Sie sind auf Seite 1von 9

Cryptography

RSA Cryptosystem
Theorem: Let , . Let be numbers s. t. 1( ()). Then for any we have:
( ) ( )

Principles of RSA: Provider of public key chooses randomly primes , (distinct) and chooses
randomly < () s. t.
Public key: , where =

gcd, () = 1

Given public key (, ) and precoded message (1 , 2 , , , ) of residues modulo n

Enciphering:(1 , 2 , , , ), where ( )

Deciphering: Given and , , we can easily find < () s. t.


1 ( ())

We denote (, ) - private key. By the theorem: ( )

Proof: Again we have:

We have to show:
We have 4 cases:
1) gcd(, ) = 1

1 ()
( ) ( )

By Euler-Fermat we know that ( ) 1 ( ) and we also know that 1 () .


From this s. t. 1 = (). So the Euler-Fermat theorem can be rewritten as
( ) = (( ) ) = 1 1 ( ). Multiplying both sides by we obtain
( )

2) | but does not

As | we know : = & gcd(, ) = 1. Euler-Fermat guarantees that 1 1 ( ).


Recall that () = ( 1)( 1), so we can raise both sides to the power of 1, yielding
(1)(1) 1 ( ). Also recall that 1 ( ()) . From this we can conclude that
: 1 = (). So (1)(1) = ( ) = 1 1 ( ). This gives us the
following results:

But we have stated earlier that |, so


which follows that:

| 1 1
|
|
|

3) | but does not

( )

Follows the same logic as 2)


4) |

If | then 0 ( ) which follows that ( )

Frequency Analysis
The most common letters in English text are E (~12%), T (~9%), A (~8.5%), O, N, I, S, R, H (all about 6%
to 7.5%), followed by D (~5%) and L (~4%). It is probably easy to identify E, T and A. (Though you may
confuse T and A.) The next six most frequently occurring letters in the ciphertext are likely to represent O,
N, I, S, R, H in some order. And there are only 6! = 720 different orders to try. When you try the right order
there will be so many recognizable words that the rest will be easy.

Affine ciphers
Recall that a translation cipher is a substitution cipher of the form + ( 26) . The key is the
single number n. One slight improvement one can try is to use + ( 26) instead. Now the
key is the pair of numbers (m, n). Ciphers of this form are called affine ciphers. The multiplier m has to
be coprime to 26 for + ( 26) to yield a permutation of the numbers 0 to 25. This follows
easily from the coprime cancellation property proved last week.

Decimations
The plaintext can be thought of as a sequence of residues modulo 26. So = 1 2 3 , where each
is a natural number less than 26, and is the length of the message. The keyword = 1 2 is
also a sequence of residues modulo 26. Here is the period.

Define +1 = 1 , +2 = 2 , etc. More precisely, for each let = , where is the residue of
. The ciphertext is = 1 2 3 , where the term is the mod 26 residue of
+ . In particular the sequence 1 +1 2 +1 is simply an alphabetic shift of the sequence
1 +1 2+1 To get +1 you just add 1 to +1 ( 26).

We define the decimation of with period and index to be the sequence


(, , ) = +2 +3

Frequencies of Letters in Decimations


The most common letters in English text are E (~12%), T (~9%), A (~8.5%), O, N, I, S, R, H (all about 6%
to 7.5%), followed by D (~5%) and L (~4%). Any decimation of typical English text will also exhibit
these frequencies. Obviously the encoded text will have a different letter to be more frequent but we can
compare the letters and frequencies to determine what the key is as the letters are just shifted

Coincidence Index
The coincidence index of a piece of text is the probability that two randomly chosen letters are the same.
2
If the relative frequencies of the 26 letters are 0 , 1 , , 25 then the coincidence index is 25
=0 .
For English text the coincidence index is usually about 0.065. Alphabetic shifts do not change the
coincidence index, so in a Vignere cipher with period m, the decimations will still have a coincidence
index of about 0.065. We now just compute the coincidence index of (, 1, ) for = 1, 2, 3,
until we find an that gives a value greater than 0.06

