Scribd
Upload
54 views175 pages

Cryptography and Network Security: Bodhisatwa Mazumdar

The document introduces cryptography and network security. It discusses how connected devices and stored information are vulnerable to attacks. Data from 2018 breach reports show the top industries and asset types affected by security breaches. Cryptography is presented as an important security mechanism for keeping information confidential, maintaining data integrity, and providing authentication and non-repudiation. The goals of confidentiality, integrity, authentication, and non-repudiation are defined. An example is given of how encryption provides confidentiality in communications between two parties over an untrusted network.

Uploaded by

the
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
54 views175 pages

Cryptography and Network Security: Bodhisatwa Mazumdar

The document introduces cryptography and network security. It discusses how connected devices and stored information are vulnerable to attacks. Data from 2018 breach reports show the top industries and asset types affected by security breaches. Cryptography is presented as an important security mechanism for keeping information confidential, maintaining data integrity, and providing authentication and non-repudiation. The goals of confidentiality, integrity, authentication, and non-repudiation are defined. An example is given of how encryption provides confidentiality in communications between two parties over an untrusted network.

Uploaded by

the
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 175

Cryptography and Network Security

Bodhisatwa Mazumdar1
1 Disciplineof Computer Science & Engineering
Indian Institute of Technology Indore

January 13, 2019

1/ 43
Bodhisatwa Mazumdar CS 417
Introduction

(a) Connected World

2/ 43
Bodhisatwa Mazumdar CS 417
Introduction

(a) Connected World (b) Information Storage

Figure : Information security in the connected world


2/ 43
Bodhisatwa Mazumdar CS 417
2018 Data breach investigations report from Verizon

(a) Top industries with


security breaches such as
personal, payment, medical,
credentials, bank, classified,
n = 351
3/ 43
Bodhisatwa Mazumdar CS 417
2018 Data breach investigations report from Verizon

(a) Top industries with


security breaches such as
personal, payment, medical, (b) Top varieties of assets
credentials, bank, classified, with confirmed data
n = 351 breaches, n = 2023
3/ 43
Bodhisatwa Mazumdar CS 417
2018 Data breach investigations report from Verizon

(a) Top industries with


security breaches such as
personal, payment, medical, (b) Top varieties of assets (c) Top 20 action threat
credentials, bank, classified, with confirmed data varieties from confirmed
n = 351 breaches, n = 2023 data breaches
3/ 43
Bodhisatwa Mazumdar CS 417
Security Threats....A big paradigm!!

Hardware

Network/Communication links System Software


(Operating Systems/Hypervisor)

Applications

Attackers target
weakest link !!

Peripherals

Figure : Security Threats..Why difficult to prevent??

4/ 43
Bodhisatwa Mazumdar CS 417
Security Research...An Ocean!!

Hardware Hardware Security

Network/Communication links System Software System Security


(Operating Systems/Hypervisor)
Network Security
OS Security
Cloud Security

Applications
Web Security
DBMS Security

Peripherals
Embedded Security

5/ 43
Bodhisatwa Mazumdar CS 417
Cryptography...Secret Writing
An important security mechanism for keeping the information
secured.
Transforming messages to render them immune to attacks

6/ 43
Bodhisatwa Mazumdar CS 417
Cryptography...Secret Writing
An important security mechanism for keeping the information
secured.
Transforming messages to render them immune to attacks

Confidentiality: Allow Data Integrity: Data Authentication: Proving


only authorized users to changes need to be done identity of sender-receiver
access data by authorized entities and (connection-oriented
through authorized communication)
mechanisms  or Non-repudiation: Sender of
source of data a message cannot claim that
(connectionless he did not send it 
communication) 

Figure : Fundamental components to achieve (Security Services)


6/ 43
Bodhisatwa Mazumdar CS 417
Cryptography...Secret Writing
An important security mechanism for keeping the information
secured.
Transforming messages to render them immune to attacks

7/ 43
Bodhisatwa Mazumdar CS 417
Cryptography...Secret Writing
An important security mechanism for keeping the information
secured.
Transforming messages to render them immune to attacks

Confidentiality: Allow Data Integrity: Data Authentication: Proving


only authorized users to changes need to be done identity of sender-receiver
access data by authorized entities and (connection-oriented
through authorized communication)
mechanisms  or Non-repudiation: Sender of
source of data a message cannot claim that
(connectionless he did not send it 
communication) 

Figure : Fundamental components to achieve (Security Services)


7/ 43
Bodhisatwa Mazumdar CS 417
Scheme for Confidentiality

Untrusted communication link

Alice Attack at dawn!! Bob

Message sent in ciphertext; Eve can overhear

Encryption unintelligible to Eve; only Bob can


Problem: Alice wants to send a decipher with his secret key (shared with Alice)
message  to Bob (only to Bob) through
an untrusted communication link Eve

Figure : Goal: Confidentiality

8/ 43
Bodhisatwa Mazumdar CS 417
How security of encryption should be defined?...Probable answers

An encryption scheme is secure if no adversary can


find the secret key when given a ciphertext.

9/ 43
Bodhisatwa Mazumdar CS 417
How security of encryption should be defined?...Probable answers

An encryption scheme is secure if no adversary can


find the secret key when given a ciphertext.

find the plaintext that corresponds to the ciphertext.

9/ 43
Bodhisatwa Mazumdar CS 417
How security of encryption should be defined?...Probable answers

An encryption scheme is secure if no adversary can


find the secret key when given a ciphertext.

find the plaintext that corresponds to the ciphertext.

find any of the plaintext that corresponds to the ciphertext.

9/ 43
Bodhisatwa Mazumdar CS 417
How security of encryption should be defined?...Probable answers

An encryption scheme is secure if no adversary can


find the secret key when given a ciphertext.

find the plaintext that corresponds to the ciphertext.

find any of the plaintext that corresponds to the ciphertext.

derive any meaningful information about the plaintext from the


ciphertext.

9/ 43
Bodhisatwa Mazumdar CS 417
How security of encryption should be defined?...Probable answers

An encryption scheme is secure if no adversary can


find the secret key when given a ciphertext.

find the plaintext that corresponds to the ciphertext.

find any of the plaintext that corresponds to the ciphertext.

derive any meaningful information about the plaintext from the


ciphertext.

compute any function of the plaintext from the ciphertext.

9/ 43
Bodhisatwa Mazumdar CS 417
How security of encryption should be defined?...Probable answers

An encryption scheme is secure if no adversary can


find the secret key when given a ciphertext.

find the plaintext that corresponds to the ciphertext.

find any of the plaintext that corresponds to the ciphertext.

derive any meaningful information about the plaintext from the


ciphertext.

compute any function of the plaintext from the ciphertext.

To fully define security of a cryptographic primitive, two issues need to be


taken care of:

9/ 43
Bodhisatwa Mazumdar CS 417
How security of encryption should be defined?...Probable answers

An encryption scheme is secure if no adversary can


find the secret key when given a ciphertext.

find the plaintext that corresponds to the ciphertext.

find any of the plaintext that corresponds to the ciphertext.

derive any meaningful information about the plaintext from the


ciphertext.

compute any function of the plaintext from the ciphertext.

To fully define security of a cryptographic primitive, two issues need to be


taken care of:
what is considered to be a break?

9/ 43
Bodhisatwa Mazumdar CS 417
How security of encryption should be defined?...Probable answers

An encryption scheme is secure if no adversary can


find the secret key when given a ciphertext.

find the plaintext that corresponds to the ciphertext.

find any of the plaintext that corresponds to the ciphertext.

derive any meaningful information about the plaintext from the


ciphertext.

compute any function of the plaintext from the ciphertext.

To fully define security of a cryptographic primitive, two issues need to be


taken care of:
what is considered to be a break?
what is assumed regarding the power of the adversary?...possible actions
and computational power?
9/ 43
Bodhisatwa Mazumdar CS 417
Symmetric key encryption

Three algorithms:
1 Key generation algorithm, Gen: A probabilistic algorithm
that outputs a key k ∈ K chosen according to some
distribution determined by the scheme.

10/ 43
Bodhisatwa Mazumdar CS 417
Symmetric key encryption

Three algorithms:
1 Key generation algorithm, Gen: A probabilistic algorithm
that outputs a key k ∈ K chosen according to some
distribution determined by the scheme.

2 Encryption algorithm, Enc: Takes as input a key k ∈ K and


plaintext m ∈ M and outputs a ciphertext c ∈ C.

10/ 43
Bodhisatwa Mazumdar CS 417
Symmetric key encryption

Three algorithms:
1 Key generation algorithm, Gen: A probabilistic algorithm
that outputs a key k ∈ K chosen according to some
distribution determined by the scheme.

2 Encryption algorithm, Enc: Takes as input a key k ∈ K and


plaintext m ∈ M and outputs a ciphertext c ∈ C.

3 Decryption algorithm, Dec: Takes as input a key k ∈ K and


ciphertext c ∈ C and outputs a plaintext m ∈ M

10/ 43
Bodhisatwa Mazumdar CS 417
Symmetric Key Encryption

Assumptions:
1 Distributions over K and M are independent; key and plaintext are
chosen independently.

11/ 43
Bodhisatwa Mazumdar CS 417
Symmetric Key Encryption

Assumptions:
1 Distributions over K and M are independent; key and plaintext are
chosen independently.

2 Key is chosen and fixed (shared by Alice and Bob) before the message is
known.

11/ 43
Bodhisatwa Mazumdar CS 417
Symmetric Key Encryption

Assumptions:
1 Distributions over K and M are independent; key and plaintext are
chosen independently.

2 Key is chosen and fixed (shared by Alice and Bob) before the message is
known.

3 Distribution over K is fixed by encryption scheme itself (defined by Gen).

11/ 43
Bodhisatwa Mazumdar CS 417
Symmetric Key Encryption

Assumptions:
1 Distributions over K and M are independent; key and plaintext are
chosen independently.

