computational number theory
play

COMPUTATIONAL NUMBER THEORY 1 / 70 Notation Z = { . . . , 2 , 1 , - PowerPoint PPT Presentation

Oct 24, 2022 •396 likes •2.02k views

COMPUTATIONAL NUMBER THEORY 1 / 70 Notation Z = { . . . , 2 , 1 , 0 , 1 , 2 , . . . } N = { 0 , 1 , 2 , . . . } Z + = { 1 , 2 , 3 , . . . } d | a means d divides a Example: 2 | 4. For a , N Z let gcd( a , N ) be the largest d Z +

  1. Examples Let N = 14 and G = Z ∗ N . Then modulo N we have 5 3 = 11 / 70

  2. Examples Let N = 14 and G = Z ∗ N . Then modulo N we have 5 3 = 5 · 5 · 5 11 / 70

  3. Examples Let N = 14 and G = Z ∗ N . Then modulo N we have 5 3 = 5 · 5 · 5 ≡ 25 · 5 ≡ 11 · 5 ≡ 55 ≡ 13 and 5 − 3 = 11 / 70

  4. Examples Let N = 14 and G = Z ∗ N . Then modulo N we have 5 3 = 5 · 5 · 5 ≡ 25 · 5 ≡ 11 · 5 ≡ 55 ≡ 13 and 5 − 3 = 5 − 1 · 5 − 1 · 5 − 1 11 / 70

  5. Examples Let N = 14 and G = Z ∗ N . Then modulo N we have 5 3 = 5 · 5 · 5 ≡ 25 · 5 ≡ 11 · 5 ≡ 55 ≡ 13 and 5 − 3 = 5 − 1 · 5 − 1 · 5 − 1 ≡ 3 · 3 · 3 11 / 70

  6. Examples Let N = 14 and G = Z ∗ N . Then modulo N we have 5 3 = 5 · 5 · 5 ≡ 25 · 5 ≡ 11 · 5 ≡ 55 ≡ 13 and 5 − 3 = 5 − 1 · 5 − 1 · 5 − 1 ≡ 3 · 3 · 3 ≡ 27 ≡ 13 11 / 70

  7. Group Orders The order of a group G is its size | G | , meaning the number of elements in it. Example: The order of Z ∗ 21 is 12 / 70

  8. Group Orders The order of a group G is its size | G | , meaning the number of elements in it. Example: The order of Z ∗ 21 is 12 because Z ∗ 21 = { 1 , 2 , 4 , 5 , 8 , 10 , 11 , 13 , 16 , 17 , 19 , 20 } Let G be a group of order m and a ∈ G . Then, a m = 1 . Fact: Examples: Modulo 21 we have • 5 12 ≡ (5 3 ) 4 ≡ 20 4 ≡ ( − 1) 4 ≡ 1 • 8 12 ≡ (8 2 ) 6 ≡ (1) 6 ≡ 1 12 / 70

  9. Group Orders Corollary: Let G be a group of order m and a ∈ G . Then for any i ∈ Z , a i = a i mod m . What is 5 74 mod 21? Example: 13 / 70

  10. Group Orders Corollary: Let G be a group of order m and a ∈ G . Then for any i ∈ Z , a i = a i mod m . What is 5 74 mod 21? Example: Let G = Z ∗ Solution: 21 and a = 5. Then, m = 12, so 5 74 mod 21 = 5 74 mod 12 mod 21 = 5 2 mod 21 = 4 . 13 / 70

  11. Measuring Running Time of Algorithms on Numbers In an algorithms course, the cost of arithmetic is often assumed to be O (1), because numbers are small. In cryptography numbers are very, very BIG! Typical sizes are 2 512 , 2 1024 , 2 2048 . Numbers are provided to algorithms in binary. The length of a , denoted | a | , is the number of bits in the binary encoding of a . Example: | 7 | = 3 because 7 is 111 in binary. Running time is measured as a function of the lengths of the inputs. 14 / 70

