The Mathematical Perspective of Cryptological Functions

2,218
-1

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,218
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
98
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

The Mathematical Perspective of Cryptological Functions

  1. 1. The Mathematical Perspective of Cryptological Functions<br />Aimee RaymondThesis Spring 2008<br />Wells CollegeMathematical and Physical Sciences<br />Table of Contents <br /> TOC o " 1-3" h z u Executive Summary PAGEREF _Toc198474528 h 3<br />1. Introduction PAGEREF _Toc198474529 h 4<br />1.1 What is Cryptology? PAGEREF _Toc198474530 h 4<br />1.2 Purpose PAGEREF _Toc198474531 h 4<br />2. Background PAGEREF _Toc198474532 h 5<br />2.1 Where it originated PAGEREF _Toc198474533 h 5<br />2.2 History of its use PAGEREF _Toc198474534 h 5<br />2.3 Current Uses PAGEREF _Toc198474535 h 6<br />2.4 General Rule for encrypting and decrypting PAGEREF _Toc198474536 h 7<br />2.5 Mathematical Algorithms PAGEREF _Toc198474537 h 7<br />2.5.1 Division Algorithm PAGEREF _Toc198474538 h 8<br />2.5.2 Euclidean Algorithm PAGEREF _Toc198474539 h 9<br />2.5.3 Modular Arithmetic PAGEREF _Toc198474540 h 13<br />2.5.4 Fundamental Theorem of Arithmetic PAGEREF _Toc198474541 h 16<br />2.5.5 Prime Numbers and Primality Testing PAGEREF _Toc198474542 h 17<br />2.5.6 Fermat’s Little Theorem PAGEREF _Toc198474543 h 21<br />2.5.7 Euler’s Totient Theorem PAGEREF _Toc198474544 h 26<br />2.5.8 Discrete Logarithm Function PAGEREF _Toc198474545 h 29<br />3. Cryptography PAGEREF _Toc198474546 h 32<br />3.1 Private Key Cryptography PAGEREF _Toc198474547 h 32<br />3.1.1 Shift Cipher PAGEREF _Toc198474548 h 32<br />3.1.1.1 Shift Cipher Encryption and Decryption Process PAGEREF _Toc198474549 h 32<br />3.1.2 Hill Cipher PAGEREF _Toc198474550 h 35<br />3.1.2.1 Hill Cipher Encryption and Decryption Process PAGEREF _Toc198474551 h 36<br />3.1.3 Vigenere Cipher PAGEREF _Toc198474552 h 39<br />3.1.3.1 Vigenere Cipher Encryption and Decryption Process PAGEREF _Toc198474553 h 39<br />3.2 Public Key Cryptography PAGEREF _Toc198474554 h 43<br />3.2.1 Digital Signatures PAGEREF _Toc198474555 h 45<br />3.2.2 Identity Authentication PAGEREF _Toc198474556 h 47<br />3.2.3 RSA Cipher PAGEREF _Toc198474557 h 47<br />3.2.3.1 RSA Cipher Key Generation PAGEREF _Toc198474558 h 48<br />3.2.3.2 RSA Cipher Encryption and Decryption Process PAGEREF _Toc198474559 h 49<br />3.2.4 ElGamal Cipher PAGEREF _Toc198474560 h 52<br />3.2.4.1 ElGamal Cipher Key Generation PAGEREF _Toc198474561 h 52<br />3.2.4.2 ElGamal Cipher Encryption and Decryption Process PAGEREF _Toc198474562 h 53<br />3.3 Effectiveness of Ciphers PAGEREF _Toc198474563 h 55<br />3.3.1 Public vs. Private PAGEREF _Toc198474564 h 56<br />4. Conclusion PAGEREF _Toc198474565 h 58<br />Glossary PAGEREF _Toc198474566 h 59<br />Appendix PAGEREF _Toc198474567 h 61<br />Tables: PAGEREF _Toc198474568 h 61<br />Theorems: PAGEREF _Toc198474569 h 63<br />Vigenere Cipher Program: PAGEREF _Toc198474570 h 64<br />Diagrams: PAGEREF _Toc198474571 h 70<br />Works Cited PAGEREF _Toc198474572 h 71<br />Executive Summary<br />Cryptology is the study of secret communications. Sometimes referred to as cryptography, cryptology plays a major role in the preservation of message secrecy over insecure channels. In order to derive the secret messages and for them to operate correctly over exposed channels, mechanisms called ciphers are implemented. <br />Although there are various ciphers like the RSA Cipher, Hill Cipher, Vigenere Cipher, and others that encode and decode messages over insecure channels, there are two standard types of ciphers: Public Key Ciphers and Private Key Ciphers. Private Key Ciphers are not used for security purposes today, but it is nevertheless essential to understand how they function as a form of secret communication. Currently, Public Key Ciphers are used to maintain the security of digital signatures, e-mails, e-commerce security, and more. Hence, it is obvious that in order to understand how these ciphers work is important that we also recognize why they work; namely, that we are aware of how messages can travel over insecure channels and still maintain the security necessary to each of our lives today.<br />Since ciphers are an extensive part of secret communications, it is imperative that we understand the mathematical background behind the various ciphers. For example, modular arithmetic plays an essential role in every cipher. Therefore, it is crucial that we explore and understand how it works in the simplest ciphers first and then of the most complex ones. Prime numbers also play a major function in ciphers for security purposes. Given that it is hard to determine if a number is prime or not, the larger a prime number is, obviously the better it works in preserving security. This concept is critical to the security of identities. Fermat’s Little Theorem is used to generate keys because it enables us to determine if a number is definitely composite or if it might be prime. It also allows us to find the modular inverse of a number s when p is a prime and not a factor of s, to help decode messages. As we can see, Fermat’s Little Theorem, prime numbers, modular arithmetic, and others are vital functions in the conversion of undisclosed messages.<br />By implementing a program that shows how ciphers can encrypt and decrypt messages and exploring the mathematical functions behind the various ciphers, it is apparent why and how ciphers can maintain the security of various messages over insecure channels.<br />1. Introduction<br />1.1 What is Cryptology?<br />Cryptology is first and foremost a form of communication. Although there have been numerous definitions of the word cryptology, commonly referred to as cryptography, the word originated with the Greeks, who understood that the word kryptos meant “hidden” and the word grafo meant “ to write” (Brokaw UC Santa Cruz). For this reason, other apparent denotations of the word cryptology are message confidentiality or message secrecy. <br />1.2 Purpose<br />Given that cryptography is the science of secret communication, the underlying goal is to enable two people to correspond over an insecure channel without any interruptions. Cryptology involves the “…conversion of messages from a comprehensible form into an incomprehensible one….rendering it unreadable by interceptors or eavesdroppers without secret knowledge (namely, the key needed for decryption of that message)” (Wikipedia Cryptography). For example, if any letters of the message being sent are missing, then the intended receiver of the message will not be able to decipher the message correctly. Therefore, cryptography assists in preserving the authenticity of the message and helps to prevent any theft of the message during the transition from sender to receiver. It is also used to protect the sender’s and receiver’s identity, and confirm that each of the communicators are in fact conveying with the intended correspondent.<br /> 2. Background<br />2.1 Where it originated<br />Cryptology originated from the ancient Chinese who first used it to hide the nature of their language. They used ideographs, which are pictures that symbolize words, to disguise the meanings of their messages. Since there was no prevalent use of these ideographs in the military of the ancient Chinese, it seems they used these ideographs for personal communication reasons, like keeping their culture private. <br />Cryptography also originated in India around the same time. This secret art of writing was more sophisticated in India than China because India produced early Simple Substitution Ciphers that enabled the spies to communicate with their government more feasibly (Cohen 2.1). These Substitution Ciphers allowed the spies to speak a whole new language with their government that no one else could understand.<br />2.2 History of its use<br /> The first ciphers used were called Classical Ciphers. There are two main Classical Ciphers which are the Transposition Ciphers and Substitution Ciphers. Transposition Ciphers are the most straightforward and effortless of the various types of ciphers. In order for this type of cipher to work, all that is done is a rearrangement of the order of the letters in the message that is being enciphered. For example, if the plaintext, the message being sent to someone, is the word THESIS, then an encryption of plaintext, the ciphertext, would be determined as HTSESI. Transposition Ciphers are a very simple rearrangement of the letters in a message. <br />Substitution Ciphers are slightly more complex than Transposition Ciphers. They replace each letter of the plaintext with some other letter that is a fixed number of positions away from it (Menezes, van Oorschot and Vanstone 17). Again for an example, if the plaintext was THESIS, then the ciphertext would become UIFTJT. This is what is known as a Shift Cipher. This illustrates an example of a simple Shift Cipher, with a shift of 1. Each letter in the message is replaced by the letter in the alphabet that is 1 position after it. <br />Since both the Transposition Ciphers and Substitution Ciphers are so simplistic, neither offers any security of encryption or decryption and therefore presents no confidentiality. These ciphers are used today only in instances such as children’s books or puzzles.<br />One of the most common reasons that ciphers were first developed was to conceal messages for religious purposes. Early Christians used ciphers to conceal parts of their religious writing so they could avoid persecution. Others also began using Simple Ciphers to encrypt messages so they could send them to one another for personal reasons. This would usually occur between people that were forbidden to communicate; they would send messages to each other by mail in hopes of secretly meeting with each other. Sometimes people would even send encrypted messages to each other through the newspaper (Singh 79).<br />The National Secrecy Agency (NSA) is another source that uses ciphers to convey secret messages and to help interpret others. Black Chambers, which are rooms where messages are attempted to be deciphered, were established with the intention of breaking other nations’ communication systems. They were placed to read through, copy, and then seal all mail going in and out of foreign embassies before it reached its final destination (Singh 59). Founded right after World War I, America’s first Black Chamber was known as MI-8 and was stationed in New York City. Black Chambers were mostly used to help the military decipher other country’s secret plans of attacks during various wars (Cohen 2.1). <br />Although ciphers were helpful in other aspects of history, ciphers played a critical function in military communications. Throughout numerous military campaigns, ciphers were used to break other countries’ communications and to keep their own safe. The first famous Substitution Cipher was called the Caesar Cipher, named after Julius Caesar because he used ciphers for communication purposes during the Gallic Wars in 52 BC. More importantly, ciphers helped win Allied battles of World War II (Singh 49).<br /> The Enigma Machine was used in the late 1920’s through end of WWII. The downside of this cipher is that all codes had to be written down, so there needed to be a code book in order to decipher all messages; this could have found its way into the wrong hands. During WWII, a German spy, Hans-Thilo Schmidt, gave the French all of the keys to the German Enigma Cipher. This enabled the French to decipher all of Germany’s messages and, in turn, they unraveled a German plan to attack Poland. In the end, they saved Poland before an assault occurred. The breaking of the Enigma also allowed the French to find various locations of German ships and sink them in time for the Allies to win the war against Germany. “It saved lives. Not only Allied and Russian lives but, by shortening the war, German, Italian, and Japanese lives as well….” (Singh 186). As Singh states in this quote, breaking the Enigma Cipher was obviously not only an extraordinary aid to the Allied victory, but it also prevented many deaths all over the world. <br />The Purple Machine was the cipher used by the Japanese during WWII. This cipher had the same type of effect on Japan that the Enigma Machine did with the Germans. In 1942, Americans were able to break the Purple Machine’s code and, in turn, decipher messages telling of a fake attack by Japan. The US Navy played along with the Japanese, but because Cryptologists were able to translate this message in time, the US attacked the Japanese. The US Navy also killed Japan’s most influential leader because they were able to find out where he was stationed with the breaking of the Purple Machine’s code (Singh 191).