UNIT I - INTRODUCTION & NUMBER THEORY

OSI security architecture-Network security model- Classical Encryption techniques (Symmetric

cipher model, substitution techniques, transposition techniques, steganography). Number Theory:
Modular arithmetic-Euclid’s algorithm- Fermats and Eulers theorem- The Chinese remainder
theorem.

Computer Security:
The protection afforded to an automated information system in order to attain the applicable objectives
of preserving the integrity, availability and confidentiality of information system resources.

Three objectives of computer security:

a) confidentiality b) integrity c) availability

a) Confidentiality:
- Data confidentiality: Assures that private or confidential information is not made available or
disclosed o unauthorized individuals.
- Privacy: Assures that individuals control or influence what information related to them maybe
collected and stored and by whom and to whom it may be disclosed.
b) Integrity:
- Data Integrity: Assures that information and programs are changed only in a specified and authorized
manner.
- System Integrity: Assures that a system performs its intended function in an unimpaired manner free
from deliberate or inadvertent unauthorized manipulation of the system.
c) Availability: Assures that system works promptly and service is not denied to authorized users.

Important Terminologies

Plain text: An original message is known as the plaintext.

Cipher text: The coded message is called the cipher text.
Encryption: The process of converting from plaintext to cipher text is known as enciphering or
encryption.
Decryption: The process of converting from cipher text in to plain text is known as deciphering or
decryption.
Cryptography The many schemes used for encryption constitute the area of study known as
cryptography. Such a scheme is known as a cryptographic system or a cipher.
Cryptanalysis: Techniques used for deciphering a message without any knowledge of the
enciphering details fall into the area of cryptanalysis. Cryptanalysis is what the layperson calls
“breaking the code.”
Cryptology: The areas of cryptography and cryptanalysis together are called cryptology.
OSI SECURITY ARCHITECTURE (X.800)

The OSI security architecture focuses on security attacks, mechanisms, and services. These can be
defined briefly as follows:
a) Security attack – Any action that compromises the security of information owned by an
organization
b) Security mechanism – A mechanism that is designed to detect, prevent or recover from a security
attack
c) Security service – A service that enhances the security of the data processing systems and the
information transfers of an organization.

a) SECURITY ATTACK
There are two types of attacks
• Passive attacks
• Active attacks

Passive attack
Passive attacks attempt to learn or make use of information from the system but do not affect system
resources. The goal of the opponent is to obtain information that is being transmitted.

Passive attacks are of two types:

➢ Release of message contents
➢ Traffic analysis:

Release of message contents: The opponent would learn the contents of the transmission. A
telephone conversation, an e-mail message and a transferred file may contain sensitive or confidential
information. We would like to prevent the opponent from learning the contents of these transmissions.

Traffic analysis: The opponent could determine the location and identity of communicating hosts and
could observe the frequency and length of messages being exchanged. This information might be
useful in guessing the nature of the communication that was taking place. Passive attacks are very
difficult to detect, because they do not involve any alteration of the data. However, it is feasible to
prevent the success of these attacks.
Active Attacks
These attacks involve some modification of the data stream or the creation of a false stream.

Active attacks can be classified in to four categories:

Masquerade – One entity pretends to be a different entity. Here, the attacker capturers the

authentication and impersonifies the sender.

Replay – The attacker captures the message and retransmits the message without modification to
produce unauthorized effect.

Modification of messages – The attacker captures the message and retransmits the message with
modification to produce unauthorized effect.
Denial of service – The attacker may suppress all messages directed to a particular destination.
Another form of service denial is the disruption of an entire network, either by disabling the network
or by overloading it with messages so as to degrade performance.
It is quite difficult to prevent active attacks absolutely, because to do so would require physical
protection of all communication facilities and paths at all times. Instead, the goal is to detect them and
to recover from any disruption or delays caused by them.

b) SECURITY SERVICES
X.800 defines a security service as a service that is provided by a protocol layer of communicating
open systems and that ensures adequate security of the systems or of data transfers.
The classification of security services are as follows:

(i) Authentication: The authentication service is concerned with assuring that a communication is
authentic.
Two specific authentication services are defined in X.800:
• Peer entity authentication: Provide confidence in the identity of entities connected.
• Data origin authentication: Provide assurance that the source of received data is as claimed.

(ii) Access control: Access control is the ability to limit and control the access to host systems and
applications.

(iii) Data Confidentiality: Confidentiality is the protection of transmitted data from passive attacks.
• Connection Confidentiality
The protection of all user data on a connection.
• Connectionless Confidentiality
The protection of all user data in a single data block.
• Selective-Field Confidentiality
The confidentiality of selected fields within the user data on a connection or in a single data block.
• Traffic-Flow Confidentiality
The protection of the information that might be derived from observation of traffic flows.