2 Key is chosen and fixed (shared by Alice and Bob) before the message is
known.

3 Distribution over K is fixed by encryption scheme itself (defined by Gen).

4 Distribution over M may vary depending on the parties using the


encryption scheme.

11/ 43
Bodhisatwa Mazumdar CS 417
Symmetric Key Encryption

Assumptions:
1 Distributions over K and M are independent; key and plaintext are
chosen independently.

2 Key is chosen and fixed (shared by Alice and Bob) before the message is
known.

3 Distribution over K is fixed by encryption scheme itself (defined by Gen).

4 Distribution over M may vary depending on the parties using the


encryption scheme.

5 For c ∈ C, we write Pr [C = c] to denote the probability that the


ciphertext is c.

11/ 43
Bodhisatwa Mazumdar CS 417
Symmetric Key Encryption

Assumptions:
1 Distributions over K and M are independent; key and plaintext are
chosen independently.

2 Key is chosen and fixed (shared by Alice and Bob) before the message is
known.

3 Distribution over K is fixed by encryption scheme itself (defined by Gen).

4 Distribution over M may vary depending on the parties using the


encryption scheme.

5 For c ∈ C, we write Pr [C = c] to denote the probability that the


ciphertext is c.

6 Given Enc, the distribution over C is fixed by the distributions over K and
M.

11/ 43
Bodhisatwa Mazumdar CS 417
Perfectly Secret Encryption

Threat Model
1 We imagine an adversary who knows the probability distribution over M.

12/ 43
Bodhisatwa Mazumdar CS 417
Perfectly Secret Encryption

Threat Model
1 We imagine an adversary who knows the probability distribution over M.

2 Adversary observes some ciphertext being sent by one party to other;


observing this ciphertext should have no effect on the knowledge of the
adversary.

12/ 43
Bodhisatwa Mazumdar CS 417
Perfectly Secret Encryption

Threat Model
1 We imagine an adversary who knows the probability distribution over M.

2 Adversary observes some ciphertext being sent by one party to other;


observing this ciphertext should have no effect on the knowledge of the
adversary.

3 The a posteriori likelihood that some message m was sent (even


given the ciphertext that was seen) should be no different from the a
priori probability that m would be sent.

12/ 43
Bodhisatwa Mazumdar CS 417
Perfectly Secret Encryption

Threat Model
1 We imagine an adversary who knows the probability distribution over M.

2 Adversary observes some ciphertext being sent by one party to other;


observing this ciphertext should have no effect on the knowledge of the
adversary.

3 The a posteriori likelihood that some message m was sent (even


given the ciphertext that was seen) should be no different from the a
priori probability that m would be sent.

4 This should hold ∀m ∈ M. Furthermore, this should hold even if the


adversary has unbounded computational power.

12/ 43
Bodhisatwa Mazumdar CS 417
Perfectly Secret Encryption

Threat Model
1 We imagine an adversary who knows the probability distribution over M.

2 Adversary observes some ciphertext being sent by one party to other;


observing this ciphertext should have no effect on the knowledge of the
adversary.

3 The a posteriori likelihood that some message m was sent (even


given the ciphertext that was seen) should be no different from the a
priori probability that m would be sent.

4 This should hold ∀m ∈ M. Furthermore, this should hold even if the


adversary has unbounded computational power.

5 Underlying meaning: A ciphertext reveals nothing about the underlying


plaintext, and thus an adversary who intercepts a ciphertext learns
absolutely nothing about the plaintext that was encrypted.

12/ 43
Bodhisatwa Mazumdar CS 417
Perfectly Secret Encryption

Definition of Perfect Secrecy


An encryption scheme (Gen, Enc, Dec) over a message space M is
perfectly secret if for every probability distribution over M, every
message m ∈ M, and every ciphertext c ∈ C for which
Pr [C = c] > 0:

Pr [M = m|C = c] = Pr [M = m]

13/ 43
Bodhisatwa Mazumdar CS 417
Perfectly Secret Encryption

Definition of Perfect Secrecy


An encryption scheme (Gen, Enc, Dec) over a message space M is
perfectly secret if for every probability distribution over M, every
message m ∈ M, and every ciphertext c ∈ C for which
Pr [C = c] > 0:

Pr [M = m|C = c] = Pr [M = m]
A simplifying convention: We consider only probability distributions over M
and C that assign non-zero probabilities ∀m ∈ M and c ∈ C.

13/ 43
Bodhisatwa Mazumdar CS 417
Perfectly Secret Encryption...An equivalent formulation

Lemma
An encryption scheme (Gen, Enc, Dec) over a message space M is
perfectly secret if and only if for every probability distribution over
M, ∀m ∈ M, ∀c ∈ C

Pr [C = c|M = m] = Pr [C = c]

14/ 43
Bodhisatwa Mazumdar CS 417
Perfectly Secret Encryption...An equivalent formulation

Lemma
An encryption scheme (Gen, Enc, Dec) over a message space M is
perfectly secret if and only if for every probability distribution over
M, ∀m ∈ M, ∀c ∈ C

Pr [C = c|M = m] = Pr [C = c]
It is important to consider that ∀m ∈ M, Pr [M = m] > 0, and ∀c ∈ C,
Pr [C = c] > 0.

Leads to another useful formulation about perfect secrecy: The probability


distribution over C is independent of the plaintext.

14/ 43
Bodhisatwa Mazumdar CS 417
Perfect Indistinguishability
Alternate formulation for perfect secrecy:
1 Let C (m) denote the distribution over the ciphertext when the message
being encrypted is m ∈ M.

15/ 43
Bodhisatwa Mazumdar CS 417
Perfect Indistinguishability
Alternate formulation for perfect secrecy:
1 Let C (m) denote the distribution over the ciphertext when the message
being encrypted is m ∈ M.

2 The distribution depends on the choice of the key and the randomness of
the encryption algorithm if it is probabilistic.

15/ 43
Bodhisatwa Mazumdar CS 417
Perfect Indistinguishability
Alternate formulation for perfect secrecy:
1 Let C (m) denote the distribution over the ciphertext when the message
being encrypted is m ∈ M.

2 The distribution depends on the choice of the key and the randomness of
the encryption algorithm if it is probabilistic.

3 Claim: ∀m0 , m1 ∈ M, the distributions C (m0 ) and C (m1 ) are identical.

15/ 43
Bodhisatwa Mazumdar CS 417
Perfect Indistinguishability
Alternate formulation for perfect secrecy:
1 Let C (m) denote the distribution over the ciphertext when the message
being encrypted is m ∈ M.

2 The distribution depends on the choice of the key and the randomness of
the encryption algorithm if it is probabilistic.

3 Claim: ∀m0 , m1 ∈ M, the distributions C (m0 ) and C (m1 ) are identical.

4 Perfect Indistinguishability: It is impossible to distinguish an encryption of


m0 from an encryption of m1 .

15/ 43
Bodhisatwa Mazumdar CS 417
Perfect Indistinguishability
Alternate formulation for perfect secrecy:
1 Let C (m) denote the distribution over the ciphertext when the message
being encrypted is m ∈ M.

2 The distribution depends on the choice of the key and the randomness of
the encryption algorithm if it is probabilistic.

3 Claim: ∀m0 , m1 ∈ M, the distributions C (m0 ) and C (m1 ) are identical.

4 Perfect Indistinguishability: It is impossible to distinguish an encryption of


m0 from an encryption of m1 .

Perfect Indistinguishability
An encryption scheme (Gen, Enc, Dec) over a message space M s
perfectly secret if and only if for every probability distribution over
M, ∀m0 , m1 ∈ M, and ∀c ∈ C,

Pr [C = c|M = m0 ] = Pr [C = c|M = m1 ]
15/ 43
Bodhisatwa Mazumdar CS 417
Perfect Secrecy..An Example

One-time pad Cipher


A one-time pad is a Shannon cipher E = (Enc, Dec), where the keys, messages,
and ciphertexts are bit strings of the same length, i.e., E is defined over
(K, M, C), where,

|K| = |M| = |C| = {0, 1}L

for some fixed parameter L. For a key k ∈ {0, 1}L and plaintext m ∈ {0, 1}L ,
the encryption function is defined as follows:

Enc(k, m) = k ⊕ m,

For a key k ∈ {0, 1}L and ciphertext c ∈ {0, 1}L , the decryption function is
defined as follows:

Dec(k, c) = k ⊕ c,

The correctness property holds ∀k, m ∈ {0, 1}L .

16/ 43
Bodhisatwa Mazumdar CS 417
Perfect Secrecy..An Example

One-time pad Cipher


A one-time pad is a Shannon cipher E = (Enc, Dec), where the keys, messages,
and ciphertexts are bit strings of the same length, i.e., E is defined over
(K, M, C), where,

|K| = |M| = |C| = {0, 1}L

for some fixed parameter L. For a key k ∈ {0, 1}L and plaintext m ∈ {0, 1}L ,
the encryption function is defined as follows:

Enc(k, m) = k ⊕ m,

For a key k ∈ {0, 1}L and ciphertext c ∈ {0, 1}L , the decryption function is
defined as follows:

Dec(k, c) = k ⊕ c,

The correctness property holds ∀k, m ∈ {0, 1}L .

What property should the Enc function in a Shannon cipher satisfy for the
correctness property of the cipher? 16/ 43
Bodhisatwa Mazumdar CS 417
Traditional Symmetric Key Ciphers
Two categories:
1 Substitution cipher: Replace one symbol in the plaintext with
another symbol.

17/ 43
Bodhisatwa Mazumdar CS 417
Traditional Symmetric Key Ciphers
Two categories:
1 Substitution cipher: Replace one symbol in the plaintext with
another symbol.
2 Transposition cipher: Reorder the position of the symbols in the
plaintext.

