Mark/handouts
Mark/handouts
1
0
Fork 0
Code Pull Requests 1 Actions Packages Releases Activity

Merge branch 'master' of ssh://git.betalupi.com:33/Mark/ormc-handouts

Browse Source
This commit is contained in:
Mark 2023-05-03 22:23:29 -07:00
commit ecb259b229
5 changed files with 362 additions and 382 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Advanced/Cryptography/main.tex
View File

@ -8,7 +8,6 @@
\usepackage{amsmath}
\usepackage{amssymb}
\usepackage{multicol}
\usepackage{subfiles}
\begin{document}
@ -19,14 +18,10 @@
{Intro to Cryptography}
{Prepared by Mark on \today{}}
\vspace{3ex}
\input{parts/part 1}
\input{parts/part 2}
\input{parts/part 3}
\subfile{parts/part 1}
\subfile{parts/part 2}
\subfile{parts/part 3}
\subfile{parts/challenge}
\input{parts/challenge}
\end{document}

110
Advanced/Cryptography/parts/challenge.tex
View File

@ -1,21 +1,17 @@
\documentclass[../main.tex]{subfiles}
\begin{document}
\section{Challenge Problems}
\section{Challenge Problems}
\problem{}
Prove \ref{mod_has_inverse}: \\
$a$ has an inverse mod $m$ iff $\gcd(a, m) = 1$ \\
\begin{hint}
\problem{}
Prove \ref{mod_has_inverse}: \\
$a$ has an inverse mod $m$ iff $\gcd(a, m) = 1$ \\
\begin{hint}
To prove an iff statement, prove each direction separately: \\
Assume that the left side is true and show that left $\implies$ right, \\
then do the reverse.
\end{hint}
\end{hint}
\begin{solution}
\begin{solution}
Assume $a^\star$ is the inverse of $a \pmod{m}$. \\
Then $a^\star \times a \equiv 1 \pmod{m}$ \\
@ -28,27 +24,27 @@
So, $au-1 = mv$. \\
$m$ divides $au-1$, so $au \equiv 1 \pmod{m}$ \\
$u$ is $a^\star$.
\end{solution}
\end{solution}
\vfill
\vfill
\problem{}<eua_runtime>
The Euclidean Algorithm (From \ref{euclid_algorithm}) can be written as follows: \\
\problem{}<eua_runtime>
The Euclidean Algorithm (From \ref{euclid_algorithm}) can be written as follows: \\
Assume $a > b$.
Set $e_0 = a$ and $e_1 = b$. \\
Let $e_{n+1} = \text{remainder}(r_{n-1} \div r_{n})$ \\
Stop when $e_{k} = 0$.
Then, $\gcd(a, b) = e_{k-1}$. \\
Assume $a > b$.
Set $e_0 = a$ and $e_1 = b$. \\
Let $e_{n+1} = \text{remainder}(r_{n-1} \div r_{n})$ \\
Stop when $e_{k} = 0$.
Then, $\gcd(a, b) = e_{k-1}$. \\
Let $F_n$ be the $n^{\text{th}}$ Fibonacci number. ($F_0 = 0$; $F_1 = 1$; $F_2 = 1$; $\dots$)\\
Show that if the Euclidean algorithm requires $n$ steps for an input $(a, b)$, then $a \geq F_{n+2}$ and $b \geq F_{n+1}$.
Let $F_n$ be the $n^{\text{th}}$ Fibonacci number. ($F_0 = 0$; $F_1 = 1$; $F_2 = 1$; $\dots$)\\
Show that if the Euclidean algorithm requires $n$ steps for an input $(a, b)$, then $a \geq F_{n+2}$ and $b \geq F_{n+1}$.
(In other words, show that the longest-running input of a given size is a Fibonacci pair.)
(In other words, show that the longest-running input of a given size is a Fibonacci pair.)
\begin{solution}
\begin{solution}
The easiest way to go about this is induction on $n$: \\
\textcolor{gray}{\textit{Base Case:}}
@ -69,47 +65,48 @@
Therefore, $a = q_0b + r_0 \geq b + r_0$ \\
But $b + r_0 = F_{m+1} + F_{m} = F_{m+2}$, \\
so $a \geq F_{m+2}$.
