Number Theory

• mathematical op. to understand RSA and how it works

• introduction to modular arithmetic:

Remainder : if m>n remainder of m/n is smallest non negative number (differ by

multiple of n).
ex: 10 mod 3 = 1
ex: 3 mod 10 = 13 mod 10 = -7 mod 10 = 3
Therefore, 3,13,-7 are equivalent

1-Mod n addition : for a mod n & b mod n

a + b is the name for mod n sum

Ex : 3 mod 10 = 3

13 mod 10 = 3

16 mod 10 = 6

For different names of a and b; example a+kn & b + ln

(a+kn)+(b+ln) = a + b + (k+l)n = a + b

2-Mod n multiplication: similarly ab is a name for mod n product

Again ( a+kn ) (b+ln) = ab+( al+kb+kl) n = ab

Note: exponentiation is a repeated multiplication

Primes
• A number is prime iff it is divisible by 2 posi3ve integers (itself and 1 ): 2,3,5,7,11,,13,17,…….
• There are ∞ number of primes

prove :

If you have a finite set of primes multiply them and add 1

So you can always find another prime ( ∞ )
Primes go thin as number get bigger ( 25 primes less than 100 )
Density : 1:4 in first hundred integers
In 10 digit numbers density : 1:23
For 100 digit numbers density : 1:230
 ( many cryptographic algorithms ( RSA ) require large primes )

Steps : chose RND number; test whether it s prime or not

Note in RSA we need two primes : p,q
chance 1:230
1/e = 0.37

Euclid’s Algorithm
Used to :

1- Find gcd of 2 integers and

2- to find multiplicative inverse mod n

multiplicative inverse :- number * x to get 1

in RSA d,e are inverses

So we chose one and we calculate the other using Euclid’s algorithm

2 numbers are rela3vely prime if gcd is 1

ex : gcd ( 8,12) = 4

gcd (12,25) = 1
12 , 25 are rela3vely prime

Note gcd ( x,1) =1 & gcd ( 0,x) = x

Euclid’s algorithm :-

to find gcd (x,y ) : replace original numbers with smaller that have same gcd until one of the number is
zero ( repeated )

<x,y> and < x-y,y> have same common divisors so replace x with its remainder when divided by y

( note once x is smaller than y , switch and repeat )

Finding multiplicative inverse in modular arithmetic

How Euclid’s algorithm can be used to find the multiplicative inverse values?

Ex : what is the multiplicative inverse of m mod n ?

We want to find u such that :

um mod n=1 or
um=1 mod n or
um +vn=1
Steps :

1- gcd(m,n)
2- Try to find u,v such that the provided gcd (m,n) =1 (m,n are relatively prime numbers)
note if m,n are not relative prime , then m doesn’t have a multiplicative inverse mode n

Question: Could there be more than one u mod n for which um mod n = 1

Answer : Suppose xm =1 mod n

Multiply by u : xmu = u mod n

but um =1 mod n ; then x= u mod n

There is only one multiplicative inverse of m mod n

gcd (x , y)
(y, remainder of x/y)

Example : gcd ( 408 and 595)

595/408 = 1 remainder 187

408/187 =2 remainder 34

187 / 34 = 5 remainder 17

34/17 =2 remainder 0 (stop)

 gcd ( 408 , 595) = 17

Algorithm:-

Initial set up

N Qn Rn Un Vn
-2 X 408 1 0
-1 Y 595 0 1
0 0 408 1 0
1 1 187 -1 1
2 2 34 3 -2
3 5 17 -16 11
4 2 0 35 -24
Rn =unx + vny
1- Initial set up :- u-2 =1 , v-2 =0
u-1 = 0 , v-1 = 1
 2- At step n :-
un = un-2 – qnun-1
Vn= vn-2 – qnvn-1
Since r4 = 0 we can read n=3
 gcd ( 408,595) =r3 =17=-16 x 408 + 11 x 595

.. gcd of 2 numbers can be expressed as sum - multiple of each

Note : any 2 numbers x,y are rela3vely prime if ux +vy = 1

Summary :

If m,n are relatively prime, we can use Euclid’s algorithm to find u ( and v ) in a way such that:

u.m + v.n = 1 mod n

( u behave like 1/m or m-1 (or mod n inverse ).

if m & n not relatively prime
m-1 mod n doesn’t exist
Example:

n qn rn un vn

-2 797 1 0

-1 1074 0 1

0 0 797 1 0

1 1 250 -1 1

2 3 47 4 -3

3 5 15 -21 16

4 3 2 67 -15

5 7 1 -490 373

Therefore: 1 = - 490 x 797 + 373 x 1047

797-1 = - 490 mod 1047
= 557 mod 1047
& 1047-1 = 373 mod 797
= 373
 Chinese Remainder Theorem
Chinese remainder theorem states if:

z1,z2,z3,……………..zk are relatively prime

And you know that some numbers are: x1 mod z1

and x2 mod z2

.. ..

