Modern Cryptography and Mathematics
By Michael Manfredi a third year student at The University of Warwick
What is Cryptography?
According to the Oxford English Dictionary cryptography is, "A secret manner of writing ...
intelligible only to those possessing the key; also anything written in this way. Generally, the art of
writing or solving ciphers." A secret code used in cryptography is called a cipher, the process of
using a cipher to turn a plain document into a secret text is called encryption, and the reverse
process is called decryption.
Cryptography is an ancient subject that has changed a lot throughout the years. To quote
Wikipedia: “In modern times, cryptography is considered to be a branch of both mathematics and
computer science.” At one time the subject was mainly a linguistic one, the key concern being the
ability to recognise words and make words unrecognisable with a simple cipher. Today, thanks to
computers, the subject is very mathematical with the ciphers involved drawing from computer
science and number theory.
Problems with communication
There are several issues that can arise when communicating over vast distances. The methods of
modern encryption aim to solve two of them:
Confidentiality:
Will any information sent only be read by it's intended recipient? The world, both past and present,
is full of confidential information, from bank account details to military strategies. There is always
the risk that such information could fall into the wrong hands. Confidentiality can be achieved
without cryptography, by using a reliable courier for example, but the modern internet is anything
but secure with any information sent on it usually being routed through various computers around
the world before reaching its destination.
Authentication:
Is any information received from the person it claims to be from? A naval captain receiving an
order to scuttle his ship might wonder if the order came from his enemy. A bank confronted with a
cheque might wonder who it was written by. In the context of cheques and paper documents and
in the context of modern
cryptographic techniques the
authentication is usually called a
“signature” or sometimes a “digital
signature”. With a modern desire
to communicate using the internet,
authentication becomes a major
issue.
The cheque: A common example of authentication.
History: Simple Substitution
Simple substitution, as the name implies, involves substituting some letters for others, as in this
table:
Substitute every letter in the top row with one in the bottom:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Q A Z W S X E D C R F V T G B Y H N U J M I K O L P
“this text is going to be encrypted” becomes “jdcu jsoj cu ebcge jb as sgznlyjsw”
Historically, once both parties have agreed upon a substitution, this method offered a reasonable
degree of confidentiality. To anyone intercepting the message it would appear to be nonsensical. It
also offers a degree of authentication since (hopefully!) only the two parties who wish to
communicate know which substitution to use.
While likely to be able to fool the primitive civilisations of the past, this method is insecure by
modern standards. By counting which letters are most common it's easy to make an educated
guess which letters stand for which. The graph below shows the relative frequency of each letter in
English for a typical piece of text. This pattern is a great weakness:
a b c d e f g h i j k l m n o p q r s t u v w x y z
Produced by the Further Mathematics Network, www.fmnetwork.org.uk and The University of Warwick, www2.warwick.ac.uk/fac/sci/maths with the support of Rolls-Royce plc, www.rolls-royce.com
Introduction of computers Encryption: Diffie-Hellman Key Exchange
The introduction of computers has changed the face of encryption. Historically encryption was Symmetric Encryption After a collaboration between Ralph Merkle, Whitfield Diffie and Martin Hellman in the 1970s, Diffie
done by hand with pencil (or pen) and paper. A typical modern personal computer will be able to and Hellman published a paper describing a method two people could use to agree upon a key for
perform around 5 billion “operations” per second. This processing power coupled with its use in one of the many symmetric encryption methods in existence. This method was called Diffie-
widespread use has changed the face of encryption. Not only is this processing power a boon to The encryption/decryption process is split into four parts: Hellman key exchange.
encryption, opening the doors to otherwise long and tedious mathematical calculation, it is also a
threat, providing a resource an eavesdropper could utilise to attempt to break an encryption. ● The encryption algorithm ● The decryption algorithm
One person, call her Jane, can contact another person, call him Mark. Then, using this key
● The encryption key ● The decryption key exchange method, after a dialogue they can both have agreed upon a key to use with a symmetric
encryption system. Any eavesdropper listening to this dialogue would be unable to work out what
Fun Mathematics: In the historical example we had the encryption algorithm:
“Replace every letter appearing on the top row of the key with the letter below it”.
key the two agreed upon!
Modular Arithmetic And the encryption key:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
This was a breakthrough in cryptography that solved an ancient Achilles' heel of encryption; the
difficulty of two people agreeing upon an encryption key without an eavesdropper finding out what
it is.
