Author | Song Y. Yan | |

Isbn | 9781118188583 | |

File size | 4.5MB | |

Year | 2013 | |

Pages | 416 | |

Language | English | |

File format | ||

Category | cryptography |

INFORMATION SECURITY SERIES
The Wiley-HEP Information Security Series systematically introduces the fundamentals of information
security design and application. The goals of the Series are:
r to provide fundamental and emerging theories and techniques to stimulate more research in cryptology, algorithms, protocols, and architectures
r to inspire professionals to understand the issues behind important security problems and the ideas
behind the solutions
r to give references and suggestions for additional reading and further study
The Series is a joint project between Wiley and Higher Education Press (HEP) of China. Publications
consist of advanced textbooks for graduate students as well as researcher and practitioner references
covering the key areas, including but not limited to:
–
–
–
–
–
–
–
Modern Cryptography
Cryptographic Protocols and Network Security Protocols
Computer Architecture and Security
Database Security
Multimedia Security
Computer Forensics
Intrusion Detection
LEAD EDITORS
Song Y. Yan
Moti Yung
John Rief
London, UK
Columbia University, USA
Duke University, USA
EDITORIAL BOARD
Liz Bacon
Kefei Chen
Matthew Franklin
Dieter Gollmann
Yongfei Han
Kwangjo Kim
David Naccache
Dingyi Pei
Peter Wild
University of Greenwich, UK
Shanghai Jiaotong University, China
University of California, USA
Hamburg University of Technology, Germany
Beijing University of Technology, China
ONETS Wireless & Internet Security Tech. Co., Ltd. Singapore
KAIST-ICC, Korea
Ecole Normale Sup´erieure, France
Guangzhou University, China
University of London, UK
COMPUTATIONAL
NUMBER THEORY
AND MODERN
CRYPTOGRAPHY
Song Y. Yan
College of Sciences
North China University of Technology
Beijing, China
&
Department of Mathematics
Harvard University
Cambridge, USA
This edition ﬁrst published 2013
C 2013 Higher Education Press. All rights reserved.
Published by John Wiley & Sons Singapore Pte. Ltd., 1 Fusionopolis Walk, #07-01 Solaris South Tower,
Singapore 138628, under exclusive license by Higher Education Press in all media and all languages throughout
the world excluding Mainland China and excluding Simpliﬁed and Traditional Chinese languages.
For details of our global editorial ofﬁces, for customer services and for information about how to apply for
permission to reuse the copyright material in this book please see our website at www.wiley.com.
All Rights Reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted, in
any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as
expressly permitted by law, without either the prior written permission of the Publisher, or authorization through
payment of the appropriate photocopy fee to the Copyright Clearance Center. Requests for permission should be
addressed to the Publisher, John Wiley & Sons Singapore Pte. Ltd., 1 Fusionopolis Walk, #07-01 Solaris South
Tower, Singapore 138628, tel: 65-66438000, fax: 65-66438008, email: [email protected]
Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be
available in electronic books.
Designations used by companies to distinguish their products are often claimed as trademarks. All brand names
and product names used in this book are trade names, service marks, trademarks or registered trademarks of their
respective owners. The Publisher is not associated with any product or vendor mentioned in this book. This
publication is designed to provide accurate and authoritative information in regard to the subject matter covered. It
is sold on the understanding that the Publisher is not engaged in rendering professional services. If professional
advice or other expert assistance is required, the services of a competent professional should be sought.
Library of Congress Cataloging-in-Publication Data
Yan, Song Y.
Computational number theory and modern cryptography / Song Y. Yan.
pages cm
Includes bibliographical references and index.
ISBN 978-1-118-18858-3 (hardback)
1. Data encryption (Computer science) 2. Number theory–Data processing. I. Title.
QA76.9.A25Y358 2012
005.8 2–dc23
2012032708
ISBN: 9781118188583
Typeset in 10/12pt Times by Aptara Inc., New Delhi, India
CONTENTS
About the Author
ix
Preface
xi
Acknowledgments
xiii
Part I Preliminaries
1
Introduction
1.1
What is Number Theory?
1.2
What is Computation Theory?