(iv) Data Integrity: The assurance that data received are exactly as sent by an authorized entity.
• Connection Integrity with Recovery
Provides for the integrity of all user data on a connection and detects any modification, insertion,
deletion, or replay of any data within an entire data sequence, with recovery attempted.
• Connection Integrity without Recovery
As above, but provides only detection without recovery.
• Selective-Field Connection Integrity
Provides for the integrity of selected fields within the user data of a data block transferred over a
connection and takes the form of determination of whether the selected fields have been modified,
inserted, deleted, or replayed.
• Connectionless Integrity
Provides for the integrity of a single connectionless data block and may take the form of detection of
data modification. Additionally, a limited form of replay detection may be provided.
• Selective-Field Connectionless Integrity
Provides for the integrity of selected fields within a single connectionless data block; takes the
form of determination of whether the selected fields have been modified.

(v) Non repudiation: Provides protection against denial by one of the entities involved in a
communication of having participated in all or part of the communication.
• Nonrepudiation, Origin
Proof that the message was sent by the specified party
• Nonrepudiation, Destination
Proof that the message was received by the specified party

c) SECURITY MECHANISMS

• Encipherment:
It uses mathematical algorithm to transform data into a form that is not readily intelligible. It depends
upon encryption algorithm and key

• Digital signature:
Data appended to or a cryptographic transformation of a data unit that is to prove integrity of data unit
and prevents from forgery.

• Access control
A variety of mechanisms that enforce access rights to resources.

• Data integrity
Assures that information and programs are changed only in a specified and authorized manner

• Traffic padding
The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.

• Notarization
The use of a trusted third party to assure certain properties of a data exchange.

MODEL FOR NETWORK SECURITY

Encryption/Decryption methods fall into two categories.

In symmetric key algorithms, the encryption and decryption keys are known both to sender and
receiver. The encryption key is shared and the decryption key is easily calculated from it. In many
cases, the encryption and decryption keys are the same.
In public key cryptography (or) asymmetric key cryptography, encryption key is made public, but
it is computationally infeasible to find the decryption key without the information known to the
receiver.

A message is to be transferred from one party to another across some sort of internet. The two parties,
who are the principals in this transaction, must cooperate for the exchange to take place. A logical
information channel is established by defining a route through the internet from source to destination
and by the cooperative use of communication protocols (e.g., TCP/IP) by the two principals.

All the techniques for providing security have two components:

• A security-related transformation on the information to be sent. Examples include the
encryption of the message, which scrambles the message so that it is unreadable by the opponent.
• Some secret information shared by the two principals and, it is hoped, unknown to the opponent.
An example is an encryption key used in conjunction with the transformation to scramble the message
before transmission

A trusted third party may be needed to achieve secure transmission. For example, a third party may be
responsible for distributing the secret information to the two principals while keeping it from any
opponent.

This general model shows that there are four basic tasks in designing a particular security service:
1. Design an algorithm for performing the security-related transformation. The algorithm should be
such that an opponent cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop methods for the distribution and sharing of the secret information.
4. Specify a protocol to be used by the two principals that makes use of the security algorithm and
the secret information to achieve a particular security service.

SYMMETRIC CIPHER MODEL

Symmetric encryption also referred to as conventional encryption or single-key encryption. Here, the
sender and recipient share a common key.
A symmetric encryption scheme has five ingredients

1) Plaintext: This is the original intelligible message or data that is fed into the algorithm asinput.
2) Encryption algorithm: The encryption algorithm performs various substitutions and
transformations on the plaintext.
3) Secret key: The secret key is also input to the encryption algorithm. The key is a value
independent of the plaintext and of the algorithm. The algorithm will produce a different output
depending on the specific key being used at the time. The exact substitutions and transformations
performed by the algorithm depend on the key.
4) Cipher text: This is the scrambled message produced as output. It depends on the plaintext and the
secret key. For a given message, two different keys will produce two different cipher texts. The cipher
text is an apparently random stream of data and, as it stands, is unintelligible.
5) Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the
cipher text and the secret key and produces the original plaintext.

There are two requirements for secure use of conventional encryption:

1. We need a strong encryption algorithm.
2. Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep
the key secure.

It is impractical to decrypt a message on the basis of the cipher text plus knowledge of the
encryption/decryption algorithm. In other words, we do not need to keep the algorithm secret; we
need to keep only the key secret.
Model of symmetric cryptosystem:

A source produces a message in plaintext: X = [X1, X2,..., XM].

M- elements of X are letters.
For encryption, a key of the form: K = [K1, K2, …, KJ] is generated.
If the key is generated at the message source, then it must also be provided to the destination by
means of some secure channel. Alternatively, a third party could generate the key and securely deliver
it to both source and destination.
With the message X and the encryption key K as input, the encryption algorithm forms the cipher text
Y = [Y1, Y2,…, YN]. Y =E(K, X)
Y- cipher text
E- Encryption algorithm K- Key
X-Plain text
At the receiver side the transformation:
X = D(K, Y)
Y- cipher text
D-Decryption algorithm K- Key
X- Plain text

Cryptographic systems are generally classified along 3 independent dimensions:

1) Type of operations used for transforming plain text to cipher text

All the encryption algorithms are based on two general principles:
➢ Substitution, in which each element in the plaintext is mapped into another element
➢ Transposition, in which elements in the plaintext are rearranged.
2) The number of keys used
➢ If the sender and receiver uses same key then it is said to be symmetric key (or) single key (or)
conventional encryption.
➢ If the sender and receiver use different keys then it is said to be public key encryption.
3) The way in which the plain text is processed
➢ A block cipher processes the input and block of elements at a time, producing output block for
each input block.
➢ A stream cipher processes the input elements continuously, producing output element one at a
time, as it goes along.

CRYPTANALYSIS AND BRUTE-FORCE ATTACK

There are two general approaches to attacking a conventional encryption scheme:
Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm and some knowledge of the
general characteristics of the plaintext or even some sample plaintext–cipher text pairs.
Classification of attacks:
a) Classical Cryptanalysis
- Brute force attack
- Analytical attack
b) Social Engineering
c) Implementation attacks
Brute-force attack: The attacker tries every possible key on a piece of cipher text until an intelligible
translation into plaintext is obtained.

There are various types of cryptanalytic attacks based on the amount of information known to the
cryptanalyst.
Type of Attack Known to Cryptanalyst
Cipher text Only • Encryption algorithm
• Cipher text
Known Plaintext • Encryption algorithm
• Cipher text
• One or more plaintext–cipher text pairs formed with the secret key
Chosen • Encryption algorithm
Plaintext • Cipher text
• Plaintext message chosen by cryptanalyst, together with its
corresponding Cipher text generated with the secret key
Chosen Cipher • Encryption algorithm
text • Cipher text
• Cipher text chosen by cryptanalyst, together with its
corresponding decrypted plaintext generated with the secret key
Chosen Text • Encryption algorithm
• Cipher text
• Plaintext message chosen by cryptanalyst, together with its
corresponding Cipher text generated with the secret key
• Cipher text chosen by cryptanalyst, together with its
corresponding decrypted plaintext generated with the secret key

Encryption algorithms are to be

➢ Unconditionally secure
➢ Computationally secure

An encryption scheme is unconditionally secure if the cipher text generated by the scheme does not
contain enough information to determine uniquely the corresponding plaintext.
An encryption scheme is said to be computationally secure, if
If the cost of breaking the cipher exceeds the value of the encrypted information
If the time required to break the cipher exceeds the useful lifetime of the information.

Kerkhoff’s Principle:
A cryptosystem should be secure even if the attacker knows all the details about the system, with the
exception of the secret key.
SUBSTITUTION TECHNIQUES

• A substitution technique is one in which the letters of plaintext are replaced by other letters or by
numbers or symbols.
• Substitution ciphers can be categorized as either
i) Monoalphabetic ciphers ii) polyalphabetic ciphers.
• In monoalphabetic substitution, the relationship between a symbol in the plaintext to a symbol in
the ciphertext is always one-to-one.
• In polyalphabetic substitution, each occurrence of a character may have a different substitute.
The relationship between a character in the plaintext to a character in the ciphertext is one-to-many.

Various substitution ciphers are

(i) Caesar Cipher or Shift cipher

(ii) Mono alphabetic cipher (Frequency analysis)
(iii) Playfair cipher
(iv) Hill cipher
(v) Vignere cipher
(vi) Vernam cipher
(vii) One Time Pad

(i) CAESAR CIPHER (OR) SHIFT CIPHER

Caesar cipher was proposed by Julius Caesar. The Caesar cipher involves replacing each letter of the
alphabet with the letter standing 3 places further down the alphabet.

Let us assign a numerical equivalent to each letter:

Note that the alphabet is wrapped around, so that letter following ‘z’ is ‘a’.
For each plaintext letter p, substitute the cipher text letter c such that
C = E(3, P) = (P+3) mod 26
Decryption is
P=D(3,C)=(C-3) mod 26
The general Caesar algorithm is
C = E(K, P) = (P + K) mod 26 where k takes on a value in the range 1 to 25.
The decryption algorithm is simply
P = D(K, C) = (C - K) mod 26
If it is known that a given cipher text is a Caesar cipher, then a brute-force cryptanalysis is easily
performed: simply try all the 25 possible keys.

Cryptanalysis of Caesar Cipher

1. The encryption and decryption algorithms are known.
2. There are only 25 possible keys. Hence brute force attack takes place
3. The language of the plaintext is known and easily recognizable

Brute-Force Cryptanalysis of Caesar Cipher

(ii) MONOALPHABETIC CIPHER

• Each plaintext letter maps to a different random cipher text letter
• Here, 26! Possible keys are used to eliminate brute force attack
There is, however, another line of attack. If the cryptanalyst knows the nature of the plaintext (e.g.,
non-compressed English text), then the analyst can exploit the regularities of the language.

As a first step, the relative frequency of the letters can be determined and compared to a standard
frequency distribution for English
Relative frequency of letters in English text

Only four letters have been identified, but already we have quite a bit of the message.
Continued analysis of frequencies plus trial and error should easily yield a solution from this
point. The complete plaintext, with spaces added between words, follows:

Disadvantage of Monoalphabetic Ciphers:

They are easy to break because they reflect frequency data of the original alphabet.

A countermeasure is to provide multiple substitutes known as homophones for a single letter.

Eg: the letter ‘e’ could be assigned a number of different cipher symbols such as 16, 74, 35 and
21 with each homophone assigned to a letter in rotation or randomly.
(iii) PLAYFAIR CIPHER

The best known multiple letter encryption cipher is the playfair, which treats digrams in the
plaintext as single units and translates these units into cipher text digrams. The playfair
algorithm is based on the use of 5x5 matrix of letters constructed using a keyword.
Let the keyword be “monarchy‟. The
matrix is constructed by
• Filling in the letters of the keyword from left to right and from top to bottom
• Duplicates are removed
• Remaining unfilled cells of the matrix is filled with remaining alphabets in alphabetical
order.
The matrix is 5x5. It can accommodate 25 alphabets. To accommodate the 26th alphabet I and J

are counted as one character.

Rules for encryption
Repeating plaintext letters that would fall in the same pair are separated with a filler letter
such as ‘x’.
Two plaintext letters that fall in the same row of the matrix are each replaced by the letter to
the right, with the first element of the row circularly following the last. For example, AR is
encrypted as RM.
Two plaintext letters that fall in the same column are each replaced by the letter beneath,
with the top element of the column circularly following the last. For example, mu is encrypted
as CM.
Otherwise, each plaintext letter in a pair is replaced by the letter that lies in its own row and
the column occupied by the other plaintext letter. Thus, HS becomes BP and EA becomes IM
(or JM, as the encipherer wishes).

Example
Plain text: Balloon Ba ll oo n
Ba lx lo on
Ba - I/JB
LX - SU
LO - PM
ON - NA
Strength of playfair cipher

is more difficult.

Disadvantage
Easy to break because it has the structure and the resemblance of the plain text language
(iv) HILL CIPHER
It is a multi-letter cipher. It is developed by Lester Hill. The encryption algorithm takes m
successive plaintext letters and substitutes for them m cipher text letters. The substitution is
determined by m linear equations in which each character is assigned numerical value

(a=0,b=1…z=25). For m =3 the system can be described as follows:

C=KP mod 26
C and P are column vectors of length 3 representing the cipher and plain text

respectively. Consider the message 'ACT', and

The key below (or GYBNQKURP in letters)

Thus the enciphered vector corresponds to a ciphertext of 'POH’

Decryption
Decryption algorithm is done as P=K-1C mod 26
In order to decrypt, we turn the ciphertext back into a vector, then simply multiply by the

inverse matrix of the key matrix (IFKVIVVMI in letters).

Cipher text of 'POH'
Now gets us back the plain text 'ACT'

Merits and Demerits

• Completely hides single letter and 2 letter frequency information.
• Easily attacked with known plain text attack

Polyalphabetic Cipher: Poly alphabetic cipher is a simple technique to improve mono-

alphabetic technique. The features are
a) A set of mono-alphabetic substitution rules are used
b) A key determines which particular rule is chosen for a given transformation.

(v) VIGENERE CIPHER

Each of the 26 ciphers is laid out horizontally, with the key letter for each cipher to its left. A
normal alphabet for the plaintext runs across the top. The process of encryption is simple:
Given a key letter x and a plaintext letter y, the cipher text is at the intersection of the row
labelled x and the column labelled y; in this case, the cipher text is V. To encrypt a message, a
key is needed that is as long as the message. Usually, the key is a repeating keyword.
Key=deceptive
Plain text= we are discovered save yourself
e.g., key = d e c e p t i v e d e c e p t i v e d e c e p t i v e
PT = wearediscoveredsaveyourself
CT = ZICVTWQNGRZGVTWAVZHCQYGLMGJ
Decryption is equally simple. The key letter again identifies the row. The position of the
cipher text letter in that row determines the column, and the plaintext letter is at the top of that
column.

Encryption: Ci = (Pi + Ki) mod 26

Decryption: Pi = (Ci + Ki) mod 26

Example:
For ‘w’: C0 = (P0 + K0) mod 26 = (22 + 3)mod 26 = 25 = ‘z’
Strength of Vigenere cipher
o There are multiple ciphertext letters for each plaintext letter.
o Letter frequency information is obscured.

Drawbacks of Vigenere cipher

• Cryptanalyst can guess the plain text using combinations like ‘VTW’ twice in the above
given example.
Vigenere proposed autokey system to eliminate the periodic nature of keyword. Here, the
keyword is concantenated with the plaintext itself.

(vi) VERNAM CIPHER

It is an unbreakable cryptosystem. It represents the message as a sequence of 0s and 1s. This
can be accomplished by writing all numbers in binary, for example, or by using ASCII. The
key is a random sequence of 0‟s and 1‟s of same length as the message. Once a key is used, it
is discarded and never used again.

The system can be expressed as follows:

Ci = Pi XOR Ki
Ci - ith binary digit of cipher text Pi - ith binary digit of plaintext Ki - ith binary digit of key
Pi = Ci XOR Ki

Thus the cipher text is generated by performing the bitwise XOR of the plaintext and the key.
Decryption uses the same key. Because of the properties of XOR, decryption simply involves
the same bitwise operation:

Example:
P =00101001
K = 1 0 1 0 1 1 0 0 (Encryption)
C=10000101
Similarly do decryption.

Advantages
• It is unbreakable since cipher text bears no statistical relationship to the plaintext
• Not easy to break
Drawbacks
• Practically impossible to generate a random key as to the length of the message
• The second problem is that of key distribution and key protection.
Due to the above two drawbacks, one time pad is of limited use and is used for low band width
channel which needs high security.

vii) ONE TIME PAD

Proposed by army signal corp officer Joseph Mauborgne. It is an improvement over vernam
cipher. The random key is as long as the plaintext i.e. there is no key repetition. A unique key I
used to encrypt and decrypt a single message and then discarded. Since each message requires a
new key for encryption, it is called One-Time Pad (OTP). It is unbreakable and produces a
random output that bears no statistical relationship of plaintext. The main disadvantage of OTP
is random key generation and safe distribution of key.

TRANSPOSITION TECHNIQUES
A very different kind of mapping is achieved by performing some sort of permutation on the
plaintext letters. This technique is referred to as a transposition cipher.
i) RAIL FENCE CIPHER
It is simplest of such cipher, in which the plaintext is written down as a sequence of diagonals
and then read off as a sequence of rows.
Plaintext = meet at the school house
To encipher this message with a rail fence of
depth 2, We write the message as follows:
m e a t e c o l o s
e t t h s h o h u e
The encrypted message Cipher text MEATECOLOSETTHSHOHUE

ii) ROW TRANSPOSITION CIPHERS

A more complex scheme is to write the message in a rectangle, row by row, and read the
message off, column by column, but permute the order of the columns. The order of columns
then becomes the key of the algorithm.
Example:
plaintext = meet at the school house
Key = 4 3 1 2 5 6 7
PT = m e e t a t t
h esc hoo
l house x
CT = ESOTCUEEHMHLAHSTOETO
Demerits
• Easily recognized because the frequency is same in both plain text and cipher text.
• Can be made secure by performing more number of transpositions.

STEGANOGRAPHY
In Steganography, the plaintext is hidden. The existence of the message is concealed. For
example, the sequence of first letters of each word of the overall message spells out the
hidden message.
Various other techniques have been used historically; some examples are the following:
• Character marking: Selected letters of printed or typewritten text are overwritten in
pencil. The marks are ordinarily not visible unless the paper is held at an angle to bright light.
• Invisible ink: A number of substances can be used for writing but leave no visible trace
until heat or some chemical is applied to the paper.
• Pin punctures: Small pin punctures on selected letters are ordinarily not visible unless the
paper is held up in front of a light.
• Typewriter correction ribbon: Used between lines typed with a black ribbon, the results
of typing with the correction tape are visible only under a strong light.

All these techniques seem to be archaic. One of the fewer techniques is to hide the message by
using the least significant bits of frames a CD.
Alternative method is to first encrypt and then hide the message using steganography.
Drawback
• It requires a lot of overhead to hide a relatively few bits of information.
• Once the system is discovered, it becomes virtually worthless

NUMBER THEORY
Divisibility:
A non-zero b divides a if a = mb for some m where a, b and m are integers and there is no
remainder on division. It is denoted by b|a i.e. b divides a.
Eg: 3|15, -15|60
Properties of Divisibility of integers:
1. If a|1, then a = ±1
2. If a|b and b|a, then a = ±b
3. For any b, b≠0, b divides 0 i.e. b|0
4. If a|b and b|c, then a|c
5. If b|g and b|h, then b|(mg+nh) for arbitrary integers m and n
Division Algorithm:
Given any positive integer n and any non-negative integer a, if we divide a by n, then we get an
integer quotient q and an integer remainder r, such that they obey the following relationship,
a = qn + r ; 0 ≤ r ≤ n
Eg: a=11, n=7, then q=1 and r=4. Therefore a=qn+r 11=1.7 + 4
Prime and Composite Numbers:
A number b, such that b > 1 and divisible only by 1 and itself is called a prime number.
Eg: 2, 3, 5, 7, 11, 13, 17, 19…
A number n, such that n > 1, that is not prime is called composite number.
Eg: 4, 6, 8, 9, 10, 12, 14…
Greatest Common Divisor (GCD):
GCD is the greatest/largest integers dividing both a and b. it is denoted by gcd(a,b) = c where c
is the positive integer that divides a and b.
Eg: gcd(6,4) Factors of 6 – 1, 2, 3, 6, Factors of 4 – 1, 2, 4. Therefore gcd(6,4) = 2.
Relatively prime numbers:
Two integers a and b are relatively prime, if their only common positive integer factor i.e. gcd is
1.
Example: 8 and 15 are relatively prime because
Positive divisors of 8 are 1,2,4,8
Positive divisors of 15 are 1, 3, 5, 15 Therefore, common positive factor=1.
GCD by Euclidean Algorithm:
For large numbers, factorizing is difficult. Hence to speed up the operation, use Euclidean
algorithm.
Gcd(a,b) = d where a > b > 0
Eg: gcd(482,1180) a = 1180, b = 482
a=q.n+r
1180 = 2 . 482 + 216
482 = 2 . 216 + 50
216 = 4 . 50 + 16
50 = 3 . 16 + 2
16 = 2 . 8 + 0
The last non-zero remainder is 2. Therefore the gcd(482,1180) is 2.
MODULAR ARITHMETIC

Finite Set:
A set that contains countable number of elements such that an operation performed on any two
or more elements of the set will result an element from the same set.
Eg: set of alphabets (A-Z), clock

Modulus:
If a is an integer and n is a positive integer, we define a mod n to be the remainder when a is
divided by n. The integer n is called the modulus.

Congruent modulo
Two integers a and b are said to be congruent modulo n if a(mod n) = b (mod n)
a ≡ b (mod n)
Eg: 73 ≡ 4 mod 23

Properties of Congruences:
1. a≡ b (mod n) if n|(a-b)
2. a≡ b (mod n) implies b≡ a( mod n)
3. a ≡ b (mod n) and b ≡ c (mod n) imply a ≡ c (mod n).
Equivalence Classes:
a=11, n=5
a = q.n + r
11 = -1.5 + 16
11 = 0.5 + 11
11 = 1.5 + 6
11 = 2.5 + 1
11 = 3.5 + (-4)
11 = 4.5 + (-9)
There exists a set of residues or residue classes (mod n) also called equivalence classes.
The remainders are {…-9, -4, 1, 6, 11, 16, …} The remainders are different.
Similarly, for a = 10, remainders {…-10, -5, 0, 5, 10, 15, …}
a = 12, remainders {…-8, -3, 2, 7, 12, …}
a = 13, remainders {…, -7, -2, 3, 8, 13, …}
a = 14, remainders {… -6, -1, 4, 9, 14, …}
The above are the residue or equivalence classes for mod 5.
Eg: 48 mod 5 ≡ ?
(42.42.42.42) mod 5
(16.16.16.16) mod 5
(1.1.1.1) mod 5
1 mod 5 ≡ 5

Modular Arithmetic Operations

Modular arithmetic exhibits the following properties:
1. [(a mod n) + (b mod n)] mod n = (a + b) mod n
2. [(a mod n) - (b mod n)] mod n = (a - b) mod n
3. [(a mod n) * (b mod n)] mod n = (a * b) mod n

Example: 11 mod 8 = 3; 15 mod 8 = 7

[(11 mod 8) + (15 mod 8)] mod 8 = 10 mod 8 = 2
(11 + 15) mod 8 = 26 mod 8 = 2
[(11 mod 8) - (15 mod 8)] mod 8 = -4 mod 8 = 4
(11 - 15) mod 8 = -4 mod 8 = 4
[(11 mod 8) * (15 mod 8)] mod 8 = 21 mod 8 = 5
(11 * 15) mod 8 = 165 mod 8 = 5

EUCLIDEAN ALGORITHM
Euclidean algorithm is a simple procedure for determining the greatest common divisor
of two positive integers.
The positive integer c is said to be the greatest common divisor of a and b if c is a divisor of a
and of b.
For any integers a, b, with a ≥ b ≥ 0, gcd(a, b) = gcd(a mod b, b)
Example
gcd(55, 22)
gcd(55 mod 22, 22) = gcd(11, 22)
gcd(22, 11) = gcd(22 mod 11, 11) = gcd(0,11) = 11

gcd(18, 12)
gcd(18 mod 12, 12) = gcd(6,12)
gcd(12,6) = gcd(12 mod 6, 6) = gcd(0,6) = 6
gcd(11,10)
gcd(11 mod 10, 10) = gcd(1, 10)
gcd(10, 1) = gcd(10 mod 1, 1) = gcd(0,1) = 1

EXTENDED EUCLIDEAN ALGORITHM

It is used for computation in the area of finite fields and encryption algorithm such as RSA. It is
used for finding the inverse of a number mod n.
For given integers a and b, the Extended Euclidean algorithm not only calculates the gcd d, but
also two additional integers x and y that satisfy the following equation:
ax + by = d = gcd(a,b)
Multiplicative Inverse:
If gcd(a,b) = 1 = ax + by then x is the inverse of a mod b.
Steps to perform Extended Euclidean Algorithm:
1. The usual Euclidean algorithm
2. Using back substitution

Eg: gcd(43,17)
Step 1: find gcd
43 = 2 . 17 + 9 ------------------- 1
17 = 1 . 9 + 8 ------------------- 2
9=1.8+1 ------------------- 3
8=8.1+0
Gcd(43,17) = 1
Step 2: back substitution
Since gcd(43,17) = 1 = 43.x + 17.y
Re-write eq 3, 1 = 9 – 8 --------------------------- 4
From eq 2, 8 = 17 – 9 ----------------------------- 5
Sub eq 5 in eq 4, 1 = 9 – (17 – 9)
1 = 2 . 9 – 17 ----------------- 6
From eq 1, 9 = 43 – 2 . 17 ----------------------- 7
Sub eq 7 in eq 6, 1 = 2(43 – 2 . 17) – 17
1 = 2 . 43 – 4 . 17 – 17
1 = 2 . 43 – 5 . 17
x = 2, y = -5

POLYNOMIAL ARITHMETIC

A polynomial of degree n (integer n ≥ 0) is an expression of the form given below where ai –

coefficients

Addition is defined as
Multiplication is defined as

where

FERMAT’S THEOREMS
Fermat’s theorem states the following: if p is a prime and a is a positive integer not divisible
by p, then
ap-1 ≡ 1(mod p)

Proof:
Consider the set of positive integers less than p: P = {1,2,3..p-1}
Multiply each element in P by a modulo p to get the set X ={a mod p,2a mod p,….a(p-1)mod p}.
None of the elements of X is equal to zero because p does not divide a.
No two of the integers in X are equal.
Taking two random elements from X, assume ja ≡ka mod p where 1 ≤ j < k ≤p-1 --------- 1
From eq 1, eliminate a: j ≡ k mod p ----------------2
Eq 2 is not possible because j and k are both positive integers less than p and no two integers
are equal.
Therefore, Multiplying the numbers in both sets P, X and taking the result mod p yields.
a * 2a *…*(p-1)a ≡ [(1*2*…*(p-1)](mod p)
{1 * 2 *…*(p-1)} ap-1 ≡ [(1*2*…*(p-1)](mod p)
(p-1)! ap-1≡ (p-1)!(mod p)
ap-1 ≡ 1(mod p)

Alternative form of Fermat’s Theorem: If p is prime and a is a positive integer, then

ap ≡ a mod p

Example: ap-1 mod p = 1 ; ap mod p = a

1316 mod 17 = ?
P=17 (prime); p-1 = 16; a = 13
ap-1 mod p = 1
1316 mod 17 = 1

Euler’s totient function

It is represented as ø(n). Euler’s totient function is defined as the number of positive integers
less than n and relatively prime to n. ø(1)=1
For a prime number p
ø(p)=p-1
Suppose that we have two prime numbers p and q, with p not equal to q. Then we can show that
n=pq.
ø(n)= ø(pq)= ø(p)* ø(q)=(p-1)*(q-1)
Example: To determine ø(35), we list all of the positive integers less than 35 that are relatively
prime to it: 1, 2, 3, 4, 6, 8, 9, 11, 12, 13, 16, 17, 18, 19, 22, 23, 24, 26, 27, 29, 31, 32, 33, 34
There are 24 numbers on the list, so ø(35) = 24. [ø(35) = ø(7) * ø(5) = (6-1)*(5-1) = 24]
ø(21) = ø(3) * ø(7) = (3 - 1) * (7 - 1) = 2 * 6 = 12

EULER’S THEOREM
Euler’s theorem states that for every a and n that are relatively prime:
a ø(n)=1(mod n)
Proof:
Case 1: n is prime
ø(n)=(n-1) and Fermat’s theorem holds.
an-1 ≡ 1 mod n , sub n-1 = ø(n)
then, a ø(n)=1(mod n) Hence proved.