Q A Z W S X E D C R F V T G B Y H N U J M I K O L P
Modular Arithmetic, sometimes called clock arithmetic is part of a branch of mathematics called
How it works:
number theory. This branch of mathematics has found many applications in cryptography.
The decryption algorithm was just the encryption one in reverse:
If Jane and Mark wish to use Diffie-Hellman, they agree upon a large prime number, call this
“Replace every letter appearing on the bottom row of the key with the letter above it”.
number p, and a number between 1 and p, call this number g. We know for some number n that:
As an example: if it is 7 o'clock what time will it be 8 hours from now? 7 + 8 = 15, but since we're The decryption process is similar; it has an algorithm and a decryption key. Usually they are very
gn ≡ 1 (mod p)
working with a clock face we have to reduce 15 down to a proper time by subtracting 12, to get similar, and if you know the encryption process it is trivial to work out the decryption process. If it's
3 o'clock i.e. 3 is the remainder when 15 is divided by 12. Mathematicians would write this as: trivial to work out the decryption key from knowing the encryption key then the encryption is said For security we want the smallest n for which this is true to be very large. The larger the better.
7 + 8 ≡ 15 ≡ 3 (mod 12) to be symmetric. As the name symmetric suggests encryption and decryption mirror each other.
Armed with the numbers p and g Mark and Jane can continue as follows:
Most encryption is like this, and it makes logical sense that once you know how a message is
Jane picks a number, a, and computes ga (mod p) and sends this number to Mark.
“jumbled up” then the “un-jumbling” process is just the same but in reverse and fairly easy to
11 12 1 11 12 1 work out. As in the historical example if your encryption process replaces every letter A with the Mark picks a number, b, and computes gb (mod p) and sends this number to Jane.
letter Q, then the decryption process replaces every letter Q with the letter A. This form of
10 2 10 2 encryption has a big disadvantage. If you want to send an encrypted private message to someone
Jane then knows what gb (mod p) is, and can raise this to the power of a to get (gb)a (mod p)
far away, you have to first tell the other person exactly how to decrypt it and the encryption would
be useless should the message detailing how to decrypt it be intercepted. Mark then knows what ga (mod p) is, and can raise this to the power of b to get (ga)b (mod p)
9 3 9 3
(ga)b ≡ gab ≡ gba ≡ (gb)a (mod p)
This is analogous to saying that if you want to send someone a locked box then you must also
8 4 8 4 send them the key to it, for without it they cannot open it, but should both the key and the box be
intercepted the whole locking process is useless. Therefore both Mark and Jane know the same number: gab (mod p), which they can use as a key
7 5 7 5 for any encryption method.
6 6
7 + 8 ≡ 3 (mod 12) 5 + 5 + 5 ≡ 3 (mod 12) The only bits of information sent back and forth between Mark and Jane are the values of:
3 x 5 ≡ 3 (mod 12) p, g, ga (mod p), and gb (mod p)
From this information it is computationally very, very difficult for an eavesdropper to recover the
For symmetric encryption, authentication and confidentiality are the same thing; only the sender value of gab (mod p), which Mark and Jane know.
Multiplication is similar to addition: 3 x 5 ≡ 5 + 5 + 5 ≡ 15 ≡ 3 (mod 12)
and receiver will know the key, so any message the receiver receives must have come from the
Subtraction is addition backwards: 7 – 8 ≡ -1 ≡ 11 (mod 12)
sender, because only the sender knows the key.
We can define powers in the natural way: 34 ≡ 3 x 3 x 3 x 3 ≡ 81 ≡ 9 (mod 12)
One problem that arises when using Diffie-Hellman is that of authentication. Jane may think she is
doing the key exchange with Mark, when in fact she is communicating with someone pretending to
Division is far more tricky:
Public Key Cryptography
be Mark.
