Beruflich Dokumente
Kultur Dokumente
We often identify items with numbers - student numbers are a good example of
this. Such numbers can be easily transcribed incorrectly and hence it is a good
idea to have some checking built into the way that the numbers are constructed.
We look at the maths behind such checking schemes, called modular arithmetic,
and look at two familiar checking schemes. Finally we describe another appli-
cation of modular arithmetic.
EXAMPLE 1.1.1.
24 ≡ 4 (mod 5), 28 ≡ 2 (mod 26).
There are a number of results about congruence that we will use frequently
and we collect them here for easy reference.
LEMMA 1.1.1.
Let a, b, c and n be integers with n 6= 0. Then the following results are true.
1. a ≡ 0 (mod n) if and only if n|a.
2. a ≡ a (mod n).
3. a ≡ b (mod n) if and only if b ≡ a (mod n).
5
Now that we have the idea of two integers being congruent if their difference
is divisible by n, we can think in terms of having only a finite set of integers. So
we let Zn be the integers mod n. Thus Zn = {0, 1, 2, . . . , n − 1} and addition,
subtraction, multiplication and division are carried out on the elements of Zn
mod n.
It is often helpful when doing this to imagine the elements of Zn being the
numbers on a clock face. Then addition can be carried out on this circular
number line. Multiplication of y by x, say, can be thought of as adding y to 0
x times.
The next example illustrates these ideas modulo 3.
EXAMPLE 1.1.2.
We know that we have the numbers 0, 1 and 2 to place on the clock face. When
we add 1 to any number we move clockwise by 1 number. When we add 2
we move clockwise by 2 numbers. Thus we have that 0 + 2 ≡ 2 (mod 3) and
2 + 2 ≡ 1 (mod 3), for instance. We can summarise this in an addition table,
given in Table1.1.
We know that 2 × 2 = 2 + 2 and so 2 × 2 ≡ 1 (mod 3). The results of all
possible pairwise multiplications are given in Table1.2.
+ 0 1 2
0
1
2
c
°Debbie Street, 2011 6
Table 1.2: Multiplication Tables
× 0 1 2 3
× 0 1 2
× 0 1 0 0 0 0 0
0 0 0 0
0 0 0 1 0 1 2 3
1 0 1 2
1 0 1 2 0 2 0 2
2 0 2 1
3 0 3 2 1
1.1.1 Exercises
1. Give the addition and multiplication tables mod 7. Can you see any 0s in
these tables? Comment.
2. Give the addition and multiplication tables mod 6. Can you see any 0s in
these tables? Comment. Two numbers that multiply to give 0 are called
divisors of 0. Give all the divisors of 0 in this case. What do you notice?
c
°Debbie Street, 2011 7
equation
10
X
(11 − j)aj ≡ 0 mod 11.
j=1
EXAMPLE 1.2.2.
The EAN 9300624005377 satisfies
(9 + 0 + 6 + 4 + 0 + 3 + 7) + 3 × (3 + 0 + 2 + 0 + 5 + 7) ≡ 0 mod 10,
as expected.
c
°Debbie Street, 2011 8
1.2.3 Exercises
1. Suppose that only the check digit needs to be determined for the book
number 0-3021-9041 to make it an ISBN. What is the check digit?
4. Does the EAN scheme catch all single digit errors? (You must prove your
answer, either by giving a single digit error which is not detected, or by
proving that every single digit error will be detected.)
5. A transposition error occurs when two digits are interchanged. Show that
a transposition error is not caught by the EAN scheme if |ai − ai+1 | = 5.
6. Suppose that 3 is replaced by 4 in the formula for the EAN scheme. Is
this modified EAN scheme just as good? What if the 3 is replaced by 7?
Comment.
1.3 Ciphers
Ciphers are used in an attempt to keep information from an adversary. Be-
cause the world is becoming more connected, there is an increasing demand on
electronic systems and an increased need to protect data, such as credit card
numbers, that are transmitted over the internet. The techniques that do this
form the field of cryptology.
Cryptology is the “study of of communication over non-secure channels”(Trappe
and Washington (2006)). Cryptography is the process of designing systems to
facilitate confidential communications over non-secure channels. Cryptanalysis
is the study of techniques to break the confidential communications of others.
Finally a particular encryption method will be referred to as a cryptosystem.
c
°Debbie Street, 2011 9
plaintext, and encrypts it using a method that Alice and Bob have agreed on
beforehand. This produces the ciphertext which is sent to Bob. When Bob
receives the ciphertext he then decrypts it to recover the plaintext. Alice and
Bob assume that Eve knows the method of encryption but that she doesn’t
know the secret key. As we will see the secret key may be the encryption key
but it may only be the decryption key that is secret; such a system is called a
public key system.
3. Authentication: Bob needs to be sure that only Alice could have sent the
message. For example, if Bob is a computer then password protocols are
an example of this. Entity authentication is aimed at proving the identity
of parties involved in a communication. Data-origin authentication aims
to link the origin of data (such as time, place) with the actual data.
