Foundations of Security Week4 Lecture

1488 字
7 分钟
Foundations of Security Week4 Lecture
2026-03-31
Foundations of Security
无标签
浏览量 加载中...

Lecture Outline#

  1. Review of the Extended Euclidean Algorithm
  2. Expressing the GCD as a linear combination
  3. Modular multiplicative inverse
  4. Introduction to the Chinese Remainder Theorem (CRT)
  5. Introduction to the RSA cryptographic algorithm

Learning Outcomes#

By the end of this lecture, students should be able to:

  1. Understand the purpose of the Extended Euclidean Algorithm
  2. Express the GCD as a linear combination
  3. Compute modular multiplicative inverses
  4. Identify when a multiplicative inverse exists
  5. Solve simultaneous congruence equations using CRT
  6. Perform the basic RSA Key Generation

Extended Euclidean Algorithm (Review)#

The Extended Euclidean Algorithm is an algorithm to compute integers 𝑥 and 𝑦 such that. ax+b𝑦=gcd(a,b)a\textcolor{red}{x} + b\textcolor{red}{𝑦} = \gcd(a, b) By reversing the steps in the Euclidean algorithm, it is possible to find these integers 𝑥 and 𝑦.

Example:

Find gcd(12,34)\gcd(12, 34) and Express it as a Linear Combination

Solution:

34=12(2)+1012=10(1)+210=2(5)+02=12+10(1)=12+[34+12(2)](1)=12+34(1)+12(2)=12(3)+34(1)\begin{array}{l} \begin{aligned} 34 &= 12(2) + 10 \\ 12 &= 10(1) + 2 \\ 10 &= 2(5) + 0 \end{aligned} \end{array} \qquad\qquad \begin{array}{l} \begin{aligned} 2 &= 12 + 10(-1) \\ &= 12 + [34+12(-2)](-1) \\ &= 12 + 34(-1) + 12(2) \\ &= 12(3) + 34(-1) \end{aligned} \end{array}

Hence, the coefficients are x=3\textcolor{red}{x=3} and 𝑦=1\textcolor{red}{𝑦=−1}. This process allows you to find 𝑥 and 𝑦 such that 12x+34𝑦=gcd(12,34)\textcolor{red}{12x + 34𝑦 = \gcd(12,34)}

Example:

Find gcd(93,219)\gcd(93, 219) and Express it as a Linear Combination

Solution:

219=93(2)+3393=33(2)+2733=27(1)+627=6(4)+36=3(2)+03=27+6(4)=27+[33+27(1)](4)=27+33(4)+27(4)=33(4)+27(5)=33(4)+[93+33(2)](5)=33(4)+93(5)+33(10)=33(14)+93(5)=[219+93(2)](14)+93(5)=219(14)+93(28)+93(5)=93(33)+219(14)\begin{array}{l} \begin{aligned} 219 &= 93(2) + 33 \\ 93 &= 33(2) + 27 \\ 33 &= 27(1) + 6 \\ 27 &= 6(4) + 3 \\ 6 &= 3(2) + 0 \end{aligned} \end{array} \qquad\qquad \begin{array}{l} \begin{aligned} 3 &= 27 \textcolor{blue}{+} 6(-4) \\ &= 27 \textcolor{blue}{+} \textcolor{red}{[}33+27(-1)\textcolor{red}{]}(-4) \\ &= 27 \textcolor{blue}{+} 33(-4) + 27(4) \\ &= 33(-4) \textcolor{blue}{+} 27(5) \\ &= 33(-4) \textcolor{blue}{+} \textcolor{red}{[}93+33(-2)\textcolor{red}{]}(5) \\ &= 33(-4) \textcolor{blue}{+} 93(5) + 33(-10) \\ &= 33(-14) \textcolor{blue}{+} 93(5) \\ &= \textcolor{red}{[}219 + 93(-2)\textcolor{red}{]}(-14) \textcolor{blue}{+} 93(5) \\ &= 219(-14) + 93(28) \textcolor{blue}{+} 93(5) \\ &= 93(33) \textcolor{blue}{+} 219(-14) \end{aligned} \end{array}

Hence, the coefficients are x=33\textcolor{red}{x=33} and 𝑦=14\textcolor{red}{𝑦=−14}.
This process allows you to find 𝑥 and 𝑦 such that 93x+219𝑦=gcd(93,219)=3\textcolor{red}{93x + 219𝑦 = \gcd(93, 219) = 3}

Assignment: Complete these exercises and submit during seminar class

  • Find the gcd and Express them as Linear Combinations:
  1. gcd(120,35)\gcd(120, 35)
  2. gcd(145,252)\gcd(145, 252)
  3. gcd(100,240)\gcd(100, 240)

Show how you computed your answers.
Only handwritten solutions.
No copy-paste will be accepted.