  12. Addition ( a , b ) �→ a + b 1 0 1 1 0 1 + 1 0 1 1 1 1 1 0 0 0 By the usual “carry” algorithm, we can compute a + b in time O ( | a | + | b | ). Addition is linear time. 15 / 70

  13. Multiplication ( a , b ) �→ ab 1 0 1 1 1 0 × 1 0 1 1 0 1 1 1 0 0 0 0 0 0 0 0 + 1 0 1 1 1 0 0 0 1 1 1 0 0 1 1 0 By the usual algorithm, we can compute ab in time O ( | a | · | b | ). Multiplication is quadratic time. 16 / 70

  14. Integer Division INT - DIV ( a , N ) returns ( q , r ) such that • a = qN + r • 0 ≤ r < N Example: INT - DIV (17 , 3) = (5 , 2) By the usual algorithm, we can compute INT - DIV ( a , N ) in time O ( | a | · | N | ). Integer division is quadratic time. 17 / 70

  15. MOD ( a , N ) �→ a mod N But ( q , r ) ← INT - DIV ( a , N ) return r computes a mod N , so again the time needed is O ( | a | · | N | ). Mod is quadratic time. 18 / 70

  16. About gcd Fact: If a , N ∈ Z and ( a , N ) � = (0 , 0) then gcd( a , N ) is the smallest positive integer in the set { a · a ′ + N · N ′ : a ′ , N ′ ∈ Z } If d = gcd( a , N ) then there are “weights” a ′ , N ′ ∈ Z such Corollary: that d = a · a ′ + N · N ′ gcd(20 , 12) = 4 and 4 = 20 · a ′ + 12 · N ′ for Example: • a ′ = • N ′ = 19 / 70

  17. About gcd Fact: If a , N ∈ Z and ( a , N ) � = (0 , 0) then gcd( a , N ) is the smallest positive integer in the set { a · a ′ + N · N ′ : a ′ , N ′ ∈ Z } If d = gcd( a , N ) then there are “weights” a ′ , N ′ ∈ Z such Corollary: that d = a · a ′ + N · N ′ gcd(20 , 12) = 4 and 4 = 20 · a ′ + 12 · N ′ for Example: • a ′ = 2 • N ′ = − 3 19 / 70

  18. Extended gcd EXT - GCD ( a , N ) �→ ( d , a ′ , N ′ ) such that d = gcd( a , N ) = a · a ′ + N · N ′ . Lemma: Let ( q , r ) = INT - DIV ( a , N ). Then, gcd( a , N ) = gcd( N , r ) Example: INT - DIV (17 , 3) = (5 , 2) so gcd(17 , 3) = gcd(3 , 2). 20 / 70

  19. Extended gcd EXT - GCD ( a , N ) �→ ( d , a ′ , N ′ ) such that d = gcd( a , N ) = a · a ′ + N · N ′ . Lemma: Let ( q , r ) = INT - DIV ( a , N ). Then, gcd( a , N ) = gcd( N , r ) Alg EXT - GCD ( a , N ) / / ( a , N ) � = (0 , 0) if N = 0 then return ( a , 1 , 0) else ( q , r ) ← INT - DIV ( a , N ) ( d , x , y ) ← EXT - GCD ( N , r ) a ′ ← ; N ′ ← return ( d , a ′ , N ′ ) 20 / 70

  20. Extended gcd We know that a = qN + r with 0 ≤ r < N and we have d , x , y satisfying d = gcd( N , r ) = Nx + ry Then d = Nx + ry = Nx + ( a − qN ) y = ay + N ( x − qy ) so d = gcd( a , N ) = a · a ′ + N · N ′ with a ′ = y and N ′ = x − qy . 21 / 70

