信息安全概论课件-lecture0501
合集下载
相关主题
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
Introduction to Number Theory
3
Prime Numbers
Prime Numbers
• An integer p > 1 is a prime number if its only divisors are 1 and p • There are infinite number of primes • Distribution of Primes
– For any positive integer n, there are at least n consecutive composite positive integers s.t. (n+1)! + 2, (n+1)! + 3, … , (n+1)! + (n+1)
Cryptography & Network Security
– If P is the set of all prime numbers, then any positive integer can be written uniquely in the following form
– The value of any positive integer can be specified by listing all nonzero exponents (ap)
– The Prime Number Theorem
» Let (N) denote the number of primes not exceeding N. Then (N) is approximately N / lnN – Twin Primes » (Infinitely many) pairs of primes differ by two » e.g., (5, 7), (11, 13), (101, 103), (4967, 4969), …
Cryptography & Network Security
Introduction to Number Theory
Euler’s Phi-Function
• Definition Euler’s phi-function (n) is defined to be the number of positive integers less than n (including 1) that are relatively prime to n • Properties
• • • • •
Prime Numbers Fermat’s and Euler’s Theorems Chinese Remainder Theorem Discrete Logarithms Testing for Primality
Cryptography & Network Security
» » » » » Computing A from (a1, a2, … ,ak) is done as follows: Let Mi = M/mi for 1 ≤ i ≤ k, i.e., Mi = m1 m2 … mi-1 mi+1 … mk Note that Mi ≡ 0 (mod mj) for all j ≠ i and gcd (Mi, mi) = 1 Let ci = Mi x (Mi-1 mod mi) for 1 ≤ i ≤ k Then A ≡ (a1c1+ a2c2 + + akck) mod M ai = A mod mi, since cj ≡ Mj ≡ 0 (mod mi) if j≠ i and ci ≡ 1 (mod mi)
8
Fermat’s and Euler’s Theorems
• Proof
– The proof is completely analogous to that of the Fermat's Theorem except that instead of the set of residues {1,2,...,n-1} we now consider the set of residues {x1,x2,...,x(n)} which are relatively prime to n. In exactly the same manner as before, multiplication by a modulo n results in a permutation of the set {x1, x2, ..., x(n)}. Therefore, two products are congruent: x1x2 ... x(n) (ax1)(ax2) ... (ax(n)) mod n dividing by the left-hand side proves the theorem.
• Corollary (1) a(n)+1 a mod n (2) If gcd(a,n) = 1, then a(n)-1 is an inverse of a modulo n
Cryptography & Network Security
Introduction to Number Theory
(1) (1) = 1 (by convention) (2) p is prime , (p) = p-1 (3) Let p be a prime and a is a positive integer. Then (pa) = pa – pa-1 = pa(1 - 1/p) (4) Let m and n be relatively prime positive integers. Then (mn) = (m) (n) (5) Let n = p1a1 p2a2 … ptat be the prime-power factorization of the positive integer n. Then (n) = n(1-1/p1)(1-1/p2) (1-1/pt)
9
Chinese Remainder Theorem
Chinese Remainder Theorem
• Chinese Remainder Theorem (CRT)
Suppose m1 , … , mk are pairwise relatively prime positive integers, and suppose a1 , … , ak are integers. Then the system of k congruences x ai (mod mi) (1 ≤ i ≤ k) has a unique solution modulo M = m1 mk, which is given by
Cryptography & Network Security
7
Fermat’s and Euler’s Theorems
Introduction to Number Theory
Euler’s Theorem
• Generalization of Fermat’s little theorem • Theorem For every a and n that are relatively prime, a(n) 1 mod n
6
Fermat’s and Euler’s Theorems
• Corollary If p is prime and a is a positive integer, then ap a mod p • Corollary If p is prime and a is a positive integer not divisible by p, then ap-2 is an inverse of a modulo p
Introduction to Number Theory
1
Introduction to Number Theory
Cryptography & Network Security
Introduction to Number Theory
2
Introduction to Number Theory
Introduction to Number Theory
Fermat’s Little Theorem
• Theorem If p is prime and a is a positive integer not divisible by p, then ap-1 1 mod p • Proof
• Unique Factorization
– The Fundamental Theorem of Arithmetic
» Every positive integer a>1 can be factored uniquely as a = p1a1 p2a2 … ptat , where p1 < p2 < … < pt are primes and each ai > 0
Proof
• Let M = m1 m2 … mk, where mi’s are pairwise relatively prime, i.e., gcd(mi , mj) = 1, 1 ≤ i ≠ j ≤ k • A (a1, a2, … ,ak), where A ZM, ai Zmi, and ai = A mod mi for 1 ≤ i ≤ k • One to one correspondence (bijection) between ZM and the Cartesian product Zm1 Zm2 … Zmk
Start by listing the first p – 1 positive multiples of a: a, 2a, 3a, …, (p-1)a Suppose that ja and ka are the same modulo p, then we have j k mod p, so the p-1 multiples of a above are distinct and nonzero; that is, they must be congruent to 1, 2, 3, …, p-1 in some order. Multiply all these congruences together and we find a 2a 3a (p-1)a 1 2 3 (p-1) mod p or better, ap-1(p-1)! (p-1)! mod p. Divide both side by (p-1)! to complete the proof.
where ci = Mi (Mi-1 mod mi) and Mi = M / mi , for 1 ≤ i ≤ k.
Cryptography & Network Security
Introduction to Number Theory
10
Chinese Remainder Theorem
Chinese Remainder Theorem
» 12 (= 22x3) is represented by {a2 = 2, a3 = 1}
– (Multiplication) k = ab kp = ap + bp for all p P – (Divisibility) a|b ap bp for all p P
Cryptography & Network Security
– For every integer A such that 0 ≤ A < M, there is a unique k-tuple (a1, a2, … ,ak) with 0 ≤ ai < mi – For every such k-tuple (a1, a2, … ,ak), there is a unique A in ZM
Introduction to Number Theory
4
Prime Numbers
Primes Under 2000
Cryptography & Network Security
Introduction to Number Theory
5
Prime Factorization
Prime Leabharlann Baiduactorization