Sie sind auf Seite 1von 281

2-1=3prim

2

3 -1=7prim

2

5 -1=31prim

2

7 -1=127prim

2

11 -1=2047=23 . 89

TheCrypToolScript Cryptography,Mathematics,andMore
TheCrypToolScript
Cryptography,Mathematics,andMore
Prof.BernhardEsslinger andtheCrypToolDevelopmentTeam
Prof.BernhardEsslinger
andtheCrypToolDevelopmentTeam

10cthEdition

BackgroundreadingforCrypTool thefreee-learningprogram (withnumbertheorysamplesforSage)
BackgroundreadingforCrypTool
thefreee-learningprogram
(withnumbertheorysamplesforSage)

The CrypTool Script:

Cryptography, Mathematics, and More

Background reading for CrypTool the free e-learning program (with number theory code samples for Sage)

(10th edition – distributed with CrypTool version 1.4.30)

Copyright (c) Prof. Bernhard Esslinger (co-author and editor) and the CrypTool Development Team, 1998-2010 Frankfurt am Main, Germany

July 5, 2010

This is a free document, so the content of the document can be copied and dis- tributed, also for commercial purposes — as long as the authors, title and the Cryp- Tool web site (www.cryptool.org) are acknowledged. Naturally, citations from the CrypTool script are possible, as in all other documents. The specific license for this document is the GNU Free Documentation Licence.

Copyright c 1998–2010 Bernhard Esslinger and the CrypTool Development Team. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front- Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled “GNU Free Documentation License”.

Source cover photograph: www.photocase.com, Andre Guenther

Typesetting software: L A T E X Version control software: Subversion

i

Overview about the Content of the CrypTool Script

In this script accompanying the program CrypTool you will find predominantly mathematically oriented information on using cryptographic procedures. Also included are many sample code pieces written in the computer algebra system Sage (see appendix A.5). The main chapters have been written by various authors (see appendix A.2) and are therefore independent from one another. At the end of most chapters you will find references and web links.

The first chapter explains the principles of symmetric and asymmetric encryption and describes shortly the current decryption records of modern symmetric algorithms.

Because of didactic reasons the second chapter gives an exhaustive overview about paper and pencil encryption methods.

Big parts of this script are dedicated to the fascinating topic of prime numbers (chap. 3). Using numerous examples, modular arithmetic and elementary number theory (chap. 4) are introduced and applied in an exemplary manner for the RSA procedure.

By reading chapter 5 you’ll gain an insight into the mathematical ideas and concepts behind modern cryptography.

Chapter 6 gives an overview about the status of attacks against modern hash algorithms and is then shortly devoted to digital signatures, which are an essential component of e- business applications.

Chapter 7 describes elliptic curves: they could be used as an alternative to RSA and in addition are extremely well suited for implementation on smartcards.

The last chapter Crypto2020 discusses threats for existing cryptographic methods and in- troduces alternative research approaches to achieve long-term security of cryptographic schemes.

Whereas the e-learning program CrypTool motivates and teaches you how to use cryptogra- phy in practice, the script provides those interested in the subject with a deeper understanding of the mathematical algorithms used – trying to do it in an instructive way. If you are already a little bit familiar with this field of knowledge you can gain a fast overview about the functions delivered by CrypTool looking at the menu tree (see appendix A.1).

The authors would like to take this opportunity to thank their colleagues in the company and at the universities of Frankfurt, Gießen, Siegen, Karlsruhe and Darmstadt.

As with the e-learning program CrypTool, the quality of the script is enhanced by your suggestions and ideas for improvement. We look forward to your feedback.

ii

Contents Overview

Overview

ii

Preface to the 10th Edition of the CrypTool Script

xi

Introduction – How do the Script and the Program Play together?

xii

1 Encryption Procedures

1

2 Paper and Pencil Encryption Methods

14

3 Prime Numbers

50

4 Introduction to Elementary Number Theory with Examples

92

5 The Mathematical Ideas behind Modern Cryptography

173

6 Hash Functions and Digital Signatures

185

7 Elliptic Curves

193

8 Crypto 2020 — Perspectives for Long-Term Cryptographic Security

212

A Appendix

217

GNU Free Documentation License

246

List of Figures

254

List of Tables

256

List of Crypto Procedures

258

List of Sage Code Examples

259

Index

261

iii

Contents

Overview

 

ii

Preface to the 10th Edition of the CrypTool Script

 

xi

Introduction – How do the Script and the Program Play together?

 

xii

1 Encryption Procedures

 

1

1.1

Symmetric encryption

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2

1.1.1 New results about cryptanalysis of AES

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2

1.1.2 Current status of brute-force attacks on symmetric algorithms (RC5)

 

4

1.2 Asymmetric encryption

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

5

1.3 Hybrid procedures

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

6

1.4 Ciphers and cryptanalysis for educational purposes

 

7

1.5 Further details

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

7

1.6 Appendix: Examples using Sage

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

8

 

1.6.1

Mini-AES

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

8

Bibliography

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

10

Web links

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

13

2 Paper and Pencil Encryption Methods

 

14

2.1 Transposition ciphers

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

15

 

2.1.1 Introductory samples of different transposition ciphers

.

