Midterm 2 Review. Midterm format Modular Arithmetic Inverses and GCD Midterm Topics: Notes 6-14. Modular Arithmetic. Inverses. GCD/Extended-GCD. x has inverse modulo m if and only if gcd ( x , m ) = 1 . Time: 120 minutes Proof Idea: RSA/Cryptography. Will broadly follow Midterm1 format: { 0 x ,..., ( m − 1 ) x } are distinct modulo m if and only if gcd ( x , m ) = 1. mix of short and longer questions Polynomials. Finding gcd. Prep/Exam Strategy: Secret Sharing. gcd ( x , y ) = gcd ( y , x − y ) = gcd ( y , x ( mod y )) . plan out sequence of questions... Erasure Resistant Encoding. solve problems with a time bound Extended-gcd( x , y ) returns ( d , a , b ) Error Correction. d = gcd ( x , y ) and d = ax + by Proofs, algorithms, properties. Counting. Some mild calculation (no calculators needed though!). Multiplicative inverse of ( x , m ) . egcd ( x , m ) = ( 1 , a , b ) Be familiar with Midterm1 topics... but MT2 will focus on Notes 6-14. Countability. a is inverse! 1 = ax + bm = ax ( mod m ) . Computability. Probability Topics covered by Prof. Walrand. Fermat/RSA Polynomials Applications. Property 2: There is exactly 1 polynomial of degree ≤ d with Fermat’s Little Theorem: For prime p , and a �≡ 0 ( mod p ) , arithmetic modulo prime p that contains any d + 1: a p − 1 ≡ 1 ( mod p ) . ( x 1 , y 1 ) ,..., ( x d + 1 , y d + 1 ) with x i distinct. Property 1: Any degree d polynomial over a field has at most d roots. Secret Sharing: k out of n people know secret. Proof Idea: RSA: Scheme: degree k − 1 polynomial, P ( x ) . Any polynomial with roots r 1 ,..., r k . N = p , q Secret: P ( 0 ) Shares: ( 1 , P ( 1 )) ,... ( n , P ( n )) . written as ( x − r 1 ) ··· ( x − r k ) Q ( x ) . e with gcd ( e , ( p − 1 )( q − 1 )) = 1. d = e − 1 ( mod ( p − 1 )( q − 1 )) . Recover Secret: Reconstruct P ( x ) with any k points. using polynomial division. Degree at least the number of roots. Theorem: x ed = x ( mod N ) Erasure Coding: n packets, k losses. Scheme: degree n − 1 polynomial, P ( x ) . Property 2: There is exactly 1 polynomial of degree ≤ d with Proof: Message: P ( 0 ) = m 0 , P ( 1 ) = m 1 ,... P ( n − 1 ) = m n − 1 arithmetic modulo prime p that contains any d + 1: x ed − x is divisible by p and q = ⇒ theorem! Send: ( 0 , P ( 0 )) ,... ( n + k − 1 , P ( n + k − 1 )) . ( x 1 , y 1 ) ,..., ( x d + 1 , y d + 1 ) with x i distinct. x ed − x = x k ( p − 1 )( q − 1 )+ 1 − x = x (( x k ( q − 1 ) ) p − 1 − 1 ) Recover Message: Any n packets are sufficient by property 2. Proof Ideas: Corruptions Coding: n packets, k corruptions. If x is divisible by p , the product is. Lagrange Interpolation gives existence. Otherwise ( x k ( q − 1 ) ) p − 1 = 1 ( mod p ) by Fermat. Scheme: degree n − 1 polynomial, P ( x ) . Reed-Solomon. Property 1 gives uniqueness. ⇒ ( x k ( q − 1 ) ) p − 1 − 1 divisible by p . Message: P ( 0 ) = m 0 , P ( 1 ) = m 1 ,... P ( n − 1 ) = m n − 1 = Send: ( 0 , P ( 0 )) ,... ( n + 2 k − 1 , P ( n + 2 k − 1 )) . Similarly for q . Recovery: P ( x ) is only consistent polynomial with n + k points. Property 2 and pigeonhole principle.
