ALGEBRAIC STRUCTURES

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 1
 Introduction
• Some sets of numbers, such as Z, Zn, Zn*, Zp, ZP*

• Cryptography requires sets of integers and specific operations

that are defined for those sets.

• The combination of the set and the operations that are

applied to the elements of the set is called an algebraic
structure.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 2
Introduction

Common algebraic structure

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 3
 Group
• A group (G) is a set of elements with a binary operation (•)
that satisfies four properties (or axioms).

• A commutative group satisfies an extra property,

commutativity:

• Closure
• Associativity
• Commutativity
• Existence of identity
• Existence of inverse

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 4
 Group
• Closure
– If a and b are elements of G, then c = a•b is also an element of
G.
• Associativity
– If a, b and c are elements of G, then
(a•b)•c=a•(b•c)
• Existence of identity
– For all a in G, there exist an element e, called the identity
element, such that e•a=a•e=a
• Existence of inverse
– For each a in G, there exists an element a’, called the inverse of
a, such that a•a’=a’•a=e
Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 5
 Group
• A Commutative group (Abelian group) is group in which the
operator satisfies four properties plus an extra property that is
commutativity.
– For all a and b in G, we have a • b = b • a

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 6
 Group
• Example:
• The set of residue integers with the addition operator,
G = < Zn , +>,

• is a commutative group. We can perform addition and

subtraction on the elements of this set without moving out of
the set.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 7
 Group
• Application
– Although a group involves a single operation, the
properties imposed on the operation allow the use of a
pair of operations!!!!

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 8
 Group
• The set Zn* with the multiplication operator, G = <Zn*,
×>, is also an abelian group.
•

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 9
 Group
• Let us define a set G = < {a, b, c, d}, •> and the operation
as shown in Table.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 10
 Permutation Group
• A very interesting group is the permutation group.
• The set is the set of all permutations, and the
operation is composition: applying one permutation
after another.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 11
Permutation Group

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 12
Permutation Group

Operation table for permutation group

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 13
 Permutation Group
• In the previous example, we showed that a set of
permutations with the composition operation is a group.

• This implies that using two permutations one after

another cannot strengthen the security of a cipher,
because we can always find a permutation that can do
the same job because of the closure property.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 14
 Group
• Finite Group
• Order of a Group
• Subgroups

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 15
 Group
• Finite Group:
– If the set has a finite number of elements; otherwise, it is
an infinite group.

• Order of a Group |G|

– The number of elements in the group.
– If the group is finite, its order is finite

• Subgroups
– A subset H of a group G is a subgroup of G if H itself is a
group with respect to the operation on G
Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 16
 SubGroup
• Subgroups(cont.)
– If G=<S, •> is a group, H=<T, •> is a group under the
same operation, and T is a nonempty subset of S, then
H is a subgroup of G
– If a and b are members of both groups, then c=a•b is
also member of both groups
– The group share the same identity element
– If a is a member of both groups, the inverse of a is also
a member of both groups
– The group made of the identity element of G, H=<{e},
•>, is a subgroup of G
– Each group is a subgroup of itself

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 17
 SubGroup
• Find all subgroups of Group G = <Z6, +>

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 18
 SubGroup
• Find all subgroups of Group G = <Z6, +>
• Z6 = {0,1,2,3,4,5} has subgroups
• {0}
• {0,3}
• {0,2,4}
• {0,1,2,3,4,5}

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 19
 SubGroup
• Find all subgroups of Group G = <Z10*, X>

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 20
 SubGroup
• Find all subgroups of Group G = <Z10*, X>
• Z10* = {1,3,7,9} has subgroups
• {1}
• {1,3,7}
• {1,9}
• {1,3,7,9}

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 21
 SubGroup
• Is the group H = <Z10, +> a subgroup of the
group G = <Z12, +>?

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 22
 SubGroup
• Is the group H = <Z10, +> a subgroup of the group G =
<Z12, +>?

• Solution: No.
• Although H is a subset of G, the operations defined for
these two groups are different.
• The operation in H is addition modulo 10; the operation
in G is addition modulo 12.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 23
 Cyclic Subgroups
• If a subgroup of a group can be generated using the
power of an element, the subgroup is called the cyclic
subgroup.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 24
 Cyclic Subgroups
• Four cyclic subgroups can be made from the group G
= <Z6, +>.

