View
225
Download
0
Category
Preview:
Citation preview
8/13/2019 Notes on Public Key Cryptography and Primality Testing
1/114
Ckt`s kc Zuanbf H`y Fryptkeropgy
Oci Zrbmonbty Y`stbce
Zort ?4 Qocikmbz`i OnekrbtgmsMbnn`rQoabc oci VknkvoyVtross`c Y`sts
D`oc Eonnb`rI`portm`ct kl Fkmput`r oci Bclkrmotbkc Vfb`cf`
Pcbv`rsbty kl Z`ccsynvocboZgbnoi`npgbo, ZO ?2?:9, PVO
`-mobn4 d`ocJfbs.up`cc.`iu
f D`oc Eonnb`r
V`pt`ma`r 0, 1:?6
8/13/2019 Notes on Public Key Cryptography and Primality Testing
2/114
1
8/13/2019 Notes on Public Key Cryptography and Primality Testing
3/114
Fkct`cts
? Zuanbf H`y Fryptkeropgy 0
?.? Zuanbf H`y Fryptkeropgy8 Yg` QVO Vyst`m . . . . . . . . . . . . . . . . . . 0?.1 Fkrr`ftc`ss kl Yg` QVO Vyst`m . . . . . . . . . . . . . . . . . . . . . . . . . ?:?.6 Onekrbtgms lkr Fkmputbce Zkw`rs oci Bcv`rs`s Mkiunkm . . . . . . . . . . ?6?.9 Lbcibce Nore` Zrbm s8 Vbecotur`s8 Vol`ty kl QVO . . . . . . . . . . . . . . . ?7
1 Zrbmonbty Y`stbce Psbce Qocikmbz`i Onekrbtgms 10
6 Aosbf Lofts Oakut Erkups, oci Cuma`r Yg`kry 12
6.? Erkups, Vuaerkups, Fks`ts . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126.1 Fyfnbf Erkups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 ` >(p ?)(q ?), r`notbv`ny prbm` tk(p ?)(q ?).
A`fous` efi(`, (p ?)(q ?)) = ?, tg`r` bs skm`i wbtg ?> i >(p ?)(q ?), sufg tgot`i? (mki (p ?)(q ?)).
Yg`c, w` fnobm tgot tk ci xsufg tgot
x` y (mki m),w` sbmpny fkmput`yi mki m, oci tgbs foc a` ikc` `osbny, os w` fnobm`i `ornb`r. Yg` r`oskcwgy tg` oakv` wkrhs bs tgot
x`i x (mki m), ()lkr onnx T, wgbfg w` prkv` not`r.
V`ttbce up QVO
Bc, summory tk s`t up QVO lkr Ona`rt (O) tk r`f`bv `cfrypt`i m`ssoe`s, p`rlkrm tg`lknnkwbce st`ps.
?. Ona`rt e`c`rot`s twk ibstbcft nore` oci sustfb`ctny rocikm prbm`s, pO oci qO. Yg`yor` h`pt s`fr`t.
1. Ona`rt fkmput`s mO= pOqO. Ygbs cuma`r fonn`i tg` mkiunuswbnn a` moi` puanbf.
6. Ona`rt pbfhs ot rocikm skm` `O, wbtg ?> `O> (pO ?)(qO ?), sk tgotefi(`O, (pO ?)(qO ?)) = ?. Yg` cuma`r `O bs fonn`i tg` `cfryptbkc h`yoci bt wbnnonsk a` puanbf.
9. Ona`rt fkmput`s tg` bcv rs`,iO= `?O mkiunkmO, kl`O. Ygbs cuma`r bs h`pt s`fr`t.
Yg` pobr (iO, mO) bs Ona`rts prbvot` h`y oci iO bs fonn`i tg` i`fryptbkc h`y.
0. Ona`rt puanbsg`s tg` pobr (`O, mO) os gbs puanbf h`y.
@cfryptbce o M`ssoe`
Ckw, bl Dunbo wocts tk s`ci o m`ssoe`, x, tk Ona`rt, sg` prkf``is os lknnkws. Lbrst, sg` spnbtsx bctk fguchs, x?, . . . , xh, `ofg kl n`cetg ot mkst mO ?, bl c`f`ssory (oeobc, B ossum` tgotxgos a``c fkcv`rt`i tk oc bct`e`r bc o pr`nbmbcory st`p). Yg`c sg` nkkhs up Ona`rts puanbfh`y (`O, mO) oci sg` fkmput`s
yb = @O(xb) =x`Ob mki mO,
8/13/2019 Notes on Public Key Cryptography and Primality Testing
9/114
?.?. ZPANBF H@R FQRZYKEQOZGR8 YG@ QVO VRVY@M 2
lkrb= ?, . . . , h. Lbconny, sg` s`cis tg` s`qu`cf`y?, . . . , yh tk Ona`rt. Ygbs `cfrypt`i m`ssoe`bs hckwc os tg` fypg`rt`xt. Yg` lucftbkc @O bs Ona`rts`cfryptbkc lucftbkc.
I`fryptbce o M`ssoe`
Bc kri`r tk i`frypt tg` m`ssoe` y?, . . . , yh tgot Dunbo s`ct gbm, Ona`rt us`s gbs prbvot` h`y
(iO, mO) tk fkmput` `ofgxb= IO(yb) =y
iOb mki mO,
oci tgbs yb`nis tg` s`qu`cf` x?, . . . , xh. Yg` lucftbkc IO bs Ona`rts i`fryptbkc lucftbkc.
Vbmbnorny, bc kri`r lkr Dunbo tk r`f`bv` `cfrypt`i m`ssoe`s, sg` must s`t g`r kwc puanbfh`y (`D, mD) oci prbvot` h`y (iD, mD) ay pbfhbce twk ibstbcft prbm`s pD oci qD oci `D, os`xpnobc`i `ornb`r.
Yg` a`outy kl tg` sfg`m` bs tgot tg` s`ci`r kcny c``is tk hckw tg` puanbf h`y kl tg`r`fbpb`ct tk s`ci o m`ssoe` aut oc `ov`sirkpp`r bs ucoan` tk i`frypt tg` `cfki`i m`ssoe`ucn`ss g` skm`gkw e`ts gbs gocis kc tg` s`fr`t h`y kl tg` r`f`bv`r.
N`t us ebv` o fkcfr`t` bnnustrotbkc kl tg` QVO sfg`m` usbce oc `xompn` akrrkw`i lrkmVbnv`rmoc X?7] (Fgopt`r ?7). U` wrbt` m`ssoe`s usbce kcny tg` 1< upp`r-fos` n`tt`rs O, A,. . . , T, `cfki`i os tg` bct`e`rs O = ??, A = ?1 , . . . , T = 6
8/13/2019 Notes on Public Key Cryptography and Primality Testing
10/114
8/13/2019 Notes on Public Key Cryptography and Primality Testing
11/114
?.1. FKQQ@FYC@VV KL YG@ QVO VRVY@M ??
Yg`kr`m ?.1. (L`rmots Nbttn` Yg`kr`m) Blp bs ocy prbm` cuma`r, tg`c tg` lknnkwbce twk`qubvon`ct prkp`rtb`s gkni.
(?) Lkr `v`ry bct`e`r,o T, blo bs ckt ibvbsban` ayp, tg`c w` gov`
o
p?
? (mkip).(1) Lkr `v`ry bct`e`r,o T, w` gov`
op o (mkip).
Zrkkl. (?) Fkcsbi`r tg` bct`e`rs
o, 1o, 6o, . . . , (p ?)ooci n`t
r?, r1, r6, . . . , rp?
a` tg` s`qu`cf` kl r`mobci`rs kl tg` ibvbsbkc kl tg` cuma`rs bc tg` rst s`qu`cf` ay p.A`fous` efi(o, p) = ?, ckc` kl tg` cuma`rs bc tg` rst s`qu`cf` bs ibvbsban` ay p, sk ?rbp ?, lkr b = ?, . . . , p ?. U` fnobm tgot tg`s` r`mobci`rs or` onn ibstbcft. Bl ckt, tg`csoyrb= rd, wbtg ?b > dp ?. Aut tg`c, a`fous`
obrb(mkip)oci
odrd(mkip),w` i`iuf` tgot
od obrd rb(mkip),oci a`fous` rb= rd, w` e`t,
o(d b): (mkip).Ygbs m`ocs tgot p ibvbi`s o(db), aut efi(o, p) = ? sk, ay @ufnbis prkpksbtbkc, p mustibvbi` d b. Gkw`v r ?d b > p ?, sk w` e`t o fkctroibftbkc oci tg` r`mobci`rs or`bci``i onn ibstbcft.
Yg`r` or` p ? ibstbcft r`mobci`rs oci tg`y or` onn ckcz`rk, tg`r`lkr` w` must gov`{r?, r1, . . . , rp?}={?, 1, . . . , p ?}.
Psbce Zrkp`rty (6) kl fkceru`cf`s (s`` Zrkpksbtbkc ?.?), w` e`t
o 1o 6o (p ?)o? 1 6 (p ?) (mkip)8tgot bs,
(op? ?) (p ?)!: (mkip).
8/13/2019 Notes on Public Key Cryptography and Primality Testing
12/114
?1 FGOZY@Q ?. ZPANBF H@R FQRZYKEQOZGR
Oeobc, p ibvbi`s (op? ?) (p ?)!, aut a`fous` p bs r`notbv`ny prbm` tk (p ?)!, bt mustibvbi`op? ?, os fnobm`i.
(1) Bl efi(o, p) = ?, w` prkv`i bc (?) tgot
op?
? (mkip),
lrkm wgbfg w` e`top o (mkip),
a`fous`oo (mkip). Blobs ibvbsban` ayp, tg`co:(mkip), wgbfg bmpnb`sop :(mkip),oci tgus, tgot
op o (mkip).Yg`r`lkr`, (1) gknis lkr onn o T oci w` dust prkv`i tgot (?) bmpnb`s (1). Lbconny, bl (1)gknis oci bl efi(o, p) = ?, os p ibvbi`s op o= o(op? ?), bt must ibvbi` op? ?, wgbfgsgkws tgot (?) gknis oci sk, (1) bmpnb`s (?).
Bt bs ckw `osy tk `stoanbsg tg` fkrr`ftc`ss kl QVO.
Zrkpksbtbkc ?.6. Lkr ocy twk ibstbcft prbm` cuma`rs p oci q, bl ` oci i or` ocy twkpksbtbv` bct`e`rs sufg tgot
?. ?> `, i >(p ?)(q ?),1. `i? (mki (p ?)(q ?)),
tg`c lkr `v`ryx T w` gov`x`i x (mkipq).
Zrkkl. A`fous`p oci qor` twk ibstbcft prbm` cuma`rs, ay @ufnbis prkpksbtbkc bt bs `ckuegtk prkv` tgot aktg p oci qibvbi` x`i x. U` sgkw tgot x`i xbs ibvbsban` ay p, tg` prkklkl ibvbsbabnbty ay qa`bce sbmbnor.
Ay fkcibtbkc (1), w` gov`
`i= ? + (p ?)(q ?)h,wbtgh?, bcosmufg os ? > `, i >(p ?)(q ?). Ygus, bl w` wrbt` g= (q ?)h, w` gov`g? oci
x`i x x?+(p?)g x (mkip)
x((xp?
)g
?) (mkip) x(xp? ?)((xp?)g? + (xp?)g1 + + ?) (mkip) (xp x)((xp?)g? + (xp?)g1 + + ?) (mkip) : (mkip),
a`fous` xp x: (mkip), ay L`rmots nbttn` tg`kr`m.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
13/114
?.6. ONEKQBYGMV LKQ FKMZPYBCE ZKU@QV OCI BC\@QV@V MKIPNKM ?6
Q`morh4 Kl fkurs`, Zrkpksbtbkc ?.6 gknis bl w` onnkw` = i = ?, aut tgbs ckt bct`r`stbce lkr`cfryptbkc. Yg` cuma`r (p ?)(q ?) turcs kut tk a` tg` cuma`r kl pksbtbv` bct`e`rs n`sstgocpqtgot or` r`notbv`ny prbm` tk pq. Lkr ocy orabtrory pksbtbv` bct`e`r, m, tg` cuma`r klpksbtbv` bct`e`rs n`ss tgoc m tgot or` r`notbv`ny prbm` tk m bs ebv`c ay tg` @un`r lucftbkc(kr @un`r tktb`ct), i`ckt`i (s`` Cbv`c, Tufh`rmoc, oci Mkctekm`ry X?9], V`ftbkc 1.?, lkr
aosbf prkp`rtb`s kl).
L`rmots nbttn` tg`kr`m foc a` e`c`ronbz`i tk wgot bs hckwc os @un`rs lkrmuno4 Lkr`v`ry bct`e`r o, bl efi(o, m) = ?, tg`c
o(m) ? (mki m).
A`fous` (pq) = (p ?)(q ?), wg`c efi(x, (pq)) = ?, Zrkpksbtbkc ?.6 lknnkws lrkm@un`rs lkrmuno. Gkw`v r, tgot oreum`ct ik`s ckt sgkw tgot Zrkpksbtbkc ?.6 gknis wg`cefi(x, (pq))3 ? oci o sp`fbon oreum`ct bs r`qubr`i bc tgbs fos`.
Bt foc a` sgkwc tgot bl w` r`pnof` pqay o pksbtbv` bct`e`rm tgot bs squor`-lr`` (ik`s ckt
fkctobc o squor` loftkr) oci bl w` ossum` tgot ` oci i or` fgks`c sk tgot ? > `, i > (m)oci `i? (mki (m)), tg`c
x`i x (mki m)lkr onnx T (s`` Cbv`c, Tufh`rmoc, oci Mkctekm`ry X?9], V`ftbkc 1.0, Zrkan`m 9).
U` s`` ck er`ot oivoctoe` bc usbce tgbs locfb`r oreum`ct oci tgbs bs wgy w` us`i tg`mkr` `n`m`ctory prkkl aos`i kc L`rmots nbttn` tg`kr`m.
Zrkpksbtbkc ?.6 bmm`ibot`ny bmpnb`s tgot tg` i`fryptbce oci `cfryptbce QVO lucftbkcsIOoci @Oor` mutuon bcv`rs`s lkr ocyO. Lurtg`rmkr`,@Obs `osy tk fkmput` aut, wbtgkut`xtro bclkrmotbkc, com`ny, tg` tropikkr iO, bt bs proftbfonny bmpkssban` tk fkmput` IO =
@?
O . Ygot IO bs gori tk fkmput` wbtgkut o tropikkr bs r`not`i tk tg` loft tgot loftkrbceo nore` cuma`r, sufg os mO, bctk bts loftkrs pO oci qO bs gori. Ykioy, bt bs proftbfonnybmpkssban` tk loftkr cuma`rs kv`r 6:: i`fbmon ibebts nkce. Ontgkueg ck prkkl gos a``cebv`c sk lor, bt bs a`nb`v`i tgot loftkrbce wbnn r`mobc o gori prkan`m. Vk, `v`c bl bc tg` c`xtl`w y`ors bt a`fkm`s pkssban` tk loftkr 6::-ibebt cuma`rs, bt wbnn stbnn a` bmpkssban` tk loftkr9::-ibebt cuma`rs. QVO gos tg` p`funbor prkp`rty tgot bt i`p`cis aktg kc tg` loft tgotprbmonbty t`stbce bs `osy aut tgot loftkrbce bs gori. Ugot o strkh` kl e`cbus!
?.6 Onekrbtgms lkr Fkmputbce Zkw`rs oci Bcv`rs`s
Mkiunk m
Lbrst, w` `xpnobc gkw tk fkmput` xc mkim `stfb`ctny, wg`r` c ?. N`t us rst fkcsbi`rfkmputbce tg`ctg pkw`r xc kl skm` pksbtbv` bct`e`r. Yg` bi`o bs tk nkkh ot tg` porbty klcoci tk prkf``i r`fursbv`ny. Blc bs `v`c, soy c = 1h, tg`c
xc =x1h = (xh)1,
8/13/2019 Notes on Public Key Cryptography and Primality Testing
14/114
8/13/2019 Notes on Public Key Cryptography and Primality Testing
15/114
?.6. ONEKQBYGMV LKQ FKMZPYBCE ZKU@QV OCI BC\@QV@V MKIPNKM ?0
?077 2?7 ?:: (mki ?5
8/13/2019 Notes on Public Key Cryptography and Primality Testing
16/114
?< FGOZY@Q ?. ZPANBF H@R FQRZYKEQOZGR
Yg` `xt`ci`i @ufnbi`oc onekrbtgm foc a` us`i tk ci skm` bct`e`rs x, y, sufg tgot
ox + ay= efi(o, a),
wg`r`o oci a or` ocy twk pksbtbv` bct`e`rs. Bc kur sbtuotbkc, o = m oci a = o oci w` kcny
c``i tk ciy (w` wkuni nbh` o pksbtbv` bct`e`r).Ug`c usbce tg` @ufnbi`oc onekrbtgm lkr fkmputbce efi(m, o), wbtg 1 o > m, w`
fkmput` tg` lknnkwbce s`qu`cf` kl quktb`cts oci r`mobci`rs.
m= oq?+ r?
o= r?q1+ r1
r?= r1q6+ r6...
rh?= rhqh+?+ rh+?
...rc6= rc1qc?+ rc?
rc1= rc?qc+ :,
wbtg c 6, : > r? > a, qh ?, lkr h = ?, . . . , c, oci : > rh+? > rh, lkr h = ?, . . . , c 1.Kas`rv` tgot rc= :. Blc = 1, w` gov` dust twk ibvbsbkcs,
m = oq?+ r?
o = r?q1+ :,
wbtg :> r?> a, q?, q1
?, oci r1= :. Ygus, bt bs fkcv`cb`ct tk s`t r?= m oci r: = o.