<br />2.3 Current Uses <br />Data protection is a major concern of people today due to the world’s rapid growth of technological advances. Understandably, a primary concern for people has become the need to protect their identities because of this. A substantial contributor to the necessity of data and identity protection is e-commerce security. More people shop over the internet now than ever before. However, an undesirable and detrimental aspect of this is that all of their information is readily available for perpetrators if it is not encrypted over a secure channel. Along the same idea, all credit card companies and banks allow their customers to check their account status online and people can also transfer funds from one account to another. If anyone is able to break into any of these accounts they would be able to get information such as a person’s address, account number, and even Social Security Number. <br />Automatic Teller Machines also need to be properly secured so that each person’s Personal Identification Number is not dispensed to the next person using the machine and for the purpose of keeping account numbers secure. This is why an ATM enables each person to have a unique digital signature, called a PIN. <br />One of the most significant reasons for data protection is for government and military use. The National Security Agency uses ciphers to encrypt information so an enemy cannot access any of their communications. Ciphers are also used to obtain information about other countries by breaking their codes. For these reasons, security is essential to our world today, and cryptology is a significant source in permitting this to happen (Cohen 2.1).<br />2.4 General Rule for encrypting and decrypting <br />Encryption and decryption of messages is the essential component of secret communication throughout cryptography. In either type of cryptology, Public Key or Private Key, and in any type of cipher, there are a sets of:P= {plaintext}, C= {ciphertext}, and a K=Keyspace= {possible keys} where K is the set of all the possible keys for that particular algorithm. For each random key, K Є K, there is:<br />An encryption rule where eK Є E and a decryption rule where dK Є D. Encryption rule: eK: P C (plaintext enciphers to ciphertext) and Decryption rule: dK: CP (ciphertext deciphers to plaintext) such thatdK (eK(x))= x for all x Є P.This illustrates that a decryption of an encryption of x works out to be x itself. This is what should happen since x is the original plaintext (the message) that was encrypted to begin with (Stinson 1).<br />2.5 Mathematical Algorithms <br />There are many different mathematical algorithms that are primary contributors to the effectiveness of ciphers. The most generalized theory of mathematics used throughout all ciphers is number theory. Different algorithms such as the division algorithm, Euclidean algorithm, modular arithmetic, and the fundamental theorem of arithmetic are derived from number theory and contribute to the correct encryption and decryption of messages.<br />2.5.1 Division Algorithm <br />The purpose of the division algorithm is very basic, yet significant. Simply, this algorithm proves that long division performs in the way it is intended to. We learn that to divide is really to subtract number b from a number a until you cannot subtract b from a anymore. This tells how many times b goes into a and what the remainder is, if there is one. This is the division algorithm; that “If a and b are integers with b≥1, then ordinary long division of a by b yields integers q (the quotient) and r (the remainder) such that a = qb + r, where 0≤r<b" (Menezes, van Oorschot and Vanstone 64). This algorithm produces integers q and r that are always unique, where the remainder is a mod b, and the quotient is a div b.<br />This algorithm is used when trying to factor numbers for modular arithmetic, primality testing, and when trying to obtain the inverse modulo of a number for the key generation of a cipher. <br />Proposition: (Division algorithm) If a,b є Z and a,b>0, then Э a unique q, r є Z with 0 ≤ r < b such that a=bq+r.<br />Proof: (Division algorithm by induction on a)<br />Base Case: (a=1; this is to prove the algorithm for positive numbers):<br />If a=1, then we can take b=1 and produce:<br />Case 1: a=bq+rCase 2: a=bq+r1=1*1+01=1*0+11=1+0 1=0+1 <br />In Case 1 b=1, q=1, and r=0. Hence the output is a=1. Since 0≤r<b, b=1, and r=0, we will have 0≤0<1. In this case a=b. This is true, and so a=1 is true.<br />In Case 2 b=1, q=0, and r=1. Hence the output is a=1. Since, 0≤r<b, b=1, and r=1, we will have 0≤1<1. In this case a>b. This is true, and so a=1 is true.<br />When we combine both cases together, we can see that a≥b (as it should be since we are proving for positive integers.)<br />Induction: Assume true for a=n. Prove true for a=n+1.<br />The division algorithm states that a=bq+r. Substitute a=n: n=bq+r.Add one to each side: n+1=bq+r+1.Now we have 0≤r+1<b. Since 0≤r, then 0≤r+1 and so 0≤r+1<b.Therefore, n+1=bq+(r+1).So, a+1=bq+(r+1), which was to be shown.<br />Example: <br />11÷3=3 with remainder 2 can be rewritten in the form a=bq+r where 11=3(3)+2.<br />Base Case: (a=-1; this is to prove the algorithm for negative numbers):<br />If a=-1, then we can take b=1 and produce:<br />Case 1: a=bq+r-1=1*-1+0-1=-1+0 <br />In Case 1 b=1, q=-1, and r=0. Hence the output is a=-1. Since 0≤r<b, b=1, and r=0, we will have 0≤0<1. In this case a<b (as it should be since we are solving for negative integers). This is true, and so a=-1 is true.<br />Induction: Assume true for a=-n. Prove true for a=-(n+1).<br />The division algorithm states that a=bq+r. Substitute a=-n: -n=bq+r.Subtract one from each side: -(n+1)=bq+r-1.Now we have 0≤r-1<b. Since 0≤r, then 0≤r-1 and so 0≤r-1<b.Therefore, -(n+1)=bq+(r-1).So, -(a+1)=bq+(r-1), which was to be shown.<br />Example:<br />-11÷3=-3 with remainder -2 can be rewritten in the form a=bq+r where -11=-3(3)-2.<br />The division algorithm is very useful in cryptography such that it enables us to understand the concepts behind modular arithmetic and finding prime numbers. Without understanding how simple algorithms like the division algorithm works, there is no possibility of comprehending how prime numbers and modular arithmetic work in cryptography. Therefore, it is essential to understand basic algorithms of cryptography, such as the division algorithm, in order to understand how they are utilized today.<br />2.5.2 Euclidean Algorithm <br />The purpose of the Euclidean algorithm is to determine the greatest common divisor of two numbers (in cryptology these numbers will usually be integers). The Euclidean algorithm is a significant contribution to cryptography because it does not require factoring of the two numbers. A person can use this algorithm to find the greatest common divisor (gcd) of two numbers much more quickly than trying to factor two numbers. Since some keys of the different ciphers tend to be very long, this algorithm works well when finding the gcd of two large numbers. The Euclidean algorithm states that " The greatest common divisor of two integers a and b is the largest integer that divides both a and b” (Epp 192). <br />The algorithm is explained here:<br />Given two integers a and b with a > b ≥ 0, this algorithm determines gcd(a,b). It is based on two lemmas:<br /><ul><li>If a,b are integers where b≠0 and q and r are nonnegative integers such that a = bq + r, where 0 ≤ r < b, (remember r is the remainder, q is the quotient, and b is the divisor) then gcd(a,b)=gcd(b,r).
  2. 2. gcd(a, 0)=a</li></ul>Proof: (Lemma 1)<br />Since we are trying to prove that the gcds are equal to each other, it will be straightforward if the proof is presented in two steps. Step 1 is gcd(a,b)≤ gcd(b,r). Step 2 is gcd(b,r)≥ gcd(a,b). Since we are proving that each gcd is less than or equal to and greater than or equal to the other, then the two greatest common divisors have to be equal.<br /><ul><li>Prove gcd(a,b)≤ gcd(b,r).
  3. 3. In order to show that the gcd of a and b is less than the gcd of b and r, we need to first show that any common divisor of a and b is also a common divisor of b and r.
  4. 4. Let c be a common divisor of a and b. Then c|a and c|b, and so, by definition of divisibility, a=nc, and b=mc, for some integers n and m. Now substitute into the equation
  5. 5. a=bq+r
  6. 6. to obtain
  7. 7. nc=(mc)q+r
  8. 8. Then solve for r:
  9. 9. r=nc-(mc)q
  10. 10. r=(n-mq)c.
  11. 11. But n-mq is an integer, and so, by definition of divisibility, c|r. Because we already know that c|b, we can conclude that c is a common divisor of b and r. Which is what was to be shown.
  12. 12. Prove that gcd(a,b)≤ gcd(b,r).
  13. 13. Since we already proved that a is a common divisor of a, b, and r, now we need to prove that gcd(a,b)≤ gcd(b,r).
  14. 14. From part a, every common divisor of a and b is a common divisor of b and r. It follows that the greatest common divisor of a and b is a common divisor of b and r. But then gcd(a,b) (being one of the common divisors of b and r) is less than or equal to the greatest common divisor of b and r:
  15. 15. gcd(a,b)≤gcd(b,r).
  16. 16. Prove gcd(b,r)≤ gcd(a,b).
  17. 17. First we need to show that there is a common divisor p of b and r.
  18. 18. Let p be a common divisor of b and r. Then p|b and p|r. By definition of divisibility b=np and r=mp for some integers m and n.
  19. 19. Now we want to show that p is a common divisor of a and b.
  20. 20. a=bq+r
  21. 21. a= (np)q+mp substituting b=np and r=mp
  22. 22. a= pnq+mpby distributive property
  23. 23. a= p(nq+m)by distributive property
  24. 24. But nq+m is an integer because adding integers still produces an integer. Now we can see that p|a by definition of divisibly. Since we know that p is a divisor of b and r, and p is a divisor of a, then we know that p is a common divisor of a and b.
  25. 25. Now we need to show that gcd(b,r)≤ gcd(a,b).
  26. 26. From above in part a we showed that every common divisor of b and r is a common divisor of a and b. However, gcd(b,r)≤ gcd(a,b) because gcd(b.r) is one of the common divisors of a and b; the gcd(b,r), being one of the common divisors of a and b, is less than or equal to the greatest common divisor of a and b:
  27. 27. gcd(b,r)≤gcd(a,b).</li></ul>Proof: (Lemma 2) <br />We want to show that a common divisor of a and 0 is a.<br />Suppose a is a positive integer. We know that a divides 0 because every positive integer divides 0. We also know that a divides a because everything divides itself. Therefore, we can conclude that a is a common divisor of a and 0. <br />Now we want to show that a is the greatest common divisor of a and 0.<br />We know that a must be the largest common divisor of a because no integer larger than a can divide a. This means that no integer larger than a can be a common divisor of a and 0. Threfore, this means that a is the greatest common divisor of a and 0, which is what we wanted to prove.<br />Now that we have shown the proof of the Euclidean algorithm, it is useful to understand how to use it. In order to find the greatest common divisor of two integers a and b, there are three steps that need to be completed:<br /><ul><li> Check to see if a>b≥0.
  28. 28. If this is satisfied, then check to see if b=0.
  29. 29. If b=0, use lemma 2 of the Euclidean algorithm to produce gcd(a,b)=b.If b>0 then the division algorithm states that a=bq+r and when a is divided by b a quotient q and a remainder r is left such that 0 ≤ r < b. Now we can use lemma 1 to find the gcd(b,r) instead of finding the gcd(a,b). This may seem like more work finding more greatest common divisors, but the pair of integers b and r are smaller than the pair of integers a and b because we know that 0 ≤ b < a, since our integers are greater than or equal to 0. We also know that 0 ≤ r < b because of the division algorithm and now we can say that 0 ≤ r < b < a. Therefore, we can see that (b,r)<(a,b).
