Uploaded bykavyams22
PPT, PDF10 views

ch04 cryptography1cryptography1cryptography1

cryptography1

Embed presentation

Download to read offline
Cryptography and Cryptography and Network Security Network Security Chapter 4 Chapter 4 Fourth Edition Fourth Edition by William Stallings by William Stallings Lecture slides by Lawrie Brown Lecture slides by Lawrie Brown
Chapter 4 – Finite Fields Chapter 4 – Finite Fields The next morning at daybreak, Star flew indoors, The next morning at daybreak, Star flew indoors, seemingly keen for a lesson. I said, "Tap eight." She did seemingly keen for a lesson. I said, "Tap eight." She did a brilliant exhibition, first tapping it in 4, 4, then giving me a brilliant exhibition, first tapping it in 4, 4, then giving me a hasty glance and doing it in 2, 2, 2, 2, before coming a hasty glance and doing it in 2, 2, 2, 2, before coming for her nut. It is astonishing that Star learned to count up for her nut. It is astonishing that Star learned to count up to 8 with no difficulty, and of her own accord discovered to 8 with no difficulty, and of her own accord discovered that each number could be given with various different that each number could be given with various different divisions, this leaving no doubt that she was consciously divisions, this leaving no doubt that she was consciously thinking each number. In fact, she did mental arithmetic, thinking each number. In fact, she did mental arithmetic, although unable, like humans, to name the numbers. But although unable, like humans, to name the numbers. But she learned to recognize their spoken names almost she learned to recognize their spoken names almost immediately and was able to remember the sounds of immediately and was able to remember the sounds of the names. Star is unique as a wild bird, who of her own the names. Star is unique as a wild bird, who of her own free will pursued the science of numbers with keen free will pursued the science of numbers with keen interest and astonishing intelligence. interest and astonishing intelligence. — — Living with Birds Living with Birds, Len Howard , Len Howard
Introduction Introduction  will now introduce finite fields will now introduce finite fields  of increasing importance in cryptography of increasing importance in cryptography  AES, Elliptic Curve, IDEA, Public Key AES, Elliptic Curve, IDEA, Public Key  concern operations on “numbers” concern operations on “numbers”  where what constitutes a “number” and the where what constitutes a “number” and the type of operations varies considerably type of operations varies considerably  start with concepts of groups, rings, fields start with concepts of groups, rings, fields from abstract algebra from abstract algebra
Group Group  a set of elements or “numbers” a set of elements or “numbers”  with some operation whose result is also in with some operation whose result is also in the set (closure) the set (closure)  obeys: obeys:  associative law: associative law: (a.b).c = a.(b.c) (a.b).c = a.(b.c)  has identity has identity e e: : e.a = a.e = a e.a = a.e = a  has inverses has inverses a a-1 -1 : : a.a a.a-1 -1 = e = e  if commutative if commutative a.b = b.a a.b = b.a  then forms an then forms an abelian group abelian group
Cyclic Group Cyclic Group  define define exponentiation exponentiation as repeated as repeated application of operator application of operator  example: example: a a-3 -3 = a.a.a = a.a.a  and let identity be: and let identity be: e= e=a a0 0  a group is cyclic if every element is a a group is cyclic if every element is a power of some fixed element power of some fixed element  ie ie b = b = a ak k for some for some a a and every and every b b in group in group  a a is said to be a generator of the group is said to be a generator of the group
Ring Ring  a set of “numbers” a set of “numbers”  with two operations (addition and multiplication) with two operations (addition and multiplication) which form: which form:  an abelian group with addition operation an abelian group with addition operation  and multiplication: and multiplication:  has closure has closure  is associative is associative  distributive over addition: distributive over addition: a(b+c) = ab + ac a(b+c) = ab + ac  if multiplication operation is commutative, it forms a if multiplication operation is commutative, it forms a commutative ring commutative ring  if if multiplication operation has an identity and no multiplication operation has an identity and no zero divisors, it forms an zero divisors, it forms an integral domain integral domain
Field Field  a set of numbers a set of numbers  with two operations which form: with two operations which form:  abelian group for addition abelian group for addition  abelian group for multiplication (ignoring 0) abelian group for multiplication (ignoring 0)  ring ring  have hierarchy with more axioms/laws have hierarchy with more axioms/laws  group -> ring -> field group -> ring -> field
Modular Arithmetic Modular Arithmetic  define define modulo operator modulo operator “ “a mod n” a mod n” to be to be remainder when a is divided by n remainder when a is divided by n  use the term use the term congruence congruence for: for: a = b mod n a = b mod n  when divided by when divided by n, n, a & b have same remainder a & b have same remainder  eg. 100 = 34 mod 11 eg. 100 = 34 mod 11  b is called a b is called a residue residue of a mod n of a mod n  since with integers can always write: since with integers can always write: a = qn + b a = qn + b  usually chose smallest positive remainder as residue usually chose smallest positive remainder as residue • ie. ie. 0 <= b <= n-1 0 <= b <= n-1  process is known as process is known as modulo reduction modulo reduction • eg. -12 mod 7 eg. -12 mod 7 = = -5 mod 7 -5 mod 7 = = 2 mod 7 2 mod 7 = = 9 mod 7 9 mod 7
Divisors Divisors  say a non-zero number say a non-zero number b b divides divides a a if for if for some some m m have have a=mb a=mb ( (a,b,m a,b,m all integers) all integers)  that is that is b b divides into divides into a a with no remainder with no remainder  denote this denote this b|a b|a  and say that and say that b b is a is a divisor divisor of of a a  eg. all of 1,2,3,4,6,8,12,24 divide 24 eg. all of 1,2,3,4,6,8,12,24 divide 24
Modular Arithmetic Operations Modular Arithmetic Operations  is 'clock arithmetic' is 'clock arithmetic'  uses a finite number of values, and loops uses a finite number of values, and loops back from either end back from either end  modular arithmetic is when do addition & modular arithmetic is when do addition & multiplication and modulo reduce answer multiplication and modulo reduce answer  can do reduction at any point, ie can do reduction at any point, ie  a+b mod n = [a mod n + b mod n] mod n a+b mod n = [a mod n + b mod n] mod n
Modular Arithmetic Modular Arithmetic  can do modular arithmetic with any group of can do modular arithmetic with any group of integers: integers: Z Zn n = {0, 1, … , n-1} = {0, 1, … , n-1}  form a commutative ring for addition form a commutative ring for addition  with a multiplicative identity with a multiplicative identity  note some peculiarities note some peculiarities  if if (a+b) (a+b)=(a+c) mod n =(a+c) mod n then then b=c mod n b=c mod n  but if but if (a.b) (a.b)=(a.c) mod n =(a.c) mod n then then b=c mod n b=c mod n only if only if a a is relatively prime to is relatively prime to n n
Modulo 8 Addition Example Modulo 8 Addition Example + 0 1 2 3 4 5 6 7 0 0 1 2 3 4 5 6 7 1 1 2 3 4 5 6 7 0 2 2 3 4 5 6 7 0 1 3 3 4 5 6 7 0 1 2 4 4 5 6 7 0 1 2 3 5 5 6 7 0 1 2 3 4 6 6 7 0 1 2 3 4 5 7 7 0 1 2 3 4 5 6
Greatest Common Divisor (GCD) Greatest Common Divisor (GCD)  a common problem in number theory a common problem in number theory  GCD (a,b) of a and b is the largest number GCD (a,b) of a and b is the largest number that divides evenly into both a and b that divides evenly into both a and b  eg GCD(60,24) = 12 eg GCD(60,24) = 12  often want often want no common factors no common factors (except 1) (except 1) and hence numbers are and hence numbers are relatively prime relatively prime  eg GCD(8,15) = 1 eg GCD(8,15) = 1  hence 8 & 15 are relatively prime hence 8 & 15 are relatively prime
Euclidean Algorithm Euclidean Algorithm  an efficient way to find the GCD(a,b) an efficient way to find the GCD(a,b)  uses theorem that: uses theorem that:  GCD(a,b) = GCD(b, a mod b) GCD(a,b) = GCD(b, a mod b)  Euclidean Algorithm to compute GCD(a,b) is: Euclidean Algorithm to compute GCD(a,b) is: EUCLID(a,b) EUCLID(a,b) 1. A 1. A = = a; B a; B = = b b 2. if B = 0 return A = gcd(a, b) 2. if B = 0 return A = gcd(a, b) 3. R = A mod B 3. R = A mod B 4. A = B 4. A = B 5. B 5. B = = R R 6. goto 2 6. goto 2
Example GCD(1970,1066) Example GCD(1970,1066) 1970 = 1 x 1066 + 904 1970 = 1 x 1066 + 904 gcd(1066, 904) gcd(1066, 904) 1066 = 1 x 904 + 162 1066 = 1 x 904 + 162 gcd(904, 162) gcd(904, 162) 904 = 5 x 162 + 94 904 = 5 x 162 + 94 gcd(162, 94) gcd(162, 94) 162 = 1 x 94 + 68 162 = 1 x 94 + 68 gcd(94, 68) gcd(94, 68) 94 = 1 x 68 + 26 94 = 1 x 68 + 26 gcd(68, 26) gcd(68, 26) 68 = 2 x 26 + 16 68 = 2 x 26 + 16 gcd(26, 16) gcd(26, 16) 26 = 1 x 16 + 10 26 = 1 x 16 + 10 gcd(16, 10) gcd(16, 10) 16 = 1 x 10 + 6 16 = 1 x 10 + 6 gcd(10, 6) gcd(10, 6) 10 = 1 x 6 + 4 10 = 1 x 6 + 4 gcd(6, 4) gcd(6, 4) 6 = 1 x 4 + 2 6 = 1 x 4 + 2 gcd(4, 2) gcd(4, 2) 4 = 2 x 2 + 0 4 = 2 x 2 + 0 gcd(2, 0) gcd(2, 0)
Galois Fields Galois Fields  finite fields play a key role in cryptography finite fields play a key role in cryptography  can show number of elements in a finite can show number of elements in a finite field field must must be a power of a prime p be a power of a prime pn n  known as Galois fields known as Galois fields  denoted GF(p denoted GF(pn n ) )  in particular often use the fields: in particular often use the fields:  GF(p) GF(p)  GF(2 GF(2n n ) )
Galois Fields GF(p) Galois Fields GF(p)  GF(p) is the set of integers {0,1, … , p-1} GF(p) is the set of integers {0,1, … , p-1} with arithmetic operations modulo prime p with arithmetic operations modulo prime p  these form a finite field these form a finite field  since have multiplicative inverses since have multiplicative inverses  hence arithmetic is “well-behaved” and hence arithmetic is “well-behaved” and can do addition, subtraction, multiplication, can do addition, subtraction, multiplication, and division without leaving the field GF(p) and division without leaving the field GF(p)
GF(7) Multiplication Example GF(7) Multiplication Example  0 1 2 3 4 5 6 0 0 0 0 0 0 0 0 1 0 1 2 3 4 5 6 2 0 2 4 6 1 3 5 3 0 3 6 2 5 1 4 4 0 4 1 5 2 6 3 5 0 5 3 1 6 4 2 6 0 6 5 4 3 2 1
Finding Inverses Finding Inverses EXTENDED EUCLID( EXTENDED EUCLID(m m, , b b) ) 1. 1. (A1, A2, A3)=(1, 0, (A1, A2, A3)=(1, 0, m m); ); (B1, B2, B3)=(0, 1, (B1, B2, B3)=(0, 1, b b) ) 2. if 2. if B3 = 0 B3 = 0 return return A3 = gcd( A3 = gcd(m m, , b b); no inverse ); no inverse 3. if 3. if B3 = 1 B3 = 1 return return B3 = gcd( B3 = gcd(m m, , b b); B2 = ); B2 = b b–1 –1 mod mod m m 4. 4. Q = A3 div B3 Q = A3 div B3 5. 5. (T1, T2, T3)=(A1 – Q B1, A2 – Q B2, A3 – Q B3) (T1, T2, T3)=(A1 – Q B1, A2 – Q B2, A3 – Q B3) 6. 6. (A1, A2, A3)=(B1, B2, B3) (A1, A2, A3)=(B1, B2, B3) 7. 7. (B1, B2, B3)=(T1, T2, T3) (B1, B2, B3)=(T1, T2, T3) 8. goto 8. goto 2 2
Inverse of 550 in GF(1759) Inverse of 550 in GF(1759) Q A1 A2 A3 B1 B2 B3 — 1 0 1759 0 1 550 3 0 1 550 1 –3 109 5 1 –3 109 –5 16 5 21 –5 16 5 106 –339 4 1 106 –339 4 –111 355 1
Polynomial Arithmetic Polynomial Arithmetic  can compute using polynomials can compute using polynomials f f( (x x) = a ) = an nx xn n + a + an-1 n-1x xn-1 n-1 + … + a + … + a1 1x + x + a a0 0 = ∑ a = ∑ ai ix xi i • nb. not interested in any specific value of x nb. not interested in any specific value of x • which is known as the indeterminate which is known as the indeterminate  several alternatives available several alternatives available  ordinary polynomial arithmetic ordinary polynomial arithmetic  poly arithmetic with coords mod p poly arithmetic with coords mod p  poly arithmetic with coords mod p and poly arithmetic with coords mod p and polynomials mod m(x) polynomials mod m(x)
