UMass Lowell Computer Science 91.580.201 Geometric Modeling Prof. Karen Daniels Spring, 2009
UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006
description
Transcript of UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006
![Page 1: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/1.jpg)
UMass Lowell Computer Science 91.503
Analysis of Algorithms Prof. Karen Daniels
Fall, 2006
UMass Lowell Computer Science 91.503
Analysis of Algorithms Prof. Karen Daniels
Fall, 2006
Wednesday, 29 NovemberWednesday, 29 NovemberNumber-Theoretic AlgorithmsNumber-Theoretic Algorithms
Chapter 31 Chapter 31
![Page 2: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/2.jpg)
Chapter DependenciesChapter Dependencies
Ch 31Number-Theoretic AlgorithmsRSA
Math: Number Theory
You’re responsible for material in this chapter that we discuss in lecture. (Note that this does not include sections 31.8 or 31.9.)
![Page 3: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/3.jpg)
OverviewOverview
Motivation: RSAMotivation: RSA BasicsBasics Euclid’s GCD AlgorithmEuclid’s GCD Algorithm Chinese Remainder TheoremChinese Remainder Theorem Powers of an ElementPowers of an Element RSA DetailsRSA Details
![Page 4: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/4.jpg)
Motivation: RSA
Motivation: RSA
![Page 5: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/5.jpg)
RSA EncryptionRSA Encryption
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.531.5
MMSP AA ))(( MMPS AA ))((
![Page 6: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/6.jpg)
RSA Digital SignatureRSA Digital Signature
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.631.6
assume Alice also sends her name so Bob knows whose public key to useassume Alice also sends her name so Bob knows whose public key to use
'))'(( MMSP AA
?
![Page 7: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/7.jpg)
RSA CryptosystemRSA Cryptosystem
(31.19)(31.19)
(31.26)(31.26)
)(mod)( nMMP e )(mod)( nCCS d(31.35)(31.35) (31.36)(31.36)
encodeencode decodedecode
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
to be explained later….
need efficient ways to compute P(M), S(C)
![Page 8: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/8.jpg)
RSA DependenceRSA Dependence
Correctness:Correctness: Euler’s Euler’s Function Function Fermat’s TheoremFermat’s Theorem Chinese Remainder TheoremChinese Remainder Theorem
Efficiency:Efficiency: Modular ExponentiationModular Exponentiation Primality TestingPrimality Testing
Security:Security: Difficulty of Factoring Large IntegersDifficulty of Factoring Large Integers
)(mod))(())(( nMMSPMPS ed
see chart of result dependencies on next slide (courtesy of Mark Micire)…see chart of result dependencies on next slide (courtesy of Mark Micire)…
Need to show:Need to show:
)(mod nMM ed
![Page 9: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/9.jpg)
![Page 10: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/10.jpg)
Basic Concepts
Basic Concepts
** Indicates that result is on chart of result dependenciesIndicates that result is on chart of result dependencies
![Page 11: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/11.jpg)
Division & RemaindersDivision & Remainders
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.131.1
(3.8)(3.8) **
![Page 12: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/12.jpg)
Equivalence Class Modulo nEquivalence Class Modulo n
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
(31.1)(31.1)
(31.2)(31.2)
![Page 13: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/13.jpg)
Common DivisorsCommon Divisors
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
(31.3)(31.3)
(31.4)(31.4)
(31.5)(31.5)
**
**
![Page 14: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/14.jpg)
Greatest Common DivisorGreatest Common Divisor
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
(31.6)(31.6)
(31.7)(31.7)
(31.8)(31.8)
(31.9)(31.9)
(31.10)(31.10)
31.231.2
(3.8)(3.8)
(31.4)(31.4)
**
**
![Page 15: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/15.jpg)
Greatest Common DivisorGreatest Common Divisor
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.331.3
(31.4)(31.4)
31.231.2
31.431.4
**
![Page 16: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/16.jpg)
Relatively Prime IntegersRelatively Prime Integers
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.631.6
31.231.2
31.231.2
**
![Page 17: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/17.jpg)
Relatively Prime IntegersRelatively Prime Integers
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.731.7
31.631.6
31.1-631.1-6 **
![Page 18: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/18.jpg)
Greatest Common Divisor
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.931.9
(31.5)(31.5)
(3.8)(3.8)
(31.4)(31.4)
(31.3)(31.3)
(31.4)(31.4)
(31.3)(31.3)
(31.5)(31.5) (31.14)(31.14) (31.15)(31.15)
(31.14)(31.14)
(31.15)(31.15)
**
![Page 19: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/19.jpg)
Euclid’s GCD Algorithm
Euclid’s GCD Algorithm
![Page 20: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/20.jpg)