17/ 43
Bodhisatwa Mazumdar CS 417
Traditional Symmetric Key Ciphers
Two categories:
1 Substitution cipher: Replace one symbol in the plaintext with
another symbol.
2 Transposition cipher: Reorder the position of the symbols in the
plaintext.

Substitution Ciphers:
1 Monoalphabetic Ciphers: Relationship between a symbol in
plaintext and a symbol in a cipheretxt is always one-to-one.
Example, Plaintext: hello, Ciphertext: KHOOR. X
Plaintext: hello, Ciphertext: ABNZF. ×

17/ 43
Bodhisatwa Mazumdar CS 417
Traditional Symmetric Key Ciphers
Two categories:
1 Substitution cipher: Replace one symbol in the plaintext with
another symbol.
2 Transposition cipher: Reorder the position of the symbols in the
plaintext.

Substitution Ciphers:
1 Monoalphabetic Ciphers: Relationship between a symbol in
plaintext and a symbol in a cipheretxt is always one-to-one.
Example, Plaintext: hello, Ciphertext: KHOOR. X
Plaintext: hello, Ciphertext: ABNZF. ×
Example of monoalphabetic cipher: Additive/Shift/Caesar Cipher.
Enc(k, m) : c = (m + k) mod 26
Dec(k, c) : m = (c − k) mod 26

17/ 43
Bodhisatwa Mazumdar CS 417
Traditional Symmetric Key Ciphers
Two categories:
1 Substitution cipher: Replace one symbol in the plaintext with
another symbol.
2 Transposition cipher: Reorder the position of the symbols in the
plaintext.

Substitution Ciphers:
1 Monoalphabetic Ciphers: Relationship between a symbol in
plaintext and a symbol in a cipheretxt is always one-to-one.
Example, Plaintext: hello, Ciphertext: KHOOR. X
Plaintext: hello, Ciphertext: ABNZF. ×
Example of monoalphabetic cipher: Additive/Shift/Caesar Cipher.
Enc(k, m) : c = (m + k) mod 26
Dec(k, c) : m = (c − k) mod 26
When the cipher is additive, the plaintext, the key, and the
ciphertext are integers in Z26 .
17/ 43
Bodhisatwa Mazumdar CS 417
Traditional Symmetric Key Ciphers
Two categories:
1 Substitution cipher: Replace one symbol in the plaintext with
another symbol.
2 Transposition cipher: Reorder the position of the symbols in the
plaintext.

Substitution Ciphers:
1 Monoalphabetic Ciphers: Relationship between a symbol in
plaintext and a symbol in a cipheretxt is always one-to-one.
Example, Plaintext: hello, Ciphertext: KHOOR. X
Plaintext: hello, Ciphertext: ABNZF. ×
Example of monoalphabetic cipher: Additive/Shift/Caesar Cipher.
Enc(k, m) : c = (m + k) mod 26
Dec(k, c) : m = (c − k) mod 26
When the cipher is additive, the plaintext, the key, and the
ciphertext are integers in Z26 .What about cryptanalysis?
17/ 43
Bodhisatwa Mazumdar CS 417
Monoalphabetic Ciphers
Multiplicative Cipher:
1 Enc(k,m): c = (k × m)mod 26
2 Dec(k,c): m = (k −1 × c)mod 26

18/ 43
Bodhisatwa Mazumdar CS 417
Monoalphabetic Ciphers
Multiplicative Cipher:
1 Enc(k,m): c = (k × m)mod 26
2 Dec(k,c): m = (k −1 × c)mod 26
3 Since operations are in Z26 , decryption means multiplying by the
multiplicative inverse of the key.

18/ 43
Bodhisatwa Mazumdar CS 417
Monoalphabetic Ciphers
Multiplicative Cipher:
1 Enc(k,m): c = (k × m)mod 26
2 Dec(k,c): m = (k −1 × c)mod 26
3 Since operations are in Z26 , decryption means multiplying by the
multiplicative inverse of the key.
4 The key needs to belong to the set Z∗26 , to guarantee that the
encryption and decryption are inverses of each other.

18/ 43
Bodhisatwa Mazumdar CS 417
Monoalphabetic Ciphers
Multiplicative Cipher:
1 Enc(k,m): c = (k × m)mod 26
2 Dec(k,c): m = (k −1 × c)mod 26
3 Since operations are in Z26 , decryption means multiplying by the
multiplicative inverse of the key.
4 The key needs to belong to the set Z∗26 , to guarantee that the
encryption and decryption are inverses of each other.
5 m, c ∈ Z26 , k ∈ Z∗26

18/ 43
Bodhisatwa Mazumdar CS 417
Monoalphabetic Ciphers
Multiplicative Cipher:
1 Enc(k,m): c = (k × m)mod 26
2 Dec(k,c): m = (k −1 × c)mod 26
3 Since operations are in Z26 , decryption means multiplying by the
multiplicative inverse of the key.
4 The key needs to belong to the set Z∗26 , to guarantee that the
encryption and decryption are inverses of each other.
5 m, c ∈ Z26 , k ∈ Z∗26

Affine Cipher
1 Combination of additive and multiplicative ciphers
2 Enc(k1 , k2 , m): T = (m × k1 )mod 26, c = (T + k2 )mod 26
3 Dec(k1 , k2 , c): T = (c − k2 )mod 26, m = (T × k1−1 )mod 26
4 Size of the key domain? 18/ 43
Bodhisatwa Mazumdar CS 417
Mathematical Preliminaries

1 Modular Arithmetic

2 Introduction to Field Theory

3 Euler Totient function

4 Fermat’s Little Theorem

19/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic...Congruences

a is congruent to b mod m, i.e., (a ≡ b mod m) if m divides (b − a)

20/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic...Congruences

a is congruent to b mod m, i.e., (a ≡ b mod m) if m divides (b − a)

Example: −2 ≡ 19(mod 21), 9 ≡ −4(mod 13)

20/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic...Congruences

a is congruent to b mod m, i.e., (a ≡ b mod m) if m divides (b − a)

Example: −2 ≡ 19(mod 21), 9 ≡ −4(mod 13)

Congruence modulo m is an equivalence relation on Z:

20/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic...Congruences

a is congruent to b mod m, i.e., (a ≡ b mod m) if m divides (b − a)

Example: −2 ≡ 19(mod 21), 9 ≡ −4(mod 13)

Congruence modulo m is an equivalence relation on Z:


a ≡ a mod m (reflexivity)

20/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic...Congruences

a is congruent to b mod m, i.e., (a ≡ b mod m) if m divides (b − a)

Example: −2 ≡ 19(mod 21), 9 ≡ −4(mod 13)

Congruence modulo m is an equivalence relation on Z:


a ≡ a mod m (reflexivity)
a ≡ b mod m ⇒ b ≡ a mod m (symmetry)

20/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic...Congruences

a is congruent to b mod m, i.e., (a ≡ b mod m) if m divides (b − a)

Example: −2 ≡ 19(mod 21), 9 ≡ −4(mod 13)

Congruence modulo m is an equivalence relation on Z:


a ≡ a mod m (reflexivity)
a ≡ b mod m ⇒ b ≡ a mod m (symmetry)
(a ≡ b mod m) ∧ (b ≡ c mod m) ⇒ (a ≡ c mod m)
(transitivity)

20/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic...Congruences

a is congruent to b mod m, i.e., (a ≡ b mod m) if m divides (b − a)

Example: −2 ≡ 19(mod 21), 9 ≡ −4(mod 13)

Congruence modulo m is an equivalence relation on Z:


a ≡ a mod m (reflexivity)
a ≡ b mod m ⇒ b ≡ a mod m (symmetry)
(a ≡ b mod m) ∧ (b ≡ c mod m) ⇒ (a ≡ c mod m)
(transitivity)

Properties:
Property 1: (a+b)mod n ≡ [a(mod n) + b(mod n)] mod n
Property 2: (a-b)mod n ≡ [a(mod n) - b(mod n)] mod n
Property 3: (a×b)mod n ≡ [a(mod n) × b(mod n)] mod n

20/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic
The following statements are equivalent:
a ≡ b(mod m)

21/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic
The following statements are equivalent:
a ≡ b(mod m)

∃k ∈ Z, a = b + km

21/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic
The following statements are equivalent:
a ≡ b(mod m)

∃k ∈ Z, a = b + km

a divided by m and b divided by m leave same remainders

21/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic
The following statements are equivalent:
a ≡ b(mod m)

∃k ∈ Z, a = b + km

a divided by m and b divided by m leave same remainders

Equivalence class of a mod m comprises all integers that are obtained by adding
a with integral multiples of m

21/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic
The following statements are equivalent:
a ≡ b(mod m)

∃k ∈ Z, a = b + km

a divided by m and b divided by m leave same remainders

Equivalence class of a mod m comprises all integers that are obtained by adding
a with integral multiples of m

called residue class of a mod m

21/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic
The following statements are equivalent:
a ≡ b(mod m)

∃k ∈ Z, a = b + km

a divided by m and b divided by m leave same remainders

Equivalence class of a mod m comprises all integers that are obtained by adding
a with integral multiples of m

called residue class of a mod m


Residue class of 1 mod 5= {1, 1 ± 5, 1 ± 2 × 5, 1 ± 3 × 5, . . .}

21/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic
The following statements are equivalent:
a ≡ b(mod m)

∃k ∈ Z, a = b + km

a divided by m and b divided by m leave same remainders

Equivalence class of a mod m comprises all integers that are obtained by adding
a with integral multiples of m

called residue class of a mod m


Residue class of 1 mod 5= {1, 1 ± 5, 1 ± 2 × 5, 1 ± 3 × 5, . . .}
This is called a complete set of incongruent residues (complete system)

21/ 43
Bodhisatwa Mazumdar CS 417
Modular Arithmetic
The following statements are equivalent:
a ≡ b(mod m)

∃k ∈ Z, a = b + km

a divided by m and b divided by m leave same remainders

Equivalence class of a mod m comprises all integers that are obtained by adding
a with integral multiples of m

called residue class of a mod m


Residue class of 1 mod 5= {1, 1 ± 5, 1 ± 2 × 5, 1 ± 3 × 5, . . .}
This is called a complete set of incongruent residues (complete system)

Theorem
a ≡ b (mod n) and c ≡ d (mod n) implies that
1 −a ≡ −b (mod n)
2 (a + c) ≡ (b + d) (mod n)
3 (ac) ≡ (bd) (mod n)
21/ 43
Bodhisatwa Mazumdar CS 417
Operations
1 Additive inverse:
In Zn , two numbers a and b are additive inverses of each other if
a + b ≡ 0 mod n.