1.3
What is Computational Number Theory?
1.4
What is Modern Cryptography?
1.5
Bibliographic Notes and Further Reading
References
3
3
9
15
29
32
32
2
Fundamentals
2.1
Basic Algebraic Structures
2.2
Divisibility Theory
2.3
Arithmetic Functions
2.4
Congruence Theory
2.5
Primitive Roots
2.6
Elliptic Curves
2.7
Bibliographic Notes and Further Reading
References
35
35
46
75
89
131
141
154
155
Part II Computational Number Theory
3
Primality Testing
3.1
Basic Tests
3.2
Miller–Rabin Test
3.3
Elliptic Curve Tests
3.4
AKS Test
3.5
Bibliographic Notes and Further Reading
References
159
159
168
173
178
187
188
vi
Contents
4
Integer Factorization
4.1
Basic Concepts
4.2
Trial Divisions Factoring
4.3
ρ and p − 1 Methods
4.4
Elliptic Curve Method
4.5
Continued Fraction Method
4.6
Quadratic Sieve
4.7
Number Field Sieve
4.8
Bibliographic Notes and Further Reading
References
191
191
194
198
205
209
214
219
231
232
5
Discrete Logarithms
5.1
Basic Concepts
5.2
Baby-Step Giant-Step Method
5.3
Pohlig–Hellman Method
5.4
Index Calculus
5.5
Elliptic Curve Discrete Logarithms
5.6
Bibliographic Notes and Further Reading
References
235
235
237
240
246
251
260
261
Part III Modern Cryptography
6
Secret-Key Cryptography
6.1
Cryptography and Cryptanalysis
6.2
Classic Secret-Key Cryptography
6.3
Modern Secret-Key Cryptography
6.4
Bibliographic Notes and Further Reading
References
265
265
277
285
291
291
7
Integer Factorization Based Cryptography
7.1
RSA Cryptography
7.2
Cryptanalysis of RSA
7.3
Rabin Cryptography
7.4
Residuosity Based Cryptography
7.5
Zero-Knowledge Proof
7.6
Bibliographic Notes and Further Reading
References
293
293
302
319
326
331
335
335
8
Discrete Logarithm Based Cryptography
8.1
Difﬁe–Hellman–Merkle Key-Exchange Protocol
8.2
ElGamal Cryptography
8.3
Massey–Omura Cryptography
8.4
DLP-Based Digital Signatures
8.5
Bibliographic Notes and Further Reading
References
337
337
342
344
348
351
351
Contents
9
Elliptic Curve Discrete Logarithm Based Cryptography
9.1 Basic Ideas
9.2 Elliptic Curve Difﬁe–Hellman–Merkle Key Exchange Scheme
9.3 Elliptic Curve Massey–Omura Cryptography
9.4 Elliptic Curve ElGamal Cryptography
9.5 Elliptic Curve RSA Cryptosystem
9.6 Menezes–Vanstone Elliptic Curve Cryptography
9.7 Elliptic Curve DSA
9.8 Bibliographic Notes and Further Reading
References
vii
353
353
356
360
365
370
371
373
374
375
Part IV Quantum Resistant Cryptography
10
Quantum Computational Number Theory
10.1 Quantum Algorithms for Order Finding
10.2 Quantum Algorithms for Integer Factorization
10.3 Quantum Algorithms for Discrete Logarithms
10.4 Quantum Algorithms for Elliptic Curve Discrete Logarithms
10.5 Bibliographic Notes and Further Reading
References
379
379
385
390
393
397
397
11
Quantum Resistant Cryptography
11.1 Coding-Based Cryptography
11.2 Lattice-Based Cryptography
11.3 Quantum Cryptography
11.4 DNA Biological Cryptography
11.5 Bibliographic Notes and Further Reading
References
401
401
403
404
406
409
410
Index
413
ABOUT THE AUTHOR
Professor Song Y. Yan majored in both Computer Science and Mathematics, and obtained a PhD in Number Theory in the Department of
Mathematics at the University of York, England. His current research
interests include Computational Number Theory, Computational Complexity Theory, Algebraic Coding Theory, Public-Key Cryptography
and Information/Network Security. He published, among others, the
following ﬁve well-received and popular books in computational number theory and public-key cryptography:
[1] Perfect, Amicable and Sociable Numbers: A Computational Approach, World Scientiﬁc,
1996.
