# 50 chapter 8 computing generators and discrete

• Notes
• 74

This preview shows pages 55–58. Sign up to view the full content.

50

This preview has intentionally blurred sections. Sign up to view the full version.

Chapter 8 Computing Generators and Discrete Logarithms in Z * p As we have seen in the previous chapter, for a prime p , Z * p is a cyclic group of order p - 1. This means that there exists a generator γ Z * p , such that for all α Z * p , α can be written uniquely as α = γ x for 0 x < p - 1; the integer x is called the discrete logarithm of α to the base γ , and is denoted log γ α . This chapter discusses some elementary considerations regarding the computational aspects of this situation; namely, how to efficiently find a generator γ , and given γ and α , how to compute log γ α . More generally, if γ generates a subgroup of Z * p of order q , where q | ( p - 1), and α ∈ h γ i , then log γ α is defined to be the unique integer x with 0 x < q and α = γ x . In some situations it is more convenient to view log γ α as an element of Z q . Also for x Z q , with x = [ a mod q ], one may write γ x to denote γ a . There can be no confusion, since if x = [ a 0 mod q ], then γ a 0 = γ a . However, in this chapter, we shall view log γ α as an integer. 8.1 Finding a Generator for Z * p There is no efficient algorithm known for this problem, unless the prime factorization of p - 1 is given, and even then, we must resort to the use of a probabilistic algorithm. 8.1.1 Probabilistic algorithms A probabilistic algorithm is one that during the course of its execution generates random integers (drawn, say, uniformly from some interval). Generally speaking, the behavior of a probabilistic algorithm depends not only on its input, but also on the particular values of the above-mentioned randomly generated numbers. The running time and output of the algorithm on a given input are properly regarded as random variables. An efficient probabilistic algorithm for solving a given problem is one which for all inputs, outputs the correct answer with probability very close to 1; for all inputs, its expected running time is bounded by a polynomial in the input length. Note that we have not specified in the above requirement just how close to 1 the probability that the output is correct should be. However, it does not really matter (at least, as far as theoretical 51
computer scientists are concerned). If this probability is at least, say, 2 / 3, then we can make it at least 1 - 2 - t by running the algorithm t O (1) times, and taking the majority output. The analysis of this “amplification” procedure relies on standard results on the tail of the binomial distribution, which we do not go into here. A problem of both philosophical and practical interest is the problem of where we get random numbers from. In practice, no one cares: one just uses a reasonably good pseudo-random number generator, and ignores the problem. 8.1.2 Finding a generator We now present an efficient probabilistic algorithm that takes as input an odd prime p , along with the prime factorization p - 1 = r Y i =1 q e i i , and outputs a generator for Z * p . It runs as follows: for i 1 to r do repeat choose α Z * p at random compute β α ( p - 1) /q i until β 6 = 1 γ i α ( p - 1) /q e i i γ Q

This preview has intentionally blurred sections. Sign up to view the full version.

This is the end of the preview. Sign up to access the rest of the document.
• Spring '13
• MRR

{[ snackBarMessage ]}

### What students are saying

• As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

Kiran Temple University Fox School of Business ‘17, Course Hero Intern

• I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

Dana University of Pennsylvania ‘17, Course Hero Intern

• The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

Jill Tulane University ‘16, Course Hero Intern