Ordinary Polynomial Arithmetic Ordinary Polynomial Arithmetic  add or subtract corresponding coefficients add or subtract corresponding coefficients  multiply all terms by each other multiply all terms by each other  eg eg let let f f( (x x) = ) = x x3 3 + + x x2 2 + 2 and + 2 and g g( (x x) = ) = x x2 2 – – x x + 1 + 1 f f( (x x) + ) + g g( (x x) = ) = x x3 3 + 2 + 2x x2 2 – – x x + 3 + 3 f f( (x x) – ) – g g( (x x) = ) = x x3 3 + + x x + 1 + 1 f f( (x x) x ) x g g( (x x) = ) = x x5 5 + 3 + 3x x2 2 – 2 – 2x x + 2 + 2
Polynomial Arithmetic with Polynomial Arithmetic with Modulo Coefficients Modulo Coefficients  when computing value of each coefficient when computing value of each coefficient do calculation modulo some value do calculation modulo some value  forms a polynomial ring forms a polynomial ring  could be modulo any prime could be modulo any prime  but we are most interested in mod 2 but we are most interested in mod 2  ie all coefficients are 0 or 1 ie all coefficients are 0 or 1  eg. let eg. let f f( (x x) = ) = x x3 3 + + x x2 2 and and g g( (x x) = ) = x x2 2 + + x x + 1 + 1 f f( (x x) + ) + g g( (x x) = ) = x x3 3 + + x x + 1 + 1 f f( (x x) x ) x g g( (x x) = ) = x x5 5 + + x x2 2
Polynomial Division Polynomial Division  can write any polynomial in the form: can write any polynomial in the form:  f f( (x x) = ) = q q( (x x) ) g g( (x x) + ) + r r( (x x) )  can interpret can interpret r r( (x x) ) as being a remainder as being a remainder  r r( (x x) = ) = f f( (x x) mod ) mod g g( (x x) )  if have no remainder say if have no remainder say g g( (x x) divides ) divides f f( (x x) )  if if g g( (x x) has no divisors other than itself & 1 ) has no divisors other than itself & 1 say it is say it is irreducible irreducible (or prime) polynomial (or prime) polynomial  arithmetic modulo an irreducible arithmetic modulo an irreducible polynomial forms a field polynomial forms a field
Polynomial GCD Polynomial GCD  can find greatest common divisor for polys can find greatest common divisor for polys  c(x) c(x) = GCD( = GCD(a(x), b(x) a(x), b(x)) if ) if c(x) c(x) is the poly of greatest is the poly of greatest degree which divides both degree which divides both a(x), b(x) a(x), b(x)  can adapt Euclid’s Algorithm to find it: can adapt Euclid’s Algorithm to find it: EUCLID[ EUCLID[a a( (x x) ), b , b( (x x)] )] 1. 1. A( A(x x) = ) = a a( (x x); B( ); B(x x) = ) = b b( (x x) ) 2. if 2. if B( B(x x) = 0 ) = 0 return return A( A(x x) = gcd[ ) = gcd[a a( (x x) ), b , b( (x x)] )] 3. 3. R( R(x x) = A( ) = A(x x) mod B( ) mod B(x x) ) 4. 4. A( A(x x) ¨ B( ) ¨ B(x x) ) 5. 5. B( B(x x) ¨ R( ) ¨ R(x x) ) 6. goto 6. goto 2 2
Modular Polynomial Modular Polynomial Arithmetic Arithmetic  can compute in field GF(2 can compute in field GF(2n n ) )  polynomials with coefficients modulo 2 polynomials with coefficients modulo 2  whose degree is less than n whose degree is less than n  hence must reduce modulo an irreducible poly hence must reduce modulo an irreducible poly of degree n (for multiplication only) of degree n (for multiplication only)  form a finite field form a finite field  can always find an inverse can always find an inverse  can extend Euclid’s Inverse algorithm to find can extend Euclid’s Inverse algorithm to find
Example GF(2 Example GF(23 3 ) )
Computational Computational Considerations Considerations  since coefficients are 0 or 1, can represent since coefficients are 0 or 1, can represent any such polynomial as a bit string any such polynomial as a bit string  addition becomes XOR of these bit strings addition becomes XOR of these bit strings  multiplication is shift & XOR multiplication is shift & XOR  cf long-hand multiplication cf long-hand multiplication  modulo reduction done by repeatedly modulo reduction done by repeatedly substituting highest power with remainder substituting highest power with remainder of irreducible poly (also shift & XOR) of irreducible poly (also shift & XOR)
Computational Example Computational Example  in in GF(2 GF(23 3 ) have ) have (x (x2 2 +1) is 101 +1) is 1012 2 & (x & (x2 2 +x+1) is 111 +x+1) is 1112 2  so addition is so addition is  (x (x2 2 +1) + (x +1) + (x2 2 +x+1) = x +x+1) = x  101 XOR 111 = 010 101 XOR 111 = 0102 2  and multiplication is and multiplication is  (x+1).(x (x+1).(x2 2 +1) = x.(x +1) = x.(x2 2 +1) + 1.(x +1) + 1.(x2 2 +1) +1) = x = x3 3 +x+x +x+x2 2 +1 = x +1 = x3 3 +x +x2 2 +x+1 +x+1  011.101 = (101)<<1 XOR (101)<<0 = 011.101 = (101)<<1 XOR (101)<<0 = 1010 XOR 101 = 1111 1010 XOR 101 = 11112 2  polynomial modulo reduction (get q(x) & r(x)) is polynomial modulo reduction (get q(x) & r(x)) is  (x (x3 3 +x +x2 2 +x+1 ) mod (x +x+1 ) mod (x3 3 +x+1) = 1.(x +x+1) = 1.(x3 3 +x+1) + (x +x+1) + (x2 2 ) = x ) = x2 2  1111 mod 1011 = 1111 XOR 1011 = 0100 1111 mod 1011 = 1111 XOR 1011 = 01002 2
Using a Generator Using a Generator  equivalent definition of a finite field equivalent definition of a finite field  a a generator generator g is an element whose g is an element whose powers generate all non-zero elements powers generate all non-zero elements  in F have 0, g in F have 0, g0 0 , g , g1 1 , …, g , …, gq-2 q-2  can create generator from can create generator from root root of the of the irreducible polynomial irreducible polynomial  then implement multiplication by adding then implement multiplication by adding exponents of generator exponents of generator
Summary Summary  have considered: have considered:  concept of groups, rings, fields concept of groups, rings, fields  modular arithmetic with integers modular arithmetic with integers  Euclid’s algorithm for GCD Euclid’s algorithm for GCD  finite fields GF(p) finite fields GF(p)  polynomial arithmetic in general and in GF(2 polynomial arithmetic in general and in GF(2n n ) )

