1.
The Mathematical Perspective of Cryptological Functions<br />Aimee RaymondThesis Spring 2008<br />Wells CollegeMathematical and Physical Sciences<br />Table of Contents <br /> TOC o "
1-3"
h z u Executive Summary PAGEREF _Toc198474528 h 3<br />1. Introduction PAGEREF _Toc198474529 h 4<br />1.1 What is Cryptology? PAGEREF _Toc198474530 h 4<br />1.2 Purpose PAGEREF _Toc198474531 h 4<br />2. Background PAGEREF _Toc198474532 h 5<br />2.1 Where it originated PAGEREF _Toc198474533 h 5<br />2.2 History of its use PAGEREF _Toc198474534 h 5<br />2.3 Current Uses PAGEREF _Toc198474535 h 6<br />2.4 General Rule for encrypting and decrypting PAGEREF _Toc198474536 h 7<br />2.5 Mathematical Algorithms PAGEREF _Toc198474537 h 7<br />2.5.1 Division Algorithm PAGEREF _Toc198474538 h 8<br />2.5.2 Euclidean Algorithm PAGEREF _Toc198474539 h 9<br />2.5.3 Modular Arithmetic PAGEREF _Toc198474540 h 13<br />2.5.4 Fundamental Theorem of Arithmetic PAGEREF _Toc198474541 h 16<br />2.5.5 Prime Numbers and Primality Testing PAGEREF _Toc198474542 h 17<br />2.5.6 Fermat’s Little Theorem PAGEREF _Toc198474543 h 21<br />2.5.7 Euler’s Totient Theorem PAGEREF _Toc198474544 h 26<br />2.5.8 Discrete Logarithm Function PAGEREF _Toc198474545 h 29<br />3. Cryptography PAGEREF _Toc198474546 h 32<br />3.1 Private Key Cryptography PAGEREF _Toc198474547 h 32<br />3.1.1 Shift Cipher PAGEREF _Toc198474548 h 32<br />3.1.1.1 Shift Cipher Encryption and Decryption Process PAGEREF _Toc198474549 h 32<br />3.1.2 Hill Cipher PAGEREF _Toc198474550 h 35<br />3.1.2.1 Hill Cipher Encryption and Decryption Process PAGEREF _Toc198474551 h 36<br />3.1.3 Vigenere Cipher PAGEREF _Toc198474552 h 39<br />3.1.3.1 Vigenere Cipher Encryption and Decryption Process PAGEREF _Toc198474553 h 39<br />3.2 Public Key Cryptography PAGEREF _Toc198474554 h 43<br />3.2.1 Digital Signatures PAGEREF _Toc198474555 h 45<br />3.2.2 Identity Authentication PAGEREF _Toc198474556 h 47<br />3.2.3 RSA Cipher PAGEREF _Toc198474557 h 47<br />3.2.3.1 RSA Cipher Key Generation PAGEREF _Toc198474558 h 48<br />3.2.3.2 RSA Cipher Encryption and Decryption Process PAGEREF _Toc198474559 h 49<br />3.2.4 ElGamal Cipher PAGEREF _Toc198474560 h 52<br />3.2.4.1 ElGamal Cipher Key Generation PAGEREF _Toc198474561 h 52<br />3.2.4.2 ElGamal Cipher Encryption and Decryption Process PAGEREF _Toc198474562 h 53<br />3.3 Effectiveness of Ciphers PAGEREF _Toc198474563 h 55<br />3.3.1 Public vs. Private PAGEREF _Toc198474564 h 56<br />4. Conclusion PAGEREF _Toc198474565 h 58<br />Glossary PAGEREF _Toc198474566 h 59<br />Appendix PAGEREF _Toc198474567 h 61<br />Tables: PAGEREF _Toc198474568 h 61<br />Theorems: PAGEREF _Toc198474569 h 63<br />Vigenere Cipher Program: PAGEREF _Toc198474570 h 64<br />Diagrams: PAGEREF _Toc198474571 h 70<br />Works Cited PAGEREF _Toc198474572 h 71<br />Executive Summary<br />Cryptology is the study of secret communications. Sometimes referred to as cryptography, cryptology plays a major role in the preservation of message secrecy over insecure channels. In order to derive the secret messages and for them to operate correctly over exposed channels, mechanisms called ciphers are implemented. <br />Although there are various ciphers like the RSA Cipher, Hill Cipher, Vigenere Cipher, and others that encode and decode messages over insecure channels, there are two standard types of ciphers: Public Key Ciphers and Private Key Ciphers. Private Key Ciphers are not used for security purposes today, but it is nevertheless essential to understand how they function as a form of secret communication. Currently, Public Key Ciphers are used to maintain the security of digital signatures, e-mails, e-commerce security, and more. Hence, it is obvious that in order to understand how these ciphers work is important that we also recognize why they work; namely, that we are aware of how messages can travel over insecure channels and still maintain the security necessary to each of our lives today.<br />Since ciphers are an extensive part of secret communications, it is imperative that we understand the mathematical background behind the various ciphers. For example, modular arithmetic plays an essential role in every cipher. Therefore, it is crucial that we explore and understand how it works in the simplest ciphers first and then of the most complex ones. Prime numbers also play a major function in ciphers for security purposes. Given that it is hard to determine if a number is prime or not, the larger a prime number is, obviously the better it works in preserving security. This concept is critical to the security of identities. Fermat’s Little Theorem is used to generate keys because it enables us to determine if a number is definitely composite or if it might be prime. It also allows us to find the modular inverse of a number s when p is a prime and not a factor of s, to help decode messages. As we can see, Fermat’s Little Theorem, prime numbers, modular arithmetic, and others are vital functions in the conversion of undisclosed messages.<br />By implementing a program that shows how ciphers can encrypt and decrypt messages and exploring the mathematical functions behind the various ciphers, it is apparent why and how ciphers can maintain the security of various messages over insecure channels.<br />1. Introduction<br />1.1 What is Cryptology?<br />Cryptology is first and foremost a form of communication. Although there have been numerous definitions of the word cryptology, commonly referred to as cryptography, the word originated with the Greeks, who understood that the word kryptos meant “hidden” and the word grafo meant “ to write” (Brokaw UC Santa Cruz). For this reason, other apparent denotations of the word cryptology are message confidentiality or message secrecy. <br />1.2 Purpose<br />Given that cryptography is the science of secret communication, the underlying goal is to enable two people to correspond over an insecure channel without any interruptions. Cryptology involves the “…conversion of messages from a comprehensible form into an incomprehensible one….rendering it unreadable by interceptors or eavesdroppers without secret knowledge (namely, the key needed for decryption of that message)” (Wikipedia Cryptography). For example, if any letters of the message being sent are missing, then the intended receiver of the message will not be able to decipher the message correctly. Therefore, cryptography assists in preserving the authenticity of the message and helps to prevent any theft of the message during the transition from sender to receiver. It is also used to protect the sender’s and receiver’s identity, and confirm that each of the communicators are in fact conveying with the intended correspondent.<br /> 2. Background<br />2.1 Where it originated<br />Cryptology originated from the ancient Chinese who first used it to hide the nature of their language. They used ideographs, which are pictures that symbolize words, to disguise the meanings of their messages. Since there was no prevalent use of these ideographs in the military of the ancient Chinese, it seems they used these ideographs for personal communication reasons, like keeping their culture private. <br />Cryptography also originated in India around the same time. This secret art of writing was more sophisticated in India than China because India produced early Simple Substitution Ciphers that enabled the spies to communicate with their government more feasibly (Cohen 2.1). These Substitution Ciphers allowed the spies to speak a whole new language with their government that no one else could understand.<br />2.2 History of its use<br /> The first ciphers used were called Classical Ciphers. There are two main Classical Ciphers which are the Transposition Ciphers and Substitution Ciphers. Transposition Ciphers are the most straightforward and effortless of the various types of ciphers. In order for this type of cipher to work, all that is done is a rearrangement of the order of the letters in the message that is being enciphered. For example, if the plaintext, the message being sent to someone, is the word THESIS, then an encryption of plaintext, the ciphertext, would be determined as HTSESI. Transposition Ciphers are a very simple rearrangement of the letters in a message. <br />Substitution Ciphers are slightly more complex than Transposition Ciphers. They replace each letter of the plaintext with some other letter that is a fixed number of positions away from it (Menezes, van Oorschot and Vanstone 17). Again for an example, if the plaintext was THESIS, then the ciphertext would become UIFTJT. This is what is known as a Shift Cipher. This illustrates an example of a simple Shift Cipher, with a shift of 1. Each letter in the message is replaced by the letter in the alphabet that is 1 position after it. <br />Since both the Transposition Ciphers and Substitution Ciphers are so simplistic, neither offers any security of encryption or decryption and therefore presents no confidentiality. These ciphers are used today only in instances such as children’s books or puzzles.<br />One of the most common reasons that ciphers were first developed was to conceal messages for religious purposes. Early Christians used ciphers to conceal parts of their religious writing so they could avoid persecution. Others also began using Simple Ciphers to encrypt messages so they could send them to one another for personal reasons. This would usually occur between people that were forbidden to communicate; they would send messages to each other by mail in hopes of secretly meeting with each other. Sometimes people would even send encrypted messages to each other through the newspaper (Singh 79).<br />The National Secrecy Agency (NSA) is another source that uses ciphers to convey secret messages and to help interpret others. Black Chambers, which are rooms where messages are attempted to be deciphered, were established with the intention of breaking other nations’ communication systems. They were placed to read through, copy, and then seal all mail going in and out of foreign embassies before it reached its final destination (Singh 59). Founded right after World War I, America’s first Black Chamber was known as MI-8 and was stationed in New York City. Black Chambers were mostly used to help the military decipher other country’s secret plans of attacks during various wars (Cohen 2.1). <br />Although ciphers were helpful in other aspects of history, ciphers played a critical function in military communications. Throughout numerous military campaigns, ciphers were used to break other countries’ communications and to keep their own safe. The first famous Substitution Cipher was called the Caesar Cipher, named after Julius Caesar because he used ciphers for communication purposes during the Gallic Wars in 52 BC. More importantly, ciphers helped win Allied battles of World War II (Singh 49).<br /> The Enigma Machine was used in the late 1920’s through end of WWII. The downside of this cipher is that all codes had to be written down, so there needed to be a code book in order to decipher all messages; this could have found its way into the wrong hands. During WWII, a German spy, Hans-Thilo Schmidt, gave the French all of the keys to the German Enigma Cipher. This enabled the French to decipher all of Germany’s messages and, in turn, they unraveled a German plan to attack Poland. In the end, they saved Poland before an assault occurred. The breaking of the Enigma also allowed the French to find various locations of German ships and sink them in time for the Allies to win the war against Germany. “It saved lives. Not only Allied and Russian lives but, by shortening the war, German, Italian, and Japanese lives as well….” (Singh 186). As Singh states in this quote, breaking the Enigma Cipher was obviously not only an extraordinary aid to the Allied victory, but it also prevented many deaths all over the world. <br />The Purple Machine was the cipher used by the Japanese during WWII. This cipher had the same type of effect on Japan that the Enigma Machine did with the Germans. In 1942, Americans were able to break the Purple Machine’s code and, in turn, decipher messages telling of a fake attack by Japan. The US Navy played along with the Japanese, but because Cryptologists were able to translate this message in time, the US attacked the Japanese. The US Navy also killed Japan’s most influential leader because they were able to find out where he was stationed with the breaking of the Purple Machine’s code (Singh 191).<br />2.3 Current Uses <br />Data protection is a major concern of people today due to the world’s rapid growth of technological advances. Understandably, a primary concern for people has become the need to protect their identities because of this. A substantial contributor to the necessity of data and identity protection is e-commerce security. More people shop over the internet now than ever before. However, an undesirable and detrimental aspect of this is that all of their information is readily available for perpetrators if it is not encrypted over a secure channel. Along the same idea, all credit card companies and banks allow their customers to check their account status online and people can also transfer funds from one account to another. If anyone is able to break into any of these accounts they would be able to get information such as a person’s address, account number, and even Social Security Number. <br />Automatic Teller Machines also need to be properly secured so that each person’s Personal Identification Number is not dispensed to the next person using the machine and for the purpose of keeping account numbers secure. This is why an ATM enables each person to have a unique digital signature, called a PIN. <br />One of the most significant reasons for data protection is for government and military use. The National Security Agency uses ciphers to encrypt information so an enemy cannot access any of their communications. Ciphers are also used to obtain information about other countries by breaking their codes. For these reasons, security is essential to our world today, and cryptology is a significant source in permitting this to happen (Cohen 2.1).<br />2.4 General Rule for encrypting and decrypting <br />Encryption and decryption of messages is the essential component of secret communication throughout cryptography. In either type of cryptology, Public Key or Private Key, and in any type of cipher, there are a sets of:P= {plaintext}, C= {ciphertext}, and a K=Keyspace= {possible keys} where K is the set of all the possible keys for that particular algorithm. For each random key, K Є K, there is:<br />An encryption rule where eK Є E and a decryption rule where dK Є D. Encryption rule: eK: P C (plaintext enciphers to ciphertext) and Decryption rule: dK: CP (ciphertext deciphers to plaintext) such thatdK (eK(x))= x for all x Є P.This illustrates that a decryption of an encryption of x works out to be x itself. This is what should happen since x is the original plaintext (the message) that was encrypted to begin with (Stinson 1).<br />2.5 Mathematical Algorithms <br />There are many different mathematical algorithms that are primary contributors to the effectiveness of ciphers. The most generalized theory of mathematics used throughout all ciphers is number theory. Different algorithms such as the division algorithm, Euclidean algorithm, modular arithmetic, and the fundamental theorem of arithmetic are derived from number theory and contribute to the correct encryption and decryption of messages.<br />2.5.1 Division Algorithm <br />The purpose of the division algorithm is very basic, yet significant. Simply, this algorithm proves that long division performs in the way it is intended to. We learn that to divide is really to subtract number b from a number a until you cannot subtract b from a anymore. This tells how many times b goes into a and what the remainder is, if there is one. This is the division algorithm; that “If a and b are integers with b≥1, then ordinary long division of a by b yields integers q (the quotient) and r (the remainder) such that a = qb + r, where 0≤r<b"
(Menezes, van Oorschot and Vanstone 64). This algorithm produces integers q and r that are always unique, where the remainder is a mod b, and the quotient is a div b.<br />This algorithm is used when trying to factor numbers for modular arithmetic, primality testing, and when trying to obtain the inverse modulo of a number for the key generation of a cipher. <br />Proposition: (Division algorithm) If a,b є Z and a,b>0, then Э a unique q, r є Z with 0 ≤ r < b such that a=bq+r.<br />Proof: (Division algorithm by induction on a)<br />Base Case: (a=1; this is to prove the algorithm for positive numbers):<br />If a=1, then we can take b=1 and produce:<br />Case 1: a=bq+rCase 2: a=bq+r1=1*1+01=1*0+11=1+0 1=0+1 <br />In Case 1 b=1, q=1, and r=0. Hence the output is a=1. Since 0≤r<b, b=1, and r=0, we will have 0≤0<1. In this case a=b. This is true, and so a=1 is true.<br />In Case 2 b=1, q=0, and r=1. Hence the output is a=1. Since, 0≤r<b, b=1, and r=1, we will have 0≤1<1. In this case a>b. This is true, and so a=1 is true.<br />When we combine both cases together, we can see that a≥b (as it should be since we are proving for positive integers.)<br />Induction: Assume true for a=n. Prove true for a=n+1.<br />The division algorithm states that a=bq+r. Substitute a=n: n=bq+r.Add one to each side: n+1=bq+r+1.Now we have 0≤r+1<b. Since 0≤r, then 0≤r+1 and so 0≤r+1<b.Therefore, n+1=bq+(r+1).So, a+1=bq+(r+1), which was to be shown.<br />Example: <br />11÷3=3 with remainder 2 can be rewritten in the form a=bq+r where 11=3(3)+2.<br />Base Case: (a=-1; this is to prove the algorithm for negative numbers):<br />If a=-1, then we can take b=1 and produce:<br />Case 1: a=bq+r-1=1*-1+0-1=-1+0 <br />In Case 1 b=1, q=-1, and r=0. Hence the output is a=-1. Since 0≤r<b, b=1, and r=0, we will have 0≤0<1. In this case a<b (as it should be since we are solving for negative integers). This is true, and so a=-1 is true.<br />Induction: Assume true for a=-n. Prove true for a=-(n+1).<br />The division algorithm states that a=bq+r. Substitute a=-n: -n=bq+r.Subtract one from each side: -(n+1)=bq+r-1.Now we have 0≤r-1<b. Since 0≤r, then 0≤r-1 and so 0≤r-1<b.Therefore, -(n+1)=bq+(r-1).So, -(a+1)=bq+(r-1), which was to be shown.<br />Example:<br />-11÷3=-3 with remainder -2 can be rewritten in the form a=bq+r where -11=-3(3)-2.<br />The division algorithm is very useful in cryptography such that it enables us to understand the concepts behind modular arithmetic and finding prime numbers. Without understanding how simple algorithms like the division algorithm works, there is no possibility of comprehending how prime numbers and modular arithmetic work in cryptography. Therefore, it is essential to understand basic algorithms of cryptography, such as the division algorithm, in order to understand how they are utilized today.<br />2.5.2 Euclidean Algorithm <br />The purpose of the Euclidean algorithm is to determine the greatest common divisor of two numbers (in cryptology these numbers will usually be integers). The Euclidean algorithm is a significant contribution to cryptography because it does not require factoring of the two numbers. A person can use this algorithm to find the greatest common divisor (gcd) of two numbers much more quickly than trying to factor two numbers. Since some keys of the different ciphers tend to be very long, this algorithm works well when finding the gcd of two large numbers. The Euclidean algorithm states that "
The greatest common divisor of two integers a and b is the largest integer that divides both a and b” (Epp 192). <br />The algorithm is explained here:<br />Given two integers a and b with a > b ≥ 0, this algorithm determines gcd(a,b). It is based on two lemmas:<br />
If a,b are integers where b≠0 and q and r are nonnegative integers such that a = bq + r, where 0 ≤ r < b, (remember r is the remainder, q is the quotient, and b is the divisor) then gcd(a,b)=gcd(b,r).