  21. Extended gcd Alg EXT - GCD ( a , N ) / / ( a , N ) � = (0 , 0) if N = 0 then return ( a , 1 , 0) else ( q , r ) ← INT - DIV ( a , N ) ( d , x , y ) ← EXT - GCD ( N , r ) a ′ ← y ; N ′ ← x − qy return ( d , a ′ , N ′ ) Running time analysis is non-trivial (worst case is Fibonacci numbers) and shows that the time is O ( | a | · | N | ). So the extended gcd can be computed in quadratic time. 22 / 70

  22. Modular Inverse For a , N such that gcd( a , N ) = 1, we want to compute a − 1 mod N , meaning the unique a ′ ∈ Z ∗ N satisfying aa ′ ≡ 1 (mod N ). But if we let ( d , a ′ , N ′ ) ← EXT-GCD( a , N ) then d = 1 = gcd( a , N ) = a · a ′ + N · N ′ But N · N ′ ≡ 0 (mod N ) so aa ′ ≡ 1 (mod N ) Alg MOD - INV ( a , N ) ( d , a ′ , N ′ ) ← EXT - GCD ( a , N ) return a ′ mod N Modular inverse can be computed in quadratic time. 23 / 70

  23. Modular Exponentiation Let G be a group and a ∈ G . For n ∈ N , we want to compute a n ∈ G . We know that a n = a · a · · · a � �� � n Consider: y ← 1 for i = 1 , . . . , n do y ← y · a return y Question: Is this a good algorithm? 24 / 70

  24. Modular Exponentiation Let G be a group and a ∈ G . For n ∈ N , we want to compute a n ∈ G . We know that a n = a · a · · · a � �� � n Consider: y ← 1 for i = 1 , . . . , n do y ← y · a return y Question: Is this a good algorithm? Answer: It is correct but VERY SLOW. The number of group operations is O ( n ) = O (2 | n | ) so it is exponential time. For n ≈ 2 512 it is prohibitively expensive. 24 / 70

  25. Fast exponentiation idea We can compute → a 2 − → a 4 − → a 8 − → a 16 − → a 32 a − in just 5 steps by repeated squaring. So we can compute a n in i steps when n = 2 i . But what if n is not a power of 2? 25 / 70

  26. Fast Exponentiation Example Suppose the binary length of n is 5, meaning the binary representation of n has the form b 4 b 3 b 2 b 1 b 0 . Then 2 4 b 4 + 2 3 b 3 + 2 2 b 2 + 2 1 b 1 + 2 0 b 0 n = = 16 b 4 + 8 b 3 + 4 b 2 + 2 b 1 + b 0 . We want to compute a n . Our exponentiation algorithm will proceed to compute the values y 5 , y 4 , y 3 , y 2 , y 1 , y 0 in turn, as follows: y 5 = 1 y 2 5 · a b 4 a b 4 y 4 = = y 2 a 2 b 4 + b 3 4 · a b 3 = = y 3 y 2 3 · a b 2 a 4 b 4 +2 b 3 + b 2 y 2 = = y 2 2 · a b 1 a 8 b 4 +4 b 3 +2 b 2 + b 1 = = y 1 a 16 b 4 +8 b 3 +4 b 2 +2 b 1 + b 0 . y 2 1 · a b 0 y 0 = = 26 / 70

  27. Fast Exponentiation Algorithm Let bin( n ) = b k − 1 . . . b 0 be the binary representation of n , meaning k − 1 � b i 2 i n = i =0 Alg EXP G ( a , n ) / / a ∈ G , n ≥ 1 b k − 1 . . . b 0 ← bin( n ) y ← 1 for i = k − 1 downto 0 do y ← y 2 · a b i return y The running time is O ( | n | ) group operations. MOD-EXP( a , n , N ) returns a n mod N in time O ( | n | · | N | 2 ), meaning is cubic time. 27 / 70

  28. Algorithms Summary Algorithm Input Output Time INT - DIV a , N q , r quadratic MOD a , N a mod N quadratic ( d , a ′ , N ′ ) EXT - GCD a , N quadratic MOD - ADD a , b , N a + b mod N linear MOD - MULT a , b , N ab mod N quadratic a − 1 mod N MOD - INV a , N quadratic a n mod N MOD - EXP a , n , N cubic a n ∈ G EXP G a , n O ( | n | ) G -ops 28 / 70