More Related Content

PPT
ch04_crypotography_william_stallings slides
bysurajpatil0480
 
PPT
cryptography for students and for learning
byssuser718176
 
PPT
Ch04
byJoe Christensen
 
PPT
ch04 cryptography and network security.ppt
byubaidullah75790
 
PPT
CH04.ppt
byShahidMehmood285010
 
PPT
Cryptography and Network Security chapter 4.ppt
bythe9amit
 
PDF
Finite fields
byBhumikaPal1
 
PPT
Chap4
bynathanurag
 
ch04_crypotography_william_stallings slides
bysurajpatil0480
 
cryptography for students and for learning
byssuser718176
 
Ch04
byJoe Christensen
 
ch04 cryptography and network security.ppt
byubaidullah75790
 
CH04.ppt
byShahidMehmood285010
 
Cryptography and Network Security chapter 4.ppt
bythe9amit
 
Finite fields
byBhumikaPal1
 
Chap4
bynathanurag
 

Similar to ch04 cryptography1cryptography1cryptography1

PPT
2.ppt
byTapodhirAcharjee2
 
PPTX
ch wi ring field modular arithmatic.pptx
byseemamehlalockdown
 
PPTX
Lecture 11,12,13- Number Theory (1).pptx
by953623104012
 
PPTX
Modular arithmetic for cryptography.pptx
byaswanikumarcherukuri3
 
PPTX
AC-Unit1.pptx CRYPTOGRAPHIC NNNNFOR ALL
byprabujayant2022
 
PPT
Number theory
bydhivyakesavan3
 
PPT
NumberTheory explanations in the easiest way.ppt
byIshwariKhanal
 
PDF
Basic galois field arithmatics required for error control codes
byMadhumita Tamhane
 
PDF
lecture5.pdf
byaminasouyah
 
PDF
Number theory lecture (part 1)
byAleksandr Yampolskiy
 
PPT
11848 ch04
byDebanjan Bhattacharya
 
PPT
11848 ch04(1)
byDebanjan Bhattacharya
 
PPT
Iss lecture 3
byAli Habeeb
 
PPT
Modular Arithmetic concept in mathematics
byIdcIdk1
 
PPT
Modular Arithmetic and congruence of integers.ppt
byJayLagman3
 
PPT
ModularArithmetic.pptDDDDDDDDDDDDDDDDDDDDDDDDD
byJudicarAbadiez
 
PPT
11848 ch04(1) (1)
byDebanjan Bhattacharya
 
PDF
paper6.pdf
byaminasouyah
 
PDF
sheet6.pdf
byaminasouyah
 
PDF
doc6.pdf
byaminasouyah
 
2.ppt
byTapodhirAcharjee2
 
ch wi ring field modular arithmatic.pptx
byseemamehlalockdown
 
Lecture 11,12,13- Number Theory (1).pptx
by953623104012
 
Modular arithmetic for cryptography.pptx
byaswanikumarcherukuri3
 
AC-Unit1.pptx CRYPTOGRAPHIC NNNNFOR ALL
byprabujayant2022
 
Number theory
bydhivyakesavan3
 
NumberTheory explanations in the easiest way.ppt
byIshwariKhanal
 
Basic galois field arithmatics required for error control codes
byMadhumita Tamhane
 
lecture5.pdf
byaminasouyah
 
Number theory lecture (part 1)
byAleksandr Yampolskiy
 
11848 ch04
byDebanjan Bhattacharya
 
11848 ch04(1)
byDebanjan Bhattacharya
 
Iss lecture 3
byAli Habeeb
 
Modular Arithmetic concept in mathematics
byIdcIdk1
 
Modular Arithmetic and congruence of integers.ppt
byJayLagman3
 
ModularArithmetic.pptDDDDDDDDDDDDDDDDDDDDDDDDD
byJudicarAbadiez
 
11848 ch04(1) (1)
byDebanjan Bhattacharya
 
paper6.pdf
byaminasouyah
 
sheet6.pdf
byaminasouyah
 
doc6.pdf
byaminasouyah
 

Recently uploaded

PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PDF
AI Star Keynote on Artificial Intelligence. OnWorld. OffWorld. InWorld
byAlison B. Lowndes
 
PDF
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 
PDF
Cleveland, OH Developer Group Dec 2, 2025 Slides for December Demos
byLynda Kane
 
PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
PDF
Tracing the Thread: Decoding the Decision-Making Process with GraphRAG
byEnterprise Knowledge
 
PDF
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
bysleepandremedies
 
PDF
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
PDF
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
PPTX
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
DOCX
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
PDF
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
PDF
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
PDF
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
PDF
AI Technology important knowledge ......
byutkarshj2007
 
PDF
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
AI Star Keynote on Artificial Intelligence. OnWorld. OffWorld. InWorld
byAlison B. Lowndes
 
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 
Cleveland, OH Developer Group Dec 2, 2025 Slides for December Demos
byLynda Kane
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
Tracing the Thread: Decoding the Decision-Making Process with GraphRAG
byEnterprise Knowledge
 
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
bysleepandremedies
 
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
AI Technology important knowledge ......
byutkarshj2007
 