  30. 30. Since r≠0 yet, we need to keep repeating step 2 until r=0. This means that until the remainder is equal to 0, then the greatest common divisor of (a,b) has not been determined. Eventually the gcd(a,b) will be produced because through iterations of step 2, there will ultimately be two numbers that cannot be divided into each other any farther. This is because throughout the iterations, the previous integer b becomes the new integer a, and previous integer r becomes the new integer b. Hence r decreases each time and will eventually reach 0. When this happens, the last iteration of gcd(b,r) will be gcd(b,0) and the integer a, or the previous b, will be the gcd(a,b).</li></ul>Step 3 can also be rewritten as:Let a=A, b=B and r=B.while (b QUOTE 0) r = a mod b, then a=b and b=r.end whilegcd=a. (Epp 196)<br />Here is an example of the Euclidean algorithm where a=112, and b=34:Find the gcd (112, 34): *Remember that while (b QUOTE 0) r = a mod b, then a=b and b=r.Divide 112 by 34: a=112, b=34. So r=112 mod 34. q=3 and r =10. Previous b=34, now a=34. Previous r=10, now b=10:Divide 34 by 10: a=34, b=10. So r=34 mod 10. q=3 and r =4. Previous b=10, now a=10. Previous r=4, now b=4:Divide 10 by 4: a=10, b=4. So r=10 mod 4. q=2 and r =2. Previous b=4, now a=4. Previous r=2, now b=2:Divide 4 by 2: a=4, b=2. So r=4 mod 2. q=2 and r =0. Previous b=2, now a=2. Previous r=0, now b=0:Divide 2 by 0: b=0 so therefore the gcd is a. Therefore, the gcd (112,34)= 2. <br />The Euclidean algorithm is very useful when trying to find the gcd of two integers, especially large integers. This algorithm along with the division algorithm makes computing with large much easier because it allows us to find the factors of large numbers. As you can imagine, performing operations upon factors of large numbers is much easier than trying to compute straight from the large numbers themselves. <br />2.5.3 Modular Arithmetic <br />Definition: For any positive integer, the group of integers modulo n is the set {0,1,2,…n-1} together with the operation +n.<br />The application of modular arithmetic can be explained by envisioning a clock. What happens if it is 10 o’clock and someone tells you to meet him or her in 4 hours? You know your meeting is at 2 o’clock but, how did you figure that out? We know that 10 + 4 is 14 and there is no time 14 o’clock. This is where modular arithmetic is established. Since there are 24 hours in a day and the clock is based on a 12 hour clock system, then we can determine the real time by dividing by 12; the remainder distinguishes what time it really is. In this case the remainder when 14 is divided by 12 is 2, hence 2 o’clock, the remainder, is the meeting time. The numbers in this algorithm keep wrapping around the value of 12; this proves that the modulus is 12. This theorem can also be computed by using a table of modulus 12 (Lewand 19).<br />+120123456789101100123456789101111234567891011022345678910110133456789101101244567891011012355678910110123466789101101234577891011012345688910110123456799101101234567810101101234567891111012345678910<br />By using this table, we first find 10 o’clock in the top row; we will call the numbers in the top row known. Then we find 4 in the first column; we will call the numbers in the first column shift, because they are what we are ‘shifting’ the time by. We know that our modulus is n=12. The place at which these two numbers meet tells us what time it really is. The table shows the number 2 where these numbers meet. Hence, we can write the time using the modulus 12 by using time = known+shift (mod n). This means our equation is time=10 + 4 (mod 12) or time=14(mod 12). In this case, our equation proves that 4 hours from 10 o’clock is 2 o’clock. <br />Definition: Let n be some fixed positive integer. Then two integers x and y are said to be congruent modulo n if (x-y) is divisible by n. This is also denoted as x QUOTE y (mod n) (Lewand). <br /> This means that if the difference between x and y is divisible by n, then it is evident that x and y are congruent modulo n and we can say that x QUOTE y (mod n).<br />Example: 17 QUOTE 5 (mod 3) is true because 17-5=12, which is divisible by 3. Also, 7 QUOTE 3 (mod 2) is true because 7-3=4 which is divisible by 2.<br />When two integers, x and y, are congruent to a modulo n, there are specific properties that hold which define the modular arithmetic theorem. <br />Modular Arithmetic Theorem:Let n be a fixed positive integer >1 and let w, x, y, and z be any integers. Then:<br />(Properties)<br /><ul><li>x QUOTE x (mod n)
  31. 31. x = y + kn for some integer k
  32. 32. if x QUOTE y (mod n) then, y QUOTE x (mod n)
  33. 33. if x QUOTE y (mod n) and y QUOTE z (mod n), then x QUOTE z (mod n)
  34. 34. if x QUOTE y (mod n), then xz QUOTE yz (mod n)
  35. 35. if x QUOTE y (mod n), then xk QUOTE yk (mod n)
  36. 36. if x QUOTE y (mod n) and w QUOTE z (mod n), then x + w QUOTE y + z (mod n) </li></ul>Since we know that y, w, and z are any integers, and that n > 1, then by the associative and commutative properties and the subtraction rule, where associative means that the order the operations are performed does not affect the answer and commutative means the order the terms are carried out does not affect the end result, we can also deduce other properties of modular arithmetic:<br /><ul><li>(x+w) QUOTE (y+z) (mod n)
  37. 37. (x-w) QUOTE (y-z) (mod n)
  38. 38. xw QUOTE yz (mod n)
  39. 39. xm QUOTE ym (mod n) for all integers m
  40. 40. gcd(x,n)=w and gcd(y,n)=z
  41. 41. Now that we can see the properties of modular arithmetic state that it is commutative and associative for addition and multiplication and that it also works for subtraction, let’s take a look at some examples to better understand how it is performed under such operations.
  42. 42. Addition: 8(mod 3)+4(mod 3) = 12(mod 3)=0(mod 3)
  43. 43. because 12 is divisible by 3 with a remainder of 0
  44. 44. Subtraction: 8(mod 3)- 4(mod 3) = 4(mod 3)=1(mod 3)
  45. 45. because 4 is divisible by 3 with a remainder of 1.
  46. 46. Multiplication: 12(mod 3)*4(mod 3) = 48(mod 3)=0(mod 3)
  47. 47. because 48 is divisible by 3 with remainder of 0</li></ul>We can also find the additive inverse of a number x, by finding a number d such that when we add d to x, we get 0 as a remainder if it is divided by n. <br />Theorem 1: (Additive inverse) If two integers x and n have a common factor w, meaning the gcd(x,n)=w, then the additive inverse of an integer x modulo n is an integer d such that x + d = 0 (mod n), where x+d=n and d=n-x to get x+(n-x)=0 (mod n). If d is the least positive inverse of x modulo n, then we call it the least additive inverse of the integer x modulo n, also denoted d=-x(mod n). <br />Example:Let x=4 and n=7<br />x + d = 0 (mod n)4 + d = 0 (mod 7)We know 7 = 0 (mod 7) so 4+d must equal 7. Then d=3 is the additive inverse of 4(mod 7) and is written as 3=-4(mod 7).<br />Now that we know modular arithmetic works for operations of addition, subtraction, and multiplication, what about division? We know that when we are dividing we are actually multiplying by the inverse of the number; so when we divide by 2 we multiply by a ½. So we recognize that each integer has a multiplicative inverse because every number can be multiplied by some other number to obtain 1. For example we can multiply 2 by ½ to get 1, or 4 by ¼ to get 1. But what do we multiply by 3(mod 26) to get 1(mod 26)? This is known as finding the multiplicative inverse of a modular.<br />Theorem 2: (Multiplicative inverse) If two integers x and n are coprime, meaning the gcd(x,n)=1, then the multiplicative inverse of an integer x modulo n is an integer d such that when multiplied by x, obtains 1(mod d). Hence, xd=1(mod n), where it is also denoted as d=x-1(mod n). If d is the least positive inverse of x modulo n, then we call it the least multiplicative inverse of the integer x modulo n. <br />Example: Let x=3 and n=26 again<br />xd=1(mod n)3d = 1 (mod 26)We know 27 = 1 (mod 26) so 3d must equal 27. Then d=9 is the multiplicative inverse of 3(mod 26) and is written as 9=3-1(mod 26).<br />A multiplicative inverse, modular a number, is most prevalent throughout Public Key Cryptography when determining the private keys for public key ciphers like the RSA Cipher, while the additive inverse modular a number is used in Private Key Cryptography when deciphering messages with Simple Ciphers. <br />Now we know how to compute modular arithmetic for each operation, regardless of whether it is straightforward or not. It is essential to understand how modular arithmetic performs with small numbers to comprehend how it will function with larger numbers. Most keys generated in cryptography are around 200 digits long, not 2 digits long like the examples I am dealing with, so what happens when trying to deal with huge numbers?<br />Example: <br />(10)9(mod 12)= 1000000000(mod 12)=4<br />How do we know that this is the answer? We can figure this out because we can expand (10)9 and then take modular 12 of it. If the number is larger like (15892)9(mod 12), the number can be split into its factors and (mod 12) can be performed on each factor and it will still produce the same answer. <br />Example: <br />We can split (10)9(mod 12) into =[(10)3(mod 12)*(10)3(mod 12)*(10)3(mod 12)](mod 12)=(4*4*4)(mod 12)==64(mod 12)= 4<br />As we can see, it is much easier to compute the modular of a large number by computing the module of its factors first. This is crucial to the field of cryptography since the numbers worked with are usually 100 to 200 digits long.<br />Since modular arithmetic is the basis of why ciphers work, it is essential that we understand how it is utilized in the simplest ciphers. By looking back at the example of the Shift Cipher allows for better understanding of how modular arithmetic is incorporated into cryptography.<br />2.5.4 Fundamental Theorem of Arithmetic <br />Definition: Every integer n>1 can be expressed uniquely as a product of one or more positive prime numbers.<br />The Fundamental Theorem of arithmetic focuses on the uniqueness of factoring numbers. This Theorem states that every integer greater than 1 can be written in exactly one way as a unique product of prime numbers. Although it is relatively easy to show that the factorization of a number into prime numbers exists, it is significantly more tedious to show that there is a unique way to factor an integer. Hence, this is why the theorem is also known as the Unique Prime Factorization Theorem. <br />Example: 280=140x2=70x2x2=35x2x2x2=7x5x2x2x2=23x7x5. Therefore, the unique factorization into prime numbers of 280=23x7x5<br />Since we know that a number n can be factored into a unique factorization of prime numbers, then we can also find the unique factorization of a product of more than one integer.<br />This theorem can also be seen in the corollary to Fermat’s Little Theorem where QUOTE . When dividing by p, if a remainder of one is produced, then we know that this must be a unique solution of p and s because the corollary to Fermat’s Little Theorem is satisfied. If Fermat’s Little Theorem is satisfied then this means that p is not a factor of s and by the Euclidean algorithm when p is not a factor of s, gcd(p,s)=1. <br />Theorem: If n>1 has a unique prime factorization QUOTE , then QUOTE . <br />This theorem is derived using theorem 2 from Euler’s Totient Theorem where QUOTE = QUOTE and the fundamental theorem of arithmetic.<br />2.5.5 Prime Numbers and Primality Testing<br /> Definition: An integer p is a prime number if the only positive integers that divide p are 1 and p itself. This is written as gcd (p,1)=1. Integers that are not prime are called composite.