Case 2: n is not prime

ø(n)is the number of positive integers less than n that are relatively prime to n.
consider the set of such integers, labeled as follows: R={x1,x2….x ø(n)}
That is, each element xi of R is a unique positive integer less than n with gcd(xi,n)=1.
Multiply each element by a modulo n:
S={(ax1 mod n), (ax2 mod n),…. (ax ø(n) mod n)}
The set S is a permutation of R, by the following reasons:
1. Because a is relatively prime to n and xi is relatively prime to n, axi must also be relatively
prime to n. Thus all the members of S are integers that are less than n and that are relatively
prime to n.
2. There are no duplicates in S. if axi mod n=axi mod n, then xi=xj

An alternative form of the theorem is also useful:

TESTING FOR PRIMALITY

For many cryptographic algorithms, it is necessary to select one or more very large prime
numbers at random. Thus, we are faced with the task of determining whether a given large
number is prime. There is no simple yet efficient means of accomplishing this task.
Miller-Rabin Algorithm
The algorithm due to Miller and Rabin is typically used to test a large number for primality.
TEST (n)
1. Find integers k, q, with k > 0, q odd, so that (n - 1 = 2kq);
2. Select a random integer a, 1 < a < n - 1;
3. if aqmod n = 1 then return("inconclusive");
4. for j = 0 to k - 1 do
5. if a(2˄j)qmod n = n - 1 then return("inconclusive");
6. return("composite");

Example: n = 43
Let us apply the test to the prime number n = 43;
1. (n - 1) = 42 =21(21) = 2kq. k=1, q = 21.
2. let a = 10.
3. Compute aqmod n, 1021 mod 43 = 42 (≠1), condition fails.
4. for j = 0 to k-1 since k=1; k-1 = 0.
5. if a(2˄j)qmod n = n – 1is true the test returns inconclusive.
10(2˄0)21mod 43 = 42 (= n-1).
So n is prime number.

THE CHINESE REMAINDER THEOREM

The Chinese Remainder Theorem says it is possible to reconstruct integers in certain range from
their residues modulo a set of pair wise relatively prime moduli.
X ≡ a1 mod n1
X ≡ a2 mod n2
X ≡ ak mod nk
If n1,n2,..,nk are positive integers that are pairwise co-prime and a1,a2,…,ak are any integers,
then CRT is used to find the values of x that solves the following congruence simultaneously.
X = (a1m1y1 + a2m2y2 +…+ akmkyk) mod M
Where M = n1.n2.n3…nk
mi = M/ni
−1
yi = mi mod ni

Problem 1
x ≡ 1 mod 5
x ≡ 2 mod 6
x ≡ 3 mod 7
Solution:
a1=1 a2 = 2 a3 = 3
n1 = 5 n2 = 6 n3 = 7

M = n1n2n3 M = 5 * 6 * 7 = 210
mi = M/ni
m1= 210/5 = 42 m2 = 210/6 = 35 m3 = 210/7 = 30
yi = mi−1 mod ni
−1
y1 = 42 mod 5 = 3

y2 = 35−1 mod 6 = 5

y3 = 30−1 mod 7 = 4

x = (a1m1y1+a2m2y2+ a3m3y3) mod M

= ((1*42*3)+(2*35*5)+(3*30*4)) mod 210
= 836 mod 210
= 206

Problem 2

A bag has contained number of pens if you take out 3 pens at a time 2 pens are left. If you
take out 4 pens at a time 1 pen is left and if you take out 5 pens at a time 3 pens are left in the
bag. What is the number of pens in the bag.

x ≡ 2 mod 3
x ≡ 1 mod 4
x ≡ 3 mod 5

a1=2 a2=1 a3=3

n1=3 n2=4 n3=5

M=n1n2n3
M=3*4*5=60

mi=M/ni
m1=60/3=20
m2=60/4=15
m3=60/5=12

y1 = 2 y2 = 3 y3 = 3
x=(a1m1y1+a2m2y2+ a3m3y3)mod M
=((2*20*2)+(1*15*3)+(3*12*3)) mod 60
=233 mod 60
=53