Crypto - Problem set 5

(xbabej - 396515) October 30, 2012

Problem 1
Let us consider the following polynomials f1 (x) = x3 c, f2 (x) = (x + 1)3 c . It is easy to see that m is a root for both of these polynomials, since f1 (m) = m3 c = c c = 0 and f2 (m) = (m + 1)3 c = c c = 0. Therefore the linear factor (x m) divides both f1 (x) and f2 (x) and consenquently their greatest common divisor g(x). Since e = 3 and (n) are coprime, the polynomial x3 c has only one root in Z and therefore factors into linear and irreducible quadratic polynomials. Since f1 cannot divide f2 (easy to see from extended euclid algorithm), g(x) is indeed linear and therefore equal to (x m). Value of m can be therefore computed using extended euclid algorithm to nd g(x).

Problem 2
Suppose by n having two factors it is meant that n has only two factors excluding 1 and n. Let us denote them p, q . Then n = pq . Since p, q are primes (otherwise n would have more than 2 non-trivial factors), (n) = (p 1)(q 1) = pq (p + q) + 1. Therefore (p + q) = n (n) + 1. Let us consider the following quadratic equation (x p)(x q) = x2 (p + q) x + pq . Since we know the values of (p + q) = n (n) + 1 = 846 and pq = n = 176928, we can easily solve this equation by standard formula and get the solution p = 457, q = 389.

Problem 3
Let us follow the steps of Die-Hellman protocol:
Alice chooses, randomly, 1 x = 11 < p 1 = 598 and computes X = q x mod 599 = 1111 mod 599 = 317. Bob chooses, randomly, 1 y = 27 < p 1 = 598 and computes Y = q y mod 599 = 1127 mod 599 = 59. Alice and Bob exchange X and Y , but keep x, y secret. Alice computes k = Y x mod p = 5911 mod 599 = 99 Bob computes k = X y mod p = 31727 mod 599 = 99 Both of them have obtained the same secret key k .

Problem 4
Using extended euclid algorithm, we are able to nd a, b such that a 7 + b 17 = 1, namely a = 12, b = 5. Using 12 5 this fact we are able to derive the value of m = c12 c5 = m7 m17 = m8584 = m. We get m = 123456. 2 1

Problem 5
a) b) The statement is not true. A simple counterexample is x = 4, y = 2. It is true that x|y 2 , however it is not true that x|y . Let us consider prime factorization of x3 and y 2 . Let us consider nite set of primes
P = {p | p divides xy, p is a prime}
3 Then x = p1 p2 . . . pn ,y = p1 p2 . . . pn . Since x3 |y 2 , that is p31 p2 2 . . . p3n |p21 p22 . . . p2n it n n n n 2 1 1 1 2 1 2 3i 2i holds that pi |pi for every prime pi P and therefore 3i |2i for every i {1 . . . n}. The greatest common divisor of 3 and 2 is 1 and the fact that 3i |2i for every i {1 . . . n} implies that i |i for every i {1 . . . n} and hence x|y .

Problem 6
a) b) Since Bob's public key X is dened as X = u X mod m, its value for given u = 42 and m = 181 is X = u X mod m = (42, 126, 29, 100, 145). The cryptotext computed by Alice is given by formula
c = X w = (42, 126, 29, 100, 145) (1, 1, 0, 1, 0) = 42 + 126 + 100 = 268

c)

First we have to compute the value of u1 mod m = 421 mod 181 = 125 and the value of c = u1 c mod m = 125 268 mod 181=15. Now we need to solve the knapsack problem with X and c . Using the algorithm in the lecture slides:
c = 15 < 25 = x5 c = 15 11 = x4 c = 4 < 5 = x3 c = 4 3 = x2 c = 1 1 = x1 w5 = 0, c = 15 0 = 15 w4 = 1, c = 15 11 = 4 w3 = 0, c = 4 0 = 4 w2 = 1, c = 4 3 = 1 w1 = 1, c = 1 1 = 0

Bob gets the following plaintext w = (w1 , w2 , w3 , w4 , w5 )=(1,1,0,1,0), which is correct.

Problem 7 Problem 8