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 

ch04 cryptography1cryptography1cryptography1

  • 1.
    Cryptography and Cryptography and NetworkSecurity Network Security Chapter 4 Chapter 4 Fourth Edition Fourth Edition by William Stallings by William Stallings Lecture slides by Lawrie Brown Lecture slides by Lawrie Brown
  • 2.
    Chapter 4 –Finite Fields Chapter 4 – Finite Fields The next morning at daybreak, Star flew indoors, The next morning at daybreak, Star flew indoors, seemingly keen for a lesson. I said, "Tap eight." She did seemingly keen for a lesson. I said, "Tap eight." She did a brilliant exhibition, first tapping it in 4, 4, then giving me a brilliant exhibition, first tapping it in 4, 4, then giving me a hasty glance and doing it in 2, 2, 2, 2, before coming a hasty glance and doing it in 2, 2, 2, 2, before coming for her nut. It is astonishing that Star learned to count up for her nut. It is astonishing that Star learned to count up to 8 with no difficulty, and of her own accord discovered to 8 with no difficulty, and of her own accord discovered that each number could be given with various different that each number could be given with various different divisions, this leaving no doubt that she was consciously divisions, this leaving no doubt that she was consciously thinking each number. In fact, she did mental arithmetic, thinking each number. In fact, she did mental arithmetic, although unable, like humans, to name the numbers. But although unable, like humans, to name the numbers. But she learned to recognize their spoken names almost she learned to recognize their spoken names almost immediately and was able to remember the sounds of immediately and was able to remember the sounds of the names. Star is unique as a wild bird, who of her own the names. Star is unique as a wild bird, who of her own free will pursued the science of numbers with keen free will pursued the science of numbers with keen interest and astonishing intelligence. interest and astonishing intelligence. — — Living with Birds Living with Birds, Len Howard , Len Howard
  • 3.
    Introduction Introduction  will nowintroduce finite fields will now introduce finite fields  of increasing importance in cryptography of increasing importance in cryptography  AES, Elliptic Curve, IDEA, Public Key AES, Elliptic Curve, IDEA, Public Key  concern operations on “numbers” concern operations on “numbers”  where what constitutes a “number” and the where what constitutes a “number” and the type of operations varies considerably type of operations varies considerably  start with concepts of groups, rings, fields start with concepts of groups, rings, fields from abstract algebra from abstract algebra
  • 4.
    Group Group  a setof elements or “numbers” a set of elements or “numbers”  with some operation whose result is also in with some operation whose result is also in the set (closure) the set (closure)  obeys: obeys:  associative law: associative law: (a.b).c = a.(b.c) (a.b).c = a.(b.c)  has identity has identity e e: : e.a = a.e = a e.a = a.e = a  has inverses has inverses a a-1 -1 : : a.a a.a-1 -1 = e = e  if commutative if commutative a.b = b.a a.b = b.a  then forms an then forms an abelian group abelian group
  • 5.
    Cyclic Group Cyclic Group define define exponentiation exponentiation as repeated as repeated application of operator application of operator  example: example: a a-3 -3 = a.a.a = a.a.a  and let identity be: and let identity be: e= e=a a0 0  a group is cyclic if every element is a a group is cyclic if every element is a power of some fixed element power of some fixed element  ie ie b = b = a ak k for some for some a a and every and every b b in group in group  a a is said to be a generator of the group is said to be a generator of the group
  • 6.
    Ring Ring  a setof “numbers” a set of “numbers”  with two operations (addition and multiplication) with two operations (addition and multiplication) which form: which form:  an abelian group with addition operation an abelian group with addition operation  and multiplication: and multiplication:  has closure has closure  is associative is associative  distributive over addition: distributive over addition: a(b+c) = ab + ac a(b+c) = ab + ac  if multiplication operation is commutative, it forms a if multiplication operation is commutative, it forms a commutative ring commutative ring  if if multiplication operation has an identity and no multiplication operation has an identity and no zero divisors, it forms an zero divisors, it forms an integral domain integral domain
  • 7.
    Field Field  a setof numbers a set of numbers  with two operations which form: with two operations which form:  abelian group for addition abelian group for addition  abelian group for multiplication (ignoring 0) abelian group for multiplication (ignoring 0)  ring ring  have hierarchy with more axioms/laws have hierarchy with more axioms/laws  group -> ring -> field group -> ring -> field
  • 8.
    Modular Arithmetic Modular Arithmetic define define modulo operator modulo operator “ “a mod n” a mod n” to be to be remainder when a is divided by n remainder when a is divided by n  use the term use the term congruence congruence for: for: a = b mod n a = b mod n  when divided by when divided by n, n, a & b have same remainder a & b have same remainder  eg. 100 = 34 mod 11 eg. 100 = 34 mod 11  b is called a b is called a residue residue of a mod n of a mod n  since with integers can always write: since with integers can always write: a = qn + b a = qn + b  usually chose smallest positive remainder as residue usually chose smallest positive remainder as residue • ie. ie. 0 <= b <= n-1 0 <= b <= n-1  process is known as process is known as modulo reduction modulo reduction • eg. -12 mod 7 eg. -12 mod 7 = = -5 mod 7 -5 mod 7 = = 2 mod 7 2 mod 7 = = 9 mod 7 9 mod 7
  • 9.