Xk mod zk

Then you can calculate what number is mod z1 z2 z3 …..zk

Also if something equals x mod z1 z2 z3 …..zk , then you can calculate what number is mod z1 & mod z2

Therefore:

It is easy to convert from one representation to the other

A- Standard representation: x mod z1 z2 z3 …..zk { all zi are R.P. }

B- Decomposed representation: x1 mod z1 , x2 mod z2 ,……. Xk mod zk

1) To go from standard to decomposed :

A- Take number x
B- Calculate what is mod zi
C- Take the remainder as xi mod zi

Ex: if z1 = 7 z2=3 and x=30

 30 mod 21 = 9 mod 21
X x1

2) To go from decomposed to standard

 Assume k=2 we know x1 mod z1 and x2 mod z2 and want to find out what is mod z1z2
( in RSA we call z1 z2
p.q)
So we know that something equal x1 mod p
and we know that something equal x2 mod q
And we want to know what is equal mod pq ( call it x )
 Since p,q are relatively prime we can use Euclid’s algorithm to find a,b
ap + bq =1 where a=p-1 mod q ,
b=q-1 mod p
 Multiply this equation by x
X= xap + xbq
Since x differ from x1 by multiple of p
And x differ from x2 by multiple of q
Taking both sides mod pq gives :
X= x2ap + x1 bq mod pq
 Modular Multiplication
Mul3plica3on by 1,3,7,9 works as a cipher because it perform one to one substitution of the digits but
multiplication by other numbers will not work as a cipher

Example mul3plying by 5 half the numbers would encrypt to 0’s and the other half would encrypt to 5’s

Multiplication inverse of x (written x -1 ) is the number by which you mul3ply x to get 1 ( in ordinary
arithme3c x’s mul3plica3ve inverse is 1/x )

Only the numbers { 1,3,7,9} have mul3plica3ve inverse mod 10. For example 7 is the mul3plica3ve
inverse of 3 ( 7*3 mod 10 =1)

Encryp3on could be performed by mul3plying by 3 & decryption could be performed by mul3plying by 7

9 has its own inverse (and 1 as well)

Encryption : multiply by x -> cipher

Decryption : multiply by x-1 -> get back to the message.

Example : m = 9 -> encrypt : 9*7 mod 10 = 63 mod 10 = 3

decrypt : 3*3 mod 10 = 9 ( back to the message )

Now, what if n was a 100 digit number? how would we able to find multiplicative inverse ?

We can’t use brute force search, but there is an algorithm that will find “inverse mod n”. It is known as
Euclid’s algorithm :

Given x , n - > it finds the number y such that x *y mod n = 1

Question: what is so special about numbers { 1,3,7,9} ? Why they are the only ones? The answer that
those numbers are rela3vely prime to n (10)

Example : gcd = 1 ( example the number that divides both 9,10 is 1 )

In general when you are working with n, then all the numbers that are relatively prime to n will have
multiplicative inverse

question : how many numbers less than n are relatively prime to n ?

ф (n) : Totient function tells ( total + quotient ) :- if n is prime then all the integers { 1,2,…….n } are
relatively prime to n
ф(n) = n-1

more over if we have 2 primes say p,q, then there are ( p-1) ( q-1) numbers rela3vely prime to n
  ф(n) = ( p-1 ) ( q-1) why is that ?

well, there are n= pq ; total numbers in { 0,1,2,……..n-1 }, and we want to exclude those numbers that
aren’t relatively prime to n. Those are the numbers that are either multiples of p or multiples of q. Then
there are p multiple of q less than pq and q multiple of p less than pq. Those are p+q -1 numbers less
than pq that aren’t relatively prime to pq ( we cant count 0 twice ) -> ф ( pq) = pq – ( p+q-1) = (p-1) ( q-1)

Example p=3 q=7 -> ф(n) =12
12 numbers less than n are rela3vely prime to 21

1,2,4,5,8,,10,11,13,16,17,18,20

Note : moreover if n is prime number -> ф(n) = n-1 ( rela3vely prime to n )

Modular Exponentiation
Example 46 mod 10 = 4096 mod 10 = 6 mod 10

Look at the exponen3al table mod 10

Note exponen3a3on by 3 would act as an encryption of the digits because it rearranges all the digits

In case of 10 the numbers rela3vely prime to 10 are {1,3,7,9}.
Ф(n) = 4

So that the ith column in the above table is the same as the I + 4th column ( column # 1 = column#5 &
column#3 = column#7, and so on )

 Xy mod n = x( y mod ф (n)) mod n

Example: x5 mod 10 = x5mod4 mod 10 = x1 mod 10

 Col.5 = col.1

Encryption / decryption :

Col m=no (cipher) -> (col+ф(n))cipher = message

Example col.3 , col.7 can be used for encryp3on and decryption

Because 3,7 are prime numbers

& 7=3+ф(n)

Where ф(n) = numbers {1,3,7,9} rela3vely prime to 10 -> ф(n)=-4

Note 2,6 ( 2,2+ф(n)) can’t work as crypto system because they are not prime numbers