<br />Definition: Two integers n and p are relatively prime if the only positive integer that divides both p and n is 1. This is otherwise written as gcd (n,p)=1. <br />To find the greatest common divisor of two numbers we can perform the Euclidian algorithm. If there is no greatest common divisor between the two numbers, then the gcd is 1 and the two integers are said to be relatively prime to one another.<br />Prime numbers play a crucial role in the development of cryptography. A key is usually made of the product of two prime numbers. Since we know that every integer >1 can be written uniquely as a product of prime numbers from the fundamental theorem of arithmetic, and that there are infinitely many prime numbers (see Theorem 1 in Appendix), then there are infinitely many keys available. Yet because there are infinitely many prime numbers, it is hard to determine if a number is prime or not, and therefore hard to determine if the number can be used for a key. For example, large prime numbers need to be found in order to determine the public key of the RSA Cipher. This is where primality testing needs to be utilized, in order to establish if a number is prime or not.<br />The concept of primality testing is quite trivial, yet the computations are tedious. In order for a number to be stated as prime, it has to go through a number of tests where it will eventually be determined if it is probably prime or not. Since many primality tests can falsely determine that a number is prime when it is not, it is essential that a number goes through more than 1 primality tests before it is concluded to be genuinely prime.<br />If a number p passes one primality test, then it is established that it may be a prime number and therefore needs to go thorough more testing. In contrast, if p fails a primality test then it is definitely not a prime number, and we know that p is composite. <br />Since there are many different primality tests, it is easiest to start testing p with the simplest one. Although this will not determine if p is prime, it will determine if p is not prime. Since much of determining keys for ciphers is dependent upon finding a prime number, a simple primality test allows us to see if the random number picked should go further through the primality tests or not. The simplest primality test is to see if any integer n from 2 to p − 1 divides p. If p happens to be divisible by any n, then p is definitely composite; otherwise it is prime. But to divide p by every integer from n to n-1 would be monotonous, so by taking the results from dividing by any n ≥ 2, we can move on from here. If it turns out that p is composite then we stop and choose another random number to perform the primality test on. If p is established as potentially prime, then p needs to go through more rigorous primality tests to conclude if it really is a prime number or not.<br />If p passes the first test then it is established that p may be a prime number and it has to go through more daunting tests to prove its primality. For instance, the next test p could be put though is Fermat’s primality test. Fermat’s Little Theorem states that if p is a prime number and p is not a factor of n, then QUOTE , and therefore gcd(n,p)=1. As we can see, testing for primality with Fermat’s primality test tells us whether p is not a factor of n or if it is a composite number.<br />However, Fermat’s Little Theorem can also hold while p is a composite number and in this case “…[p] is called a pseudoprime to base n. In other words, a ‘pseudoprime’ is a number [p] that ‘pretends’ to be prime by passing the test.” For this reason, Fermat’s primality test does not prove if p is a prime number or not, but if p passes Fermat’s primality test, it does prove that p is not a factor of n. Therefore, we can see that because p is not a factor of n, then p has a better possibility of being a prime number (Koblitz 113). <br />Example 1:<br /> QUOTE Let n=5 and p=4. Remember p is a prime number.This is correct because 125÷4 is 31.25, and 31 x 4 = 124.<br />Therefore, the remainder is 125-124, which is 1.<br />Since we all know that p=4 is not a prime number, 4 is a pseudoprime to base 5. This means that if 4 were raised to base 5, then it would pass Fermat’s primality test, even though it is not a prime number. <br />Example 2:<br /> QUOTE Let n=8 and p=9. Remember p is a prime number.This is correct because 16777216÷9 is 1864135.111, and 1864135 x 9 = 16777216.<br />Therefore, the remainder is 16777216-16777216, which is 1.<br />But we all know that p=9 is not a prime number and therefore, 9 is a pseudoprime to base 8.<br />Due to the fact that Fermat’s primality test determines whether p is not a factor of n and that pseudo primes are not factors of n, then we should complete another primality test, such as the Solovay-Strassen primality test, to confirm whether p is probably a prime number or not. <br />The Solovay-Strassen primality test states that if an integer b where, 0<b<p at random where p is a positive odd integer then for each integer b, we can compute QUOTE for k choices of b. If both sides of this equation are not equal mod p of each other for any choice of integer b, where QUOTE is the Jacobi symbol, then p is said to be composite. If the equation does hold for all k choices of b, then we can safely conclude that p is probably prime and that the chance of error that p is composite is at greatest (½)k, where k is the number of repetitions to complete b. <br />As a result, if p passed the simple primality test, Fermat’s primality test, and the Solovay-Strassen primality test, then we can conclude that p is most certainly a prime number (Koblitz 116).<br />Example 1: 1st test: Let p be 11. Divide 11 by any integer n>2. Let n=8. 11/8=1.375. Since p is not divisible by n, then this means that p passes the first primality test. <br />2nd test: Now using Fermat’s primality test we can test to see if p is prime or not. Let s be some number and p is still 11.<br /> QUOTE <br />This is correct because 3125÷11=284.0909, and 284x11=3124.<br />Therefore, 3125-3124=1 and we see that p has passed the second primality test.<br />3rd test: Through the use of the Solovay-Strassen primality test we will be able to determine the probability of p being truly prime or not. Because this is a probabilistic primality test, it generates the probability that a number is prime rather than the certainty that a number is prime.<br />This test states that if p is a prime number, then<br /> QUOTE for any random integer b, where QUOTE is the Jacobi symbol. If both sides of this equation are equal, then we know that p is probably a prime number. If they do not equal then p is definitely not a prime number.<br />In order to determine if a number is prime through the Solovay-Strassen primality test, the Jacobi symbol QUOTE needs to be computed first. This requires some known theorems and rules. <br />Definition: (Jacobi Symbol) For any integer b and any odd positive integer p the Jacobi Symbol is defined as the product the Legendre Symbols where QUOTE and p is made of all prime factors of p. <br />So we can see that the Jacobi Symbol is a generalization of the Legendre Symbol when n is a positive odd integer.<br />Properties: (Jacobi Symbol)<br /><ul><li>When n is an odd prime number, then the Jacobi Symbol is also called the Legendre Symbol.
  48. 48. If p | b then QUOTE = 0. If p does not | b then QUOTE = QUOTE .
  49. 49. If b1=b2 (mod p) then QUOTE = QUOTE .
  50. 50. QUOTE = QUOTE * QUOTE .</li></ul> QUOTE = QUOTE <br />If b and p are positive odd integers then QUOTE = QUOTE <br />Theorem: If n is an odd prime number, then QUOTE .<br />This means we need to evaluate QUOTE using the properties of the Jacobi Symbol stated previously. We also need to evaluate QUOTE . If these are equal, then p is a prime number.<br />Since the Solovay-Strassen primality test states that that if p is a prime number, then<br /> QUOTE for any random integer b, then we can let b be any number that we choose. Let’s let b=3 and now we compute QUOTE using the Jacobi Symbol properties.<br /> QUOTE QUOTE <br />But QUOTE = QUOTE = QUOTE by property 6<br /> QUOTE (-1) = QUOTE (-1) because 11=b2(mod 3), then b2=2. This means QUOTE = QUOTE by property 3<br /> QUOTE (-1) = QUOTE (-1) = QUOTE (-1) = QUOTE (-1)=1 by property 5<br />Now that we have determined what the Jacobi Symbol is equal to, we need to find what QUOTE is equal to.<br /> QUOTE = QUOTE <br />Since we have established that QUOTE we have determined that p has passed the 3rd test and is in fact probably prime. But because we only chose one random integer b, then the chance of error that p is a composite number is (½)k=(½)1=(½).<br />If we chose two random integers b1 and b2 in which p passed the Solovay-Strassen primality test for both, then the chance of error that p is not prime would be <br />(½)k=(½)2=( QUOTE ).<br />Since p has passed all three Primality tests then we can establish that 11 is a prime number.<br />Example 2: 1st test: Let p be 10. Divide 10 by any integer n. Let n=7. 10/7=1.4286. Since p is not divisible by n, then this means that p passes the first primality test. <br />2nd test: Now using Fermat’s primality test we can test to see if p is prime or not. Let s be some number and p is still 10.<br /> QUOTE <br />This is incorrect because 1953125÷10=195312.5, and 195312x10=195312.<br />Therefore, 1953125-195312=3 and we see that p has failed the second Primality Test. Therefore, 10 is not a prime number.<br />2.5.6 Fermat’s Little Theorem<br />Proposition: (Fermat’s Little Theorem) <br />Let p be a prime integer and s be a positive integer. Then QUOTE such that 1≤s<p.<br />Corollary 1: Let p be a prime number and p is not a factor of s. Then QUOTE .<br />This means that if p is a prime that is not a factor of s, then when s is multiplied p-1 times, and this result is then divided by p, leaving a remainder of one.<br />Example: Let prime p=5 and s=3. This statement says that when s is multiplied 4 times and divided by 5, the result will be a remainder of 1. So, 35-1=34=81, but when 81 is divided by 5 the remainder is 1. To rewrite this in the correct form for Fermat’s Little Theorem, we have QUOTE .<br />Proof: (Corollary 1) Suppose that p is any prime number and s is an integer such that płs, where in particular s≠0. <br />Since this proposition is only for the positive integers of s, then we will first start by listing all of the p-1 positive multiples of s. Call this set of integers set H.<br />H={s, 2s, 3s, ... (p -1)s}.<br />Now we want to show that s(p-1) = 1 (mod p) by showing that set H is equal to the multiples of s in some order. In order to do this, we first have to show that the multiples of set H are distinct when reduced by mod p. <br />Reduce each number in set H by (mod p): <br />Now H(mod p)={1, 2, 3,…p-2,p-1} and there are exactly p-1 numbers in set H.<br />Suppose that rs and ts are the same modulo p, for some integers r and t, then r = t (mod p).<br />Lemma 1: Suppose that płs and rs = ts (mod p), then r = t (mod p) because p is not divisible by s.<br />By rules 2 and 3 of the modular equivalences, we can see that if rs =ts (mod p) then rs = ts + kp.<br />Proof: (Lemma 1) Given that rs = ts + kp:<br />rs – ts = kp(r – t)s = kp<br />So by definition of divisibility p|(r-t) or p|s.But we know that płs from Lemma 1, so we can disregard p|s.Therefore p|(r-t), which means that r-t=np for some integer n. So we can see that r=t(mod p), which was to be shown.