Division is thought of as the “inverse” to multiplication. For example if
5a ≡ 1 (mod 12)
then multiplication by a is the same as division by 5. Ignoring modular arithmetic one would say
a = 1/5 = 0.2 Public key cryptography is a modern technique. The encryption and decryption processes have RSA Algorithm
different keys and if someone knows the encryption key it's very, very difficult for them to work out
but 0.2 isn't on the clock face, it's not even a whole number. If we let a = 5 we notice that
5 x 5 ≡ 25 ≡ 1 (mod 12) the decryption key. The word asymmetric is sometimes used to describe this type of encryption to
highlight the fact that encryption and decryption do not mirror each other, their keys are distinct The RSA algorithm is an algorithm developed by Ron Rivest, Adi Shamir, and Leonard Adleman.
which solves our problem. Naively one could say: “ 1/5 ≡ 5 (mod 12) ”
and knowing the encryption one doesn't allow you to (easily) work out the decryption one. The algorithm was first publicly described
in August 1977 and a patent was filed in
Division has other problems. In clock arithmetic:
December 1977; as the patent was filed
8 x 2 ≡ 4 (mod 12) but 8 x 5 ≡ 4 (mod 12) In public key cryptography the encryption key is made public and called the public key. The after the discovery was made public, the
Given the problem: 8a ≡ 4 (mod 12) there is no way to divide through by 8 and recover a. a could decryption key is made private and called the private key. Anyone can get hold of a copy of the algorithm received a patent in the US only
be equal to 2 or 5 (or 8 or 11). One could say 1/8 does not exist, a bit like 1/0 in the usual number public key and use it to encrypt a message that only the intended recipient, the only person with in 1983.
system. the private key, can decrypt.
There's no reason why we use 12, the same can work for any number, n. In the general case we The RSA algorithm is the first example of
call the collection of numbers and the arithmetic that goes with them “the integers modulo n”. This is analogous to a similar system with lock boxes, padlocks and keys. The public key is like an an algorithm for public key cryptography.
These are a very powerful tool in number theory, and a lot is known about them. It turns out that open padlock. Someone wanting to receive a locked box can send out an unclasped padlock. The It also solves the problem of
if we choose n to be a prime number then the problems with division disappear. Other nice things person wanting to send the locked box can use this padlock to lock it and send the locked box authentication with public key systems.
can happen, for example: back to the sender, who has the key.
Much like Diffie-Hellman, RSA draws on
Fermat's little theorem: modular arithmetic. It's security mainly
Above: Adi Shamir, Ronald Rivest, and Leonard Adleman.
If p is a prime number then relies upon the difficulty of factorising a
large number which is a product of two large primes. The two primes are part of the private key,
ap ≡ a (mod p) whereas the single large number, the product of these two smaller ones is part of the public key.
Multiplying two prime numbers together is computationally like a one way process. It is easy to
Removing the language of modular arithmetic; this is equivalent to saying that if p is prime then p calculate:
is always a factor of (ap – a). Another example: Digital Signatures 757 x 977 = ?
But given the product it's comparatively very difficult to factorise it to recover the two primes:
Chinese remainder theorem: One newer idea in the area of cryptography is that of digital signatures. With public key
739 589 = ? x ?
If n and m have no common factor then there is a cryptography the argument:
solution x to: “I know this message came from Mark, because only he knows the secret code”. In practice the primes used by RSA are several hundred digits long, so methods to find such large
Is invalid because by the nature of public key cryptography the encryption key is public therefore primes are needed; fortunately such methods exist. Since the security relies on it being difficult to
x ≡ a (mod n) factorise large numbers we are fortunate (or unfortunate) there is no method to quickly factorise
everyone knows the encryption key! This means authentication is a real issue, and a very separate
x ≡ b (mod m) one from confidentiality. numbers.
For example; if my age, when divided by 3 gives remainder 1, and when divided by 5 gives The way around this is digital signatures, which are basically the reverse of public key A company called “RSA, The Security Division of EMC” offers large rewards to anyone capable of
remainder 2, then my age is a solution to: cryptography. The encryption key is private, but the decryption key is made public. This means factorising a collection of large numbers. The latest of these numbers to be factorised was the 193
only one person, call him Mark, knows how to encrypt a message but everyone else can decrypt it. digit number RSA-640 in 2005 for a reward of $20,000. RSA-704 (212 digits) and RSA-768 (232
x ≡ 1 (mod 3)
Any message encrypted using Mark's key must have come from Mark because nobody else knows digits) are still open and carry rewards of $30,000 and $50,000 respectively.
x ≡ 2 (mod 5)
the key. This is of course assuming it's impossible to work out Mark's encryption key from knowing
7 is a solution, and so is 22, 37, 52, 67, 82 ... etc the public decryption key. Financial transactions over the internet are completely dependent on public key cryptography.