[2] Number Theory for Computing, Springer, First Edition, 2000, Second Edition, 2002.
(Polish Translation, Polish Scientiﬁc Publishers PWN, Warsaw, 2006; Chinese Translation, Tsinghua University Press, Beijing, 2007.)
[3] Cryptanalytic Attacks on RSA, Springer, 2007. (Russian Translation, Moscow, 2010.)
[4] Primality Testing and Integer Factorization in Public-Key Cryptography, Springer, First
Edition, 2004; Second Edition, 2009.
[5] Quantum Attacks on Public-Key Cryptosystems, Springer, 2012.
Song can be reached by email address [email protected] anytime.
PREFACE
The book is about number theory and modern cryptography. More specically, it is about
computational number theory and modern public-key cryptography based on number theory.
It consists of four parts. The ﬁrst part, consisting of two chapters, provides some preliminaries.
Chapter 1 provides some basic concepts of number theory, computation theory, computational
number theory, and modern public-key cryptography based on number theory. In chapter 2, a
complete introduction to some basic concepts and results in abstract algebra and elementary
number theory is given.
The second part is on computational number theory. There are three chapters in this part.
Chapter 3 deals with algorithms for primality testing, with an emphasis on the Miller-Rabin
test, the elliptic curve test, and the AKS test. Chapter 4 treats with algorithms for integer
factorization, including the currently fastest factoring algorithm NFS (Number Field Sieve),
and the elliptic curve factoring algorithm ECM (Elliptic Curve Method). Chapter 5 discusses
various modern algorithms for discrete logarithms and for elliptic curve discrete logarithms.
It is well-known now that primality testing can be done in polynomial-time on a digital
computer, however, integer factorization and discrete logarithms still cannot be performed
in polynomial-time. From a computational complexity point of view, primality testing is
feasible (tractable, easy) on a digital computer, whereas integer factorization and discrete
logarithms are infeasible (intractable, hard, difﬁcult). Of course, no-one has yet been able to
prove that the integer factorization and the discrete logarithm problems must be infeasible
on a digital computer.
Building on the results in the ﬁrst two parts, the third part of the book studies the modern
cryptographic schemes and protocols whose security relies exactly on the infeasibility of the
integer factorization and discrete logarithm problems. There are four chapters in this part.
Chapter 6 presents some basic concepts and ideas of secret-key cryptography. Chapter 7
studies the integer factoring based public-key cryptography, including, among others, the
most famous and widely used RSA cryptography, the Rabin cryptosystem, the probabilistic
encryption and the zero-knowledge proof protocols. Chapter 8 studies the discrete logarithm
based cryptography, including the DHM key-exchange protocol (the world’s ﬁrst public-key
system), the ElGamal cryptosystem, and the US Government’s Digital Signature Standard
(DSS), Chapter 9 discusses various cryptographic systems and digital signature schemes
based on the infeasibility of the elliptic curve discrete logarithm problem, some of them
are just the elliptic curve analogues of the ordinary public-key cryptography such as elliptic
curve DHM, elliptic curve ElGamal, elliptic curve RSA, and elliptic curve DSA/DSS.
xii
Preface
It is interesting to note that although integer factorization and discrete logarithms cannot be solved in polynomial-time on a classical digital computer, they all can be solved in
polynomial-time on a quantum computer, provided that a practical quantum computer with
several thousand quantum bits can be built. So, the last part of the book is on quantum computational number theory and quantum-computing resistant cryptography. More specifﬁcally,
in Chapter 10, we shall study efﬁcient quantum algorithms for solving the Integer Factorization Problem (IFP), the Discrete Logarithm Problem (DLP) and the Elliptic Curve Discrete
Logarithm Problem (ECDLP). Since IFP, DLP and ECDLP can be solved efﬁciently on a
quantum computer, the IFP, DLP and ECDLP based cryptographic systems and protocols can
be broken efﬁciently on a quantum computer. However, there are many infeasible problems
such as the coding-based problems and the lattice-based problems that cannot be solved in
polynomial-time even on a quantum computer. That is, a quantum computer is basically a
special type of computing device using a different computing paradigm, it is only suitable
or good for some special problems such as the IFP, DLP and ECDLP problems. Thus, in
chapter 11, the last chapter of the book, we shall discuss some quantum-computing resistant
cryptographic systems, including the coding-based and lattice-based cryptographic systems,
that resist all known quantum attacks. Note that quantum-computing resistant cryptography is still classic cryptography, but quantum resistant. We shall, however, also introduce a
truly quantum cryptographic scheme, based on ideas of quantum mechanics and some DNA
cryptographic schemes based on idea of DNA molecular computation.