Modular Multiplicative Inverse#

The modular multiplicative inverse of an integer a\textcolor{blue}{a} modulo m\textcolor{blue}{m} is an integer x\textcolor{blue}{x} such that the product ax is congruent to 1 modulo m.

ax1modm\textcolor{red}{a}x\textcolor{red}{\equiv1 \bmod m}

Here 𝑥 is the multiplicative inverse of aa, and we can also write the above equation as

amodm=1modmaxmodm=1\textcolor{red}{a \bmod m} = \textcolor{red}{1 \bmod m} \Rightarrow \textcolor{red}{a}x \textcolor{red}{\bmod m} = \textcolor{red}{1}

The existence of such an x\textcolor{blue}{x} depends on a\textcolor{red}{a} and m\textcolor{red}{m} being coprime, i.e., gcd(a,m)=1\gcd(a,m)=1. Otherwise we can say that there is no multiplicative inverse.

Example:

Find a number 𝑥 such that: 3x1 (mod12)3x \equiv 1~(\bmod 12)

Trail and Error Method#

3×1mod17=33×2mod17=63×3mod17=93×4mod17=123×5mod17=153×6mod17=1\begin{aligned} 3 \times 1 \bmod 17 &= 3 \\ 3 \times 2 \bmod 17 &= 6 \\ 3 \times 3 \bmod 17 &= 9 \\ 3 \times 4 \bmod 17 &= 12 \\ 3 \times 5 \bmod 17 &= 15 \\ 3 \times 6 \bmod 17 &= \textcolor{red}{1} \end{aligned}

Here the value of x=6\textcolor{red}{x = 6}. This method is very difficult when the number is very large.

Extended Euclidean Algorithm Method#

gcd(3,17)17=3(5)+23=2(1)+12=1(2)+01=3+2(1)=3+[17+3(5)](1)=3+17(1)+3(5)=3(6)+17(1)ax+by=gcd(a,b)3x+17y=1x=6\begin{array}{l} \begin{aligned} \gcd&(3, 17) \\ 17 &= 3(5) + 2 \\ 3 &= 2(1) + 1 \\ 2 &= 1(2) + 0 \end{aligned} \end{array} \qquad\qquad \begin{array}{l} \begin{aligned} 1 &= 3 + 2(-1) \\ &= 3 + [17+3(-5)](-1) \\ &= 3 + 17(-1) + 3(5) \\ &= 3(\textcolor{red}{6}) + 17(\textcolor{red}{-1}) \\ \\ &a\textcolor{red}{x} + b\textcolor{red}{y} = \gcd(a, b) \\ &3\textcolor{red}{x} + 17\textcolor{red}{y} = 1 \\ &\Rightarrow \textcolor{red}{x = 6} \end{aligned} \end{array}

Here x=6\textcolor{red}{x = 6} is the multiplicative inverse

Example:

Find a number 𝑥 such that: 35x1 (mod8)35x\equiv1~(\bmod 8)

Another Approach#

We can write 35xmod8=1mod835\textcolor{red}{x} \bmod 8 = \textcolor{purple}{1 \bmod 8}

(a×b)modn=[(amodn)×(bmodn)]modn(35×x)mod8=[(35mod8)×(xmod8)]mod835xmod8=[(3×x)mod8]35xmod8=3xmod8=1mod8\begin{aligned} \textcolor{blue}{(a \times b) \bmod n} &\textcolor{blue}{=} \textcolor{blue}{[(a \bmod n) \times (b \bmod n)] \bmod n} \\ (35 \times \textcolor{red}{x}) \bmod 8 &\textcolor{red}{=} [(35 \bmod 8) \times (\textcolor{red}{x} \bmod 8)] \bmod 8 \\ 35\textcolor{red}{x} \bmod 8 &\textcolor{red}{=} [(3 \times \textcolor{red}{x}) \bmod 8] \\ 35\textcolor{red}{x} \bmod 8 &\textcolor{red}{=} \textcolor{blue}{3\textcolor{red}{x} \bmod 8} \textcolor{purple}{ =1 \bmod 8} \end{aligned}3xmod8=1mod83xmod8=1mod83×3mod8=1\begin{aligned} 3\textcolor{red}{x} \bmod 8 &= 1 \bmod 8 \\ 3\textcolor{red}{x} \bmod 8 &= 1 \bmod 8 \\ 3 \times 3 \bmod 8 &= 1 \\ \end{aligned}

Therefore, x=3\textcolor{blue}{x = 3} is the multiplicative inverse.