Bt foc a` sgkwc (Eonnb`r X
8/13/2019 Notes on Public Key Cryptography and Primality Testing
17/114
?.6. ONEKQBYGMV LKQ FKMZPYBCE ZKU@QV OCI BC\@QV@V MKIPNKM ?5
Ckw, yc? moy a` er`ot`r tgoc mkr c`eotbv` aut w` onr`oiy hckw gkw tk i`on wbtg tgot.Ygbs suee`sts r`iufbce mkiunk m iurbce tg` r`furr`cf` oci w` or` n`i tk tg` lknnkwbcer`furr`cf`.
y? = :
y: = ?
zb+? = yb? ybqb+?yb+? = zb+?mki m bl zb+?:yb+? = m ((zb+?) mki m) bl zb+?> :,
lkr b = :, . . . , c 1.Bt bs `osy tk prkv` ay bciuftbkc tgot
oybrb(mki m)
lkr b= :, . . . , c ? oci tgus, bl efi(o, m) 3 ?, tg`c o ik`s ckt gov` oc bcv`rs` mkiunk m,`ns`
oyc?? (mki m)oci yc? bs tg` bcv`rs` klo mkiunk m sufg tgot ? yc? > m, os i`sbr`i. Ckt` tgot w`onsk e`t y:= ? wg`c o = ?.
U` n`ov` tgbs prkkl os oc `x`rfbs`. G`r` bs oc onekrbtgm.
Oc Onekrbtgm lkr Fkmputbce tg` Bcv`rs` klo Mkiunk m
Ebv`c ocy coturon cuma`r o wbtg ? o > m oci efi(o, m) = ?, tg` lknnkwbce onekrbtgmr`turcs tg` bcv`rs` klo mkiunk m osy .
a`ebc
y4= :8v4= ?8 e 4= m8 r 4= o8pr4= r8 q4=e/pr8 r 4= e pr q8 (ibvbi` e aypr, tk e`t e = pr q+ r)blr= : tg`c
y4= ?8 e 4= pr`ns`
r= pr8wgbn` r
= : ik
pr4= r8pv4= v8q4=e/pr8 r 4= e pr q8 (ibvbi` e aypr, tk e`t e = pr q+ r)v4= y pv q8blv >: tg`c
v4= m ((v) mkim)`ns`
8/13/2019 Notes on Public Key Cryptography and Primality Testing
18/114
?7 FGOZY@Q ?. ZPANBF H@R FQRZYKEQOZGR
v= v mki m`cibl
e4= pr8 y 4= pv`ciwgbn`8
`cibl8
bcv`rs`(o) 4=y`ci
Lkr `xompn`, w` us`i tg` oakv` onekrbtgm tk ci tgot iO = ?90,
8/13/2019 Notes on Public Key Cryptography and Primality Testing
19/114
?.9. LBCIBCE NOQE@ ZQBM@V8 VBECOYPQ@V8 VOL@YR KL QVO ?2
Lbeur` ?.14 Zolcuty Nvkvbfg Fg`aysg`v, ?71??729 (n`lt), Dofqu`s Vonkmkc Goiomori,?7
8/13/2019 Notes on Public Key Cryptography and Primality Testing
20/114
1: FGOZY@Q ?. ZPANBF H@R FQRZYKEQOZGR
A`wor` tgot tg` oakv` oreum`ct bs ckt `ctbr ny rbekrkus a`fous` tg` prbm` cuma`rtg`kr`m kcny yb`nis oc opprkxbmotbkc kl(c) aut sgorp`r `stbmot`s foc a` us`i tk soy
gkw nore`csgkuni a` tk euoroct`` o pr`sfrba`i `rrkr kc tg` prkaoabnbty, soy ?%.
Yg` bmpnbfotbkc kl tg` oakv` loft bs tgot bl w` wbsg tk ci o rocikm prbm` wbtg 1::
ibebts, w` pbfh ot rocikm skm` coturon cuma`r wbtg 1:: ibebts oci t`st wg`tg`r bt bs prbm`.Bl tgbs cuma`r bs ckt prbm`, tg`c w` ibsfori bt oci try oeobc, oci sk kc. Kc tg` ov roe`,olt`r 9
8/13/2019 Notes on Public Key Cryptography and Primality Testing
21/114
?.9. LBCIBCE NOQE@ ZQBM@V8 VBECOYPQ@V8 VOL@YR KL QVO 1?
Lbeur` ?.94 Qka`rt Iocb`n Formbfgo`n, ?752?2 ?:6:. Ygbs bsprkaoany n`ss tgoc tg` prkaoabnbty kl goriwor` lobnur`.
\orbkus prkaoabnbstbf m`tgkis lkr prbmonbty t`stbce gov` a``c i`sbec`i. Kc` kl tg`m bs tg`Mbnn rQoabc t`st, ocktg`r tg` OZQ t`st, oci y`t ocktg r tg` VknkvoyVtross c t`st. Vbcf`1::1, bt gos a``c hckwc tgot prbmonbty t`stbce foc a` ikc` bc pknyckmbon tbm`. Ygbs r`suntbs iu` tk Oerowon, Hoyon, oci Vox`co oci hckwc os tg` OHV t`st sknv`i o nkce-stocibceprkan`m8 s`` Ib`tzl nabce`r X9] oci Frocionn oci Zkm`rocf` X6] (Fgopt`r 9). Q`morhoany,Oerowon oci Hoyon wkrh`i kc tgbs prkan`m lkr tg`br s`cbkr prkd`ft bc kri`r tk fkmpn`t` tg`braofg`nkrs i`er``. Bt r`mobcs tk a` s``c wg`tg`r tgbs t`st bs r`onny proftbfon lkr v`ry nore`cuma`rs.
O v`ry bmpkrtoct pkbct tk moh` bs tgot tg`s` prbmonbty t`stbce m`tgkis ik cktprkvbi` oloftkrbzotbkc klm wg`cm bs fkmpksbt`. Ygbs bs oftuonny o frufbon bcer`ib`ct lkr tg` s`furbtykl tg` QVO sfg`m`. Vk lor, bt opp`ors (oci bt bs gkp`i) tgot loftkrbceoc bct`e`r bs o mufggori`r prkan`m tgoc t`stbce lkr prbmonbty oci onn hckwc m`tgkis or` bcfopoan` kl loftkrbcecoturon cuma`rs wbtg kv`r 6:: i`fbmon ibebts (bt wkuni toh` f`cturb`s).
Lkr o fkmpr`g`csbv` `xpksbtbkc kl tg` suad`ft kl prbmonbty-t`stbce, w` r`l`r tg` r`oi`r tk
Frocionn oci Zkm`rocf` X6] (Fgopt`rs 6 oci 9) oci oeobc, tk Qba`cakbm X?0] (Fgopt`r 1)oci Hkanbtz X2] (Fgopt`r \). U` ebv` o tgkrkueg pr`s`ctotbkc kl tg` Mbnn`rQoabc oci tg`VknkvoyVtross`c t`sts bc Fgopt`rs 9 oci 0 (wbtg fkmpn`t` prkkls).
Ekbce aofh tk tg` QVO m`tgki, w` ckw gov` woys kl cibce tg` nore` rocikm prbm`sp oci q ay pbfhbce ot rocikm skm` 1::-ibebt cuma`rs oci t`stbce lkr prbmonbty. Qbv`st,Vgombr, oci Oin`moc onsk r`fkmm`ci tk pbfh p oci qsk tgot tg`y ib`r ay o l`w i`fbmon
8/13/2019 Notes on Public Key Cryptography and Primality Testing
22/114
11 FGOZY@Q ?. ZPANBF H@R FQRZYKEQOZGR
ibebts, tgot aktgp ? ociq ? sgkuni fkctobc nore` prbm` loftkrs oci tgot efi(p ?, q ?)sgkuni a` smonn. Yg` puanbf h`y, `, r`notbv`ny prbm` tk (p?)(q?) foc onsk a` lkuciay o sbmbnor m`tgki4 Zbfh ot rocikm o cuma`r, ` >(p ?)(q ?), wgbfg bs nore` `ckueg(soy, er`ot`r tgoc mox{p, q}) oci t`st wg`tg`r efi(`, (p ?)(q ?)) = ?, wgbfg foc a` ikc`qubfhny usbce tg` `xt`ci`i @ufnbi`oc onekrbtgm. Bl ckt, ibsfori ` oci try ocktg`r cuma`r,
oci sk kc. Bt bs `osy tk s`` tgot sufg oc ` wbnn a` lkuci bc ck mkr` trbons tgoc bt toh`s tkci o prbm`8 s`` Nkvosz, Z`nbhoc, oci \`szt`rekmab X?1] (Fgopt`r ?0), wgbfg fkctobcs kc`kl tg` sbmpn`st oci fn`or`st pr`s`ctotbkcs kl QVO tgot w` hckw kl. Hkanbtz X2] (Fgopt`r B\)onsk prkvbi`s skm` i`tobns kc tgbs tkpbf os w`nn os M`c`z`s, voc Kkrsfgkt, oci \ocstkc`sGociakkhX?6].
Bl Ona`rt r`f`bv`s o m`ssoe` fkmbce lrkm Dunbo, gkw foc g` a` sur` tgot tgbs m`ssoe`ik`s ckt fkm` lrkm oc bmpkst`r; Dust a`fous` tg` m`ssoe` bs sbec`i Dunbo ik`s ckt m`octgot bt fkm`s lrkm Dunbo8 bt fkuni gov` a``c s`ct ay skm`kc` `ns` pr`t`cibce tk a` Dunbo,bcosmufg os onn tgot bs c``i`i tk s`ci o m`ssoe` tk Ona`rt bs Ona`rts puanbf h`y, wgbfg bshckwc tk `v`ryakiy. Ygbs n`ois us tk tg` bssu` klsbecotur`s.
Yg`r` or` vorbkus sfg`m`s lkr oiibce o sbecotur` tk oc `cfrypt`i m`ssoe` tk `csur` tgottg` s`ci`r kl o m`ssoe` bs r`onny wgk g` kr sg` fnobms tk a` (wbtg o gbeg i`er`` kl fkci`cf`).Yg` trbfh bs tk moh` us` kl tg` tg` s`ci`rs h`ys. U` prkpks` twk sf`corbks.
?. Yg` s`ci r, Dunbo, `cfrypts tg` m`ssoe`xtk a` s`ct wbtgg`r kwc prbvot` h`y, (iD, mD),fr`otbce tg` m`ssoe` ID(x) =y?. Yg`c, Dunbo oiis g`r sbecotur`, Dunbo, ot tg` `cikl tg` m`ssoe` y?, `cfrypts tg` m`ssoe` y?Dunbo usbce Ona`rts puanbf h`y, (`O, mO),fr`otbce tg` m`ssoe`y1= @O(y?Dunbo), oci conny s`cis tg` m`ssoe` y1 tk Ona`rt.
Ug`c Ona`rt r`f`bv`s tg` `cfrypt`i m`ssoe` y1 fnobmbce tk fkm` lrkm Dunbo, rst g`i`frypts tg` m`ssoe` usbcegbs prbvot` h`y(iO, mO). G` wbnn s`` oc `cfrypt`i m`ssoe`,
IO(y1) =y?Dunbo, wbtg tg` n`eban` sbecotur`, Dunbo. G` wbnn tg`c i`n`t` tg` sbecotur`lrkm tgbs m`ssoe` oci i`frypt tg` m`ssoe` y?usbceDunbos puanbf h`y(`D, mD), e`ttbcex = @D(y?). Ona`rt wbnn hckw wg tg`r skm`kc` `ns loh`i tgbs m`ssoe` bl tg` r`suntbs eoraoe`. Bci``i, kcny Dunbo fkuni gov` `cfrypt`i tg` krbebcon m`ssoe` x wbtg g`rprbvot` h`y, wgbfg bs kcny hckwc tk g`r. Oc `ov`sirkpp`r wgk bs pr`t`cibce tk a`Dunbo wkuni ckt hckw Dunbos prbvot` h`y oci sk, wkuni ckt gov` `cfrypt`i tg` krbebconm`ssoe` tk a` s`ct usbce Dunbos s`fr`t h`y.
1. Yg` s`ci`r, Dunbo, rst oiis g`r sbecotur`, Dunbo, tk tg` m`ssoe` x tk a` s`ct ocitg`c, sg` `cfrypts tg` m`ssoe` xDunbo wbtg Ona`rts puanbf h`y (`O, mO), fr`otbcetg` m`ssoe` y? = @O(xDunbo). Dunbo onsk `cfrypts tg` krbebcon m`ssoe` x usbce g`r
prbvot` h`y(iD, mD) fr`otbce tg` m`ssoe` y1 = ID(x), oci conny sg` s`cis tg` pobrkl m`ssoe`s (y?, y1).
Ug`c Ona`rt r`f`bv`s o pobr kl m`ssoe`s (y?, y1), fnobmbce tk gov` a``c s`ct ay Dunbo,rst Ona`rt i`frypts y? usbce gbs prbvot` h`y(iO, mO), e`ttbce tg` m`ssoe` IO(y?) =x Dunbo. Ona`rt cis tg` sbecotur`, Dunbo, oci tg`c i`fryptsy1 usbceDunbos puanbf h`y
8/13/2019 Notes on Public Key Cryptography and Primality Testing
23/114
?.9. LBCIBCE NOQE@ ZQBM@V8 VBECOYPQ@V8 VOL@YR KL QVO 16
(`D, mD), e`ttbce tg` m`ssoe` x =@D(y1). Blx = x
, tg`c Ona`rt gos s`rbkus ossurocf`tgot tg` s`ci`r bs bci``i Dunbo oci ckt oc bmpkst`r.
Yg` nost tkpbf tgot w` wkuni nbh` tk ibsfuss bs tg` s`furbtykl tg` QVO sfg`m`. Ygbs bs oibstfunt bssu` oci mocy r`s`orfg`rs gov` wkrh`i kc bt. Os w` r`morh`i `ornb`r, tg` s`furbty
kl QVO gbce`s kc tg` loft tgot loftkrbce bs gori. Bt gos a``c sgkwc tgot bl kc` gos o m`tgkilkr ar`ohbce tg` QVO sfg`m` (com`ny, tk ci tg` s`fr`t h`yi), tg`c tg`r` bs o prkaoabnbstbfm`tgki lkr cibce tg` loftkrs p oci q, klm = pq (s`` Hkanbtz X2], Fgopt`r B\, V`ftbkc 1,kr M`c`z`s, voc Kkrsfgkt, oci \ocstkc` X?6], V`ftbkc 7.1.1). Blp oci qor` fgks`c tk a`nore` `ckueg, loftkrbce m = pqwbnn a` proftbfonny bmpkssban` oci sk bt bs ucnbh`ny tgot QVOfoc a` frofh`i. Gkw`v`r, tg`r` moy a` ktg`r ottofhs oci, ot pr`s`ct, tg`r` bs ck prkkl tgotQVO bs lunny s`fur`.
Kas`rv` tgot a`fous` m = pq bs hckwc tk `v`ryakiy, bl skm`gkw kc` foc n`orc C =(p ?)(q ?), tg`cp oci qfoc a` r`fkv`r`i. Bci``i C= (p ?)(q ?) =pq (p + q) + ? =m
(p + q) + ? oci sk,
pq = m
p + q = m C+ ?,
oci p oci qor` tg` rkkts kl tg` quoirotbf `quotbkc
W1 (m C+ ?)W+ m= :.
Ygus, o nbc` kl ottofh bs tk try tk ci tg` vonu` kl (p ?)(q ?). Lkr mkr` kc tg` s`furbtykl QVO, s`` M`c`z`s, voc Kkrsfgkt, oci \ocstkc`s GociakkhX?6].
8/13/2019 Notes on Public Key Cryptography and Primality Testing
24/114
19 FGOZY@Q ?. ZPANBF H@R FQRZYKEQOZGR
8/13/2019 Notes on Public Key Cryptography and Primality Testing
25/114
Fgopt`r 1
Zrbmonbty Y`stbce Psbce Qocikmbz`i
Onekrbtgms8 Bctrkiuftbkc
Bc ortbfn` 612 kl gbs lomkus Ibsqubsbtbkc`s Orbtgm`tbfo`X5] (puanbsg`i bc ?7:?, wg`c g` wos19 y`ors kni), F.L. Eouss wrbt`s (bc Notbc!)4
Yg` prkan`m kl ibstbceubsgbce prbm` cuma`rs lrkm fkmpksbt` cuma`rs ocir`sknvbce tg` nott`r bctk tg`br prbm` loftkrs bs hckwc tk a` kc` kl tg` mkstbmpkrtoct oci us`lun bc orbtgm`tbf. Bt gos `ceoe`i tg` bciustry oci wbsikm klocfb`ct oci mki`rm e`km`t`rs tk sufg oc `xt`ct tgot bt wkuni a` sup`rfiukus tkibsfuss tg` prkan m ot n`cetg. C`v`rtg rn`ss w` must fkcl`ss tgot onn m`tgkistgot gov` a``c prkpks`i tgus lor or` `btg`r r`strbft`i tk v`ry sp`fbon fos`s kr or`sk noakrbkus oci ibstfunt tgot `v`c lkr cuma`rs tgot ik ckt `xf``i tg` nbmbts kltoan`s fkcstruft`i ay `stbmoan` m`c, tg`y try tg` potb`cf` kl `v`c tg` proftbf`i
fonfunotkr. Oci tg`s` m`tgkis ik ckt oppny ot onn tk nore`r cuma`rs ... Yg`t`fgcbqu`s tgot w`r` pr`vbkusny hckwc wkuni r`qubr` bctkn`roan` noakr `v`c lkrtg` mkst bci`lotbeoan` fonfunotkr.