Proof: (Lemma 1)<br />Since we are trying to prove that the gcds are equal to each other, it will be straightforward if the proof is presented in two steps. Step 1 is gcd(a,b)≤ gcd(b,r). Step 2 is gcd(b,r)≥ gcd(a,b). Since we are proving that each gcd is less than or equal to and greater than or equal to the other, then the two greatest common divisors have to be equal.<br />
Prove gcd(a,b)≤ gcd(b,r).
3.
In order to show that the gcd of a and b is less than the gcd of b and r, we need to first show that any common divisor of a and b is also a common divisor of b and r.
4.
Let c be a common divisor of a and b. Then c|a and c|b, and so, by definition of divisibility, a=nc, and b=mc, for some integers n and m. Now substitute into the equation
11.
But n-mq is an integer, and so, by definition of divisibility, c|r. Because we already know that c|b, we can conclude that c is a common divisor of b and r. Which is what was to be shown.
13.
Since we already proved that a is a common divisor of a, b, and r, now we need to prove that gcd(a,b)≤ gcd(b,r).
14.
From part a, every common divisor of a and b is a common divisor of b and r. It follows that the greatest common divisor of a and b is a common divisor of b and r. But then gcd(a,b) (being one of the common divisors of b and r) is less than or equal to the greatest common divisor of b and r:
24.
But nq+m is an integer because adding integers still produces an integer. Now we can see that p|a by definition of divisibly. Since we know that p is a divisor of b and r, and p is a divisor of a, then we know that p is a common divisor of a and b.
26.
From above in part a we showed that every common divisor of b and r is a common divisor of a and b. However, gcd(b,r)≤ gcd(a,b) because gcd(b.r) is one of the common divisors of a and b; the gcd(b,r), being one of the common divisors of a and b, is less than or equal to the greatest common divisor of a and b:
Proof: (Lemma 2) <br />We want to show that a common divisor of a and 0 is a.<br />Suppose a is a positive integer. We know that a divides 0 because every positive integer divides 0. We also know that a divides a because everything divides itself. Therefore, we can conclude that a is a common divisor of a and 0. <br />Now we want to show that a is the greatest common divisor of a and 0.<br />We know that a must be the largest common divisor of a because no integer larger than a can divide a. This means that no integer larger than a can be a common divisor of a and 0. Threfore, this means that a is the greatest common divisor of a and 0, which is what we wanted to prove.<br />Now that we have shown the proof of the Euclidean algorithm, it is useful to understand how to use it. In order to find the greatest common divisor of two integers a and b, there are three steps that need to be completed:<br />
Check to see if a>b≥0.
28.
If this is satisfied, then check to see if b=0.
29.
If b=0, use lemma 2 of the Euclidean algorithm to produce gcd(a,b)=b.If b>0 then the division algorithm states that a=bq+r and when a is divided by b a quotient q and a remainder r is left such that 0 ≤ r < b. Now we can use lemma 1 to find the gcd(b,r) instead of finding the gcd(a,b). This may seem like more work finding more greatest common divisors, but the pair of integers b and r are smaller than the pair of integers a and b because we know that 0 ≤ b < a, since our integers are greater than or equal to 0. We also know that 0 ≤ r < b because of the division algorithm and now we can say that 0 ≤ r < b < a. Therefore, we can see that (b,r)<(a,b).
30.
Since r≠0 yet, we need to keep repeating step 2 until r=0. This means that until the remainder is equal to 0, then the greatest common divisor of (a,b) has not been determined. Eventually the gcd(a,b) will be produced because through iterations of step 2, there will ultimately be two numbers that cannot be divided into each other any farther. This is because throughout the iterations, the previous integer b becomes the new integer a, and previous integer r becomes the new integer b. Hence r decreases each time and will eventually reach 0. When this happens, the last iteration of gcd(b,r) will be gcd(b,0) and the integer a, or the previous b, will be the gcd(a,b).
Step 3 can also be rewritten as:Let a=A, b=B and r=B.while (b QUOTE 0) r = a mod b, then a=b and b=r.end whilegcd=a. (Epp 196)<br />Here is an example of the Euclidean algorithm where a=112, and b=34:Find the gcd (112, 34): *Remember that while (b QUOTE 0) r = a mod b, then a=b and b=r.Divide 112 by 34: a=112, b=34. So r=112 mod 34. q=3 and r =10. Previous b=34, now a=34. Previous r=10, now b=10:Divide 34 by 10: a=34, b=10. So r=34 mod 10. q=3 and r =4. Previous b=10, now a=10. Previous r=4, now b=4:Divide 10 by 4: a=10, b=4. So r=10 mod 4. q=2 and r =2. Previous b=4, now a=4. Previous r=2, now b=2:Divide 4 by 2: a=4, b=2. So r=4 mod 2. q=2 and r =0. Previous b=2, now a=2. Previous r=0, now b=0:Divide 2 by 0: b=0 so therefore the gcd is a. Therefore, the gcd (112,34)= 2. <br />The Euclidean algorithm is very useful when trying to find the gcd of two integers, especially large integers. This algorithm along with the division algorithm makes computing with large much easier because it allows us to find the factors of large numbers. As you can imagine, performing operations upon factors of large numbers is much easier than trying to compute straight from the large numbers themselves. <br />2.5.3 Modular Arithmetic <br />Definition: For any positive integer, the group of integers modulo n is the set {0,1,2,…n-1} together with the operation +n.<br />The application of modular arithmetic can be explained by envisioning a clock. What happens if it is 10 o’clock and someone tells you to meet him or her in 4 hours? You know your meeting is at 2 o’clock but, how did you figure that out? We know that 10 + 4 is 14 and there is no time 14 o’clock. This is where modular arithmetic is established. Since there are 24 hours in a day and the clock is based on a 12 hour clock system, then we can determine the real time by dividing by 12; the remainder distinguishes what time it really is. In this case the remainder when 14 is divided by 12 is 2, hence 2 o’clock, the remainder, is the meeting time. The numbers in this algorithm keep wrapping around the value of 12; this proves that the modulus is 12. This theorem can also be computed by using a table of modulus 12 (Lewand 19).<br />+120123456789101100123456789101111234567891011022345678910110133456789101101244567891011012355678910110123466789101101234577891011012345688910110123456799101101234567810101101234567891111012345678910<br />By using this table, we first find 10 o’clock in the top row; we will call the numbers in the top row known. Then we find 4 in the first column; we will call the numbers in the first column shift, because they are what we are ‘shifting’ the time by. We know that our modulus is n=12. The place at which these two numbers meet tells us what time it really is. The table shows the number 2 where these numbers meet. Hence, we can write the time using the modulus 12 by using time = known+shift (mod n). This means our equation is time=10 + 4 (mod 12) or time=14(mod 12). In this case, our equation proves that 4 hours from 10 o’clock is 2 o’clock. <br />Definition: Let n be some fixed positive integer. Then two integers x and y are said to be congruent modulo n if (x-y) is divisible by n. This is also denoted as x QUOTE y (mod n) (Lewand). <br /> This means that if the difference between x and y is divisible by n, then it is evident that x and y are congruent modulo n and we can say that x QUOTE y (mod n).<br />Example: 17 QUOTE 5 (mod 3) is true because 17-5=12, which is divisible by 3. Also, 7 QUOTE 3 (mod 2) is true because 7-3=4 which is divisible by 2.<br />When two integers, x and y, are congruent to a modulo n, there are specific properties that hold which define the modular arithmetic theorem. <br />Modular Arithmetic Theorem:Let n be a fixed positive integer >1 and let w, x, y, and z be any integers. Then:<br />(Properties)<br />
33.
if x QUOTE y (mod n) and y QUOTE z (mod n), then x QUOTE z (mod n)
34.
if x QUOTE y (mod n), then xz QUOTE yz (mod n)
35.
if x QUOTE y (mod n), then xk QUOTE yk (mod n)
36.
if x QUOTE y (mod n) and w QUOTE z (mod n), then x + w QUOTE y + z (mod n)
Since we know that y, w, and z are any integers, and that n > 1, then by the associative and commutative properties and the subtraction rule, where associative means that the order the operations are performed does not affect the answer and commutative means the order the terms are carried out does not affect the end result, we can also deduce other properties of modular arithmetic:<br />
41.
Now that we can see the properties of modular arithmetic state that it is commutative and associative for addition and multiplication and that it also works for subtraction, let’s take a look at some examples to better understand how it is performed under such operations.
47.