.

.

.

.

.

.

.

.

.

.

15

2.1.2 Column and row transposition ciphers

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

16

2.1.3 Further transposition algorithm ciphers

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

17

2.2 Substitution ciphers

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

18

 

2.2.1 Monoalphabetic substitution ciphers

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

18

2.2.2 Homophonic substitution ciphers

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

22

2.2.3 Polygraphic substitution ciphers

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

23

2.2.4 Polyalphabetic substitution ciphers

 

25

2.3 Combining substitution and transposition

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

27

2.4 Further methods

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

29

 

iv

3

2.5

Appendix: Examples using Sage

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2.5.1 Transposition ciphers

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2.5.2 Substitution ciphers

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2.5.3 Caesar cipher

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2.5.4 Shift cipher

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2.5.5 Affine cipher

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2.5.6 Substitution with symbols .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2.5.7 Vigen`ere cipher

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2.5.8 Hill cipher

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

Bibliography

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

Prime Numbers

 

3.1 What are prime numbers?

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

3.2 Prime numbers in mathematics

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

3.3 How many prime numbers are there?

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

3.4 The search for extremely large primes

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

3.4.1 The 20+ largest known primes (as of July 2009)

.

.

.

.

.

.

.

.

.

.

.

.

3.4.2 Special number types – Mersenne numbers and Mersenne primes

 

3.4.3 Challenge of the Electronic Frontier Foundation (EFF)

 

3.5 Prime number tests

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

3.6 Overview special number types and the search for a formula for primes

 

3.6.1 Mersenne

numbers f (n) = 2 n 1

 

for n prime .

.

.

.

.

.

.

.

.

.

.

.

.

3.6.2 Generalized Mersenne numbers f (k, n) = k · 2 n ± 1 / Proth numbers

3.6.3 Generalized Mersenne numbers f (b, n) = b n ± 1 / Cunningham project

3.6.4 Fermat numbers f (n) = 2 2 n + 1 .

3.6.5 Generalized Fermat numbers f (b, n) = b 2 n + 1

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

3.6.6 Carmichael numbers

.

.

.

.

.

.

.

.

.

.

.

.

.

3.6.7 Pseudo prime numbers .

.

.

.

.

.

.

.

.

.

.

.

3.6.8 Strong pseudo prime numbers

 

.

.

.

.

.

.

3.6.9 Idea based on Euclid’s proof p 1 · p 2 ··· p n + 1

3.6.10 As above but 1 except +1: p 1 · p 2 ··· p n 1

3.6.11 Euclidean numbers e n = e 0 · e 1 ··· e n1 + 1

.

3.6.13 f (n) = n 2 79 · n + 1, 601 .

3.6.12 f (n) =

n 2 + n + 41

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

3.6.14 Polynomial functions f (x) = a n x n + a n1 x n1 + ··· + a 1 x 1 + a 0

3.6.15 Catalan’s conjecture

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

3.7 Density and distribution of the primes

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

3.8 Notes about primes

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

 

v

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

32

33

37

38

40

41

43

45

46

48

50

50

51

52

53

53

55

58

59

61

61

61

62

62

63

63

63

63

64

64

64

65

65

66

67

67

70

3.8.1

Proven statements / theorems about primes

70

3.8.2 Unproven statements / conjectures about primes

.

.

.

.

.

.

.

.

.

.

.

.

.

.

73

3.8.3 Open questions about twin primes

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

74

3.8.4 Further open questions .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

75

3.8.5 Quaint and interesting things around primes

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

76

3.9 Appendix: Number of prime numbers in various intervals

.

.

.

.

.

.

.

.

.

.

.

.

.

78

3.10 Appendix: Indexing prime numbers (n-th prime number)

.

.

.

.

.

.

.

.

.

.

.

.

.

79

3.11 Appendix: Orders of magnitude / dimensions in reality

.

.

.

.

.

.

.

.

.

.

.

.

.

.

80

3.12 Appendix: Special values of the binary and decimal system

.

.

.

.

.

.

.

.

.

.

.

.

81

3.13 Appendix: Visualization of the quantity of primes in higher ranges

.

.

.

.

.

.

.

.

82

3.14 Appendix: Examples using Sage

. 3.14.1 Some basic functions about primes using Sage

.

.

.

.

.

.

.

.

.

.

Bibliography

Web links

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

86

86

3.14.2 Check primality of integers generated by quadratic functions . .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

87

89

91

Acknowledgments

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

91

4

Introduction to Elementary Number Theory with Examples

 

92

4.1 Mathematics and cryptography

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

92

4.2 Introduction to number theory

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

93

4.2.1

Convention

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

95

4.3 Prime numbers and the first fundamental theorem of elementary number theory

4.4 Divisibility, modulus and remainder classes

96

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

98

.

.

.

.

.

.

.

.

.

.

.

.

.

98

.

.

.

.

.

.

.

.

.

.

.

.

100

.

.

.

.

.