    Divisors Divisors  say anon-zero number say a non-zero number b b divides divides a a if for if for some some m m have have a=mb a=mb ( (a,b,m a,b,m all integers) all integers)  that is that is b b divides into divides into a a with no remainder with no remainder  denote this denote this b|a b|a  and say that and say that b b is a is a divisor divisor of of a a  eg. all of 1,2,3,4,6,8,12,24 divide 24 eg. all of 1,2,3,4,6,8,12,24 divide 24
  • 10.
    Modular Arithmetic Operations ModularArithmetic Operations  is 'clock arithmetic' is 'clock arithmetic'  uses a finite number of values, and loops uses a finite number of values, and loops back from either end back from either end  modular arithmetic is when do addition & modular arithmetic is when do addition & multiplication and modulo reduce answer multiplication and modulo reduce answer  can do reduction at any point, ie can do reduction at any point, ie  a+b mod n = [a mod n + b mod n] mod n a+b mod n = [a mod n + b mod n] mod n
  • 11.
    Modular Arithmetic Modular Arithmetic can do modular arithmetic with any group of can do modular arithmetic with any group of integers: integers: Z Zn n = {0, 1, … , n-1} = {0, 1, … , n-1}  form a commutative ring for addition form a commutative ring for addition  with a multiplicative identity with a multiplicative identity  note some peculiarities note some peculiarities  if if (a+b) (a+b)=(a+c) mod n =(a+c) mod n then then b=c mod n b=c mod n  but if but if (a.b) (a.b)=(a.c) mod n =(a.c) mod n then then b=c mod n b=c mod n only if only if a a is relatively prime to is relatively prime to n n
  • 12.
    Modulo 8 AdditionExample Modulo 8 Addition Example + 0 1 2 3 4 5 6 7 0 0 1 2 3 4 5 6 7 1 1 2 3 4 5 6 7 0 2 2 3 4 5 6 7 0 1 3 3 4 5 6 7 0 1 2 4 4 5 6 7 0 1 2 3 5 5 6 7 0 1 2 3 4 6 6 7 0 1 2 3 4 5 7 7 0 1 2 3 4 5 6
  • 13.
    Greatest Common Divisor(GCD) Greatest Common Divisor (GCD)  a common problem in number theory a common problem in number theory  GCD (a,b) of a and b is the largest number GCD (a,b) of a and b is the largest number that divides evenly into both a and b that divides evenly into both a and b  eg GCD(60,24) = 12 eg GCD(60,24) = 12  often want often want no common factors no common factors (except 1) (except 1) and hence numbers are and hence numbers are relatively prime relatively prime  eg GCD(8,15) = 1 eg GCD(8,15) = 1  hence 8 & 15 are relatively prime hence 8 & 15 are relatively prime
  • 14.
    Euclidean Algorithm Euclidean Algorithm an efficient way to find the GCD(a,b) an efficient way to find the GCD(a,b)  uses theorem that: uses theorem that:  GCD(a,b) = GCD(b, a mod b) GCD(a,b) = GCD(b, a mod b)  Euclidean Algorithm to compute GCD(a,b) is: Euclidean Algorithm to compute GCD(a,b) is: EUCLID(a,b) EUCLID(a,b) 1. A 1. A = = a; B a; B = = b b 2. if B = 0 return A = gcd(a, b) 2. if B = 0 return A = gcd(a, b) 3. R = A mod B 3. R = A mod B 4. A = B 4. A = B 5. B 5. B = = R R 6. goto 2 6. goto 2
  • 15.
    Example GCD(1970,1066) Example GCD(1970,1066) 1970= 1 x 1066 + 904 1970 = 1 x 1066 + 904 gcd(1066, 904) gcd(1066, 904) 1066 = 1 x 904 + 162 1066 = 1 x 904 + 162 gcd(904, 162) gcd(904, 162) 904 = 5 x 162 + 94 904 = 5 x 162 + 94 gcd(162, 94) gcd(162, 94) 162 = 1 x 94 + 68 162 = 1 x 94 + 68 gcd(94, 68) gcd(94, 68) 94 = 1 x 68 + 26 94 = 1 x 68 + 26 gcd(68, 26) gcd(68, 26) 68 = 2 x 26 + 16 68 = 2 x 26 + 16 gcd(26, 16) gcd(26, 16) 26 = 1 x 16 + 10 26 = 1 x 16 + 10 gcd(16, 10) gcd(16, 10) 16 = 1 x 10 + 6 16 = 1 x 10 + 6 gcd(10, 6) gcd(10, 6) 10 = 1 x 6 + 4 10 = 1 x 6 + 4 gcd(6, 4) gcd(6, 4) 6 = 1 x 4 + 2 6 = 1 x 4 + 2 gcd(4, 2) gcd(4, 2) 4 = 2 x 2 + 0 4 = 2 x 2 + 0 gcd(2, 0) gcd(2, 0)
  • 16.
    Galois Fields Galois Fields finite fields play a key role in cryptography finite fields play a key role in cryptography  can show number of elements in a finite can show number of elements in a finite field field must must be a power of a prime p be a power of a prime pn n  known as Galois fields known as Galois fields  denoted GF(p denoted GF(pn n ) )  in particular often use the fields: in particular often use the fields:  GF(p) GF(p)  GF(2 GF(2n n ) )
  • 17.
    Galois Fields GF(p) GaloisFields GF(p)  GF(p) is the set of integers {0,1, … , p-1} GF(p) is the set of integers {0,1, … , p-1} with arithmetic operations modulo prime p with arithmetic operations modulo prime p  these form a finite field these form a finite field  since have multiplicative inverses since have multiplicative inverses  hence arithmetic is “well-behaved” and hence arithmetic is “well-behaved” and can do addition, subtraction, multiplication, can do addition, subtraction, multiplication, and division without leaving the field GF(p) and division without leaving the field GF(p)
  • 18.
    GF(7) Multiplication Example GF(7)Multiplication Example  0 1 2 3 4 5 6 0 0 0 0 0 0 0 0 1 0 1 2 3 4 5 6 2 0 2 4 6 1 3 5 3 0 3 6 2 5 1 4 4 0 4 1 5 2 6 3 5 0 5 3 1 6 4 2 6 0 6 5 4 3 2 1
  • 19.
    Finding Inverses Finding Inverses EXTENDEDEUCLID( EXTENDED EUCLID(m m, , b b) ) 1. 1. (A1, A2, A3)=(1, 0, (A1, A2, A3)=(1, 0, m m); ); (B1, B2, B3)=(0, 1, (B1, B2, B3)=(0, 1, b b) ) 2. if 2. if B3 = 0 B3 = 0 return return A3 = gcd( A3 = gcd(m m, , b b); no inverse ); no inverse 3. if 3. if B3 = 1 B3 = 1 return return B3 = gcd( B3 = gcd(m m, , b b); B2 = ); B2 = b b–1 –1 mod mod m m 4. 4. Q = A3 div B3 Q = A3 div B3 5. 5. (T1, T2, T3)=(A1 – Q B1, A2 – Q B2, A3 – Q B3) (T1, T2, T3)=(A1 – Q B1, A2 – Q B2, A3 – Q B3) 6. 6. (A1, A2, A3)=(B1, B2, B3) (A1, A2, A3)=(B1, B2, B3) 7. 7. (B1, B2, B3)=(T1, T2, T3) (B1, B2, B3)=(T1, T2, T3) 8. goto 8. goto 2 2
  • 20.
    Inverse of 550in GF(1759) Inverse of 550 in GF(1759) Q A1 A2 A3 B1 B2 B3 — 1 0 1759 0 1 550 3 0 1 550 1 –3 109 5 1 –3 109 –5 16 5 21 –5 16 5 106 –339 4 1 106 –339 4 –111 355 1
  • 21.
    Polynomial Arithmetic Polynomial Arithmetic can compute using polynomials can compute using polynomials f f( (x x) = a ) = an nx xn n + a + an-1 n-1x xn-1 n-1 + … + a + … + a1 1x + x + a a0 0 = ∑ a = ∑ ai ix xi i • nb. not interested in any specific value of x nb. not interested in any specific value of x • which is known as the indeterminate which is known as the indeterminate  several alternatives available several alternatives available  ordinary polynomial arithmetic ordinary polynomial arithmetic  poly arithmetic with coords mod p poly arithmetic with coords mod p  poly arithmetic with coords mod p and poly arithmetic with coords mod p and polynomials mod m(x) polynomials mod m(x)