Euclid’s GCD AlgorithmEuclid’s GCD Algorithm
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
**
Also see Java code on course web Also see Java code on course web sitesite
![Page 21: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/21.jpg)
Extended EuclidExtended Euclid
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
(31.16)(31.16)
31.131.1
**
**
![Page 22: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/22.jpg)
Chinese Remainder Theorem
Chinese Remainder Theorem
![Page 23: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/23.jpg)
Modular ArithmeticModular Arithmetic
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
![Page 24: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/24.jpg)
Finite GroupsFinite Groups
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
size of this group is 6size of this group is 6 size of this group is 8size of this group is 8
31.231.2
Additive group mod 6Additive group mod 6 Multiplicative group mod 15Multiplicative group mod 15
}1),gcd(:]{[* naZaZ nnn
elements relatively prime to nelements relatively prime to n
![Page 25: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/25.jpg)
Finite GroupsFinite Groups
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.1231.12
![Page 26: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/26.jpg)
Finite GroupsFinite Groups
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.1331.13
31.631.6
31.1231.12
31.2631.26
![Page 27: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/27.jpg)
Euler’s Phi FunctionEuler’s Phi Function
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
(31.19)(31.19) **
![Page 28: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/28.jpg)
Lagrange’s TheoremLagrange’s Theorem
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.1531.15**
![Page 29: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/29.jpg)
Finite GroupsFinite Groups31.1731.17 **
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.1831.18
31.1931.19
**
**
}1:{ )( kaa k
additive subgroup additive subgroup generated by generated by aa
wherewhere
aaaa k )(
kk
![Page 30: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/30.jpg)
Solving Modular Linear EqSolving Modular Linear Eq
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.2031.20
(31.4)(31.4)
**
![Page 31: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/31.jpg)
Solving Modular Linear EqSolving Modular Linear Eq
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.2231.22
31.1831.18
31.1831.18
31.2231.22
31.2431.24
**
**
![Page 32: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/32.jpg)
Solving Modular Linear EqSolving Modular Linear Eq
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.2631.26
**
**
![Page 33: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/33.jpg)
Chinese Remainder TheoremChinese Remainder Theorem
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
(31.23)(31.23)
31.2731.27
(31.23)(31.23)
(31.24)(31.24)
(31.25)(31.25)
(31.26)(31.26)
**
![Page 34: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/34.jpg)
Chinese Remainder TheoremChinese Remainder Theorem
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.2931.29 **
![Page 35: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/35.jpg)
Powers of an Element
Powers of an Element
![Page 36: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/36.jpg)
Theorems of Euler & FermatTheorems of Euler & Fermat
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.3031.30
31.3131.31
**
**
![Page 37: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/37.jpg)
Modular ExponentiationModular Exponentiation
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
**
nab mod
Also see Java code on course web siteAlso see Java code on course web site
![Page 38: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/38.jpg)
RSA Details RSA Details
![Page 39: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/39.jpg)
RSA EncryptionRSA Encryption
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.531.5
MMSP AA ))(( MMPS AA ))((
![Page 40: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/40.jpg)
RSA Digital SignatureRSA Digital Signature
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
31.631.6
assume Alice also sends her name so Bob knows whose public key to useassume Alice also sends her name so Bob knows whose public key to use
'))'(( MMSP AA
?
![Page 41: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/41.jpg)
RSA CryptosystemRSA Cryptosystem
(31.19)(31.19)
(31.26)(31.26)
)(mod)( nMMP e )(mod)( nCCS d(31.35)(31.35) (31.36)(31.36)
encodeencode decodedecode
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
need efficient ways to compute P(M), S(C)
![Page 42: UMass Lowell Computer Science 91.503 Analysis of Algorithms Prof. Karen Daniels Fall, 2006](https://reader035.fdocuments.us/reader035/viewer/2022070404/56813aef550346895da3647d/html5/thumbnails/42.jpg)
RSA CorrectnessRSA Correctness
source: 91.503 textbook Cormen et al.source: 91.503 textbook Cormen et al.
(31.35)(31.35) (31.36)(31.36)
31.3131.31
31.2931.29
by Thm 31.31 (Fermat)by Thm 31.31 (Fermat)