• H1 = <{0}, +>,
• H2 = <{0, 2, 4}, +>,
• H3 = <{0, 3}, +>,
• H4 = G.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 25
 Cyclic Subgroups
• Four cyclic subgroups can be made from the group G = <Z6,
+>. They are H1 = <{0}, +>, H2 = <{0, 2, 4}, +>, H3 = <{0, 3}, +>,
and H4 = G.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 26
 Cyclic Subgroups
• Find all cyclic subgroups from the group
G = <Z10 , ×>.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 27
 Cyclic Subgroups
• Find all cyclic subgroups from the group
G = <Z10 , ×>.

• G has only four elements: 1, 3, 7, and 9. The cyclic

subgroups are H1 = <{1}, ×>, H2 = <{1, 9}, ×>, and H3 = G.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 28
 Cyclic Groups
• A cyclic group is a group that is its own cyclic
subgroup.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 29
 Cyclic Groups
• Three cyclic subgroups can be made from the group G =
<Z10 , ×>.
• G has only four elements: 1, 3, 7, and 9. The cyclic subgroups
are H1 = <{1}, ×>, H2 = <{1, 9}, ×>, and H3 = G.

• The group G = <Z6, +> is a cyclic group with two generators,

g = 1 and g = 5.

• b. The group G = <Z10 , ×> is a cyclic group with two

generators, g = 3 and g = 7.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 30
 Cyclic Groups
• Lagrange’s Theorem
• Assume that G is a group, and H is a subgroup of G. If the
order of G and H are |G| and |H|, respectively, then,
based on this theorem, |H| divides |G|.

• Order of an Element
• The order of an element is the order of the cyclic group it
generates.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 31
 Cyclic Groups
• In the group G = <Z6, +>, the orders of the elements are:

• ord(0) = 1,

• ord(1) = 6,

• ord(2) = 3,

• ord(3) = 2,

• ord(4) = 3,

• ord(5) = 6.
Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 32
 Cyclic Groups
• In the group G = <Z10*, ×>, the orders of the elements
are:
ord(1) = 1, ord(3) = 4, ord(7) = 4, ord(9) = 2.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 33
 Ring
• A ring, R = <{…}, •, >, is an algebraic structure with
two operations.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 34
 Ring
• The set Z with two operations, addition and
multiplication, is a commutative ring.
• We show it by R = <Z, +, ×>. Addition satisfies all of the
five properties; multiplication satisfies only three
properties.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 35
 Field
• A field, denoted by F = <{…}, •,  > is a commutative ring in
which the second operation satisfies all five properties
defined for the first operation except that the identity of the
first operation has no inverse.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 36
 Finite Field
• Finite Field: A field with a finite number of elements
• Galois showed that for a field to be finite, the
number of elements should be pn, where p is a prime
and n is a positive integer.

A Galois field, GF(pn), is a finite field

with pn elements.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 37
 Finite Field
• When n = 1, we have GF(p) field.

• This field can be the set Zp, {0, 1, …, p − 1}, with two
arithmetic operations. Addition and multiplication

• In this set, each element has an additive inverse and that all
nonzero elements have a multiplicative inverse (no
multiplicative inverse for 0).

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 38
 Finite Field
• A very common field in this category is GF(2) with the set {0,
1} and two operations, addition and multiplication.

GF(2) field

Addition/Subtraction in GF(2) is the same as

XOR operation;
Multiplication/division is the same as the AND
Operation.
Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 39
 Finite Field
• We can define GF(5) on the set Z5 (5 is a prime) with
addition and multiplication operators.

GF(5) field
Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 40
 Summary

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 41
 GF(2n) FIELDS
• In cryptography, we often need to use four operations
(addition, subtraction, multiplication, and division).
• In other words, we need to use fields.
• However, when we work with computers, the positive
integers are stored in the computers as n-bit words in
which n is usually 8,16,32,64 and so on.
• Range of integers is 0 to 2n – 1
• Hence modulus is ???
– 2n
• What if we want to use field????