Check

35×3mod8=135 \times 3 \bmod 8 = 1

105mod8=1105 \bmod 8 = 1

Example:

Find a number 𝑥 such that:

  1. 40x1mod740x \equiv 1 \bmod 7
  2. 20x1mod320x \equiv 1 \bmod 3

Waiting…

Application#

The modular multiplicative inverse is crucial in various fields, including cryptography, where it’s used in algorithms like RSA for public key encryption and decryption.

Chinese Remainder Theorem#

The Chinese Remainder Theorem (CRT) is a powerful tool in number theory and discrete mathematics that allows you to solve a system of simultaneous linear congruences with different moduli, under the condition that the moduli are pairwise coprime (i.e., the gcd of each pair of moduli is 1).

Assume we have a system of equations:

xa1 (modm1)xa2 (modm2).................xa𝑘 (modm𝑘)\begin{aligned} x &\equiv a_1 ~(\bmod m_1) \\ x &\equiv a_2 ~(\bmod m_2) \\ ..&............... \\ x &\equiv a_𝑘 ~(\bmod m_𝑘) \end{aligned}

Where m1,m2,...,m𝑘\textcolor{blue}{m_1,m_2,...,m_𝑘} are pairwise coprime. The theorem states that there is a unique solution modulo 𝑀, where 𝑀 is the product of all the moduli (𝑀=m1×m2×...×m𝑘𝑀 = m_1 \times m_2 \times ... \times m_𝑘).

Step-by-Step Method to Find the Solution

  1. Compute 𝑀: 𝑀=m1×m2×...×m𝑘𝑀 = m_1 \times m_2 \times ... \times m_𝑘.
  2. Compute the partial products: For each 𝑖, calculate Mi=MmiM_i=\frac{M}{m_i} ​.
  3. Find the modular inverses: For each 𝑖, find an integer 𝑦𝑖𝑦_𝑖 ​such that 𝑀𝑖𝑦𝑖1 (modm𝑖)𝑀_𝑖𝑦_𝑖\equiv1~(\bmod m_𝑖). This 𝑦𝑖𝑦_𝑖 is the modular inverse of 𝑀𝑖𝑀_𝑖 modulo m𝑖m_𝑖.
  4. Calculate the solution: The solution 𝑥 can be found as follows:
x=(a1𝑀1𝑦1+a2𝑀2𝑦2+...+a𝑘𝑀𝑘𝑦𝑘)mod𝑀\textcolor{red}{x = (a_1𝑀_1𝑦_1} + \textcolor{red}{a_2𝑀_2𝑦_2} + \textcolor{red}{...} + \textcolor{red}{a_𝑘𝑀_𝑘𝑦_𝑘)\bmod𝑀}

Example

Let’s solve the system:

x2 (mod3)x3 (mod5)x2 (mod7)\begin{aligned} x&\equiv2~(\bmod 3) \\ x&\equiv3~(\bmod 5) \\ x&\equiv2~(\bmod 7) \\ \end{aligned}

Step 1: Compute 𝑀: 𝑀=m1×m2×m3\textcolor{blue}{𝑀 = m_1 \times m_2 \times m_3}. 𝑀=3×5×7=105\textcolor{blue}{𝑀 =} 3 \times 5 \times 7 \textcolor{blue}{=} 105

Step 2: Compute the partial product Mi=MmiM_i=\frac{M}{m_i}

M1=Mm1=1053=35M2=Mm2=1055=21M3=Mm3=1057=15\begin{aligned} M_1 &= \frac{M}{m_1} = \frac{105}{3} = \textcolor{red}{35} \\ M_2 &= \frac{M}{m_2} = \frac{105}{5} = \textcolor{red}{21} \\ M_3 &= \frac{M}{m_3} = \frac{105}{7} = \textcolor{red}{15} \end{aligned}

Step 3: Find the modular inverses.