  • 22.
    Ordinary Polynomial Arithmetic OrdinaryPolynomial Arithmetic  add or subtract corresponding coefficients add or subtract corresponding coefficients  multiply all terms by each other multiply all terms by each other  eg eg let let f f( (x x) = ) = x x3 3 + + x x2 2 + 2 and + 2 and g g( (x x) = ) = x x2 2 – – x x + 1 + 1 f f( (x x) + ) + g g( (x x) = ) = x x3 3 + 2 + 2x x2 2 – – x x + 3 + 3 f f( (x x) – ) – g g( (x x) = ) = x x3 3 + + x x + 1 + 1 f f( (x x) x ) x g g( (x x) = ) = x x5 5 + 3 + 3x x2 2 – 2 – 2x x + 2 + 2
  • 23.
    Polynomial Arithmetic with PolynomialArithmetic with Modulo Coefficients Modulo Coefficients  when computing value of each coefficient when computing value of each coefficient do calculation modulo some value do calculation modulo some value  forms a polynomial ring forms a polynomial ring  could be modulo any prime could be modulo any prime  but we are most interested in mod 2 but we are most interested in mod 2  ie all coefficients are 0 or 1 ie all coefficients are 0 or 1  eg. let eg. let f f( (x x) = ) = x x3 3 + + x x2 2 and and g g( (x x) = ) = x x2 2 + + x x + 1 + 1 f f( (x x) + ) + g g( (x x) = ) = x x3 3 + + x x + 1 + 1 f f( (x x) x ) x g g( (x x) = ) = x x5 5 + + x x2 2
  • 24.
    Polynomial Division Polynomial Division can write any polynomial in the form: can write any polynomial in the form:  f f( (x x) = ) = q q( (x x) ) g g( (x x) + ) + r r( (x x) )  can interpret can interpret r r( (x x) ) as being a remainder as being a remainder  r r( (x x) = ) = f f( (x x) mod ) mod g g( (x x) )  if have no remainder say if have no remainder say g g( (x x) divides ) divides f f( (x x) )  if if g g( (x x) has no divisors other than itself & 1 ) has no divisors other than itself & 1 say it is say it is irreducible irreducible (or prime) polynomial (or prime) polynomial  arithmetic modulo an irreducible arithmetic modulo an irreducible polynomial forms a field polynomial forms a field
  • 25.
    Polynomial GCD Polynomial GCD can find greatest common divisor for polys can find greatest common divisor for polys  c(x) c(x) = GCD( = GCD(a(x), b(x) a(x), b(x)) if ) if c(x) c(x) is the poly of greatest is the poly of greatest degree which divides both degree which divides both a(x), b(x) a(x), b(x)  can adapt Euclid’s Algorithm to find it: can adapt Euclid’s Algorithm to find it: EUCLID[ EUCLID[a a( (x x) ), b , b( (x x)] )] 1. 1. A( A(x x) = ) = a a( (x x); B( ); B(x x) = ) = b b( (x x) ) 2. if 2. if B( B(x x) = 0 ) = 0 return return A( A(x x) = gcd[ ) = gcd[a a( (x x) ), b , b( (x x)] )] 3. 3. R( R(x x) = A( ) = A(x x) mod B( ) mod B(x x) ) 4. 4. A( A(x x) ¨ B( ) ¨ B(x x) ) 5. 5. B( B(x x) ¨ R( ) ¨ R(x x) ) 6. goto 6. goto 2 2
  • 26.
    Modular Polynomial Modular Polynomial Arithmetic Arithmetic can compute in field GF(2 can compute in field GF(2n n ) )  polynomials with coefficients modulo 2 polynomials with coefficients modulo 2  whose degree is less than n whose degree is less than n  hence must reduce modulo an irreducible poly hence must reduce modulo an irreducible poly of degree n (for multiplication only) of degree n (for multiplication only)  form a finite field form a finite field  can always find an inverse can always find an inverse  can extend Euclid’s Inverse algorithm to find can extend Euclid’s Inverse algorithm to find
  • 27.
  • 28.
    Computational Computational Considerations Considerations  since coefficientsare 0 or 1, can represent since coefficients are 0 or 1, can represent any such polynomial as a bit string any such polynomial as a bit string  addition becomes XOR of these bit strings addition becomes XOR of these bit strings  multiplication is shift & XOR multiplication is shift & XOR  cf long-hand multiplication cf long-hand multiplication  modulo reduction done by repeatedly modulo reduction done by repeatedly substituting highest power with remainder substituting highest power with remainder of irreducible poly (also shift & XOR) of irreducible poly (also shift & XOR)
  • 29.
    Computational Example Computational Example in in GF(2 GF(23 3 ) have ) have (x (x2 2 +1) is 101 +1) is 1012 2 & (x & (x2 2 +x+1) is 111 +x+1) is 1112 2  so addition is so addition is  (x (x2 2 +1) + (x +1) + (x2 2 +x+1) = x +x+1) = x  101 XOR 111 = 010 101 XOR 111 = 0102 2  and multiplication is and multiplication is  (x+1).(x (x+1).(x2 2 +1) = x.(x +1) = x.(x2 2 +1) + 1.(x +1) + 1.(x2 2 +1) +1) = x = x3 3 +x+x +x+x2 2 +1 = x +1 = x3 3 +x +x2 2 +x+1 +x+1  011.101 = (101)<<1 XOR (101)<<0 = 011.101 = (101)<<1 XOR (101)<<0 = 1010 XOR 101 = 1111 1010 XOR 101 = 11112 2  polynomial modulo reduction (get q(x) & r(x)) is polynomial modulo reduction (get q(x) & r(x)) is  (x (x3 3 +x +x2 2 +x+1 ) mod (x +x+1 ) mod (x3 3 +x+1) = 1.(x +x+1) = 1.(x3 3 +x+1) + (x +x+1) + (x2 2 ) = x ) = x2 2  1111 mod 1011 = 1111 XOR 1011 = 0100 1111 mod 1011 = 1111 XOR 1011 = 01002 2
  • 30.
    Using a Generator Usinga Generator  equivalent definition of a finite field equivalent definition of a finite field  a a generator generator g is an element whose g is an element whose powers generate all non-zero elements powers generate all non-zero elements  in F have 0, g in F have 0, g0 0 , g , g1 1 , …, g , …, gq-2 q-2  can create generator from can create generator from root root of the of the irreducible polynomial irreducible polynomial  then implement multiplication by adding then implement multiplication by adding exponents of generator exponents of generator
  • 31.
    Summary Summary  have considered: haveconsidered:  concept of groups, rings, fields concept of groups, rings, fields  modular arithmetic with integers modular arithmetic with integers  Euclid’s algorithm for GCD Euclid’s algorithm for GCD  finite fields GF(p) finite fields GF(p)  polynomial arithmetic in general and in GF(2 polynomial arithmetic in general and in GF(2n n ) )