The materials presented in the book are based on the author’s many years teaching and
research experience in the ﬁeld, and also based on the author’s other books published in the
past ten years or so, particularly the following three books, all by Springer:
[1] Number Theory for Computing, 2nd Edition, 2002.
[2] Cryptanalytic Attacks on RSA, 2007.
[3] Primality Testing and Integer Factorization in Public-Key Cryptography, 2nd Edition,
2009.
The book is suited as a text for ﬁnal year undergraduate or ﬁrst year postgraduate courses in
computational number theory and modern cryptography, or as a basic research reference in
the ﬁeld.
Corrections, comments and suggestions from readers are very welcomed and can be sent
via email to [email protected]
Song Y. Yan
London, England
June 2012
ACKNOWLEDGMENTS
The author would like to thank the editors at Wiley and HEP, particularly Hongying Chen,
Shelley Chow, James Murphy, Clarissa Lim, and Shalini Sharma, for their encouragement,
assistance, and proof-reading. Special thanks must also be given to the three anonymous
referees for their very helpful and constructive comments and suggestions.
The work was supported in part by the Royal Society London, the Royal Academy of
Engineering London, the Recruitment Program of Global Experts of Hubei Province, the
Funding Project for Academic Human Resources Development in Institutions of Higher
Learning under the Jurisdiction of the Beijing Municipality (PHR/IHLB), the Massachusetts
Institute of Technology and Harvard University.
Part I
Preliminaries
In this part, we shall ﬁrst explain what are number theory, computation theory, computational
number theory, and modern (number-theoretic) cryptography are. The relationship betweeen
them may be shown in the following ﬁgure:
Number
theory
Computation
theory
Computational
number theory
Modern cryptography
(number-theoretic cryptography)
Then we shall present an introduction to the elementary theory of numbers from an algebraic
perspective (see the following ﬁgure), that shall be used throughout the book.
Elementary number theory
Algebraic
structures
Divisibility
theory
Arithmetic
functions
Congruence
theory
Primitive
roots
Elliptic
curves
Computational Number Theory and Modern Cryptography, First Edition. Song Y. Yan.
© 2013 Higher Education Press. All rights reserved. Published 2013 by John Wiley & Sons Singapore Pte. Ltd.
1
Introduction
In this chapter, we present some basic concepts and ideas of number theory, computation
theory, computational number theory, and modern (number-theoretic) cryptography. More
speciﬁcally, we shall try to answer the following typical questions in the ﬁeld:
r
r
r
r
What is number theory?
What is computation theory?
What is computational number theory?
What is modern (number-theoretic) cryptography?
1.1 What is Number Theory?
Number theory is concerned mainly with the study of the properties (e.g., the divisibility) of
the integers
Z = {. . . , −3, −2, −1, 0, 1, 2, 3, . . .},
particularly the positive integers
Z+ = {1, 2, 3, . . .}.
For example, in divisibility theory, all positive integers can be classiﬁed into three classes:
1. Unit: 1.
2. Prime numbers: 2, 3, 5, 7, 11, 13, 17, 19, · · ·.
3. Composite numbers: 4, 6, 8, 9, 10, 12, 14, 15, · · ·.
Recall that a positive integer n > 1 is called a prime number, if its only divisors are 1 and n,
otherwise, it is a composite number. 1 is neither prime number nor composite number. Prime
numbers play a central role in number theory, as any positive integer n > 1 can be written
uniquely into the following standard prime factorization form:
n = p1α1 p2α2 · · · pkαk
(1.1)
Computational Number Theory and Modern Cryptography, First Edition. Song Y. Yan.
© 2013 Higher Education Press. All rights reserved. Published 2013 by John Wiley & Sons Singapore Pte. Ltd.
4
Computational Number Theory and Modern Cryptography
π (x) for some large x
Table 1.1
π (x)
x
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
29844570422669
279238341033925
2623557157654233
24739954287740860
234057667276344607
2220819602560918840
21127269486018731928
201467286689315906290
1925320391606803968923
18435599767349200867866
where p1 < p2 < · · · < pk are primes and α1 , α2 , · · · , αk positive integers. Although prime
numbers have been studied for more than 2000 years, there are still many open problems
about their distribution. Let us investigate some of the most interesting problems about prime
numbers.
1. The distribution of prime numbers.
Euclid proved 2000 years ago in his Elements that there were inﬁnitely many prime
numbers. That is, the sequence of prime numbers
2, 3, 5, 7, 11, 13, 17, 19, · · ·
is endless. For example, 2, 3, 5 are the ﬁrst three prime numbers, whereas 243112609 − 1
is the largest prime number to date, it has 12978189 digits and was found on 23 August
2008. Let π (x) denote the prime numbers up to x (Table 1.1 gives some values of π (x)
for some large x), then Euclid’s theorem of inﬁnitude of primes actually says that
π(x) → ∞,
as x → ∞.
A much better result about the distribution of prime numbers is the Prime Number theorem,
stating that
π (x) ∼ x/ log x.
(1.2)
In other words,
lim
x→∞
π (x)
= 1.
x/ log x
(1.3)
Note that the log is the natural logarithm loge (normally denoted by ln), where
e = 2.7182818 . . .. However, if the Riemann Hypothesis [3] is true, then there is a reﬁnement of the Prime Number theorem
x
π (x) =
2
√
dt
+ O xe−c log x
log t
(1.4)
Introduction
to the effect that
x
π (x) =
2
√
dt
+ O x log x .
log t
5
(1.5)
Of course we do not know if the Riemann Hypothesis is true. Whether or not the Riemann
Hypothesis is true is one of the most important open problems in mathematics, and in
fact it is one of the seven Millennium Prize Problems proposed by the Clay Mathematics
Institute in Boston in 2000, each with a one million US dollars prize [4]. The Riemann
hypothesis states that all the nontrivial (complex) zeros ρ of the ζ function
∞
√
1
,
s
=
σ
+
it,
σ,
t
∈
R,
i
=
−1
ζ (s) =
ns
n=1
(1.6)
lying in the critical strip 0 < Re(s) < 1 must lie on the critical line Re(s) = 12 , that is,
ρ = 12 + it, where ρ denotes a nontrivial zero of ζ (s). Riemann calculated the ﬁrst ﬁve
nontrivial zeros of ζ (s) and found that they all lie on the critical line (see Figure 1.1), he
then conjectured that all the nontrivial zeros of ζ (s) are on the critical line.
it
1/2 + (32.93...)i
1/2 + (30.42...)i
30i
ζ(1/2 + itn ) = 0
1/2 + (25.01...)i
1/2 + (21.02...)i
20i
1/2 + (14.13...)i
10i
σ
−4
−2
0
1/2
1
ζ(−2n) = 0, n > 1
−10i
1. 2 − (14.13...)i
−20i
1. 2 − (21.02...)i
1. 2 − (25.01...)i
−30i
Figure 1.1
1. 2 − (30.42...)i
1. 2 − (32.93...)i
Riemann hypothesis
6
Computational Number Theory and Modern Cryptography
Table 1.2
Ten large twin prime pairs
Rank
Twin primes
Digits
Discovery date
1
2
3
4
5
6
7
8
9
10
65516468355 · 2333333 ± 1
2003663613 · 2195000 ± 1
194772106074315 · 2171960 ± 1
100314512544015 · 2171960 ± 1
16869987339975 · 2171960 ± 1
33218925 · 2169690 ± 1
22835841624 · 754321 ± 1
12378188145 · 2140002 ± 1
23272426305 · 2140001 ± 1
8151728061 · 2125987 ± 1
100355
58711
51780
51780
51779
51090
45917
42155
42155
37936
Aug 2009
Jan 2007
Jun 2007
Jun 2006
Sep 2005
Sep 2002
Nov 2010
Dec 2010
Dec 2010
May 2010
2. The distribution of twin prime numbers.
Twin prime numbers are of the form n ± 1, where both numbers are prime. For example,
(3, 5), (5, 7), (11, 13) are the ﬁrst three smallest twin prime pairs, whereas the largest twin
primes so far are 65516468355 · 2333333 ± 1, discovered in August 2009, both numbers
having 100355 digits. Table 1.2 gives 10 large twin prime pairs. Let π2 (x) be the number
of twin primes up to x (Table 1.3 gives some values of π2 (x) for different x), then the
twin prime conjecture states that
π2 (x) → ∞,
as x → ∞.
If the probability of a random integer x and the integer x + 2 being prime were statistically
independent, then it would follow from the prime number theorem that
π2 (x) ∼
x
,
(log x)2
(1.7)
x
,
(log x)2
(1.8)
or more precisely,
π2 (x) ∼ c
with
c=2
p≥3
Table 1.3
x
π2 (x)
1−
1
( p − 1)2
.
(1.9)
π2 (x) for some large values
106
107
108
109
1010
1011
8169
58980
440312
3424506
27412679
224376048
Introduction
7
As these probabilities are not independent, so Hardy and Littlewood conjectured that
p( p − 2) x dt
( p − 1)2 2 (log t)2
p≥3
x
dt
≈ 1.320323632
.
(log
t)2
2
π2 (x) = 2
(1.10)
The inﬁnite product in the above formula is the twin prime constant; this constant was estimated to be approximately 0.6601618158 . . .. Using very complicated arguments based
on sieve methods, in his work on the Goldbach conjecture, the Chinese mathematician
Chen showed that there are inﬁnitely many pairs of integers (n, n + 2), with n prime
and n + 2 a product of at most two primes. The famous Goldbach conjecture states that
every even number greater than 4 is the sum of two odd prime numbers. It was conjectured by Goldbach in a letter to Euler in 1742. It remains unsolved to this day. The
best result for this conjecture is due to Chen, who announced it in 1966, but the full
proof was not given until 1973 due to the chaotic Cultural Revolution, that every sufﬁciently large even number is the sum of one prime number and the product of at most two
prime numbers, that is, E = p1 + p2 p3 , where E is a sufﬁciently large even number and
p1 , p2 , p3 are prime numbers. As a consequence, there are inﬁnitely many such twin numbers ( p1 , p1 + 2 = p2 p3 ). Extensions relating to the twin prime numbers have also been
considered. For example, are there inﬁnitely many triplet primes ( p, q, r ) with q = p + 2
and r = p + 6? The ﬁrst ﬁve triplets of this form are as follows: (5, 7, 11), (11, 13, 17),
(17, 19, 23), (41, 43, 47), (101, 103, 107). The triplet prime problem is much harder than
the twin prime problem. It is amusing to note that there is only one triplet prime ( p, q, r )
with q = p + 2 and r = p + 4. That is, (3, 5, 7). The Riemann Hypothesis, the Twin
Prime Problem, and the Goldbach conjecture form the famous Hilbert’s 8th Problem.