  • Find 𝑦1\textcolor{red}{𝑦_1} such that 35𝑦11 (mod3)\textcolor{blue}{35\textcolor{red}{𝑦_1}\equiv1~(\bmod3)}
    y1=2\textcolor{red}{y_1}=\textcolor{red}{2} works because
    35×2=701 (mod3)35 \times 2 = 70 \equiv 1~(\bmod 3)
  • Find 𝑦2\textcolor{red}{𝑦_2} such that 21𝑦21 (mod5)\textcolor{blue}{21\textcolor{red}{𝑦_2}\equiv1~(\bmod5)}
    y2=1\textcolor{red}{y_2}=\textcolor{red}{1} works because
    21×1=211 (mod5)21 \times 1 = 21 \equiv 1~(\bmod 5)
  • Find 𝑦3\textcolor{red}{𝑦_3} such that 15𝑦31 (mod7)\textcolor{blue}{15\textcolor{red}{𝑦_3}\equiv1~(\bmod7)}
    y3=1\textcolor{red}{y_3}=\textcolor{red}{1} works because
    15×1=151 (mod7)15 \times 1 = 15 \equiv 1~(\bmod 7)

Step 4: Calculate the solution.

x=(a1M1y1+a2M2y2++akMkyk)modMx=(2×35×2+3×21×1+2×15×1)mod105x=(140+63+30)mod105x=233mod105x=23\begin{aligned} \textcolor{red}{x} &\textcolor{red}{=} \left( \textcolor{purple}{a_1}\textcolor{red}{M_1y_1} + \textcolor{purple}{a_2}\textcolor{red}{M_2y_2} + \textcolor{red}{\dots} + \textcolor{purple}{a_k}\textcolor{red}{M_ky_k} \right) \bmod \textcolor{red}{M} \\ \textcolor{red}{x} &\textcolor{red}{=} \left( \textcolor{purple}{2} \times \textcolor{red}{35} \times \textcolor{red}{2} + \textcolor{purple}{3} \times \textcolor{red}{21} \times \textcolor{red}{1} + \textcolor{purple}{2} \times \textcolor{red}{15} \times \textcolor{red}{1} \right) \bmod \textcolor{red}{105} \\ \textcolor{red}{x} &\textcolor{red}{=} \left( \textcolor{red}{140} + \textcolor{red}{63} + \textcolor{red}{30} \right) \bmod \textcolor{red}{105} \\ \textcolor{red}{x} &\textcolor{red}{=} \textcolor{red}{233} \bmod \textcolor{red}{105} \\ \textcolor{red}{x} &\textcolor{red}{=} \textcolor{red}{23} \end{aligned}

Thus, x=23x = \textcolor{red}{23} is the unique solution that satisfies all the original congruences.

Assignment: Complete this exercise and submit during seminar class

Determine the value of 𝑥 using the Chinese Remainder Theorem

x3 (mod5)x1 (mod7)x6 (mod8)\begin{aligned} x&\equiv3~(\bmod 5) \\ x&\equiv1~(\bmod 7) \\ x&\equiv6~(\bmod 8) \\ \end{aligned}

Show how you computed your answers.
Only handwritten solutions.
No copy-paste will be accepted.

RSA Algorithm#

The RSA algorithm is a widely used public key cryptography system that enables secure data transmission.

Named after its inventors Rivest, Shamir, and Adleman, RSA is based on the practical difficulty of factoring the product of two large prime numbers, a problem known as integer factorization.

How RSA Works#

Key Generation:

  • Choose two large prime numbers, p\textcolor{blue}{p} and q\textcolor{blue}{q}.
  • Calculate n: n = p × q. This n is used as the modulus for both the public and private keys.
  • Calculate the totient function, ϕ(n)=(p1)×(q1)\textcolor{blue}{\phi(n)=(p−1)×(q−1)}.
  • Choose an integer e\textcolor{blue}{e} such that 1<e<ϕ(n)1<e<\phi(n) and e\textcolor{red}{e} is coprime to ϕ(n)\textcolor{red}{\phi(n)}; e\textcolor{blue}{e} is the public exponent.
  • Determine d\textcolor{green}{d} as the modular multiplicative inverse of ee modulo ϕ(n)\phi(n). This means dd is the number such that (d×e)modϕ(n)=1(d×e)\bmod\phi(n)=1. d\textcolor{green}{d} is the private exponent.

Encryption:
Given a plaintext message 𝑀\textcolor{blue}{𝑀}, the ciphertext 𝐶\textcolor{blue}{𝐶} is computed as:

𝐶=𝑀emodn\textcolor{red}{𝐶=𝑀e \bmod n}

Decryption:
To retrieve the plaintext 𝑀\textcolor{blue}{𝑀} from the ciphertext 𝐶\textcolor{blue}{𝐶}, use the private key d\textcolor{blue}{d}:

𝑀=𝐶dmodn\textcolor{green}{𝑀=𝐶d \bmod n}

Example

Choose two prime numbers:

  • Let p=11\textcolor{blue}{p=11} and q=3\textcolor{blue}{q=3}.