Yg` prkan`m kl i`t`rmbcbce wg`tg`r o ebv`c bct`e`r bs prbm` bs kc` kl tg` a`tt`r hckwcoci mkst `osbny uci`rstkki prkan`ms kl pur` motg`motbfs. Ygbs prkan`m gos fouegt tg`bct`r`st kl motg`motbfbocs oeobc oci oeobc lkr f`cturb`s. Gkw`v`r, bt wos ckt uctbn tg` 1:tgf`ctury tgot qu`stbkcs oakut prbmonbty t`stbce oci loftkrbce w`r` r`fkecbz`i os prkan`mskl proftbfon bmpkrtocf`, oci o f`ctron port kl oppnb`i motg`motbfs. Yg` oiv`ct kl fryp-tkeropgbf syst`ms tgot us` nore` prbm`s, sufg os QVO, wos tg` mobc irbvbce lkrf` lkr tg`i`v`nkpm`ct kl lost oci r`nboan` m`tgkis lkr prbmonbty t`stbce. Bci``i, os w` sow bc `or-
nb`r s`ftbkcs kl tg`s` ckt`s, bc kri`r tk fr`ot` QVO h`ys, kc` c``is tk prkiuf` nore` prbm`cuma`rs. Gkw ik w` ik tgot;
Kc` m`tgki bs tk prkiuf` o rocikm strbce kl ibebts (soy kl 1:: ibebts), oci tg`c tkt`st wg`tg`r tgbs cuma`r bs prbm` kr ckt. Os w` `xpnobc`i `ornb`r, ay tg` Zrbm` Cuma`rYg`kr`m, omkce tg` coturon cuma`rs wbtg 1:: ibebts, rkuegny kc` bc `v`ry 9
8/13/2019 Notes on Public Key Cryptography and Primality Testing
26/114
1< FGOZY@Q 1. ZQBMONBYR Y@VYBCE PVBCE QOCIKMBT@I ONEKQBYGMV
ibebts) a`lkr` o prbm` sgkws up. Ckt` tgot w` c``i o m`fgocbsm tk e`c`rot` rocikmcuma`rs, oc bct`r`stbce oci trbfhy prkan`m, aut lkr ckw, w` pkstpkc` ibsfussbce rocikmcuma`r e`c`rotbkc.
Bt r`mobcs tk ci m`tgkis lkr t`stbce oc bct`e`r lkr prbmonbty, oci p`rgops lkr loftkrbce
fkmpksbt` cuma`rs.Bc ?2:6, ot tg` m``tbce kl tg` Om`rbfoc Motg`motbfon Vkfb`ty, L.C. Fkn` fom` tk tg`
anofhakori oci, wbtgkut soybce o wkri, wrkt` ikwc
1
8/13/2019 Notes on Public Key Cryptography and Primality Testing
27/114
15
tgot c bs fkmpksbt`, ebv`c tgot tg` onekrbtgm lobns tk i`fnor` 1: tbm`s tgot c bs fkmpksbt`,bs n`ss tgoc nc(c) (?/1)1: (s`` V`ftbkc 9.6).
Yg`r`lkr`, ay ruccbce tg` onekrbtgm r`p`ot`iny wbtg bci`p`ci`ct rocikm fgkbf`s `ofgtbm`, w` foc moh` tg` prkaoabnbty tgot tg` onekrbtgm ebv`s tg` wrkce ocsw`r orabtrorbny
smonn. Vufg o rocikmbz`i onekrbtgm bs fonn`i o Mkct` Fornk onekrbtgm.V`v`ron rocikmbz`i onekrbtgms lkr prbmonbty t`stbce gov` a``c i`sbec`i, bcfnuibce tg`
Mbnn rQoabc oci tg` VknkvoyVtross`c t`sts, tk a` ibsfuss`i bc Fgopt`rs 9 oci 0. Yg`c,bc tg` summ`r kl 1::1, o pop`r wbtg tg` tbtn` ZQBM@V bs bc Z, ay Oerowon, Hoyon ociVox`co, opp`or`i kc tg` w`asbt` kl tg` Bciboc Bcstbtut` kl Y`fgcknkey ot Hocpur, Bcibo.Bc tgbs pop`r, bt wos sgkwc tgot t`stbce lkr prbmonbty gos o i`t`rmbcbstbf (ckcrocikmbz`i)onekrbtgm tgot rucs bc pknyckmbon tbm`. Lbconny, tg` nkce-stocibce kp`c prkan`m kl i`fbibcewg`tg`r prbmonbty t`stbce bs bc Z wos s`ttn`i bc tgbs omozbce pop`r, ay oc onekrbtgm usuonnyr`l`rr`i tk os tg` OHV onekrbtgm. U` wbnn ckt ibsfuss tgbs onekrbtgm bc tg`s` ckt`s (aut,p`rgops bc ocktg`r s`t kl ckt`s ...).
8/13/2019 Notes on Public Key Cryptography and Primality Testing
28/114
8/13/2019 Notes on Public Key Cryptography and Primality Testing
29/114
Fgopt`r 6
Aosbf Lofts Oakut Erkups, Qbces,
Lb`nis, oci Cuma`r Yg`kry
6.? Erkups, Vuaerkups, Fks`tsI`cbtbkc 6.?. O erkup bs o s`t E `qubpp`i wbtg o abcory kp`rotbkc 4 E E E tgotosskfbot`s oc `n`m`ct o aE tk `v`ry pobr kl `n`m`cts o, aE, oci govbce tg` lknnkwbceprkp`rtb`s4 bs osskfbotbv`, gos oc bi`ctbty `n`m`ct`E, oci `v`ry `n`m`ct bcEbs bcv`rtban`(w.r.t.). Mkr` `xpnbfbtny, tgbs m`ocs tgot tg` lknnkwbce `quotbkcs gkni lkr onn o, a, fE4
(E?) o (a f) = (o a) f. (osskfbotbvbty)8
(E1) o `= ` o= o. (bi`ctbty)8
(E6) Lkr `v`ryoE, tg`r` bs skm` o?
E sufg tgot o o?
=o?
o= ` (bcv`rs`).O erkupE bs oa`nboc (kr fkmmutotbv`) bl
o a= a o
lkr onno, aE.
O s`t Mtke`tg`r wbtg oc kp`rotbkc 4 M M Moci oc `n`m`ct ` sotbslybce kcnyfkcibtbkcs (E?) oci (E1) bs fonn`i o mkckbi. Lkr `xompn`, tg` s`t C={:, ?, . . . , c , . . .} klcoturon cuma`rs bs o (fkmmutotbv`) mkckbi uci`r oiibtbkc. Gkw`v`r, bt bs ckt o erkup.
Vkm` `xompn`s kl erkups or` ebv`c a`nkw.
@xompn` 6.?.
?. Yg` s`t T ={. . . , c , . . . , ?, :, ?, . . . , c , . . .} kl bct`e`rs bs o erkup uci`r oiibtbkc,wbtg bi`ctbty `n`m`ct :. Gkw`v`r, T = T {:}bs ckt o erkup uci`r muntbpnbfotbkc.
12
8/13/2019 Notes on Public Key Cryptography and Primality Testing
30/114
6: FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
1. Yg` s`t _ kl rotbkcon cuma`rs (lroftbkcs p/q wbtg p, q T oci q= :) bs o erkupuci`r oiibtbkc, wbtg bi`ctbty `n`m`ct :. Yg` s`t _ = _ {:} bs onsk o erkup uci`rmuntbpnbfotbkc, wbtg bi`ctbty `n`m`ct ?.
6. Ebv`c ocy ckc`mpty s`t V, tg` s`t kl abd`ftbkcs l4 V V, onsk fonn`i p`rmutotbkcsklV, bs o erkup uci`r lucftbkc fkmpksbtbkc (b.`., tg` muntbpnbfotbkc kll oci e bs tg`fkmpksbtbkc e l), wbtg bi`ctbty `n`m`ct tg` bi`ctbty lucftbkc biV. Ygbs erkup bs cktoa`nboc os skkc osVgos mkr` tgoc twk `n`m`cts.
9. Yg` s`t klc cbcv`rtban` motrbf`s wbtg r`on (kr fkmpn`x) fk`stfb`cts bs o erkup uci`rmotrbx muntbpnbfotbkc, wbtg bi`ctbty `n`m`ct tg` bi`ctbty motrbx Bc. Ygbs erkup bsfonn`i tg`e`c`ron nbc`or erkup oci bs usuonny i`ckt`i ay EN(c,Q) (kr EN(c,F)).
Bt bs fustkmory tk i`ckt` tg` kp`rotbkc kl oc oa`nboc erkup E ay +, bc wgbfg fos` tg`bcv`rs` o? kl oc `n`m`ct oE bs i`ckt`i ayo.
Yg` bi`ctbty `n`m`ct kl o erkup bsucbqu`. Bc loft, w` foc prkv` o mkr` e`c`ron loft4
Loft?. Bl o abcory kp`rotbkc 4 M M M bs osskfbotbv` oci bl` M bs o n`lt bi`ctbtyoci ` M bs o rbegt bi`ctbty, wgbfg m`ocs tgot
` o= o lkr onn oM (E1n)oci
o ` =o lkr onn oM, (E1r)tg`c` =`.
Zrkkl. Bl w` n`t o = ` bc `quotbkc (E1n), w` e`t
` ` =`,oci bl w` n`t o= ` bc `quotbkc (E1r), w` e`t
` ` =`,oci tgus
` =` ` =`,os fnobm`i.
Loft ? bmpnb`s tgot tg` bi`ctbty `n`m`ct kl o mkckbi bs ucbqu`, oci sbcf` `v`ry erkup bs
o mkckbi, tg` bi`ctbty `n`m`ct kl o erkup bs ucbqu`. Lurtg`rmkr`, `v`ry `n`m`ct bc o erkupgos o ucbqu` bcv`rs`. Ygbs bs o fkcs`qu`cf` kl o snbegtny mkr` e`c`ron loft4
Loft1. Bc o mkckbiMwbtg bi`ctbty `n`m`ct`, bl skm` `n`m`ct oMgos skm` n`lt bcv`rs`o Moci skm` rbegt bcv`rs` o M, wgbfg m`ocs tgot
o o= ` (E6n)
8/13/2019 Notes on Public Key Cryptography and Primality Testing
31/114
6.?. EQKPZV, VPAEQKPZV, FKV@YV 6?
ocio o =`, (E6r)
tg`co =o.
Zrkkl. Psbce (E6n) oci tg` loft tgot ` bs oc bi`ctbty `n`m`ct, w` gov`
(o o) o =` o =o.Vbmbnorny, Psbce (E6r) oci tg` loft tgot ` bs oc bi`ctbty `n`m`ct, w` gov`
o (o o) =o `= o.Gkw`v`r, sbcf`Mbs mkckbi, tg` kp`rotbkcbs osskfbotbv`, sk
o =o (o o) = (o o) o =o,os fnobm`i.
Q`morh4 Oxbkms (E1) oci (E6) foc a` w`oh`c`i o abt ay r`qubrbce kcny (E1r) (tg` `xbs-t`cf` kl o rbegt bi`ctbty) oci (E6r) (tg` `xbst`cf` kl o rbegt bcv`rs` lkr `v`ry `n`m`ct) (kr(E1n) oci (E6n)). Bt bs o ekki `x`rfbs` tk prkv` tgot tg` erkup oxbkms (E1) oci (E6) lknnkwlrkm (E1r) oci (E6r).
Bl o erkup E gos o cbt` cuma`r c kl `n`m`cts, w` soy tgot E bs o erkup klkri`rc. BlE bs bccbt`, w` soy tgot E gos bccbt` kri`r. Yg` kri`r kl o erkup bs usuonny i`ckt`i ay|E| (blE bs cbt`).
Ebv`c o erkup, E, lkr ocy twk suas`tsQ, VE, w` n`t
QV={r s|rQ, sV}.Bc portbfunor, lkr ocyeE, blQ ={e}, w` wrbt`
eV={e s|sV}oci sbmbnorny, blV={e}, w` wrbt`
Qe ={r e|rQ}.
Lrkm ckw kc, w` wbnn irkp tg` muntbpnbfotbkc sbec oci wrbt` e?e1 lkre? e1.
Lkr ocy e E, i`c` Ne, tg` n`lt trocsnotbkc aye, ayNe(o) = eo, lkr onn o E, ociQe, tg` rbegt trocsnotbkc ay e, ayQe(o) = oe, lkr onn o E. Kas`rv tgotNe oci Qe or`abd`ftbkcs. U` sgkw tgbs lkr Ne, tg` prkkl lkr Qe a`bce sbmbnor.
BlNe(o) = Ne(a), tg`c eo = ea, oci muntbpnybce kc tg` n`lt ay e?, w` e`t o= a, sk Ne
bcd`ftbv . Lkr ocyaE, w` gov` Ne(e?a) =ee?a= a, sk Ne bs surd`ftbv`. Yg`r`lkr , Nebs abd`ftbv`.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
32/114
61 FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
I`cbtbkc 6.1. Ebv`c o erkup E, o suas`t G klE bs osuaerkup klE b
(?) Yg` bi`ctbty `n`m`ct,`, klE onsk a`nkces tk G (`G)8(1) Lkr onng?, g1G, w` gov` g?g1G8
(6) Lkr onngG, w` gov` g? G.Yg` prkkl kl tg` lknnkwbce prkpksbtbkc bs n`lt os oc `x`rfbs`.
Zrkpksbtbkc 6.?. Ebv`c o erkup E, o suas`tG E bs o suaerkup klE bG bs ckc`mptyoci wg`c`v`rg?, g1G, tg`cg?g?1 G.
Bl tg` erkup Ebs cbt`, tg`c tg` lknnkwbce frbt`rbkc foc a` us`i.
Zrkpksbtbkc 6.1.Ebv`c o cbt` erkup E, o suas`t, GE bs o suaerkup klE b(?) `G8(1) G bs fnks`i uci`r muntbpnbfotbkc.
Zrkkl. U` dust gov` tk prkv` tgot fkcibtbkc (6) kl I`cbtbkc 6.1 gknis. Lkr ocy oG, sbcf`tg` n`lt trocsnotbkcNo bs abd`ftbv`, bts r`strbftbkc tk G bs bcd`ftbv`, oci sbcf` Gbs cbt`, bt bsonsk abd`ftbv . Vbcf``G, tg`r` bs o ucbqu` aGsufg tgot No(a) =oa = `. Gkw`v`r, blo? bs tg` bcv`rs` klo bc E, w` onsk gov` No(o
?) =oo? =`, oci ay bcd`ftbvbty klNo, w`gov` o? =aG.I`cbtbkc 6.6. BlG bs o suaerkup klE oci eE bs ocy `n`m`ct, tg` s`ts kl tg` lkrm eGor` fonn`i n`lt fks`ts klG bcE oci tg` s`ts kl tg` lkrm Ge or` fonn`i rbegt fks`ts klG bcE.
Yg` n`lt fks`ts (r`sp. rbegt fks`ts) kl G bciuf` oc `qubvon`cf` r`notbkc,, i`c`i oslknnkws4 Lkr onne?, e1E,
e?e1 b e?G=e1G(r`sp. e?e1 bG e?= Ge1). Kavbkusny, bs oc `qubvon`cf` r`notbkc.
Ckw, w` fnobm tgot e?G=e1G be?1 e?G=G be
?1 e?G.
Bl w` oppny tg` abd`ftbkc Ne?1 tk aktg e?G oci e1G w` e`t Ne?1
(e?G) = e?1 e?G oci
Ne?1 (e1G) = G, sk e?G = e1G b e?1 e?G = G. Bl e
?1 e?G = G, sbcf` ? G, w` e`t
e?1 e? G. Fkcv`rs`ny, ble?1 e? G, sbcf` G bs o erkup, tg` n`lt trocsnotbkc Ne?1 e? bs o
abd`ftbkc klG, ske
?
1 e?G=G. Ygus, e
?
1 e?G=G be
?
1 e?G.Bt lknnkws tgot tg` `qubvon`cf` fnoss kl oc `n`m`ct e E bs tg` fks`t eG (r`sp. Ge).
Vbcf`Ne bs o abd`ftbkc a`tw``c GocieG, tg` fks`tseGonn gov` tg` som` foribconbty. Yg`mop Ne? Qe bs o abd`ftbkc a`tw``c tg` n`lt fks`t eGoci tg` rbegt fks`t G e, sk tg`y onskgov` tg` som` foribconbty. Vbcf` tg` ibstbcft fks`ts eGlkrm o portbtbkc klE, w` katobc tg`lknnkwbce loft4
8/13/2019 Notes on Public Key Cryptography and Primality Testing
33/114
6.?. EQKPZV, VPAEQKPZV, FKV@YV 66
Zrkpksbtbkc 6.6. (Noeroce`) Lkr ocy cbt` erkup E oci ocy suaerkup G klE, tg` kri`rg klG ibvbi`s tg` kri`rc klE.
Yg` rotbkc/gbs i`ckt`i ay (E4 G) oci bs fonn`i tg`bci`x klG bcE. Yg` bci`x (E4 G)bs tg` cuma`r kl n`lt (oci rbegt) fks`ts klG bc E. Zrkpksbtbkc 6.6 foc a` stot`i os
|E|= (E4 G)|G|.
Yg` s`t kl n`lt fks`ts kl G bc E (wgbfg, bc e`c`ron, bs ckt o erkup) bs i`ckt`i E/G.Yg` pkbcts klE/Gor` katobc`i ay fknnopsbce onn tg` `n`m`cts bc o fks`t bctk o sbcen``n`m`ct.
Bt bs t`mptbce tk i`c` o muntbpnbfotbkc kp`rotbkc kc n`lt fks`ts (kr rbegt fks`ts) ays`ttbce
(e?G)(e1G) = (e?e1)G,
aut tgbs kp`rotbkc bs ckt w`nn i`c`i bc e`c`ron, ucn`ss tg` suaerkup Gpkss`ss`s o sp`fbonprkp`rty. Ygbs prkp`rty bs typbfon kl tg` h`rc`ns kl erkup gkmkmkrpgbsms, sk w` or` n`i tk
I`cbtbkc 6.9. Ebv`c ocy twk erkups, E, E, o lucftbkc 4 EE bs ogkmkmkrpgbsm b
(e?e1) =(e?)(e1), lkr onne?, e1E.
Yohbce e? = e1= ` (bc E), w` s`` tgot
(`) =`,
oci tohbce e? = e oci e1 = e?, w` s`` tgot
(e?) =(e)?.
Bl 4 EE oci 4E E or` erkup gkmkmkrpgbsms, tg`c 4 EE bs onsk ogkmkmkrpgbsm. Bl 4 EE bs o gkmkmkrpgbsm kl erkups oci G E oci G E or`twk suaerkups, tg`c bt bs `osbny fg`fh`i tgot
Bm G=(G) ={(e)|eG} bs o suaerkup klE
(BmG bs fonn`i tg` bmoe` klG ay) oci
?(G) ={eE|(e)G} bs o suaerkup klE.
Bc portbfunor, wg`c G ={`}, w` katobc tg` h`rc`n, H`r , kl. Ygus,
H`r ={eE|(e) =`}.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
34/114
69 FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
Bt bs bmm`ibot`ny v`rb`i tgot 4 E E bs bcd`ftbv` b H`r ={`}. (U` onsk wrbt`H`r = (:).) U` soy tgot bs ocbskmkrpgbsmbl tg`r` bs o gkmkmkrpgbsm, 4 E E, sktgot
= biE oci = biE.
Bc tgbs fos`, bs ucbqu` oci bt bs i`ckt`i ?
. Ug`c bs oc bskmkrpgbsm w` soy tg`tg` erkups E oci E or` bskmkrpgbf. Bt bs `osy tk s`` tgot o abd`ftbv` gmkmkrpgbsm bs ocbskmkrpgbsm. Ug`cE =E, o erkup bskmkrpgbsm bs fonn`i ocoutkmkrpgbsm.
Yg` n`lt trocsnotbkcsNe oci tg` rbegt trocsnotbkcs Qe or` erkup bskmkrpgbsms.
U` fnobm tgot G= H`r sotbs`s tg` lknnkwbce prkp`rty4
eG=Ge, lkr onneE. ()
Lbrst, ckt` tgot () bs `qubvon`ct tk
eGe? =G, lkr onne
E,
oci tg` oakv` bs `qubvon`ct tk
eGe? G, lkr onneE. ()
Ygbs bs a`fous` eGe? G bmpnb`s Ge?Ge, oci tgbs lkr onneE. Aut,
(ege?) =(e)(g)(e?) =(e)`(e)? =(e)(e)? =`,
lkr onngG= H`r oci onneE. Ygus, ay i`cbtbkc klG= H`r , w` gov`eG e? G.
I`cbtbkc 6.0. Lkr ocy erkup, E, o suaerkup,C E, bs ockrmon suaerkup klE beC e? =C, lkr onneE.
Ygbs bs i`ckt`i ay C E.
Kas`rv` tgot blEbs oa`nboc, tg`c `v`rysuaerkup klE bs ckrmon.
Bl C bs o ckrmon suaerkup kl E, tg` `qubvon`cf` r`notbkc bciuf`i ay n`lt fks`ts bs tg`som` os tg` `qubvon`cf` bciuf`i ay rbegt fks`ts. Lurtg`rmkr`, tgbs `qubvon`cf` r`notbkc,,bs ofkceru`cf`, wgbfg m`ocs tgot4 Lkr onn e?, e1, e
?, e
1E,
(?) Ble?C=e
?C ocie1C=e
1C, tg`ce?e1C=e
?e
1C, oci(1) Ble?C=e1C, tg`c e
?? C=e
?1 C.
Os o fkcs`qu`cf`, w` foc i`c` o erkup struftur` kc tg` s`tE/kl `qubvon`cf` fnoss`smkiunk, ay s`ttbce
(e?C)(e1C) = (e?e1)C.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
35/114
6.?. EQKPZV, VPAEQKPZV, FKV@YV 60
Ygbs erkup bs i`ckt`i E/Coci fonn`i tg` quktb`ct klE ayC. Yg` `qubvon`cf` fnoss, eC,kl oc `n`m`ct eE bs onsk i`ckt`i e (kr Xe]). Yg` mop 4 EE/Cebv`c ay
(e) =e = eC ,
bs fn`orny o erkup gkmkmkrpgbsm fonn`i tg` fockcbfon prkd`ftbkc.
Ebv`c o gkmkmkrpgbsm kl erkups, 4 EE, w` `osbny fg`fh tgot tg` erkups E/H`r oci Bm = (E) or` bskmkrpgbf. Ygbs bs klt`c fonn`i tg` rst bskmkrpgbsm tg`kr`m.
O us`lun woy tk fkcstruft erkups bs tg` ibr`ft prkiuftfkcstruftbkc. Ebv`c twk erkupsEoc G, w` n`t E Ga` tg` Fort`stboc prkiuft kl tg` s`ts E oci Gwbtg tg` muntbpnbfotbkckp`rotbkcebv`c ay
(e?, g?) (e1, g1) = (e?e1, g?g1).Bt bs bmm`ibot`ny v`rb`i tgot E
G bs o erkup. Vbmbnorny, ebv`c ocyc erkups E?, . . . , Ec,
w` foc i`c` tg` ibr`ft prkiuft E? Ec bs o sbmbnor woy.Bl E bs oc oa`nboc erkup oci G?, . . . , G c or` suaerkups kl E, tg` sbtuotbkc bs sbmpn`r.
Fkcsbi`r tg` mop
o 4 G? GcEebv`c ay
o(g?, . . . , gc) =g?+ + gc,usbce + lkr tg` kp`rotbkc kl tg` erkupE. Bt bs `osy tk v`rbly tgotobs o erkup gkmkmkrpgbsm,sk bts bmoe` bs o suaerkup klE i`ckt`i ay G?+
+ Gc, oci fonn`i tg`sumkl tg` erkups
Gb. Yg` lknnkwbce prkpksbtbkc wbnn a` c``i`i.
Zrkpksbtbkc 6.9. Ebv`c oc oa`nboc erkup E, bl G? oci G1 or` ocy suaerkups kl E sufgtgotG? G1={:}, tg`c tg` mop o bs oc bskmkrpgbsm
o 4 G? G1G?+ G1.
Zrkkl. Yg` mop bs surd`ftbv` ay i`cbtbkc, sk w` dust gov` tk fg`fh tgot bt bs bcd`ftbv`. Lkrtgbs, w` sgkw tgot H`r o={(:, :)}. U` gov`o(o?, o1) = : bo? + o1= : bo? =o1. Vbcf`o?
G? ocio1
G1, w` s`` tgot o?, o1
G?
G1 =
{:
}, sko? = o1= :, wgbfg prkv`s tgot
H`r o={(:, :)}.
Pci`r tg` fkcibtbkcs kl Zrkpksbtbkc 6.9, com`ny G? G1 ={:}, tg` erkup G?+ G1 bsfonn`i tg`ibr`ft sumklG? ociG18 bt bs i`ckt`i ay G? G1, oci w` gov` oc bskmkrpgbsmG? G1=G? G1.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
36/114
6< FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
6.1 Fyfnbf Erkups
Ebv`c o erkup E wbtg ucbt `n`m`ct ?, lkr ocy `n`m`ct e E oci lkr ocy coturon cuma`rc C, i`c` ec os lknnkws4
e
:
= ?ec+? =e ec.
Lkr ocy bct`e`r c T, w` i`c` ec ay
ec =
ec blc:(e?)(c) blc >:.
Yg` lknnkwbce prkp`rtb`s or` `osbny v`rb`i4
eb ed =eb+d(eb)? =eb
eb ed =ed eb,lkr onnb, d T.
I`c` tg` suas`te klE aye={ec |c T}.
Yg` lknnkwbce prkpksbtbkc bs n`lt os oc `x`rfbs`.
Zrkpksbtbkc 6.0. Ebv`c o erkup E, lkr ocy `n`m`ct e E, tg` s`te bs tg` smonn`stoa`nboc suaerkup klE fkctobcbcee.
I`cbtbkc 6. c, fkctroibftbce tg` mbcbmonbty klc, sk r = :, oci G=cT.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
37/114
6.1. FRFNBF EQKPZV 65
Ebv`c ocy fyfnbf erkupE, lkr ocy e`c`rotkr e klE, w` foc i`c` o moppbce 4 T Eay(m) =em. Vbcf`e e`c`rot`sE, tgbs moppbce bs surd`ftbv`. Yg` moppbce bs fn`orny oerkup gkmkmkrpgbsm, sk n`t G= H`r a` bts h`rc`n. Ay o pr`vbkus kas`rvotbkc,G =cTlkr skm` c T, sk ay tg` rst gkmkmkrpgbsm tg`kr`m, w` katobc oc bskmkrpgbsm
4 T/cT Elrkm tg` quktb`ct erkup T/cT kctk E. Kavbkusny, blE gos cbt` kri`r, tg`c|E| = c. Bcsummory, w` gov` tg` lknnkwbce r`sunt.
Zrkpksbtbkc 6.5. @v`ry fyfnbf erkup E bs `btg`r bskmkrpgbf tk T, kr tk T/cT, lkr skm`coturon cuma`rc 3:. Bc tg` rst fos`, w` soy tgotE bs oc bccbt` fyfnbf erkup, oci bc tg`s`fkci fos`, w` soy tgotE bs o fyfnbf erkup kl kri`rc.
Yg` quktb`ct erkup T/cT fkcsbsts kl tg` fks`tsm + cT ={m + hc|h T}, wbtgm T,tgot bs, kl tg` `qubvon`cf` fnoss`s klTuci`r tg` `qubvon`cf` r`notbkci`c`i sufg tgot
xy b x ycT b xy (mkic).U` onsk i`ckt` tg` `qubvon`cf` fnoss x +cT klxayx, kr bl w` woct tk a` mkr` pr`fbs` ayXx]c. Yg` erkup kp`rotbkc bs ebv`c ay
x + y= x + y.
Lkr `v`ry x T, tg`r` bs o ucbqu` r`pr`s`ctotbv`, xmki c (tg` ckcc`eotbv` r`mobci`r kltg` ibvbsbkc kl x ay c) bc tg` fnoss x kl x, sufg tgot : xmki c c?. Lkr tgbsr`oskc, w` klt`c bi`ctbty T/cT wbtg tg` s`t{:, . . . , c ?}. Yk a` mkr` rbekrkus, w` foc ebv`{:, . . . , c ?}o erkup struftur` ay i`cbce +c sufg tgot
x +cy = (x + y) mkic.
Yg`c, bt bs `osy tk s`` tgot{:, . . . , c ?} wbtg tg` kp`rotbkc +c bs o erkup wbtg bi`ctbty`n`m`ct : bskmkrpgbf tk T/cT.
U` foc onsk i`c` o muntbpnbfotbkc kp`rotbkckc T/cTos lknnkws4o a= oa = oa mki c.
Yg`c, bt bs `osy tk fg`fh tgot bs oa`nboc, osskfbotbv`, tgot ? bs oc bi`ctbty `n`m`ct lkr, ocitgotbs ibstrbautbv` kc tg` n`lt oci kc tg` rbegt wbtg r`sp`ft tk oiibtbkc. Ygbs moh`s T/cT
bctk o fkmmutotbv` rbce. U` usuonny suppr`ss tg` ikt oci wrbt` o abcst`oi klo a.A`zkuts bi`ctbty bmpnb`s tgot o T/cT bs bcv`rtban` wbtg r`sp`ft tk muntbpnbfotbkc b
efi(o, c) = ?.
Bci``i, blo gos bcv`rs` a bc T/cT, tg`co a= ?, wgbfg m`ocs tgot
oa? (mki c),
8/13/2019 Notes on Public Key Cryptography and Primality Testing
38/114
67 FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
tgot bs oa = ? + ch lkr skm` h T, wgbfg bs tg` A`zkut bi`ctbty
oa ch= ?
oci bmpnb`s tgot efi(o, c) = ?. Fkcv`rs`ny, bl efi(o, c) = ?, tg`c ay A`zkuts bi`ctbty tg`r`
`xbstu, v Tsufg tgotou + cv= ?,
sk ou = ? cv, tgot bs,ou? (mki c),
wgbfg m`ocs tgot o u= ?, sk o bs bcv`rtban` bc T/cT.
Yg` erkup kl bcv`rtban` `n`m`cts kl tg` rbce T/cTbs i`ckt`i ay (T/cT). Ckt` tgot tgbserkup bs kcny i`c`i blc1.
Ebv`c ocy pksbtbv` bct`e`r c
?, r`fonn tgot tg` @un`r -lucftbkc (kr @un`r tktb`ct
lucftbkc) bs i`c`i sufg tgot (c) bs tg` cuma`r kl bct`e`rs o, wbtg ?oc, wgbfg or`r`notbv`ny prbm` tkc8 tgot bs, wbtg efi(o, c) = ?.? Yg`c, w` s`` tgot tg` erkup (T/cT) goskri`r(c).
Lkr c = 1, (T/1T) ={?}, tg` trbvbon erkup. Lkr c = 6, (T/6T) ={?, 1}, oci lkrc= 9, w` gov` (T/9T) ={?, 6}. Aktg erkups or` bskmkrpgbf tk tg` erkup{?, ?}. Vbcf`efi(o, c) = ? lkr `v`ry o {?, . . . , c ?}bc bs prbm`, w` s`` tgot (T/cT) = T/cT {:}bc bs prbm`, sk T/cTbs o `ni bc bs prbm`.
@v`c tgkueg bc prbcfbpn` o cbt` fyfnbf erkup gos o v`ry sbmpn` struftur`, cibce oe`c`rotkr lkr o cbt` fyfnbf erkup bs e`c`ronny gori. Lkr `xompn`, bt turcs kut tgot tg`muntbpnbfotbv` erkup (T/pT) bs o fyfnbf erkup wg`c p bs prbm`, aut ck `stfb`ct m`tgki lkrcibce o e`c`rotkr lkr (T/pT) bs hckwc (a`sbi`s o arut`-lkrf` s`orfg). Mkr` e`c`ronny, tg`muntbpnbfotbv` erkup (T/phT) bs o fyfnbf erkup wg`c p bs prbm` oci h?.
Yg` cktbkc kl kri`r oc `n`m`ct bc o erkup pnoys oc bmpkrtoct rkn`.
I`cbtbkc 6.5. Ebv`c o erkup E, lkr ocyeE, tg` kri`r kle bcE, i`ckt`i ay kriE(e),bs `btg`r bccbt` bl tg` fynbf erkupebs bccbt`, kr i`c`i sk tgot kriE(e) =|e| blegoscbt` kri`r.
Yg` lknnkwbce fgoroft`rbzotbkc kl tg` kri`r kl oc `n`m`ct wbnn a` c``i`i.
Zrkpksbtbkc 6.7. Ebv`c o erkup E oci oc `n`m`ct e E, bl e gos cbt` kri`r, tg`ckriE(e) = p bs fgoroft`rbz`i os lknnkws4 p bs tg` smonn`st pksbtbv` bct`e`r sufg tgote
p = ?.Lurtg`rmkr`,e, e1, . . . , ep = ?or` onn ibstbcft, oci lkr ocyc sufg tgotec = ?, tg`cp ibvbi`sc.
?U` onnkw o = c tk offkmkiot` tg` sp`fbon fos`c = ?.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
39/114
6.1. FRFNBF EQKPZV 62
Zrkkl. U` gov` tg` bskmkrpgbsm T/pT E, sk p : (mki p) oci ep = ?. Bl q > p bs opksbtbv` bct`e`r sufg tgot eq = ?, tg`cq= ? bc T/pT, o fkctroibftbkc.
Fkcv`rs`ny, blp bs tg` n`ost pksbtbv` bct`e`r sufg tgot ep = ?, tg`c e, e1, . . . , ep = ? or`onn ibstbcft, sbcf` ktg`rwbs` w` wkuni gov` eb =ed lkr skm`b, d wbtg ?b > dp, oci tg`cw` wkuni gov` edb = ?
wbtg :> d b > p, fkctroibftbce tg` mbcbmonbty klp. Lkr ocyc T, w` foc wrbt`c= pq+r,wbtg :r > p, oci w` e`t
ec =epq+r = (ep)q er =er.Yg`c, bt bs fn`or tgot w` gov` oc bskmkrpgbsm T/pT E.
Blec = ?, tg`c wrbtbce c = pq+ r, wbtg :r > p, w` e`t
? =epq+r = (ep)q er =er,
sk er = ? wbtg :r > p, fkctroibftbce tg` mbcbmonbty klp, sk r = : oci p ibvbi`sc.
Yg` c`xt prkpksbtbkc i`ons wbtg suaerkups kl fyfnbf erkups.
Zrkpksbtbkc 6.2.N`tE =ea` o cbt` fyfnbf erkup kl kri`rc oci n`tGa` ocy suaerkupklE.
(o) Yg` erkup G bs fyfnbf oci e`c`rot`i ay skm` `n`m`ct eh, wg`r` h ? bs tg` n`ostbct`e`r sufg tgoteh G.
(a) Yg` kri`ri=
|G
|klGibvbi`sc ocic= ih.
(f) U` gov`G={oE|oi = ?}, wbtgi lrkm (a).(i) Lkr `v`ryi?, tg` s`t
Gi={oE|oi = ?}bs o fyfnbf suaerkup klE kl kri`refi(c, i).
(`) Lkr `v`ry ibvbskri klc, tg`r` bs o ucbqu` fyfnbf suaerkup Gkl kri`ri ebv`c ay
G={oE|oi = ?}.
Zrkkl. BlG ={?}, tg`c onn fnobms or` tru` wbtg h = c oci i = ?. Lrkm ckw kc, ossum`tgot|G|3?, oci pbfh eh Gwbtgh? mbcbmon. Vbcf`|G|3 ?, w` must gov` h > c.
(o) Lkr ocy `n`m`ct em G, w` foc wrbt` m = hq+ r, wbtg :r > h. Yg`c, w` gov`
em =ehq+r = (eh)q er,
8/13/2019 Notes on Public Key Cryptography and Primality Testing
40/114
9: FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
oci sbcf` em, eh G, w` gov` er = (eh)q em G. Gkw`v`r, :r > h, fkctroibftbce tg`mbcbmonbty klh , sk r = :. Bt lknnkws tgot G=eh bs fyfnbf.
(a) N`t us prkv` tgot h ibvbi`sc. N`ts = efi(h, c). Ay A`zkuts tg`kr`m, w` foc wrbt`
s= hu + cv
lkr skm` u, v T. Yg`c, sbcf` ec = ?, w` gov`
es =ehu+cv = (eh)u (ec)v = (eh)u,
wgbfg sgkws tgot es G. Vbcf` h bs tg` n`ost pksbtbv` bct`e`r sufg tgot eh G, w` mustgov` s= h 8 tgot bs, h ibvbi`s c. Aut tg`c, eh must gov` kri`r i = c/h , sbcf` tg` kri`r kleh bs tg` smonn`st coturon cuma`r g sufg tgot ehg = ?, oci sbcf` c = ih bs tg` kri`r kle , btmust ibvbi` gh , wgbfg m`ocs tgot i must ibvbi` g, oci sk g = i.
(f) Lrkm (a), G={eh, e1h, . . . , eih = ?}, oci w` gov` (edh)i = (eih)d = ?, wgbfg sgkwstgot `v`ry oGsotbs`s tg` `quotbkc o
i
= ?. Fkcv`rs`ny, bloG sotbs`s oi
= ?, sbcf`o= eb lkr skm` b, w` gov` e bi = ?, oci sbcf` e gos kri`r c, tg` cuma`r c = himust ibvbi`bi, wgbfg m`ocs tgot h must ibvbi` b. Fkcs`qu`ctny, o = (eh)b/h G.
(i) Bt bs bmm`ibot`ny v`rb`i tgot Gi bs o suaerkup kl E. U` gov` o = eb Gi b
(eb)i = e bi = ?. Urbt` r = efi(i, c), c= c?r oci i = i?r. Yg`c efi(c?, i?) = ?. Vbcf` egos kri`r c, tg` cuma`r c = c?r ibvbi`sbi = bi?r, sk c? ibvbi`s bi?. Vbcf` efi(c?, i?) = ?,tg` cuma`r c? ibvbi`s b, oci sbcf` ? b c, w` fkcfnui` tgot b = c?, 1c?, . . . , r c? = c.Yg`r`lkr`,Gi gos kri`r r = efi(i, c).
(`) Ygbs lknnkws bmm`ibot`ny lrkm (i).
Zrkpksbtbkc 6.?:. N`tE=e a` o cbt` fyfnbf erkup kl kri`rc. Yg`c w` gov`4(o) Lkr ocyoE, tg` kri`rkriE(o) kloibvbi`sc.(a) Lkr ocyb, wbtg?bc, tg` kri`r kleb bsc/efi(b, c).(f) Lkr `v`ry ibvbskri klc, tg` erkup E fkctobcs(i) `n`m`cts kl kri`ri.
Zrkkl. (o) Yg` kri`r kriE(o) kl o bs tg` kri`r kl tg` fyfnbf erkupo, oci ay Noeroce`stg`kr`m (Zrkpksbtbkc 6.6), kriE(o) ibvbi`s c.
(a) Urbt` h = efi(b, c),b= b?h, oci c= c?h. Yg` kri`r ikleb bs tg` smonn`st pksbtbv`
bct`e`r sufg tgot (e
b
)
i
= e
bi
= ?. Vbcf` e gos kri`r c, tg` cuma`r c = c?h must ibvbi`bi= b?hi, sk tgot c? ibvbi`s b?i. Vbcf` efi(b?, c?) = ?, tg` cuma`r c? must ibvbi` i, ocisk i = c? = c/h, os fnobm`i.
(f) Ay (a), w` c``i tk hckw gkw mocyb {?, . . . , c}gov` tg` prkp`rtyc/efi(b, c) =i,kr `qubvon`ctny
efi(b, c) =c/i = h.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
41/114
6.1. FRFNBF EQKPZV 9?
Kavbkusny,b must a` kl tg` lkrm b = dh, wbtg ?di. Ckw,
h= efi(b, c) = efi(dh, ih) =h efi(d, i),
sk efi(d, i) = ?. Aut, tg`r` or` (i) bct`e`rs b
{?, . . . , i
}sufg tgot efi(d, i) = ?, wgbfg
yb`nis (f).
G`r` bs ocktg`r us`lun prkpksbtbkc.
Zrkpksbtbkc 6.??. Lkr ocy oa`nboc erkup E, blo bs oc `n`m`ct kl cbt` kri`rc?, a bs oc`n`m`ct kl cbt` kri`rc1, ociefi(c?, c1) = ?, tg`co + a gos kri`rc?c1.
Zrkkl. Yg` rst st`p bs tk prkv` tgoto a={:}. Ygbs bs a`fous`o abs o suaerkupkl aktgo ocia, sk ay Noeroce`s tg`kr`m, tg` kri`r m klo a ibvbi` aktg c? ocic1. Vbcf` efi(c?, c1) = ?, w` must gov` m= ?. C`xt, w` fnobm tgot blh(o+a) = :, tg`cho = ha = :. Ygbs bs a`fous blh(o+a) = :, tg`c ho =
ha, sk ho,ha
o
a
=
{:
},
wgbfg m`ocs tgotho= : ociha= :. Ckw, tg` kri`r klo + abs tg` smonn`st pksbtbv` bct`e`rs sufg tgot s(o+a) = :. Lrkm wgot w` dust prkv`i,so= : oci sa= :, oci sbcf` c? ocic1 or` tg` kri`rs klo oci a r`sp`ftbv`ny,c? ocic1 must ibvbi` s. Vbcf` efi(c?, c1) = ?, w`fkcfnui` tgot c?c1 ibvbi`s s. Kc tg` ktg`r goci, sbcf` c? oci c1 or` tg` kri`rs klooci ar`sp`ftbv`ny, c?o = : oci c1a= :, sk c?c1(o+a) = c1c?o+c?c1a = :, oci sbcf` s bs tg`n`ost pksbtbv` bct`e`r sufg tgot s(o+a) = :, w` s`` tgot s ibvbi`s c?c1, sk w` must gov`s= c?c1.
U` foc ckw prkv` tg` lknnkwbce bmpkrtoct loft.
Zrkpksbtbkc 6.?1. Lkr `v`ry bct`e`rc?, w` gov`c=
i|c
(i).
Zrkkl. Ay prkpksbtbkc 6.2, lkr `v`ry ibvbskr i klc, tg`r` bs o ucbqu` fyfnbf suaerkup Fi klT/cT kl kri`r i, oci n`t i a` tg` s`t kl e`c`rotkrs klFi. Vbcf` ay Zrkpksbtbkc 6.2, `v`ry`n`m`ct klT/cT e`c`rot`s skm` fyfnbf suaekupFi, tg` suas`ts ilkrm o portbtbkc klT/cT,oci sbcf` ay Zrkpksbtbkc 6.?:, `ofg erkupFi gos (i) e`c`rotkrs, w` fkcfnui` tgot
c=
|T/cT
|= i|c |
i
|= i|c (c),
os fnobm`i.
Zrkpksbtbkc 6.?1 yb`nis o v`ry us`lun fgoroft`rbzotbkc kl fyfnbf erkups. Yg` prkkl bs iu`tk D.Z. V`rr`.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
42/114
91 FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
Yg`kr`m 6.?6. N`tE a` o cbt` erkup kl kri`rc. Yg`c, E bs fyfnbf b lkr `v`ry ibvbskri klc, tg`r` or` ot mksti `n`m`ctsoE sufg tgotoi = ?. BlE bs fyfnbf, tg`c bt gos(c)e`c`rotkrs.
Zrkkl. BlE bs fyfnbf, w` prkv`i bc Zrkpksbtbkc 6.2 tgot lkr `v`ry ibvbskr i klc tg`r` bs o
ucbqu` suaerkup kl kri`r i ebv`c ayGi ={oE|oi = ?}.N`t us ckw prkv` tg` fkcv`rs . Bl tg`r` bs skm` x E kl kri`r i, tg`c tg` suaerkup
x={x, x1, . . . , xi = ?} bs fyfnbf kl kri`r i, oci tg` i `n`m`cts bcx sotbsly tg` `quotbkcoi = ?. Bl skm` yE sotbs`s tg` `quotbkc yi = ?, tg`c w` onr`oiy gov` i sknutbkcs bcx,sk y x. Bc portbfunor, onn `n`m`cts klE kl kri`r i or` e`c`rotkrs klx, oci tg`r` or`(i) sufg `n`m`cts. G`cf`, tg` cuma`r kl `n`m`cts klE kl kri`r i bs `btg`r : kr (i). Bl btw`r` : lkr skm` ibvbskr iklc, tg`c tg` lkrmuno
c=i|c
(i).
lrkm Zrkpksbtbkc 6.?1 wkuni soy tgot E gos strbftny n`ss tgoc c `n`m`cts, o fkctroibftbkc.Yg`r`lkr`, lkr `v`ry ibvbskr i klc, tg`r` or` (i) `n`m`cts kl kri`r c. Bc portbfunor, lkrc= i, w` gov` oc `n`m`ct xkl kri`r c, wgbfg sgkws tgot E=x bs fyfnbf.
U` onsk gov` tg` lknnkwbce sbmpn` r`sunt wgbfg yb`nis o sgkrt prkkl kl o r`sunt kl @un`r.
Zrkpksbtbkc 6.?9. BlEbs ocy cbt` erkup kl kri`rc, tg`c tg` kri`r kl ocy `n`m`cteEibvbi`sc. Ygus,
ec = ?, lkr onn eE.
Zrkkl. Yg` fyfnbf suaerkupe bs o suaerkup klE, sk ay Noeroce`s tg`kr`m, bts kri`r hibvbi`s tg` kri`r klE. Ay Zrkpksbtbkc 6.7, w` gov` eh = ?, oci sbcf` h ibvbi`s c w` e`tec = ?.
Lkr ocy bct`e`r c1, n`t (T/cT) a` tg` erkup kl bcv`rtban` `n`m`cts kl tg` rbce T/cT.Ygbs bs o erkup kl kri`r (c). Yg`c, Zrkpksbtbkc 6.?9 yb`nis tg` lknnkwbce r`sunt.
Yg`kr`m 6.?0. (@un`r) Lkr ocy bct e`r c 1 oci ocy o {?, . . . , c?} sufg tgotefi(o, c) = ?, w` gov`
o(c) ? (mki c).
Bc portbfunor, blc bs o prbm`, tg`c (c) =c ?, oci w` e`t L`rmots nbttn` tg`kr`m.
Yg`kr`m 6.?
8/13/2019 Notes on Public Key Cryptography and Primality Testing
43/114
6.6. ZQBMBYB\@ QKKYV 96
6.6 Zrbmbtbv` Qkkts
Bc tgbs s`ftbkc, w` prkv` tgot f`rtobc muntbpnbfotbv` erkups kl tg` lkrm (T/cT) or` fyfnbf.Bt turcs kut tgot tg` erkup (T/cT) bs fynbf blc= 1, 9, pm, oci 1pm, wg`r`p bs oc kii prbm`oci m
?. O e`c`rotkr lkr (T/cT) bs fonn`i o prbmbtbv` rkkt mkiunk c. Ygbs t`rmbcknkey
ek`s aofh tk @un`r, oci bs onsk us`i ay Eouss bc gbs Ibsqubsbtbkc`s Orbtgm`tbfo` X5]8 s``Ortbfn` 05. Bc loft, bt bs r`morhoan` tgot mkst kl tg` r`sunts kl tgbs s`ftbkc or` iu` tk Eouss.Yrocsnotbkcs kl tg`Ibsqubsbtbkc`s Orbtgm`tbfo`or` ovobnoan`, lkr `xompn`, bc Lr`cfg, oci w`gbegny r`fkmm`ci r`oibce Ortbfn`s 01 tgrkueg 26. Eouss styn` bs strbhbceny nbv ny oci fn`or.Aosbfonny onn tg` r`sunts kl tgbs s`ftbkc or` onsk prkv`i bc ocktg`r lomkus akkh, com`ny tg`\krn`suce`c ua`r Togn`ctg`krb`, ay N`d`uc`Ibrbfgn`t X??]. Ygbs akkh wos oftuonny wrbtt`cay Qbfgori I`i`hbci oci puanbsg`i bc ?7
8/13/2019 Notes on Public Key Cryptography and Primality Testing
44/114
99 FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
Yg`kr`m 6.?5 ik`s ckt `xpnbfbtny t`nns us gkw tk sknv` o syst`m kl fkceru`cf`s
xa? (mki c?)...
xar (mki cr),aut tg` lknnkwbce v`rsbkc kl tg` fgbc`s` r`mobci`r tg`kr`m t`nns us gkw tk ik sk.
Yg`kr`m 6.?7. (Fgbc`s` r`mobci`r tg`kr`m) Lkr ocy bct`e`rc?, blc= c? cr wg`r`tg`cb or` r`notbv`ny prbm` bc pobr, wgbfg m`ocs tgotefi(cb, cd) = ? lkr onn b= d, lkr ocya?, . . . , ar T, tg`r` `xbsts o ucbqu`x wbtg:xc ? sufg tgot
xa? (mki c?)...
x
ar (mki cr).
Zrkkl. N`t mb = c/cb, lkr b = ?, . . . , r. Vbcf` tg`cb or` pobrwbs` r`notbv`ny prbm`, w` gov`efi(mb, cb) = ?, sk mb gos o ucbqu` bcv`rs`m
b mkiunk cb8 tgot bs,
mbmb? (mki cb).
N`tx= a?m?m
?+ + armrmr.
U` fnobm tgot x bs o sknutbkc kl kur fkceru`cf`s. Bci``i, sbcf` `ofg md fkctobcs tg` loftkrcb blb=d, w` gov`
a?m?m?+ + armrmrabmbmb (mki cb),
oci sbcf` mbmb? (mki cb), w` e`t
a?m?m?+ + armrmrab (mki cb),
os r`qubr`i. Yg` ucbqu`c`ss klx lknnkws lrkm Yg`kr`m 6.?5. U` foc onsk kas`rv` tgot blx, yor` twk sknutbkcs sufg tgot : x, y c ?, tg`c x y (mkicb) lkr b = ?, . . . , r, wgbfgbmpnb`sxy (mkic), oci tgus x = y.
Bct`r`stbceny, Yg`kr`m 6.?5 onsk oppnb`s tk tg` erkup (T/cT) kl ucbts (bcv`rtban` `n`-m`cts) kl tg` rbce T/cT. Ckt` tgot w` must gov` c1.Yg`kr`m 6.?2. Lkr ocy bct`e`rc 3?, blc= c? cr wg`r` tg`cb or` r`notbv`ny prbm` bcpobr, wgbfg m`ocs tgotefi(cb, cd) = ? lkr onnb=d , tg`c w` gov` oc bskmkrpgbsm
(T/cT)=(T/c?T) (T/crT).
8/13/2019 Notes on Public Key Cryptography and Primality Testing
45/114
6.6. ZQBMBYB\@ QKKYV 90
Zrkkl. Ay Yg`kr`m 6.?5, w` gov` oc bskmkrpgbsm
T/cT = T/c?T T/crT.
Gkw`v`r, oc `n`m`ct (o?, . . . , or) kl tg` prkiuft rbce T/c?T T/crT bs bcv`rtban` b`ofg ob bs bcv`rtban` bc T/cbT, wgbfg sgkws tgot tg` oakv` bskmkrpgbsm bciuf`s o erkupbskmkrpgbsm
(T/cT)=(T/c?T) (T/crT),os fnobm`i.
Os o fkrknnory kl Yg`kr`m 6.?2, sbcf` tg` erkup (T/cbT) gos kri`r(cb), w` katobc tg`
muntbpnbfotbv` prkp`rty kl tg` @un`r -lucftbkc.
Zrkpksbtbkc 6.1:. Lkr ocy twk pksbtbv` bct`e`rsm, c, blefi(m, c) = ?, tg`c
(mc) =(m)(c).
Vbcf` (p) = p ? wg`c p bs prbm` oci (ph) = ph ph? = ph?(p ?) blh 1 (wbgp prbm`), w` foc fkmput` (c) lkr `v`ry c (w` stort wbtg (?) = ?). Vbcf` `v`ry pksbtbv`bct`e`r c 3? gos o ucbqu` prbm` loftkrbzotbkc
c= ph?? phrr ,
w` e`t
(c) =ph??? phr?r (p? ?) (pr ?) =c
? ?p?
? ?
pr
.
Yg`kr`m 6.?2 r`iuf`s tg` stuiy kl tg` erkup (T/cT) tk tg` stuftur` kl tg` erkups (T/phT),wg`r`p bs o prbm` oci h?. Yg` fos`p = 1 bs `xf`ptbkcon, aut tg` fos` wg`r` p bs oc kiiprbm` bs cbf`8 com`ny, (T/phT) bs o fynbf erkup. U` a`ebc wbtg tg` fos` h = ?.
Yg`kr`m 6.1?. (Eouss) Lkr `v`ry kii prbm`p, tg` erkup(T/pT) bs fyfnbf. Bt gos(p?)e`c`rotkrs.
Zrkkl. U` us` Yg`kr`m 6.?6 oppnb`i tk E = (T/pT) oci c = (p) = p?. Vbcf` p bsprbm`, T/pT bs o `ni, lkr `v`ry ibvbskr i kl p?, tg` `quotbkc xi ? = : gos ot mksti rkkts bc T/pT, oci o lkrtbkrb bc (T/pT). Yg r`lkr , (T/pT) bs fyfnbf oci gos (p ?)e`c`rotkrs.
Bct`e`rs o T sufg tgot omki p bs o e`c`rotkr kl (T/pT) or` fonn`i prbmbtbv` rkktsmki p.
Q`morh4 Eouss prkkl bs ckt onn tgot ib`r`ct lrkm tg` kc` w` eov`. Lkr `v`ry ibvbskr ikl p?, Eouss i`c`s (i) os tg` cuma`r kl bct`e`rs o, wbtg o o p?, tgot gov`
8/13/2019 Notes on Public Key Cryptography and Primality Testing
46/114
9< FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
kri`ri, oci tg`c prkv`s tgot(i) =(i). Lkr tgbs, g` prkv`s Zrkpksbtbkc 6.?18 s`` Ortbfn`s010< kl tg`Ibsqubsbtbkc`s Orbtgm`tbfo`X5]. Eouss onsk worcs oakut tg` ioce`r kl r`eoribceos `stoanbsg`i, stot`m`cts wgbfg or` or` ckt prkv`i. G` ek`s kc tk soy tgot ckakiy gosot`mpt`i tk prkv` Yg`kr`m 6.1?, `xf`pt @un`r, oci tgot @un`r gos tonh`i `xt`csbv`ny oakuttg` c`f`ssbty kl prkvbce bt, aut tgot gbs prkkl bs fiow`i bc twk r`sp`fts! O v`rsbkc kl tg`
som` prkkl bs onsk ebv`c bc Ibrbfgn`t X??] (Fgopt`r 1, V`ftbkc 6:).
Eouss prkpks`s oc onekrbtgm lkr cibce o prbmbtbv` rkkt mkiunk p bc Ortbfn`s 56 oci 59bc tg` Ibsqubsbtbkc`s Orbtgm`tbfo` X5]. Yg` onekrbtgm bs os lknnkws4
Vt`p ?. Zbfh ocy bct`e`r o wbtg 1op ?, oci ci tg` kri`r t klo, tgot bs, tg` n`ostpksbtbv` bct`e`r sufg tgot ot ? (mki p). Blo gos kri`r p ?, tg`c bt bs o prbmbtbv` rkktmkiunk p. Ktg`rwbs`, ek tk tg` c`xt st`p.
Vt`p 1. Lbci ocy ocy cuma`r a, wbtg 1 a p ?, sufg tgot a ob (mkip), lkrb= ?, . . . , t. N`t u a` tg` kri`r kla, tg` n`ost pksbtbv` bct`e`r sufg tgot au ? (mki p). Bfnobm tgot u ik`s ckt ibvbi` t.
Ygbs bs a`fous` blu ibvbi`s t, sbcf` au ? (mkip), w` wkuni e`t at ? (mkip), autsbcf` tg` fkceru`cf` Wt ? (mki p) gos t sknutbkcs (o, o1, . . . , ot), tg`c w` wkuni gov`aob (mkip) lkr skm`b wbtg ?bt, o fkctroibftbkc. Blu = p ?, tg`ca bs o prbmbtbv`rkkt. Ktg`rwbs , n`ty a` tg` n`ost fkmmkc muntbpn` kl t oci u. Yg`c, w` foc spnbt y osy = mc, wg`r` efi(m, c) = ?, m ibvbi`s t, oci c ibvbi`s u. Os `xpnobc`i ay Eouss bc olkktckt`, m oci c foc a` katobc`i lrkm prbm` loftkrbzotbkcs klt oci u. Onn prbm` pkw`rskcny bc t or` bcfnui`i bcm, onn prbm` pkw`rs kcny bc u or` bcfnui`i bcc, oci prbm` pkw`rsaktg bc t oci u or` bcfnui`i bc m kr c, bt ik`sct mott r. Yg`c, o ot/m (mkip) goskri`rm,a au/c (mkip) gos kri`r c, oci a`fous` efi(m, c) = ?, tg` `n`m`ct f = oa goskri`ry = mc 3 t mkiunkp. Blmc = p
?, tg`cf bs o prbmbtbv` rkkt mkiunkp. Ktg`rwbs`,
ek aofh tk Vt`p 1 wbtg o= f oci t= y.
Vbcf` y 3 t bc st`p 1, tg` kri`r klt h``ps bcfr`osbce wgbn` ibvbibce p ?, sk `v`ctuonnyt= p ?, oci o prbmbtbv` rkkt bs lkuci. Eouss bnnutrot`s tgbs prkf`ss lkr p= 56, oci cistg` prbmbtbv` rkkt 0. Eouss onekrbtgm r`qubr`s loftkrbcey os mc wbtg efi(m, c) = ?, ocitgbs st`p r`qubr`s prbm` loftkrbzotbkcs klt oci u. Lkr nore`p, tgbs bs ckt o proftbfon m`tgki.Vtbnn, bt bs bmpr`ssbv` tgot Eouss eov` oc onekrbtgm lkr cibce o prbmbtbv` rkkt kv`r 1:: y`orsoek.
Yg` oakv` onekrbtgm ik`s ckt c`f`ssorbny yb`ni tg` smonn`st prbmbtbv` rkkt ep mkiunkp.Bt bs hckwc tgot ep 3 Fnkep lkr bccbt`ny mocy prbm`s (lkr skm` fkcstoct F), oci tgot
ep > p:.922
lkr onn p 3 `119
(s`` Qba`cakbm X?0], Fgopt`r 1, V`ftbkc BB).U` ckw fkcsbi`r tg` fos` wg`r` c= pm, wbtgpprbm` ocim1. U` lknnkw tg` a`outblun
`xpksbtbkc ebv`c bc Opkstkn X?]. Os w` m`ctbkc`i `ornb`r, tgbs `xpksbtbkc bs `xtr`m`ny fnks` tkIbrbfgn`ts pr`s`ctotbkc (os wrbtt`c up ay I`i`hbci) X??]. Yg` lknnkwbce t`fgcbfon prkpksbtbkcbs c``i`i.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
47/114
6.6. ZQBMBYB\@ QKKYV 95
Zrkpksbtbkc 6.11. Lkr ocy kii prbm`p, n`te a` o prbmbtbv` rkkt mkiunk p sufg tgot
ep? ? (mki p1).Yg`c, lkr onnb1, w` gov`
e(pb?)
? (mkipb).
Zrkkl. U` prkf``i ay bciuftbkc kc b. Yg` aos` fos` b = 1 bs tg` gypktg`sbs. Lkr tg`bciuftbkc st`p, ossum` tgot
e(pb?) ? (mkipb). ()
Ay @un`rs tg`kr`m,e(p
b?) ? (mkipb?),sk w` gov`
e(pb?) = ? + hpb?
lkr skm` h T, oci p ik`s ckt ibvbi` h a`fous` kl (). Qobsbce tg` oakv` `quotbkc tk tg`
ptg pkw`r, sbcf` (p
b?
) =p
b?
pb1
, w` e`t p(p
b?
) =(p
b
), oci
e(pb) = (? + hpb?)p = ? + hpb + h1
p(p ?)1
p1(b?) + rp6(b?)
= ? + hpb + h1p ?
1 p1b? + rp6(b?),
lkr skm`r T. Ckw, 1b ?b + ? oci 6b 6b + ? sbcf`b1, sk w` e`t tg` fkceru`cf`e(p
b) = ? + hpb (mkipb+?),
wg`r`p ik`s ckt ibvbi` h, oci tg`r`lkr`
e(pb)
? (mki pb+?
),
`stoanbsgbce tg` bciuftbkc gypktg`sbs.
Yg` c`xt st`p bl tk prkmkt` o prbmbtbv` rkkt mkiunk p tk o prbmbtbv` rkkt mkiunk pm.Lkr tgbs, w` us` tg` lknnkwbce prkpksbtbkc.
Zrkpksbtbkc 6.16. Lkr ocy kii prbm`p, tg`r` bs o prbmbtbv` rkkte mkiunk p sufg tgot
ep? ? (mki p1). ()Zrkkl. N`te a` ocy prbmbtbv` rkkt mkiunk p. Bl () gknis, w` or` ikc`. Ktg`rwbs`, ep? ?(mkip
1
), bc wgbfg fos` w` fkcsbi`r e?= e+p. Kavbkusny, e? bs o prbmbtbv` rkkt mkiunk p,oci w` fnobm tgot bt sotbs`s (). U` gov`ep?? = (e+p)
p?
=ep? + (p ?)ep1p + tp1,=ep? ep1p + (t + ep1)p1,
8/13/2019 Notes on Public Key Cryptography and Primality Testing
48/114
97 FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
lkr skm` t T, oci a`fous` ep? ? (mki p1), w` e`t
ep?? ep? pep1 (mkip1)? pep1 (mkip1).
Aut, w` focckt gov` pep1 : (mki p1), lkr tgbs wkuni bmpny tgot ep1 : (mki p),fkctroibftbce tg` loft tgot e bs o prbmbtbv` rkkts mkiunk p. Yg`r`lkr , ep?? ? (mki p1),os fnobm`i.
Lbconny, w` foc prkv` tgot prbmbtbv` rkkts mkiunk pm `xbst.
Zrkpksbtbkc 6.19. Lkr ocy kii prbm` p, o prbmbtbv` rkkt e mkiunk p bs o prbmbtbv` rkktmkiunk pm lkr onnm1 b
ep? ? (mki p1). ()Zrkkl. Vuppks` tgot e bs o prbmbtbv` rkkt mkiunk pm lkr onn m ?. Bc portbfunor, e bs oprbmbtbv` rkkt mkiunkp
1
. U` gov` (ay L`rmots nbttn` tg`kr`m)
ep? ? (mki p),
oci sbcf` (p1) =p(p ?)3 p ?, bl
ep? ? (mki p1),
tg`ce foct a` o prbmbtbv` rkkt mkiunk p1, sk ep? ? (mki p1) must gkni.Fkcv`rs`ny, ossum` tgot tg` prbmbtbv` rkkt e mkiunk p sotbs`s (). U` prkv` tgot e bs
o prbmbtbv` rkkt mkiunk pm lkr onnm1. N`t t a` tg` kri`r kle bc (T/pmT). U` c``i tkprkv` tgot
t= (pm).
Vbcf`e t ? (mki pm), w` onsk gov` e t ? (mki p), oci sbcf` e gos kri`r p ? mkiunkp,w` fkcfnui` tgot p ? ibvbi`s t, sk w` foc wrbt`
t= q(p ?)
lkr skm` q T. Vbcf` e(pm) ? (mki pm) oci t bs tg` kri`r kle mkiunk pm, tg` cuma`rt must ibvbi`(pm) =pm?(p ?)8 tgot bs, q(p ?) ibvbi`s pm?(p ?), sk qibvbi`spm?.Yg`r`lkr`, w` foc wrbt`
t= pa(p
?), wbtg a
m
?.
Bl w` foc prkv` tgot a = m ?, tg`c w` or` ikc`.Ossum` ay fkctroibftbkc tgot a > m?. Bl sk, a m1 oci t = pa(p?) ibvbi`s
pm1(p ?) =(pm?). Os o fkcs`qu`cf`, lrkm e t ? (mki pm), w` e`t
e(pm?) ? (mki pm).
8/13/2019 Notes on Public Key Cryptography and Primality Testing
49/114
6.6. ZQBMBYB\@ QKKYV 92
Gkw`v`r, sbcf` ay ossumptbkc
ep? ? (mki p1),Zrkpksbtbkc 6.11 bmpnb`s tgot
e
(pb?)
? (mki pb
) lkr onn b1,o fkctroibftbkc. Yg`r`lkr`, a = m ? oci tg` prkkl bs fkmpn`t`.
Zuttbce Zrkpksbtbkcs 6.16 oci 6.19, w` katobc kur tg`kr`m.
Yg`kr`m 6.10. (Eouss) Lkr `v`ry kii prbm` p oci `v`ry bct e`r m 1, tg` erkup(T/pmT) bs fyfnbf. Lurtg`rmkr`, bt gos((pm)) =pm1(p ?)(p ?) prbmbtbv` rkkts.
Q`morh4 Eouss prkv`s Yg`kr`m 6.10 bc Ortbfn`s 7172 kl tg` Ibsqubsbtbkc`s Orbtgm`tbfo`
X5]. Yg` oakv` prkkl bs aosbfonny I`i`hbcis prkkl X??] (Vuppn`m`ct \).
Yg` fos` c = 1pm bs `osbny gocin`i.
Yg`kr`m 6.1
8/13/2019 Notes on Public Key Cryptography and Primality Testing
50/114
0: FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
Zrkkl. U` prkf``i ay bciuftbkc kc m. Ug`cm = 6, w` c``i tk sgkw tgot o1 ? (mki 7),blo bs kii. Ygbs bs a`fous` o bs kl tg` lkrm o = 1h+ ?,
(1h+ ?)1 = 9h1 + 9h+ ? = 9h(h+ ?) + ?,
oci h(h+ ?) bs onwoys `v`c.Lkr tg` bciuftbkc st`p, tg` bciuftbkc gypktg`sbs soys tgot
o1m1
= ? + 1mt,
lkr skm` t T. Vquorbce aktg sbi`s, w` e`t
o1m?
= ? + 1m+?t + 11mt1,
sko1
m? ? (mki 1m+?),`stoanbsgbce tg` bciuftbkc gypktg`sbs.
Q`morh4 Eouss prkv`s Zrkpksbtbkc 6.15 bc Ortbfn` 2: kl tg` Ibsqubsbtbkc`s Orbtgm`tbfo`X5]. Bt onsk opp`ors bc Ibrbfgn`t-I`i`hbci X??] (Vuppn`m`ct \).
Bc summory, w` prkv`i tgot prbmbtbv` rkkts `xbst blc = 1, 9, pm, kr 1pm. U` onsk sgkw`itgot tg`y ik ckt `xbst blc = 1m, wbtg m6. Bc loft, prbmbtbv` rkkts ik ckt `xbst bc onn tg`r`mobcbce fos`s.
Zrkpksbtbkc 6.17. Ebv`c ocy bct`e`rc 1, blc bs ckt kl tg` lkrmc = 1, 9, pm, kr1pm,wg`r`p bs oc kii prbm`, tg`c lkr ocy bct`e`ro wbtgefi(o, c) = ?, w` gov`
o(c)/1 ? (mki c).
Yg`r`lkr`, tg`r` or` ck prbmbtbv` rkkts mkiunk c.
Zrkkl. U` onr`oiy prkv`i tgot prbmbtbv` rkkts ik ckt `xbst blc= 1m wbtgm6. Yg`r`lkr`,w` moy ossum` tgot c gos o loftkrbzotbkc kl tg` lkrm
c= 1hph?? phss ,
wg`r` tg` pb or` kii prbm`s, s ?, hb ?, oci h :. Lurtg rmkr , sbcf`c bs ckt kl tg`lkrmc = 1, 9, p
m
, kr 1pm
, w` gov` h1 bls = ?, oci s1 blh= :, ?. U` gov`(c) =(1h)(ph?? ) (phss ).
Zbfho Tsufg tgot efi(o, c) = ?. U` c``i tk prkv` tgot
o(c)/1 ? (mki c).
8/13/2019 Notes on Public Key Cryptography and Primality Testing
51/114
6.6. ZQBMBYB\@ QKKYV 0?
N`te a` o prbmbtbv` rkkt mkiunk ph?? , oci wrbt`
oeb (mkiph?? ).Yg`c, w` gov`
o
(c)/1
eb(c)/1
et(p
h?? )
(mkip
h?
? ),wbtg
t= b(1h)(ph11 ) (phss )/1.U` fnobm tgot tbs oc bct`e`r.
Blh1, tg`c (1h) = 1h? bs `v`c, sk t bs oc bct`e`r. Blh = : kr h= ?, tg`c s1 ocitg` loftkr (ph11 ) =p
h1?1 (p1 ?) bs `v`c, sk t bs onsk oc bct`e`r.
Vbcf`e(p
h?? ) ? (mki ph?? ),
lrkm
o(c)/1
et(p
h?
? )
(mkiph?? ),
w` katobco(c)/1 ? (mki ph?? ).
O sbmbnor prkkl sgkws tgoto(c)/1 ? (mkiphbb )
lkr b = ?, . . . s. U` stbnn c``i tk prkv` tgot o sbmbnor fkceru`cf` gknis mkiunk 1h.
Blh 6, sbcf` efi(o, c) = ?, tg` cuma`r o must a` kii, oci ay Zrkpksbtbkc 6.15, w`gov`
o(h)/1 o1h1 ? (mki 1h).Vbcf`(1h) ibvbi`s (c), w` e`t
o(c)/1 ? (mki 1h), h6.Blh1, tg`c w` gov`
o(1h) ? (mki 1h).
Aut s?, sk(c) =(1h)(ph?? ) (phss ) =(1h)ph??? (p? ?)(ph11 ) (phss ) = 1r(1h),
lkr skm` bct`e`r r. Ygus,(1h) ibvbi`s (c)/1, oci
o(c)/1 ? (mki 1h)gknis lkr h1. Bc summory, tg` fkceru`cf`s
o(c)/1 ? (mkiphbb )o(c)/1 ? (mki 1h)
8/13/2019 Notes on Public Key Cryptography and Primality Testing
52/114
01 FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
gkni lkr b= ?, . . . , soci h:. Vbcf` tg` mkiunb or` pobrwbs` r`notbv`ny prbm`, w` katobco(c)/1 ? (mki c),
os fnobm`i.
Zuttbce `v`rytgbce tke`tg`r, w` gov` tg` lknnkwbce r`morhoan` r`sunt, mkst kl wgbfg bsiu` tk Eouss.
Yg`kr`m 6.12. Yg` erkup (T/cT) bs fyfnbf b c = 1, 9, pm, kr 1pm, wg`r` p bs oc kiiprbm` ocim?. Yg`r` or`((c)) prbmbtbv` rkkts mkiunk c.
Vurprbsbceny, `v`c bc tg` fos` wg`r` c= p bs oc kii prbm`, tg`r` bs ck hckwc frbt`rbkctk i`t`rmbc` wg`tg`r oc bct`e`ro bs o prbmbtbv` rkkt mkiunk p. Lkr `xompn`, w` ikct hckwgkw tk i`t`rmbc` bl 1 bs o prbmbtbv` rkkt mkiunk p, ktg`r tgoc ay fkmputbce onn pkw`rs 1b
mkiunk p. Bc loft, w` gov` tg` lknnkwbce fkcd`ftur` moi` ay @mbn Ortbc orkuci ?21:4
Ortbcs Fkcd`ftur`. Yg` cuma`r 1 bs o prbmbtbv` rkkt lkr bccbt`ny mocy prbm`s.
Onsk, bt bs `osy tk s`` tgot o p`rl`ft squor` (o cuma`r kl tg` lkrm o1) oci? or` cktprbmbtbv` rkkts. Ortbc onsk moi` tg` lknnkwbce fkcd`ftur`.
Yg` E`c`ronbz`i Ortbc Fkcd`ftur`. @v`ry bct`e`r wgbfg bs ckt o p`rl`ft squor` ocibs ib`r`ct lrkm? bs o prbmbtbv` rkkt lkr bccbt`ny mocy prbm`s.
Bt gos a``c sgkwc ay Fgrbstkpg`r Gkkn`y (?2
8/13/2019 Notes on Public Key Cryptography and Primality Testing
53/114
6.6. ZQBMBYB\@ QKKYV 06
oci a`fous` h?, w` gov` 1h+ 1h+ 6, sk w` e`to1 ? + 1h+1a (mki 1h+6),
`stoanbsgbce tg` bciuftbkc gypktg`sbs.
Kas`rv` tgot bl w` s`t x = 0 oci y = ?, tg`c 00 mki 7, sk ay Zrkpksbtbkc 6.6:, w`gov`
01h ? + 1h+1 (mki 1h+6), lkr onnh:.
Kc tg` ktg`r goci, sbcf` 0 bs kii, ay Zrkpksbtbkc 6.15, w` gov`
01m1 ? (mki 1m).
Yg`r`lkr`, 0 gos kri`r 1m1 mkiunk 1m. U` foc us` tgbs loft tk prkv` tg` lknnkwbce r`sunt(lknnkwbce Akuraohb X1], Fgopt`r \BB). Ygbs r`sunt bs mkr` kr n`ss bmpnbfbt bc Ortbfn` 2? kl tg`Ibsqubsbtbkc`s Orbtgm`tbfo`X5]. Bt bs `xpnbfbtny prkv`i bc Ibrbfgn`t-I`i`hbci X??] (Vuppn`m`ct
\).Yg`kr`m 6.6?. Lkr ocy m 6, tg` erkup (T/1mT) bs bskmkrpgbf tk tg` ibr`ft prkiuft{?, ?} 0 kl tg` fyfnbf suaerkup{?, ?} e`c`rot`i ay? oci tg` fyfnbf suaerkup0 klkri`r1m1 e`c`rot`i ay0.
Zrkkl. U` onr`oiy hckw tgot tg` fyfnbf suaerkup erkup0e`c`rot`i ay 0 gos kri`r 1m1.U` fnobm tgot? / 0. Vbcf`? gos kri`r 1, oci sbcf`(1) = ?, tg`r` bs o ucbqu` `n`m`ctkl kri`r 1 bc (T/1mT), sk bl? 0, tg`c w` must gov`
?0m6 ? + 1m? (mki 1m),
com`ny 1m?
+ 1 : (mki 1m
), wgbfg bs lons` blm ?. Fkcs`qu`ctny, blG ={?, ?} bstg` suaerkup e`c`rot`i ay?, w` gov` G 0 ={:}. Ay Zrkpksbtbkc 6.9, w` gov` ocbskmkrpgbsm
{?, ?} 0={?, ?} 0.Ckw, (T/1mT) gos kri`r 1m?, tg` suaerkup0 gos kri`r 1m1, oci{?, ?} gos kri`r 1,sk
(T/1mT) ={?, ?} 0oci w` gov` oc bskmkrpgbsm (T/1mT)={?, ?} 0.
Q`morhs4 Lkr c6, w` gov` tg` gkmkmkrpgbsm 4 (T/1m
T)
(T/9T)
ebv`c ay(omki 1m) =omki 9.
wbtg efi(o, 1m) = ?. Yg` h`rc`n kl tgbs gkmkmkrpgbsm bs tg` suaerkup P(1m) kl (T/1mT)
ebv`c ayP(1m) ={omki 1m |o? (mki 9)}.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
54/114
09 FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
Yg` suaerkupP(1m) gos kri`r 1m1, oci w` gov` oc bskmkrpgbsm P(1m)=0.Ocktg`r woy tk prkv` Yg`kr`m 6.10 bs tk prkf``i os lknnkws (lknnkwbce Akuraohb X1],
Fgopt`r \BB). Lbrst, w` sgkw tgot p + ? gos kri`rpm? bc (T/pmT). Lkr tgbs w` prkv` tgotbl p bs oc kii prbm` oci x ? +py (mki p1), tg`c xph ? +ph+?y (mki ph+1), lkr onnh:.
Yg`c, usbce o prbmbtbv` rkkt kl (T/pT), w` foc ci oc `n`m`ct y kl kri`r p? bc(T/pmT). Ay prkpksbtbkc 6.??, sbcf` efi(pm?, p ?) = ?, w` fkcfnui` tgot (p+ ?)y goskri`rpm?(p ?) =(pm), sk (p + ?)y bs o prbmbtbv` rkkt mkiunk pm.
6.9 Qbces oci Lb`nis
Yg` erkups T,_,Q, F, T/cT, oci Mc(Q) or` mkr` tgoc oc oa`nboc erkups, tg`y or` onskfkmmutotbv` rbces. Lurtg`rmkr`, _, Q, oci F or` `nis. U` ckw bctrkiuf` rbces oci `nis.
I`cbtbkc 6.7. O rbce bs o s`t O `qubpp`i wbtg twk kp`rotbkcs +4 OO O (fonn`ioiibtbkc) oci 4O OO (fonn`i muntbpnbfotbkc) govbce tg` lknnkwbce prkp`rtb`s4
(Q?) O bs oc oa`nboc erkup w.r.t. +8
(Q1)bs osskfbotbv` oci gos oc bi`ctbty `n`m`ct ?O8
(Q6)bs ibstrbautbv` w.r.t. +.
Yg` bi`ctbty `n`m`ct lkr oiibtbkc bs i`ckt`i :, oci tg` oiibtbv` bcv`rs` kl o O bsi`ckt`i ay
o. Mkr` `xpnbfbtny, tg` oxbkms kl o rbce or` tg` lknnkwbce `quotbkcs wgbfg gkni
lkr onno, a, fO4
o + (a + f) = (o + a) + f (osskfbotbvbty kl +) (6.?)
o + a= a + o (fkmmutotbvbty kl +) (6.1)
o + : = : + o= o (z`rk) (6.6)
o + (o) = (o) + o= : (oiibtbv` bcv`rs`) (6.9)o (a f) = (o a) f (osskfbotbvbty kl) (6.0)
o ? = ? o= o (bi`ctbty lkr) (6.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
55/114
6.9. QBCEV OCI LB@NIV 00
Lrkm (6.5) oci (6.7), w` `osbny katobc
o : = : o= : (6.2)o (a) = (o) a=(o a). (6.?:)
Ckt` tgot (6.2) bmpnb`s tgot bl ? = :, tg`c o= : lkr onn oO, oci tgus, O={:}. Yg`rbce O ={:} bs fonn`i tg` trbvbon rbce. O rbce lkr wgbfg ?= : bs fonn`i ckctrbvbon. Yg`muntbpnbfotbkco akl twk `n`m`cts o, aO bs klt`c i`ckt`i ayoa.@xompn` 6.1.
?. Yg` oiibtbv` erkups T,_,Q,F, or` fkmmutotbv` rbces.
1. Yg` erkup QXW] kl pknyckmbons bc kc` vorboan` wbtg r`on fk`stfb`cts bs o rbce uci`rmuntbpnbfotbkc kl pknyckmbons. Bt bs o fkmmutotbv` rbce.
6. Yg` erkup klc cmotrbf`s Mc(Q
) bs o rbce uci`r motrbx muntbpnbfotbkc. Gkw`v`r, btbs ckt o fkmmutotbv` rbce.
9. Yg` erkupF(]o, aX) kl fkctbcukus lucftbkcs l4 ]o, aX Q bs o rbce uci`r tg` kp`rotbkcl e i`c`i sufg tgot
(l e)(x) =l(x)e(x)lkr onnx]o, aX.
Ug`coa = : wbtg a= :, w` soy tgot o bs oz`rk ibvbskr. O rbce O bs ocbct`eron ikmobc(kr oc `ctbr` rbce) bl := ?, O bs fkmmutotbv`, oci oa= : bmpnb`s tgot o= : kr a= :, lkronn o, a
O. Bc ktg`r wkris, oc bct`eron ikmobc bs o ckctrbvbon fkmmutotbv` rbce wbtg ck
z`rk ibvbskrs a`sbi`s :.
@xompn` 6.6.
?. Yg` rbces T,_,Q,F, or` bct`eron ikmobcs.
1. Yg` rbce QXW] kl pknyckmbons bc kc` vorboan` wbtg r`on fk`stfb`cts bs oc bct`eron ikmobc.
6. Lkr ocy pksbtbv` bct`e`r,c C, tg` erkup T/cT bs o erkup uci`r oiibtbkc. U` foconsk i`c` o muntbpnbfotbkc kp`rotbkc ay
o a= oa = oa mki c,lkr onn o, aT. Yg` r`oi`r wbnn `osbny fg`fh tgot tg` rbce oxbkms or` sotbs`i, wbtg :os z`rk oci ? os muntbpnbfotbv` ucbt. Yg` r`suntbce rbce bs i`ckt`i ay T/cT.1 Kas`rv`
1Yg` cktotbkc Tc bs skm`tbm`s us`i bcst`oi kl T/cT aut bt fnosg`s wbtg tg` cktotbkc lkr tg` c-oibfbct`e`rssk w` pr`l`r ckt tk us` bt.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
56/114
0< FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
tgot blc bs fkmpksbt`, tg`c tgbs rbce gos z`rk-ibvbskrs. Lkr `xompn`, blc = 9, tg`c w`gov`
1 1: (mki 9).Gkw`v`r, tg` r`oi`r sgkuni prkv` tgot T/cT bs oc bct`eron ikmobc bc bs prbm` (bc
loft, bt bs o `ni).9. Yg` rbce klc cmotrbf`s Mc(Q) bs ckt oc bct`eron ikmobc. Bt gos z`rk ibvbskrs.
O gkmkmkrpgbsm a`tw``c rbces bs o moppbce pr`s`rvbce oiibtbkc oci muntbpnbfotbkc(oci : oci ?).
I`cbtbkc 6.2. Ebv`c twk rbcesO oci A , ogkmkmkrpgbsm a`tw``cO ociA bs o lucftbkcg 4OA sotbslybce tg` lknnkwbce fkcibtbkcs lkr onn x, yO4
g(x + y) =g(x) + g(y)
g(xy) =g(x)g(y)g(:) = :
g(?) = ?.
Oftuonny, a`fous` A bs o erkup uci`r oiibtbkc, g(:) = : lknnkws lrkm
g(x + y) =g(x) + g(y).
@xompn` 6.9.
?. BlO bs o rbce, lkr ocy bct`e`r c
T, lkr ocyo
O, w` i`c` c
oay
c o= o + + o c
blc: (wbtg : o= :) ocic o=(c) o
blc >:. Yg`c, tg` mop g 4 T O ebv`c ay
g(c) =c ?Obs o rbce gkmkmkrpgbsm (wg`r` ?O bs tg` muntbpnbfotbv` bi`ctbty klO).
1. Ebv`c ocy r`on Q, tg` `vonuotbkc mop 4 QXW]Qi`c`i ay
(l(W)) =l()
lkr `v`ry pknyckmbon l(W) QXW] bs o rbce gkmkmkrpgbsm.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
57/114
8/13/2019 Notes on Public Key Cryptography and Primality Testing
58/114
07 FGOZY@Q 6. AOVBF LOFYV OAKPY EQKPZV, OCI CPMA@Q YG@KQR
sk g(x)= : ocig(x?) =g(x)?.
Aut tg`c, blg(x) = :, w` must gov` x = :. Fkcs`qu`ctny, g bs bcd`ftbv`.
O `ni gkmkmkrpgbsm g 4 H? H1 bs oc bskmkrpgbsm b tg`r` bs o gkmkmkrpgbsme 4 H1H? sufg tgote l= biH? ocil e= biH1. Yg`c,e bs ucbqu` oci i`ckt`i ay g
?
.Bt bs `osy tk sgkw tgot o abd`ftbv` `ni gkmkmkrpgbsm g 4 H?H1 bs oc bskmkrpgbsm. Ocbskmkrpgbsm lrkm o `ni tk bts`nl bs fonn`i oc outkmkrpgbsm.
Vbcf` `v`ry gkmkmkrpgbsmg 4 H?H1 a`tw``c twk `nis bs bcd`ftbv`, tg` bmoe` l(H?)bs o sua`ni kl H1. U` onsk soy tgot H1 bs oc `xt`csbkc kl H?. O `ni H bs sobi tk a`one`arobfonny fnks`i bl `v`ry pknyckmbonp(W) wbtg fk`stfb`cts bcHgos skm` rkkt bcH8 tgotbs, tg`r` bs skm` o Hsufg tgot p(o) = :. Bt foc a` sgkwc tgot `v`ry `niH gos skm`mbcbmon `xt`csbkc wgbfg bs one`arobfonny fnks`i, fonn`i oc one`arobf fnksur kl H. Lkr`xompn`, Fbs tg` one`arobf fnksur` kl aktg _ oci F.
Ebv`c o `ni Hoci oc outkmkrpgbsm g 4 HHklH, bt bs `osy tk fg`fh tgot tg` s`tLbx(g) ={oH|g(o) =o}
kl `n`m`cts klHx`i ayg bs o sua`ni klHfonn`i tg` `ni x`i ayg.
BlH bs o `ni, w` gov` tg` rbce gkmkmkrpgbsm g 4 T H ebv`c ay g(c) = c ?. Blgbs bcd`ftbv`, tg`c Hfkctobcs o fkpy klT, oci sbcf` bt bs o `ni, bt fkctobcs o fkpy kl_. Bctgbs fos`, w` soy tgot Hgos fgoroft`rbstbf :. Blg bs ckt bcd`ftbv`, tg`c g(T) bs o suarbce klH, oci tgus oc bct`eron ikmobc, wgbfg bs bskmkrpgbf tk T/pT lkr skm` p?. Aut tg`c, pmust a` prbm` sbcf` T/pTbs oc bct`eron ikmobc b bt bs o `ni bp bs prbm`. Yg` prbm` p bsfonn`i tg` fgoroft`rbstbfklH, oci w` onsk soys tgot H bs klcbt` fgoroft`rbstbf.
BlH1 bs o `ni `xt`csbkc klH?, tg`cH1 bs o v`ftkr spof` kv`r H?. Bl tg`H?-v`ftkr spof`
H1 gos cbt` ibm`csbkc m, w` soy tgot H1 bs oc `xt`csbkc kl i`er``m kv`rH?. Yg` i`er``klH1 kv`r H? bs i`ckt`i ay XH14 H?].
Lbcbt` `nis or` c`f`ssorbny kl cbt` fgoroft`rbstbf. Yg`y foc a` fkmpn t`ny fnossb`i,wgbfg bs tg` kad`ft kl tg` c`xt s`ftbkc.
6.0 Yg` Vtruftur` kl Lbcbt` Lb`nis
Vuppks` Hbs o `ni kl fgoroft`rbstbf p. Lkr `v`ryb, wbtg :bp, tg` abckmbon fk`stfb`ct
pb
bs ebv`c ay
pb = p!b!(p b)! ,
sk bl ?bp ?, w` gov`b
p
b
=p
p ?b ?
.
Vbcf` ?bp ? ocip bs prbm`, w` gov` efi(p, b) = ?, oci sk p ibvbi`s pb
.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
59/114
6.0. YG@ VYQPFYPQ@ KL LBCBY@ LB@NIV 02
Zrkpksbtbkc 6.61. BlHbs o `ni kl fgoroft`rbstbfp, tg` mop (Lrka`cbus mop) 4 HHebv`c ay
(o) =op
bs oc bskmkrpgbsm klHkctk o sua`ni klH i`ckt`iHp.
Zrkkl. Vbcf` H bs fkmmutotbv`, bt bs fn`or tgot (oa) = (o)(a). Kavbkusny(:) = : oci(?) = ?. Ay tg` abckmbon lkrmuno oci usbce tg` loft tgotp ibvbi`s
pb
lkr b = ?, . . . , p ?,
sbcf`Hgos fgoroft`rbstbf p, w` gov`pb
= : lkr b= ?, . . . , p ?, sk w` gov`
(o + a) = (o + a)p
=op +
p?b=?
p
b
opbab + ap
=op + ap =(o) + (a).
Yg`r`lkr`, bs o gkmkmkrpgbsm, oci os w` r`morh`i `ornb`r, bt bs bcd`ftbv`.
Yg` `ni T/pT wbtg p prbm` bs onsk i`ckt`i ay Lp. G`r bs tg` struftur` tg`kr`m lkrcbt` `nis (olt`r D.Z. V`rr`).
Yg`kr`m 6.66. N`tHa` o cbt` `ni.
