380 likes | 610 Vues
§3.6: Integers & Algorithms. Topics: Base- b representations of integers. Especially: binary, hexadecimal, octal. Also: Two’s complement representation of negative numbers. Algorithms for computer arithmetic: Binary addition, multiplication, division. Euclidean algorithm for finding GCD’s.
E N D
§3.6: Integers & Algorithms • Topics: • Base-b representations of integers. • Especially: binary, hexadecimal, octal. • Also: Two’s complement representation of negative numbers. • Algorithms for computer arithmetic: • Binary addition, multiplication, division. • Euclidean algorithm for finding GCD’s.
Base-b number systems • Ordinarily, we write base-10 representations of numbers, using digits 0-9. • But, 10 isn’t special! Any base b>1 will work. • For any positive integers n,b, there is a unique sequence ak ak-1… a1a0of digitsai<b such that: The “base b expansionof n”
Particular Bases of Interest Used only because we have 10 fingers • Base b=10 (decimal):10 digits: 0,1,2,3,4,5,6,7,8,9. • Base b=2 (binary):2 digits: 0,1. (“Bits”=“binary digits.”) • Base b=8 (octal):8 digits: 0,1,2,3,4,5,6,7. • Base b=16 (hexadecimal):16 digits: 0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F Usedinternally in all modern computers Octal digits correspond to groups of 3 bits Hex digits give groups of 4 bits 10, 11, 12, 13, 14, 15
Converting to Base b (An algorithm, informally stated.) • To convert any integer n to any base b>1: • To find the value of the rightmost (lowest-order) digit, simply compute n mod b. • Now, replace n with the quotient n/b. • Repeat above two steps to find subsequent digits, until n is gone (=0).
Addition of Binary Numbers Consider a 4-bit binary number Examples of binary arithmetic: 3 + 2 = 5 3 + 3 = 6 Decimal Binary Decimal Binary 0 0000 4 0100 1 0001 5 0101 2 0010 6 0110 3 0011 7 0111 1 1 1 0 0 1 1 0 0 1 1 + 0 0 1 0 + 0 0 1 1 0 1 0 1 0 1 1 0
Pseudocode of Addition procedureadd(an−1…a0, bn−1…b0: binary representations of non-negative integers a,b) carry := 0 forbitIndex := 0 to n−1 {go through bits} bitSum := abitIndex+bbitIndex+carry {2-bit sum} sbitIndex := bitSummod 2 {low bit of sum} carry := bitSum / 2 {high bit of sum} sn := carry returnsn…s0: binary representation of integer s
Two’s Complement Representation • In binary, negative numbers can be conveniently represented using two’s complement notation. • In this scheme, a string of n bits can represent any integer i such that −2n−1 ≤ i < 2n−1. • The bit (msb) in the highest-order bit-position (n−1) represents a coefficient multiplying −2n−1; • The other positions i < n−1 just represent 2i, as before. • The negation of any n-bit two’s complement number a = an−1…a0 is given by an−1…a0 + 1. The bitwise logical complement of the n-bit string an−1…a0.
Example of Two’s Complement • Positive numbers: normal binary representation • Negative numbers: flip bits (0 1) , then add 1 Decimal -8 -7 -6 -5 -4 -3 -2 -1 0 1 … 7 Two’s Complement Binary 1000 1001 1010 1011 1100 1101 1110 1111 0000 0001 … 0111 Smallest 4-bit number: -8 Biggest 4-bit number: 7
Pseudocode of Subtraction proceduresub(a,b) begin returna + (2’s complement of b) end • Uses simple adder for + and – numbers 7 + (- 6) = 1 3 + (- 5) = -2 1 1 1 1 1 0 1 1 1 0 0 1 1 + 1 0 1 0 + 1 0 1 1 0 0 0 1 1 1 1 0
Details of 2’s complement notation • Negation • flip bits and add 1. (Magic! Works for + and -) • Might cause overflow. • Extend sign when loading into larger register • +3 => 0011, 00000011, 0000000000000011 • -3 => 1101, 11111101, 1111111111111101 • Overflow detection (need to raise “exception” when answer can’t be represented) 0101 5 + 01106 1011 -5 ??!!!