  29. Subgroups Definition: Let G be a group and S ⊆ G . Then S is called a subgroup of G if S is itself a group under G ’s operation. Example: Let G = Z ∗ 11 and S = { 1 , 2 , 3 } . Then S is not a subgroup because • 2 · 3 mod 11 = 6 �∈ S , violating Closure. • 3 − 1 mod 11 = 4 �∈ S , violating Inverse. But { 1 , 3 , 4 , 5 , 9 } is a subgroup, as you can check. 29 / 70

  30. Order of a group element Let G be a (finite) group. Definition: The order of g ∈ G , denoted o ( g ), is the smallest integer n ≥ 1 such than g n = 1 . 30 / 70

  31. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 31 / 70

  32. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 31 / 70

  33. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 31 / 70

  34. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 31 / 70

  35. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 31 / 70

  36. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 31 / 70

  37. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 31 / 70

  38. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 31 / 70

  39. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 31 / 70

  40. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 31 / 70

  41. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 31 / 70

  42. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 31 / 70

  43. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 31 / 70

  44. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 31 / 70

  45. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 31 / 70

  46. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 31 / 70

  47. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 31 / 70

  48. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 31 / 70

  49. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 31 / 70

  50. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 31 / 70

  51. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 31 / 70

  52. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 31 / 70

  53. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 31 / 70

  54. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 The order o ( a ) of a is the smallest n ≥ 1 such that a n = 1. So • o (2) = 31 / 70

  55. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 The order o ( a ) of a is the smallest n ≥ 1 such that a n = 1. So • o (2) = 10 31 / 70

  56. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 The order o ( a ) of a is the smallest n ≥ 1 such that a n = 1. So • o (2) = 10 • o (5) = 31 / 70

  57. Order determinations Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . 0 1 2 3 4 5 6 7 8 9 10 i 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 The order o ( a ) of a is the smallest n ≥ 1 such that a n = 1. So • o (2) = 10 • o (5) = 5 31 / 70

  58. Subgroup generated by g ∈ G Definition: For g ∈ G we let { g 0 , g 1 , . . . , g o ( g ) − 1 } . � g � = This is a subgruop of G and its order (that is, its size) is the order o ( g ) of G . 32 / 70

  59. Subgroup orders Fact: The order | S | of a subgroup S always divides the order | G | of the group G . Fact: The order o ( g ) of g ∈ G always divides | G | . Example: If G = Z ∗ 11 then • | G | = 33 / 70

  60. Subgroup orders Fact: The order | S | of a subgroup S always divides the order | G | of the group G . Fact: The order o ( g ) of g ∈ G always divides | G | . Example: If G = Z ∗ 11 then • | G | = 10 • o (2) = 10 which divides 10 • o (5) = 5 which divides 10 33 / 70

  61. Subgroups generated by a group element Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . i 0 1 2 3 4 5 6 7 8 9 10 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 so � 2 � = � 5 � = 34 / 70

  62. Subgroups generated by a group element Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . i 0 1 2 3 4 5 6 7 8 9 10 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 so � 2 � = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } � 5 � = 34 / 70

  63. Subgroups generated by a group element Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . i 0 1 2 3 4 5 6 7 8 9 10 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 so � 2 � = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } � 5 � = { 1 , 3 , 4 , 5 , 9 } 34 / 70

  64. Generators Definition: g ∈ G is a generator (or primitive element) if � g � = G . Fact: g ∈ G is a generator iff o ( g ) = | G | . Definition: G is cyclic if it has a generator. 35 / 70

  65. Generators Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . i 0 1 2 3 4 5 6 7 8 9 10 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 so � 2 � = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } � 5 � = { 1 , 3 , 4 , 5 , 9 } 36 / 70

