1 / 33

Understanding Modular Arithmetic and Exponentiation Algorithms

This lecture explores algorithms for modular arithmetic and modular exponentiation, emphasizing the Max Rule for asymptotic analysis. Key objectives include understanding the significance of theoretical analysis in RSA security, implementing algorithms for integer arithmetic, and mastering modular exponentiation techniques. Topics include congruency, sequential exponentiation, and both recursive and iterative formulations of the modular exponentiation function. Engaging examples and real-world applications are discussed, highlighting the efficiency of these algorithms in cryptographic contexts.

clancy
Télécharger la présentation

Understanding Modular Arithmetic and Exponentiation Algorithms

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. This work is licensed under a Creative Commons Attribution-Share Alike 3.0 Unported License. CS 312: Algorithm Analysis Lecture #3: Algorithms for Modular Arithmetic,Modular Exponentiation Slides by: Eric Ringger, with contributions from Mike Jones, Eric Mercer, Sean Warnick

  2. Announcements • HW #1 Due Now • Always start of class • Always show work • FERPA protects your student record • Need waiver to return graded work without cover sheet

  3. Objectives • Add the Max Rule to your asymptotic analysis toolbox • Review modular arithmetic • Discuss and analyze algorithms for: • modular arithmetic • modular exponentiation

  4. Max. rule • Another useful rule for Asymptotic analysis. O( f(n) + g(n) ) = O( max( f(n), g(n) ) ) • Examples:

  5. Goal for Ch. 1 • Appreciate the role of theoretical analysis in the security of RSA. • Requires: Solve, analyze, and use (!) two important and related problems: • Factoring: Given a number N, express it as a product of its prime numbers • Primality Testing: Given a number N, determine whether it is prime • Which one is harder?

  6. Algorithms for Integer Arithmetic • Computing Device: • Binary operations are constant time • Arithmetic operations on arbitrary length integers may require more time • For an integer , we talk about its representation in bits: • Pad length of to the next power of 2 (using 0s) if necessary.

  7. Algorithms for Integer Arithmetic • Addition • Multiplication • Division

  8. Algorithms for Integer Arithmetic • Addition: • Multiplication: • Division:

  9. Modular Arithmetic

  10. Congruency

  11. An important distinction • Congruency • Equality, using the modulus operator

  12. Properties • Associativity: • Commutativity: • Distributivity:

  13. Substitution Rule

  14. Useful Consequence xy (x mod z)y (mod z) xy mod z = (x mod z)y mod z • Example:

  15. Modular Addition

  16. Modular Multiplication

  17. Goal: Modular Exponentiation • We need to compute xy mod N for values of x, y, and N that are several hundred bits long. • Can we do so quickly?

  18. Sequential Exponentiation function seqexp(x, y) Input: An n-bit integer x and a non-negative integer exponent y (arbitrarily large) Output: xy if y=0: return 1 r = x for i = 1 to y-1 do r = r x return r Describe a simple algorithm for doing exponentiation:

  19. Analysis of Sequential Exponentiation function seqexp (x, y) Input: An n-bit integer x and a non-negative integer exponent y (arbitrarily large) Output: xy if y=0: return 1 r = x for i = 1 to y-1 do r = r x return r

  20. Modular Exponentiation, Take I function modexp (x, y, N) Input: Two n-bit integers x and N, a non-negative integer exponent y (arbitrarily large) Output: xy mod N if y=0: return 1 r = x mod N for i = 1 to y-1 do r = (r x) mod N return r

  21. Modular Exponentiation, Take I function modexp (x, y, N) Input: Two n-bit integers x and N, a non-negative integer exponent y (arbitrarily large) Output: xy mod N if y=0: return 1 r = x mod N for i = 1 to y-1 do r = (r x) mod N return r

  22. New Ideas • Represent y (the exponent) in binary • Then break down xy into factors using the non-zero bits of y • Also: compute the factors using repeated squaring • Reduce factors using substitution rule

  23. Modular Exponentiation, Take II function modexp(x, y, N) Input: Two n-bit integers x and N, a non-negative integer exponent y (arbitrarily large) Output: xy mod N if y=0: return 1 z = modexp(x, floor(y/2), N) if y is even: return z2 mod N else: return x z2 mod N Recursive call Right shift Multiplication

  24. Analysis of Modular Exponentiation • Each multiplication is Q(n2) • Each modular reduction is Q(n2) • There are log(y)=m of them • Thus, modular exponentiation is in Q(n2 log y) = Q(n2 m) function modexp(x, y, N) if y=0: return 1 z = modexp(x, floor(y/2), N) if y is even: return z2 mod N else: return x z2 mod N

  25. Modular Exponentiation (II),Iterative Formulation function modexp(x, y, N) Input: Two n-bit integers x and N, a non-negative integer exponent y (arbitrarily large) Output: xy mod N if y = 0: return 1 i = y; r = 1; z = x mod N while i > 0 if i is odd: r = r z mod N z = z2 mod N i = floor(i/2) return r

  26. Modular Exponentiation • xy mod N • Key Insights: • Exponent y can be represented in binary • Problem can be factored into one factor per binary digit • Each factor can be reduced mod N (substitution rule)

  27. We’re employingsame insights and a little more cleverness than thealgorithm. Example

  28. Example #2 Strictly tracing the algorithm. function modexp(x, y, N) Input: Two n-bit integers x and N, an integer exponent y (arbitrarily large) Output: xy mod N if y = 0: return 1 i = y; r = 1; z = x mod N while i > 0 if i is odd: r = r z mod N z = z2 mod N i = floor(i/2) return r

  29. Example #2 function modexp(x, y, N) Input: Two n-bit integers x and N, an integer exponent y (arbitrarily large) Output: xy mod N if y = 0: return 1 i = y; r = 1; z = x mod N while i > 0 if i is odd: r = r z mod N z = z2 mod N i = floor(i/2) return r

  30. Example Needed: two volunteers: Volunteer A: use our final modexp() to compute it. Volunteer B: compute 320 then reduce mod 10

  31. Efficiency • The key point is that xy mod N is easy • modexpis in Q(n2 log y) • In fact, it requires about 1.5 log2 y multiplications for typical y • seqexp required y-1 multiplications • When x, y, and N are 200 digit numbers • Assume 1 multiplication of two 200 digit numbers takes 0.001 seconds • modexp typically takes about 1 second • seqexp would require 10179 times the Age of the Universe! • Only works when y is an integer.

  32. Assignment • Read: Section 1.4 • HW #2: • Problem 1.25 using modexp, • Then redo 1.25 but replace 125 with 126 for the exponent • Implement modular exponentiation now as a step toward finishing Project #1

  33. Next • Primality Testing

More Related