<br />Now we know that when rs and ts are of the same modulo p, r=t (mod p). But as stated above, p is not a factor of s, we can see that this is true because if s is divisible by p, then p would be a factor of s, and we would get 0 (mod p), which cannot happen. <br />Example 1: If rs=ts (mod p) then r=t(mod p).<br /> We can let s=5, r=7, t=4, and p=3, where p is not a factor of s.<br />Then rs = ts (mod p) 7(5) = [4(5)](mod 3) 35=20(mod 3) 2=2(mod 3).<br />This shows that we get r=t(mod p) when p is not a factor of s.<br />By using the fact that p is not a factor of s, then r-t =(mod p) shows that r-t must be a multiple of p and so we get r=t(mod p), which was to be shown.<br />Example 2: Let s=6, r=7, t=4, and p=3, where p is a factor of s.Then rs = ts (mod p) 7(6)=[4(6)](mod 3) 42=24(mod 3) 0=0(mod 3).<br />This shows that we get 0(mod p) when p is a factor of s.<br />So when some number in set H is reduced by (mod p), distinct nonzero numbers (mod p) are produced because p is not a factor of s. Since set H is the set of all positive multiples of s and there are exactly p-1 numbers in set H, then each number up to and including (p-1) must also be distinct.<br />Given that all of the multiples in set H are distinct (mod p), then set H must be equivalent to {1, 2, 3,…p-2,p-1} in some specific order. This means that the product of all elements of set H produces some number that is equal to (1*2*3*...*(p-1))(mod p). This number is (p-1)!(mod p).<br />By multiplying all of the multiples of set H together, we get <br />s*2s*3s* ...*(p -1)s= 1*2*3*...*(p-1) (mod p)<br />s(p-1)(1*2*3…*(p-1)) = (p-1)! (mod p)<br />s(p-1)(p-1)! = (p-1)! (mod p)<br />Now we need to divide both sides by (p-1)! in order to prove that QUOTE . <br />(In order to do this, we need to prove that (p-1)! has a multiplicative inverse (mod p).)<br />Lemma 2: If p is prime and 0<k<p, then there exists 0<m<p where mk= 1 (mod p).<br />For all integers p and m, if gcd (m, p)=1, then there exists an integer k such that mk = 1 (mod p). The integer k is called the inverse of m (mod p).<br />Proof: (Lemma 2) Suppose m and p are integers and gcd(m, p)=1. Using the definition of relatively prime integers and the corollary that m and p are relatively prime integers, then there exists integers k and t such that <br />mk + pt = 1<br />When we subtract pt from both sides of the equation, we get <br />mk = 1 – (pt) <br />mk = 1 + p(-t)<br />Therefore, p|mk-1 and by definition of congruence modulo n, <br />mk=1 (mod p)<br />Corollary 2: (p-1)! has a multiplicative inverse (mod p).<br />Proof: (corollary 2) Let n be an integer ≥1. The multiplicative inverse (mod p) of an integer n is a number m such that mn = 1 (mod p). <br />When the multiplicative inverse (mod p) of n (called m) is multiplied by n, it will generate 1(mod p), which is the multiplicative identity. <br />Show that each factor of {(p-1)} has a multiplicative inverse, so that (p-1)! has a multiplicative inverse 1(mod p) can be shown .<br />If we take each factor of the set {(p-1)}, then we have {1*2*3*...*(p-1)}. We know that any integer ≥1 has a multiplicative inverse and since each factor of {(p-1)} ≥1 because s≠0, then each factor {(p-1)} has a multiplicative inverse (mod p). <br />(1*2*3…*(p-1)) = (p-1)!<br />Then mi x ni=1(mod pi) where i is each factor of {(p-1!)}.<br />To find the inverse modulo p of mi then we have to find the multiplicative inverse of n(mod p) and solve for each mi.<br />So QUOTE QUOTE QUOTE <br />m1 x n1=1 (mod 1) m1 x 1=1 (mod 1) m1=1-1 (mod 1)<br />m2 x n2=1 (mod 2) m2 x2=1 (mod 2) m2=2-1(mod 2)<br />……m(p-1) x n(p-1)=1 (mod (p-1)) m(p-1) x (p-1)=1 (mod (p-1))m(p-1)= (p-1)-1(mod (p-1))<br />Now we can show each factor of {(p-1)} has a multiplicative inverse (mod p).<br />(m1*m2*m3…*m(p-1)) = (p-1)!<br />(1m1*2m2*3m3…*(p-1)m(p-1))) = (p-1)!<br />(1(1-1(mod 1))*(2(2-1(mod 2)))*(3(3-1(mod 3)))…*(p-1)[(p-1)-1(mod (p-1))] = (p-1)!<br />(m1 x n1)(mod 1)*(m2 x n2)(mod 2)*(m3 x n3)(mod 3)….*(m(p-1) x n(p-1))(mod (p-1))= (p-1)!<br />(1*1*1….*1)(mod p)= (p-1)!<br />(1)(mod p)= (p-1)!<br />Therefore, (p-1)! has a multiplicative inverse (mod p), which was to be shown from corollary 2. <br />Example: Find the inverse 5 mod 7? 5*n=1 (mod 7)but we know 15=1 (mod 7)so 5*3=1 (mod 7)<br />5 (mod 7)=3<br />So the inverse of 5 (mod 7) is 3.<br />Now that we have proved there exists 0<m<p where mk= 1 (mod p) when p is prime and 0<k<p, and that (p-1)! has a multiplicative inverse (mod p), we can finish the proof of Fermat’s Little Theorem.<br />From above: If we multiply all of the multiples of set H together, we get <br />s*2s*3s* ...*(p -1)s= 1*2*3*...*(p-1) (mod p)<br />s(p-1)(1*2*3…*(p-1)) = (p-1)! (mod p)<br />s(p-1)(p-1)! = (p-1)! (mod p)<br />Now we need to divide both sides by (p-1)! in order to prove that QUOTE . <br />Now that we know that (p-1)! has a multiplicative inverse (mod p), we can divide both sides by (p-1)! to get 1(mod p).<br />s(p-1)(p-1)! = (p-1)! (mod p)<br />s(p-1) = 1 (mod p)<br />This proves the corollary that if QUOTE and p is a prime number, then p is not a factor of s. <br />Example 1:<br />*Remember p is a prime number.We will show that p is not a factor of s:s=7 and p=5s(p-1) = 1 (mod p)So, 7(5-1) = 1 (mod 5)7(4) = 1 (mod 5)2401=1 (mod 5)<br />This is correct because 2401÷5 is 480.2, and 480 x 5 = 2400.<br />Therefore, the remainder is 2401-2400 which is 1,<br />which means the prime number p=5 is not a factor of s=7.<br />Example 2:<br />Now we will show that p is a factor of s:<br />s=10 and p=5s(p-1) = 1 (mod p)So, 10(5-1) = 1 (mod 5)10(4) = 1 (mod 5)<br />10000≠1 (mod 5)<br />This is correct because 10000÷5 is 2000 and 2000 x 5 is 10000.<br />Therefore, the remainder is 10000-10000 which is 0.<br />So the prime number p=5 is a factor of s=10.<br />This theorem is also used to calculate the multiplicative inverse of s by taking s(p-1) =1(mod p). <br />s(p-1) = 1 (mod p)<br />s(p-2) x s = 1 (mod p)<br />s(p-2) = s-1 (mod p)<br />Thus, an inverse (mod p) of s or the inverse (mod p) of s(p-1) is s(p-2) by Fermat’s Little Theorem.<br />Example: Let s=8 and p=3. <br />So the inverse of 8 (mod 3) is 83.<br />But we can also find another inverse of 8 (mod 3):<br />So the inverse of 8 (mod 3) is 2.<br />From this proof we can see that Fermat’s Little Theorem is dependent upon whether a remainder of 1 exists after sp-1 is divided by the integer p. Meaning, if s(p-1) ≠1 (mod p), then p is a factor of s, and consequently, if s(p-1) = 1 (mod p), then p is not a factor of s. Not only does Fermat’s Little Theorem allow us to determine factors of numbers, but it also enables us to compute the modular inverse of a number when p is not divisible by s. An understanding of such properties is essential to comprehending Public Key Ciphers, because it allows us to determine if a number is a factor of another number which aids in primality testing for generating keys. It also permits us to find the modular inverse of an integer which establishes the private key in Public Key Ciphers.<br />2.5.7 Euler’s Totient Theorem<br />The Totient of a positive integer n is defined as the number of positive integers less than or equal to n that are coprime to n; meaning that they only have a factor of 1 in common with each other. <br />Proposition: (Euler’s Totient Theorem) <br />Let a and n be two integers. While n > 0 and gcd(a,n)=1, then Euler’s Totient Theorem states that QUOTE , where QUOTE is the count of positive integers between 1 and n that are coprime to n. <br />Theorem 1: If n is any prime number, then QUOTE =n-1. Then Euler’s Totient Theorem becomes QUOTE , which is Fermat’s Little Theorem. <br />Statement 1: We observe that Fermat’s Little Theorem is a generalization of Euler’s Totient Theorem because Fermat’s allows us to prove Euler’s for a modulus n and an integer a such that gcd(a,n)=1. Then QUOTE by Euler’s Totient Function and we know that QUOTE is the number of integers between 1 and n that are coprime to n by the definition of Euler’s Totient Theorem, so if n=p where p is a prime number then QUOTE =p-1 and we would get QUOTE . This we know is Fermat’s Little Theorem and for this reason it can be used to prove Euler’s Totient Theorem when we know that n=p where p is a prime number.<br />Theorem 2: If n is a prime number then QUOTE = QUOTE . But QUOTE Therefore, QUOTE = QUOTE <br />This theorem is derived from the first theorem: if n is prime, then QUOTE . From this: if nk is prime QUOTE = QUOTE . <br />Theorem 3: If m and n are relative prime positive integers where gcd(m,n)=1, then QUOTE = QUOTE . <br />Theorem 4: If m and n are relative prime positive integers, then using theorem 2 and theorem 3 we can simplify QUOTE By theorem 3 we know that QUOTE . By theorem 2 we recognize that QUOTE . But theorem 1 states that QUOTE , when n is a prime, so now we can substitute QUOTE into the equation. Now we get, QUOTE . Simplifying the equation produces QUOTE QUOTE = QUOTE = QUOTE .<br />To show that the theorem 1, theorem 3, and the proposition of Euler’s Totient Function work together, let’s look at a general example using two prime numbers p and q.<br />Example: Let p and q be two prime numbers where z=pq. Since theorem 3 states that QUOTE = QUOTE , then we know that QUOTE = QUOTE because z=pq. But from the corollary of Euler’s Totient Function, we know that QUOTE =n-1 when n is a prime number, so we can also say that QUOTE and QUOTE because p and q are also prime numbers. Now we can substitute QUOTE and QUOTE into the equation. Hence, we get QUOTE = QUOTE . A general example, is if QUOTE then QUOTE and hence, QUOTE .<br />Since QUOTE is the number of integers <n that are relative prime to n, then n-1 contains every integer < n that is relatively prime to n. <br />Example: (Still using theorem 1 and theorem 3) Since q and p are a prime numbers, we will let z=pq=15. QUOTE = QUOTE = QUOTE This means there are 8 positive integers that are less than and relatively prime to 15. These are 1, 2, 4, 7, 8, 11, 13, and 14.<br />The Euclidean algorithm can be used to check that (n, n-1)=1 and therefore every integer < n is relatively prime to n. This can be used to check that (nk, nk-1)=1, since any integer < nk is relatively prime to nk.<br />This theorem is important because it allows us to quickly figure out how many numbers are less than and relatively prime to another number. This is helpful in Public Key Cryptography because it is necessary to find numbers that are relatively prime to others when determining the public key of an RSA Cipher. When dealing with very large numbers it is helpful to know before hand how many numbers are relatively prime to another number before having to find such a number.<br />Euler’s Totient Theorem can also be used to find the inverse modulo n of a number as well. If we know that gcd(a,n)=1, then we know QUOTE by this theorem. To find the multiplicative inverse of a, this is done by taking the equation QUOTE and solving for QUOTE <br />But QUOTE n-1 when n is prime So, the multiplicative inverse of QUOTE (mod n) is QUOTE <br />Example: let a=5 and n=7.<br />But 7 is prime so QUOTE So the inverse of 5 (mod 7) is 55.<br />Here n is a prime number and we know from statement 1 that when n=p, where p is a prime number, we produce Fermat’s Little Theorem. This means that we can find the multiplicative inverse of a number using either Euler’s Totient Theorem or Fermat’s Little Theorem, when n is a prime number. <br />2.5.8 Discrete Logarithm Function<br />A group G is a finite or infinite set of elements that together, with a binary operator, satisfy a set of numbers under a specific operation. In such instances with ciphers, the binary operator is multiplication of (mod some number).