  66. Generators Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . i 0 1 2 3 4 5 6 7 8 9 10 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 so � 2 � = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } � 5 � = { 1 , 3 , 4 , 5 , 9 } • Is 2 a generator? 36 / 70

  67. Generators Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . i 0 1 2 3 4 5 6 7 8 9 10 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 so � 2 � = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } � 5 � = { 1 , 3 , 4 , 5 , 9 } • Is 2 a generator? YES because � 2 � = Z ∗ 11 . 36 / 70

  68. Generators Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . i 0 1 2 3 4 5 6 7 8 9 10 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 so � 2 � = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } � 5 � = { 1 , 3 , 4 , 5 , 9 } • Is 2 a generator? YES because � 2 � = Z ∗ 11 . • Is 5 a generator? 36 / 70

  69. Generators Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . i 0 1 2 3 4 5 6 7 8 9 10 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 so � 2 � = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } � 5 � = { 1 , 3 , 4 , 5 , 9 } • Is 2 a generator? YES because � 2 � = Z ∗ 11 . • Is 5 a generator? NO because � 5 � � = Z ∗ 11 . 36 / 70

  70. Generators Let G = Z ∗ 11 = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } . i 0 1 2 3 4 5 6 7 8 9 10 2 i mod 11 1 2 4 8 5 10 9 7 3 6 1 5 i mod 11 1 5 3 4 9 1 5 3 4 9 1 so � 2 � = { 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 } � 5 � = { 1 , 3 , 4 , 5 , 9 } • Is 2 a generator? YES because � 2 � = Z ∗ 11 . • Is 5 a generator? NO because � 5 � � = Z ∗ 11 . • Is Z ∗ 11 cyclic? 36 / 70

Recommend

Some Highly Computational Problems somewhere between Diophantine Number Theory, Harmonic

Some Highly Computational Problems somewhere between Diophantine Number Theory, Harmonic

Some Highly Computational Problems somewhere between Diophantine Number Theory, Harmonic Analysis and Combinatorics Peter Borwein - http://www.cecm.sfu.ca/ pborwein . 2007 Abstract: A number of classical and not so classical problems

924 views • 55 slides
Computational 2013.07 talk slide online: algebraic number theory I think NTRU should switch

Computational 2013.07 talk slide online: algebraic number theory I think NTRU should switch

Computational 2013.07 talk slide online: algebraic number theory I think NTRU should switch to tackles lattice-based cryptography random prime-degree extensions with big Galois groups. Daniel J. Bernstein University of Illinois at

1.8k views • 136 slides
. Elementary topics in Computational algebraic number theory Karim Belabas

. Elementary topics in Computational algebraic number theory Karim Belabas

. Elementary topics in Computational algebraic number theory Karim Belabas Karim.Belabas@math.u-psud.fr http://www.math.u-psud.fr/~belabas/ Universit e Paris-Sud France XIV e Rencontres Arithm etiques de Caen (20/06/2003) p. 1/19

418 views • 19 slides
Number Theory Number Theory is the study of integers and their resulting structures . Why study

Number Theory Number Theory is the study of integers and their resulting structures . Why study

Number Theory Number Theory is the study of integers and their resulting structures . Why study it? 1 History: the first true algortihms were number-theoretic. 2 Analysis: Well learn about new kinds of running times and analyses. 3 Cryptography!

591 views • 10 slides
Number Theory and Cryptography Chapter 4 Chapter Motivation Number theory is the part of

Number Theory and Cryptography Chapter 4 Chapter Motivation Number theory is the part of

Number Theory and Cryptography Chapter 4 Chapter Motivation Number theory is the part of mathematics devoted to the study of the integers and their properties. Key ideas in number theory include divisibility and the primality of integers.