22/ 43
Bodhisatwa Mazumdar CS 417
Operations
1 Additive inverse:
In Zn , two numbers a and b are additive inverses of each other if
a + b ≡ 0 mod n.
The additive inverse of a can be calculated as b = n − a. For e.g. in
Z10 , the additive inverse of 4 is 10 − 4 = 6.

22/ 43
Bodhisatwa Mazumdar CS 417
Operations
1 Additive inverse:
In Zn , two numbers a and b are additive inverses of each other if
a + b ≡ 0 mod n.
The additive inverse of a can be calculated as b = n − a. For e.g. in
Z10 , the additive inverse of 4 is 10 − 4 = 6.
In modular arithmetic, each integer has an additive inverse.

22/ 43
Bodhisatwa Mazumdar CS 417
Operations
1 Additive inverse:
In Zn , two numbers a and b are additive inverses of each other if
a + b ≡ 0 mod n.
The additive inverse of a can be calculated as b = n − a. For e.g. in
Z10 , the additive inverse of 4 is 10 − 4 = 6.
In modular arithmetic, each integer has an additive inverse.
2 Mutiplicative inverse:
In Zn , two numbers a and b are multiplicative inverse of each other
if a × b ≡ 1 (mod n).

22/ 43
Bodhisatwa Mazumdar CS 417
Operations
1 Additive inverse:
In Zn , two numbers a and b are additive inverses of each other if
a + b ≡ 0 mod n.
The additive inverse of a can be calculated as b = n − a. For e.g. in
Z10 , the additive inverse of 4 is 10 − 4 = 6.
In modular arithmetic, each integer has an additive inverse.
2 Mutiplicative inverse:
In Zn , two numbers a and b are multiplicative inverse of each other
if a × b ≡ 1 (mod n).
If the modulus is 10, then the multiplicative inverse of 3 is 7, i.e.,
(3 × 7)mod 10 ≡ 1.

22/ 43
Bodhisatwa Mazumdar CS 417
Operations
1 Additive inverse:
In Zn , two numbers a and b are additive inverses of each other if
a + b ≡ 0 mod n.
The additive inverse of a can be calculated as b = n − a. For e.g. in
Z10 , the additive inverse of 4 is 10 − 4 = 6.
In modular arithmetic, each integer has an additive inverse.
2 Mutiplicative inverse:
In Zn , two numbers a and b are multiplicative inverse of each other
if a × b ≡ 1 (mod n).
If the modulus is 10, then the multiplicative inverse of 3 is 7, i.e.,
(3 × 7)mod 10 ≡ 1.
In modular arithmetic, an integer may or may not have a
multiplicative inverse.

22/ 43
Bodhisatwa Mazumdar CS 417
Operations
1 Additive inverse:
In Zn , two numbers a and b are additive inverses of each other if
a + b ≡ 0 mod n.
The additive inverse of a can be calculated as b = n − a. For e.g. in
Z10 , the additive inverse of 4 is 10 − 4 = 6.
In modular arithmetic, each integer has an additive inverse.
2 Mutiplicative inverse:
In Zn , two numbers a and b are multiplicative inverse of each other
if a × b ≡ 1 (mod n).
If the modulus is 10, then the multiplicative inverse of 3 is 7, i.e.,
(3 × 7)mod 10 ≡ 1.
In modular arithmetic, an integer may or may not have a
multiplicative inverse.
An integer a ∈ Zn has a multiplicative inverse iff gcd(n,a) = 1.

22/ 43
Bodhisatwa Mazumdar CS 417
Operations
1 Additive inverse:
In Zn , two numbers a and b are additive inverses of each other if
a + b ≡ 0 mod n.
The additive inverse of a can be calculated as b = n − a. For e.g. in
Z10 , the additive inverse of 4 is 10 − 4 = 6.
In modular arithmetic, each integer has an additive inverse.
2 Mutiplicative inverse:
In Zn , two numbers a and b are multiplicative inverse of each other
if a × b ≡ 1 (mod n).
If the modulus is 10, then the multiplicative inverse of 3 is 7, i.e.,
(3 × 7)mod 10 ≡ 1.
In modular arithmetic, an integer may or may not have a
multiplicative inverse.
An integer a ∈ Zn has a multiplicative inverse iff gcd(n,a) = 1.
The extended Euclidean algorithm computes the multiplicative
inverse of a in Zn when gcd(n, a) = 1.
22/ 43
Bodhisatwa Mazumdar CS 417
Algebraic Structures

23/ 43
Bodhisatwa Mazumdar CS 417
Semigroups

1 If X is a set, a map ◦ : X × X 7→ X , which transforms two elements x1


and x2 to the element x1 ◦ x2 is called an operation.

24/ 43
Bodhisatwa Mazumdar CS 417
Semigroups

1 If X is a set, a map ◦ : X × X 7→ X , which transforms two elements x1


and x2 to the element x1 ◦ x2 is called an operation.

2 An operation ◦ on X is associative if, ∀a, b, c ∈ X , (a ◦ b) ◦ c = a ◦ (b ◦ c).

24/ 43
Bodhisatwa Mazumdar CS 417
Semigroups

1 If X is a set, a map ◦ : X × X 7→ X , which transforms two elements x1


and x2 to the element x1 ◦ x2 is called an operation.

2 An operation ◦ on X is associative if, ∀a, b, c ∈ X , (a ◦ b) ◦ c = a ◦ (b ◦ c).

3 The operation ◦ is commutative if ∀a, b ∈ X , a ◦ b = b ◦ a.

24/ 43
Bodhisatwa Mazumdar CS 417
Semigroups

1 If X is a set, a map ◦ : X × X 7→ X , which transforms two elements x1


and x2 to the element x1 ◦ x2 is called an operation.

2 An operation ◦ on X is associative if, ∀a, b, c ∈ X , (a ◦ b) ◦ c = a ◦ (b ◦ c).

3 The operation ◦ is commutative if ∀a, b ∈ X , a ◦ b = b ◦ a.

4 A pair (X , ◦) comprising a set X and associative operation ◦ on X is


called a semigroup.

24/ 43
Bodhisatwa Mazumdar CS 417
Semigroups

1 If X is a set, a map ◦ : X × X 7→ X , which transforms two elements x1


and x2 to the element x1 ◦ x2 is called an operation.

2 An operation ◦ on X is associative if, ∀a, b, c ∈ X , (a ◦ b) ◦ c = a ◦ (b ◦ c).

3 The operation ◦ is commutative if ∀a, b ∈ X , a ◦ b = b ◦ a.

4 A pair (X , ◦) comprising a set X and associative operation ◦ on X is


called a semigroup.

5 The semigroup is abelian or commutative if ◦ is commutative. For e.g.


(Z, +), (Z, ·), (Zn , +), (Zn , ·).

24/ 43
Bodhisatwa Mazumdar CS 417
Semigroups

1 If X is a set, a map ◦ : X × X 7→ X , which transforms two elements x1


and x2 to the element x1 ◦ x2 is called an operation.

2 An operation ◦ on X is associative if, ∀a, b, c ∈ X , (a ◦ b) ◦ c = a ◦ (b ◦ c).

3 The operation ◦ is commutative if ∀a, b ∈ X , a ◦ b = b ◦ a.

4 A pair (X , ◦) comprising a set X and associative operation ◦ on X is


called a semigroup.

5 The semigroup is abelian or commutative if ◦ is commutative. For e.g.


(Z, +), (Z, ·), (Zn , +), (Zn , ·).

6 Implications:
∀a ∈ X and n ∈ Z, a1 = a, an+1 = a ◦ an

24/ 43
Bodhisatwa Mazumdar CS 417
Semigroups

1 If X is a set, a map ◦ : X × X 7→ X , which transforms two elements x1


and x2 to the element x1 ◦ x2 is called an operation.

2 An operation ◦ on X is associative if, ∀a, b, c ∈ X , (a ◦ b) ◦ c = a ◦ (b ◦ c).

3 The operation ◦ is commutative if ∀a, b ∈ X , a ◦ b = b ◦ a.

4 A pair (X , ◦) comprising a set X and associative operation ◦ on X is


called a semigroup.

5 The semigroup is abelian or commutative if ◦ is commutative. For e.g.


(Z, +), (Z, ·), (Zn , +), (Zn , ·).

6 Implications:
∀a ∈ X and n ∈ Z, a1 = a, an+1 = a ◦ an
∀a ∈ X and n, m ∈ Z, an ◦ am = am+n , (an )m = anm

24/ 43
Bodhisatwa Mazumdar CS 417
Semigroups

1 If X is a set, a map ◦ : X × X 7→ X , which transforms two elements x1


and x2 to the element x1 ◦ x2 is called an operation.

2 An operation ◦ on X is associative if, ∀a, b, c ∈ X , (a ◦ b) ◦ c = a ◦ (b ◦ c).

3 The operation ◦ is commutative if ∀a, b ∈ X , a ◦ b = b ◦ a.

4 A pair (X , ◦) comprising a set X and associative operation ◦ on X is


called a semigroup.

5 The semigroup is abelian or commutative if ◦ is commutative. For e.g.


(Z, +), (Z, ·), (Zn , +), (Zn , ·).