<br />A modulo multiplication group is a finite group Zm of residue classes (all the possible values of b in a=b (mod m)) that are prime to m under multiplication (mod m). The QUOTE residue classes prime to m form a group under the binary multiplication operation (mod m), where QUOTE is the Totient Function. So we can see the group G is a modulo multiplication group.<br />Definition: (primitive roots) Let p be a prime number. Then b is a primitive root for p if the powers of b,meaning b0, b1, b2, b3, b4…..bp-1, include all of the residue classes mod p, except 0. Since there are p-1 residue classes (mod p), not including 0, then the p-1 powers of b have to be different (mod p).<br />Example: If p=11, then 2 is a primitive root of p because the powers of 2 are:20=1, 21=2, 22=4, 23=8, 24=16, but 16 is not ≤11, so 24(mod 11)=5, 5x2=10, 10x2=20 and 20(mod 11)=9, 9x2=18 and 18(mod 11)=7, 7x2=14 and 14(mod 11)=3, 3x2=6. Now we have every number that occurs mod 11, except for 0, which means that 2 is a primitive root of 11.<br />By going through the same process find that 3 is not a primitive root of 11 because the powers of 3 are 1, 3, 9, 5, 4. We are missing several values between 1 and 11 so therefore, 3 is not a primitive root of 11.<br />Example: If p=13, then 2 is a primitive root because the powers of 2 are1, 2, 4, 8, 3, 6, 12, 11, 9, 5, 10, 7. These are all of the classes mod 13 except for 0, so this means that 2 is a primitive root of 13. <br />There are other primitive roots for 13 also.<br />Example: If p=13, then 6 is a primitive root because the powers of 6 are 1,6,10,8,9,2,12,7,3,5,4,11. These are all of the classes mod 13 except for 0, so this means that 6 is a primitive root of 13. Table 2 in the Appendix also shows more primitive roots of 13, as well as other numbers and their primitive roots.<br />Theorem 1: If p is prime and p >2, there are always at least two primitive roots to p.<br />Theorem 2: (Discrete logarithm function): If a is an integer relatively prime to m and g is a primitive root of m, then there exists exactly one number μ among the set of numbers 0, 1, 2, ..., QUOTE -1, where QUOTE is the Totient Function, such that a = gμ(mod m). The number μ is called the discrete logarithm, or the index of a with respect to the base g modulo m. It is then denoted as μ = indga (mod m) (Weisstein Discrete Logarithm).<br />Example: From the previous example we know that 2 is a primitive root of 13 and since g is a primitive root of m, then we can let m=13 and g=2. Given that a is an integer relatively prime to m, then gcd(a,13)=1, so we can let a=3. There exists exactly one number μ among the set of numbers 0, 1, 2, ..., QUOTE -1, so we need to find one number in this set such that this equation a = gμ(mod m), can be satisfied. So,<br />3 = 2μ(mod 13)if we let μ =0, 1, 2, or 3 this is not satisfied3 = 24(mod 13)3=16(mod 13)16÷13=1.23 and 1x13=13. 16-13=3. Hence, this equation is true if μ =4.<br />Although the discrete logarithm states that there is only one number between 0 and QUOTE -1 that satisfies this equation, there may be another number outside of 0 to QUOTE -1 that satisfies the equation as well. By going through this same process we find that there does in fact exist a number > QUOTE -1 that satisfies 3 = 2μ(mod 13). As a result, we can infer that this is probably true for other numbers as well. Example: <br />3 = 2μ(mod 13)Let μ =a number that is not in the set of numbers 0, 1, 2, ..., QUOTE -13 = 216(mod 13)3=65536(mod 13)65536÷13=5041.23 and 5041x13=65533. 65536-65533=3. Hence, this equation is true when μ =16 as well.<br />This theorem is crucial to the ElGamal Cipher, because it makes this cipher secure. As we can see, it is difficult to obtain the discrete logarithm of such an integer because two important steps have to be satisfied. First, we have to find an integer a that is relatively prime to m and an integer g that is a primitive root of m. Only when these conditions are satisfied, then there exists exactly one number μ among the set of numbers 0, 1, 2, ..., QUOTE -1, such that a = gμ(mod m) and where μ is the discrete logarithm. But we know that the larger m is, the more numbers there are that could potentially satisfy this equation. If m were 158 digits long, then there would be 157 possible digits that could satisfy this equation, explaining why it is difficult to find exactly one μ that satisfies the equation. This is why the ElGamal Cipher is known as one of the hardest ciphers to break (Schneier 476).<br />Since we have examined the different theorems of mathematics that are involved in the function of cryptology and its ciphers, let us observe how these algorithms work in such instances.<br />3. Cryptography<br />3.1 Private Key Cryptography<br />A Private Key Cipher is also known as a Symmetric Key Algorithm. This is where both sender and receiver share the same key to encrypt or decrypt a message. The key is secret from all but the people who are corresponding; this is why other names for Private Key Cryptography are Secret Key Encryption or Single Key Cryptography. The major challenge of Private Key Ciphers is enabling the sender and the receiver to agree on the same key without other people intercepting. Obtaining the keys without interception can be tricky at times, especially if the sender and receiver are in two different places. If interception happens, then the outsider will be able to encrypt and decrypt all of the messages sent from sender and receiver. <br />However, most messages that are sent using Private Key Ciphers are carried out with a single authority that manages all the keys. An example of this type of system would be a banking system. In a banking system the authority is confident that the keys are secure because he or she is the person that controls the keys. A closed system like this is ideal for Private Key Ciphers to encrypt and decrypt messages that others are not intended to see (RSA Laboratories 2.1.1). <br />There are two different types of Private Key Ciphers, Block and Stream Ciphers. In a Block Cipher the keyword is chosen by the sender, in which the sender breaks up the plaintext message to be transmitted into segments of a fixed length t, not by individual letters. There are 26! possible keys in the Block Ciphers (Menezes, van Oorschot and Vanstone 17). A Stream Cipher is a Simple Block Cipher where the block length t=1. The key is a long stream of text where the block length is equal to 1. Stream Ciphers are mostly used when data is processed only one symbol at a time. <br />3.1.1 Shift Cipher<br />There have been various Private Key Ciphers developed throughout history, one of the simplest and most straightforward of these is the Shift Cipher. Depending on the shift of the cipher, this determines how the encryption and decryption of the cipher are carried out. But because only the shift of the cipher establishes the encryption and decryption of messages, this also makes the Shift Cipher unprotected and accessible to many entities. The most common Shift Cipher is the Caesar Cipher with a shift of 3.<br />3.1.1.1 Shift Cipher Encryption and Decryption Process<br />In a Shift Cipher, each letter in the plaintext is replaced with a letter that is a fixed number of positions (the shift) away from it to encipher the message and produce the ciphertext. We can find the equation for enciphering a Shift Cipher by using our time=known+shift (mod n) equation derived from the example in the modular arithmetic section. We can let time = ciphertext here because we are trying to find the ciphertext of the message. Since message is what is already established, we can then let message=known, and because we are still shifting variables in the equation, then shift is still the same. Lastly, our modulus is n=26 because there are 26 letters in the alphabet counting from A=0, to Z=25. Now our equation to find the ciphertext of the message in the Shift Cipher is: <br />ciphertext=(message+shift) (mod26)<br />To decipher the message, the ciphertext is shifted over a fixed number of positions away from itself. This is the opposite from the encryption, so the equation for deciphering a Shift Cipher message is:<br />message=(ciphertext-shift) (mod26)<br />Given that the decryption method is the opposite of the encryption method, we can see that it produces the original message. The reason why this method of decryption works correctly and produces the initial message is because of the additive inverse function. When we add the inverse of the shift (mod 26) to each ciphertext, we are able to produce the original message. <br />To take the additive inverse of x(mod n) it means that there is a number y such that when added to x, and then divided by n, x+y has a remainder of 0. This is shown as x+y =0(mod n). We can see that in order for x+y =0(mod n), then x+y must equal n, so y=n-x. By adding the inverse of the shift (mod 26) to each ciphertext we will obtain the original message. In order to decipher a message from the Shift Cipher this way, we would use the equation:<br />message=(ciphertext+(26-shift)) (mod26)<br />Now that we know the additive inverse of x (mod n) works to decipher a message, then the multiplicative inverse of x(mod n) probably works to decipher a message correctly. It in fact does, but only when n and x are relatively prime to one another. By multiplying the inverse of the shift (mod 26) to each ciphertext, we obtain the original message. <br />To take the multiplicative inverse of x(mod n) it means that there is a number y such that when multiplied by x, the modular is equal to 1(mod n). This is shown as xy =1(mod n). For this equation to equal 1(mod n), then xy has to equal 1+n or a multiple of 1+n. So we can see that in order for xy=1(mod n), then the multiplicative inverse of x(mod n) is x-1(mod n). In order to decipher a message from the Shift Cipher this way we would use the equation:<br />message=(ciphertext x [inverse of the shift (mod 26)]) (mod26)<br />Using either equation will produce the same output and the original message.<br />Shift Cipher Encryption and Decryption Process:<br /><ul><li>Sue, the sender of the message, chooses the plaintext and coverts the message into numeric form by A=0 to Z=25.
  51. 51. Now Sue chooses the shift that she wants to use on her message. This shift is the key to her message, known to her and the receiver of the message.
  52. 52. Sue adds the shift to each term of her encrypted message to obtain her plaintext. If any numbers in the plaintext are 26 or greater, she performs mod 26.
  53. 53. Sue needs to encipher the ciphertext back to letters so that she can send it over an insecure channel to Rob, the receiver of the message.
  54. 54. When Rob receives the message, he converts the ciphertext back to numbers and then subtracts the key from each element of the ciphertext to obtain the original message. If any letters are < 0, he adds 26 to get back within the alphabet. Rob can also determine the original message by performing the additive inverse (mod 26) on each term of the ciphertext message. He can perform this by using the equation Message=(Ciphertext+(26-shift)) (mod26).
  55. 55. Once he converts these back to letters, he will have his original message.
  56. 56. Example of Shift Cipher:
  57. 57. Sue chooses her message and encrypts it:
  58. 58. Plaintext: WELLS. Enciphered: 22 4 11 11 18
  59. 59. She chooses shift to be n=11. In order to shift her message she adds the shift to her message to get: 33 15 22 22 29
  60. 60. Sine 33 and 29 are greater than 26, then 33 mod 26 = 7 and 29 mod 26 = 3. Now the ciphertext is: 7 15 22 22 3 which Sue enciphers back to letters to get HPWWD. This is what she sends to Rob over an insecure channel.