Berlekamp-Welch Countability Isomorphism principle. Idea: Error locator polynomial of degree k with zeros at errors. For all points i = 1 ,..., i , n + 2 k , P ( i ) E ( i ) = R ( i ) E ( i ) ( mod p ) since E ( i ) = 0 at points where there are errors. Let Q ( x ) = P ( x ) E ( x ) . Given a function, f : D → R . Q ( x ) = a n + k − 1 x n + k − 1 + ··· a 0 . One to One: E ( x ) = x k + b k − 1 x k − 1 + ··· b 0 . For all ∀ x , y ∈ D , x � = y = ⇒ f ( x ) � = f ( y ) . Isomorphism principle. or Gives system of n + 2 k linear equations. Countable and Uncountable. ∀ x , y ∈ D , f ( x ) = f ( y ) = ⇒ x = y . a n + k − 1 + ... a 0 ≡ R ( 1 )( 1 + b k − 1 ··· b 0 ) ( mod p ) Enumeration a n + k − 1 ( 2 ) n + k − 1 + ... a 0 R ( 2 )(( 2 ) k + b k − 1 ( 2 ) k − 1 ··· b 0 ) ( mod p ) Onto: For all y ∈ R , ∃ x ∈ D , y = f ( x ) . Diagonalization. ≡ . f ( · ) is a bijection if it is one to one and onto. . . a n + k − 1 ( m ) n + k − 1 + ... a 0 R ( m )(( m ) k + b k − 1 ( m ) k − 1 ··· b 0 ) ( mod p ) Isomorphism principle: ≡ If there is a bijection f : D → R then | D | = | R | . ..and n + 2 k unknown coefficients of Q ( x ) and E ( x ) ! Solve for coefficients of Q ( x ) and E ( x ) . Find P ( x ) = Q ( x ) / E ( x ) . Cardinalities of uncountable sets? Countable. Examples Cardinality of [ 0 , 1 ] smaller than all the reals? f : R + → [ 0 , 1 ] . Definition: S is countable if there is a bijection between S and some Countably infinite (same cardinality as naturals) subset of N . x + 1 � ◮ E even numbers. 0 ≤ x ≤ 1 / 2 If the subset of N is finite, S has finite cardinality . 2 f ( x ) = 1 x > 1 / 2 Where are the odds? Half as big? 4 x If the subset of N is infinite, S is countably infinite . Bijection: f ( e ) = e / 2. One to one. x � = y Bijection to or from natural numbers implies countably infinite. ◮ Z - all integers. If both in [ 0 , 1 / 2 ] , a shift = ⇒ f ( x ) � = f ( y ) . Twice as big? Enumerable means countable. If neither in [ 0 , 1 / 2 ] different mult inverses = ⇒ f ( x ) � = f ( y ) . Enumerate: 0 , − 1 , 1 , − 2 , 2 ... Subset of countable set is countable. If one is in [ 0 , 1 / 2 ] and one isn’t, different ranges = ⇒ f ( x ) � = f ( y ) . Bijection! All countably infinite sets are the same cardinality as each other. [ 0 , 1 ] is same cardinality as nonnegative reals!
Examples: Countable by enumeration Diagonalization: power set of Integers. Uncomputability. The set of all subsets of N . ◮ N × N - Pairs of integers. Assume is countable. Enumerate: ( 0 , 0 ) , ( 0 , 1 ) , ( 0 , 2 ) ,... ??? There is a listing, L , that contains all subsets of N . Never get to ( 1 , 1 ) ! Define a diagonal set, D : Enumerate: ( 0 , 0 ) , ( 1 , 0 ) , ( 0 , 1 ) , ( 2 , 0 ) , ( 1 , 1 ) , ( 0 , 2 ) ... If i th set in L does not contain i , i ∈ D . Halting problem is undecidable (not solvable by computer). ( a , b ) at position ( a + b + 1 )( a + b + 2 ) / 2 in this order. otherwise i �∈ D . ◮ Positive Rational numbers. Diagonalization. D is different from i th set in L for every i . Infinite Subset of pairs of natural numbers. = ⇒ D is not in the listing. Countably infinite. D is a subset of N . ◮ All rational numbers. Enumerate: list 0, positive and negative. How? L does not contain all subsets of N . Enumerate: 0, first positive, first negative, second positive.. Contradiction. Will eventually get to any rational. Theorem: The set of all subsets of N is not countable. (The set of all subsets of S , is the powerset of N .) Halt does not exist. Halt and Turing. Another view: diagonalization. Theorem: There is no program HALT. Proof: Assume there is a program HALT ( · , · ) . Any program is a fixed length string. Turing(P) Fixed length strings are enumerable. 1. If HALT(P ,P) =”halts”, then go into an infinite loop. Program halts or not any input, which is a string. 2. Otherwise, halt immediately. P 1 P 2 P 3 ··· HALT ( P , I ) Assumption: there is a program HALT. P - program P 1 H H L ··· There is text that “is” the program HALT. I - input. ··· P 2 L L H There is text that is the program Turing. P 3 L H H ··· Can run Turing on Turing! Determines if P ( I ) ( P run on I ) halts or loops forever. . . . . ... . . . . Does Turing(Turing) halt? . . . . Theorem: There is no program HALT. Halt - diagonal. Turing(Turing) halts Turing - is not Halt. = ⇒ then HALTS(Turing, Turing) = halts and is different from every P i on the diagonal. = ⇒ Turing(Turing) loops forever. Turing is not on list. Turing is not a program. Turing(Turing) loops forever. Turing can be constructed from Halt. = ⇒ then HALTS(Turing, Turing) � = halts Halt does not exist! = ⇒ Turing(Turing) halts. Either way is contradiction. Program HALT does not exist!
Recommend
More recommend