Compute nn and ϕ(n)\phi(n):

  • n=p×q=11×3=33n = p \times q = 11 \times 3 = 33
  • ϕ(n)=(p1)×(q1)=10×2=20\phi(n) = (p−1) \times (q−1) = 10 \times 2 = 20.

Choose ee:

  • Let e=7\textcolor{blue}{e=7} (which is coprime to ϕ(n)=20\textcolor{brown}{\phi(n)=20}).

Compute dd:

  • d is the modular multiplicative inverse of ee modulo ϕ(n)\phi(n).

dd needs to satisfy d×71 (mod20)\textcolor{green}{d}\times7\equiv1~(\bmod20) .

By testing values or using extended Euclidean algorithm, we find d=3\textcolor{green}{d=3} (since 3×7=211 (mod20)3\times7=21\equiv1~(\bmod20)).

Example

Encryption:Supposethe plaintext M=4C=MemodnC=47mod33C=16384mod33C=16Decryption:C=16M=CdmodnM=163mod33M=4096mod33M=4\begin{array}{l} \textbf{Encryption}: \\ \begin{aligned} \text{Suppose} &\text{the plaintext } M=4 \\ \textcolor{red}{C} &\textcolor{red}{=} \textcolor{red}{M^e \bmod n} \\ C &= 4^7 \bmod 33 \\ C &= 16384 \bmod 33 \\ C &= \textbf{16} \end{aligned} \end{array} \qquad\qquad \begin{array}{l} \textbf{Decryption}: \\ \begin{aligned} C &= \textbf{16} \\ \textcolor{green}{M} &\textcolor{green}{=} \textcolor{green}{C^d \bmod n} \\ M &= 16^3 \bmod 33 \\ M &= 4096 \bmod 33 \\ M &= \textcolor{green}{\textbf{4}} \end{aligned} \end{array}

Try#

Try: Complete the RSA Encryption Algorithm

Choose two prime numbers:

  • Let p=61\textcolor{blue}{p=61} and q=53\textcolor{blue}{q=53}.

Compute nn and ϕ(n)\phi(n):

  • n=p×qn = p \times q = …………………………………
  • ϕ(n)\phi(n) = …………………………………

Choose ee:

  • Let e=17\textcolor{blue}{e=17}

Compute dd: …………………………………

Encryption:
Suppose the plaintext 𝑀=3\textcolor{blue}{𝑀=3}
𝐶𝐶 = …………………………………

Decryption:
𝑀𝑀 = …………………………………

支持与分享

如果这篇文章对你有帮助,欢迎分享给更多人或赞助支持!

赞助
Foundations of Security Week4 Lecture
https://firefly.anka2.top/posts/obu/level5/semester2/fos/week4/lecture/
作者
🐦‍🔥不死鸟Anka
发布于
2026-03-31
许可协议
CC BY-NC-SA 4.0
Web Application Development Practical4: DOM
Data Structures and Algorithms Week4: Recursion and Call Stack
相关文章 智能推荐
1
Foundations of Security Week8 Seminar: Digital Signature
Foundations of Security A digital signature is a cryptographic result attached to data that helps a receiver verify three things: Who sent it, It was not changed, Sender cannot easily deny it
2
Foundations of Security Week8 Lecture
Foundations of Security Data Encryption Standard (DES) algorithm
3
Foundations of Security Week7 Seminar: Password Cracking & Secure Hashing
Foundations of Security Generate & Compare Hashes, Rainbow Tables, Hashing vs Encryption, Dictionary Attack, Salting
4
Foundations of Security Week7 Lecture
Foundations of Security Diffie–Hellman key exchange, ElGamal encryption, Digital signature, RSA signature, Feistel cipher
5
Foundations of Security Week6 Seminar: Phishing
Foundations of Security Understanding and Defending Against Social Engineering Attacks.
随机文章 随机推荐

评论区

分享你的想法,与大家交流讨论

Profile Image of the Author
A-n-k-a
Over the Frontier / Into the Front
看这里~
合作翻译官绝赞招募中!
音乐
封面

音乐

暂未播放

0:00 0:00
暂无歌词
分类
标签
站点统计
文章
59
分类
6
标签
20
总字数
550,118
运行时长
0
最后活动
0 天前
© 2026 A-n-k-a. All Rights Reserved. / RSS / Sitemap
Powered by Astro & Firefly

目录