because 48 is divisible by 3 with remainder of 0
We can also find the additive inverse of a number x, by finding a number d such that when we add d to x, we get 0 as a remainder if it is divided by n. <br />Theorem 1: (Additive inverse) If two integers x and n have a common factor w, meaning the gcd(x,n)=w, then the additive inverse of an integer x modulo n is an integer d such that x + d = 0 (mod n), where x+d=n and d=n-x to get x+(n-x)=0 (mod n). If d is the least positive inverse of x modulo n, then we call it the least additive inverse of the integer x modulo n, also denoted d=-x(mod n). <br />Example:Let x=4 and n=7<br />x + d = 0 (mod n)4 + d = 0 (mod 7)We know 7 = 0 (mod 7) so 4+d must equal 7. Then d=3 is the additive inverse of 4(mod 7) and is written as 3=-4(mod 7).<br />Now that we know modular arithmetic works for operations of addition, subtraction, and multiplication, what about division? We know that when we are dividing we are actually multiplying by the inverse of the number; so when we divide by 2 we multiply by a ½. So we recognize that each integer has a multiplicative inverse because every number can be multiplied by some other number to obtain 1. For example we can multiply 2 by ½ to get 1, or 4 by ¼ to get 1. But what do we multiply by 3(mod 26) to get 1(mod 26)? This is known as finding the multiplicative inverse of a modular.<br />Theorem 2: (Multiplicative inverse) If two integers x and n are coprime, meaning the gcd(x,n)=1, then the multiplicative inverse of an integer x modulo n is an integer d such that when multiplied by x, obtains 1(mod d). Hence, xd=1(mod n), where it is also denoted as d=x-1(mod n). If d is the least positive inverse of x modulo n, then we call it the least multiplicative inverse of the integer x modulo n. <br />Example: Let x=3 and n=26 again<br />xd=1(mod n)3d = 1 (mod 26)We know 27 = 1 (mod 26) so 3d must equal 27. Then d=9 is the multiplicative inverse of 3(mod 26) and is written as 9=3-1(mod 26).<br />A multiplicative inverse, modular a number, is most prevalent throughout Public Key Cryptography when determining the private keys for public key ciphers like the RSA Cipher, while the additive inverse modular a number is used in Private Key Cryptography when deciphering messages with Simple Ciphers. <br />Now we know how to compute modular arithmetic for each operation, regardless of whether it is straightforward or not. It is essential to understand how modular arithmetic performs with small numbers to comprehend how it will function with larger numbers. Most keys generated in cryptography are around 200 digits long, not 2 digits long like the examples I am dealing with, so what happens when trying to deal with huge numbers?<br />Example: <br />(10)9(mod 12)= 1000000000(mod 12)=4<br />How do we know that this is the answer? We can figure this out because we can expand (10)9 and then take modular 12 of it. If the number is larger like (15892)9(mod 12), the number can be split into its factors and (mod 12) can be performed on each factor and it will still produce the same answer. <br />Example: <br />We can split (10)9(mod 12) into =[(10)3(mod 12)*(10)3(mod 12)*(10)3(mod 12)](mod 12)=(4*4*4)(mod 12)==64(mod 12)= 4<br />As we can see, it is much easier to compute the modular of a large number by computing the module of its factors first. This is crucial to the field of cryptography since the numbers worked with are usually 100 to 200 digits long.<br />Since modular arithmetic is the basis of why ciphers work, it is essential that we understand how it is utilized in the simplest ciphers. By looking back at the example of the Shift Cipher allows for better understanding of how modular arithmetic is incorporated into cryptography.<br />2.5.4 Fundamental Theorem of Arithmetic <br />Definition: Every integer n>1 can be expressed uniquely as a product of one or more positive prime numbers.<br />The Fundamental Theorem of arithmetic focuses on the uniqueness of factoring numbers. This Theorem states that every integer greater than 1 can be written in exactly one way as a unique product of prime numbers. Although it is relatively easy to show that the factorization of a number into prime numbers exists, it is significantly more tedious to show that there is a unique way to factor an integer. Hence, this is why the theorem is also known as the Unique Prime Factorization Theorem. <br />Example: 280=140x2=70x2x2=35x2x2x2=7x5x2x2x2=23x7x5. Therefore, the unique factorization into prime numbers of 280=23x7x5<br />Since we know that a number n can be factored into a unique factorization of prime numbers, then we can also find the unique factorization of a product of more than one integer.<br />This theorem can also be seen in the corollary to Fermat’s Little Theorem where QUOTE . When dividing by p, if a remainder of one is produced, then we know that this must be a unique solution of p and s because the corollary to Fermat’s Little Theorem is satisfied. If Fermat’s Little Theorem is satisfied then this means that p is not a factor of s and by the Euclidean algorithm when p is not a factor of s, gcd(p,s)=1. <br />Theorem: If n>1 has a unique prime factorization QUOTE , then QUOTE . <br />This theorem is derived using theorem 2 from Euler’s Totient Theorem where QUOTE = QUOTE and the fundamental theorem of arithmetic.<br />2.5.5 Prime Numbers and Primality Testing<br /> Definition: An integer p is a prime number if the only positive integers that divide p are 1 and p itself. This is written as gcd (p,1)=1. Integers that are not prime are called composite.<br />Definition: Two integers n and p are relatively prime if the only positive integer that divides both p and n is 1. This is otherwise written as gcd (n,p)=1. <br />To find the greatest common divisor of two numbers we can perform the Euclidian algorithm. If there is no greatest common divisor between the two numbers, then the gcd is 1 and the two integers are said to be relatively prime to one another.<br />Prime numbers play a crucial role in the development of cryptography. A key is usually made of the product of two prime numbers. Since we know that every integer >1 can be written uniquely as a product of prime numbers from the fundamental theorem of arithmetic, and that there are infinitely many prime numbers (see Theorem 1 in Appendix), then there are infinitely many keys available. Yet because there are infinitely many prime numbers, it is hard to determine if a number is prime or not, and therefore hard to determine if the number can be used for a key. For example, large prime numbers need to be found in order to determine the public key of the RSA Cipher. This is where primality testing needs to be utilized, in order to establish if a number is prime or not.<br />The concept of primality testing is quite trivial, yet the computations are tedious. In order for a number to be stated as prime, it has to go through a number of tests where it will eventually be determined if it is probably prime or not. Since many primality tests can falsely determine that a number is prime when it is not, it is essential that a number goes through more than 1 primality tests before it is concluded to be genuinely prime.<br />If a number p passes one primality test, then it is established that it may be a prime number and therefore needs to go thorough more testing. In contrast, if p fails a primality test then it is definitely not a prime number, and we know that p is composite. <br />Since there are many different primality tests, it is easiest to start testing p with the simplest one. Although this will not determine if p is prime, it will determine if p is not prime. Since much of determining keys for ciphers is dependent upon finding a prime number, a simple primality test allows us to see if the random number picked should go further through the primality tests or not. The simplest primality test is to see if any integer n from 2 to p − 1 divides p. If p happens to be divisible by any n, then p is definitely composite; otherwise it is prime. But to divide p by every integer from n to n-1 would be monotonous, so by taking the results from dividing by any n ≥ 2, we can move on from here. If it turns out that p is composite then we stop and choose another random number to perform the primality test on. If p is established as potentially prime, then p needs to go through more rigorous primality tests to conclude if it really is a prime number or not.<br />If p passes the first test then it is established that p may be a prime number and it has to go through more daunting tests to prove its primality. For instance, the next test p could be put though is Fermat’s primality test. Fermat’s Little Theorem states that if p is a prime number and p is not a factor of n, then QUOTE , and therefore gcd(n,p)=1. As we can see, testing for primality with Fermat’s primality test tells us whether p is not a factor of n or if it is a composite number.<br />However, Fermat’s Little Theorem can also hold while p is a composite number and in this case “…[p] is called a pseudoprime to base n. In other words, a ‘pseudoprime’ is a number [p] that ‘pretends’ to be prime by passing the test.” For this reason, Fermat’s primality test does not prove if p is a prime number or not, but if p passes Fermat’s primality test, it does prove that p is not a factor of n. Therefore, we can see that because p is not a factor of n, then p has a better possibility of being a prime number (Koblitz 113). <br />Example 1:<br /> QUOTE Let n=5 and p=4. Remember p is a prime number.This is correct because 125÷4 is 31.25, and 31 x 4 = 124.<br />Therefore, the remainder is 125-124, which is 1.<br />Since we all know that p=4 is not a prime number, 4 is a pseudoprime to base 5. This means that if 4 were raised to base 5, then it would pass Fermat’s primality test, even though it is not a prime number. <br />Example 2:<br /> QUOTE Let n=8 and p=9. Remember p is a prime number.This is correct because 16777216÷9 is 1864135.111, and 1864135 x 9 = 16777216.<br />Therefore, the remainder is 16777216-16777216, which is 1.<br />But we all know that p=9 is not a prime number and therefore, 9 is a pseudoprime to base 8.<br />Due to the fact that Fermat’s primality test determines whether p is not a factor of n and that pseudo primes are not factors of n, then we should complete another primality test, such as the Solovay-Strassen primality test, to confirm whether p is probably a prime number or not. <br />The Solovay-Strassen primality test states that if an integer b where, 0<b<p at random where p is a positive odd integer then for each integer b, we can compute QUOTE for k choices of b. If both sides of this equation are not equal mod p of each other for any choice of integer b, where QUOTE is the Jacobi symbol, then p is said to be composite. If the equation does hold for all k choices of b, then we can safely conclude that p is probably prime and that the chance of error that p is composite is at greatest (½)k, where k is the number of repetitions to complete b. <br />As a result, if p passed the simple primality test, Fermat’s primality test, and the Solovay-Strassen primality test, then we can conclude that p is most certainly a prime number (Koblitz 116).<br />Example 1: 1st test: Let p be 11. Divide 11 by any integer n>2. Let n=8. 11/8=1.375. Since p is not divisible by n, then this means that p passes the first primality test. <br />2nd test: Now using Fermat’s primality test we can test to see if p is prime or not. Let s be some number and p is still 11.<br /> QUOTE <br />This is correct because 3125÷11=284.0909, and 284x11=3124.<br />Therefore, 3125-3124=1 and we see that p has passed the second primality test.<br />3rd test: Through the use of the Solovay-Strassen primality test we will be able to determine the probability of p being truly prime or not. Because this is a probabilistic primality test, it generates the probability that a number is prime rather than the certainty that a number is prime.<br />This test states that if p is a prime number, then<br /> QUOTE for any random integer b, where QUOTE is the Jacobi symbol. If both sides of this equation are equal, then we know that p is probably a prime number. If they do not equal then p is definitely not a prime number.<br />In order to determine if a number is prime through the Solovay-Strassen primality test, the Jacobi symbol QUOTE needs to be computed first. This requires some known theorems and rules. <br />Definition: (Jacobi Symbol) For any integer b and any odd positive integer p the Jacobi Symbol is defined as the product the Legendre Symbols where QUOTE and p is made of all prime factors of p. <br />So we can see that the Jacobi Symbol is a generalization of the Legendre Symbol when n is a positive odd integer.<br />Properties: (Jacobi Symbol)<br />
When n is an odd prime number, then the Jacobi Symbol is also called the Legendre Symbol.
48.
If p | b then QUOTE = 0. If p does not | b then QUOTE = QUOTE .
QUOTE = QUOTE <br />If b and p are positive odd integers then QUOTE = QUOTE <br />Theorem: If n is an odd prime number, then QUOTE .<br />This means we need to evaluate QUOTE using the properties of the Jacobi Symbol stated previously. We also need to evaluate QUOTE . If these are equal, then p is a prime number.<br />Since the Solovay-Strassen primality test states that that if p is a prime number, then<br /> QUOTE for any random integer b, then we can let b be any number that we choose. Let’s let b=3 and now we compute QUOTE using the Jacobi Symbol properties.<br /> QUOTE QUOTE <br />But QUOTE = QUOTE = QUOTE by property 6<br /> QUOTE (-1) = QUOTE (-1) because 11=b2(mod 3), then b2=2. This means QUOTE = QUOTE by property 3<br /> QUOTE (-1) = QUOTE (-1) = QUOTE (-1) = QUOTE (-1)=1 by property 5<br />Now that we have determined what the Jacobi Symbol is equal to, we need to find what QUOTE is equal to.<br /> QUOTE = QUOTE <br />Since we have established that QUOTE we have determined that p has passed the 3rd test and is in fact probably prime. But because we only chose one random integer b, then the chance of error that p is a composite number is (½)k=(½)1=(½).<br />If we chose two random integers b1 and b2 in which p passed the Solovay-Strassen primality test for both, then the chance of error that p is not prime would be <br />(½)k=(½)2=( QUOTE ).<br />Since p has passed all three Primality tests then we can establish that 11 is a prime number.<br />Example 2: 1st test: Let p be 10. Divide 10 by any integer n. Let n=7. 10/7=1.4286. Since p is not divisible by n, then this means that p passes the first primality test. <br />2nd test: Now using Fermat’s primality test we can test to see if p is prime or not. Let s be some number and p is still 10.<br /> QUOTE <br />This is incorrect because 1953125÷10=195312.5, and 195312x10=195312.<br />Therefore, 1953125-195312=3 and we see that p has failed the second Primality Test. Therefore, 10 is not a prime number.<br />2.5.6 Fermat’s Little Theorem<br />Proposition: (Fermat’s Little Theorem) <br />Let p be a prime integer and s be a positive integer. Then QUOTE such that 1≤s<p.<br />Corollary 1: Let p be a prime number and p is not a factor of s. Then QUOTE .<br />This means that if p is a prime that is not a factor of s, then when s is multiplied p-1 times, and this result is then divided by p, leaving a remainder of one.<br />Example: Let prime p=5 and s=3. This statement says that when s is multiplied 4 times and divided by 5, the result will be a remainder of 1. So, 35-1=34=81, but when 81 is divided by 5 the remainder is 1. To rewrite this in the correct form for Fermat’s Little Theorem, we have QUOTE .<br />Proof: (Corollary 1) Suppose that p is any prime number and s is an integer such that płs, where in particular s≠0. <br />Since this proposition is only for the positive integers of s, then we will first start by listing all of the p-1 positive multiples of s. Call this set of integers set H.<br />H={s, 2s, 3s, ... (p -1)s}.<br />Now we want to show that s(p-1) = 1 (mod p) by showing that set H is equal to the multiples of s in some order. In order to do this, we first have to show that the multiples of set H are distinct when reduced by mod p. <br />Reduce each number in set H by (mod p): <br />Now H(mod p)={1, 2, 3,…p-2,p-1} and there are exactly p-1 numbers in set H.<br />Suppose that rs and ts are the same modulo p, for some integers r and t, then r = t (mod p).<br />Lemma 1: Suppose that płs and rs = ts (mod p), then r = t (mod p) because p is not divisible by s.<br />By rules 2 and 3 of the modular equivalences, we can see that if rs =ts (mod p) then rs = ts + kp.<br />Proof: (Lemma 1) Given that rs = ts + kp:<br />rs – ts = kp(r – t)s = kp<br />So by definition of divisibility p|(r-t) or p|s.But we know that płs from Lemma 1, so we can disregard p|s.Therefore p|(r-t), which means that r-t=np for some integer n. So we can see that r=t(mod p), which was to be shown.<br />Now we know that when rs and ts are of the same modulo p, r=t (mod p). But as stated above, p is not a factor of s, we can see that this is true because if s is divisible by p, then p would be a factor of s, and we would get 0 (mod p), which cannot happen. <br />Example 1: If rs=ts (mod p) then r=t(mod p).<br /> We can let s=5, r=7, t=4, and p=3, where p is not a factor of s.<br />Then rs = ts (mod p) 7(5) = [4(5)](mod 3) 35=20(mod 3) 2=2(mod 3).<br />This shows that we get r=t(mod p) when p is not a factor of s.<br />By using the fact that p is not a factor of s, then r-t =(mod p) shows that r-t must be a multiple of p and so we get r=t(mod p), which was to be shown.<br />Example 2: Let s=6, r=7, t=4, and p=3, where p is a factor of s.Then rs = ts (mod p) 7(6)=[4(6)](mod 3) 42=24(mod 3) 0=0(mod 3).<br />This shows that we get 0(mod p) when p is a factor of s.<br />So when some number in set H is reduced by (mod p), distinct nonzero numbers (mod p) are produced because p is not a factor of s. Since set H is the set of all positive multiples of s and there are exactly p-1 numbers in set H, then each number up to and including (p-1) must also be distinct.<br />Given that all of the multiples in set H are distinct (mod p), then set H must be equivalent to {1, 2, 3,…p-2,p-1} in some specific order. This means that the product of all elements of set H produces some number that is equal to (1*2*3*...*(p-1))(mod p). This number is (p-1)!(mod p).<br />By multiplying all of the multiples of set H together, we get <br />s*2s*3s* ...*(p -1)s= 1*2*3*...*(p-1) (mod p)<br />s(p-1)(1*2*3…*(p-1)) = (p-1)! (mod p)<br />s(p-1)(p-1)! = (p-1)! (mod p)<br />Now we need to divide both sides by (p-1)! in order to prove that QUOTE . <br />(In order to do this, we need to prove that (p-1)! has a multiplicative inverse (mod p).)<br />Lemma 2: If p is prime and 0<k<p, then there exists 0<m<p where mk= 1 (mod p).<br />For all integers p and m, if gcd (m, p)=1, then there exists an integer k such that mk = 1 (mod p). The integer k is called the inverse of m (mod p).<br />Proof: (Lemma 2) Suppose m and p are integers and gcd(m, p)=1. Using the definition of relatively prime integers and the corollary that m and p are relatively prime integers, then there exists integers k and t such that <br />mk + pt = 1<br />When we subtract pt from both sides of the equation, we get <br />mk = 1 – (pt) <br />mk = 1 + p(-t)<br />Therefore, p|mk-1 and by definition of congruence modulo n, <br />mk=1 (mod p)<br />Corollary 2: (p-1)! has a multiplicative inverse (mod p).