\end{solution}
\end{solution}
\vfill
\vfill
\pagebreak
\problem{Chinese Remainder Theorem}
There are certain things whose number is unknown. If we count them by threes, we have two left over; by fives, we have three left over; and by sevens, two are left over. How many things are there?
\problem{Chinese Remainder Theorem}
There are certain things whose number is unknown. If we count them by threes, we have two left over; by fives, we have three left over; and by sevens, two are left over. How many things are there?
\begin{solution}
\begin{solution}
$x \equiv 2 \pmod{3}$ \\
$x \equiv 3 \pmod{5}$ \\
$x \equiv 2 \pmod{7}$ \\
$x = 23 + 105k\ \forall k \in \mathbb{Z}$
\end{solution}
\end{solution}
\vfill
\vfill
\problem{}<flt_prereq>
Show that if $p$ is prime, $\binom{p}{i} \equiv 0 \pmod{p}$
for $0 < i < p$.
\problem{}<flt_prereq>
Show that if $p$ is prime, $\binom{p}{i} \equiv 0 \pmod{p}$
for $0 < i < p$.
\begin{solution}
\begin{solution}
$\binom{p}{i} = \frac{p!}{i!(p-i)!}$ tells us that $i!(p-i)!$ divides $p! = p(p-1)!$. \\
However, $i!(p-i)!$ and $p$ are coprime, since all factors of $i!(p-i)!$ are smaller than $p$. \\
Therefore, $i!(p-i)!$ must divide $(p-1)!$ \\
So, $\binom{p}{i} = p \times \frac{(p-1)!}{i!(p-i)!}$, and $\binom{p}{i} \equiv 0 \pmod{p}$.
\end{solution}
\end{solution}
\vfill
\vfill
\problem{Fermat's Little Theorem}
Show that if $p$ is prime and $a \not\equiv 0 \pmod{p}$, then $a^{p-1} \equiv 1 \pmod{p}$. \\
You may want to use \ref{flt_prereq}.
\problem{Fermat's Little Theorem}
Show that if $p$ is prime and $a \not\equiv 0 \pmod{p}$, then $a^{p-1} \equiv 1 \pmod{p}$. \\
You may want to use \ref{flt_prereq}.
\begin{hint}
\begin{hint}
It may be easier to show that $a^p \equiv a \pmod{p}$
\end{hint}
\end{hint}
\begin{solution}
\begin{solution}
Use induction:
$1 \equiv 1 \pmod{p}$ \\
@ -124,23 +121,22 @@
We can repeat this for all $a$. This proof can be presented more formally with a bit of induction.
\end{solution}
\end{solution}
\vfill
\vfill
%\problem{}
%Prove \ref{theorem:gcd_abc}: \\
%For any integers $a, b, c$, \\
%$\gcd(ac + b, a) = \gcd(a, b)$\\
%\problem{}
%Prove \ref{theorem:gcd_abc}: \\
%For any integers $a, b, c$, \\
%$\gcd(ac + b, a) = \gcd(a, b)$\\
%\begin{solution}
% This problem is hard, \\
% I'll write a solution eventually.
%\end{solution}
%\begin{solution}
% This problem is hard, \\
% I'll write a solution eventually.
%\end{solution}
%\vfill
%\vfill
[Note on \ref{eua_runtime}] This proof can be used to show that the Euclidean algorithm finishes in logarithmic time, and it is the first practical application of the Fibonacci numbers. If you have finished all challenge problems, finish the proof: show that the Euclidean runs in $O(\log{n})$
\pagebreak
\end{document}
[Note on \ref{eua_runtime}] This proof can be used to show that the Euclidean algorithm finishes in logarithmic time, and it is the first practical application of the Fibonacci numbers. If you have finished all challenge problems, finish the proof: show that the Euclidean runs in $O(\log{n})$
\pagebreak

122
Advanced/Cryptography/parts/part 1.tex
View File

@ -1,107 +1,101 @@
\documentclass[../main.tex]{subfiles}
\begin{document}
\section{The Euclidean Algorithm}
\definition{}
The \textit{greatest common divisor} of $a$ and $b$ is the greatest integer that divides both $a$ and $b$. \\
We denote this number with $\gcd(a, b)$. For example, $\gcd(45, 60) = 15$.
\definition{}
The \textit{greatest common divisor} of $a$ and $b$ is the greatest integer that divides both $a$ and $b$. \\
We denote this number with $\gcd(a, b)$. For example, $\gcd(45, 60) = 15$.
\theorem{The Division Algorithm}
Given two integers $a, b$, we can find two integers $q, r$, where $0 \leq r < b$ and $a = qb + r$. \\
In other words, we can divide $a$ by $b$ to get $q$ remainder $r$.
\theorem{The Division Algorithm}
Given two integers $a, b$, we can find two integers $q, r$, where $0 \leq r < b$ and $a = qb + r$. \\
In other words, we can divide $a$ by $b$ to get $q$ remainder $r$.
\theorem{}<gcd_abc>
For any integers $a, b, c$, \\
$\gcd(ac + b, a) = \gcd(a, b)$
\theorem{}<gcd_abc>
For any integers $a, b, c$, \\
$\gcd(ac + b, a) = \gcd(a, b)$
\problem{}
Find $\gcd(20, 14)$ by hand.
\problem{}
Find $\gcd(20, 14)$ by hand.
\begin{solution}
\begin{solution}
$\gcd(20, 14) = 2$
\end{solution}
\end{solution}
\vfill
\vfill
\problem{}<euclid_algorithm>
Using the theorems above, detail an algorithm for finding $\gcd(a, b)$.\\
Then, compute $\gcd(1610, 207)$ by hand. \\
Have an instructor check your work before moving on.
\problem{The Euclidean Algorithm}<euclid_algorithm>
Using the theorems above, detail an algorithm for finding $\gcd(a, b)$.\\
Then, compute $\gcd(1610, 207)$ by hand. \\
\begin{solution}
\begin{solution}
Using \ref{gcd_abc} and the division algorthm,
% Minipage prevents column breaks inside body
\begin{multicols}{2}
\begin{minipage}{\columnwidth}
$\gcd(1610, 207)$ \\
$= \gcd(207, 161)$ \\
$= \gcd(161, 46)$ \\
$= \gcd(46, 23)$ \\
$= \gcd(23, 0) = 23$ \\
$\gcd(1610, 207)$ \par
$= \gcd(207, 161)$ \par
$= \gcd(161, 46)$ \par
$= \gcd(46, 23)$ \par
$= \gcd(23, 0) = 23$ \par
\end{minipage}
\columnbreak
\begin{minipage}{\columnwidth}
$1610 = 207 \times 7 + 161$ \\
$207 = 161 \times 1 + 46$ \\
$161 = 46 \times 3 + 23$ \\
$46 = 23 \times 2 + 0$ \\
$1610 = 207 \times 7 + 161$ \par
$207 = 161 \times 1 + 46$ \par
$161 = 46 \times 3 + 23$ \par
$46 = 23 \times 2 + 0$ \par
\end{minipage}
\end{multicols}
\end{solution}
\end{solution}
\vfill
\pagebreak
\vfill
\pagebreak
\problem{Divide and Conquer}
If we are given $a, b, c$, when can we find $u, v$ that satisfy $au + bv = c$?
\problem{Divide and Conquer}
If we are given $a, b, c$, when can we find $u, v$ that satisfy $au + bv = c$?
\problempart{Divide}
Show that if we find a solution $(u, v)$ to $au + bv = \gcd(a, b)$, we can easily find a $(u, v)$ for any other value of $c$. \\
\textcolor{gray}{\textit{Note: } We are not looking for \textit{all} $(u, v)$ that solve $au + bv = c$, we are looking for an easy way to find \textit{any} $(u, v)$.}
\problempart{Divide}
Show that if we find a solution $(u, v)$ to $au + bv = \gcd(a, b)$, we can easily find a $(u, v)$ for any other value of $c$. \\
\textcolor{gray}{\textit{Note: } We are not looking for \textit{all} $(u, v)$ that solve $au + bv = c$, we are looking for an easy way to find \textit{any} $(u, v)$.}
\begin{solution}
\begin{solution}
Note that $\gcd(a, b)$ divides both a and b. \\
Therefore, any $c$ must be divisible by $\gcd(a, b)$.
The smallest such $c$ is $\gcd(a, b)$ itself, and we can get all other tuples $(u, v, c)$ by scaling.
\end{solution}
\end{solution}
\vfill
\vfill
\problempart{Conquer}<extend_e_algorithm>
Using the output of your algorithm\footnotemark{} from \ref{euclid_algorithm},
\footnotetext{Your solution to \ref{euclid_algorithm} is called the \textit{Euclidean Algorithm}}
\begin{itemize}
\problempart{Conquer}<extend_e_algorithm>
Using the output of the Euclidean algorithm,
\begin{itemize}
\item[-] find a pair $(u, v)$ that satisfies $20u + 14v = \gcd(20, 14)$
\item[-] find a pair $(u, v)$ that satisfies $541u + 34v = \gcd(541, 34)$ \\
% gcd = 1
% u = 11; v = -175
\end{itemize}
For which numbers $c$ can we find a $(u, v)$ so that $541u + 34v = c$? \\
For every such $c$, what are $u$ and $v$?
\end{itemize}
For which numbers $c$ can we find a $(u, v)$ so that $541u + 34v = c$? \\
For every such $c$, what are $u$ and $v$?
\begin{solution}
\begin{solution}
Using the output of the Euclidean Algorithm, we can use substitution and a bit of algebra to solve such problems. Consider the following example:
\begin{multicols}{2}
\begin{minipage}{\columnwidth}
\textit{Euclidean Algorithm:} \\
$20 = 14 \times 1 + 6$ \\
$14 = 6 \times 2 + 2$ \\
$6 = 2 \times 3 + 0$ \\
\textit{Euclidean Algorithm:} \par
$20 = 14 \times 1 + 6$ \par
$14 = 6 \times 2 + 2$ \par
$6 = 2 \times 3 + 0$ \par
\end{minipage}
\columnbreak
\begin{minipage}{\columnwidth}
\textit{Rearranged:} \\
$6 = 20 - 14 \times 1$ \\
$2 = 14 - 6 \times 2 = \gcd(20, 14)$ \\
\textit{Rearranged:} \par
$6 = 20 - 14 \times 1$ \par
$2 = 14 - 6 \times 2 = \gcd(20, 14)$ \par
\end{minipage}
\end{multicols}
@ -123,7 +117,9 @@
$u = k \times u_0 = 11k$ and $v = k \times v_0 = -175k$. \\
(See Part A)
\end{solution}
\vfill
\pagebreak
\end{document}
\end{solution}
\vfill
\pagebreak

73
Advanced/Cryptography/parts/part 2.tex
View File

@ -1,68 +1,65 @@
\documentclass[../main.tex]{subfiles}
\section{Modular Arithmetic}
\begin{document}
\section{Modular Arithmetic}
\definition{}
We say that $a, b$ are equivalent mod $m$ if $m$ divides $a - b$. \\
If $a$ is equivalent to $b$ mod $m$, we write $a \equiv b \pmod{m}$. \\
You can think of $b$ as the remainder of $a \div m$:
\begin{itemize}
\definition{}
We say that $a, b$ are equivalent mod $m$ if $m$ divides $a - b$. \\
If $a$ is equivalent to $b$ mod $m$, we write $a \equiv b \pmod{m}$. \\
You can think of $b$ as the remainder of $a \div m$:
\begin{itemize}
\item[] $32 \equiv 2 \pmod{6}$
\item[] $4 \equiv 4 \pmod{6}$
\item[] $-2 \equiv 4 \pmod{6}$
\end{itemize}
\end{itemize}
\problem{}
Complete the following:
\begin{itemize}
\problem{}
Complete the following:
\begin{itemize}
\item[] $87 \equiv ? \pmod{12}$ \hspace{3em} \textcolor{gray}{(Your answer should be between $0$ and $12$)}
\item[] $13 \equiv 2 \pmod{?}$
\item[] $? \equiv 1 \pmod{9}$
\end{itemize}
\end{itemize}
\begin{solution}
\begin{solution}
\begin{itemize}
\item[] $87 \equiv 3 \pmod{12}$
\item[] $13 \equiv 2 \pmod{11}$
\item[] $(9k + 1) \equiv 1 \pmod{9}\ \forall k \in \mathbb{Z}$
\end{itemize}
\end{solution}
\end{solution}
\vfill
\vfill
\definition{}
The inverse of $a$ mod $m$ is an integer $a^\star$ so that \\
$a \times a^\star \equiv 1 \pmod{m}$. \\
Note that not every $a$ has an inverse mod $m$.
\definition{}
The inverse of $a$ mod $m$ is an integer $a^\star$ so that \\
$a \times a^\star \equiv 1 \pmod{m}$. \\
Note that not every $a$ has an inverse mod $m$.
\theorem{}<mod_has_inverse>
$a$ has an inverse mod $m$ iff $\gcd(a, m) = 1$ \\
\textcolor{gray}{\textit{The proof of this theorem is left as a challenge problem.}}
\theorem{}<mod_has_inverse>
$a$ has an inverse mod $m$ iff $\gcd(a, m) = 1$ \\
\textcolor{gray}{\textit{The proof of this theorem is left as a challenge problem.}}
\problem{D\'ej\`a vu?}<find_inverse>
Find the inverse of $20 \pmod{14}$, if one exists. \\
Find the inverse of $34 \pmod{541}$, if one exists.
\problem{D\'ej\`a vu?}<find_inverse>
Find the inverse of $20 \pmod{14}$, if one exists. \\
Find the inverse of $34 \pmod{541}$, if one exists.
\begin{solution}
\begin{solution}
$20^\star$ does not exist mod $14$, by \ref{mod_has_inverse}. \\
$34^\star \equiv -175 \equiv 366 \pmod{541}$.
See \ref{general_inverse} for an explanation.
\end{solution}
\end{solution}
\vfill
\vfill
\problem{}<general_inverse>
In general, how can we find the inverse of $a \pmod{p}$?\\
(Assume $p$ is prime.)
\problem{}<general_inverse>
In general, how can we find the inverse of $a \pmod{p}$?\\
(Assume $p$ is prime.)
\begin{solution}
\begin{solution}
We need an $a^\star$ so that $a \times a^\star \equiv 1 \pmod{m}$. \\
This means that $aa^\star - mk = 1$. \\
Since $p$ is prime, $\gcd(a, m) = 1$, and $aa^\star - mk = \gcd(a, m)$ \\
Now use the Extended Euclidean Algorithm from \ref{extend_e_algorithm} to find $a^\star$.
\end{solution}
\end{solution}
\vfill
\pagebreak
\vfill
\pagebreak
\end{document}

150
Advanced/Cryptography/parts/part 3.tex
View File

@ -1,85 +1,82 @@
\documentclass[../main.tex]{subfiles}
\section{Symmetric Cryptosystems}
\begin{document}
\section{Symmetric Cryptosystems}
\definition{}
The goal of cryptography is to establish private communication between two parties over
a public channel. The rest of this handout tries to achieve this goal, using the tools we've
developed in the last two sections. \\
\definition{}
The goal of cryptography is to establish private communication between two parties over
a public channel. The rest of this handout tries to achieve this goal, using the tools we've
developed in the last two sections. \\
In this handout, a ``symmetric cryptosystem'' consists of the following:
\begin{itemize}
In this handout, a ``symmetric cryptosystem'' consists of the following:
\begin{itemize}
\item[-] A public prime number $p$ (Ideally, a \textit{big} prime number).
\item[-] $k$, a secret key that is shared between both parties. This is NOT public.
\item[-] $E_k(m) = c$, a function that uses key $k$ to encrypt message $m$ into a ciphertext $c$.
\item[-] $D_k(c) = m$, a function that uses key $k$ to decrypt a ciphertext $c$ into message $m$. \\
\item[-] Of course, $D_k(E_k(m)) = m$. \\
\end{itemize}
\end{itemize}
We have a good reason for picking a prime $p$. A prime base guarantees that every\footnote[1]{except those $\equiv 0 \pmod{p}$, of course} integer has an inverse mod $p$. Review \ref{mod_has_inverse} and convince yourself that this is true. \\
We have a good reason for picking a prime $p$. A prime base guarantees that every\footnote[1]{except those $\equiv 0 \pmod{p}$, of course} integer has an inverse mod $p$. Review \ref{mod_has_inverse} and convince yourself that this is true. \\
\vspace{2ex}
\vspace{2ex}
We'll assume that the secret key $k$ has been shared beforehand. How such a $k$ is created is beyond the scope of this handout, but those that are curious may look up ``Diffie-Hellman Key Exchange'' (Computerphile offers a
pretty good introduction). \\
We'll assume that the secret key $k$ has been shared beforehand. How such a $k$ is created is beyond the scope of this handout, but those that are curious may look up ``Diffie-Hellman Key Exchange'' (Computerphile offers a
pretty good introduction). \\
\vspace{2ex}
\vspace{2ex}
One may wonder why we care about secretly exchanging numbers. Those of you with experience in computing may have an answer: any information---text, images, etc---may be represented as a number. For example, we can encode the 26 letters of the alphabet as the numbers $1 - 26$. Such mappings are called ``encodings.'' \\
One may wonder why we care about secretly exchanging numbers. Those of you with experience in computing may have an answer: any information---text, images, etc---may be represented as a number. For example, we can encode the 26 letters of the alphabet as the numbers $1 - 26$. Such mappings are called ``encodings.'' \\
\vspace{2ex}
\vspace{2ex}
Finally, you will notice that the encryption schemes that follow can only take a limited range of inputs. Indeed, even the cyphers in use today have a limited input size. A simple (though possible insecure) way to overcome this limitation is to split the message into ``blocks'' of a desired size, and encrypt each independently.
Finally, you will notice that the encryption schemes that follow can only take a limited range of inputs. Indeed, even the cyphers in use today have a limited input size. A simple (though possibly insecure) way to overcome this limitation is to split the message into blocks of a desired size, encrypting each independently.
\vfill
\pagebreak
\vfill
\pagebreak
\problem{Multiplication mod p}
Consider the cryptosystem where
\begin{itemize}
\problem{Multiplication mod p}
Consider the cryptosystem where
\begin{itemize}
\item[-] $p$ is a prime (for this problem, fix $p = 11$. Remember, $p$ is public.)
\item[-] $k$ is an integer
\item[-] $E_k(m) = k \times m \pmod{p}$
\item[-] $D_k(c) = k^\star \times c \pmod{p}$
\end{itemize}
\end{itemize}
\problempart{}
Encrypt $m = 8$ with $k = 5$. \\
Decrypt $c = 3$ with $k = 9$. \\
\textcolor{gray}{In other words, find $E_5(8)$ and $D_9(3)$}
\problempart{}
Encrypt $m = 8$ with $k = 5$. \\
Decrypt $c = 3$ with $k = 9$. \\
\textcolor{gray}{In other words, find $E_5(8)$ and $D_9(3)$}
\begin{solution}
\begin{solution}
$E_5(8) = 5 \times 8 \equiv 7$ \\
$D_9(3) = k^\star \times 3 = 5 \times 3 \equiv 4$
\end{solution}
\end{solution}
\vfill
\vfill
\problempart{}
Using this cryptosystem, Nikita sends a message to Sanjit. \\
Looking over Sanjit's shoulder, you find that $E_k(9) = 8$ \\
What key was used? \\
\textcolor{gray}{This is called a \textit{known plaintext attack}. With a good cryptosystem, it will be very difficult to solve this problem.}
\problempart{}
Using this cryptosystem, Nikita sends a message to Sanjit. \\
Looking over Sanjit's shoulder, you find that $E_k(9) = 8$ \\
What key was used? \\
\textcolor{gray}{This is called a \textit{known plaintext attack}. With a good cryptosystem, it will be very difficult to solve this problem.}
\begin{solution}
\begin{solution}
$E_k = c = km$ \\
$E_k \times m^\star = kmm^\star = k$ \\
$m^\star = 5; k = 7$
\end{solution}
\end{solution}
\vfill
\vfill
\problempart{}<mult_analysis>
If you know many ciphertexts encrypted with the same key, can you find the key used to create them? \\
What range of values can this system effectively encrypt?
Justify all answers.
\problempart{}<mult_analysis>
If you know many ciphertexts encrypted with the same key, can you find the key used to create them? \\
What range of values can this system effectively encrypt?
Justify all answers.
\begin{solution}
\begin{solution}
If the messages are independent, no. However, analysis is possible if the plaintexts have a known structure.
@ -88,44 +85,44 @@
$m \in \{1, 2, ..., 10\}$ \\
Note that $m$ cannot be $\equiv 0$.
\end{solution}
\end{solution}
\vfill
\pagebreak
\vfill
\pagebreak
\problem{The Affine Cipher}
Consider the cryptosystem where
\begin{itemize}
\problem{The Affine Cipher}
Consider the cryptosystem where
\begin{itemize}
\item[-] $p$ is a prime (for this problem, fix $p = 541$)
\item[-] $k = (k_1,\ k_2)$ is a tuple of two integers
\item[-] $E_k(m) = k_1 \times m + k_2 \pmod{p}$
\item[-] $D_k(c) = k_1^\star \times (c - k_2) \pmod{p}$
\end{itemize}
\end{itemize}
\problempart{}
Encrypt $m = 204$ with $k = (34,\ 71)$. \\
Decrypt $c = 431$ with $k = (34,\ 71)$.
\problempart{}
Encrypt $m = 204$ with $k = (34,\ 71)$. \\
Decrypt $c = 431$ with $k = (34,\ 71)$.
\begin{solution}
\begin{solution}
$E_k(204) = 34 \times 204 + 71 \equiv 515$ \\
$k^\star = 366$
\hfill\textcolor{gray}{Known from \ref{find_inverse}}\\
$D_k(431) = 366 (431 - 71) \equiv 297$
\end{solution}
\end{solution}
\vfill
\vfill
\problempart{}
Now, let $p = 601$. You know two plaintext-ciphertext pairs:\\
$(m_1,\ c_1) = (387,\ 324)$ \\
$(m_2,\ c_2) = (491,\ 381)$ \\
How would you find $(k_1, k_2)$? \\
\textcolor{gray}{\textit{Note: } You do NOT have to find $k$. The calculations take a lot of manual labor. All you need to do is detail the steps you \textit{would} take if you had a calculator.}
\problempart{}
Now, let $p = 601$. You know two plaintext-ciphertext pairs:\\
$(m_1,\ c_1) = (387,\ 324)$ \\
$(m_2,\ c_2) = (491,\ 381)$ \\
How would you find $(k_1, k_2)$? \\
\textcolor{gray}{\textit{Note: } You do NOT have to find $k$. The calculations take a lot of manual labor. All you need to do is detail the steps you \textit{would} take if you had a calculator.}
\begin{solution}
\begin{solution}
$E_k(387) = k_1 \times 387 + k_2 \equiv 324 \pmod{601}$ \\
$E_k(491) = k_1 \times 491 + k_2 \equiv 381 \pmod{601}$ \\
@ -141,16 +138,16 @@
Substitute $k_1 = 41$. \\
$(k_1, k_2) = (41, 83)$
\end{solution}
\vfill
\end{solution}
\vfill
\problempart{}
If you only know one message and its corresponding ciphertext, can you find the encryption key? \\
If you know many ciphertexts encrypted with the same key, can you find the key used to create them? \\
What range of values can this system effectively encrypt?
Justify all answers.
\problempart{}
If you only know one message and its corresponding ciphertext, can you find the encryption key? \\
If you know many ciphertexts encrypted with the same key, can you find the key used to create them? \\
What range of values can this system effectively encrypt?
Justify all answers.
\begin{solution}
\begin{solution}
Given $m$ and $c$, you cannot find $k_1$ or $k_2$.
\linehack{}
@ -162,8 +159,7 @@
$m \in \{1, 2, ..., 540\}$
Other answers are the same as those to \ref{mult_analysis}.
\end{solution}
\end{solution}
\vfill
\pagebreak
\end{document}
\vfill
\pagebreak