Chapter 9

Mathematics of
Cryptography
Part III: Primes and Related
Congruence Equations

Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

9.1
 9.1.4 Euler’s Phi-Function

Euler’s phi-function, (n), which is sometimes called the

Euler’s totient function plays a very important role in
cryptography.

9.2
 9.1.4 Continued

We can combine the above four rules to find the value of

(n). For example, if n can be factored as
n = p e × p2e × … × p ke
1
1 2 k

then we combine the third and the fourth rule to find

Note
The difficulty of finding (n) depends on the
difficulty of finding the factorization of n.

9.3
 9.1.4 Continued

Example 9.7
What is the value of (13)?
Solution
Because 13 is a prime, (13) = (13 −1) = 12.

Example 9.8
What is the value of (10)?

Solution
We can use the third rule: (10) = (2) × (5) = 1 × 4 = 4, because 2
and 5 are primes.

9.4
 9.1.4 Continued

Example 9.9
What is the value of (240)?
Solution
We can write 240 = 24 × 31 × 51. Then

(240) = (24 −23) × (31 − 30) × (51 − 50) = 64

Example 9.10
Can we say that (49) = (7) × (7) = 6 × 6 = 36?
Solution
No. The third rule applies when m and n are relatively prime.
Here 49 = 72. We need to use the fourth rule: (49) = 72 − 71 = 42.
9.5
 9.1.4 Continued

Example 9.11
What is the number of elements in Z14*?

Solution
The answer is (14) = (7) × (2) = 6 × 1 = 6. The members are 1,
3, 5, 9, 11, and 13.

Note
Interesting point: If n > 2, the value of (n) is even.

9.6
 9.1.5 Fermat’s Little Theorem

First Version

ap − 1 ≡ 1 mod p

Second Version

ap ≡ a mod p

9.7
 9.1.5 Continued

Example 9.12
Find the result of 610 mod 11.
Solution
We have 610 mod 11 = 1. This is the first version of Fermat’s little
theorem where p = 11.
Example 9.13
Find the result of 312 mod 11.
Solution
Here the exponent (12) and the modulus (11) are not the same.
With substitution this can be solved using Fermat’s little theorem.

9.8
 9.1.6 Euler’s Theorem

First Version

a(n) ≡ 1 (mod n)
Second Version

a k × (n) + 1 ≡ a (mod n)
Note
The second version of Euler’s theorem is used in the
RSA cryptosystem in Chapter 10.
9.9
 9.1.5 Continued

Example 9.15

Find the result of 624 mod 35.

Solution
We have 624 mod 35 = 6(35) mod 35 = 1.

Example 9.16
Find the result of 2062 mod 77.
Solution
If we let k = 1 on the second version, we have
2062 mod 77 = (20 mod 77) (20(77) + 1 mod 77) mod 77
= (20)(20) mod 77 = 15.
9.10
 9.6.2 Logarithm

In cryptography, we also need to discuss modular

logarithm.
Exhaustive Search

9.11
 9.6.2 Continued

Order of the Group.

Example 9.46
What is the order of group G = <Z21∗, ×>? |G| = (21) = (3) ×
(7) = 2 × 6 =12. There are 12 elements in this group: 1, 2, 4, 5, 8,
10, 11, 13, 16, 17, 19, and 20. All are relatively prime with 21.

9.12
 9.6.2 Continued

Order of an Element
Example 9.47
Find the order of all elements in G = <Z10∗, ×>.
Solution
This group has only (10) = 4 elements: 1, 3, 7, 9. We can find the
order of each element by trial and error.

a. 11 ≡ 1 mod (10) → ord(1) = 1.

b. 34 ≡ 1 mod (10) → ord(3) = 4.
c. 74 ≡ 1 mod (10) → ord(7) = 4.
d. 92 ≡ 1 mod (10) → ord(9) = 2.
9.13
 9.6.2 Continued

Euler’s Theorem

Example 9.48

9.14
 9.6.2 Continued

Primitive Roots In the group G = <Zn∗, ×>, when the

order of an element is the same as (n), that element is
called the primitive root of the group.

Example 9.49
Table 9.4 shows that there are no primitive roots in G = <Z 8∗, ×>
because no element has the order equal to (8) = 4. The order of
elements are all smaller than 4.

9.15
 9.6.2 Continued
Example 9.50
Table 9.5 shows the result of ai ≡ x (mod 7) for the group
G = <Z7∗, ×>. In this group, (7) = 6.

9.16
 9.6.2 Continued

Note
The group G = <Zn*, ×> has primitive roots only if
n is 2, 4, pt, or 2pt.

Example 9.51
For which value of n, does the group G = <Zn∗, ×> have primitive
roots: 17, 20, 38, and 50?
Solution
a. G = <Z17∗, ×> has primitive roots, 17 is a prime.
b. G = <Z20∗, ×> has no primitive roots.
c. G = <Z38∗, ×> has primitive roots, 38 = 2 × 19 prime.
d. G = <Z50∗, ×> has primitive roots, 50 = 2 × 52 and 5 is a prime.
9.17
 9.6.2 Continued

Note
If the group G = <Zn*, ×> has any primitive root,
the number of primitive roots is ((n)).

9.18
 9.6.2 Continued

Cyclic Group If g is a primitive root in the group, we can

generate the set Zn* as Zn∗ = {g1, g2, g3, …, g(n)}
Example 9.52
The group G = <Z10*, ×> has two primitive roots because (10) = 4
and ((10)) = 2. It can be found that the primitive roots are 3 and
7. The following shows how we can create the whole set Z10* using
each primitive root.

9.19
 9.6.2 Continued

The idea of Discrete Logarithm

Properties of G = <Zp*, ×> :

1. Its elements include all integers from 1 to p − 1.

2. It always has primitive roots.

3. It is cyclic. The elements can be created using g x where

x is an integer from 1 to (n) = p − 1.

4. The primitive roots can be thought as the base of

logarithm.
9.20
 9.6.2 Continued

Solution to Modular Logarithm Using Discrete Logs

Tabulation of Discrete Logarithms

9.21
 9.6.2 Continued
Example 9.53

Find x in each of the following cases:

a. 4 ≡ 3x (mod 7).
b. 6 ≡ 5x (mod 7).

Solution
We can easily use the tabulation of the discrete logarithm in
Table 9.6.
a. 4 ≡ 3x mod 7 → x = L34 mod 7 = 4 mod 7

b. 6 ≡ 5x mod 7 → x = L56 mod 7 = 3 mod 7

9.22
 9.6.2 Continued

Using Properties of Discrete Logarithms

Using Algorithms Based on Discrete

Note
The discrete logarithm problem has the same
complexity as the factorization problem.

9.23