<br />Proof: (corollary 2) Let n be an integer ≥1. The multiplicative inverse (mod p) of an integer n is a number m such that mn = 1 (mod p). <br />When the multiplicative inverse (mod p) of n (called m) is multiplied by n, it will generate 1(mod p), which is the multiplicative identity. <br />Show that each factor of {(p-1)} has a multiplicative inverse, so that (p-1)! has a multiplicative inverse 1(mod p) can be shown .<br />If we take each factor of the set {(p-1)}, then we have {1*2*3*...*(p-1)}. We know that any integer ≥1 has a multiplicative inverse and since each factor of {(p-1)} ≥1 because s≠0, then each factor {(p-1)} has a multiplicative inverse (mod p). <br />(1*2*3…*(p-1)) = (p-1)!<br />Then mi x ni=1(mod pi) where i is each factor of {(p-1!)}.<br />To find the inverse modulo p of mi then we have to find the multiplicative inverse of n(mod p) and solve for each mi.<br />So QUOTE QUOTE QUOTE <br />m1 x n1=1 (mod 1) m1 x 1=1 (mod 1) m1=1-1 (mod 1)<br />m2 x n2=1 (mod 2) m2 x2=1 (mod 2) m2=2-1(mod 2)<br />……m(p-1) x n(p-1)=1 (mod (p-1)) m(p-1) x (p-1)=1 (mod (p-1))m(p-1)= (p-1)-1(mod (p-1))<br />Now we can show each factor of {(p-1)} has a multiplicative inverse (mod p).<br />(m1*m2*m3…*m(p-1)) = (p-1)!<br />(1m1*2m2*3m3…*(p-1)m(p-1))) = (p-1)!<br />(1(1-1(mod 1))*(2(2-1(mod 2)))*(3(3-1(mod 3)))…*(p-1)[(p-1)-1(mod (p-1))] = (p-1)!<br />(m1 x n1)(mod 1)*(m2 x n2)(mod 2)*(m3 x n3)(mod 3)….*(m(p-1) x n(p-1))(mod (p-1))= (p-1)!<br />(1*1*1….*1)(mod p)= (p-1)!<br />(1)(mod p)= (p-1)!<br />Therefore, (p-1)! has a multiplicative inverse (mod p), which was to be shown from corollary 2. <br />Example: Find the inverse 5 mod 7? 5*n=1 (mod 7)but we know 15=1 (mod 7)so 5*3=1 (mod 7)<br />5 (mod 7)=3<br />So the inverse of 5 (mod 7) is 3.<br />Now that we have proved there exists 0<m<p where mk= 1 (mod p) when p is prime and 0<k<p, and that (p-1)! has a multiplicative inverse (mod p), we can finish the proof of Fermat’s Little Theorem.<br />From above: If we multiply all of the multiples of set H together, we get <br />s*2s*3s* ...*(p -1)s= 1*2*3*...*(p-1) (mod p)<br />s(p-1)(1*2*3…*(p-1)) = (p-1)! (mod p)<br />s(p-1)(p-1)! = (p-1)! (mod p)<br />Now we need to divide both sides by (p-1)! in order to prove that QUOTE . <br />Now that we know that (p-1)! has a multiplicative inverse (mod p), we can divide both sides by (p-1)! to get 1(mod p).<br />s(p-1)(p-1)! = (p-1)! (mod p)<br />s(p-1) = 1 (mod p)<br />This proves the corollary that if QUOTE and p is a prime number, then p is not a factor of s. <br />Example 1:<br />*Remember p is a prime number.We will show that p is not a factor of s:s=7 and p=5s(p-1) = 1 (mod p)So, 7(5-1) = 1 (mod 5)7(4) = 1 (mod 5)2401=1 (mod 5)<br />This is correct because 2401÷5 is 480.2, and 480 x 5 = 2400.<br />Therefore, the remainder is 2401-2400 which is 1,<br />which means the prime number p=5 is not a factor of s=7.<br />Example 2:<br />Now we will show that p is a factor of s:<br />s=10 and p=5s(p-1) = 1 (mod p)So, 10(5-1) = 1 (mod 5)10(4) = 1 (mod 5)<br />10000≠1 (mod 5)<br />This is correct because 10000÷5 is 2000 and 2000 x 5 is 10000.<br />Therefore, the remainder is 10000-10000 which is 0.<br />So the prime number p=5 is a factor of s=10.<br />This theorem is also used to calculate the multiplicative inverse of s by taking s(p-1) =1(mod p). <br />s(p-1) = 1 (mod p)<br />s(p-2) x s = 1 (mod p)<br />s(p-2) = s-1 (mod p)<br />Thus, an inverse (mod p) of s or the inverse (mod p) of s(p-1) is s(p-2) by Fermat’s Little Theorem.<br />Example: Let s=8 and p=3. <br />So the inverse of 8 (mod 3) is 83.<br />But we can also find another inverse of 8 (mod 3):<br />So the inverse of 8 (mod 3) is 2.<br />From this proof we can see that Fermat’s Little Theorem is dependent upon whether a remainder of 1 exists after sp-1 is divided by the integer p. Meaning, if s(p-1) ≠1 (mod p), then p is a factor of s, and consequently, if s(p-1) = 1 (mod p), then p is not a factor of s. Not only does Fermat’s Little Theorem allow us to determine factors of numbers, but it also enables us to compute the modular inverse of a number when p is not divisible by s. An understanding of such properties is essential to comprehending Public Key Ciphers, because it allows us to determine if a number is a factor of another number which aids in primality testing for generating keys. It also permits us to find the modular inverse of an integer which establishes the private key in Public Key Ciphers.<br />2.5.7 Euler’s Totient Theorem<br />The Totient of a positive integer n is defined as the number of positive integers less than or equal to n that are coprime to n; meaning that they only have a factor of 1 in common with each other. <br />Proposition: (Euler’s Totient Theorem) <br />Let a and n be two integers. While n > 0 and gcd(a,n)=1, then Euler’s Totient Theorem states that QUOTE , where QUOTE is the count of positive integers between 1 and n that are coprime to n. <br />Theorem 1: If n is any prime number, then QUOTE =n-1. Then Euler’s Totient Theorem becomes QUOTE , which is Fermat’s Little Theorem. <br />Statement 1: We observe that Fermat’s Little Theorem is a generalization of Euler’s Totient Theorem because Fermat’s allows us to prove Euler’s for a modulus n and an integer a such that gcd(a,n)=1. Then QUOTE by Euler’s Totient Function and we know that QUOTE is the number of integers between 1 and n that are coprime to n by the definition of Euler’s Totient Theorem, so if n=p where p is a prime number then QUOTE =p-1 and we would get QUOTE . This we know is Fermat’s Little Theorem and for this reason it can be used to prove Euler’s Totient Theorem when we know that n=p where p is a prime number.<br />Theorem 2: If n is a prime number then QUOTE = QUOTE . But QUOTE Therefore, QUOTE = QUOTE <br />This theorem is derived from the first theorem: if n is prime, then QUOTE . From this: if nk is prime QUOTE = QUOTE . <br />Theorem 3: If m and n are relative prime positive integers where gcd(m,n)=1, then QUOTE = QUOTE . <br />Theorem 4: If m and n are relative prime positive integers, then using theorem 2 and theorem 3 we can simplify QUOTE By theorem 3 we know that QUOTE . By theorem 2 we recognize that QUOTE . But theorem 1 states that QUOTE , when n is a prime, so now we can substitute QUOTE into the equation. Now we get, QUOTE . Simplifying the equation produces QUOTE QUOTE = QUOTE = QUOTE .<br />To show that the theorem 1, theorem 3, and the proposition of Euler’s Totient Function work together, let’s look at a general example using two prime numbers p and q.<br />Example: Let p and q be two prime numbers where z=pq. Since theorem 3 states that QUOTE = QUOTE , then we know that QUOTE = QUOTE because z=pq. But from the corollary of Euler’s Totient Function, we know that QUOTE =n-1 when n is a prime number, so we can also say that QUOTE and QUOTE because p and q are also prime numbers. Now we can substitute QUOTE and QUOTE into the equation. Hence, we get QUOTE = QUOTE . A general example, is if QUOTE then QUOTE and hence, QUOTE .<br />Since QUOTE is the number of integers <n that are relative prime to n, then n-1 contains every integer < n that is relatively prime to n. <br />Example: (Still using theorem 1 and theorem 3) Since q and p are a prime numbers, we will let z=pq=15. QUOTE = QUOTE = QUOTE This means there are 8 positive integers that are less than and relatively prime to 15. These are 1, 2, 4, 7, 8, 11, 13, and 14.<br />The Euclidean algorithm can be used to check that (n, n-1)=1 and therefore every integer < n is relatively prime to n. This can be used to check that (nk, nk-1)=1, since any integer < nk is relatively prime to nk.<br />This theorem is important because it allows us to quickly figure out how many numbers are less than and relatively prime to another number. This is helpful in Public Key Cryptography because it is necessary to find numbers that are relatively prime to others when determining the public key of an RSA Cipher. When dealing with very large numbers it is helpful to know before hand how many numbers are relatively prime to another number before having to find such a number.<br />Euler’s Totient Theorem can also be used to find the inverse modulo n of a number as well. If we know that gcd(a,n)=1, then we know QUOTE by this theorem. To find the multiplicative inverse of a, this is done by taking the equation QUOTE and solving for QUOTE <br />But QUOTE n-1 when n is prime So, the multiplicative inverse of QUOTE (mod n) is QUOTE <br />Example: let a=5 and n=7.<br />But 7 is prime so QUOTE So the inverse of 5 (mod 7) is 55.<br />Here n is a prime number and we know from statement 1 that when n=p, where p is a prime number, we produce Fermat’s Little Theorem. This means that we can find the multiplicative inverse of a number using either Euler’s Totient Theorem or Fermat’s Little Theorem, when n is a prime number. <br />2.5.8 Discrete Logarithm Function<br />A group G is a finite or infinite set of elements that together, with a binary operator, satisfy a set of numbers under a specific operation. In such instances with ciphers, the binary operator is multiplication of (mod some number).<br />A modulo multiplication group is a finite group Zm of residue classes (all the possible values of b in a=b (mod m)) that are prime to m under multiplication (mod m). The QUOTE residue classes prime to m form a group under the binary multiplication operation (mod m), where QUOTE is the Totient Function. So we can see the group G is a modulo multiplication group.<br />Definition: (primitive roots) Let p be a prime number. Then b is a primitive root for p if the powers of b,meaning b0, b1, b2, b3, b4…..bp-1, include all of the residue classes mod p, except 0. Since there are p-1 residue classes (mod p), not including 0, then the p-1 powers of b have to be different (mod p).<br />Example: If p=11, then 2 is a primitive root of p because the powers of 2 are:20=1, 21=2, 22=4, 23=8, 24=16, but 16 is not ≤11, so 24(mod 11)=5, 5x2=10, 10x2=20 and 20(mod 11)=9, 9x2=18 and 18(mod 11)=7, 7x2=14 and 14(mod 11)=3, 3x2=6. Now we have every number that occurs mod 11, except for 0, which means that 2 is a primitive root of 11.<br />By going through the same process find that 3 is not a primitive root of 11 because the powers of 3 are 1, 3, 9, 5, 4. We are missing several values between 1 and 11 so therefore, 3 is not a primitive root of 11.<br />Example: If p=13, then 2 is a primitive root because the powers of 2 are1, 2, 4, 8, 3, 6, 12, 11, 9, 5, 10, 7. These are all of the classes mod 13 except for 0, so this means that 2 is a primitive root of 13. <br />There are other primitive roots for 13 also.<br />Example: If p=13, then 6 is a primitive root because the powers of 6 are 1,6,10,8,9,2,12,7,3,5,4,11. These are all of the classes mod 13 except for 0, so this means that 6 is a primitive root of 13. Table 2 in the Appendix also shows more primitive roots of 13, as well as other numbers and their primitive roots.<br />Theorem 1: If p is prime and p >2, there are always at least two primitive roots to p.<br />Theorem 2: (Discrete logarithm function): If a is an integer relatively prime to m and g is a primitive root of m, then there exists exactly one number μ among the set of numbers 0, 1, 2, ..., QUOTE -1, where QUOTE is the Totient Function, such that a = gμ(mod m). The number μ is called the discrete logarithm, or the index of a with respect to the base g modulo m. It is then denoted as μ = indga (mod m) (Weisstein Discrete Logarithm).<br />Example: From the previous example we know that 2 is a primitive root of 13 and since g is a primitive root of m, then we can let m=13 and g=2. Given that a is an integer relatively prime to m, then gcd(a,13)=1, so we can let a=3. There exists exactly one number μ among the set of numbers 0, 1, 2, ..., QUOTE -1, so we need to find one number in this set such that this equation a = gμ(mod m), can be satisfied. So,<br />3 = 2μ(mod 13)if we let μ =0, 1, 2, or 3 this is not satisfied3 = 24(mod 13)3=16(mod 13)16÷13=1.23 and 1x13=13. 16-13=3. Hence, this equation is true if μ =4.<br />Although the discrete logarithm states that there is only one number between 0 and QUOTE -1 that satisfies this equation, there may be another number outside of 0 to QUOTE -1 that satisfies the equation as well. By going through this same process we find that there does in fact exist a number > QUOTE -1 that satisfies 3 = 2μ(mod 13). As a result, we can infer that this is probably true for other numbers as well. Example: <br />3 = 2μ(mod 13)Let μ =a number that is not in the set of numbers 0, 1, 2, ..., QUOTE -13 = 216(mod 13)3=65536(mod 13)65536÷13=5041.23 and 5041x13=65533. 65536-65533=3. Hence, this equation is true when μ =16 as well.<br />This theorem is crucial to the ElGamal Cipher, because it makes this cipher secure. As we can see, it is difficult to obtain the discrete logarithm of such an integer because two important steps have to be satisfied. First, we have to find an integer a that is relatively prime to m and an integer g that is a primitive root of m. Only when these conditions are satisfied, then there exists exactly one number μ among the set of numbers 0, 1, 2, ..., QUOTE -1, such that a = gμ(mod m) and where μ is the discrete logarithm. But we know that the larger m is, the more numbers there are that could potentially satisfy this equation. If m were 158 digits long, then there would be 157 possible digits that could satisfy this equation, explaining why it is difficult to find exactly one μ that satisfies the equation. This is why the ElGamal Cipher is known as one of the hardest ciphers to break (Schneier 476).<br />Since we have examined the different theorems of mathematics that are involved in the function of cryptology and its ciphers, let us observe how these algorithms work in such instances.<br />3. Cryptography<br />3.1 Private Key Cryptography<br />A Private Key Cipher is also known as a Symmetric Key Algorithm. This is where both sender and receiver share the same key to encrypt or decrypt a message. The key is secret from all but the people who are corresponding; this is why other names for Private Key Cryptography are Secret Key Encryption or Single Key Cryptography. The major challenge of Private Key Ciphers is enabling the sender and the receiver to agree on the same key without other people intercepting. Obtaining the keys without interception can be tricky at times, especially if the sender and receiver are in two different places. If interception happens, then the outsider will be able to encrypt and decrypt all of the messages sent from sender and receiver. <br />However, most messages that are sent using Private Key Ciphers are carried out with a single authority that manages all the keys. An example of this type of system would be a banking system. In a banking system the authority is confident that the keys are secure because he or she is the person that controls the keys. A closed system like this is ideal for Private Key Ciphers to encrypt and decrypt messages that others are not intended to see (RSA Laboratories 2.1.1). <br />There are two different types of Private Key Ciphers, Block and Stream Ciphers. In a Block Cipher the keyword is chosen by the sender, in which the sender breaks up the plaintext message to be transmitted into segments of a fixed length t, not by individual letters. There are 26! possible keys in the Block Ciphers (Menezes, van Oorschot and Vanstone 17). A Stream Cipher is a Simple Block Cipher where the block length t=1. The key is a long stream of text where the block length is equal to 1. Stream Ciphers are mostly used when data is processed only one symbol at a time. <br />3.1.1 Shift Cipher<br />There have been various Private Key Ciphers developed throughout history, one of the simplest and most straightforward of these is the Shift Cipher. Depending on the shift of the cipher, this determines how the encryption and decryption of the cipher are carried out. But because only the shift of the cipher establishes the encryption and decryption of messages, this also makes the Shift Cipher unprotected and accessible to many entities. The most common Shift Cipher is the Caesar Cipher with a shift of 3.<br />3.1.1.1 Shift Cipher Encryption and Decryption Process<br />In a Shift Cipher, each letter in the plaintext is replaced with a letter that is a fixed number of positions (the shift) away from it to encipher the message and produce the ciphertext. We can find the equation for enciphering a Shift Cipher by using our time=known+shift (mod n) equation derived from the example in the modular arithmetic section. We can let time = ciphertext here because we are trying to find the ciphertext of the message. Since message is what is already established, we can then let message=known, and because we are still shifting variables in the equation, then shift is still the same. Lastly, our modulus is n=26 because there are 26 letters in the alphabet counting from A=0, to Z=25. Now our equation to find the ciphertext of the message in the Shift Cipher is: <br />ciphertext=(message+shift) (mod26)<br />To decipher the message, the ciphertext is shifted over a fixed number of positions away from itself. This is the opposite from the encryption, so the equation for deciphering a Shift Cipher message is:<br />message=(ciphertext-shift) (mod26)<br />Given that the decryption method is the opposite of the encryption method, we can see that it produces the original message. The reason why this method of decryption works correctly and produces the initial message is because of the additive inverse function. When we add the inverse of the shift (mod 26) to each ciphertext, we are able to produce the original message. <br />To take the additive inverse of x(mod n) it means that there is a number y such that when added to x, and then divided by n, x+y has a remainder of 0. This is shown as x+y =0(mod n). We can see that in order for x+y =0(mod n), then x+y must equal n, so y=n-x. By adding the inverse of the shift (mod 26) to each ciphertext we will obtain the original message. In order to decipher a message from the Shift Cipher this way, we would use the equation:<br />message=(ciphertext+(26-shift)) (mod26)<br />Now that we know the additive inverse of x (mod n) works to decipher a message, then the multiplicative inverse of x(mod n) probably works to decipher a message correctly. It in fact does, but only when n and x are relatively prime to one another. By multiplying the inverse of the shift (mod 26) to each ciphertext, we obtain the original message. <br />To take the multiplicative inverse of x(mod n) it means that there is a number y such that when multiplied by x, the modular is equal to 1(mod n). This is shown as xy =1(mod n). For this equation to equal 1(mod n), then xy has to equal 1+n or a multiple of 1+n. So we can see that in order for xy=1(mod n), then the multiplicative inverse of x(mod n) is x-1(mod n). In order to decipher a message from the Shift Cipher this way we would use the equation:<br />message=(ciphertext x [inverse of the shift (mod 26)]) (mod26)<br />Using either equation will produce the same output and the original message.<br />Shift Cipher Encryption and Decryption Process:<br />
Sue, the sender of the message, chooses the plaintext and coverts the message into numeric form by A=0 to Z=25.
51.
Now Sue chooses the shift that she wants to use on her message. This shift is the key to her message, known to her and the receiver of the message.
52.
Sue adds the shift to each term of her encrypted message to obtain her plaintext. If any numbers in the plaintext are 26 or greater, she performs mod 26.
53.
Sue needs to encipher the ciphertext back to letters so that she can send it over an insecure channel to Rob, the receiver of the message.
54.
When Rob receives the message, he converts the ciphertext back to numbers and then subtracts the key from each element of the ciphertext to obtain the original message. If any letters are < 0, he adds 26 to get back within the alphabet. Rob can also determine the original message by performing the additive inverse (mod 26) on each term of the ciphertext message. He can perform this by using the equation Message=(Ciphertext+(26-shift)) (mod26).
55.
Once he converts these back to letters, he will have his original message.
59.
She chooses shift to be n=11. In order to shift her message she adds the shift to her message to get: 33 15 22 22 29
60.
Sine 33 and 29 are greater than 26, then 33 mod 26 = 7 and 29 mod 26 = 3. Now the ciphertext is: 7 15 22 22 3 which Sue enciphers back to letters to get HPWWD. This is what she sends to Rob over an insecure channel.
61.
Rob first converts his message back into numeric form to get 7 15 22 22 3. Since Rob already knows the shift then he subtracts 11 from each number of the ciphertext to get -4 4 11 11 -8. Now he adds 26 to the negative numbers to get back within the alphabet. The new ciphertext is 22 4 11 11 18. Once he converts the ciphertext back to letters he gets WELLS. This is the original message from Sue! (Stinson 5)
62.
What if Rob tries to decipher the message using the additive inverse method? Then for each term of the ciphertext message he would use Message=(Ciphertext+(26-shift)) (mod26) and plug in his values for his ciphertext and his shift. So he would get:
64.
The new ciphertext is 22 4 11 11 18 which converts to WELLS. As it should, this method provides Rob the same ciphertext and thus same original message.
We can also find the ciphertext of a Shift Cipher using Table 1 in the Appendix. This is done by finding where the term of the top row and the side row of the table meet. Each number of each term of the message is on the top row while the shift of the message is the first column of the table. Where these two numbers meet show the letter of the ciphertext. For example if a letter in our message is G, this means its number is 6. Let’s say our shift is 4. If we go to Table 1, column 6 and row 4 produces the ciphertext number 10. This would be letter K. We can confirm that this is true by using the equation ciphertext=(message+shift)(mod26). We get ciphertext = (6+4)(mod 26) = 10 (mod 26)= 10. This proves that the table produces the right output for the ciphertext. <br />To decipher, use the row of the specific shift and find the desired number of the ciphertext message in that row. The column that this number is in is the message number. Since we know what the ciphertext is and the shift is we can find the row 4 in the table and find ciphertext 20 in that row. The column this is in is the message. This shows that column 6 is then equal to the message, so message=G, which is correct. This is a straightforward example of how modular arithmetic is employed into a simple cipher.<br />As we can see this cipher is not secure because there are only 0 to 25 possible keys (shifts) and with little mathematical computation this cipher is easily enciphered and deciphered.<br />3.1.2 Hill Cipher<br />A more interesting Private Key Cipher is the Hill Cipher. This cipher, which was first invented by Lester S. Hill in 1929, is a type of Substitution Cipher that uses matrices and linear transformations to perform the encryption and decryption of messages. There are (26n)2 possible different keys for this cipher where n is the size of an nxn matrix. <br />“The idea [of this cipher] is to take m linear combinations of the m alphabetic characters in one plaintext element, and produce m alphabetic characters in one ciphertext element” (Stinson 14). Let m=2, then the message is M=(m1,m2), and the ciphertext is C=(c1,c2) (Denning 88). The key in this matrix is a randomly chosen nxn matrix, which is invertible, and whose determinant (mod 26) is equal to 1. Written in a vector form of n dimensions, the message is n letters long. <br />3.1.2.1 Hill Cipher Encryption and Decryption Process<br />
The sender of the message chooses random numbers for the key matrix in the form of a nxn matrix. Usually this cipher is performed using a 2x2 matrix like: QUOTE . The only catch is that the sender needs to choose the matrix such that it is invertible. This means that the matrix can be multiplied by another matrix to produce the identity matrix QUOTE . The sender also needs to make sure that the determinant of the matrix (ad-bc) has to produce a remainder of 1 after being divided by 26. This key matrix is shared between both sender and receiver of the message.
65.
The next step that the sender of the message has to complete is to covert their message into numeric form by A=0 to Z=25.
66.
The terms of the message are then split into linear combinations of QUOTE where it is then separated into vectors QUOTE If the message has an odd number of terms, then the last term QUOTE is substituted as a dummy variable. The ( ) brackets represent the message form.
67.
Now that we know how the message is represented in vector form, we need to find the actual encryption of the message so it can be sent over an insecure channel. We will let QUOTE signify each term of the encrypted message where, just like the message, it is then separated into vectors QUOTE . The [ ] brackets represent the ciphertext form.
68.
In order to encrypt the message, each message vector needs to be multiplied by the key matrix and then multiplied by modulo 25. This looks like:
70.
Since QUOTE , then QUOTE is the encrypted message that, when converted back to letters, can be sent to the receiver of the message over an insecure channel.
71.
Since the equation for the encryption of a message is QUOTE , then we can find the decryption of a message by obtaining the inverse of the encryption. This means that we need to multiply both sides of the equation by the inverse of the key matrix: QUOTE . Now our decryption equation is QUOTE But we know that QUOTE , so we can substitute this into the equation as well and get QUOTE . This is also equivalent to QUOTE .
72.
Now we need to find QUOTE (mod 26). In order to do this, we let QUOTE =x-1; now we need to find the inverse of x (mod 26).
73.
Now our equation to decrypt the message is QUOTE .
74.
This equation is used for each pair of message vectors. Once all of the terms of the message, QUOTE are produced, these can be turned back into letter form and the original message will be produced.
77.
The sender of the message chooses random numbers to form the 2x2 key matrix. Sue chooses QUOTE to be her key matrix for this cipher. She needs to check that it is invertible, which means she needs to find a matrix such that when it is multiplied by her matrix, it produces the identity matrix.
78.
The matrix QUOTE produces this because QUOTE x QUOTE = QUOTE .
79.
She also needs the determinant of her matrix to have a remainder of 1, after being divided by 26. The determinant of QUOTE The determinant is -27, but because there are no negative numbers that correspond to the conversion of letters in the alphabet the negative is disregarded. So 27 mod 26 =1. Therefore, this matrix is invertible and has a determinate such that when divided by 26 the remainder is 1. So this matrix can be used as a key matrix for this cipher.
81.
Sue chooses the message that she wants to send to Rob and enciphers it into numeric form. If she wants to send the plaintext ‘Dogs’ to Rob, then this message converts to 3 14 6 18 in numeric form. Now she needs to write the message as linear combinations of QUOTE and QUOTE where they can be correspond to vectors QUOTE This message is equivalent to QUOTE QUOTE Since the message has enough terms to split up evenly into two vectors, no space holder variables are needed.
82.
Now that we know the message vectors we can find the encryption of these vectors by the encryption equation QUOTE . So, we get:
86.
Since the sender and receiver both share the key in Private Key Cipher, then Rob already knows the matrix that Sue has chosen for this message. The first step Rob needs to do is to complete the inverse of the key matrix by performing matrix row operations.
87.
Again, we can disregard the negative in the determinant because there are no negatives in the conversion back to the alphabet.
The decryption equation is QUOTE , so Rob needs find QUOTE (mod 26)= QUOTE (mod 26)=27-1(mod 26). He needs some number y, such that when multiplied by 27 (mod 26) produces 1. This can also be characterized as 27y (mod 26)=1. We can see that y is obviously 1.<br />Since the decryption equation, after finding QUOTE (mod 26) is QUOTE , then Rob can compute the decryption of the messages.<br />1 QUOTE QUOTE = QUOTE , and QUOTE = QUOTE .<br /> Once again disregarding the negatives, Rob produces:<br /> QUOTE = QUOTE and QUOTE <br />Once all of the terms of the message, QUOTE are produced, these can be turned back in to letter form. So 3 14 6 18 yields DOGS when converted back to letters, which is the original message! <br />Since the Hill Cipher is a linear cipher, if someone were to figure out the key matrix from the invertible matrix then they would be able to decipher the message. Because this cipher is a completely linear computation, this means that it is not that secure. <br />3.1.3 Vigenere Cipher<br />The Vigenere Cipher was invented by Blaise de Vigenere in 1585. This cipher uses both a Shift Cipher and a Substitution Cipher simultaneously. The key for this cipher is some keyword, of length m, that the sender chooses it to be.<br />3.1.3.1 Vigenere Cipher Encryption and Decryption Process<br />
The first step in encryption process is to generate the keyword. This is completed when the sender of the message enciphers the keyword into numeric form; when each letter is converted from A=0 to Z=25. This keyword is shared between both sender and receiver of the message
88.
The next step of the encryption process is for the sender of the message to covert their message into numeric form by A=0 to Z=25.
89.
Now the sender of the message has to arrange the keyword and the message so that they are lined up with the first letter of the each word together, the second letter of each word together, and so on. If there is not enough letters in the keyword, then the keyword is repeated until the number of letters in both the message and keyword are the same.
90.
Since the message and keyword are aligned correctly, with no empty spaces, the sender of the message adds the message and keyword together to get the ciphertext.
91.
If any of these numbers in the ciphertext are greater than 25, then in order for these letters to get back within the alphabet of A=0 to Z=25 these numbers are divided by 26 and the remainder becomes the new ciphertext. An equation to perform on each term in the message would be ciphertext=(keyword +message)(mod 26).
92.
The sender converts the new ciphertext back to letter form. This is the message that is sent over an insecure channel to the receiver.
93.
Now that the receiver of the message has the new ciphertext and the keyword, they can begin to decipher the message. They do this process just opposite of the encryption process.
94.
The first step that the receiver of the message has to perform is to decode the message back into numeric form.
95.
By taking the ciphertext they received and aligning the keyword directly under it (repeating the keyword to be the same length of the ciphertext), the receiver subtracts the keyword from the ciphertext to produce the original message.
96.
If any negative numbers are produced during the subtraction of the keyword from the ciphertext, then these numbers need to be converted so that they correspond to the alphabet. Therefore, we need to acquire numbers between 0 and 25. In order to make the negative numbers positive, we can add another alphabet to the number. This means that the value 26 has to be added to the number to bring it back into the alphabetic range of numbers. For example if a number is -14, then -14+26=12 and 12 is the new number in the message. An equation to use for each term of the ciphertext to get back to the original message would be message = [(ciphertext-keyword) + 26](mod 26).
97.
Next, convert each number back to its letter form to obtain the original message. This should match the original message that the sender wanted to send.
104.
Now the keyword and the message have to be added together to get the ciphertext. So, Sue arranges the keyword underneath the plaintext numbers and adds them together to get the ciphertext.
108.
Since the last character in the ciphertext is greater than 25, Sue has to perform modulo 26 upon it to determine its new letter in the ciphertext. So, 28 mod 26 = 2. Now the new ciphertext is: 20 10 22 21 18 2. Sue enciphers this back to letters to get UKWVSC. Since this ciphertext is in encrypted form, no one other than the sender and receiver can read the message. Therefore the ciphertext message UKWVSC is what Sue sends to Rob over an unsafe channel.
109.
Now that Rob has received the ciphertext message UKWVSC, he can start decrypting the message by first decoding the message back into numeric form. From this he produces ciphertext is: 20 10 22 21 18 2. Since the keyword is shared between the sender and the receiver of the message, then Rob already knows the keyword to the message; he already knows that the keyword is: 2 8 15 7 4 17.
110.
In order for Rob to find the original message, he has to subtract the keyword from the ciphertext numbers. So Rob arranges the keyword underneath the ciphertext number and subtracts they keyword from the ciphertext to get the plaintext.
Since -14 is not in the alphabet (remember A=0…Z=25) then Rob needs to add 26 to make this number convertible to a number in the alphabet. So -15+26=11. Now the new plaintext is: 18 2 7 14 14 11. Once Rob converts these numbers back to letters he gets SCHOOL, which is the original message that the Sue wanted to send to Rob!
111.
To show how the Vigenere Cipher works with any keyword and message I have implemented an example of the cipher in a C++ program. The code for this cipher can be found in the Appendix under the program section.