1.77k views • 103 slides
Syntactic Theory Introduction Yi Zhang &amp; Antske Fokkens Department of Computational

Syntactic Theory Introduction Yi Zhang &amp; Antske Fokkens Department of Computational

Syntactic Theory Introduction Yi Zhang &amp; Antske Fokkens Department of Computational Linguistics Saarland University October 15, 2009 Syntax: What does it mean? We can view syntax/syntactic theory in a number of ways, two of which are the

703 views • 27 slides
Point sets of minimal energy Peter Grabner Institut fr Analysis und Computational Number Theory

Point sets of minimal energy Peter Grabner Institut fr Analysis und Computational Number Theory

Point sets of minimal energy Peter Grabner Institut fr Analysis und Computational Number Theory Graz University of Technology October 16, 2013 Peter Grabner Point sets of minimal energy Self-organisation by local interaction

783 views • 62 slides
Basic Number Theory The integers are the natural numbers, 0 and the additive inverses of the

Basic Number Theory The integers are the natural numbers, 0 and the additive inverses of the

Basic Number Theory http://localhost/~senning/courses/ma229/slides/number-theory/slide01.html Basic Number Theory http://localhost/~senning/courses/ma229/slides/number-theory/slide02.html Basic Number Theory prev | slides | next prev | slides

464 views • 7 slides
Computational Learning Theory For which tasks is successful learning possible? Under what

Computational Learning Theory For which tasks is successful learning possible? Under what

Computational Learning Theory For which tasks is successful learning possible? Under what conditions is successful learning guaranteed? What is successful learning? Probably approximately correct (PAC) framework Bounds on number

422 views • 27 slides
Applying Computational Learning Theory to Software Testing Neil Walkinshaw Computational

Applying Computational Learning Theory to Software Testing Neil Walkinshaw Computational

Applying Computational Learning Theory to Software Testing Neil Walkinshaw Computational Learning Theory (CLT) Theoretical analysis of questions of learnability . Is it feasible to learn a given type of concept from a set of examples?

1.14k views • 4 slides
Computational Learning Theory: Probably Approximately Correct (PAC) Learning Machine Learning 1

Computational Learning Theory: Probably Approximately Correct (PAC) Learning Machine Learning 1

Computational Learning Theory: Probably Approximately Correct (PAC) Learning Machine Learning 1 Slides based on material from Dan Roth, Avrim Blum, Tom Mitchell and others Computational Learning Theory The Theory of Generalization

413 views • 28 slides
Computational Learning Theory: An Analysis of a Conjunction Learner Machine Learning Slides

Computational Learning Theory: An Analysis of a Conjunction Learner Machine Learning Slides

Computational Learning Theory: An Analysis of a Conjunction Learner Machine Learning Slides based on material from Dan Roth, Avrim Blum, Tom Mitchell and others 1 This lecture: Computational Learning Theory The Theory of Generalization

845 views • 49 slides
Computational Learning Theory: Positive and negative learnability results Machine Learning 1

Computational Learning Theory: Positive and negative learnability results Machine Learning 1

Computational Learning Theory: Positive and negative learnability results Machine Learning 1 Slides based on material from Dan Roth, Avrim Blum, Tom Mitchell and others Computational Learning Theory The Theory of Generalization Probably

534 views • 40 slides
Cubical Type Theory Goal: provide a computational justification for Homotopy Type Theory and

Cubical Type Theory Goal: provide a computational justification for Homotopy Type Theory and

Cubical Type Theory: a constructive interpretation of the univalence axiom Anders M ortberg Inria Sophia-Antipolis TTT: Type Theory Based Tools January 15, 2017 - 1 / 39 Cubical Type Theory Goal: provide a computational justification for

743 views • 39 slides
Number Theory By, B. R. Chandavarkar CSE Dept., NITK Surathkal Natural number : predecessor

Number Theory By, B. R. Chandavarkar CSE Dept., NITK Surathkal Natural number : predecessor

Basic Concepts in Number Theory By, B. R. Chandavarkar CSE Dept., NITK Surathkal Natural number : predecessor and successor. Example: 1, 2, 3, . Whole number : natural number with 0. A factor of number is an exact divisor of that

