This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
Unformatted text preview: Leo Reyzin. Notes for BU CAS CS 538. 1 4 Working with composite moduli and the BlumBlumShub generator 4.1 Chinese Remainder Theorem Let p = q be two primes. The Chinese Remainder Theorem (CRT) says that working modulo n = pq is essentially the same as working modulo p and modulo q at the same time: more formally (for those comfortable with abstract algebra), that the ring Z n is isomorphic to the product ring Z p × Z q . (Actually, this is the “light” version of CRT, which is all we need for this course. The fullfledged version says that working modulo a 1 a 2 . . . a k , where a i are pairwise relatively prime, is the same as working simultaneously modulo a 1 , a 2 , . . . , a k .) Here is an example. Consider all the values modulo 35. They are in onetoone correspondence with values modulo 5 and modulo 7. 1 2 3 4 5 6 15 30 10 25 5 20 1 21 1 16 31 11 26 6 2 7 22 2 17 32 12 27 3 28 8 23 3 18 33 13 4 14 29 9 24 4 19 34 Observe that if you want to add, say, 17 and 29 (underlined in the table), is the same as adding 3 (which is 17 mod 7) and 1 (which is 29 mod 7) modulo 7 to get 4; adding 2 (which is 17 mod 5) and 4 (which is 29 mod 5) modulo 5 to get 1; and then looking up the value corresponding to coordinates 4 and 1 in the table to get 11 (in a box in the table). Thus, we can do addition coordinatewise. Same for multiplication. We now formally state and prove the observations above, generalized to p and q instead of 5 and 7. Theorem 1. Let p = q be primes, n = pq . For each a ∈ Z p , b ∈ Z q , there is unique c , ≤ c < n such that c ≡ a (mod p ) and c ≡ b (mod q ) . Proof. Let r = p 1 mod q and s = q 1 mod p . Let c = rpb + sqa . Then c ≡ rpb + sqa ≡ r · · b + 1 · a ≡ a (mod p ), and c ≡ rpb + sqa ≡ 1 · b + s · · a ≡ b (mod q ). Let c = c mod pq . Then pq  ( c c ), so p  ( c c ), so c ≡ c (mod p ). Similarly, c ≡ c (mod q ). Hence, c satisfies all the conditions: 0 ≤ c < n , and c ≡ a (mod p ) (because c ≡ c ≡ a (mod p )), and c ≡ b (mod q ) (because c ≡ c ≡ b (mod q )). Thus, for every pair ( a, b ) there is a c . There are pq...
View
Full Document
 Spring '09
 Square Roots

Click to edit the document details