This cipher is similar to that of the Shift Cipher where a message can be enciphered and deciphered using a table; not even realizing that mathematics is utilized. This hidden mathematical version of the Vigenere Cipher is explained by utilizing a table called the Vigenere Tableau, which contains 26 sets of alphabets. The first row is straightforward and it starts with A and ends with Z. The next row of the table starts with B and ends with A. Each row starts with the next letter of the alphabet until the last row, which starts with Z and ends with Y. This shows that each row is shifted over one more than the previous row is. The row of the plaintext alphabet is placed over the top of the 26 alphabetic rows and the column of the key alphabet is placed down the side of the 26 alphabetic rows. The Vigenere Table can be seen in the Appendix under the table section of this paper. <br /> To fully understand how the Vigenere Cipher works using the hidden mathematical technique, let us consider an example using the same key, plaintext, and ciphertext as the last example. <br />Encipher:Keyword: CIPHER and Plaintext: SCHOOL<br />Instead of converting the keyword and plaintext to numbers to encipher the message, the first step in using the hidden technique is to take the C from the keyword and find that row on the Vigenere Table. Then, using the letter S and the plaintext column on the table, find the column that contains the letter S. Once you have found both key row and plaintext column, find where they meet on the table. This is the first letter of the encrypted message, or the ciphertext. When the key letter C and plaintext letter S meet, the ciphertext letter is U. Where I and C meet is K, P and H is W, H and O is V, E and O is S, and R and L is C. Therefore, the encrypted message to be sent out is the ciphertext UKWVSD. This is exactly the ciphertext from the mathematical technique too!<br />If we were using the other form of encryption, this would be where the addition of the keyword letters and the plaintext letters would occur. To understand how this version of the cipher is related to the mathematical version, it is important to prove why the hidden math version of the Vigenere Cipher proves it works. As shown, when the letters of the keyword and plaintext meet in the table, they form a specific ciphertext letter. For this example, it is obvious that the keyword letter C and the plaintext letter S meet, the ciphertext letter U is formed. To prove that this version of the cipher proves the apparent mathematical version of the cipher, we need to look at the encryption and decryption of these letters in the mathematical example of the cipher. In that example of the Vigenere Cipher, we enciphered the keyword and plaintext letters to numbers where A=0 to Z=25 and obtained C=2 and S=18. Then we added them together and the ciphertext number was 20. When converted back to a letter, we obtained the letter U. The same letter is obtained from matching the keyword and plaintext letter in the Vigenere Table as is from adding the keyword and plaintext. This illustrates that using the Vigenere Table in the hidden mathematical cipher is another way to see how the apparent math cipher enciphers a message. <br />Decryption: Ciphertext: UKWVSD and Keyword: CIPHER (from before).<br />The first step for the decryption of the hidden mathematical technique is to take the C from the keyword and find that row on the Vigenere Table. Then, using the letter U from the ciphertext that was received, find that letter in the same row of the keyword letter, which is C in this case. Once the keyword letter and ciphertext letter are found in the same row, find the column that the ciphertext letter is in and this is the plaintext letter. For this example, when the key letter is C and ciphertext letter U meet in the same row, the plaintext letter is S. Where I and K meet the plaintext letter is C, P and W is H, H and V is O, E and S is O, and R and C is L. Therefore, the decrypted message is the plaintext, SCHOOL. This is the original message!<br />If we were using the other form of encryption, this would be where the subtraction of the keyword letters from the ciphertext letters would occur. Even though the math is hidden in this version of the Vigenere Cipher, it is relevant to see how this hidden math version matches the decryption of messages in the apparent math version as well. As shown, when the letters of the keyword and ciphertext meet in the table, they form a specific plaintext letter. For this example, it is obvious that the keyword letter C and the ciphertext letter U meet, the plaintext letter S is formed. To prove that this version of the cipher explains the apparent mathematical version of the cipher, we need to look at the encryption and decryption of these letters in the mathematical example of the cipher. In the other example of the Vigenere Cipher, we enciphered the keyword and ciphertext letters to numbers where A=0 to Z=25 and obtained C=2 and U=20. Then we subtracted the keyword number, which is 2 from the ciphertext number, which is 20 and obtained the plaintext number, which is 18. When converted back to a letter, we got the letter S. The same letter is obtained form from matching keyword and ciphertext in the Vigenere Table as is from subtracting the keyword from ciphertext. This concludes that using the Vigenere Table is another way to decipher a message even if the mathematics is hidden. <br />Due to the fact that the substitution of each letter of the cipher depends on what letter is currently being enciphered or deciphered at that time, the Vigenere Cipher reveals that the keyword controls the letter substitution of the cipher. It also shows that “The number of possible keywords of length m in a Vigenere Cipher is 26m” where m is the keyword length that the sender chooses (Stinson 13). <br />As we can see, the hidden mathematical encryption and decryption process is faster because there is no physical addition and subtraction of the plaintext or ciphertext from the keyword. Although this technique may not seem conducive to maintaining any form of secrecy, it was used for military purposes because of its speed and feasibility. Due to the simplistic from of encryption and decryption aided by the hidden mathematical version of the Vigenere Cipher, messengers were able to encrypt and decrypt their messages promptly and easily during wartime. <br />3.2 Public Key Cryptography<br />Public Key Cryptography, which was introduced by Whitfield Diffie and Martin Hellman in 1976, is the most essential branch of cryptography. Not only does it maintain the security of messages more so than Private Key Cryptography, but it also functions to preserve the user’s identification. <br />Public Key Cryptography, which is also referred to as an Asymmetric Key Algorithm, has two very distinct uses: it serves to encrypt and to decrypt messages, as well as to verify digital signatures (RSA Laboratories 1.4, 1.7). “Digital signatures enable the recipient of information to verify the authenticity of the information's origin, and also verify that the information is intact. Thus, public key digital signatures provide authentication, data integrity, and non-repudiation, which prevents false communication between two people” (Network Associates, Inc. Digital Signitures). Public Key Cryptography clearly instills trust in the sender and receiver of the message that the data has not been tampered with during communication and that the message has in fact come from the intended person. Since data integrity and authentication are preserved, it is obvious why Public Key Cryptography is the safer, more effective branch of cryptography used today. <br />Unlike a Private Key Cipher, the function of a Public Key Cipher uses two keys. The public key is distributed and posted publicly on a secure directory that both sender and receiver of the message trust. An example of a directory that contains the users’ public key is a Public Key Infrastructures (PKI). A PKI issues certificates to users, where anyone wanting to verify a person’s public key does through the certificate authority.<br />The other key, known as the private key, is kept secret only to the maker of the key. Each person involved, both the sender and receiver of the message, has his own private key that is unknown to everyone else but himself. Because each sender and receiver keeps his private key to himself, this allows for less leaking of keys and therefore more security of message transportation (RSA Laboratories 1.3). In a Private Key Cipher, each sender and receiver shares the same private key to encrypt and decrypt messages while in a Public Key Cipher, two keys are needed to communicate a message: a private key and a public key. In essence each person, the sender and receiver, both have a pair of keys for a Public Key Cipher; they each have a public key and a private key. <br />As stated before, there are two substantial uses for Public Key Cryptography, encryption and decryption of messages and digital signatures. In order for Sue to send a secret message to Rob, she first needs to look up Rob’s public key in the secure directory. This is the key that Sue will use to encrypt the message she wants to send to Rob. Once Sue uses Rob’s public key and encrypts the message with it, the message is sent to Rob as the ciphertext. Rob uses his private key on the ciphertext message to decrypt the message that Sue sent to him. Since Rob is the only person that knows his private key, only he will be able to read the message. “Anyone with the public key can encrypt a message but not decrypt it. Only the person with the private key can decrypt the message” (Schneier 31).<br />While two keys may seem like double the work to send a secure message, after studying the incorporation of each sender and receiver’s private key with the public key, it is apparent that “the need for the sender and the receiver to share information is eliminated; all communications involve only public keys, and no private key is ever transmitted or shared” (RSA Laboratories 2.1.1). It is obvious that when each receiver of the message has their own private key to use for decrypting a message, it is much more secure from any outsider than if it were only one private key that was shared between both the sender and receiver. <br />To explain a general description of a message through a Public Key Cipher, we will let Rob be the receiver, and Sue be the sender of the message. To show what the encryption of a message would look like, it is shown as: c=Ee(m), where c is the ciphertext and m is the message. If Sue wants to send a message to Rob, then she encrypts the message (E) with Rob’s public key (e) and sends him the ciphertext. Rob receives the ciphertext and decrypts his message (D) using his private key (d). Rob is the only one who can correctly decrypt the message because he is the only one who knows his private key d. A decryption of the ciphertext is shown as m= Dd(c) where this generalization shows how the encryption and decryption take place between two entities using a Public Key Cipher (Menezes, van Oorschot and Vanstone 283).<br />To better understand this concept of Public Key Cryptology, it is easiest to imagine an analogy of a locked mailbox. Putting mail into the mail slot is very easy and anyone could do this. This is similar to encrypting a message with the sender’s public key. Anyone could do this because all they would have to do is look up the person’s public key on the secure directory. Getting the mail out of the mailbox would be similar to decrypting the message with the receiver’s private key. This is hard to do unless you are the owner of the mailbox and you have the key. Like Public Key Cryptography; it is easy only for the receiver of the message to decrypt the message because only they have the private key to do so. Due to the discrete way that Public Key Cryptography handles the management of the private and public keys in various messages, it is obvious that Public Key Cryptography is superior to Private Key Cryptography and hence, more precise for the security driven world that we live in today.<br />Given that anyone can encrypt a message and knowing that only the receiver of the message conceals the private key to decrypt to the message, it is impossible for anyone other than the receiver of the message to encrypt or decrypt a message of a Public Key Cipher. This is why the messages in Public Key Ciphers are based on the mathematics of one way functions, and are sometimes also called Trapdoor functions. <br />3.2.1 Digital Signatures<br />The other main function of Public Key Cryptography is that it enables digital signatures. This proves to Rob that it really was Sue who sent him the message. In order for a document to be signed correctly using Public Key Cryptography, some specific actions need to take place. For Sue to digitally sign her message, she needs to use hash technology, which means she needs her private key and the receiver’s public key to encrypt a digital fingerprint at the end of the encrypted message to Rob. When Sue encrypts her message and signature, “the output is called a digital signature and it is attached to the message” (RSA Laboratories 2.1.1). Since Sue is the only one who knows her private key, it is safe to conclude that this digital signature is unique to only her. Therefore, it is inferred that a digital signature is an essential tool used to prove one’s identity and is unique to each individual. In order for Rob to verify that it is Sue’s digital signature, he needs to decrypt the message and signature that were sent to him by Sue, using the received message, his private key, and Sue’s supposed digital signature. After decrypting the message and the signature using Rob’s private key and Sue’s public key, Sue’s public key should match the decryption of the signature, which would mean that the message did in fact come from Sue. If the signatures do not match, then either the message did not come from Sue or the message was altered during the communication time. This process is also illustrated through the diagram on the next page which shows how digital signatures are encrypted, decrypted, and verified from sender to receiver.<br />An example of the use of digital signatures through a Public Key Cipher is internet security; for instance shopping online leaves a person’s information exposed to many other entities using the internet. E-commerce security is used to protect each person’s name, address, phone number, and more importantly, their credit card number and social security number during transactions over the internet (Menezes, van Oorschot and Vanstone 25). When a purchase is made online a great deal of confidential information is entered on the internet; “however, simply entering a credit card number [or any other private information] on the internet leaves one open to fraud” (RSA Laboratories 1.4). The information that is known to only the person who enters it, acts as their private key. These private records can be their social security number, credit card number, name, address, and any other secret information they do not want others to know. Once the buyer’s information is put into the computer, the computer encrypts it using the purchase as the message and the web server as the receiver’s public key. This is then sent to the receiver of the message, which in this case, is the e-commerce site. This web server then decrypts the message with their private key which no one else knows, so that no one else can obtain their customers’ private information. <br />As revealed, e-commerce security is undoubtedly a complex process that is not fully recognized for its intricacy. “It has been said that one is safer using a credit card over the Internet than within a store or restaurant. It requires much more work to seize credit card numbers over computer networks than it does to simply walk by a table in a restaurant and lay hold of a credit card receipt” (RSA Laboratories 1.7). Although people may have misconceptions that shopping online is unsafe or risky, if a web site is utilized properly, then it is even more safe then shopping in a store where a credit card or a receipt is liable to physically be stolen. <br />3.2.2 Identity Authentication<br />Public Key Ciphers are also currently used to protect personal identification, known as identity authentication, and other financial aspects. Like digital signatures, this too assures one party the correct identity of the second party. This is mostly used in banking transactions because it encrypts personal identification numbers (PIN’S) and account transactions carried out by automatic teller machines (ATM’S). An example of this kind of identification would be when a person provides an ATM with his or her PIN, and their bank card, which contains their name and account number. The ATM uses this information and their PIN to verify and identify the card holder. The ATM acts as a public key of the receiver because it is in a secure directory. Once the card is put into the ATM, it prompts the user for their PIN, which acts as the sender’s private key because no one else knows this number but the user. If the PIN matches the account number, they are granted access to their account. If not, then the ATM assumes that someone else is trying to use this account and therefore, access is denied. Hence, the sender’s private key (PIN and account number) are decrypted by the receiver’s private key (ATM); if the sender’s public key (the information on the back of their ATM card) matches the right account number, then the transaction is successful and access is granted to the service requested. This type of public key is different from before where the public keys were posted on secure servers; these public keys are located in the corresponding banks that the clients patronize. This means that the bank has their account number and address; hence their information is public to the bank (RSA Laboratories 1.7).<br />Now that we have seen how Public Key Ciphers interact with us today, let us look at some ciphers such as the RSA Cipher and the ElGamal Cipher that enable these instances to happen.<br />3.2.3 RSA Cipher<br />The RSA cipher was the first practical Public Key Cipher established and is still the most widely used cryptosystem of all the Public Key Ciphers. It was invented by R. Rivest, A. Shamir, and L. Adleman in 1978 with the purpose of providing secrecy when transferring messages and even sometimes digital signatures. <br />The requirement for the keys in the RSA Cipher is that they have to be very large prime numbers. Since there are an infinite number of prime numbers (Theorem 1 in the Appendix proves this), it is imperative that the primes of the RSA Cipher are “…selected are such that, n=pq, cannot be factored…” (p and q being the two prime numbers and n being part of the key itself) (Menezes, van Oorschot and Vanstone 187). The prime numbers p and q should both be about the same size in order to make large enough prime numbers for the key of this cipher. <br />The most difficult issue for encrypting and decrypting messages through the RSA Cipher is determining the correct keys to use. Since there are an infinite number of prime numbers, it is hard to distinguish between what is a prime and composite number when we are dealing with large numbers. Hence, interpreting whether a large number is prime or composite is problematic when generating the private and public keys for this cipher. This is where primality testing is utilized. <br />3.2.3.1 RSA Cipher Key Generation<br />In order for the RSA Cipher to encipher and decipher messages correctly each person must generate a public key and a private key; each private key is made of one positive integer while each public key is made of two positive integers. Key generation of the RSA Cipher is the most intricate part of the cipher because of the complex process of prime number generation. The procedure of the key generation is a tedious process consisting of these steps:<br />
Pick two exceptionally large prime numbers p and q; these two numbers should be around 100 digits or longer. In order to make sure that these numbers are truly prime, then p and q need to go through primality testing. If p and q both pass the primality tests, then they both are considered prime, and we can move on.
112.
Let n=pq, where n is the modulus for both the private keys and the public keys.
113.
Under Euler’s Totient Function we know that Ø(n)=(n-1), when n is a prime number. Since n=pq, then we can see that Ø(n)=(p-1)*(q-1) because p and q are prime numbers.
114.
Select an integer e < Ø(n) such that e is relatively prime to Ø(n). This means that we need to find a number such that gcd(e, Ø(n))=1.
115.
Now we calculate the multiplicative inverse of e modulo Ø(n); we will let the multiplicative inverse of e modulo Ø(n)= d. This means that we need to find an integer d such that ed=1(mod Ø(n)). We know that if gcd(e, Ø(n))=1, then there is some integer d such that ed=1(mod Ø (n)). This is true by modular arithmetic and its properties (in particular by property 1); if gcd(e, Ø(n))=1, then there exist integers c and d such that Ø(n)c+ed=1. Then ed-1= -Ø(n)c and so ed=1(mod Ø(n)). But since e and Ø(n) are relative prime, (we know this by Euler’s Theorem) then e Ø (Ø (n))=1(mod Ø(n)). Now there exists a positive integer k such that ek=1(mod Ø(n)). But, we already know that ed=1(mod Ø(n)) and now ek=1(mod Ø(n)). So now ed= ek. By dividing e from both sides we get d= ek-1. Hence the multiplicative inverse of e (modulo Ø(n)) is ek-1.
116.
The public key is(n,e). This is known to everyone and is posted on a secure server for anyone to see.
117.
The private key is d. This is known only to the creator of d.
118.
This is the method that each person constructs in order to determine their private key and public key for the RSA Cipher. Once this method is complete both correspondents are ready to exchange messages!
