Modular Inverses Recall the simple encryption function

Slides:



Advertisements
Similar presentations
1 Lect. 12: Number Theory. Contents Prime and Relative Prime Numbers Modular Arithmetic Fermat’s and Euler’s Theorem Extended Euclid’s Algorithm.
Advertisements

Section 4.1: Primes, Factorization, and the Euclidean Algorithm Practice HW (not to hand in) From Barr Text p. 160 # 6, 7, 8, 11, 12, 13.
22C:19 Discrete Structures Integers and Modular Arithmetic
Notation Intro. Number Theory Online Cryptography Course Dan Boneh
Códigos y Criptografía Francisco Rodríguez Henríquez Códigos y Criptografía Francisco Rodríguez Henríquez CINVESTAV
Greatest Common Divisor. Definitions Let a and b be two non-zero integers. The greatest common divisor of a and b, denoted gcd(a,b) is the largest of.
Congruence of Integers
Chapter 4 – Finite Fields Introduction  will now introduce finite fields  of increasing importance in cryptography AES, Elliptic Curve, IDEA, Public.
Mathematics of Cryptography Part I: Modular Arithmetic, Congruence,
Richard Fateman CS 282 Lecture 61 Evaluation/Interpolation (I) Lecture 6.
Great Theoretical Ideas in Computer Science.
Dan Boneh Intro. Number Theory Modular e’th roots Online Cryptography Course Dan Boneh.
CSE 311 Foundations of Computing I Lecture 12 Primes, GCD, Modular Inverse Spring
CS555Spring 2012/Topic 61 Cryptography CS 555 Topic 6: Number Theory Basics.
Mathematics of Cryptography Part I: Modular Arithmetic, Congruence,
CSCI 1900 Discrete Structures
Great Theoretical Ideas in Computer Science.
Rings,Fields TS. Nguyễn Viết Đông Rings, Integral Domains and Fields, 2. Polynomial and Euclidean Rings 3. Quotient Rings 2.
Mathematics of Cryptography Part I: Modular Arithmetic
Module :MA3036NI Cryptography and Number Theory Lecture Week 7
Mathematics of Cryptography Modular Arithmetic, Congruence,
Modular Arithmetic.
Prelude to Public-Key Cryptography Rocky K. C. Chang, February
The Integers. The Division Algorithms A high-school question: Compute 58/17. We can write 58 as 58 = 3 (17) + 7 This forms illustrates the answer: “3.
Modular Arithmetic with Applications to Cryptography Lecture 47 Section 10.4 Wed, Apr 13, 2005.
Basic Number Theory Divisibility Let a,b be integers with a≠0. if there exists an integer k such that b=ka, we say a divides b which is denoted by a|b.
Copyright © Zeph Grunschlag, Basic Number Theory Zeph Grunschlag.
Rational Numbers and Fields
MAT 320 Spring 2008 Section 1.2.  Start with two integers for which you want to find the GCD. Apply the division algorithm, dividing the smaller number.
Chinese Remainder Theorem Dec 29 Picture from ………………………
Information Security Lab. Dept. of Computer Engineering 87/121 PART I Symmetric Ciphers CHAPTER 4 Finite Fields 4.1 Groups, Rings, and Fields 4.2 Modular.
Math 409/409G History of Mathematics Books VII – IX of the Elements Part 1: Divisibility.
Chinese Remainder Theorem. How many people What is x? Divided into 4s: remainder 3 x ≡ 3 (mod 4) Divided into 5s: remainder 4 x ≡ 4 (mod 5) Chinese Remainder.
4/3/2003CSE More Math CSE Algorithms Euclidean Algorithm Divide and Conquer.
MA/CSSE 473 Day 08 Extended Euclid's Algorithm Modular Division Fermat's little theorem.
Notation Intro. Number Theory Online Cryptography Course Dan Boneh
Tuesday’s lecture: Today’s lecture: One-way permutations (OWPs)
Properties of the gcd Theorem: For any two integers a,b there exist integers x,y such that xa + yb = gcd(a,b). A proof will not be given at this point.
Basic Number Theory.
RSA Cryptosystem Great Theoretical Ideas In Computer Science S. Rudich V. Adamchik CS Spring 2006 Lecture 8Feb. 09, 2006Carnegie Mellon University.
Ch04-Number Theory and Cryptography 1. Introduction to Number Theory Number theory is about integers and their properties. We will start with the basic.
L131 Exponential Inverses Finding modular inverses is good enough for decoding simple modular cryptography. However, in RSA encryption consists of exponentiating.
MA/CSSE 473 Day 07 Extended Euclid's Algorithm Modular Division Fermat's little theorem intro.
Number Theory. Introduction to Number Theory Number theory is about integers and their properties. We will start with the basic principles of divisibility,
Number-Theoretic Algorithms
MA/CSSE 473 Day 07 Extended Euclid's Algorithm Modular Division
Mathematical Background : A quick approach to Group and Field Theory
Discrete Math II Howon Kim
Mathematics of Cryptography
B504/I538: Introduction to Cryptography
MA/CSSE 473 Day 06 Euclid's Algorithm.
Advanced Algorithms Analysis and Design
Introduction to Cryptography
Prelude to Public-Key Cryptography
Quick reviews / corrections
MATH301- DISCRETE MATHEMATICS Copyright © Nahid Sultana Dr. Nahid Sultana Chapter 4: Number Theory and Cryptography.
Number Theory and Modular Arithmetic
CSE 20: Discrete Mathematics for Computer Science Prof. Shachar Lovett
Number Theory (Chapter 7)
Great Theoretical Ideas in Computer Science
Number Theory and Euclidean Algorithm
Lecture 20 Guest lecturer: Neal Gupta
CSE 311: Foundations of Computing
The Extended Euclidean Algorithm (2/10)
Solving Equations: The Addition and Multiplication Properties
Lecture 3.1: Public Key Cryptography I
Copyright © Zeph Grunschlag,
Cryptography Lecture 16.
Useful GCD Fact If a and b are positive integers, then gcd(a,b) = gcd(b, a mod b) Proof: By definition of mod, a = qb+ (a mod b) for.
Mathematical Background : A quick approach to Group and Field Theory
Presentation transcript:

Modular Inverses Recall the simple encryption function f (a) = (3a + 9) mod 26 We made the claim that an inverse function is given by: g (a) = (9a – 3) mod 26 Check this: g (f (a ))  g(3a+9) (mod 26)  9(3a+9)-3 (mod 26)  27a+81-3 (mod 26)  27a+78 (mod 26)  a (mod 26). So for a in the range [0,25] we have g (f (a )) = a and so g and f are inverses of each other. L13

g(f (a ))  x·3a (mod 26)  a (mod 26) Modular Inverses How could one have inverted f methodically? Do simpler example: f (a ) = 3a mod 26 Look for constant x and an inverse of the form: g(a ) = xa Then condition g(f (a ))  a (mod 26) gives: g(f (a ))  x·3a (mod 26)  a (mod 26) If we can solve this for a=1, it will work for all other x as well. So plug in a=1 to get: 3x  1 (mod 26) I.e. we wish to find an inverse of 3 modulo 26. L13

Modular Inverses DEF: The inverse of e modulo N is the number d between 1 and N-1 such that de  1 (mod N) if such a number exists. Q: What is the inverse of 3 modulo 26? L13

Modular Inverses A: 9 because 9·3 = 27  1 (mod 26). Q: What is the inverse of 4 modulo 8? To figure out the inverse of the original function f (a) = (3a + 9) mod 26 look for Solution of the form g (a) = (9a + x) mod 26. We want the “9a” term because 9 is the inverse of 3 modulo 26. Now compose f and g to get g ( f(a)) = (9(3a+9) + x) mod 26 = (a+81 + x) mod 26 = (a+ 3 + x) mod 26. Since we want g ( f(a)) = a, it’s now clear that we should let x = -3 and therefore g (a) = (9a - 3) mod 26 as claimed before. L13

Modular Inverses A: Trick Question! No inverse can exist because 4x is always 0 or 4 modulo 8! THM1: e has an inverse modulo N if and only if e and N are relatively prime. This will follow from the following useful fact. THM2: If a and b are positive integers, the gcd of a and b can be expressed as an integer combination of a and b. I.e., there are integers s,t for which gcd(a,b) = sa + tb L13

Modular Inverses Example 5·14 - 3·23 =1 implies: gcd(14,23) = 1 Any number dividing both 14 and 23 must divide 1 The inverse of 14 modulo 23 is 5 5·14 =1+ 3·23 5·14  1 (mod 23) “An” inverse of 23 modulo 14 is -3 -3·23 =1- 5·14 -3·23  1 (mod 14) 11·23  1 (mod 14) “The” inverse is 11 L13

Modular Inverses Proof of THM1 using THM2: If an inverse d exists for e modulo N, we have de  1 (mod N) so that for some k, de = 1 +kN, so 1 = de – kN. This equation implies that any number dividing both e and N must divide 1, so must be 1, so e,N are relatively prime. L13

Modular Inverses On the other hand, suppose that e,N are relatively prime. Using THM2, write 1 = se + tN. Rewrite this as se = 1-tN. Evaluating both sides mod N gives se  1 (mod N) . Therefore s is seemingly the inverse e except that it may be in the wrong range so set d = s mod N.  L13

Extended Euclidean Algorithm A constructive version of THM2 which gives s and t will give explicit inverses. This is what the extended Euclidean algorithm does. The extended Euclidean algorithm works the same as the regular Euclidean algorithm except that we keep track of more details –namely the quotient q = x/y in addition to the remainder r = x mod y. This allows us to backtrack and write the gcd(a,b) as a linear combination of a and b. L13

Extended Euclidean Algorithm Examples gcd(33,77) Therefore s = -2 and t = 1 Step x = qy + r x y gcd = ax+by - 33 77 1 33=0·77+33 11= 77 - 2·(33-0·77) = -2·33 + 1·77 2 77=2·33+11 11 11 = 77 - 2·33 3 33=3·11+0 Solve for r. Plug it in. L13

Extended Euclidean Algorithm Examples inverse of 244 modulo 117 gcd(244,117): Step x = qy + r x y gcd = ax+by - 244 117 1 244=2·117+10 10 1= 3·117-35·(244- 2·117) = -35·244+73·117 2 117=11·10+7 7 1=-2·10+3·(117-11·10) = 3·117-35·10 3 10=7+3 1=7-2·(10-7) = -2·10+3·7 4 7=2·3+1 1=7-2·3 5 3=3·1+0 Solve for r. Plug it in. L13

Extended Euclidean Algorithm Summary: Extended Euclidean algorithm works by keeping track of how remainder r results from dividing x by y. Last such equation gives gcd in terms of last x and y. By repeatedly inserting r into the last equation, one can get the gcd in terms of bigger and bigger values of x,y until at the very top is reached, which gives the gcd in terms of the inputs a,b. L13

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.