  61. 61. Rob first converts his message back into numeric form to get 7 15 22 22 3. Since Rob already knows the shift then he subtracts 11 from each number of the ciphertext to get -4 4 11 11 -8. Now he adds 26 to the negative numbers to get back within the alphabet. The new ciphertext is 22 4 11 11 18. Once he converts the ciphertext back to letters he gets WELLS. This is the original message from Sue! (Stinson 5)
  62. 62. What if Rob tries to decipher the message using the additive inverse method? Then for each term of the ciphertext message he would use Message=(Ciphertext+(26-shift)) (mod26) and plug in his values for his ciphertext and his shift. So he would get:
  63. 63. message=(7+(26-11)) (mod26)=22 (mod 26)=22message=(15+(26-11)) (mod26)=30 (mod 26)=4message=(22+(26-11)) (mod26)=37 (mod 26)=11message=(22+(26-11)) (mod26)=37 (mod 26)=11message=(3+(26-11)) (mod26)=18 (mod 26)=18
  64. 64. The new ciphertext is 22 4 11 11 18 which converts to WELLS. As it should, this method provides Rob the same ciphertext and thus same original message.</li></ul>We can also find the ciphertext of a Shift Cipher using Table 1 in the Appendix. This is done by finding where the term of the top row and the side row of the table meet. Each number of each term of the message is on the top row while the shift of the message is the first column of the table. Where these two numbers meet show the letter of the ciphertext. For example if a letter in our message is G, this means its number is 6. Let’s say our shift is 4. If we go to Table 1, column 6 and row 4 produces the ciphertext number 10. This would be letter K. We can confirm that this is true by using the equation ciphertext=(message+shift)(mod26). We get ciphertext = (6+4)(mod 26) = 10 (mod 26)= 10. This proves that the table produces the right output for the ciphertext. <br />To decipher, use the row of the specific shift and find the desired number of the ciphertext message in that row. The column that this number is in is the message number. Since we know what the ciphertext is and the shift is we can find the row 4 in the table and find ciphertext 20 in that row. The column this is in is the message. This shows that column 6 is then equal to the message, so message=G, which is correct. This is a straightforward example of how modular arithmetic is employed into a simple cipher.<br />As we can see this cipher is not secure because there are only 0 to 25 possible keys (shifts) and with little mathematical computation this cipher is easily enciphered and deciphered.<br />3.1.2 Hill Cipher<br />A more interesting Private Key Cipher is the Hill Cipher. This cipher, which was first invented by Lester S. Hill in 1929, is a type of Substitution Cipher that uses matrices and linear transformations to perform the encryption and decryption of messages. There are (26n)2 possible different keys for this cipher where n is the size of an nxn matrix. <br />“The idea [of this cipher] is to take m linear combinations of the m alphabetic characters in one plaintext element, and produce m alphabetic characters in one ciphertext element” (Stinson 14). Let m=2, then the message is M=(m1,m2), and the ciphertext is C=(c1,c2) (Denning 88). The key in this matrix is a randomly chosen nxn matrix, which is invertible, and whose determinant (mod 26) is equal to 1. Written in a vector form of n dimensions, the message is n letters long. <br />3.1.2.1 Hill Cipher Encryption and Decryption Process<br /><ul><li>The sender of the message chooses random numbers for the key matrix in the form of a nxn matrix. Usually this cipher is performed using a 2x2 matrix like: QUOTE . The only catch is that the sender needs to choose the matrix such that it is invertible. This means that the matrix can be multiplied by another matrix to produce the identity matrix QUOTE . The sender also needs to make sure that the determinant of the matrix (ad-bc) has to produce a remainder of 1 after being divided by 26. This key matrix is shared between both sender and receiver of the message.
  65. 65. The next step that the sender of the message has to complete is to covert their message into numeric form by A=0 to Z=25.
  66. 66. The terms of the message are then split into linear combinations of QUOTE where it is then separated into vectors QUOTE If the message has an odd number of terms, then the last term QUOTE is substituted as a dummy variable. The ( ) brackets represent the message form.
  67. 67. Now that we know how the message is represented in vector form, we need to find the actual encryption of the message so it can be sent over an insecure channel. We will let QUOTE signify each term of the encrypted message where, just like the message, it is then separated into vectors QUOTE . The [ ] brackets represent the ciphertext form.
  68. 68. In order to encrypt the message, each message vector needs to be multiplied by the key matrix and then multiplied by modulo 25. This looks like:
  69. 69. QUOTE to QUOTE .
  70. 70. Since QUOTE , then QUOTE is the encrypted message that, when converted back to letters, can be sent to the receiver of the message over an insecure channel.
  71. 71. Since the equation for the encryption of a message is QUOTE , then we can find the decryption of a message by obtaining the inverse of the encryption. This means that we need to multiply both sides of the equation by the inverse of the key matrix: QUOTE . Now our decryption equation is QUOTE But we know that QUOTE , so we can substitute this into the equation as well and get QUOTE . This is also equivalent to QUOTE .
  72. 72. Now we need to find QUOTE (mod 26). In order to do this, we let QUOTE =x-1; now we need to find the inverse of x (mod 26).
  73. 73. Now our equation to decrypt the message is QUOTE .
  74. 74. This equation is used for each pair of message vectors. Once all of the terms of the message, QUOTE are produced, these can be turned back into letter form and the original message will be produced.
  75. 75. Example of Hill Cipher:
  76. 76. Key Generation:
  77. 77. The sender of the message chooses random numbers to form the 2x2 key matrix. Sue chooses QUOTE to be her key matrix for this cipher. She needs to check that it is invertible, which means she needs to find a matrix such that when it is multiplied by her matrix, it produces the identity matrix.
  78. 78. The matrix QUOTE produces this because QUOTE x QUOTE = QUOTE .
  79. 79. She also needs the determinant of her matrix to have a remainder of 1, after being divided by 26. The determinant of QUOTE The determinant is -27, but because there are no negative numbers that correspond to the conversion of letters in the alphabet the negative is disregarded. So 27 mod 26 =1. Therefore, this matrix is invertible and has a determinate such that when divided by 26 the remainder is 1. So this matrix can be used as a key matrix for this cipher.
  80. 80. Enciphering the Message:
  81. 81. Sue chooses the message that she wants to send to Rob and enciphers it into numeric form. If she wants to send the plaintext ‘Dogs’ to Rob, then this message converts to 3 14 6 18 in numeric form. Now she needs to write the message as linear combinations of QUOTE and QUOTE where they can be correspond to vectors QUOTE This message is equivalent to QUOTE QUOTE Since the message has enough terms to split up evenly into two vectors, no space holder variables are needed.
  82. 82. Now that we know the message vectors we can find the encryption of these vectors by the encryption equation QUOTE . So, we get:
  83. 83. QUOTE = QUOTE and QUOTE = QUOTE .
  84. 84. Since QUOTE , then QUOTE =1532222 is changed back to letters to get PDWW and is the encrypted message that Sue sends over an insecure channel.
  85. 85. Deciphering the Message:
  86. 86. Since the sender and receiver both share the key in Private Key Cipher, then Rob already knows the matrix that Sue has chosen for this message. The first step Rob needs to do is to complete the inverse of the key matrix by performing matrix row operations.
  87. 87. Again, we can disregard the negative in the determinant because there are no negatives in the conversion back to the alphabet.</li></ul>The decryption equation is QUOTE , so Rob needs find QUOTE (mod 26)= QUOTE (mod 26)=27-1(mod 26). He needs some number y, such that when multiplied by 27 (mod 26) produces 1. This can also be characterized as 27y (mod 26)=1. We can see that y is obviously 1.<br />Since the decryption equation, after finding QUOTE (mod 26) is QUOTE , then Rob can compute the decryption of the messages.<br />1 QUOTE QUOTE = QUOTE , and QUOTE = QUOTE .<br /> Once again disregarding the negatives, Rob produces:<br /> QUOTE = QUOTE and QUOTE <br />Once all of the terms of the message, QUOTE are produced, these can be turned back in to letter form. So 3 14 6 18 yields DOGS when converted back to letters, which is the original message! <br />Since the Hill Cipher is a linear cipher, if someone were to figure out the key matrix from the invertible matrix then they would be able to decipher the message. Because this cipher is a completely linear computation, this means that it is not that secure. <br />3.1.3 Vigenere Cipher<br />The Vigenere Cipher was invented by Blaise de Vigenere in 1585. This cipher uses both a Shift Cipher and a Substitution Cipher simultaneously. The key for this cipher is some keyword, of length m, that the sender chooses it to be.<br />3.1.3.1 Vigenere Cipher Encryption and Decryption Process<br /><ul><li>The first step in encryption process is to generate the keyword. This is completed when the sender of the message enciphers the keyword into numeric form; when each letter is converted from A=0 to Z=25. This keyword is shared between both sender and receiver of the message
  88. 88. The next step of the encryption process is for the sender of the message to covert their message into numeric form by A=0 to Z=25.
  89. 89. Now the sender of the message has to arrange the keyword and the message so that they are lined up with the first letter of the each word together, the second letter of each word together, and so on. If there is not enough letters in the keyword, then the keyword is repeated until the number of letters in both the message and keyword are the same.
  90. 90. Since the message and keyword are aligned correctly, with no empty spaces, the sender of the message adds the message and keyword together to get the ciphertext.
  91. 91. If any of these numbers in the ciphertext are greater than 25, then in order for these letters to get back within the alphabet of A=0 to Z=25 these numbers are divided by 26 and the remainder becomes the new ciphertext. An equation to perform on each term in the message would be ciphertext=(keyword +message)(mod 26).
  92. 92. The sender converts the new ciphertext back to letter form. This is the message that is sent over an insecure channel to the receiver.
  93. 93. Now that the receiver of the message has the new ciphertext and the keyword, they can begin to decipher the message. They do this process just opposite of the encryption process.
  94. 94. The first step that the receiver of the message has to perform is to decode the message back into numeric form.
  95. 95. By taking the ciphertext they received and aligning the keyword directly under it (repeating the keyword to be the same length of the ciphertext), the receiver subtracts the keyword from the ciphertext to produce the original message.
  96. 96. If any negative numbers are produced during the subtraction of the keyword from the ciphertext, then these numbers need to be converted so that they correspond to the alphabet. Therefore, we need to acquire numbers between 0 and 25. In order to make the negative numbers positive, we can add another alphabet to the number. This means that the value 26 has to be added to the number to bring it back into the alphabetic range of numbers. For example if a number is -14, then -14+26=12 and 12 is the new number in the message. An equation to use for each term of the ciphertext to get back to the original message would be message = [(ciphertext-keyword) + 26](mod 26).
  97. 97. Next, convert each number back to its letter form to obtain the original message. This should match the original message that the sender wanted to send.
  98. 98. Example of Vigenere Cipher:
  99. 99. Key Generation:
  100. 100. Sue, the sender of the message, chooses the keyword and enciphers it:
  101. 101. Keyword: CIPHEREnciphered: 2 8 15 7 4 17This shows that the key for this cipher is the keyword of length m, where m is 6.
  102. 102. Sue does the same process for the plaintext that she chooses to send to Rob:
  103. 103. Plaintext: SCHOOLEnciphered: 18 2 7 14 14 11
  104. 104. Now the keyword and the message have to be added together to get the ciphertext. So, Sue arranges the keyword underneath the plaintext numbers and adds them together to get the ciphertext.