3.2.3.2 RSA Cipher Encryption and Decryption Process<br />Although key generation is essential to accurate conversion of messages within the RSA Cipher, it is also essential that a precise way of enciphering the message is carried out. In order for a message to be enciphered correctly, it has to go through rigorous steps in order to preserve its integrity.<br />
The first step in the encryption process is to encipher the message into numeric form. This is done by converting each letter from A=0 to Z=25 and a space=26. If the message is <n (n is one of the number of the receiver’s public key), then we can let the message =m. If the enciphered message is ≥ n, then m has to be broken into blocks. These blocks can be any size that the sender of the messages chooses them to be, but they have to be <n. These blocks of messages can then go through the same encryption process letting each block of message =mi.
119.
Using the public key (e, n) and the private key (d), the equation for the encryption process is Ci=(Mi)e (mod pq) and the equation for the decryption process is Mi=(Ci)d (mod pq) where pq=n, C=the enciphered ciphertext message, and M=the original plaintext message.
120.
We know that when a message is enciphered and deciphered correctly, it will ultimately be the original message. We also know that C=(M)e (mod pq) and that M=(C)d (mod pq) for each message, whether it is broken into blocks or not. This means that we can substitute the ciphertext (enciphered message) into the decryption equation and produce the correct message. So, by substitution:
122.
M(mod pq) =((M)e (mod n))dMed(mod n)=((M)e (mod n))d by modular arithmetic theorem (property 11)But we recognize M=((M)e (mod n))d so now Med(mod n)=M .
123.
We know from the key generation that the inverse of e modulo Ø(n)= d because gcd(e, Ø(n))=1. This means that d is an integer such that ed=1(mod Ø(n)). We also know that this means ed=1+r(Ø(n)) for some integer r, by modular arithmetic (property 2).
124.
Now we substitute ed=1+r(Ø(n)) into Med. Then we get:
131.
Therefore Med=M(mod n) or also M=Med (mod n). But we know that d is the multiplicative inverse of e, so M=M(mod n) which is the original message!
132.
This proves that when someone uses their private key (d) to decrypt a message that was encrypted using their public key (n,e), they get the original message!
133.
If we let the decryption M=(C)d (mod pq) equal a function, called g(m) and let the encryption C=(M)e (mod pq) equal a function called f(m), then we have just shown that g(f(m))=m. This means that f is an inverse mapping of g, or in other words the encryption and decryption are one to one functions.
Example of RSA Cipher:<br />
Key generation:
134.
Rob, the receiver of the message, chooses two prime numbers p and q. In a RSA Cipher p and q are very large prime numbers (usually around 100 to 200 digits long), but to demonstrate the example of the cipher, these prime numbers are very small. p=5 and q=13n=pq=5x13 =65
135.
Ø(n)=(p-1)(q-1)= 4x12= 48Rob chooses e such that e is relatively prime to Ø(n). By using the Euclidean algorithm, we can establish and e such that gcd(e,Ø(n))=1. If we let e=7, then gcd (7, 48) =1 and therefore e=7 is relatively prime to Ø(n)=48.
136.
Now Sue, the sender of the message, can obtain Rob’s public keys (e, n)=(7, 65) so that she can send a message to Rob.
138.
Let’s say the message that Sue wants to send to Rob is ‘Hi Rob’. The first thing that needs to be done is to convert the message into numeric form. This can be done by A=0..Z=25 and a space=26.
139.
The message ‘Hi Rob’ becomes m=07 08 26 17 14 01, where single digit letters are replaced with a 0 then their digit (ex I=09).
140.
Since m >n (m=070826182004, and n=65), then the message has to be broken into blocks so that m<n.
141.
We can break this message down into 6 blocks of two digits such that m1=07, m2=08, m3=26, m4=17, m5=14, and m6=01. All the m’s are <n so now we can compute the encryption of each m by the encryption equation.
173.
So Rob’s message is M =M1, M2, M3, M4, M5, M6=070826171401.
174.
Since the encrypted message was broke into 6 blocks of 2 digits to begin with, then we need to do the same for the decrypted message: 07 08 26 17 14 01.
175.
When the decrypted message is converted back to letters we get ‘Hi Rob’, which is the original message from Sue!
176.
By looking at Diagram 2 in the Appendix, it is much easier to obtain a visual idea of the magnitude of an RSA Cipher. This cipher in the Appendix is the RSA 100 Cipher, meaning that its module n contains 100 digits. This cipher, although not very secure because of the ‘small’ key length (most RSA Ciphers usually have keys that are around 200 digits in length), is composed of two prime numbers. By looking at this example of the RSA Cipher, we can see why trying to encipher or decipher a message with this magnitude would be too demanding for anyone.
3.2.4 ElGamal Cipher<br />The ElGamal Cipher was first established in 1985 by an Egyptian Cryptographer Taher Elgamal. This cipher is similar to that of the RSA Cipher because it too uses large prime numbers for its key generation. But unlike the RSA Cipher, this cipher depends on the discrete logarithm function and is used more so for digital signatures than encryption. We know that logarithms are easy to compute in the field of real numbers, (ex QUOTE is also stated as QUOTE , but what happens in a finite field? This is why the ElGamal Cipher is hard to compute, as well as the reason why the discrete logarithm function and primitive roots work for the encryption and decryption of this cipher. <br />Another unique aspect of the ElGamal Cipher is that distinctive encryptions of the same message can be performed by choosing different numbers during the encryption method. This is amusing because even when a different number is presented into the same message encryption, the original message is still produced correctly. <br />3.2.4.1 ElGamal Cipher Key Generation<br />In order for the ElGamal Cipher to encipher and decipher messages correctly, each entity must generate a public key and a private key, where each public key is made of three positive integers while each private key is made of one positive integer. The procedure of the key generation consists of these steps:<br />
Pick a very large prime number p. In order to make sure that this number is truly prime, then p needs to go through the primality tests. If p passes, then it is considered prime, and we can move on.
177.
Pick two other random numbers that are less than p-1. Let’s call them x and g where g is a primitive root of p.
178.
Now we can compute y = gx (mod p) since we are given p, g, and x.
179.
Public Key is (p,g,y). This is published to everyone.
180.
Private key is (x). This is known to only the person who generated x.
3.2.4.2 ElGamal Cipher Encryption and Decryption Process<br />
The first step in the encryption process is that the message M needs to be enciphered into numeric form. This is done by converting each letter from A=0 to Z=25.
181.
The sender of the message needs to make sure the M < p or else this cipher will not work. If M > p, then they need to break M into groups and pass M in multiple parts to the receiver of the message.
182.
A random number k needs to be generated such that k < p-1.
183.
Let some variable a= gk(mod p) and another variable b= ykM (mod p), where y is our key from before to the kth power, multiplied by our message M, modr p.
184.
This is also where k can take on different values and the original message will still be encrypted and decrypted correctly.
185.
These values (a,b) become our ciphertext to be passed to the receiver of the message.
186.
The receiver needs to compute (ap-1-x)(mod p) using their private key. Then they can use this as a-x to computer M= [(a-x)b](mod p) in order to recover the message.
187.
We can prove that the decryption works because
194.
Rob, the receiver of the message, selects the prime number p=101. In an ElGamal Cipher, p has to be a very large prime number in order to preserve security, but to demonstrate the example of the cipher, these prime numbers are very small.
195.
Rob picks two other random numbers that are less than p; x and g such that g is a primitive root of p. Because g is a primitive root of p, then we know that x is the discrete logarithm to base g modulo p by the definition of the discrete logarithm.
196.
By determining the primitive roots of a number, we find that 2 is a primitive root of 101. So we can see that 2 is a primitive root of 101, therefore I will let g=2 because 2 is a primitive root of 13.
203.
Sue, the sender of the message, first needs to encrypt the message into numeric form. Let’s say that the message that Sue wants to send to Rob is ‘At’. The first thing that needs to be done is to convert the message into numeric form. This can be done by A=0..Z=25. When enciphered M=00 19=19. She needs to make sure her message is less than Rob’s public key p, if it is not she needs to break the message into blocks and then send it to Rob.
Now Sue chooses a random number k such that k < p-1. So she can let k=10. Now she can determine:<br />a= gkmod p and b= ykM mod pa= 210(mod 101) and b= 71019 (mod 101)a=[25(mod 101)*25(mod 101)](mod 101) andb=[75(mod 101)*75(mod 101)*19(mod 101)](mod 101)a=14 and b=23<br />These values (14,23) become the ciphertext to be passed to the receiver of the message. <br />
Deciphering the Message:
204.
Now that Rob has received the ciphertext (14,23), he can begin decrypting the message. Remember that he knows x, because it is his private key and b=ykM mod p and a=gkmod p. So Rob computes (ap-1-x)(mod p) and M= [(a-x)b](mod p) in order to recover the message.
But as stated before, k can take on different values as still produce the same message. Let us take a look at an example of the same message with a different value for k.<br />
Enciphering the Message:
211.
Remember that k < p-1, where k=10 before. Now let’s have k=7. Now she can determine:
a= gkmod p and b= ykM mod pa= 27(mod 101) and b= 7719 (mod 101)a=[25(mod 101)*22(mod 101)](mod 101) andb=[75(mod 101)*72(mod 101)*19(mod 101)](mod 101)a=27 and b=94<br />These values (27,94) become the ciphertext to be passed to the receiver of the message. <br />
Deciphering the Message:
212.
Now that Rob has received the ciphertext (27,94) he can begin decrypting the message. Remember that he knows x, because it is his private key and b=ykM mod p and a=gkmod p. So Rob computes (ap-1-x)(mod p) and M= [(a-x)b](mod p) in order to recover the message.
As we can see it is easy to compute M from a, x, p, and b, when they are all known, but there is no efficient way of calculating x when only a, b, and p are known. This is where discrete logarithm comes into play as the security of this cipher; because x is the private key of the receiver, some outside entity will never know x, and therefore will have to find x by brute force in order to break this message. But as we know, working with large prime numbers makes factoring and even finding such numbers very difficult. Therefore, we can see why this cipher is one of the hardest ciphers to break. <br />3.3 Effectiveness of Ciphers<br />There are many reasons why one cipher is dominant over another; the most important factor being security. Ciphers that have bigger key sizes tend to be more successful over others. With a bigger key size they have a more complex encryption and decryption method and therefore, the cipher is harder to break. A theory that advocates this notion is Shannon’s Theory. This theory states that a cipher has to have a key that is at least as long as the plaintext being encrypted (or ciphertext being decrypted) in order to be unbreakable (Menezes, van Oorschot and Vanstone 307).<br />Other reasons why a cipher may be more effective than another is the usability, feasibility, and the convenience of the cipher. In 1883, Auguse Kerckhoff wrote ‘La Cryptographie Militarie’, which tells of six basic requirements for all ciphers to be efficient. They are: 1- Ciphertext should be unbreakable, at least while in practice. 2- Any compromise of the system should not inconvenience the people working with it. 3- The key should be able to be changed and remembered easily. 4- The encrypted message should be able to be transmittable by telegraph. 5- A cipher should be portable enough for anyone to use. 6- It should not require that many rules need to be known, and it should not be mentally exhausting to use it (Cohen 2.1). Simply stated, to be a valuable cipher, thecipher should have a fast and successful encryption and decryption method that uses little resources such as machines, people, and time.<br />3.3.1 Public vs. Private<br />Since there are many advantages of using one cipher over another, there are also benefits of using either Private Ciphers or Public Ciphers. The keys tend to be shorter in Private Key Ciphers than those in Public Key Ciphers. Smaller keys also make enciphering and deciphering easier and faster than Public Ciphers (Menezes, van Oorschot and Vanstone 31). Private Key Ciphers also tend to be less computationally intensive due to shorter keys. For example, in Private Key Ciphers the key is usually just a word encrypted, where as Public Key Ciphers keys consist of many mathematical steps; making it harder to break Public Key Ciphers. Due to the dissimilar process of key generation, Private Key Ciphers utilize few mathematical algorithms, while Public Key Ciphers require many mathematical algorithms to produce keys. For this reason, Public Key Ciphers are not as simple and easy to use as Private Key Ciphers, and therefore much more challenging for them to be broken. <br />Although it would seem like an advantage that Private Key Ciphers are much faster at encrypting and decrypting messages, this actually works at a disadvantage; with smaller keys, Private Key Ciphers have fallen to many more attacks than Public Key Ciphers have. For this reason, Public Key Ciphers tend to be longer and more complex, and therefore have many advantages. One such advantage is that the private key is kept secret, meaning each individual’s private key can stay unchanged for a considerable amount of time. Also, the sender and receiver do not have to share their key with one another; the chance of duplicating another’s private key, or an outsider intercepting a private key is taken away. For this reason, there is more security of messages when the private keys are kept secret. <br />Since public keys are previously known to anyone, this also makes Public Key Cryptography secure. Because these keys are open for the public to see there would be no harm if an outside entity obtained a public key. Along the same idea of the private keys, the public keys can also stay unchanged for a long period of time; since anyone can find a public key, there is no need to keep changing the key so that others cannot interpret it. <br />By recognizing that all keys of Public Key Cryptography can stay unchanged for a considerable amount of time which makes each person liable for their own private key, and that generating keys is much more computationally intensive than Private Key Ciphers, it is obvious that Public Key Cryptography is the more secure and confident choice when it is necessary to correspond over an insecure channel (Menezes, van Oorschot and Vanstone 32).<br />4. Conclusion<br />After studying cryptography and its two branches, Public Key and Private Key, it is obvious that they function in many different ways. For this reason, Public Key Cryptography has become the most secure division of cryptography, and therefore the one that is commonly used today. Due to this, we can see that the incorporation of specific mathematical algorithms enable Public Key Cryptography to prevail over Private Key Cryptography, and as a result why they are essential in maintaining the security of messages.<br />Although fast at encrypting and decrypting messages, Private Key Ciphers use few mathematical algorithms in the conversion of secret messages, and therefore renders it unsafe for its users and their messages. Only basic mathematical algorithms, such as addition and subtraction are incorporated with modular arithmetic and utilized throughout these ciphers. For this reason, these uncomplicated mathematical techniques leave the messages that are communicated with Private Key Ciphers open to adversaries who can break these codes easily. <br />By observing Private Key Ciphers, such as the Shift Cipher, Vigenere Cipher, and the Hill Cipher, the simple process that goes into encrypting and decryption messages with these ciphers becomes obvious. Looking into the key generation of any of these ciphers allows us to see that just choosing any word for the key of a cipher does not make a cipher secure. These straightforward details, and the strictly linear computations, leave these types of ciphers open to any attacks by outside entities. <br />Public Key Ciphers, which use computationally difficult mathematical algorithms such as the discrete logarithm or Fermat’s Little Theorem, along with modular arithmetic and prime numbers, are much more secure ciphers. In order for an adversary to break a cipher of this type, much more effort needs to be taken; not only would the adversary first have to discover the mathematical steps that go into determining key, but they also have to obtain the receiver’s private key.