6 Implications:
∀a ∈ X and n ∈ Z, a1 = a, an+1 = a ◦ an
∀a ∈ X and n, m ∈ Z, an ◦ am = am+n , (an )m = anm
If a, b ∈ X and a ◦ b = b ◦ a then (a ◦ b)n = an ◦ b n

24/ 43
Bodhisatwa Mazumdar CS 417
Monoid

1 An identity element of the semigroup (X , ◦) is an element


e ∈ X , which satisfies ∀a, e ◦ a = a ◦ e = a.

25/ 43
Bodhisatwa Mazumdar CS 417
Monoid

1 An identity element of the semigroup (X , ◦) is an element


e ∈ X , which satisfies ∀a, e ◦ a = a ◦ e = a.
2 If a semigroup comprises an identity element, it is called a
monoid.

25/ 43
Bodhisatwa Mazumdar CS 417
Monoid

1 An identity element of the semigroup (X , ◦) is an element


e ∈ X , which satisfies ∀a, e ◦ a = a ◦ e = a.
2 If a semigroup comprises an identity element, it is called a
monoid.
3 A semigroup has at most one identity element.

25/ 43
Bodhisatwa Mazumdar CS 417
Monoid

1 An identity element of the semigroup (X , ◦) is an element


e ∈ X , which satisfies ∀a, e ◦ a = a ◦ e = a.
2 If a semigroup comprises an identity element, it is called a
monoid.
3 A semigroup has at most one identity element.
4 If e ∈ X is an identity element of the semigroup (X , ◦), then
b ∈ X is called an inverse of a if b ◦ a = a ◦ b = e.

25/ 43
Bodhisatwa Mazumdar CS 417
Monoid

1 An identity element of the semigroup (X , ◦) is an element


e ∈ X , which satisfies ∀a, e ◦ a = a ◦ e = a.
2 If a semigroup comprises an identity element, it is called a
monoid.
3 A semigroup has at most one identity element.
4 If e ∈ X is an identity element of the semigroup (X , ◦), then
b ∈ X is called an inverse of a if b ◦ a = a ◦ b = e.
5 If a has an inverse, then a is invertible in the semigroup X .

25/ 43
Bodhisatwa Mazumdar CS 417
Monoid

1 An identity element of the semigroup (X , ◦) is an element


e ∈ X , which satisfies ∀a, e ◦ a = a ◦ e = a.
2 If a semigroup comprises an identity element, it is called a
monoid.
3 A semigroup has at most one identity element.
4 If e ∈ X is an identity element of the semigroup (X , ◦), then
b ∈ X is called an inverse of a if b ◦ a = a ◦ b = e.
5 If a has an inverse, then a is invertible in the semigroup X .
6 In a monoid, each element has at most one inverse.

25/ 43
Bodhisatwa Mazumdar CS 417
Groups

1 A group is a monoid in which every element is invertible.

26/ 43
Bodhisatwa Mazumdar CS 417
Groups

1 A group is a monoid in which every element is invertible.


2 The group is commutative or abelian if the monoid is
commutative.

26/ 43
Bodhisatwa Mazumdar CS 417
Groups

1 A group is a monoid in which every element is invertible.


2 The group is commutative or abelian if the monoid is
commutative.
3 Examples:
(Z, +) is an abelian group
(Z, ·) is not a group
(Zn , +) is an abelian group

26/ 43
Bodhisatwa Mazumdar CS 417
Group

Definition:
The set X is a group under the operation ◦ if it satisfies the
following properties:
1 Associativity: The operation ◦ is associative, i.e.,
∀a, b, c ∈ X , a ◦ (b ◦ c) = (a ◦ b) ◦ c.
2 Identity: Existence of identity, e in X .
3 Inverse: ∀a ∈ X , ∃b ∈ X such that a ◦ b = b ◦ a = e.

27/ 43
Bodhisatwa Mazumdar CS 417
Group

Definition:
The set X is a group under the operation ◦ if it satisfies the
following properties:
1 Associativity: The operation ◦ is associative, i.e.,
∀a, b, c ∈ X , a ◦ (b ◦ c) = (a ◦ b) ◦ c.
2 Identity: Existence of identity, e in X .
3 Inverse: ∀a ∈ X , ∃b ∈ X such that a ◦ b = b ◦ a = e.

Properties:
1 In group X , there is only one identity element.
2 In a group X , the right and left cancellation laws hold; that is,
b ◦ a = c ◦ a implies b = c and a ◦ b = a ◦ c implies b = c.
3 The inverse of each element a ∈ X is unique.
4 For group elements a and b, (a ◦ b)−1 = b −1 ◦ a−1 .
27/ 43
Bodhisatwa Mazumdar CS 417
Groups
A consequence of cancellation property is the fact that in a Cayley table
for a group, each group element occurs exactly once in each row and
column.

28/ 43
Bodhisatwa Mazumdar CS 417
Groups
A consequence of cancellation property is the fact that in a Cayley table
for a group, each group element occurs exactly once in each row and
column.

mod 10 1 3 7 9
1 1 3 7 9
3 3 9 1 7
7 7 1 9 3
9 9 7 3 1

Table : Cayley table for Z∗10 under modulo 10 multiplication. The group
< Z∗10 , · > is an abelian group where multiplication and division can be
performed

28/ 43
Bodhisatwa Mazumdar CS 417
Groups
A consequence of cancellation property is the fact that in a Cayley table
for a group, each group element occurs exactly once in each row and
column.

mod 10 1 3 7 9
1 1 3 7 9
3 3 9 1 7
7 7 1 9 3
9 9 7 3 1

Table : Cayley table for Z∗10 under modulo 10 multiplication. The group
< Z∗10 , · > is an abelian group where multiplication and division can be
performed

Important Note:
In a group, the elements in the set do not have to be numbers or objects; they
can be rules, mappings, functions, or even actions. For e.g. a permutation
group. Set of all permutations and the operation is composition.
28/ 43
Bodhisatwa Mazumdar CS 417
Some Other Properties of Groups

Finite group
A group is called finite group if the set has finite number of elements,
otherwise it is an infinite group.

29/ 43
Bodhisatwa Mazumdar CS 417
Some Other Properties of Groups

Finite group
A group is called finite group if the set has finite number of elements,
otherwise it is an infinite group.

Order of a group
The order of a group X denoted as |X | is the number of elements in the group.
If the group is not finite then the order is infinite; if the group is finite, then teh
order is finite.

29/ 43
Bodhisatwa Mazumdar CS 417
Some Other Properties of Groups

Finite group
A group is called finite group if the set has finite number of elements,
otherwise it is an infinite group.

Order of a group
The order of a group X denoted as |X | is the number of elements in the group.
If the group is not finite then the order is infinite; if the group is finite, then teh
order is finite.

Subgroups
A non-empty subset X1 of a group X is a subgroup of X if X1 itself is a group
w.r.t. the operation on X .

29/ 43
Bodhisatwa Mazumdar CS 417
Some Other Properties of Groups

Finite group
A group is called finite group if the set has finite number of elements,
otherwise it is an infinite group.

Order of a group
The order of a group X denoted as |X | is the number of elements in the group.
If the group is not finite then the order is infinite; if the group is finite, then teh
order is finite.

Subgroups
A non-empty subset X1 of a group X is a subgroup of X if X1 itself is a group
w.r.t. the operation on X .

Question
Is the group < Z10 , + > a subgroup of < Z12 , + >?

29/ 43
Bodhisatwa Mazumdar CS 417
Some Other Properties of Groups

Finite group
A group is called finite group if the set has finite number of elements,
otherwise it is an infinite group.

Order of a group
The order of a group X denoted as |X | is the number of elements in the group.
If the group is not finite then the order is infinite; if the group is finite, then teh
order is finite.

Subgroups
A non-empty subset X1 of a group X is a subgroup of X if X1 itself is a group
w.r.t. the operation on X .

Question
Is the group < Z10 , + > a subgroup of < Z12 , + >?

29/ 43
Bodhisatwa Mazumdar CS 417
Cyclic Subgroups
Definition:
If a subgroup of a group X can be generated using the power of an element,
the subgroup is called a cyclic subgroup. The term power means repeatedly
applying the group operation on the same element:

an → a ◦ a ◦ a . . . ◦ a (ntimes)

30/ 43
Bodhisatwa Mazumdar CS 417
Cyclic Subgroups
Definition:
If a subgroup of a group X can be generated using the power of an element,
the subgroup is called a cyclic subgroup. The term power means repeatedly
applying the group operation on the same element:

an → a ◦ a ◦ a . . . ◦ a (ntimes)

1 The set made from this process is referred to as < a >.


2 The duplicate elements are discarded.
3 a0 = e.

30/ 43
Bodhisatwa Mazumdar CS 417
Cyclic Subgroups
Definition:
If a subgroup of a group X can be generated using the power of an element,
the subgroup is called a cyclic subgroup. The term power means repeatedly
applying the group operation on the same element:

an → a ◦ a ◦ a . . . ◦ a (ntimes)

1 The set made from this process is referred to as < a >.


2 The duplicate elements are discarded.
3 a0 = e.

Example:
Four cyclic subgroups can be generated from the group G =< Z6 , + >. They
are H1 =< {0}, + >, H2 =< {0, 2, 4}, + >, H3 =< {0, 3}, + >, and H4 = G.

30/ 43
Bodhisatwa Mazumdar CS 417
Cyclic Subgroups
Definition:
If a subgroup of a group X can be generated using the power of an element,
the subgroup is called a cyclic subgroup. The term power means repeatedly
applying the group operation on the same element:

an → a ◦ a ◦ a . . . ◦ a (ntimes)

1 The set made from this process is referred to as < a >.


2 The duplicate elements are discarded.
3 a0 = e.

Example:
Four cyclic subgroups can be generated from the group G =< Z6 , + >. They
are H1 =< {0}, + >, H2 =< {0, 2, 4}, + >, H3 =< {0, 3}, + >, and H4 = G.