Digraphs
A digraph is a pair of adjacent letters. If all digraphs occurred with the same frequency then this number
1
26

would be ( )2 , but because some are much more common than others, typical English text gives a much

higher value than this. The (, )-decimation takes the , digraph and, if the period is , takes the
digraph after the first. Taking the coincidence index of these digraphs will indicate whether or not the
letters were adjacent in the plaintext. There is also another method known as Coincidence Discriminant.
It checks the probability that a randomly chosen digraph, , occurs in a piece of text. It then checks the
individual occurrences of and letters. The coincidence discriminant is defined to be , ( )2

Number Theory
Theorem 1: Let , , , , and suppose that ( ) and ( ). Then
+ + ( ) and ( )

Proof: We know that | and | . We can rewrite this as = and = .


Rearranging for and we obtain = + and = + . Adding them together we obtain:

Similarly:

+ = + + ( + )
( + ) ( + ) = ( + )
+ + ( )

= ( + )( + )
= + ( + + )
= ( + + )
( )

Theorem 2: Let , , be integers such that |. If gcd(, ) = 1 then it follows that |.

Proof: Assuming that gcd(, ) = 1, from the Extended Euclidean Algorithm, there are integers , such
that
Multiplying both sides by we obtain:

+ = 1
() + () =

We know that 0 ( ) and it is also obvious that () 0 ( ). It then follows that


() + () = 0 ( )
|

Corollary 1: Let , . If is a prime such that |, then | or |.

Proof: Suppose is a prime such that |, and let gcd(, ) = . Then | and |. Since is a prime
the only positive integers that are divisors of are 1 and . So either = 1 or = .

Case 1: Suppose = 1. Then | and gcd(, ) = 1. It follows from Theorem 2 that |

Case 2: Suppose = . Since |, it means that |.

Corollary 2: If is a prime and |1 2 3 where 1 2 3 , then | for some


{1,2, , }
Definition 1: Let be a positive integer. A set of integers is called a complete system modulo if for
every integer there is exactly one such that ( )

Definition 2: Let be a positive integer. A set of integers is called a reduced system modulo if all
elements of are coprime and for every integer there is exactly one such that every integer
there is exactly one such that ( )

Definition 3: Let be a positive integer. The quantity () is the number of natural numbers such
that < and gcd(, ) = 1.
() = 1

= 1

Definition 4: Let be a prime number and any integer that is not a multiple of . The order of a
modulo , written () is the least positive integer such that 1 ( ).

The Euler-Fermat Theorem: Let , , and suppose that gcd(, ) = 1. Then ( ) 1 ( )


Proof: Let = () and let = {1 2 , , } is a reduced system where gcd( , ) = 1 for each . It is
clear that multiplying all the s together, the resulting number is still coprime to . So 1 2 , , is
coprime to . Given gcd(, ) = 1, it follows that {1 2 , , } is also a reduced system. All
numbers 1 2 , , are congruent to 1 2 , , (modulo ) in some order. This means that
(1 )(2 ) ( ) 1 2 ( )
(1 2 ) 1 2 ( )
1 ( )

Fermats Little Theorem: Let be a prime, and suppose that and . Then 1 1 ( )

Definition 5: A function defined on the positive integers is said to be multiplicative if


() = ()() whenever gcd(, ) = 1

Proposition 1: Let , and = gcd


(, ). The / and / are coprime integers

Proof: Since | and |, / and / are both integers. Let = gcd


( , ). Then | and
| . We now have / and /, which means that | gcd(, ) = . We have 1/ and by
definition of gcd, must be an integer, so = 1.
Proposition 2: Let , with gcd(, ) = 1. If , with | and |, then gcd(, ) = 1.