<br />Public Key Ciphers such as the RSA Cipher and the ElGamal Cipher have intricate processes that determine the keys of the ciphers. By examining the RSA Cipher, we find that large numbers and prime numbers are a significant detail in making these ciphers secure. There are an infinite number of primes, and the larger a number is, the harder it is to determine if it is prime or not. This enables us to see why key generation is one of the most difficult, but most secure parts of the RSA and ElGamal Cipher. <br />Mathematics obviously plays a crucial role in the development of each cipher and its security. As a result, the goal of each cipher is for an entity to be able to compute the cipher with ease, but for no outside adversary to be able to break it. Due to this, we can see the reason why it is a struggle to make a cipher easy enough for a user to compute, but difficult enough so not to be broken by outside entities.<br />Glossary<br />Adversary- The entity that is neither the sender nor the receiver of the message. They are also known as enemies, attackers, intruders, opponents, etc. They usually try to disguise themselves as either the sender of the receiver. <br />Algorithm- A list of mathematically based instructions used for the purpose of accomplishing a task such as encryption or decryption.<br />Asymmetric algorithm- An algorithm that is used for encryption and decryption in Public Key Ciphers. <br />Authentication- The process of verifying that a particular name really belongs to a particular entity. <br />Authenticity- The ability to make certain that the given information was in fact produced by the correct person and not modified or forged by some outside person.<br />Block Cipher- Cipher that encrypts data in blocks of a fixed size. <br />Channel- Used for conveying information from one party (entity) to another.<br />Cipher- An algorithm that transforms data between the plaintext and the ciphertext; encryption and decryption. Also called a cryptosystem.<br />Ciphertext- Data that has been encrypted with a cipher. <br />Code- Replaces a unit of plaintext (word or phrases) with other words or phrases to essentially cover them up.<br />Confidentiality- Ensuring that information is not revealed to people who are not intended to receive it. <br />Cryptanalysis- The study of mathematical methods for attempting to break cryptographic techniques. It is an attack on secret writing (cryptology). <br />Cryptography- The process of communicating with one another using numerous techniques, to keep messages secret from any intruders. It usually involves the use of ciphers,.<br />Data integrity- The person sending the message has to have the ability to detect when data manipulation (insertion, deletion, or substation) has occurred by an unauthorized party.<br />Decryption– From incoherent gibberish, also known as ciphertext, to ordinary information known as plaintext.<br />Encryption– Converting ordinary information, also called plaintext, and turning it into something unreadable, also known as ciphertext.<br />Entity- The person who is sending, receiving, or controlling the information for the message. It can be a person or a computer.<br />Integrity- To ensure that information is not modified except by people who are intended to modify it. <br />Key- It is a secret parameter that is known only to the communicators of the message. It controls the operation of a cipher because it enables the sender and receiver to encipher and decipher the message in distinctive ways.<br />Key word- Controls letter substitution in some ciphers (like the Vigenere Cipher).<br />Non repudiation- Keeps the entity from denying that they had a previous commitment with you. To keep the sender or receiver from stealing any secrets from each other.<br />Plaintext- Data that has not yet been encrypted (the original data).<br />Private key- The key used in Public Key Cryptography that belongs to the receiver of the message and is always kept secret. <br />Private Key Cipher- The type of cipher that uses the same key to encrypt and decrypt data and to decrypt data. Also called a symmetric algorithm. <br />Public Key- The key used in Public Key Cryptography that belongs to the receiver of the message and is distributed publicly. Others can use the public key to encrypt data. <br />Public Key Cipher -A cipher that uses a pair of keys, a public key and private key, for encryption and decryption. Also called an asymmetric algorithm. <br />Receiver- The entity that is the anticipated recipient of the message.<br />Secure Channel- A channel that is not accessible to the enemy (adversary). They cannot delete, insert or read any part of the message.<br />Sender- The entity that is the source or transmitter of the information.<br />Server -The person or entity in a networking relationship that provides service to clients on a network. Servers provide information such as a company’s public key.<br />Stream Cipher -A cipher that operates using a continuous data stream instead of processing a block of data at a time. <br />Symmetric Algorithm- An algorithm that is used to encrypt and decrypt Private Key Ciphers.<br /> Appendix<br />Tables:<br />Table 1:Shift Cipher<br />+26012345678910111213141516171819202122232425001234567891011121314151617181920212223242511234567891011121314151617181920212223242502234567891011121314151617181920212223242501334567891011121314151617181920212223242501244567891011121314151617181920212223242501235567891011121314151617181920212223242501234667891011121314151617181920212223242501234577891011121314151617181920212223242501234568891011121314151617181920212223242501234567991011121314151617181920212223242501234567810101112131415161718192021222324250123456789111112131415161718192021222324250123456789101212131415161718192021222324250123456789101113131415161718192021222324250123456789101112141415161718192021222324250123456789101112131515161718192021222324250123456789101112131416161718192021222324250123456789101112131415171718192021222324250123456789101112131415161818192021222324250123456789101112131415161719192021222324250123456789101112131415161718202021222324250123456789101112131415161718192121222324250123456789101112131415161718192022222324250123456789101112131415161718192021232324250123456789101112131415161718192021222424250123456789101112131415161718192021222325250123456789101112131415161718192021222324<br />Table 2:Primitive Root Sequences N=prime number and p=the primitive root.<br />NpSequence321,2521,2,4,331,3,4,2731,3,2,6,4,551,5,4,6,2,31121,2,4,8,5,10,9,7,3,661,6,3,7,9,10,5,8,4,271,7,5,2,3,10,4,6,9,881,8,9,6,4,10,3,2,5,71321,2,4,8,3,6,12,11,9,5,10,761,6,10,8,9,2,12,7,3,5,4,1171,7,10,5,9,11,12,6,3,8,4,2111,11,4,5,3,7,12,2,9,8,10,61731,3,9,10,13,5,15,11,16,14,8,7,4,12,2,651,5,8,6,13,14,2,10,16,12,9,11,4,3,15,761,6,2,12,4,7,8,14,16,11,15,5,13,10,9,371,7,15,3,4,11,9,12,16,10,2,14,13,6,8,5101,10,15,14,4,6,9,5,16,7,2,3,13,11,8,12111,11,2,5,4,10,8,3,16,6,15,12,13,7,9,14121,12,8,11,13,3,2,7,16,5,9,6,4,14,15,10141,14,9,7,13,12,15,6,16,3,8,10,4,5,2,11<br />Theorems:<br />Theorem 1: There are infinitely many prime numbers. <br />Proof: (by contradiction) <br />Suppose the opposite. Suppose that there are a finitely many prime numbers.<br />Let p1, p2, p3, p4,....,pn be the set of finitely many prime numbers. Let a=p1* p2* p3* p4....*pn. Then a+1=(p1*p2*p3*...*pn)+1. This is the product of all prime numbers +1.<br />When a+1 is divided by any prime number p, the remainder is 1 because a+1=(p1*p2*p3*...*pi-1*pi+1*...*pn)*pi+1. <br />This means that each time a+1 is divided by a prime number we get 1 as a remainder. Hence, a+1 has no prime factors. <br />->← Since a+1 has no prime factors this is a contradiction to the supposition that a+1 is the product of all prime numbers +1. a+1 cannot have no prime factors while simultaneously being the product of all prime numbers +1. Therefore, a+1 is a prime number. <br />Vigenere Cipher Program:<br />Vigenere Cipher:#include <iostream>#include <string> <br />using namespace std;<br />void initialize(char letter[29], int num[25]);void process_word(string& word, int keyword[255], char letter[29], int num[25]);void process_message(string& message, int encrypted_word[255], char letter[29], int num[25]);void print_keyword(int keyword[255], string& word);void print_finishedword(int finishedword[255], string& message);void print_finishedword2(int finishedword2[255], string& message);void print_encrypted(int encrypted_word[255], string& message); void add(int finishedword[255], int encrypted_word[255], string& word, string& message, int keyword[255]);void decode_finishedword(int finishedword[255], char decode[255], char letter[29], int num[25], string& message);void decode_finishedword2(int finishedword2[255], char decode[255], char letter[29], int num[25], string& message);void print_decoded(char decode[255], string& message);void subtract(string& word, char decode[255], int finishedword2[255], int finishedword[255], string& message, int keyword[255]);<br />int main(){char decode[255];int keyword[255]; char letter[29];int num[25];string character;int encrypted_word[255]; int finishedword[255];int finishedword2[255];string word;string message;cout << "
The Vigenere Cipher"
<< endl << endl;<br />//to convert the alphabet to numeric form.initialize(letter, num); <br />//Enter keywordcout << "
Key Generation"
<< endl;cout << "
Enter keyword with no spaces then press enter."
<< endl;cin >> word;<br /> // read characterprocess_word(word, keyword, letter, num);<br />//print numeric keyword cout << "
The keyword "
<< word << "
encodes to "
;print_keyword(keyword, word);cout << "
."
<< endl;<br />//Enter messagecout << endl << "
Enter message with no spaces and then press enter."
<< endl;cin >> message;<br />// read characterprocess_message(message, encrypted_word, letter, num);<br />//print numeric keyword, numeric message, and encypted message cout << endl; cout << "
The message "
<< message << "
encodes to "
;print_encrypted(encrypted_word, message);cout << "
."
<< endl;<br /> //add keyword + message togethercout << endl;cout << "
Encryption"
<< endl;cout << "
When keyword and message are added together, the encrypted word encodes to "
;cout << endl;add(finishedword, encrypted_word, word, message, keyword);<br />//print encypted messageprint_finishedword(finishedword, message);cout << "
."
<< endl;cout << endl;<br />//decrypt messagedecode_finishedword(finishedword, decode , letter, num, message);<br />//print the decrypted messagecout << "
This encodes to "
;print_decoded(decode, message);cout << "
."
<< endl;<br /> //subtract keyword from message cout << endl;cout << "
Decryption"
<< endl;cout << "
When the keyword is subtracted from the encrypted message, the decrypted word decodes to "
; cout << endl;subtract(word, decode, finishedword2, finishedword, message, keyword);<br />//print encypted messageprint_finishedword2(finishedword2, message);cout << "
."
<< endl;cout << endl;<br />//decrypt messagedecode_finishedword2(finishedword2, decode , letter, num, message);//print original messagecout << "
This decodes to "
;print_decoded(decode, message);cout << endl;cout << "
Which is the original message!!"
<< endl;cout << endl;<br /> return 0; }<br />void initialize(char letter[29], int num[25]){char j='a';for(int i=4; i<=29; i++)//initializes letter<br />{letter[i]=j;j++;}<br />for( i=0; i<=25; i++)//initializes number{num[i]=i;}<br />for (i=4; i<=29; i++)//convert letters to numbers A=0...Z=25.{cout<< letter[i] << "
="
<< num[i-4] << endl;}cout << endl;}void process_word(string& word, int keyword[255], char letter[29], int num[25]){for (int i=0; i <= word.length()-1; i++){int j=4;while(word[i]!=letter[j]){j++;}keyword[i]=num[j-4]; } }<br />void print_keyword(int keyword[255], string& word){ for(int i=0; i<word.length(); i++) {cout << keyword[i] << "
"
; }}void process_message(string& message, int encrypted_word[255], char letter[29], int num[25]){ for (int i=0; i <= message.length(); i++){int j=4;while(message[i]!=letter[j]){j++;}encrypted_word[i]=num[j-4]; }}void print_encrypted(int encrypted_word[225], string& message) { for(int i=0; i<=message.length()-1; i++) { cout<< encrypted_word[i] << "
"
; }}void add(int finishedword[255], int encrypted_word[225],string& word, string& message, int keyword[255]){ int i=0;int j=0;int mod=0;while(i!=message.length()){ finishedword[i]=(encrypted_word[i]+ keyword[j])%26;mod=finishedword[i];if (j<word.length()-1){j++;}else{j=0;}i++;}}void decode_finishedword(int finishedword[255], char decode[255], char letter[29], int num[25], string& message){for (int i=0; i <= message.length(); i++){int j=0;while(finishedword[i]!=num[j]){j++;}decode[i]=letter[j+4]; }}void print_finishedword(int finishedword[255], string& message){ int work=message.length()-1; for(int i=0; i<=work/*message.length()*/; i++) { cout << finishedword[i] << "
"
; }}void subtract(string& word, char decode[255], int finishedword2[255], int finishedword[255], string& message, int keyword[255]){<br /> int i=0;int j=0;int subtract=0;int work=message.length();while(i!=work){ //cout<<"
finishedword "
<< finishedword[i] <<"
-"
<< "
keyword"
<< keyword[j] << endl;subtract=finishedword[i]-keyword[j];if (subtract <0){subtract=26+subtract;}//cout << "
subtract "
<<subtract<<endl;finishedword2[i]=subtract;i++;if (j<word.length()-1){j++;}else{j=0;}}}void decode_finishedword2(int finishedword2[255], char decode[255], char letter[29], int num[25], string& message){for (int i=0; i <= message.length(); i++){int j=0;while(finishedword2[i]!=num[j]){j++;}decode[i]=letter[j+4]; }}void print_finishedword2(int finishedword2[255], string& message){ int work=message.length()-1; for(int i=0; i<=work/*message.length()*/; i++) { cout << finishedword2[i] << "
"
; }}void print_decoded(char decode[255], string& message){ for(int i=0; i<message.length(); i++) {cout << decode[i]; }}<br />Diagrams:<br />Diagram 1: Vigenere Cipher<br />Diagram 2:<br />RSA 100 Cipher:<br />RSA-100 = 37975227936943673922808872755445627854565536638199<br /> × 40094690950920881030683735292761468389214899724061<br />RSA-100 = 15226050279225333605356183781326374297180681149613<br /> 80688657908494580122963258952897654000350692006139. (Wikipedia Cryptography)<br />Works Cited<br />Brokaw, Naomi. UC Santa Cruz Mathematics. 30 4 2007. 1 5 2008 <br /><http://www.math.ucsc.edu/Undergraduate/newsletters/jan07.html>.<br />Cohen, Fred. "
2.1 - A Short History of Cryptography."
1990, 1995. Fred Cohen and Associates. 20 <br />September 2007 <http://all.net.books/ip/Chap2-1.htm>.<br />Denning, Dorthy Elizabeth Robling. Cryptology and Data Security. Reading: Addison-Wesley Publishing <br />Company, 1982.<br />Epp, Susanna S. Discrete Mathematics with Applications Third Edition. Belmont: Thomson Learning, Inc.,<br /> 2004.<br />"
How it Works."
Network World. 18 April 2008 <http://edge.networkworld.com/gif/1999/0517tech.gif>.<br />Koblitz, Neal. A Course in Number Theory and Cryptography. Seattle: Springer-Verlag New York Inc., <br />1987.<br />Lewand, Robert. Cryptological Mathematics. Washington: Mathematical Association of America, 2000.<br />Menezes, Alfred J., Paul C. van Oorschot and Scott A. Vanstone. Handbook of Applied Cryptography. <br />Boca Raton: CRC Press, 1997.<br />Michigan Tech-Physics. 27 March 2008 <http://www.phy.mtu.edu/~suits/quadprimitive.html>.<br />Network Associates, Inc. "
The International PGP Home Page."
1990-1999. PGP. 29 Jan 2008 <br /><http://www.pgpi.org/>.<br />RSA Laboratories. RSA Laboratories' Frequently Asked Quesitons About Today's Cruptography, Version <br />4.1. RSA Security Inc., 2000.<br />Schneier, Bruce. Applied Cryptography, Protocols, ALgorithms, and Source Code in C. 2nd Edition. New<br /> York: John Wiley & SOns, Inc., 1996.<br />Singh, Simon. The Code Book: The Evolution of Secrecy from Mary Queen of Scots to Quantum <br />Cryptology. New York: Double Day, 1999.<br />Stinson, Douglas R. Cryptography: Theroy and Practice. Boca Raton: CRC Press, 1995.<br />Weisstein, Eric W. MathWorld--A Wolfram Web Resource "
Discrete Logarithm. 22 March 2008 <br /><http://mathworld.wolfram.com/DiscreteLogarithm.html>.<br />Wikipedia. Cryptography. 6 September 2007.<br />
Be the first to comment