A Concrete Introduction to Higher Algebra, 2nd Edition

Info icon This preview shows pages 1–3. Sign up to view the full content.

U.C. Berkeley — CS276: Cryptography Lecture 2 – 1/24/2002 Professors Luca Trevisan and David Wagner Scribe: Jim Chou Lecture 2 – 1/24/2002 1 Another trapdoor function: Rabin’s function Rabin’s function is defined as: Given a generator, G ( n ), pick two primes p, q each of magnitude 2 n/ 2 . Let, N = pq be the public key. Trapdoor information: p , q . F ( x, N ) = x 2 mod N (not injective); x Z N , x is a quadratic residue. We would like to (1) Find an inversion algorithm given p , q and (2) show the hardness of inversion given only N . We will consider the aforementioned two points in the following subsections. 1.1 Inversion of Rabin’s function Given a , we want to find x such that x 2 a mod N . If x 2 a mod N admits a solution then we call the solution a quadratic residue. In general, r 2 y mod N ( r ) 2 y mod N Now, let us first consider x 2 a mod p for p prime. Under mod p , a polynomial of degree d will have at most d roots. If there is a solution to x 2 a mod p , then there will be exactly two square roots, because r ( r ) mod p . Therefore, x 2 a mod p has either zero or two solutions. Question : How many quadratic residues are there in 1, 2, ..., p-1 ? Answer : p 1 2 , because every element of Z p is the root of some quadratic residue, and every quadratic residue has two roots. There is also polynomial time algorithm for finding the roots. Thus, x 2 a mod N is easy to invert when N is prime. Next, consider the case: x 2 a mod N ; N = pq, p, q > 2 , a = 0 , gcd ( a, N ) = 1 There will be a solution iff x 2 a mod p and x 2 a mod q both admit solutions. Let us denote the solutions to x 2 a mod p as r p , r p Z p and the solutions to x 2 a mod q as r q , r q Z q . Then, consider the following four systems:
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

Lecture 2 – 1/24/2002 2 x r p mod p x r q mod q x
Image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.
  • Spring '02
  • Trevisan
  • quadratic residue, Rabin

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern