Prime and Relatively Prime Numbers
• Divisors: We say that b  0 divides a if a =
mb for some m, where a, b and m are
integers.
• b divides a if there is no remainder on
division.
• The notation b|a is commonly used to mean
that b divides a.
• If b|a, we say that b is a divisor of a.
YSL
Information Security -- Public-Key Cryptography
1
Prime and Relatively Prime Numbers
(cont’d)
•
•
•
•
YSL
If a|1, then a =  1.
If a|b and b|a, then a =  b.
Any b  0 divides 0.
If b|g and b|h, then b|(mg + nh) for arbitrary
integers m and n.
Information Security -- Public-Key Cryptography
2
Prime and Relatively Prime Numbers
(cont’d)
YSL
Information Security -- Public-Key Cryptography
3
Prime and Relatively Prime Numbers
(cont’d)
2
3
5
7
11
13
17
19
23
29
31
37
41
43
47 53
59
61
67 71
73
79 83 89 97
101 103 107 109 113 127 131 137 139 149 151 157 163 167 173 179 181 191 193 197 199
211 223 227 229 233 239 241 251 257 263 269 271 281 283 293
307 311 313 317 331 337 347 349 449 457 461 463 467 479 487 491 499
401 409 419 421 431 433 439 443 449 457 461 463 467 479 487 491 499
503 509 521 523 541 547 557 563 569 571 577 587 593 599
601 607 613 617 619 631 641 643 647 653 659 661 673 677 683 691
701 709 719 727 733 739 743 751 757 761 769 773 787 797
809 811 821 823 827 829 839 853 857 859 863 877 881 883 887
907 911 919 929 937 941 947 953 967 971 977 983 991 997
1009 1013 1019 1021 1031 1033 1039 1049 1051 1061 1063 1069 1087 1091 1093 1097
1103 1109 1117 1123 1129 1151 1153 1163 1171 1181 1187 1193
1201 1213 1217 1223 1229 1231 1237 1249 1259 1277 1279 1283 1289 1291 1297
1301 1303 1307 1319 1321 1327 1361 1367 1373 1381 1399
1409 1423 1427 1429 1433 1439 1447 1451 1453 1459 1471 1481 1483 1487 1489 1493 1499
1511 1523 1531 1543 1549 1553 1559 1567 1571 1579 1583 1597
1601 1607 1609 1613 1619 1621 1627 1637 1657 1663 1667 1669 1693 1697 1699
1709 1721 1723 1733 1741 1747 1753 1759 1777 1783 1787 1789
1801 1811 1823 1831 1847 1861 1867 1871 1873 1877 1879 1889
1901 1907 1913 1931 1933 1949 1951 1973 1979 1987 1993 1997 1999
Table 7.1 Primes under 2000
YSL
Information Security -- Public-Key Cryptography
4
Prime and Relatively Prime Numbers
(cont’d)
• The above statement is referred to as the
prime number theorem, which was proven in
1896 by Hadaward and Poussin.
x
103
104
105
106
107
108
109
1010
YSL
(x)
168
1229
9592
78498
664579
5761455
50847534
455052512
x/ln x
144.8
1085.7
8685.9
74382.4
620420.7
5428681.0
48254942.4
434294481.9
Information Security -- Public-Key Cryptography
((x)  ln x)/x
1.160
1.132
1.104
1.085
1.071
1.061
1.054
1.048
5
Prime and Relatively Prime Numbers
(cont’d)
YSL
Information Security -- Public-Key Cryptography
6
Prime and Relatively Prime Numbers
(cont’d)
• Whether there exists a simple formula to
generate prime numbers?
• An ancient Chinese mathematician conjectured
that if n divides 2n - 2 then n is prime. For n = 3,
3 divides 6 and n is prime. However, For n = 341
= 11  31, n dives 2341 - 2.
• Mersenne suggested that if p is prime then Mp =
2p - 1 is prime. This type of primes are referred
to as Mersenne primes. Unfortunately, for p = 11,
M11 = 211 -1 = 2047 = 23  89.
YSL
Information Security -- Public-Key Cryptography
7
Prime and Relatively Prime Numbers
(cont’d)
n
• Fermat conjectured that if Fn = 22 + 1, where
n is a non-negative integer, then Fn is prime.
When n is less than or equal to 4, F0 = 3, F1 =
5, F2 = 17, F3 = 257 and F4 = 65537 are all
primes. However, F5 = 4294967297 = 641 
6700417 is not a prime bumber.
• n2 - 79n + 1601 is valid only for n < 80.
• There are an infinite number of primes of the
form 4n + 1 or 4n + 3.
• There is no simple way so far to gererate
prime numbers.
YSL
Information Security -- Public-Key Cryptography
8
Prime and Relatively Prime Numbers
(cont’d)
• Factorization of an integer as a product of
prime numbers
• Example: 91 = 7  13; 11011 = 7  112  13.
• Useful for checking divisibility and relative
primality to be discussed later.
• Factorization is in gereral difficult.
YSL
Information Security -- Public-Key Cryptography
9
Prime and Relatively Prime Numbers
(cont’d)
• Define notation gcd(a,b) to mean the greatest
common divisor of a and b.
• The positive integer c is said to be the gcd of
a and b if
– c|a and c|b
– any divisor of a and b is a dividor of c.
• Equivalently, gcd(a,b) = max[k, such that k|a
and k|b]
• gcd(a,b) = gcd(-a,b) = gcd(a,-b) = gcd(-a,-b)
=gcd(|a|,|b|)
YSL
Information Security -- Public-Key Cryptography
10
Prime and Relatively Prime Numbers
(cont’d)
• gcd(a,0) = |a|.
• Factorization is one possible but in general
inefficient way to calculate gcd. Whereas,
Euclid‘s algorithm (to be discussed later) is
more efficient.
• Relative primality
– the integers a and b are relatively prime if they
have no prime factors in common
– or equivalently, their only common factor is 1
– or equivalently, gcd(a,b) = 1
YSL
Information Security -- Public-Key Cryptography
11
Modular Arithmetic
YSL
Information Security -- Public-Key Cryptography
12
Modular Arithmetic (cont’d)
• Examples:
– a = 11; n = 7; 11 = 1  7 + 4; r = 4.
– a = -11; n = 7; -11 = (-2)  7 + 3; r = 3.
• If a is an integer and n is a positive integer,
define a mod n to be the remainder when a
is divided by n.
• Then, a = a/n  n + (a mod n);
Example: 11 mod 7 = 4; -11 mod 7 = 3.
YSL
Information Security -- Public-Key Cryptography
13
Modular Arithmetic (cont’d)
The modulo operator has the following properties:
1.
2.
3.
4.
a≡b mod n if n|(a-b).
(a mod n)＝(b mod n) implies a≡b mod n.
a≡b mod n implies b≡a mod n.
a≡b mod n and b≡c mod n imply a≡c mod n.
23≡8 (mod 5)
-11≡5 (mod 8)
81≡0 (mod 27)
YSL
because
because
because
23－8＝15＝5× 3
-11－5＝-16＝8× (-2)
81－0＝81＝27× 3
Information Security -- Public-Key Cryptography
14
Modular Arithmetic (cont’d)
• Properties of modular arithmetic operations
1. [(a mod n)＋(b mod n)] mod n＝(a＋b) mod n
2. [(a mod n)－(b mod n)] mod n＝(a－b) mod n
3. [(a mod n) × (b mod n)] mod n＝(a × b) mod n
• Proof of Property 1:
Define (a mod n) = ra and (b mod n) = rb. Then a = ra
+ jn and b = rb + kn for some integers j and k. Then,
(a+b) mod n = (ra + jn + rb + kn) mod n
= (ra + rb + (j + k)n) mod n
= (ra + rb) mod n
= [(a mod n) + (b mod n)] mod n
YSL
Information Security -- Public-Key Cryptography
15
Modular Arithmetic (cont’d)

Examples for the above three properties
11 mod 8＝3; 15 mod 8＝7
[(11 mod 8)＋(15 mod 8)] mod 8＝10 mod 8＝2
(11＋15) mod 8＝26 mod 8＝2
[(11 mod 8)－(15 mod 8)] mod 8＝-4 mod 8＝4
(11－15) mod 8＝-4 mod 8＝4
[(11 mod 8)× (15 mod 8)] mod 8＝21 mod 8＝5
(11× 15)mod 8＝165 mod 8＝5
YSL
Information Security -- Public-Key Cryptography
16
Modular Arithmetic (cont’d)
• Properties of modular arithmetic
– Let Zn = {0,1,2,…,(n-1)} be the set of residues
modulo n.
Property
Communicative laws
Associative laws
Distributive law
Identities
Additive inverse(-w)
YSL
Expression
(w＋x) mod n = (x＋w) mod n
(w× x) mod n = (x× w) mod n
[(w＋x)＋y] mod n = [w＋(x＋y)] mod n
[(w× x)× y] mod n = [w× (x× y)] mod n
[w× (x+y)] mod n = [(w× x)+(w× y)] mod n
(0＋w) mod n = w mod n
(1× w) mod n = w mod n
For each wZn, there exists a z such that w＋z≡0 mod n
Information Security -- Public-Key Cryptography
17
Modular Arithmetic (cont’d)
• Properties of modular arithmetic (cont’d)
– if (a + b)  (a + c) mod n, then b  c mod n (due
to the existence of an additive inverse)
– if (a  b)  (a  c) mod n, then b  c mod n (only
if a is relatively prime to n; due to the possible
absence of a multiplicative inverse)
e.g. 6  3 = 18  2 mod 8 and
6  7 = 42  2 mod 8 but
3  7 mod 8 (6 is not relatively prime to 8)
– If n is prime then the property of multiplicative
inverse holds (from a ring to a field).
YSL
Information Security -- Public-Key Cryptography
18
Modular Arithmetic (cont’d)
• Properties of modular arithmetic (cont’d)
Table 7.3 Arithmetic Modulo 7
+
0
1
2
0
0
1
2
1
1
2
3
2
2
3
4
3
3
4
5
4
4
5
6
5
5
6
0
6
6
0
1
(a)Addition modulo7
*
0
1
0
0
0
1
0
1
2
0
2
3
0
3
4
0
4
5
0
5
6
0
6
(b)Multiplication modulo7
2
0
2
4
6
1
3
5
3
3
4
5
6
0
1
2
4
4
5
6
0
1
2
3
5
5
6
0
1
2
3
4
6
6
0
1
2
3
4
5
3
0
3
6
2
5
1
4
4
0
4
1
5
2
6
3
5
0
5
3
1
6
4
2
6
0
6
5
4
3
2
1
w
-w
w^-1
0
0
--1
6
1
2
5
4
3
4
5
4
3
2
5
2
3
6
1
6
(c)Additive and multiplicative inverses modulo 7
YSL
Information Security -- Public-Key Cryptography
19
Fermat’s and Euler’s Theorems
• Fermat’s
theorem
Fermat’s Theorem
Fermat’s theorem states the following: If p is prime and a is a positive integer not
divisible by p,then
a^(p-1)≡ 1 mod p
(7.3)
Proof:From our previous discussion, we know that if all the elements of Zp are
multiplied by a, modulo p, the result consists of the elements of Zp in some order.
Furthermore, a*0≡ 0 mod p. Therefore, the (p-1) numbers {a mod p, 2a mod p, …,(p-1)a
mod p}are just the numbers {1,2,…,(p-1)}in some order. Multiply these number together:
a * 2a * … * ((p-1)a) ≡ [(a mod p) * (2a mod p) * … *((p-1)a mod p)]mod p
≡ (p-1)! mod p
But
a * 2a * … *((p-1)a) = (p-1)!a^(p-1)
Therefore,
(p-1)!a^(p-1) ≡ (p-1)! mod p
We can cancel the (p-1)! term because it is relatively prime to p [see Equation (7.2)]. This
yields Equation (7.3).
a = 7,p = 19
7^2 = 49 ≡ 11 mod 19
7^4 ≡ 121 ≡ 7 mod 19
7^8 ≡ 49 ≡ 11 mod 19
7^16 ≡ 121 ≡ 7 mod 19
a^(p-1) = 7^18 = 7^16 * 7^2 ≡ 7*11 ≡ 1 mod 19
YSL
Information Security -- Public-Key Cryptography
20
Fermat’s and Euler’s Theorems
(cont’d)
• Fermat’s theorem (cont’d)
– alternative form
if p is prime and a is any positive integer, then
ap  a mod p
example: p = 5, a = 3, 35 = 243  3 mod 5
YSL
Information Security -- Public-Key Cryptography
21
Fermat’s and Euler’s Theorems
(cont’d)
• Euler’s totient function
Table 7.4 Some Values of Euler’s Totient Function φ(n)
n
1
2
3
4
5
6
7
8
9
10
YSL
φ (n)
1
1
2
2
4
2
6
4
6
4
n
11
12
13
14
15
16
17
18
19
20
φ (n)
10
4
12
6
8
8
16
6
18
8
Information Security -- Public-Key Cryptography
n
21
22
23
24
25
26
27
28
29
30
φ (n)
12
10
22
8
20
12
18
12
28
8
22
Fermat’s and Euler’s Theorems
(cont’d)
YSL
Information Security -- Public-Key Cryptography
23
Fermat’s and Euler’s Theorems
(cont’d)
• Euler’s totient function (cont’d)
– if n is the product of two primes p and q
φ(n) = pq – [(q – 1)+(p –1) + 1]
= pq – (p + q) + 1
= (p – 1)  (q – 1)
= φ (p)  φ (q)
YSL
Information Security -- Public-Key Cryptography
24
Fermat’s and Euler’s Theorems
(cont’d)
• Euler’s theorem
Euler’s theorem states that for every a and n that are relatively prime,
a  n   1
mod
n
(7.5)
a  3 ; n  10 ;  (10)  4 ; 3 4  81  1 mod 10
a  2 ; n  11 ;  (11)  10 ; 210  1024  1 mod 11
Proof: Equation (7.5) is true if n is prime, because in that case  ( n)  ( n  1) , and
Fermat’s theorem holds. However, it also holds for any integer n. Recall that  (n)
is the number of positive integers less than n that are relatively prime to n. Consider
the set of such integers, labeled as follows:
R  { x1 , x 2 ,  , x ( n ) }
Now multiply each element by a, modulo n:
S  {( ax1 mod n), ( ax 2 mod n),  , ( ax ( n ) mod n)}
YSL
Information Security -- Public-Key Cryptography
25
Fermat’s and Euler’s Theorems
(cont’d)
• Euler’s totient function (cont’d)
This set is a permutation of R, by the following line of reasoning:
1. Because a is relatively prime to n and x i is relatively prime to n, ax i must also be relatively
prime to n.
2. There are no duplicates in S. Refer to Equation (7.2). If ax i mod n=ax j mod n, then xi  x j .
Therefore,
 (n)
 (n)
i 1
i 1
 (axi mod n)   xi
 (n)
 (n)
i 1
i 1
 axi   xi (mod n)
a
 (n)
 ( n )   ( n )
  xi    xi (mod n)
 i 1  i 1
a  ( n )  1 (mod n)
An alternative form of the theorem is also
useful:
a  ( n ) 1  a (mod n )
(7.6)
YSL
Information Security -- Public-Key Cryptography
26
Testing for Primality
• If p is an odd prime, then the equation
x2  1 (mod p) has only two solutions, 1 and -1.
x²≡ 1 (mod 7)
Using Table 7.3b:
1²≡ 1 mod 7
6²≡ 36 mod 7≡ 1 mod 7;
6≡ -1 mod7
Solutions: 1, -1
YSL
x²≡ 1 (mod 8)
Using Table 7.2b:
1²≡ 1 mod 8
3²≡ 9 mod 8≡ 1 mod 8
5²≡ 25 mod 8≡ 1 mod 8;
5≡ -3 mod 8
7²≡ 49 mod 8≡ 1 mod 8;
7≡ -1 mod 8
Solutions: 1, -1, 3, -3
Information Security -- Public-Key Cryptography
27
Testing for Primality (cont’d)
YSL
Information Security -- Public-Key Cryptography
28
Testing for Primality (cont’d)
• Probabilistic primality test
WITNESS (a, n)
1. let bkbk-1…b0 be the binary representation of (n－1)
2. d  1
3. for i  k downto 0
4.
5.
6.
7.
8.
9.
do x  d
d  (d× d) mod n
if d＝1 and x≠ 1 and x≠ n－1
then return TRUE
if bi＝1
then d(d× a) mod n
10. if d≠ 1
11. then return TRUE
12. return FALSE
YSL
Information Security -- Public-Key Cryptography
29
Euclid’s Algorithm
YSL
Information Security -- Public-Key Cryptography
30
Euclid’s Algorithm (cont’d)
EUCLID(d,f)
1. X ← f ; Y←d
2. If Y=0 return X=gcd(d,f)
3. R=X mod Y
4. X←Y
5. Y←R
6. Go to 2
YSL
Information Security -- Public-Key Cryptography
31
Euclid’s Algorithm (cont’d)
YSL
Information Security -- Public-Key Cryptography
32
Euclid’s Algorithm (cont’d)
YSL
Information Security -- Public-Key Cryptography
33
Extended Euclid’s Algorithm
EXTENDED EUCLID(d,f)
1.(X1,X2,X3) ←(1,0,f);(Y1,Y2,Y3) ←(0,1,d)
2.if Y3=0 return X3=gcd(d,f); no inverse
3.if Y3=1 return Y3=gcd(d,f); Y2=d-1 mod
f
 X 3
4.Q=  Y 3 
5.(T1,T2,T3) ← (X1－QY1,X2－QY2,X3－QY3)
6.(X1,X2,X3) ← (Y1,Y2,Y3)
7.(Y1,Y2,Y3) ← (T1,T2,T3)
8. goto 2
YSL
Information Security -- Public-Key Cryptography
34
Chinese Remainder Theorem
YSL
Information Security -- Public-Key Cryptography
35
Chinese Remainder Theorem
(cont’d)
YSL
Information Security -- Public-Key Cryptography
36
Discrete Logarithms
Table 7.6 Powers of Integers, Modulo 19
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
a a a a a a a a a a a a a a a a a a
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
2 4 8 16 13 7 14 9 18 17 15 11 3 6 12 5 10 1
3 9 8 5 15 7 2 6 18 16 10 11 14 4 12 17 13 1
4 16 7 9 17 11 6 5 1 4 16 7 9 17 11 6 5 1
5 6 11 17 9 7 16 4 1 5 6 11 17 9 7 16 4 1
6 17 7 4 5 11 9 16 1 6 17 7 4 5 11 9 16 1
7 11 1 7 11 1 7 11 1 7 11 1 7 11 1 7 11 1
8 7 18 11 12 1 8 7 18 11 12 1 8 7 18 11 12 1
9 5 7 6 16 11 4 17 1 9 5 7 6 16 11 4 17 1
10 5 12 6 3 11 15 17 18 9 14 7 13 16 8 4 2 1
11 7 1 11 7 1 11 7 1 11 7 1 11 7 1 11 7 1
12 11 18 7 8 1 12 11 18 7 8 1 12 11 18 7 8 1
13 17 12 4 14 11 10 16 18 6 2 7 15 5 8 9 3 1
14 6 8 17 10 7 3 4 18 5 13 11 2 9 12 16 15 1
15 16 12 9 2 11 13 5 18 4 3 7 10 17 8 6 14 1
16 9 11 5 4 7 17 6 1 16 9 11 5 4 7 17 6 1
17 4 11 16 6 7 5 9 1 17 4 11 16 6 7 5 9 1
18 1 18 1 18 1 18 1 18 1 18 1 18 1 18 1 18 1
YSL
Information Security -- Public-Key Cryptography
37
Discrete Logarithms (cont’d)
Table 7.7
Tables of Discrete Logarithms, Modulo 19
(a) Discrete logarithms to the base 2, modulo 19
a
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
Ind (a) 18 1 13 2 16 14 6 3 8 17 12 15 5 7 11 4 10 9
2,19
(b) Discrete logarithms to the base 3, modulo 19
a
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
Ind3,19(a) 18 7 1 14 4 8 6 3 2 11 12 15 17 13 5 10 16 9
(c) Discrete logarithms to the base 10, modulo 19
a
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
Ind10,19(a) 18 17 5 16 2 4 12 15 10 1 6 3 13 11 7 14 8 9
(d) Discrete logarithms to the base 13, modulo 19
a
Ind
13,19
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
(a) 18 11 17 4 14 10 12 15 16 7 6 3 1 5 13 8 2 9
(e) Discrete logarithms to the base 14, modulo 19
a
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
Ind14,19(a) 18 13 7 8 10 2 6 3 14 5 12 15 11 1 17 16 14 9
(f) Discrete logarithms to the base 15, modulo 19
a
Ind
YSL
15,19
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
(a) 18 5 11 10 8 16 12 15 4 13 6 3 7 17 1 2 12 9s
Information Security -- Public-Key Cryptography
38