Cyclic Group
A cyclic group is a group that is its own cyclic subgroup.
30/ 43
Bodhisatwa Mazumdar CS 417
The set Zn and its properties
Consider the set Zn and the two binary operators: modulo n addition and
modulo n multiplication.
Properties
1 Commutatitvity:
(w + x)mod n = (x + w )mod n
(w × x)mod n = (x × w )mod n

31/ 43
Bodhisatwa Mazumdar CS 417
The set Zn and its properties
Consider the set Zn and the two binary operators: modulo n addition and
modulo n multiplication.
Properties
1 Commutatitvity:
(w + x)mod n = (x + w )mod n
(w × x)mod n = (x × w )mod n
2 Associativity:
[(w + x) + y ]mod n = [w + (x + y )]mod n
[(w × x) × y ] mod n = [w × (x × y )] mod n

31/ 43
Bodhisatwa Mazumdar CS 417
The set Zn and its properties
Consider the set Zn and the two binary operators: modulo n addition and
modulo n multiplication.
Properties
1 Commutatitvity:
(w + x)mod n = (x + w )mod n
(w × x)mod n = (x × w )mod n
2 Associativity:
[(w + x) + y ]mod n = [w + (x + y )]mod n
[(w × x) × y ] mod n = [w × (x × y )] mod n
3 Distributivity of multiplication over addition:
[w × (x + y )]mod n = [(w × x) + (w × y )] mod n

31/ 43
Bodhisatwa Mazumdar CS 417
The set Zn and its properties
Consider the set Zn and the two binary operators: modulo n addition and
modulo n multiplication.
Properties
1 Commutatitvity:
(w + x)mod n = (x + w )mod n
(w × x)mod n = (x × w )mod n
2 Associativity:
[(w + x) + y ]mod n = [w + (x + y )]mod n
[(w × x) × y ] mod n = [w × (x × y )] mod n
3 Distributivity of multiplication over addition:
[w × (x + y )]mod n = [(w × x) + (w × y )] mod n
4 Existence of identity elements:
(w + 0)mod n = (0 + w )mod n
(w × 1)mod n = (1 × w )mod n

31/ 43
Bodhisatwa Mazumdar CS 417
The set Zn and its properties
Consider the set Zn and the two binary operators: modulo n addition and
modulo n multiplication.
Properties
1 Commutatitvity:
(w + x)mod n = (x + w )mod n
(w × x)mod n = (x × w )mod n
2 Associativity:
[(w + x) + y ]mod n = [w + (x + y )]mod n
[(w × x) × y ] mod n = [w × (x × y )] mod n
3 Distributivity of multiplication over addition:
[w × (x + y )]mod n = [(w × x) + (w × y )] mod n
4 Existence of identity elements:
(w + 0)mod n = (0 + w )mod n
(w × 1)mod n = (1 × w )mod n
5 Existence of additive inverses: ∀w ∈ Zn , ∃z ∈ Zn , such that,
w + z = 0 mod n
31/ 43
Bodhisatwa Mazumdar CS 417
Rings
Definition:
A ring, denoted as R =< {...}, +, · > is an algebraic structure with two
operations that satisfies following properties:
1 The first operation satisfies all five properties of an abelian group.
2 The second operation satisfies closure and associativity, i.e., < R, · > is
monoid.
3 The second operation distributes over the first operation, i.e.,
∀a, b, c ∈ R, a · (b + c) = (a · b) + (a · c) and (a + b) · c = a · c + b · c.

32/ 43
Bodhisatwa Mazumdar CS 417
Rings
Definition:
A ring, denoted as R =< {...}, +, · > is an algebraic structure with two
operations that satisfies following properties:
1 The first operation satisfies all five properties of an abelian group.
2 The second operation satisfies closure and associativity, i.e., < R, · > is
monoid.
3 The second operation distributes over the first operation, i.e.,
∀a, b, c ∈ R, a · (b + c) = (a · b) + (a · c) and (a + b) · c = a · c + b · c.

Properties:
1 A unity in a ring is a non-zero element that is an identity under
multiplication.

32/ 43
Bodhisatwa Mazumdar CS 417
Rings
Definition:
A ring, denoted as R =< {...}, +, · > is an algebraic structure with two
operations that satisfies following properties:
1 The first operation satisfies all five properties of an abelian group.
2 The second operation satisfies closure and associativity, i.e., < R, · > is
monoid.
3 The second operation distributes over the first operation, i.e.,
∀a, b, c ∈ R, a · (b + c) = (a · b) + (a · c) and (a + b) · c = a · c + b · c.

Properties:
1 A unity in a ring is a non-zero element that is an identity under
multiplication.
2 A commutative ring is a ring in which commutative property is also
satisfied for the second operation.

32/ 43
Bodhisatwa Mazumdar CS 417
Rings
Definition:
A ring, denoted as R =< {...}, +, · > is an algebraic structure with two
operations that satisfies following properties:
1 The first operation satisfies all five properties of an abelian group.
2 The second operation satisfies closure and associativity, i.e., < R, · > is
monoid.
3 The second operation distributes over the first operation, i.e.,
∀a, b, c ∈ R, a · (b + c) = (a · b) + (a · c) and (a + b) · c = a · c + b · c.

Properties:
1 A unity in a ring is a non-zero element that is an identity under
multiplication.
2 A commutative ring is a ring in which commutative property is also
satisfied for the second operation.
3 If a non-zero element of a commutative ring has a multiplicative inverse,
then it is said to be the unit of the ring, i.e., a ∈ R is a unit if a−1 exists.

32/ 43
Bodhisatwa Mazumdar CS 417
Rings
Definition:
A ring, denoted as R =< {...}, +, · > is an algebraic structure with two
operations that satisfies following properties:
1 The first operation satisfies all five properties of an abelian group.
2 The second operation satisfies closure and associativity, i.e., < R, · > is
monoid.
3 The second operation distributes over the first operation, i.e.,
∀a, b, c ∈ R, a · (b + c) = (a · b) + (a · c) and (a + b) · c = a · c + b · c.

Properties:
1 A unity in a ring is a non-zero element that is an identity under
multiplication.
2 A commutative ring is a ring in which commutative property is also
satisfied for the second operation.
3 If a non-zero element of a commutative ring has a multiplicative inverse,
then it is said to be the unit of the ring, i.e., a ∈ R is a unit if a−1 exists.
4 If a ring has a unit, it is unique. If a ring element has a multiplicative
inverse, then it is unique. 32/ 43
Bodhisatwa Mazumdar CS 417
Rings

Examples:
1 The set Z under ordinary addition and multiplication is a commutative
ring with unity 1. The units of Z are 1 and −1.
2 The set Zn under addition and multiplication modulo n is a commutative
ring with unity 1. The set of units is Z∗n .

33/ 43
Bodhisatwa Mazumdar CS 417
Rings

Examples:
1 The set Z under ordinary addition and multiplication is a commutative
ring with unity 1. The units of Z are 1 and −1.
2 The set Zn under addition and multiplication modulo n is a commutative
ring with unity 1. The set of units is Z∗n .

Zero Divisor:
An element a ∈ R is called a zero divisor if it is non-zero and there exists a
non-zero b ∈ R such that a · b = b · a = 0.

33/ 43
Bodhisatwa Mazumdar CS 417
Rings

Examples:
1 The set Z under ordinary addition and multiplication is a commutative
ring with unity 1. The units of Z are 1 and −1.
2 The set Zn under addition and multiplication modulo n is a commutative
ring with unity 1. The set of units is Z∗n .

Zero Divisor:
An element a ∈ R is called a zero divisor if it is non-zero and there exists a
non-zero b ∈ R such that a · b = b · a = 0.

Integral Domain:
An integral domain is a commutative ring with unity and no zero divisors. In
integral domain, a product a · b = 0 only when a = 0 or b = 0.

33/ 43
Bodhisatwa Mazumdar CS 417
Rings

Examples:
1 The set Z under ordinary addition and multiplication is a commutative
ring with unity 1. The units of Z are 1 and −1.
2 The set Zn under addition and multiplication modulo n is a commutative
ring with unity 1. The set of units is Z∗n .

Zero Divisor:
An element a ∈ R is called a zero divisor if it is non-zero and there exists a
non-zero b ∈ R such that a · b = b · a = 0.

Integral Domain:
An integral domain is a commutative ring with unity and no zero divisors. In
integral domain, a product a · b = 0 only when a = 0 or b = 0.

Examples: The ring < Zn , +, · > is not an integral domain when n is not prime;
< Zp , +, · >, where p is prime, is an integral domain.

33/ 43
Bodhisatwa Mazumdar CS 417
Integral Domain and Field

Property
Let a, b, c belong to an integral domain. If a 6= 0 and a · b = a · c,
then b = c.

34/ 43
Bodhisatwa Mazumdar CS 417
Integral Domain and Field

Property
Let a, b, c belong to an integral domain. If a 6= 0 and a · b = a · c,
then b = c.

Field
A field is a commutative ring with unity in which every non-zero
element is a unit.

34/ 43
Bodhisatwa Mazumdar CS 417
Integral Domain and Field

Property
Let a, b, c belong to an integral domain. If a 6= 0 and a · b = a · c,
then b = c.

Field
A field is a commutative ring with unity in which every non-zero
element is a unit.

Question
Show that every field is an integral domain.

34/ 43
Bodhisatwa Mazumdar CS 417
Field

Definition:
A field denoted as F = {X , +, ·} is a commutative ring that satisfies the
following properties:

Properties over + Properties over ·


Closure Closure
Associativity Associativity
Commutativity Commutativity
Existence of identity Existence of identity
Existence of inverse Existence of inverse

35/ 43
Bodhisatwa Mazumdar CS 417
Field

Definition:
A field denoted as F = {X , +, ·} is a commutative ring that satisfies the
following properties:

Properties over + Properties over ·


Closure Closure
Associativity Associativity
Commutativity Commutativity
Existence of identity Existence of identity
Existence of inverse Existence of inverse

In addition, following properties are also satisfied:


1 · distributes over +
2 The identity element over + (first operation) has no inverse w.r.t. ·
(second operation)

35/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields

Properties
1 A field with finite number of elements is called a finite field.