Editor's Notes

  • #1 Lecture slides by Lawrie Brown for “Cryptography and Network Security”, 4/e, by William Stallings, Chapter Chapter 4 – “Finite Fields”.
  • #2 Intro quote.
  • #3 Finite fields have become increasingly important in cryptography. A number of cryptographic algorithms rely heavily on properties of finite fields, such as the AES, Elliptic Curve, IDEA, & various Public Key algorithms. Groups, rings, and fields are the fundamental elements of abstract algebra, which is concerned with sets on whose elements (“numbers”) we can operate algebraically.
  • #4 Now define some important concepts in abstract algebra - starting with a Group. In abstract algebra, we are concerned with sets on whose elements we can operate algebraically; that is, we can combine two elements of the set to obtain a third element of the set. These operations are subject to specific rules, which define the nature of the set. A group is such a set with properties listed above. We denote a Group as {G,.} We have used . as operator: could be addition +, multiplication x or any other mathematical operator. A group can have a finite (fixed) number of elements, or it may be infinite. Note that integers (+ve, -ve and 0) using addition form an infinite abelian group. So do real numbers using multiplication.
  • #5 Define exponentiation in a group as the repeated use of the group operator. Note that we are most familiar with it being applied to multiplication, but it is more general than that. If the repeated use of the operator on some value a in the group results in every possible value being created, then the group is said to be cyclic, and a is a generator of (or generates) the group G.
  • #6 Next describe a ring. In essence, a ring is a set in which we can do addition, subtraction [a – b = a + (–b)], and multiplication without leaving the set. We denote a Ring as {R,+,.} With respect to addition and multiplication, the set of all n-square matrices over the real numbers form a ring. The set of integers with addition & multiplication form an integral domain.
  • #7 Lastly define a field. In essence, a field is a set in which we can do addition, subtraction, multiplication, and division without leaving the set. Division is defined with the following rule: a/b = a (b–1). We denote a Field as {F,+,.} Examples of fields are: rational numbers, real numbers, complex numbers. Note that integers are NOT a field since there are no multiplicative inverses (except for 1). These are terms we use for different sorts of "number systems", ones obeying different sets of laws. From group to ring to field we get more and more laws being obeyed, see Stallings Figure 4.1. As a memory aid, can use the acronym for groups: CAIN (Closure Associative Identity iNverse) & ABEL. Mostly we need to compute with Rings, if not Fields. When we do arithmetic modulo a prime, we have a field.
  • #8 Given any positive integer n and any nonnegative integer a, if we divide a by n, we get an integer quotient q and an integer remainder r. In modular arithmetic we are only interested in the remainder (or residue) after division by some modulus, and results with the same remainder are regarded as equivalent. Two integers a and b are said to be congruent modulo n, if (a mod n) =(b mod n).
  • #9 Define concept of “divisors”. We say that a nonzero b divides a if a=m.b for some m, where a, b, and m are integers. That is, b divides a if there is no remainder on division. Can denote this as b|a, and say that b is a divisor of a. For example, the positive divisors of 24 are 1,2,3,4,6,8,12, and 24.
  • #10 Modular arithmetic is where we perform arithmetic operations within the confines of some set of integers mod n. It uses a finite number of values, and loops back from either end where needed. When reducing, we "usually" want to find the positive remainder after dividing by the modulus. For positive numbers, this is simply the normal remainder. For negative numbers we have to "overshoot" (ie find the next multiple larger than the number) and "come back" (ie add a positive remainder to get the number); rather than have a "negative remainder". Then note some important properties of modular arithmetic which mean you can modulo reduce at any point and obtain an equivalent answer.
  • #11 Note some more important properties of modular arithmetic, as discussed further in the text.
  • #12 Example showing addition in GF(8), from Stallings Table 4.1a.
  • #13 One of the basic techniques of number theory is the Euclidean algorithm, which is a simple procedure for determining the greatest common divisor of two positive integers. Use the notation gcd(a,b) to mean the greatest common divisor of a and b. The positive integer c is said to be the greatest common divisor of a and b if c is a divisor of a and of b; and any divisor of a and b is a divisor of c. State that two integers a and b are relatively prime if their only common positive integer factor is 1, ie GCD(a,b)=1.
  • #14 The Euclidean algorithm is an efficient way to find the GCD(a,b). The Euclidean algorithm is derived from the observation that if a & b have a common factor d (ie. a=m.d & b=n.d) then d is also a factor in any difference between them, vis: a-p.b = (m.d)-p.(n.d) = d.(m-p.n). Euclid's Algorithm keeps computing successive differences until it vanishes, at which point the greatest common divisor has been reached.
  • #15 Illustrate how we can compute successive instances of GCD(a,b) = GCD(b,a mod b), example taken from text. Note this MUST always terminate since will eventually get a mod b = 0 (ie no remainder left). Answer is then the last non-zero value. In this case GCD(1970,1066)=2.
  • #16 Infinite fields are not of particular interest in the context of cryptography. However, finite fields play a crucial role in many cryptographic algorithms. It can be shown that the order of a finite field (number of elements in the field) must be a positive power of a prime, & these are known as Galois fields & denoted GF(p^n). We are most interested in the cases where either n=1 - GF(p), or p=2 - GF(2^n).
  • #17 Start by considering GF(p) over the set of integers {0…p-1} with addition & multiplication modulo p. This forms a “well-behaved” finite field.
  • #18 Example showing multiplication in GF(7), from Stallings Table 4.3b.
  • #19 An important problem is to find multiplicative inverses in such finite fields. Can show that such inverses always exist, & can extend the Euclidean algorithm to find them as shown. See text for discussion as to why this works.
  • #20 Example showing how to find the inverse of 550 in GF(1759), from Stallings Table 4.4.
  • #21 Next introduce the interesting subject of polynomial arithmetic, using polynomials in a single variable x, with several variants as listed above. Note we are usually not interested in evaluating a polynomial for any particular value of x, which is thus referred to as the indeterminate.
  • #22 Polynomial arithmetic includes the operations of addition, subtraction, and multiplication, defined in the usual way, ie add or subtract corresponding coefficients, or multiply all terms by each other. The examples are from the text, with working in Stallings Figure 4.3.
  • #23 Consider variant where now when computing value of each coefficient do the calculation modulo some value, usually a prime. If the coefficients are computed in a field (eg GF(p)), then division on the polynomials is possible, and we have a polynomial ring. Are most interested in using GF(2) - ie all coefficients are 0 or 1, and any addition/subtraction of coefficients is done mod 2 (ie 2x is the same as 0x!), which is just the common XOR function.
  • #24 Note that we can write any polynomial in the form of f(x) = q(x) g(x) + r(x), where division of f(x) by g(x) results in a quotient q(x) and remainder r(x). Can then extend the concept of divisors from the integer case, and show that the Euclidean algorithm can be extended to find the greatest common divisor of two polynomials whose coefficients are elements of a field. Define an irreducible (or prime) polynomial as one with no divisors other than itself & 1. If compute polynomial arithmetic modulo an irreducible polynomial, this forms a finite field, and the GCD & Inverse algorithms can be adapted for it.
  • #25 We can extend the analogy between polynomial arithmetic over a field and integer arithmetic by defining the greatest common divisor as shown.
  • #26 Consider now the case of polynomial arithmetic with coordinates mod 2 and polynomials mod an irreducible polynomial m(x). That is Modular Polynomial Arithmetic uses the set S of all polynomials of degree n-1 or less over the field Zp. With the appropriate definition of arithmetic operations, each such set S is a finite field. The definition consists of the following elements: Arithmetic follows the ordinary rules of polynomial arithmetic using the basic rules of algebra, with the following two refinements. 2. Arithmetic on the coefficients is performed modulo p. 3. If multiplication results in a polynomial of degree greater than n-1, then the polynomial is reduced modulo some irreducible polynomial m(x) of degree n. That is, we divide by m(x) and keep the remainder. This forms a finite field. And just as the Euclidean algorithm can be adapted to find the greatest common divisor of two polynomials, the extended Euclidean algorithm can be adapted to find the multiplicative inverse of a polynomial.
  • #27 Example shows addition & multiplication in GF(23) modulo (x3+x+1), from Stallings Table 4.6.
  • #28 A key motivation for using polynomial arithmetic in GF(2n) is that the polynomials can be represented as a bit string, using all possible bit values, and the calculations only use simple common machine instructions - addition is just XOR, and multiplication is shifts & XOR’s. See text for additional discussion. The shortcut for polynomial reduction comes from the observation that if in GF(2n) then irreducible poly g(x) has highest term xn , and if compute xn mod g(x) answer is g(x)- xn
  • #29 Show here a few simple examples of addition, multiplication & modulo reduction in GF(23). Note the long form modulo reduction finds p(x)=q(x).m(x)+r(x) with r(x) being the desired remainder.
  • #30 There is an equivalent technique for defining a finite field of the form GF(2n) using the same irreducible polynomial, based on powers of a generator of the group, which gives a nice implementation of multiplication. The generator can be found from the root of the irreducible polynomial, as discussed in the text.
  • #31 Chapter 4 summary.