3. The distribution of arithmetic progressions of prime numbers.
An arithmetic progression of prime numbers is deﬁned to be the sequence of primes
satisfying:
p, p + d, p + 2d, · · · , p + (k − 1)d
(1.11)
where p is the ﬁrst term, d the common difference, and p + (k − 1)d the last term of the
sequence. For example, the following are some sequences of the arithmetic progression
of primes:
3
5
5
5
11
11
7
17
17
23
23
29
The longest arithmetic progression of primes is the following sequence with 23 terms:
56211383760397 + k ·44546738095860 with k = 0, 1, · · · , 22. Thanks to Green and Tao
who proved in 2007 that there are arbitrary long arithmetic progressions of primes
(i.e., k can be any arbitrary large natural number), which enabled, among others,
Tao to receive a Field Prize in 2006, the equivalent to a Nobel Prize for Mathematics. However, their result is not about consecutive primes; we still do not know
8
Computational Number Theory and Modern Cryptography
if there are arbitrary long arithmetic progressions of consecutive primes, although
Chowa proved in 1944 that there exists an inﬁnity of three consecutive primes of arithmetic progressions. Note that an arithmetic progression of consecutive primes is a sequence of consecutive primes in the progression. In 1967, Jones, Lal, and Blundon
found an arithmetic progression of ﬁve consecutive primes 1010 + 24493 + 30k with
k = 0, 1, 2, 3, 4. In the same year, Lander and Parkin discovered six in an arithmetic
progression 121174811 + 30k with k = 0, 1, 2, 3, 4, 5. The longest arithmetic progression of consecutive primes, discovered by Manfred Toplic in 1998, is 507618446770482 ·
193# + x77 + 210k, where 193# is the product of all primes ≤ 193, that is, 193# =
2 · 3 · 5 · 7 · · · 193, x77 is a 77-digit number 545382416838875826681897035901
10659057865934764604873840781923513421103495579 and k = 0, 1, 2, · · · , 9.
It should be noted that problems in number theory are easy to state, because they are mainly
concerned with integers with which we are very familiar, but often very hard to solve!
Problems for Section 1.1
1. Show that there are inﬁnitely many prime numbers.
2. Prove or disprove there are inﬁnitely many twin prime numbers.
3. Are there inﬁnitely many triple prime numbers of the form p, p + 2, p + 4,
p, p + 2, p + 4 are all prime numbers? For example, 3, 5, 7 are such triple
numbers.
4. Are there inﬁnitely many triple prime numbers of the form p, p + 2, p + 6,
p, p + 2, p + 6 are all prime numbers? For example, 5, 7, 11 are such triple
numbers.
5. (Prime Number Theorem) Show that
lim
x→∞
where
prime
where
prime
π (x)
= 1.
x/ log x
6. The Riemann ζ -function is deﬁned as follows:
∞
1
ζ (s) =
s
n
n=1
where s = σ + it is a complex number. Riemann conjectured that all zeroes of ζ (s) in
the critical strip 0 ≤ σ ≤ 1 must lie on the critical line σ = 12 . That is,
ζ
1
+ it = 0.
2
Prove or disprove the Riemann Hypothesis.
7. Andrew Beal in 1993 conjectured that the equation x a + y b = z c has no positive integer
solutions in x, y, z, a, b, c, where a, b, c ≥ 3 and gcd(x, y) = (y, z) = (x, z) = 1. Beal
has offered $100 000 for a proof or a disproof of this conjecture.
Introduction
9
8. Prove or disprove the Goldbach conjecture that any even number greater than 6 is the
sum of two odd prime numbers.
9. A positive integer n is perfect if σ (n) = 2n, where σ (n) is the sum of all divisors of n.
For example, 6 is perfect since σ (6) = 1 + 2 + 3 + 6 = 2 · 6 = 12. Show n is perfect if
and only if n = 2 p−1 (2 p − 1), where 2 p − 1 is a Mersenne prime.
10. All known perfect numbers are even perfect. Recent research shows that if there exists
an odd perfect number, it must be greater than 10300 and must have at least 29 prime
factors (not necessarily distinct). Prove or disprove that there exists at least one odd
perfect number.
11. Show that there are arbitrary long arithmetic progressions of prime numbers
p, p + d, p + 2d, · · · , p + (k − 1)d
where p is the ﬁrst term, d the common difference, and p + (k − 1)d the last term of
the sequence, and furthermore, all the terms in the sequence are prime numbers and k
can be any arbitrary large positive integer.
12. Prove or disprove that there are arbitrary long arithmetic progressions of consecutive
prime numbers.