Proof: Let = gcd


(, ). This means that | (as | |) and | (as | and |). It follows
that |gcd
(, ). But gcd(, ) = 1, then must be equal to 1.
Multiplicative Functions

All integers can be expressed as the product of prime factors, ie. = 1 1 2 2 3 3 . Consider the
multiplicative function (). () can be expressed as:
1 1 2 2 3 3 = 1 1 2 2 3 3 as gcd1 1 , 2 2 3 3 = 1

1 1 2 2 3 3 = 1 1 2 2 (3 3 ) as gcd2 2 , 3 3 = 1
And so on until

() = 1 1 2 2 ( )
We can apply this concept to all multiplicative functions.
Consider the Euler Phi Function
1
= 1 = (1 )

() = 1 1 2 2 ( )

1 1 2 2 3 3 = 1 1 (1

1
1
1
1
)2 2 (1 )3 3 (1 ) (1 )
1
2
3

1
() = (1 )

Define () as the number of divisors of and () as the sum of divisors of


() = 2

= + 1
() = + 1

Both () and () are multiplicative.

+1 1
1

() =
|

= 1 2
1 | 2 |

= 1 2 = ()()
Provided and are coprime.

1 |

2 |

In general:

() = ( + 1)
=1

Provided that = 1 1 2 2 3 3

() =
=1

+1 1
1

Theorem 3: Let be any positive integer. Then | () =

Proof: Denote to be the set of such that gcd(, ) = and denote # to be the number of
elements in . It is clear that | # = as every number from 1 to occurs exactly once in .
Now denote to be the set / as each element in is a multiple of . This means that there is no
common divisor left meaning each element in is now coprime to /.

Denote # to be the number of elements in . We see that # = # = (2). So | # =


now becomes | () = . If | then = for some integer . is complementary to and is
complementary to . Replacing / with we can rewrite | () = as | () = .

Lemma: Let , and let . Then gcd(, ) = gcd


(, )

Proof: The case when = 0 holds as both sides equal 0. Let = gcd
(, ), then | and |.
We use the following property:

For , if | and | then | gcd(, ) =

We know | as | and | so we can write = . We now need to prove that = gcd


(, ).
As = , | and |, which results in | and |. Using the above property, if | and |,
we can multiply through by , giving | and |. From the above condition it follows that |.
We can cancel , giving us |, meaning that gcd(, ) =
Definition 5: Let be a positive integer, and define () as follows:

0 if n is divisible by the sqaure of any prime


() =
(1)
if n contains r disinct primes

The function is called the Mobius Function

Theorem 4: If and are coprime positive integers then () = ()().

Proof: Suppose that , + and gcd(, ) = 1. If either or is not square free then either
() = 0 or () = 0, and in either case it follows that () = 0. Since all divisors of contains
the divisors of both and . So if either or contains a square of a prime as a divisor then it follows
that () = 0.
We now determine the case where both and are both square free.

Consider the divisors of and :

= 1 2
= 1 2

This gives () = (1) and () = (1) . Since all s and all s are distinct, so
= (1 2 )(1 2 )
() = (1)+

()() = (1) (1) = (1)+ = ()

Theorem 5: Suppose that is a multiplicative function defined on + , and define another function by
the rule that () = | () for all + . Then is multiplicative.

Proof: We use the rule that if | then | and | if and only if = . We have

() = () = () = () () = ()()
|

| |

as is multiplicative and the fact that gcd(, ) = 1 implies that gcd(, ) = 1 whenever | and |
Corollary 3: For each positive integer define | (). Then

Proof: For = 1, we have

1 if n = 1
() =
0 if n > 1

() = (1) = () = (1) = 1
|1

For > 1, we can write = 1 1 2 2 3 3 . So

() = 1 1 2 2 3 3 = 1 1 2 2 ( )

We now only have to prove that if is prime and 1, then = 0. The divisors of are those
s for 1 . So

= () = ( ) = (1) + () + ( ) = 1 + (1) + 0 = 0
|

=0

as when 2 then is not square free.

=2

Das könnte Ihnen auch gefallen