1.15k views • 79 slides
Computational Learning Theory: Shattering and VC Dimensions Machine Learning 1 Slides based on

Computational Learning Theory: Shattering and VC Dimensions Machine Learning 1 Slides based on

Computational Learning Theory: Shattering and VC Dimensions Machine Learning 1 Slides based on material from Dan Roth, Avrim Blum, Tom Mitchell and others This lecture: Computational Learning Theory The Theory of Generalization Probably

1.09k views • 81 slides
Explicit methods in the theory of Jacobi forms of lattice index and over number fields Nils

Explicit methods in the theory of Jacobi forms of lattice index and over number fields Nils

Explicit methods in the theory of Jacobi forms of lattice index and over number fields Nils Skoruppa Universit at Siegen September 29, 2015 ICERM Modular Forms and Curves of Low Genus: Computational Aspects Sept 28 October 2, 2015

386 views • 23 slides
A new connection between additive number theory and invariant theory K alm an S. Cziszter

A new connection between additive number theory and invariant theory K alm an S. Cziszter

A new connection between additive number theory and invariant theory K alm an S. Cziszter based on joint work with M aty as Domokos R enyi Institute of Mathematics Hungarian Academy of Sciences Budapest, Hungary

457 views • 16 slides
TDDE25 Computational Complexity Theory F 9 Chap 5: Algorithms Chap 12: Theory of Computation

TDDE25 Computational Complexity Theory F 9 Chap 5: Algorithms Chap 12: Theory of Computation

https://liuonline.sharepoint.com/sites/Lisam_TDDE25_2020HT_FZ Algorithmics and Computability Part II TDDE25 Computational Complexity Theory F 9 Chap 5: Algorithms Chap 12: Theory of Computation Patrick Doherty Dept of Computer and

639 views • 11 slides
A Quick Look At Low Mach Number Methodology Ann Almgren Center for Computational Sciences and

A Quick Look At Low Mach Number Methodology Ann Almgren Center for Computational Sciences and

A Quick Look At Low Mach Number Methodology Ann Almgren Center for Computational Sciences and Engineering Lawrence Berkeley National Laboratory asalmgren@lbl.gov July 26, 2011 lab-logo Almgren, LBNL Low Mach Number Low Mach Number: Why?

168 views • 6 slides
Computational Learning Theory: Agnostic Learning Machine Learning 1 Slides based on material

Computational Learning Theory: Agnostic Learning Machine Learning 1 Slides based on material

Computational Learning Theory: Agnostic Learning Machine Learning 1 Slides based on material from Dan Roth, Avrim Blum, Tom Mitchell and others This lecture: Computational Learning Theory The Theory of Generalization Probably

653 views • 44 slides
Computational Learning Theory: Occams Razor Machine Learning 1 Slides based on material from

Computational Learning Theory: Occams Razor Machine Learning 1 Slides based on material from

Computational Learning Theory: Occams Razor Machine Learning 1 Slides based on material from Dan Roth, Avrim Blum, Tom Mitchell and others This lecture: Computational Learning Theory The Theory of Generalization Probably

585 views • 35 slides
Some Number Theory Modulo Operation: Question: What is 12 mod 9? Answer: 12 mod 9 3 or 12

Some Number Theory Modulo Operation: Question: What is 12 mod 9? Answer: 12 mod 9 3 or 12

CPE 776:DATA SECURITY &amp; CRYPTOGRAPHY Some Number Theory and Classical Crypto Systems Dr. Loai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Dr. Loai Tawalbeh summer 2005 Some Number

546 views • 10 slides
Computational Learning Theory: The Theory of Generalization Machine Learning 1 Slides based on

Computational Learning Theory: The Theory of Generalization Machine Learning 1 Slides based on

Computational Learning Theory: The Theory of Generalization Machine Learning 1 Slides based on material from Dan Roth, Avrim Blum, Tom Mitchell and others Checkpoint: The bigger picture Supervised learning: instances, concepts, and

895 views • 42 slides

More recommend