Chinese Remainder Theorem, Eucledian algorithm Quadratic Residues, Legendre’s symbol, Discrete log, Cyclic multiplicative group, Primality Testing, Fermat’s Theorem , Rabin-Miller’s Probabilistic Primality.

1. Basics of Cryptography

2. Problem statement
Let’s pretend that Bobby has a certain number of
pencils in his bag. If Bobby were to pull out pencils in
groups of 7, he would have 5 pencil in his bag.
Similarly, if Bobby were to pull out pencils in groups of
11, he would end up with 7 pencils left in his bag.
Finally, we know that if Bobby pulls out pencils in
groups of 13, he would end up with up 3 pencils left.
How many pencils does Bobby have in his bag?
HOW DO WE SOLVE THIS???????

3. Chinese Remainder Theorem
 Developed in the 3rd century by Chinese Mathematician Sun
Tzu.
 The Theorem
Suppose n1, n2, …, nk are positive integers which
are pairwise co prime. Then, for any given set of
integers a1,a2, …, ak, there exists an integer x solving
the system of simultaneous congruence.
(where x=x0 (mod n1*n2*n3..nk) )

4. unique solution is given as
x0 =(m2m3)b1.a1 +
(m1m3)b2.a2 + (m1m2)b3.a3
Eucledian algorithm
 Given two integers a & b, there exist a
common divisor d of a & b of the form
d= ax+by.

5. How do we apply this?
X == 5 (mod 7)
X == 7 (mod 11)
X == 3 (mod 13)

6. Significance in Cryptography
 In cryptography, the CRT is used in secret sharing through error-
correcting code.
 Let m1,m2,⋯mi be t pairwise relatively prime integers. Suppose
we have have a secret which is an integer s with 0≤s<m. The secret
s can be shared among t parties as follows. Let P1,P2,⋯Pt denote
the t parties that will share the secret. We give Pi the residue
si=s(modmi) the information known only to Pi. By the CRT the t
pieces of information si are sufficient to determine the original
secret s, but with anything less than t number of residue si cannot
determine the original s.
 Used in secret sharing algorithm like RSA.

7. Quadratic Residues
 For all x such that (x,n) =1 , x is called a quadratic
residue modulo n if there exists y such that y2x mod n
 Note: if p is prime there are exactly
(p-1)/2 quadratic residues in Zp*.
For eg:
X^2 = a mod 11
Then a can be –
1^2=1 , 2^2= 4…….
a={1,4,9,5,3}.
These are quadratic residue and {2,6,7,8,10} are quadratic
non residue.

8. Legendre’s symbol
 p – odd prime
 Definition:
 0, if p divides a
 1,if a is quadratic residue.
 -1, if a is quadratic non residue.

9. Significance in Cryptography
 The fact that finding a square root of a number
modulo a large composite n has been used for
constructing cryptographic schemes such as
the Rabin cryptosystem.
 The discrete logarithm is a similar problem that is
also used in cryptography.
 Graph theory
 Primality testing

10. Discrete log
 Fix a prime p. Let a, b be nonzero integers (mod p). The
problem of finding x such that ax ≡ b (mod p) is called the
discrete logarithm problem

11. Cyclic multiplicative group
 Some groups have a property, that all the elements in
the group can be obtained by repeatedly applying the
group operation to a particular group element. If a
group has such a property, it is called a cyclic group and
the particular group element is called a generator.
 21 ≡ 2 mod 5
22 ≡ 4 mod 5
23 ≡ 8 ≡ 3 mod 5
24 ≡ 16 ≡ 1 mod 5
 Applications : as this is a one way function it is used in
deffie hellman and other key exchange algorithms.

12. Primality Testing
 Introduction :
 The primality test provides the probability of
whether or not a large number is prime.
 Several theorems including Fermat’s theorem
provide idea of primality test.
 Cryptography schemes such as RSA algorithm
heavily based on primality test.

13. Definitions
 A Prime number is an integer that has no
integer factors other than 1 and itself. On the
other hand, it is called composite number.
 A primality testing is a test to determine
whether or not a given number is prime, as
opposed to actually decomposing the number
into its constituent prime factors.

14. Algorithms
 A Naïve Algorithm
◦ Pick any integer P that is greater than 2.
◦ Try to divide P by all odd integers starting from 3 to
square root of P.
◦ If P is divisible by any one of these odd integers, we
can conclude that P is composite.
◦ The worst case is that we have to go through all odd
number testing cases.
◦ Time complexity is O(square root of N)

15. Fermat’s Theorem
◦ Given that P is an integer that we would like to test
that it is either a PRIME or not.
◦ And A is another integer that is greater than zero and
less than P.
◦ From Fermat’s Theorem, if P is a PRIME, it will satisfy
this two equalities:
 A^(p-1) = 1(mod P) or A^(p-1)mod P = 1
 A^P = A(mod P) or A^P mod P = A
◦ For instances, if P = 341, will P be PRIME?
-> from previous equalities, we would be able to
obtain that:
2^(341-1)mod 341 = 1, if A = 2

16. ◦ It seems that 341 is a prime number under Fermat’s
Theorem. However, if A is now equal to 3:
◦ 3^(341-1)mod 341 = 56 !!!
◦ That means Fermat’s Theorem is not true in this case!

17. Rabin-Miller’s Probabilistic Primality
Algorithm
◦ The Rabin-Miller’s Probabilistic Primality test was
by Rabin, based on Miller’s idea. This algorithm
provides a fast method of determining of primality
of a number with a controllably small probability of
error.
◦ Given (b, n), where n is the number to be tested for
primality, and b is randomly chosen in [1, n-1]. Let
n-1 = (2^q)*m, where m is an odd integer.
• b^m = 1(mod n)
• b^m = -1(mod n)

18. ◦ If the testing number satisfies either cases, it will be said as
“inconclusive”. That means it could be a prime number.
◦ From Fermat’s Theorem, it concludes 341 is a prime but it is 11 *
31!
◦ Now try to use Rabin-Miller’s Algorithm.
 n = 401
n -1 = 400 = 24*25
k = 4, m = 25
a = 3
b0 = 325 = 268 (mod 401)
b1 = 325*2 = 45 (mod 401)
b2 = 325*22
= 20 (mod 401)
b3 = 325*23
= 400 (mod 401)
= -1 (mod 401
• Also, Let n be 341, b be 2. then assume:
◦ q = 2 and m = 85 (since, n -1 = 2^q*m)
◦ 2^85 mod 341 = 32
◦ Since it is not equal to 1, 341 is composite!

19. Thanks !!