188. b=ykM (mod p) and a=gk (mod p).
• 189. Then M=[(g-xk)(mod p) (ykM)(mod p)] (mod p)
• 190. and M=[(g-xk) (ykM] (mod p)
• 191. But from the key generation y=gx(mod p), so by substation
• 192. M= [(g-xk)(gxk)M)](mod p)= 1*M (mod p)=M(mod p).
• 193. Hence, we get our original message!
Example of ElGamal Cipher:<br />
• Key generation:
• 194. Rob, the receiver of the message, selects the prime number p=101. In an ElGamal Cipher, p has to be a very large prime number in order to preserve security, but to demonstrate the example of the cipher, these prime numbers are very small.
• 195. Rob picks two other random numbers that are less than p; x and g such that g is a primitive root of p. Because g is a primitive root of p, then we know that x is the discrete logarithm to base g modulo p by the definition of the discrete logarithm.
• 196. By determining the primitive roots of a number, we find that 2 is a primitive root of 101. So we can see that 2 is a primitive root of 101, therefore I will let g=2 because 2 is a primitive root of 13.
• 197. x=9, g=2.
• 198. Calculate y=gxmod p.
• 199. y=29(mod 101)
• 200. y=512 (mod 101)=7
• 201. Rob’s Public Key is (p, g, y) =(101, 2, 7) and Private Key x=9.
• 202. Enciphering the Message:
• 203. Sue, the sender of the message, first needs to encrypt the message into numeric form. Let’s say that the message that Sue wants to send to Rob is ‘At’. The first thing that needs to be done is to convert the message into numeric form. This can be done by A=0..Z=25. When enciphered M=00 19=19. She needs to make sure her message is less than Rob’s public key p, if it is not she needs to break the message into blocks and then send it to Rob.
Now Sue chooses a random number k such that k < p-1. So she can let k=10. Now she can determine:<br />a= gkmod p and b= ykM mod pa= 210(mod 101) and b= 71019 (mod 101)a=[25(mod 101)*25(mod 101)](mod 101) andb=[75(mod 101)*75(mod 101)*19(mod 101)](mod 101)a=14 and b=23<br />These values (14,23) become the ciphertext to be passed to the receiver of the message. <br />
• Deciphering the Message:
• 204. Now that Rob has received the ciphertext (14,23), he can begin decrypting the message. Remember that he knows x, because it is his private key and b=ykM mod p and a=gkmod p. So Rob computes (ap-1-x)(mod p) and M= [(a-x)b](mod p) in order to recover the message.
• 205. (ap-1-x)(mod p)(14101-1-9)(mod 101)=
• 206. (1491)(mod 101)=
• 207. [(1410)(mod 101)*(1410)(mod 101)*(1410)(mod 101)*(1410)(mod 101)*(1410)(mod 101)*(1410)(mod 101)* (1410)(mod 101)*(1410)(mod 101)*(1410)(mod 101)*(14)(mod 101)](mod 101)=14and
• 208. M= [(a-x)b](mod p)
• 209. M= [(14)23](mod 101)M=19, which is the same as 019,
• 210. and is the original message!
But as stated before, k can take on different values as still produce the same message. Let us take a look at an example of the same message with a different value for k.<br />
• Enciphering the Message:
• 211. Remember that k < p-1, where k=10 before. Now let’s have k=7. Now she can determine:
a= gkmod p and b= ykM mod pa= 27(mod 101) and b= 7719 (mod 101)a=[25(mod 101)*22(mod 101)](mod 101) andb=[75(mod 101)*72(mod 101)*19(mod 101)](mod 101)a=27 and b=94<br />These values (27,94) become the ciphertext to be passed to the receiver of the message. <br />
• Deciphering the Message:
• 212. Now that Rob has received the ciphertext (27,94) he can begin decrypting the message. Remember that he knows x, because it is his private key and b=ykM mod p and a=gkmod p. So Rob computes (ap-1-x)(mod p) and M= [(a-x)b](mod p) in order to recover the message.
• 213. (ap-1-x)(mod p)(27101-1-9)(mod 101)=
• 214. (2791)(mod 101)=
• 215. [(2710)(mod 101)*(2710)(mod 101)*(2710)(mod 101)*(2710)(mod 101)*(2710)(mod 101)*(2710)(mod 101)* (2710)(mod 101)*(2710)(mod 101)*(2710)(mod 101)*(27)(mod 101)](mod 101)=55and
• 216. M= [(a-x)b](mod p)
• 217. M= [(55)94](mod 101)M=19, which is the same as 019,
• 218. and is the original message!