4. Non-repudiation: Bob wants to be sure that Alice can not claim that
she did not send the message. Here Bob might be a store and the store
does not want Alice to be able to deny she ordered the goods.
c
°Debbie Street, 2011 10
These various ideas are combined to provide digital signatures, to provide
identification schemes, to provide electronic cash systems, to provide ways to
have secure transactions over the internet and to provide ways to share parts of
a secret so that the presence of a certain subset of people is required to be able
to open a bank vault say.
c
°Debbie Street, 2011 11
Since the alphabet has 26 letters in it, it is natural to think in terms of
representing the letters of the alphabet by the numbers in Z26 . Thus we let a
be represented by “0”, b by “1” and so on until z is represented by “25”. Then
Caesar’s cipher can be described by saying that
x 7→ x + 3 mod 26.
{2+3, 0+3, 4+3, 18+3, 0+3, 17+3, 2+3, 8+3, 15+3, 7+3, 4+3, 17+3} mod 26
which becomes
{5, 3, 7, 21, 3, 20, 5, 11, 18, 10, 7, 20}
which is transmitted as FDHVDU FLSKHU.
Cryptanalysis An unsophisticated but successful strategy is just to try all the
possibilities (there are only 25) but see the exercises for an example where this
can break down.
{8 × 13 + 4, 13 × 13 + 4, 15 × 13 + 4, 20 × 13 + 4, 19 × 13 + 4}
which when evaluated mod 26 gives {4,17,17,4,17} which is ERRER. Now let’s
encipher alter. This is {0,11,19,4,17} we get
{0 × 13 + 4, 11 × 13 + 4, 19 × 13 + 4, 4 × 13 + 4, 17 × 13 + 4}
c
°Debbie Street, 2011 12
This happens because we can not get a multiplicative inverse for 13 mod
26. Why not? By definition a multiplicative inverse of 13 in Z26 is a number
s ∈ Z26 such that 13s ≡ 1 mod 26. If we check all the possibilities for s we
realise that if s is even then 13s ≡ 0 mod 26 and if s is odd then 13s ≡ 13 mod
26. So 13 has no multiplicative inverse mod 26.
So let’s look at some of the other numbers mod 26. Try 2. Then 2s is always
going to be congruent to an even number mod 26 and 1 is odd so 2 has no
multiplicative inverse mod 26. Now let’s try 3. Then 3 × 9 = 27 ≡ 1 mod 26
and so the multiplicative inverse of 3 is 9 and of 9 is 3. What happens if we let
α = 3 in the previous example?
EXAMPLE 1.3.3.
Suppose that we let α = 3 and β = 4. Then x 7→ 3x + 4 mod 26. Suppose we
encipher the plaintext input. Since this is {8,13,15,20,19} we get {8 × 3 + 4, 13 ×
3 + 4, 15 × 3 + 4, 20 × 3 + 4, 19 × 3 + 4} which when evaluated mod 26 gives
{2,17,23,12,9} which is CRXMJ. To decipher this we only need to reverse the
encipherment and calculate X 7→ 9 × (X − 4) mod 26 (where we use 9 since it is
3−1 mod 26). This gives {9×(2−4), 9×(17−4), 9×(23−4), 9×(12−4), 9×(2−4)}
which gives {8,13,15,20,19} as we expect.
A similar argument to that used for 2 shows that any even element of Z26
has no multiplicative inverse mod 26. For the odd numbers notice that 5 × 21 =
105 = 4 × 26 + 1, 7 × 15 = 105 = 4 × 26 + 1,11 × 19 = 209 = 8 × 26 + 1,
17 × 23 = 391 = 26 × 15 + 1 and 25 × 25 = 625 = 24 × 26 + 1. So we see that
all of the odd numbers other than 13 have a multiplicative inverse.
So what we need to do to find a multiplicative inverse of a mod 26, is to find
a number s such that as + 26t = 1 for some number t. By looking at all the
cases we have shown that this is only true if the greatest common divisor of a
and 26 is 1. This turns out to be a general result and we will discuss it later.
1.3.7 Exercises
1. Suppose that you know that KDDKMU was enciphered using the shift
cipher. To what does it decipher?
2. Suppose that you know that EVIRE was enciphered using the shift cipher.
To what does it decipher? Comment.
3. Encipher howareyou using the affine cipher x 7→ 5x + 7 mod 26. What is
the decipherment function? Check that it works.
4. Consider an affine cipher mod 26. You do a chosen plaintext attack using
hahaha and get the ciphertextNONONO. Determine the values of α and
β. Would it be sufficient to encipher only one letter? Would you get
any additional information by enciphering more than two distinct letters?
(Think about pairs of letters that are 13 apart, such as a and n, as well
as pairs that are some other distance apart, when giving your answer.)
c
°Debbie Street, 2011 13
5. Suppose that you encipher using an affine cipher and then encipher the
result using another affine cipher (both mod 26). Is there any gain to
doing this rather than using just one affine cipher? Say why or why not.
6. Suppose that we decide to extend the alphabet to include a space which
is represented by 26. So now we will use an affine function mod 27 to
encipher (and decipher) messages. How many different keys are possible?
How many keys are possible if we also include ? and ! and work mod 29?
7. (Harder Question) If the encipherment function is the same as the deci-
pherment function then the corresponding key is said to be involutory.
(a) Find all the involutory keys for the shift cipher.
(b) Prove that for an affine cipher over Zn , (α, β) is an involutory key if
and only if α−1 mod n = α and β(α + 1) ≡ 0 mod n.
(c) Determine all the involutory keys in the affine cipher over Z26 .
(d) Determine all the involutory keys in the affine cipher over Z15 .
c
°Debbie Street, 2011 14