This preview shows pages 1–3. Sign up to view the full content.
Crypto Lecture #2
1. Hand out solution to class exercise
Extended Euclidean Algorithm
Euclid’s algorithm says to write out the following:
a = q
1
b + r
1
,
where 0 < r < b
b = q
2
r
1
+ r
2
,
where 0 < r
2
< r
1
r
1
= q
3
r
2
+ r
3
,
where 0 < r
3
< r
2
.
.
r
i
= q
i+2
r
i+1
+ r
i+2
,
where 0 < r
i+2
< r
i+1
.
.
r
k1
= q
k+1
r
k
Euclid’s algorithm says that the GCD(a,b) = r
k
This might make more sense if we look at an example:
Consider computing GCD(125, 87)
125 = 1*87 + 38
87
= 2*38 + 11
38
= 3*11 + 5
11
= 2*5
+ 1
5
= 5*1
Thus, we find that GCD(125,87) = 1.
Let’s look at one more quickly, GCD(125, 20)
125 = 6*20 + 5
20
= 4*5,
thus, the GCD(125,20) = 5
Proof That Euclid’s Algorithm Works
Now, we should prove that this algorithm really does always give us the GCD of the two numbers “passed
to it”. First I will show that the number the algorithm produces is indeed a divisor of a and b.
a = q
1
b + r
1
,
where 0 < r < b
b = q
2
r
1
+ r
2
,
where 0 < r
2
< r
1
r
1
= q
3
r
2
+ r
3
,
where 0 < r
3
< r
2
.
.
r
i
= q
i+2
r
i+1
+ r
i+2
,
where 0 < r
i+2
< r
i+1
.
.
r
k1
= q
k+1
r
k
From the last equation, we know that r
k
 r
k1
. So, we know that we can express r
k1
= cr
k
, where c is an
integer. Now consider the previous equation:
This preview has intentionally blurred sections. Sign up to view the full version.
View Full Documentr
k2
= q
k
r
k1
+ r
k
= q
k
cr
k
, + r
k
= r
k
(q
k
c + 1)
Thus, we have that r
k
 r
k2
.
In our equation previous to that one, we have:
r
k3
= q
k1
r
k2
+ r
k1
From here , since r
k
 r
k1
and r
k
 r
k2
, using our rules of divisibility we have that r
k
 r
k3
. As you can see, we
can continue this process, considering each previous equation until we get to the last two, where we will
This is the end of the preview. Sign up
to
access the rest of the document.
 Summer '09

Click to edit the document details