1.2 What is Computation Theory?
Computation theory, or the theory of computation, is a branch that deals with whether and
how efﬁciently problems can be solved on a model of computation, using an algorithm. It
may be divided into two main branches: Computability theory and computational complexity
theory. Generally speaking, computability theory deals with what a computer can or cannot
do theoretically (i.e., without any restrictions), whereas complexity theory deals with what
computer can or cannot do practically (with e.g., time or space limitations). Feasibility
or infeasibility theory is a subﬁeld of complexity theory, which concerns itself with what a
computer can or cannot do efﬁciently in polynomial-time. A reasonable model of computation
is the Turing machine, ﬁrst studied by the great British logician and mathematician Alan
Turing in 1936, we shall ﬁrst introduce the basic concepts of Turing machines, then discuss
complexity, feasibility, and infeasiblity theories based on Turing machines.
Deﬁnition 1.1 A standard multitape Turing machine, M (see Figure 1.2), is an algebraic
system deﬁned by
M = (Q, , , δ, q0 , , F)
(1.12)
where
1. Q is a ﬁnite set of internal states;
2. is a ﬁnite set of symbols called the input alphabet. We assume that ⊆ − {};
3. is a ﬁnite set of symbols called the tape alphabet;
10
Computational Number Theory and Modern Cryptography
Finite State
Control Unit
Tape 1
Tape 2
Read-Write Heads
...
...
...
Tape k
Figure 1.2
...
..
...
...
k-tape (k ≥ 1) Turing machine
4. δ is the transition function, which is deﬁned by
(i) if M is a deterministic Turing machine (DTM), then
δ : Q × k → Q × k × {L , R}k
(1.13)
(ii) if M is a nondeterministic Turing machine (NDTM), then
δ : Q × k → 2 Q×
k
×{L ,R}k
(1.14)
where L and R specify the movement of the read-write head left or right. When k = 1,
it is just a standard one-tape Turing machine;
5. ∈ is a special symbol called the blank;
6. q0 ∈ Q is the initial state;
7. F ⊆ Q is the set of ﬁnal states.
Thus, Turing machines provide us with the simplest possible abstract model of computation
for modern digital (even quantum) computers.
Any effectively computable function can be computed by a Turing machine, and there is
no effective procedure that a Turing machine cannot perform. This leads naturally to the
following famous Church–Turing thesis, named after Alonzo Church (1903–1995) and Alan
Turing (1912–1954):
The Church–Turing thesis: Any effectively computable function can be computed by a
Turing machine.
The Church–Turing thesis thus provides us with a powerful tool to distinguish what is
computation and what is not computation, what function is computable and what function

Author Song Y. Yan Isbn 9781118188583 File size 4.5MB Year 2013 Pages 416 Language English File format PDF Category Cryptography Book Description: FacebookTwitterGoogle+TumblrDiggMySpaceShare The only book to provide a unified view of the interplay between computational number theory and cryptography Computational number theory and modern cryptography are two of the most important and fundamental research fields in information security. In this book, Song Y. Yang combines knowledge of these two critical fields, providing a unified view of the relationships between computational number theory and cryptography. The author takes an innovative approach, presenting mathematical ideas first, thereupon treating cryptography as an immediate application of the mathematical concepts. The book also presents topics from number theory, which are relevant for applications in public-key cryptography, as well as modern topics, such as coding and lattice based cryptography for post-quantum cryptography. The author further covers the current research and applications for common cryptographic algorithms, describing the mathematical problems behind these applications in a manner accessible to computer scientists and engineers. * Makes mathematical problems accessible to computer scientists and engineers by showing their immediate application * Presents topics from number theory relevant for public-key cryptography applications * Covers modern topics such as coding and lattice based cryptography for post-quantum cryptography * Starts with the basics, then goes into applications and areas of active research * Geared at a global audience; classroom tested in North America, Europe, and Asia * Incudes exercises in every chapter * Instructor resources available on the book’s Companion Website Computational Number Theory and Modern Cryptography is ideal for graduate and advanced undergraduate students in computer science, communications engineering, cryptography and mathematics. Computer scientists, practicing cryptographers, and other professionals involved in various security schemes will also find this book to be a helpful reference. Download (4.5MB) Coding Theory and Cryptology Advances in Coding Theory and Crytography Group Theoretic Cryptography Cryptography and Secure Communication Making, Breaking Codes: Introduction To Cryptology Load more posts