(b) Yg` `niH bs kl fgoroft`rbstbfp1 (p prbm`). BlHbs kl i`er``m kv`rLp, tg`cHgosq= pm `n`m`cts.
(bb) N`tp a` ocy prbm`, n`tm a` ocy coturon cuma`rm?, oci wrbt`q=pm. Lkr ocyone`arobfony fnks`i `ni kl fgoroft`rbstbfp, tg`r` `xbsts o ucbqu` sua`niLq kl wbtgq `n`m`cts. Yg` mop q 4
ebv`c ayq(x) = x
q bs oc outkmkrpgbsm kl, oci
tg` `niLq bs tg` s`t kl rkkts kl tg` pknyckmbonWq W8 tgot bs, Lq = Lbx(q).(bbb) @v`ry cbt` `ni wbtgq= pm `n`m`cts bs bskmkrpgbf tk Lq.
Zrkkl. (b) Vbcf` H bs cbt`, tg` mop THebv`c ay cc ? focckt a` bcd`ftbv`, sk Hmust gov` fgoroft`rbstbf p1, oci bt fkctobcs Lp os o sua`ni. BlH gos ibm`csbkc mos ov`ftkr spof` kv`r Lp, tg`c bt bs kavbkus tgot Hgos p
m `n`m`cts.
(bb) U` hckw lrkm prkpksbtbkc 6.61 tgot tg` mop 4 ebv`c ay (x) = xp bs ocbcd`ftbv` gkmkmkrpgbsm. Vbcf`q =
m, tg` mop q bs onsk oc bcd`ftbv` gkmkmkrpgbsm.Vbcf` bs one`arobfonny fnks`i, lkr ocy oH, tg` pknyckmbonWq ogos o rkkt bc , wgbfgsgkws tgot q bs onsk surd`ftbv`, tgus oc outkmkrpgbsm kl . Yg`c, tg` `ni Lq x`i ay qbs o sua`ni kl . Vbcf` Lq bs onsk tg` s`t kl rkkts kl tg` pknyckmbon Wq W, bt gos ot mkstq rkkts. U` fnobm tgotL(W) =Wq Wgos sbmpn` rkkts. Lrkm o r`sunt kl one`aro, tgbs bstg` fos` bl tg` i`rbvotbv` L(W) klL(W) bs ckt tg` z`rk pknyckmbon. Aut, sbcf` w` or` bcfgoroft`rbstbfp oci m?, w` gov`
L(W) =qWq? ? =ppm?Wq? ? =?
8/13/2019 Notes on Public Key Cryptography and Primality Testing
60/114
8/13/2019 Notes on Public Key Cryptography and Primality Testing
61/114
Fgopt`r 9
Yg` Mbnn`rQoabc Y`st
9.? Yg` L`rmot Y`st8L-Ubtc`ss`s oci L-Nbors
Ygbs fgopt`r bs g`ovbny bcspbr`i ay Ib`tzl`nabce`r X9] oci Frocionn oci Zkm`rocf` X6]. Yg`Mbnn`rQoabc t`st moh`s us` kl twk aosbf prkp`rtb`s kl tg` prbm` cuma`rs4
(?) L`rmots nbttn` tg`kr`m, wgbfg soys tgot blp bs o prbm` oci blo bs ocy bct`e`r wgbfg bsckt o muntbpn` klp, tg`c
op? ? (mki p).Psuonny, w` ossum` tgot ?op ?.
(1) Blpbs o prbm`, tg`c ? gos kcny trbvbon squor` rkkts, wgbfg m`ocs tgot tg` kcny sknutbkcsowbtg ?op ? kl tg` fkceru`cf`
o1
? (mki p)
or`o= ? ocio = p ?.
Yk prkv` (1), kas`rv` tgot blo1 ? (mki p), tg`co1 ? = (o + ?)(o + ?) bs ibvbsban` ayp, oci sbcf` p bs prbm`, `btg`r p ibvbi`s o ? kr p ibvbi`s o + ?. A`fous` ?op ?, w`fkcfnui` tgot o= ? kr o= p ?. Kc tg` ktg`r goci, ? oci p ? or` onwoys squor` rkktskl ucbty mkiunk p (`v`c blp bs ckt prbm`), sbcf` ?1 ? (mki p) oci (p ?)1 (?)1 ?(mkip).
Bt turcs kut tgot ? oci? or` tg` kcny squor` rkkts kl ucbty mkiunk c bcbs kl tg` lkrm9,pm, kr 1pm, wg`r`p bs oc kii prbm`.? Yk prkv` tgbs loft, w` us` tg` lknnkwbce prkpksbtbkc.
Zrkpksbtbkc 9.?. Bl p bs oc kii prbm`, tg`c tg`r` or` `xoftny twk squor` rkkts kl ucbtymkiunk pm oci 1pm (m ?), com`ny ? oci?. Yg`r` bs o ucbqu` squor rkkt kl ucbtymkiunk1 (b.`. ?), twk squor` rkkts kl ucbty mkiunk 9 (b.`.?), oci lkur squor` rkkt kl ucbtymkiunk 1m blm6, com`ny? oci1m? ?.
?B tgoch Z`t`r Lr yi lkr fkmmucbfotbce tgbs r`sunt tk m`.
8/13/2019 Notes on Public Key Cryptography and Primality Testing
62/114
8/13/2019 Notes on Public Key Cryptography and Primality Testing
63/114
9.?. YG@ L@QMOY Y@VY8L-UBYC@VV@V OCIL-NBOQV
8/13/2019 Notes on Public Key Cryptography and Primality Testing
64/114
8/13/2019 Notes on Public Key Cryptography and Primality Testing
65/114
9.?. YG@ L@QMOY Y@VY8L-UBYC@VV@V OCIL-NBOQV
8/13/2019 Notes on Public Key Cryptography and Primality Testing
66/114
8/13/2019 Notes on Public Key Cryptography and Primality Testing
67/114
9.1. FOQMBFGO@N CPMA@QV
8/13/2019 Notes on Public Key Cryptography and Primality Testing
68/114
p1mc sk tgot
op + ? (mki p1)o
? (mkim).
Vbcf` p1 ibvbi`s o(p + ?), tg` prbm` p ik`s ckt ibvbi` o, sk efi(o, ph) = ?. Vbcf`o ? (mki m), w` onsk gov` efi(o, m) = ?. A`fous` efi(ph, m) = ? oci c = phm, w`fkcfnui` tgot efi(o, c) = ?. U` fnobm tgot oc? ? (mki c). Os bc fos` ?, w` prkf``iay fkctroibftbkc. Yg`c, ay tg` som` r`oskcbce, w` i`iuf` tgot p ibvbi`s c ?. Ygbs tbm`,c ? =phm ?, oci oeobc p ik`s ckt ibvbi` c ?, o fkctroibftbkc.
(1) Ay (?), c bs o prkiuft kl ibstbcft prbm`s. Ossum` tgot tg` prbm` p ibvbi`s c. Vbcf`pbs prbm`, tg` erkup (T/pT) bs fyfnbf (s`` Yg`kr`m 6.1?) sk pbfh o e`c`rotkr e (o prbmbtbv`rkkt mkiunk p). Ay tg` Fgbc`s` r`mobci`r tg`kr`m, w` foc ci skm` a sufg tgot
a
e (mkip)
a? (mki c/p).Vbcf` c bs o prkiuft kl ibstbcft prbm`s, tg` cuma`rs p oci c/p gov` ck fkmmkc loftkr, skefi(a, c) = ?. Vbcf` c bs o Formbfgo`n cuma`r, w` gov`
ac? ? (mki c),
8/13/2019 Notes on Public Key Cryptography and Primality Testing
69/114
8/13/2019 Notes on Public Key Cryptography and Primality Testing
70/114
5: FGOZY@Q 9. YG@ MBNN@QQOABC Y@VY
9.6 Yg` Mbnn`rQoabc Y`st8 MQ-Ubtc`ss`s oci MQ-
Nbors
Yg` c`w bi`o bs tk moh` us` kl tg` ckctrbvbon squor` rkkt kl ucbty t`st. Blc6 bs oc kii
bct`e`r, w` foc loftkr tg` nore`st pkw`r kl 1 bc c ?8 tgot bs, w` wrbt`c ? = 1ht,
wg`r`t bs kii. Yg` pkbct bs tgot blc bs prbm`, tg`c lkr ocyowgbfg bs ckt o muntbpn` klc,tg` r`sbiu`s klot ocio1
bt (wbtg :bh ?) mkiunkcmust sotbsly skm` sp`fbon fkcibtbkc.Zrkpksbtbkc 9.5. N`tc a` oc kii prbm`, oci wrbt`
c= 1ht, wbtgt kii ocih?.
Lkr ocy coturon cuma`ro wgbfg bs ckt o muntbpn` klc, kc` kl tg` lknnkwbce twk fkcibtbkcs
must gkni4
(?) `btg rot ? (mki c),(1) kro1
bt c ? (mki c), lkr skm`b wbtg:bh ?.Zrkkl. Ay L`rmots nbttn` tg`kr`m, w` gov`
oc? ? (mki c),
tgot bso1
ht
? (mki c).
Ygbs bmpnb`s tgot bl w` fkcsbi`r tg` nbst
a:= ot, a?= o
1t, a1 = o11t, . . . , ah? = o
1h?t, ah = o1ht =oc?,
tg` nost cuma`r bs fkceru`ct tk ? mkiunk c, oci sbcf`
o1b+?t =
o1
bt1
,
w` gov` ab+?= a1b , lkr b = :, . . . , h ?. Yg`r` or` kcny twk pkssbabnbtb`s4
(b) U` gov`a:= ot
? (mki c).(bb) Yg`r` bs skm` ab sufg tgot ab ? (mkic), aut a1b ? (mki c), lkr skm` b wbtg
:bh ?. A`fous`c bs prbm`, w` hckw tgot a1b ? (mki c) bmpnb`s tgotab ?(mkic), oci sbcf` +? bs run`i kut, w` must gov` ab ?c ? (mkic).
Fos` (b) fkrr`spkcis tk fos` (?) oci fos` (bb) fkrr`spkcis tk fos` (1).
8/13/2019 Notes on Public Key Cryptography and Primality Testing
71/114
9.6. YG@ MBNN@QQOABC Y@VY8MQ-UBYC@VV@V OCIMQ-NBOQV 5?
Zrkpksbtbkc 9.5 bmpnb`s tgot bl w` foc ci skm` coturon cuma`r o sufg tgot
(o) ot ? (mkic), oci(a) o1
bt c ? (mkic), lkr onnb wbtg ?bh ?,tg`c c must a` o fkmpksbt`. Fn`orny, o= ?, aut o= c ? os w`nn, sbcf` (c ?)t ?,a`fous` t bs kii. Yg` oakv` n`ois tk tk tg` lknnkwbce i`cbtbkc.
I`cbtbkc 9.6. N`tc6 a` ocy kii bct`e`r, oci wrbt`c ? = 1ht, wbtgh? ocit kii.(?) O cuma`ro sufg tgot 1oc 1 bs oMbnn`rQoabc wbtc`ss, lkr sgkrt oMQ-wbtc`ss
lkrc, bl tg` lknnkwbce twk fkcibtbkcs gkni4
(o) ot ? (mki c), oci(a) o1
bt c ? (mki c), lkr onn b wbtg ?bh ?.
(1) Blc bs fkmpksbt`, tg`c ocy bct`e`ro wbtg ?oc ? bsMbnn`rQoabc nbor, lkr sgkrtocMQ-nbor lkrc, bobs ckt ocMQ-wbtc`ss lkrc. Yg` s`t klMQ-nbors lkrcbs i`ckt`iayNMQc , oci w` gov`
NMQc ={o {?, . . . , c ?}, `btg`rot ? (mki c),kr o1
bt c ? (mki c), lkr skm` b wbtg :bh ?}.
Yg` cuma`rs o= ? oci o= c ? or` trbvbon MQ-nbors. Kas`rv` tgot `v ry MQ-nbor bsoc L-nbor4 Blot ? (mki c), tg`c
oc?
ot1h (?)1h ? (mkic),oci blo1
bt c ? (mki c), lkr skm` b wbtg :bh ?, tg`c
oc?
o1bt1hb
(?)1hb ? (mkic),
sbcf`bh ?.Ygus, NMQc NLc , aut uclkrtucot`ny, NMQc bs ckt o erkup. Lkr `xompn`, blc = 610 =
01 ?6, tg`cc ? = 11 7?, oci bt bs `osy tk v`rbly tgot
517?
619 (mki 610)6117? 619 (mki 610)
1197? 159 (mki 610)11917? ? (mki 610)
119117? ? (mki 610),
8/13/2019 Notes on Public Key Cryptography and Primality Testing
72/114
51 FGOZY@Q 9. YG@ MBNN@QQOABC Y@VY
sk 5 oci 61 or` aktg MQ-nbors, aut tg`br prkiuft 119 bs o MQ-wbtc`ss. Ug`cc bs ckt oFormbfgo`n cuma`r, NMQc bs fkctobc`i bcN
Lc wgbfg bs o prkp`r suaerkup kl (T/cT)
, sk tg`prkpkrtbkc klMQ-nbors bs n`ss tgoc ?/1, aut wg`cc bs o Formbfgo`n cuma`r, w` c``i tk ciocktg`r prkp`r suaerkup kl (T/cT) fkctobcbceNMQc . Lkrtucot`ny, tgbs bs pkssban`.
Oc kii fkmpksbt` cuma`rc sufg tgot o wbtg 1oc 1 bs ocMQ-nbor lkrc bs fonn`io strkce ps`uikprbm` aos`o.A`fous` `v`ry MQ-nbor bs oc L-nbor, `v`ry strkce ps`uikprbm` aos` o bs o ps`uikprbm`
aos` o. Yg` fkcv`rs` bs lons`.
Lkr `xompn`, w` sow `ornb`r tgot c= 69? bs o ps`uikprbm` aos` 1. Aut 69? bs ckt o strkceps`uikprbm` aos` 1, a`fous` 69: = 11 70, 170 61 (mki 69?), oci 1170 ? (mki 69?),sk 1 bs ocMQ-wbtc`ss lkr 69?. Bc loft, 61 bs o ckctrbvbon squor` rkkt kl ucbty mkiunk 69?.
G`r` bs oc `xompn` kl o ps`uikprbm` aos` ?: wgbfg bs onsk o strkce ps`uikprbm` aos`?:, com`ny c= 2?. Bci``i, 2: = 1 90, oci ?:90 2: (mki 2?), wgbfg sgkws tgot ?: bsoc MQ-nbor.
Yg` Formbfgo`n cuma`rc = 0
8/13/2019 Notes on Public Key Cryptography and Primality Testing
73/114
9.6. YG@ MBNN@QQOABC Y@VY8MQ-UBYC@VV@V OCIMQ-NBOQV 56
pknyckmbon ruccbce tbm` i`p`cis kc tg` trutg kl tg` @xt`ci`i Qb`mocc Gypktg`sbs (lkrsgkrt, @QG), o y`t lomkus ucprkv`i cuma`r-tg`kr`tbf fkcd`ftur`. U` wbnn soy o nbttn` mkr`oakut bt not`r. Vkm` y`ors not`r, orkuci ?27:, M. Qoabc (oci bci`p`ci`ctny N. Mkcb`r)lkuci o woy kl mohbce Mbnn rs t`st bctk o rocikmbz`i onekrbtgm. Ygbs onekrbtgm bs ckwhckw os tg` Mbnn`rQoabc t`st. G`r` bt bs.
Mbnn`rQoabc t`st
Yg` bcput bs oc kii bct`e`r c 36.
prkf`iur`mbnn`r-roabc(c)a`ebc
I`fkmpks` c os c ? = 1ht, wbtgtkiiFgkks` rocikm bct`e`r o {1, . . . , c 1}8a4= ot mki c8bla= ? kr a= c
? tg`c f4= :8 r`turc f8 `xbt8
( c bs o strkce ps`uikprbm` aos` o)lkr b= ? tk h ? ik
a4= a1 mki c8bl a= c ? tg`c f4= :8 r`turc f8 `xbt( c bs o strkce ps`uikprbm` aos` o)bl a= ? tg`c f4= ?8 r`turc f8 `xbt (cbs fkmpksbt` )
`cilkr 8f4= ?8 r`turc f ( c bs fkmpksbt` )
`ci
U` c``i tk sgkw tgot tg` onekrbtgm a`gov`s fkrr`ftny8 tgot bs, w` c``i tk sgkw tgot c bsbci``i fkmpksbt` wg`c bt r`turcs tg` kutput f = ? (fkmpksbt`). Yg`r` or` twk woys tgottgbs foc gopp`c. N`t a:= o
t mki c ociob= o1bt mki c, lkr b = ?, . . . , h.
(o) Lkr skm` b, ? b h?, tg` onekrbtgm cis tgot a = ?. Bc kri`r tk r`ofg tgbsfkcibtbkc, bt must a` tg` fos` tgot a:, a?, . . . , ab? / {?, c?}, sbcf` ktg`rwbs` tg`prkerom wkuni gov` stkpp`i. Os skkc osab = ?, w` onsk gov` ab+?= . . .= ah = ?. Auttg`c,a: / {?, ?} ociab=c ? lkr b = ?, . . . , h ?, sk obs oc MQ-wbtc`ss oci c bsbci``i fkmpksbt`.
(a) Yg` prkerom ek`s trkueg onn h? rkucis tgrkueg tg` lkr nkkp oci r`turcs f = ?(fkmpksbt`). Bc tgbs fos , onn tg` t`sts (bc tg` bl stot`m`cts) gov` lobn`i, oci w`
must gov` ab / {?, c?} lkr b = :, . . . , h?. Oeobc o bs oc MQ-wbtc`ss oci c bsfkmpksbt`.
Yg` fkmputotbkcon fkmpn`
Recommended