36/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields

Properties
1 A field with finite number of elements is called a finite field.
2 For a field to be finite, the number of elements should be p n where p is a
prime number and n is a positive integer.

36/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields

Properties
1 A field with finite number of elements is called a finite field.
2 For a field to be finite, the number of elements should be p n where p is a
prime number and n is a positive integer.
3 A Galois field GF (p n ) is a finite field with p n elements.

36/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields

Properties
1 A field with finite number of elements is called a finite field.
2 For a field to be finite, the number of elements should be p n where p is a
prime number and n is a positive integer.
3 A Galois field GF (p n ) is a finite field with p n elements.
4 GF (p) fields: When n = 1, the field is the set Zp = {0, 1, . . . , p − 1}
with addition and multiplication operations.

36/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields

Properties
1 A field with finite number of elements is called a finite field.
2 For a field to be finite, the number of elements should be p n where p is a
prime number and n is a positive integer.
3 A Galois field GF (p n ) is a finite field with p n elements.
4 GF (p) fields: When n = 1, the field is the set Zp = {0, 1, . . . , p − 1}
with addition and multiplication operations.
5 In this set, each element has an additive inverse and nonzero elements
have a multiplicative inverse.

36/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields

Properties
1 A field with finite number of elements is called a finite field.
2 For a field to be finite, the number of elements should be p n where p is a
prime number and n is a positive integer.
3 A Galois field GF (p n ) is a finite field with p n elements.
4 GF (p) fields: When n = 1, the field is the set Zp = {0, 1, . . . , p − 1}
with addition and multiplication operations.
5 In this set, each element has an additive inverse and nonzero elements
have a multiplicative inverse.

Consider GF (2) field with the set {0, 1}. The two operations addition
and multiplication are shown as:

Addition Multiplication
+ 0 1 · 0 1
0 0 1 0 0 0
1 1 0 1 0 1
36/ 43
Bodhisatwa Mazumdar CS 417
Finite Field
Question
What is the algebraic structure of GF (5) along with the addition
and multiplication operations on the set Z5 ?

37/ 43
Bodhisatwa Mazumdar CS 417
Finite Field
Question
What is the algebraic structure of GF (5) along with the addition
and multiplication operations on the set Z5 ?
1 The sets Z, Zn , and Z∗n does not satisfy the requirements of a field.

37/ 43
Bodhisatwa Mazumdar CS 417
Finite Field
Question
What is the algebraic structure of GF (5) along with the addition
and multiplication operations on the set Z5 ?
1 The sets Z, Zn , and Z∗n does not satisfy the requirements of a field.
2 In addition, another interseting field in cryptography is GF (p n ).

37/ 43
Bodhisatwa Mazumdar CS 417
Finite Field
Question
What is the algebraic structure of GF (5) along with the addition
and multiplication operations on the set Z5 ?
1 The sets Z, Zn , and Z∗n does not satisfy the requirements of a field.
2 In addition, another interseting field in cryptography is GF (p n ).
3 For GF (23 ), the elements in the set are
{000, 001, 010, 011, 100, 101, 110, 111}.

37/ 43
Bodhisatwa Mazumdar CS 417
Finite Field
Question
What is the algebraic structure of GF (5) along with the addition
and multiplication operations on the set Z5 ?
1 The sets Z, Zn , and Z∗n does not satisfy the requirements of a field.
2 In addition, another interseting field in cryptography is GF (p n ).
3 For GF (23 ), the elements in the set are
{000, 001, 010, 011, 100, 101, 110, 111}.
4 We cannot represent them as integers from 0 to 7 as the regular four
operations cannot be applied (modulus 2n is not a prime).

37/ 43
Bodhisatwa Mazumdar CS 417
Finite Field
Question
What is the algebraic structure of GF (5) along with the addition
and multiplication operations on the set Z5 ?
1 The sets Z, Zn , and Z∗n does not satisfy the requirements of a field.
2 In addition, another interseting field in cryptography is GF (p n ).
3 For GF (23 ), the elements in the set are
{000, 001, 010, 011, 100, 101, 110, 111}.
4 We cannot represent them as integers from 0 to 7 as the regular four
operations cannot be applied (modulus 2n is not a prime).
Consider GF (22 ) field; the set comprises of four 2-bit words: {00, 01, 10, 11}

Addition Multiplication
⊕ 00 01 10 11 ⊗ 00 01 10 11
00 00 01 11 10 00 00 00 00 00
01 01 00 11 10 01 00 01 10 11
10 10 11 00 01 10 00 10 11 01
11 11 10 01 00 11 00 11 01 10
37/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields
1 Represent each n-bit word as a polynomial of degree n − 1 of the form
f (x) = an−1 x n−1 + an−2 x n−2 + . . . + a1 x 1 + a0 x 0

38/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields
1 Represent each n-bit word as a polynomial of degree n − 1 of the form
f (x) = an−1 x n−1 + an−2 x n−2 + . . . + a1 x 1 + a0 x 0

2 The coefficient of the terms define the value of the bits (0/1).

38/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields
1 Represent each n-bit word as a polynomial of degree n − 1 of the form
f (x) = an−1 x n−1 + an−2 x n−2 + . . . + a1 x 1 + a0 x 0

2 The coefficient of the terms define the value of the bits (0/1).
3 Represent 8-bit word 10011001 as the polynomial x 7 + x 4 + x 3 + 1.

38/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields
1 Represent each n-bit word as a polynomial of degree n − 1 of the form
f (x) = an−1 x n−1 + an−2 x n−2 + . . . + a1 x 1 + a0 x 0

2 The coefficient of the terms define the value of the bits (0/1).
3 Represent 8-bit word 10011001 as the polynomial x 7 + x 4 + x 3 + 1.
4 Operation on polynomials involves two operations:
operations on coeffcients.
operations on polynomials.

38/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields
1 Represent each n-bit word as a polynomial of degree n − 1 of the form
f (x) = an−1 x n−1 + an−2 x n−2 + . . . + a1 x 1 + a0 x 0

2 The coefficient of the terms define the value of the bits (0/1).
3 Represent 8-bit word 10011001 as the polynomial x 7 + x 4 + x 3 + 1.
4 Operation on polynomials involves two operations:
operations on coeffcients.
operations on polynomials.
5 Addition of two polynomials never generates a polynomial out of the set.

38/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields
1 Represent each n-bit word as a polynomial of degree n − 1 of the form
f (x) = an−1 x n−1 + an−2 x n−2 + . . . + a1 x 1 + a0 x 0

2 The coefficient of the terms define the value of the bits (0/1).
3 Represent 8-bit word 10011001 as the polynomial x 7 + x 4 + x 3 + 1.
4 Operation on polynomials involves two operations:
operations on coeffcients.
operations on polynomials.
5 Addition of two polynomials never generates a polynomial out of the set.
6 Multiplication creates polynomials with degrees more than (n − 1); divide
the result by a modulus and keep the remainder.

38/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields
1 Represent each n-bit word as a polynomial of degree n − 1 of the form
f (x) = an−1 x n−1 + an−2 x n−2 + . . . + a1 x 1 + a0 x 0

2 The coefficient of the terms define the value of the bits (0/1).
3 Represent 8-bit word 10011001 as the polynomial x 7 + x 4 + x 3 + 1.
4 Operation on polynomials involves two operations:
operations on coeffcients.
operations on polynomials.
5 Addition of two polynomials never generates a polynomial out of the set.
6 Multiplication creates polynomials with degrees more than (n − 1); divide
the result by a modulus and keep the remainder.
7 For polynomials in GF (2n ), a group of polynomials with degree n is called
the modulus.

38/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields
1 Represent each n-bit word as a polynomial of degree n − 1 of the form
f (x) = an−1 x n−1 + an−2 x n−2 + . . . + a1 x 1 + a0 x 0

2 The coefficient of the terms define the value of the bits (0/1).
3 Represent 8-bit word 10011001 as the polynomial x 7 + x 4 + x 3 + 1.
4 Operation on polynomials involves two operations:
operations on coeffcients.
operations on polynomials.
5 Addition of two polynomials never generates a polynomial out of the set.
6 Multiplication creates polynomials with degrees more than (n − 1); divide
the result by a modulus and keep the remainder.
7 For polynomials in GF (2n ), a group of polynomials with degree n is called
the modulus.
8 The modulus is a prime polynomial, i.e., no polynomials in the set can
divide this polynomial; also called irreducible polynomial.

38/ 43
Bodhisatwa Mazumdar CS 417
Finite Fields
1 Represent each n-bit word as a polynomial of degree n − 1 of the form
f (x) = an−1 x n−1 + an−2 x n−2 + . . . + a1 x 1 + a0 x 0

2 The coefficient of the terms define the value of the bits (0/1).
3 Represent 8-bit word 10011001 as the polynomial x 7 + x 4 + x 3 + 1.
4 Operation on polynomials involves two operations:
operations on coeffcients.
operations on polynomials.
5 Addition of two polynomials never generates a polynomial out of the set.
6 Multiplication creates polynomials with degrees more than (n − 1); divide
the result by a modulus and keep the remainder.
7 For polynomials in GF (2n ), a group of polynomials with degree n is called
the modulus.
8 The modulus is a prime polynomial, i.e., no polynomials in the set can
divide this polynomial; also called irreducible polynomial.
9 For a degree-n, there can be multiple irreducible polynomials; we need to
declare which irreducible polynomial we are using as modulus.
38/ 43
Bodhisatwa Mazumdar CS 417
Irreducible polynomials, prime polynomials

1 When g (x) divides f (x) without leaving a remainder, we say g (x) is a


factor of f (x).