  105. 105. Keyword: 2 8 15 7 4 17
  106. 106. Plaintext:18 2 7 14 14 11
  107. 107. Ciphertext: 20 10 22 21 18 28
  108. 108. Since the last character in the ciphertext is greater than 25, Sue has to perform modulo 26 upon it to determine its new letter in the ciphertext. So, 28 mod 26 = 2. Now the new ciphertext is: 20 10 22 21 18 2. Sue enciphers this back to letters to get UKWVSC. Since this ciphertext is in encrypted form, no one other than the sender and receiver can read the message. Therefore the ciphertext message UKWVSC is what Sue sends to Rob over an unsafe channel.
  109. 109. Now that Rob has received the ciphertext message UKWVSC, he can start decrypting the message by first decoding the message back into numeric form. From this he produces ciphertext is: 20 10 22 21 18 2. Since the keyword is shared between the sender and the receiver of the message, then Rob already knows the keyword to the message; he already knows that the keyword is: 2 8 15 7 4 17.
  110. 110. In order for Rob to find the original message, he has to subtract the keyword from the ciphertext numbers. So Rob arranges the keyword underneath the ciphertext number and subtracts they keyword from the ciphertext to get the plaintext.</li></ul>Ciphertext: 20 10 22 21 18 28Keyword: 2 8 15 7 4 17Plaintext: 18 2 7 14 14 -15<br /><ul><li>Since -14 is not in the alphabet (remember A=0…Z=25) then Rob needs to add 26 to make this number convertible to a number in the alphabet. So -15+26=11. Now the new plaintext is: 18 2 7 14 14 11. Once Rob converts these numbers back to letters he gets SCHOOL, which is the original message that the Sue wanted to send to Rob!
  111. 111. To show how the Vigenere Cipher works with any keyword and message I have implemented an example of the cipher in a C++ program. The code for this cipher can be found in the Appendix under the program section.</li></ul>This cipher is similar to that of the Shift Cipher where a message can be enciphered and deciphered using a table; not even realizing that mathematics is utilized. This hidden mathematical version of the Vigenere Cipher is explained by utilizing a table called the Vigenere Tableau, which contains 26 sets of alphabets. The first row is straightforward and it starts with A and ends with Z. The next row of the table starts with B and ends with A. Each row starts with the next letter of the alphabet until the last row, which starts with Z and ends with Y. This shows that each row is shifted over one more than the previous row is. The row of the plaintext alphabet is placed over the top of the 26 alphabetic rows and the column of the key alphabet is placed down the side of the 26 alphabetic rows. The Vigenere Table can be seen in the Appendix under the table section of this paper. <br /> To fully understand how the Vigenere Cipher works using the hidden mathematical technique, let us consider an example using the same key, plaintext, and ciphertext as the last example. <br />Encipher:Keyword: CIPHER and Plaintext: SCHOOL<br />Instead of converting the keyword and plaintext to numbers to encipher the message, the first step in using the hidden technique is to take the C from the keyword and find that row on the Vigenere Table. Then, using the letter S and the plaintext column on the table, find the column that contains the letter S. Once you have found both key row and plaintext column, find where they meet on the table. This is the first letter of the encrypted message, or the ciphertext. When the key letter C and plaintext letter S meet, the ciphertext letter is U. Where I and C meet is K, P and H is W, H and O is V, E and O is S, and R and L is C. Therefore, the encrypted message to be sent out is the ciphertext UKWVSD. This is exactly the ciphertext from the mathematical technique too!<br />If we were using the other form of encryption, this would be where the addition of the keyword letters and the plaintext letters would occur. To understand how this version of the cipher is related to the mathematical version, it is important to prove why the hidden math version of the Vigenere Cipher proves it works. As shown, when the letters of the keyword and plaintext meet in the table, they form a specific ciphertext letter. For this example, it is obvious that the keyword letter C and the plaintext letter S meet, the ciphertext letter U is formed. To prove that this version of the cipher proves the apparent mathematical version of the cipher, we need to look at the encryption and decryption of these letters in the mathematical example of the cipher. In that example of the Vigenere Cipher, we enciphered the keyword and plaintext letters to numbers where A=0 to Z=25 and obtained C=2 and S=18. Then we added them together and the ciphertext number was 20. When converted back to a letter, we obtained the letter U. The same letter is obtained from matching the keyword and plaintext letter in the Vigenere Table as is from adding the keyword and plaintext. This illustrates that using the Vigenere Table in the hidden mathematical cipher is another way to see how the apparent math cipher enciphers a message. <br />Decryption: Ciphertext: UKWVSD and Keyword: CIPHER (from before).<br />The first step for the decryption of the hidden mathematical technique is to take the C from the keyword and find that row on the Vigenere Table. Then, using the letter U from the ciphertext that was received, find that letter in the same row of the keyword letter, which is C in this case. Once the keyword letter and ciphertext letter are found in the same row, find the column that the ciphertext letter is in and this is the plaintext letter. For this example, when the key letter is C and ciphertext letter U meet in the same row, the plaintext letter is S. Where I and K meet the plaintext letter is C, P and W is H, H and V is O, E and S is O, and R and C is L. Therefore, the decrypted message is the plaintext, SCHOOL. This is the original message!<br />If we were using the other form of encryption, this would be where the subtraction of the keyword letters from the ciphertext letters would occur. Even though the math is hidden in this version of the Vigenere Cipher, it is relevant to see how this hidden math version matches the decryption of messages in the apparent math version as well. As shown, when the letters of the keyword and ciphertext meet in the table, they form a specific plaintext letter. For this example, it is obvious that the keyword letter C and the ciphertext letter U meet, the plaintext letter S is formed. To prove that this version of the cipher explains the apparent mathematical version of the cipher, we need to look at the encryption and decryption of these letters in the mathematical example of the cipher. In the other example of the Vigenere Cipher, we enciphered the keyword and ciphertext letters to numbers where A=0 to Z=25 and obtained C=2 and U=20. Then we subtracted the keyword number, which is 2 from the ciphertext number, which is 20 and obtained the plaintext number, which is 18. When converted back to a letter, we got the letter S. The same letter is obtained form from matching keyword and ciphertext in the Vigenere Table as is from subtracting the keyword from ciphertext. This concludes that using the Vigenere Table is another way to decipher a message even if the mathematics is hidden. <br />Due to the fact that the substitution of each letter of the cipher depends on what letter is currently being enciphered or deciphered at that time, the Vigenere Cipher reveals that the keyword controls the letter substitution of the cipher. It also shows that “The number of possible keywords of length m in a Vigenere Cipher is 26m” where m is the keyword length that the sender chooses (Stinson 13). <br />As we can see, the hidden mathematical encryption and decryption process is faster because there is no physical addition and subtraction of the plaintext or ciphertext from the keyword. Although this technique may not seem conducive to maintaining any form of secrecy, it was used for military purposes because of its speed and feasibility. Due to the simplistic from of encryption and decryption aided by the hidden mathematical version of the Vigenere Cipher, messengers were able to encrypt and decrypt their messages promptly and easily during wartime. <br />3.2 Public Key Cryptography<br />Public Key Cryptography, which was introduced by Whitfield Diffie and Martin Hellman in 1976, is the most essential branch of cryptography. Not only does it maintain the security of messages more so than Private Key Cryptography, but it also functions to preserve the user’s identification. <br />Public Key Cryptography, which is also referred to as an Asymmetric Key Algorithm, has two very distinct uses: it serves to encrypt and to decrypt messages, as well as to verify digital signatures (RSA Laboratories 1.4, 1.7). “Digital signatures enable the recipient of information to verify the authenticity of the information's origin, and also verify that the information is intact. Thus, public key digital signatures provide authentication, data integrity, and non-repudiation, which prevents false communication between two people” (Network Associates, Inc. Digital Signitures). Public Key Cryptography clearly instills trust in the sender and receiver of the message that the data has not been tampered with during communication and that the message has in fact come from the intended person. Since data integrity and authentication are preserved, it is obvious why Public Key Cryptography is the safer, more effective branch of cryptography used today. <br />Unlike a Private Key Cipher, the function of a Public Key Cipher uses two keys. The public key is distributed and posted publicly on a secure directory that both sender and receiver of the message trust. An example of a directory that contains the users’ public key is a Public Key Infrastructures (PKI). A PKI issues certificates to users, where anyone wanting to verify a person’s public key does through the certificate authority.<br />The other key, known as the private key, is kept secret only to the maker of the key. Each person involved, both the sender and receiver of the message, has his own private key that is unknown to everyone else but himself. Because each sender and receiver keeps his private key to himself, this allows for less leaking of keys and therefore more security of message transportation (RSA Laboratories 1.3). In a Private Key Cipher, each sender and receiver shares the same private key to encrypt and decrypt messages while in a Public Key Cipher, two keys are needed to communicate a message: a private key and a public key. In essence each person, the sender and receiver, both have a pair of keys for a Public Key Cipher; they each have a public key and a private key. <br />As stated before, there are two substantial uses for Public Key Cryptography, encryption and decryption of messages and digital signatures. In order for Sue to send a secret message to Rob, she first needs to look up Rob’s public key in the secure directory. This is the key that Sue will use to encrypt the message she wants to send to Rob. Once Sue uses Rob’s public key and encrypts the message with it, the message is sent to Rob as the ciphertext. Rob uses his private key on the ciphertext message to decrypt the message that Sue sent to him. Since Rob is the only person that knows his private key, only he will be able to read the message. “Anyone with the public key can encrypt a message but not decrypt it. Only the person with the private key can decrypt the message” (Schneier 31).<br />While two keys may seem like double the work to send a secure message, after studying the incorporation of each sender and receiver’s private key with the public key, it is apparent that “the need for the sender and the receiver to share information is eliminated; all communications involve only public keys, and no private key is ever transmitted or shared” (RSA Laboratories 2.1.1). It is obvious that when each receiver of the message has their own private key to use for decrypting a message, it is much more secure from any outsider than if it were only one private key that was shared between both the sender and receiver. <br />To explain a general description of a message through a Public Key Cipher, we will let Rob be the receiver, and Sue be the sender of the message. To show what the encryption of a message would look like, it is shown as: c=Ee(m), where c is the ciphertext and m is the message. If Sue wants to send a message to Rob, then she encrypts the message (E) with Rob’s public key (e) and sends him the ciphertext. Rob receives the ciphertext and decrypts his message (D) using his private key (d). Rob is the only one who can correctly decrypt the message because he is the only one who knows his private key d. A decryption of the ciphertext is shown as m= Dd(c) where this generalization shows how the encryption and decryption take place between two entities using a Public Key Cipher (Menezes, van Oorschot and Vanstone 283).<br />To better understand this concept of Public Key Cryptology, it is easiest to imagine an analogy of a locked mailbox. Putting mail into the mail slot is very easy and anyone could do this. This is similar to encrypting a message with the sender’s public key. Anyone could do this because all they would have to do is look up the person’s public key on the secure directory. Getting the mail out of the mailbox would be similar to decrypting the message with the receiver’s private key. This is hard to do unless you are the owner of the mailbox and you have the key. Like Public Key Cryptography; it is easy only for the receiver of the message to decrypt the message because only they have the private key to do so. Due to the discrete way that Public Key Cryptography handles th

×