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 42
 GF(2n) FIELDS
• Solution 1
– Use GF(p), with the set Zp, where p is the largest
prime number less than 2n
– But the problem ???
• It is inefficient because we cannot use the integers from
p to 2n-1.
• For example, if n=4, the largest prime less than 24(=16)
is 13.
– Means, we cannot use integers 13, 14, and 15.
• If n=8, the largest prime less than 28 is 251.
– Means, we cannot use 251, 252, 253, 254, and 255.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 43
 GF(2n) FIELDS
• Solution 2
– Use GF(2n)
– Use a set of 2n words
– The elements in this set are n-bit words
– E.g. for n=3, the set is {000,001,010,011,100,101,110,111}

• Problem:
– We cannot interpret each element as an integer between 0
to 7. because regular four operations cannot be applied
– Modulus 2n is not prime
– Need to define operations on the set of elements in GF(2n)

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 44
 GF(2n) FIELDS
• Let us define a GF(22) field in which the set has four 2-bit
words: {00, 01, 10, 11}.
• We can redefine addition and multiplication for this field in
such a way that all properties of these operations are
satisfied.

An example of GF(22) field

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 45
 Polynomials
• A polynomial of degree n − 1 is an expression
of the form

• where xi is called the ith term and ai is called

coefficient of the ith term.
Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 46
 Polynomials
• represent the 8-bit word (10011001) using a
polynomials.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 47
 Polynomials
• we can represent the 8-bit word (10011001)
using a polynomials.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 48
 Polynomials
• find the 8-bit word related to the polynomial
x5 + x2 + x

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 49
 Polynomials
• To find the 8-bit word related to the polynomial x5 + x2 + x, we
first supply the omitted terms.
• Since n = 8, it means the polynomial is of degree 7.
• The expanded polynomial is

• This is related to the 8-bit word 00100110.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 50
 Polynomials
• Operations on polynomials
– Actually involves two operations
– Operation on coefficients and operation on polynomials

• Hence, need to define two fields

– What for coefficient??
– What for polynomials???

• GF(2) and GF(2n) is the answer….

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 51
 Polynomials
• Polynomial Addition

Addition and subtraction operations on

polynomials are the same operation.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 52
 Polynomial Addition - Example
• Let us do (x5 + x2 + x)  (x3 + x2 + 1) in GF(28).
• We use the symbol  to show that we mean
polynomial addition.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 53
 Polynomial Addition - Example
• Let us do (x5 + x2 + x)  (x3 + x2 + 1) in GF(28).
• We use the symbol  to show that we mean
polynomial addition.
• The following shows the procedure:

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 54
 Polynomial Addition - Example
• There is also another short cut.
• Because the addition in GF(2) means the
exclusive-or (XOR) operation.
• So we can exclusive-or the two words, bits by
bits, to get the result.
• In the previous example, x5 + x2 + x is
00100110 and x3 + x2 + 1 is 00001101.
• The result is 00101011 or in polynomial
notation x5 + x3 + x + 1.
Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 55
 Polynomials
• Modulus
– For the sets of polynomials in GF(2n), a group of
polynomials of degree n is defined as the
modulus.
– Such polynomials are referred to as irreducible
polynomials.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 56
 Polynomials
• irreducible polynomials.
– No polynomial in the set can divide this
polynomial
– Can not be factored into a polynomial with degree
of less than n

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 57
 Exercise
• Prove that (x2+x+1) is an irreducible
polynomial of degree 2.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 58
 Exercise
• Prove that (x2+x+1) is an irreducible polynomial of degree 2.
• Solution:
– A polynomial f(x) of degree n is reducible if f(x) = g(x) × h(x),
where g and h are two polynomials, each with the degree
greater than zero and degree less than the highest degree of f(x)
.
– According to this definition we have degree (f) = degree (g) +
degree (h).
– Based on this, a reducible polynomial of degree 2 can be
factored only as two polynomials of degree 1 (2 = 1 + 1).
– In other words, a factors of a reducible polynomial of degree 2
can be only x or (x+ 1) (the only two polynomials of degree 1).