Example: if m=8 -> take col3 and compute 38 =2 (cipher)

To Decrypt : take col.7 and compute 72 =8 (msg)

 Zn*
Z is used as the symbol for the set of all integers

Zn is the symbol for the set of integer mod n

Ex: Z10 ={ 0,1,2,3,4,5,6,7,8,9}

Zn* is defined as set of mod n integer that are relatively prime to n

Therefore Z10* ={1,3,7,9}

Multiplication table for Z10* is

1 3 7 9
1 1 3 7 9
3 3 9 1 7
7 7 1 9 3
9 9 7 3 1

Observation :

1. All answers are either 1,3,7 or 9 i.e if you mul3ply any two numbers in Z10* you get another
number in Z10*
2. Each row column contain all elements of Z10* with no repeat
3. It is not only true for 10, but any no ( try 15) Z15* = { 1,2,4,7,8,11,13,14}

Um + vn =1 can be used for encryp3on and decryp3on.

Modular Addition
Now look at mod 10 addi3on table, it can be used as a scheme for encrypting digits ( it maps each
decimal digit to a different decimal digit in a way that is reversible )

The constant is our secret key it is not a good cipher but it is a cipher ( it is actually a ceaser cipher )

For example 4’s inverse will be 6 because in mod 10 arithmetic 4+6=0

Iif a secret key were 4 then to encrypt we would add 4(mod 10), to decrypt we would add 6(mod 10)

Example safe = 19010605

To encrypt the message: 9 : 9+4 mod 10 = 3 cipher

To decrypt > cipher : 3+6 mod 10 = 9 (msg.)

So for encryp3ng and decryp3ng we can use (6, 4) & (7,3) “Called additive inverse”

Public Key Algorithms

Number theory concepts:

• Hash algorithms are irreversible transformation

• Secret key algorithm encrypt block of data in reversible way

Public key algorithm

• RSA and ECC: which do encryption and digital signature

• Elgamal and DSS: which do digital signatures
• Diffie Hell man : establish shared secret
• zero knowledge proof system: which do authentication

all public key algorithm have in common pair of keys one secret and one public

modular arithmetic

• most public key algorithm based on modular arithmetic

• it use the negative integers to perform ordinary arithmetic operations such as addition and
multiplication
• the result is said to be mod n
1- modular addition
when we use mod 10 addi3on the result is already between 0 and 9
example 5+5=0 3+9=2 2+2=4 9+9=8

.. … .. ..

Euler’s totient function ф(n)

Ф(n) =number of elements in Zn*

Ex ф(n) : ф(10) =4 since Z10* ={1,3,7,9}

1. Given n can we calculate ф(n)?

Suppose n is prime number what ф(n)?
If n is prime -> Zn*={1,2,3,……n-1}
Ф(n)=n-1 when n is prime
 2. What is Ф(n) when n= pα where p: prime and α>ф
Ex: Ф(g)= 32 :{1,2,3,4,5,6,7,8}
Only miltiple of p ( every Ps numbers ) are not relative prime to pα so there is Pα-1 less than Pα
Ф(Pα)=Pα-Pα-1 = Pα-1(P-1)
Ф(Pα)= = Pα-1(P-1)
3. What is Ф(n) when n=pq and p,q are R.prime ?
Using chinese theorem :
Ф(pq)= Ф(p) Ф(q)
Ex: Ф(3+5)= Ф(3)* Ф(5)
8 = 2 * 4
Z3* Z5*

Euler’s theorem:

1. For all a in Zn* , aф(n)=1 mod n

Ex: Z3* ={1,2} -> Ф(n)=2
12= 1 mod 3 and 22 = 4mod 3= 1 mod 3

Proof :-

• Multiply all Zn* together call the product x

• Since Zn* is closed under multiplication therefore x is in Zn* and so has the inverse x-
1

•Multiply each element of Zn* by a and multiply all those together the result will be
aф(n) x = x ( since the product just rearrange the results )4
• X-1 therefore aф(n) =1
2. Euler’s theorem variant : for all a in Zn* and any integer k , akф(n)+1= a mod n

Proof : akф(n)+1 = akф(n)*a = akф(n)a=1.a=a

Variant : raising any number m to the power kф(n)+1 gets m back mod n ( works only for m in Zn* )

i.e m relatively prime to n

n in RSA is a product of 2 primes

still : mkф(n)+1 = m mod n when n = pq even if m is not relatively prime to n

Generalization of Euler’s theorem :

akф(n)+1 = a mod n

it is also true for all a in Zn ( not just Zn*)

as long as k is non negative integer

note : if a is not a part of Zn* -> a is a multiple of p or q

from Chinese theorem and Euler’s theorem :

aф(p) = 1 mod p

ф(n) = ф(p) ф(q)

mod p in akф(n)+1 .a = akф(p)ф(q).a= 1kф(q).a=a

mod q a=0 in фkф(n)+1 =ф=a

akф(n)+1 = a mod p

and akф(n)+1= a mod q

from 1 applying Chinese remainder theory

akф(n)+1= a mod n