39/ 43
Bodhisatwa Mazumdar CS 417
Irreducible polynomials, prime polynomials

1 When g (x) divides f (x) without leaving a remainder, we say g (x) is a


factor of f (x).

2 A polynomial f (x) over a field F is called irreducible if f (x) cannot be


expressed as a product of two polynomials, both over F and both of
degree lower than that of f (x).

39/ 43
Bodhisatwa Mazumdar CS 417
Irreducible polynomials, prime polynomials

1 When g (x) divides f (x) without leaving a remainder, we say g (x) is a


factor of f (x).

2 A polynomial f (x) over a field F is called irreducible if f (x) cannot be


expressed as a product of two polynomials, both over F and both of
degree lower than that of f (x).

3 An irreducible polynomial is also referred to as a prime polynomial.

39/ 43
Bodhisatwa Mazumdar CS 417
Addition and Multiplication

Addition
1 Addition of x 5 + x 2 + x and x 3 + x 2 + 1 in GF (28 ): x 5 + x 3 + x + 1

40/ 43
Bodhisatwa Mazumdar CS 417
Addition and Multiplication

Addition
1 Addition of x 5 + x 2 + x and x 3 + x 2 + 1 in GF (28 ): x 5 + x 3 + x + 1
2 Additive identity of a polynomial?

40/ 43
Bodhisatwa Mazumdar CS 417
Addition and Multiplication

Addition
1 Addition of x 5 + x 2 + x and x 3 + x 2 + 1 in GF (28 ): x 5 + x 3 + x + 1
2 Additive identity of a polynomial?
3 Additive inverse of a polynomial?

40/ 43
Bodhisatwa Mazumdar CS 417
Addition and Multiplication

Addition
1 Addition of x 5 + x 2 + x and x 3 + x 2 + 1 in GF (28 ): x 5 + x 3 + x + 1
2 Additive identity of a polynomial?
3 Additive inverse of a polynomial?
4 Addition and subtraction operations on polynomial are the same
operation.

Multiplication
1 Multiplication of each term of first polynomial with all terms of the
second polynomial.

40/ 43
Bodhisatwa Mazumdar CS 417
Addition and Multiplication

Addition
1 Addition of x 5 + x 2 + x and x 3 + x 2 + 1 in GF (28 ): x 5 + x 3 + x + 1
2 Additive identity of a polynomial?
3 Additive inverse of a polynomial?
4 Addition and subtraction operations on polynomial are the same
operation.

Multiplication
1 Multiplication of each term of first polynomial with all terms of the
second polynomial.
2 Coefficient multiplication done in GF (2).

40/ 43
Bodhisatwa Mazumdar CS 417
Addition and Multiplication

Addition
1 Addition of x 5 + x 2 + x and x 3 + x 2 + 1 in GF (28 ): x 5 + x 3 + x + 1
2 Additive identity of a polynomial?
3 Additive inverse of a polynomial?
4 Addition and subtraction operations on polynomial are the same
operation.

Multiplication
1 Multiplication of each term of first polynomial with all terms of the
second polynomial.
2 Coefficient multiplication done in GF (2).
3 Multiplying x i by x j results in x i+j .

40/ 43
Bodhisatwa Mazumdar CS 417
Addition and Multiplication

Addition
1 Addition of x 5 + x 2 + x and x 3 + x 2 + 1 in GF (28 ): x 5 + x 3 + x + 1
2 Additive identity of a polynomial?
3 Additive inverse of a polynomial?
4 Addition and subtraction operations on polynomial are the same
operation.

Multiplication
1 Multiplication of each term of first polynomial with all terms of the
second polynomial.
2 Coefficient multiplication done in GF (2).
3 Multiplying x i by x j results in x i+j .
4 Result needs to be reduced using a modulus polynomial.

40/ 43
Bodhisatwa Mazumdar CS 417
Addition and Multiplication

Addition
1 Addition of x 5 + x 2 + x and x 3 + x 2 + 1 in GF (28 ): x 5 + x 3 + x + 1
2 Additive identity of a polynomial?
3 Additive inverse of a polynomial?
4 Addition and subtraction operations on polynomial are the same
operation.

Multiplication
1 Multiplication of each term of first polynomial with all terms of the
second polynomial.
2 Coefficient multiplication done in GF (2).
3 Multiplying x i by x j results in x i+j .
4 Result needs to be reduced using a modulus polynomial.
5 Find the result of (x 5 + x 2 + x) ⊗ (x 7 + x 4 + x 3 + x 2 + x) in GF (28 ) with
irreducible polynomial (x 8 + x 4 + x 3 + 1).
40/ 43
Bodhisatwa Mazumdar CS 417
Why is GF (23 ) a finite field?

41/ 43
Bodhisatwa Mazumdar CS 417
Why is GF (23 ) a finite field?

1 GF (23 ) is an abelian group; operation of polynomial addition satisfies all


of the requirements on a group operator and because polynomial addition
is commutative.

41/ 43
Bodhisatwa Mazumdar CS 417
Why is GF (23 ) a finite field?

1 GF (23 ) is an abelian group; operation of polynomial addition satisfies all


of the requirements on a group operator and because polynomial addition
is commutative.

2 GF (23 ) is also a commutative ring; polynomial multiplication distributes


over polynomial addition (and because polynomial multiplication meets
closedness, associativity, commutativity.

41/ 43
Bodhisatwa Mazumdar CS 417
Why is GF (23 ) a finite field?

1 GF (23 ) is an abelian group; operation of polynomial addition satisfies all


of the requirements on a group operator and because polynomial addition
is commutative.

2 GF (23 ) is also a commutative ring; polynomial multiplication distributes


over polynomial addition (and because polynomial multiplication meets
closedness, associativity, commutativity.

3 GF (23 ) is an integral domain; the set contains the multiplicative identity


element 1 and because if for a ∈ GF (23 ) and b ∈ GF (23 ) we have

a × b = 0 mod (x 3 + x + 1)

then either a = 0 or b = 0.

41/ 43
Bodhisatwa Mazumdar CS 417
Why is GF (23 ) a finite field?

1 GF (23 ) is an abelian group; operation of polynomial addition satisfies all


of the requirements on a group operator and because polynomial addition
is commutative.

2 GF (23 ) is also a commutative ring; polynomial multiplication distributes


over polynomial addition (and because polynomial multiplication meets
closedness, associativity, commutativity.

3 GF (23 ) is an integral domain; the set contains the multiplicative identity


element 1 and because if for a ∈ GF (23 ) and b ∈ GF (23 ) we have

a × b = 0 mod (x 3 + x + 1)

then either a = 0 or b = 0.

4 GF (23 ) is a finite field; it is a finite set and because it contains a unique


multiplicative inverse for every non-zero element.

41/ 43
Bodhisatwa Mazumdar CS 417
Euler’s Totient function

Definition:
The number of integers in Zn that are relatively prime to n and does not
exceed n is denoted by φ(n), called Euler’s Totient function.
For example, φ(1) = 1, φ(26) = 12, φ(p) = p − 1.

42/ 43
Bodhisatwa Mazumdar CS 417
Euler’s Totient function

Definition:
The number of integers in Zn that are relatively prime to n and does not
exceed n is denoted by φ(n), called Euler’s Totient function.
For example, φ(1) = 1, φ(26) = 12, φ(p) = p − 1.

Properties
1 If m and n are relatively prime numbers, φ(mn) = φ(m)φ(n).
2 φ(77) = φ(7) × φ(11) = 60.

42/ 43
Bodhisatwa Mazumdar CS 417
Euler’s Totient function

Definition:
The number of integers in Zn that are relatively prime to n and does not
exceed n is denoted by φ(n), called Euler’s Totient function.
For example, φ(1) = 1, φ(26) = 12, φ(p) = p − 1.

Properties
1 If m and n are relatively prime numbers, φ(mn) = φ(m)φ(n).
2 φ(77) = φ(7) × φ(11) = 60.
3 The result can be extended to more than two arguments comprising
pairwise coprime integers.

42/ 43
Bodhisatwa Mazumdar CS 417
Euler’s Totient function

Definition:
The number of integers in Zn that are relatively prime to n and does not
exceed n is denoted by φ(n), called Euler’s Totient function.
For example, φ(1) = 1, φ(26) = 12, φ(p) = p − 1.

Properties
1 If m and n are relatively prime numbers, φ(mn) = φ(m)φ(n).
2 φ(77) = φ(7) × φ(11) = 60.
3 The result can be extended to more than two arguments comprising
pairwise coprime integers.
4 φ(p a ) = p a − p a−1 = p a (1 − p1 )

42/ 43
Bodhisatwa Mazumdar CS 417
Euler’s Totient function

Definition:
The number of integers in Zn that are relatively prime to n and does not
exceed n is denoted by φ(n), called Euler’s Totient function.
For example, φ(1) = 1, φ(26) = 12, φ(p) = p − 1.

Properties
1 If m and n are relatively prime numbers, φ(mn) = φ(m)φ(n).
2 φ(77) = φ(7) × φ(11) = 60.
3 The result can be extended to more than two arguments comprising
pairwise coprime integers.
4 φ(p a ) = p a − p a−1 = p a (1 − p1 )
a
5 From fundamental theorem of arithmetic, n = p1a1 p2a2 . . . pk k .
a
6 φ(n) = φ(p1a1 )φ(p2a2 ) . . . φ(pk k )
1 1 1
7 φ(n) = n(1 − p1
)(1 − p2
) . . . (1 − pk
)

42/ 43
Bodhisatwa Mazumdar CS 417
References for Abstract Algebra

1 “Topics in Algebra”, by I.N.Herstein.


2 “Contemporary Abstract Algebra”, by Joseph Gallian.

43/ 43
Bodhisatwa Mazumdar CS 417

You might also like