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 59
 Exercise
• Prove that (x2+x+1) is an irreducible
polynomial of degree 2.
• Solution:

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 60
 Polynomial Multiplication
• Multiplication:
– The coefficient multiplication is done in GF(2).
– The multiplying xi by xj results in xi+j.
– The multiplication may create terms with degree more
than n − 1, which means the result needs to be
reduced using a modulus polynomial.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 61
 Polynomial Multiplication - Example
• Find the result of (x5 + x2 + x) (x7 + x4 + x3 + x2 + x) in GF(28)
with irreducible polynomial (x8 + x4 + x3 + x + 1).

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 62
 Polynomial Multiplication - Example
• Find the result of (x5 + x2 + x) (x7 + x4 + x3 + x2 + x) in GF(28) with
irreducible polynomial (x8 + x4 + x3 + x + 1).
• Note that we use the symbol to show the multiplication of two
polynomials.

• To find the final result, divide the polynomial of degree 12 by the

polynomial of degree 8 (the modulus) and keep only the remainder.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 63
Polynomial Multiplication - Example

Polynomial division with coefficients in GF(2)

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 64
 GF(2n) FIELDS
• Let us define a GF(22) field in which the set has four 2-bit
words: {00, 01, 10, 11}.
• We can redefine addition and multiplication for this field in
such a way that all properties of these operations are
satisfied.

An example of GF(22) field

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 65
 Inverse of Polynomial
• In GF (24), find the inverse of (x2 + 1) modulo
(x4 + x + 1).

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 66
 Inverse of Polynomial
• In GF (24), find the inverse of (x2 + 1) modulo
(x4 + x + 1).
• Solution:
– The answer is - (x3 + x + 1).

Euclidean algorithm
Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 67
 Inverse of Polynomial
• In GF(28), find the inverse of (x5) modulo (x8 +
x4 + x3 + x + 1).

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 68
 Inverse of Polynomial
• In GF(28), find the inverse of (x5) modulo (x8 +
x4 + x3 + x + 1).
• Solution:
– The answer is - (x5 + x4 + x3 + x)

Euclidean algorithm
Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 69
 Polynomial Multiplication
• A better algorithm: Obtain the result by
repeatedly multiplying a reduced polynomial
by x.
• Find the result of multiplying P1 = (x5 + x2 + x)
by P2 = (x7 + x4 + x3 + x2 + x) in GF(28) with
irreducible polynomial (x8 + x4 + x3 + x + 1)

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 70
 Polynomial Multiplication
• Solution:

• We first find the partial result of multiplying x0, x1, x2, x3,
x4, and x5 by P2.
• Note that although only three terms are needed, the
product of xm P2 for m from 0 to 5 because each
calculation depends on the previous result.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 71
Polynomial Multiplication

An efficient algorithm

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 72
 Exercise
• Find the result of multiplying P1 = (x3 + x2 + x +
1) by P2 = (x2 + 1) in GF(24) with irreducible
polynomial (x4 + x3 + 1)

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 73
 Exercise
• Which of the following is a valid Galois Field?
– GF(12)
– GF(13)
– GF(16)
– GF(17)

• For following n-bit words, find the polynomial that represent

that word:
– 10010
– 00011
– 100001
Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 74
 Exercise
• Find the n-bit word that is represented by each of
the following polynomials:
– X2+1 in GF(24)
– X7 in GF(28)
– X+1 in GF(23)

• In the field GF(7), find the result of

– 5+3
– 5-4
– 5X3
– 5/3
Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 75
 Exercise
• In the filed GF(23), perform the following
operation with irreducible polynomial
(x3+x2+1).
– (100)/(010)
– (100)/(000)
– (101)/(011)
– (000)/(111)

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 76
 Exercise
• In the filed GF(23), perform the following
operation with irreducible polynomial (x3+x2+1).
– (100)/(010)
• Solution: (100)X(010)-1 = (100)X(110) = (010)

– (100)/(000)
• Solution: operation is impossible because (000) has no
inverse
– (101)/(011)
– (000)/(111)

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 77
 Exercise
• Find the result of multiplying (10101) by
(10000) in GF(25) using (x5 + x2 + 1) as
modulus.

Dr.Reema Patel,B.Tech,SOT,PDPU,IS-2019 78