Overflow Detection 0 0 1 0 1 1 0 0 0 0 1 0 2 1 1 0 0 - 4 + 0 0 1 1 3 + 1 1 1 0 - 2 0 1 0 1 5 1 0 1 0 - 6 0 1 1 1 1 0 1 0 0 1 1 1 7 1 1 0 0 - 4 3 - 5 + 0 0 1 1 + 1 0 1 1 1 0 1 0 -6 0 1 1 1 7 Overflow is signaled by carry out of most-significant bit being different from carry from next bit!
Pseudocode of Multiplication proceduremultiply(an−1…a0, bn−1…b0: binary representations of a,bN) product := 0 fori := 0 to n−1 ifbi = 1 then product := add(an−1…a00i, product) returnproduct i extra 0-bits appended afterthe digits of a
Pseudocode of Division procedurediv-mod(a,d Z+) n := length of a in bits-length of d in bits q := 0; fori := n−1downto 0 ifa ≥ d0i then qi:=1 {This bit of quotient is 1.} a := a − d0i{Subtract to get remainder.} else qi:= 0{This bit of quotient is 0.} r := a returnq,r {q = quotient, r = remainder}
Modular Exponentiation • In cryptography, it’s important to calculate bnmodm efficiently. E.g. 2644mod 645. • procedureME(b:integer, ak−1 ak−2…a0:binary representation of n, m: positive integer) x := 1; power := bmodm fori := 0 to k−1 begin ifai = 1 then x := (x.power) modm power := (power.power) modm end returnx
Euclid’s Algorithm for GCD • Finding GCDs by comparing prime factorizations can be difficult when the prime factors are not known! • Euclid discovered: For all ints. a, b,gcd(a, b) = gcd((a mod b), b). • Sort a,b so that a>b, and then (given b>1)(a mod b) < a, so problem is simplified.
Euclid’s Algorithm Example • gcd(372,164) = gcd(372 mod 164, 164). • 372 mod 164 = 372164372/164 = 372164·2 = 372328 = 44. • gcd(164,44) = gcd(164 mod 44, 44). • 164 mod 44 = 16444164/44 = 16444·3 = 164132 = 32. • gcd(44,32) = gcd(44 mod 32, 32) = gcd(12, 32) = gcd(32 mod 12, 12) = gcd(8,12) = gcd(12 mod 8, 8) = gcd(4,8) = gcd(8 mod 4, 4) = gcd(0,4) = 4.
Euclid’s Algorithm Pseudocode procedure gcd(a, b: positive integers) whileb 0 begin r≔amodb; a≔b; b≔r; end return a Fast! Number of while loop iterationsturns out to be O(log(max(a,b))).
§3.7: Applications of Number Theory • Theorem: If a and b are positive integers, then there exists integers s and t such that gcd(a,b)=sa+tb(so called Linear Combination of GCD). • E.g. Express gcd(252,198)=18 in a linear combination of 252 and 198 • 252=1* 198+54 198=3*54+36 • 54=1*36+18 36=2*18 • Hence gcd(252,198)=4*252-5*198
Reduction of Congruence Lemma 1: If a, b, and c are positive integers such that gcd(a,b)=1 and a|bc, then a|c. Theorem 2: Let m be a positive integer and let a, b, and c be integers. If and gcd(c,m)=1, then . Proof: Since , we have . Since gcd(c,m)=1, it follows that m|a-b by Lemma1. We conclude that
Theorem3: If gcd(a,m)=1 and m>1, then Proof: Since m>1, we have Suppose Hence Since gcd(a,m)=1, (Theorem2) Existence of Inverse of Modulo existence uniqueness
Example • Find an inverse of 3 modulo 7. Since gcd(3,7)=1, by Euclidean algorithm: , we see that . This shows that –2 is an inverse of 3 modulo 7.
Simple Encryption Variations of the following have been used to encrypt messages for thousands of years. • Convert a message to capitals. • Think of each letter as a number between 1 and 26. • Apply an invertible modular function to each number. • Convert back to letters (0 becomes 26).
