Network and Computer Security (CS 475) Modular Arithmetic

1
Network and Computer Security (CS 475)
Modular Arithmetic

• Jeremy R. Johnson

2
Introduction

• Objective To become familiar with modular
  arithmetic and some key algorithmic constructions
  that are important for computer algebra
  algorithms.
• Modular Arithmetic
• Modular inverses and the extended Euclidean
  algorithm
• Fermats theorem
• Eulers Identity
• Chinese Remainder Theorem
• References Rivest, Shamir, Adelman.

3
Modular Arithmetic (Zn)

• Definition a ? b (mod n) ? n (b - a)
• Alternatively, a qn b
• Properties (equivalence relation)
• a ? a (mod n)
  Reflexive
• a ? b (mod n) ? b ? a (mod n) Symmetric
• a ? b (mod n) and b ? c (mod n) ? a ? c (mod n)
  Transitive
• Definition An equivalence class mod n
• a x x ? a (mod n) a qn q ? Z

4
Modular Arithmetic (Zn)

• It is possible to perform arithmetic with
  equivalence classes mod n.
• a b ab
• a b ab
• In order for this to make sense, you must get the
  same answer (equivalence) class independent of
  the choice of a and b. In other words, if you
  replace a and b by numbers equivalent to a or b
  mod n you end of with the sum/product being in
  the same equivalence class.
• a1 ? a2 (mod n) and b1 ? b2 (mod n) ? a1 b1 ?
  a2 b2 (mod n)
• a1 b1 ? a2 b2 (mod n)
• (a q1n) (b q2n) a b (q1 q2)n
• (a q1n) (b q2n) a b (bq1 aq2
  q1 q2)n

5
Representation of Zn

• The equivalence classes a mod n, are typically
  represented by the representatives a.
• Positive Representation Choose the smallest
  positive integer in the class a then the
  representation is 0,1,,n-1.
• Symmetric Representation Choose the integer
  with the smallest absolute value in the class
  a. The representation is -?(n-1)/2? ,, ?n/2?
  . When n is even, choose the positive
  representative with absolute value n/2.
• E.G. Z6 -2,-1,0,1,2,3, Z5 -2,-1,0,1,2

6
Modular Inverses

• Definition x is the inverse of a mod n, if ax ?
  1 (mod n)
• The equation ax ? 1 (mod n) has a solution iff
  gcd(a,n) 1.
• By the Extended Euclidean Algorithm, there exist
  x and y such that ax ny gcd(a,n). When
  gcd(a,n) 1, we get ax ny 1. Taking this
  equation mod n, we see that ax ? 1 (mod n)
• By taking the equation mod n, we mean applying
  the mod n homomorphism ?m Z ? Zm, which maps
  the integer a to the equivalence class a. This
  mapping preserves sums and products.
• I.E.
• ?m(ab) ?m(a) ?m(b), ?m(ab) ?m(a) ?m(b)

7
Fermats Theorem

• Theorem If a ? 0 ? Zp, then ap-1 ? 1 (mod p).
  More generally, if
• a ? Zp, then ap ? a (mod p).
• Proof Assume that a ? 0 ? Zp. Then
• a 2a (p-1)a (p-1)! ap-1
• Also, since ai ? aj (mod p) ? i ? j (mod
  p), the numbers a, 2a, , (p-1)a are
  distinct elements of Zp. Therefore they are
  equal to 1,2,,(p-1) and their product is equal
  to
• (p-1)! mod p. This implies that
• (p-1)! ap-1 ? (p-1)! (mod p) ? ap-1 ? 1 (mod
  p).

8
Euler phi function

• Definition phi(n) a 0 lt a lt n and
  gcd(a,n) 1
• Properties
• ?(p) p-1, for prime p.
• ?(pe) (p-1)p(e-1)
• ? (mn) ? (m) ?(n) for gcd(m,n) 1.
• ?(pq) (p-1)(q-1)
• Examples
• ?(15) ?(3) ?(5) 24 8.
  1,2,4,7,8,11,13,14
• ?(9) (3-1)3(2-1) 23 6 1,2,4,5,7,8

9
Eulers Identity

• The number of elements in Zn that have
  multiplicative inverses is equal to phi(n).
• Theorem Let (Zn) be the elements of Zn with
  inverses (called units). If a ? (Zn), then
  a?(n) ? 1 (mod n).
• Proof. The same proof presented for Fermats
  theorem can be used to prove this theorem.

10
Chinese Remainder Theorem

• Theorem If gcd(m,n) 1, then given a and b
  there exist an integer solution to the system
• x ? a (mod m) and x b (mod n).
• Proof
• Consider the map x ? (x mod m, x mod n).
• This map is a 1-1 map from Zmn to Zm ? Zn, since
  if x and y map to the same pair, then x ? y (mod
  m) and x ? y (mod n). Since gcd(m,n) 1, this
  implies that x ? y (mod mn).
• Since there are mn elements in both Zmn and Zm ?
  Zn, the map is also onto. This means that for
  every pair (a,b) we can find the desired x.

11
Alternative Interpretation of CRT

• Let Zm ? Zn denote the set of pairs (a,b) where a
  ? Zm and b ? Zn. We can perform arithmetic on Zm
  ? Zn by performing componentwise modular
  arithmetic.
• (a,b) (c,d) (ab,cd)
• (a,b)(c,d) (ac,bd)
• Theorem Zmn ? Zm ? Zn. I.E. There is a 1-1
  mapping from Zmn onto Zm ? Zn that preserves
  arithmetic.
• (ac mod m, bd mod n) (a mod m, b mod n)(c
  mod m, d mod n)
• (ac mod m, bd mod n) (a mod m, b mod n)(c
  mod m, d mod n)
• The CRT implies that the map is onto. I.E. for
  every pair (a,b) there is an integer x such that
  (x mod m, x mod n) (a,b).

12
Constructive Chinese Remainder Theorem

• Theorem If gcd(m,n) 1, then there exist em and
  en (orthogonal idempotents)
• em ? 1 (mod m)
• em ? 0 (mod n)
• en ? 0 (mod m)
• en ? 1 (mod n)
• It follows that aem b en ? a (mod m) and ?
  b (mod n).
• Proof.
• Since gcd(m,n) 1, by the Extended Euclidean
  Algorithm, there exist x and y with mx ny
  1. Set em ny and en mx