This preview shows pages 1–3. Sign up to view the full content.
Modern
Cryptography
Lecture 8
Yongdae Kim
2
Admin Stuff
Email
Subject should have [5471] in front, e.g. “[5471] Project proposal”
CC TA and PostDoc: hkang@cs.umn.edu, aaram@cs.umn.edu
Office hours
Me: T 1:30 ~ 2:30, Th 10:00 ~ 11:00 (and by appointment)
TA: M 1:15 PM ~ 2:15 PM
Work on projects
Interim Report due: Mar 30 (Firm Deadline: Read instruction)
4th assignment is due: 3/23 9:00 AM.
5
th
assignment will be posted this week (programming).
Study Guide
Come and talk to me and TA as much as possible. (Google chat is
good!)
Check Calendar
3
Recap
Math…
Proof techniques
Direct/Indirect proof, Proof by contradiction, Proof by cases, Existential/Universal
Proof, Forward/backward reasoning
Divisibility: a
divides
b (ab) if
∃
c such that b = ac
GCD, LCM, relatively prime, existence of GCD
Eucledean Algorithm
d = gcd (a, b)
⇒
∃
x, y such that d = a x + b y.
gcd(a, b) = gcd(a, b + ka)
Modular Arithmetic
a
㲇
b
(mod
m
) iff

ab
iff
a = b + mk
for some k
㲇
(mod
),
c
㲇
d
(mod
)
a+c
㲇
(
b+d
) (mod
),
ac
bd
(mod
)
gcd(a, n) =1
a has an arithmetic inverse modulo n.
Counting, probability, cardinality, …
Security
Symmetric Key vs. Public Key, Hash function, MAC, Digital signature, Key
management through SKE and PKE, certificate
4
Recap (cnt)
Block Cipher
Modes of operation and their properties: ECB, OFB, CFB, CBC, CTR
Meetinthemiddle attack and the Double (triple) DES
Feistal Cipher and DES
Hash function and MAC
Probability and Birthday paradox
MerkleDamgard Construction, MD4: design and break
MAC
Advanced number theory
CRT
Euler theorem: If a
∈
Z
n
* , then a
φ
(n)
=1 (mod n)
Cor: if r
´
s mod
φ
(n) and (a, n)=1, then a
r
´
a
s
(mod n)
This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document5
Generator
Let a
∈
Z
n
*
. The order of a (ord
n
(a)) is the least
positive t s.t. a
t
≡
1 (mod n)
if t =
φ
(n) then a is said to be a
generator
of Z
n
*
ord
n
(a) must divide
φ
(
n)
If not,
φ
(
n) = ord
n
(a) k + r (ord
n
(a)>r>0).
Then a
r
≡
1 (mod n) (*)
If a
v
= 1 mod n, then ord
n
a  v.
6
Generator (cnt.)
a is a generator iff a
φ
(n)/p
≠
1 mod n for each prime
divisor p of
φ
(n)
Proof)
) Obvious, since a is a generator.
) Proof by contrapositive
Suppose a is not a generator
Let ord
n
(a) = k <
φ
(n).
Then, k 
φ
(n).
Since k is a properdivisor of
φ
(n), k has to divide
φ
(n)/p
for some
p 
φ
(n).
k q =
φ
(n)/p.
a
φ
(n)/p
= (a
k
)
q
= 1
q
= 1 mod n.
7
Generator (examples)
Example: Z
7
*=
{1,2,3,4,5,6},
φ
(7) = 6 = 2 * 3
ord
7
(1) = 1 because 1
1
= 1
is not generator since 1
2
mod 7
≡
1
ord
7
(2) = 3 because 2
3
= 1
is not generator since 2
2
mod 7 !
≡
1, but 2
3
mod 7
≡
1
ord
7
(3) = 6 because 3
6
= 1 (3, 2, 6, 4, 5, 1)
is a generator since 3
2
mod 7 !
≡
1, but 3
3
mod 7 !
≡
1
ord
7
(4) = 3 because 4
3
= 1
is not generator since 4
2
mod 7 !
≡
1, but 4
3
mod 7
≡
1
ord
7
(5) = 6 because 5
6
= 1
is a generator since 5
2
mod 7 !
≡
1, but 5
3
mod 7 !
≡
1
ord
7
(6) = 2 because 6
2
= 1
is not generator since 6
2
mod 7
≡
1, but 6
3
mod 7 !
≡
1
8
Generator (example)
Find all generators of Z
17
*.
This is the end of the preview. Sign up
to
access the rest of the document.
 Spring '08
 Staff

Click to edit the document details