Encryption example Let the encryption function be f (a) = (3a + 9) mod 26 Encrypt “Stop Thief” • STOP THIEF (capitals) • 19,20,15,16 20,8,9,5,6 • 14,17,2,5 17,7,10,24,1 • NQBE QGJXA
Decryption example Decryption works the same, except that you apply the inverse function. EG: Find the inverse of f (a) = (3a + 9) mod 26 If we didn’t have to deal with mod 26, inverse would be g (a) = 3-1 (a - 9) We’ll see that since gcd(3,26) = 1, the inverse of 3 is actually well defined modulo 26 and is the number 9. This gives: g (a) = 9(a - 9) mod 26 = (9a – 3) mod 26 • Caesar’s Cipher: f (a) = (a+3) mod 26
RSA Cryptosystem • Setup: • n = pq, withpandqprimes • e relatively prime to f(n) = (p- 1) (q- 1) • dinverse of e in Zf(n) • Keys: • Public key: KE = (n, e) • Private key: KD = d • Plaintext M in Zn • Encryption:C=Memodn • Decryption:M=Cdmodn
Complete RSA Example • Setup: • p = 5, q = 11 • n = 511 = 55 • f(n) = 410 = 40 • e = 3 • d = 27 • Encryption • C = M3 mod 55 • Decryption • M = C27 mod 55
The security of the RSA cryptosystem is based on the widely believed difficulty of factoring large numbers The RSA challenge, sponsored by RSA Security, offers cash prizes for the factorization of given large numbers In April 2002, prizes ranged from $10,000 (576 bits) to $200,000 (2048 bits) Estimated resources needed to factor a number within one year Security
Euler’s Theorem • The multiplicative group for Zn, denoted with Z*n, is the subset of elements of Znrelatively prime with n • The totient function of n, denoted with f(n), is the size of Z*n. E.g: Z*10= { 1, 3, 7, 9 }, f(10) = 4 • If p is prime, we haveZ*p = {1, 2, …, (p - 1)}, f(p) =p - 1. • For each element x of Z*n, we get xf(n) mod n= 1. • E.g(n= 10): 3f(10) mod 10 = 34 mod 10 = 1
We show the correctness of the RSA cryptosystem for the case when the plaintext M does not divide n Namely, we show that(Me)dmodn=M Since edmod f(n) = 1, there is an integer ked=kf(n) + 1 Since M does not divide n, by Euler’s theorem we have Mf(n)modn= 1 Correctness
Thus, we obtain (Me)d≡Med≡Mkf(n) + 1≡MMkf(n)≡M (Mf(n))k≡M (Mf(n)modn)k≡M (1)k≡M(modn) the proof of correctness in the case when the plaintext M divides nis rather complex. Correctness
Linear Congruence • A congruence of the form is called a linear congruence, where m is a positive integer, a and b are integers, and x is a variable. • How to solve? Multiply both side of linear congruence by inverse. • What are the solution of? Sol.: Since -2 is the inverse of 3 modulo 7, we have -2‧3x ≡ -2‧4(mod 7),So x ≡ 6(mod 7).
Chinese Remainder Theorem Let m1,m2,…,mn be pairwise relatively prime positive integers. The system has a unique solution modulo m, where (That is, there is a solution x with , and all other solutions are congruent modulo m to this solution)
Proof of Chinese Remainder Theorem • Proof: Let Mk=m/mk for k=1,2,…,n. • Since gcd(mi, mk)=1 for , gcd(mk, Mk)=1. • Consequently, . • Let . • Since whenever . • Since , , for k=1,2,…,n.
Examples • Find a number x such that have remainders of 1 when divided by 3, 2 when divided by 5 and 3 when divided by 7. i.e. • x =1 mod 3 • x = 2 mod 5 • x = 3 mod 7 Sol: 2*35≡1(mod 3) 1*21≡1(mod 5) 1*15≡1(mod 7), so x ≡ 1*2*35+2*1*21+3*1*15 ≡52 (mod 105)
Examples • Represent 973 in Z1813 as a k-tuple: • Answer: • M = 1813 = 37 * 49 m1 = 37 & m2 = 49 • A = 973 • A = (A mod m1, A mod m2) = (11, 42) • We can recover its value using Chinese remainder theorem. • Applied in computer arithmetic with large integers.