# Introduction to Cryptography

## Chapter 2 Divisibility and Modular Arithmetic

*"Why are numbers beautiful? It’s like asking why is Beethoven’s Ninth Symphony beautiful. If you don’t see why, someone can’t tell you. I know numbers are beautiful. If they aren’t beautiful, nothing is".* 

**- Paul Erdős**

**Number Theory** is the branch of mathematics that deals with the properties and relationships of numbers, especially the positive integers. Number theory is one of the bedrocks of cryptography.

### Definitions

**Divisibility** : Let *a* and *b* be integers with *a* $\neq$ 0. We say that a divides b(written as a | b) or a is a factor of b if there is an integer c such that b = ac. Or in other words b is a multiple of a.



For Example: a = 2, b = 4. We say a divides b written as a | b(meaning a is a factor of b or b is a multiple of a ) if there exist an **integer** c such that (b/a = c) or (b = ac). So in our example (b/a = 4/2 = 2) or( b = a * 2), where c = 2. 

**Theorem 2.1**
<br>
Let a, b and c are integers.
<br>
* Divisibility is transitive. If **a|b** and **b|c** then **a|c**.
<br>
* If **a|b** and **a|c** then **a|(bx+cy)** for any integers **x** and **y**.
<br>

Let us understand *Divisibility is transitive* by an example. Let a = 2, b = 4, c = 8. From definition of divisibility a|b means( b/a = integer=> 4/2 = 2) and b|c means (c/b = integer=> 8/4 =2).This implies a|c (meaning c/a = integer=> 8/2 = 4). 

Now the second part: *If **a|b** and **a|c** then **a|(bx+cy)** for any integers **x** and **y***. Let a = 3, b = 6, c = 12,x = 2, y = 1. It is very clear that a|b(b/a = 2)and a|c (c/a = 4). Now bx+cy = 6*2 + 12*1 = 24. **a|(bx+cy)** = 3|24 (meaning 24/3 = 8)

**Primes**:  An integer *p* > 1 is called prime if the only positive factors of *p* are 1 and itself. An integer *a* > 1 that is not prime is called composite.
<br> 

For example: **Prime numbers** are the ones that can be divided by only two positive integers namely itself and 1 i.e prime numbers have only two factors. 19 can be divided only by 1 and 19. Since 19 has only two factors it is a prime number.

For example: **Composite numbers** are the ones that can be divided by more than two positive integers i.e. composite numbers have more than two factors.
8 can be divided by 1, 2, 4, and 8. Since 8 has more than two factors it is composite.
<br>
Now a very interesting qyestion : *Is 1 prime or composite* ?

1 can be divided by just one positive integer which is 1 itself i.e. 1 has only one factor.
So 1 does not fit in the definition of either prime or composite number.
Hence 1 is *neither prime nor composite*.

**Theorem 2.2** : Fundamental Theorem of Arithmetic
<br>
Every postive integer a > 1 can be uniquely expressed as the product of primes.  In other words, there exist unique prime numbers p1 < p2 <.... < pn and corresponding $$ a =  {p1}^{{\alpha}_1} {p2}^{{\alpha}_2} .... {pn}^{{\alpha}_n}$$  where $$ \alpha_1, \alpha_2, \alpha_n  \in \mathbb{Z}_{+}$$

<br>
For example: Let a = 120. The number 120 can be expressed as: **120 = 2 x 2 x 2 x 3 x 5 = $ 2^3 * 3 * 5 $** where p1 = 2, p2 = 3, p3 = 5, $$\alpha_1 = 3, \alpha_2 = 1, \alpha_3 = 1$$.

### Coding Exercise

* Implement a program to find the prime factors of a number 

In [1]:
function PrimeFactors(n)

FactorList = [];
factor = 2;
nnew = n; 
    while factor <= sqrt(nnew)
        if mod(nnew,factor) == 0
        FactorList = push!(FactorList, factor)
            nnew = nnew/factor
    else
        factor = factor + 1;
    end
    
end
    FactorList = push!(FactorList, nnew)
end

PrimeFactors (generic function with 1 method)

In [3]:
PrimeFactors(26)

2-element Array{Any,1}:
  2  
 13.0

**Thinking Exercise** : In the above code why we are checking only upto sqrt(number) i.e ..** while factor <= sqrt(nnew)** Instead of the above code try running the code given below. What makes the first code more efficient than the code given below.

In [11]:
n =  17;
nnew  = copy(n);
factor = 2;
Factorlist =[];
while (factor <= n)
if (mod(nnew,factor) == 0)
    nnew = nnew/factor;
        Factorlist = push!(Factorlist,factor);
    else 
        factor = factor + 1;
    end
end

        
    


In [12]:
Factorlist

1-element Array{Any,1}:
 17

**Theorem 2.3**
<br> 
There are infinitely many primes.

**Greatest Common Integers and Relatively Prime Integers**

Let *a* and *b* be two integers and not both equal to zero. Then **gcd(a,b)** is the largest integer *d* that divides both *a* and *b*.
<br>
If gcd(a,b) = 1, then we say that *a* and *b* are relatively prime.
<br>
Find gcd(50,165)
<br>
50 = $2^{2} * 5 * 1$ , 165 = $3 * 5 * 11 * 1$
<br>
Here 5 is the greatest common divisor that divides both a and b i.e (5|50 and 5|165)

**Least Common Multiple**

**lcm(a,b)** is the smallest integer *m* that is divisible by both *a* and *b*
<br>
For example : Find lcm(12,28)
<br>
Let us take the multiples if 12 and 28 and see which is smallest common integer that is divisible by both 12 and 28.
<br>

Multiples of 12 | 12 | 24 | 36 | 48 | 60 | 72 | *84* | 96 |
--- |
Multiples of 28 | 28 | 56 |** *84* ** | __ | __ | __ | __ |  __

<br>
Clearly is *84* is the least common multiple that is divisible by both *12* and *28*.


**The Division Algorithm**

If *a* is an integer and *d* is any positive integer, then there exist unique integers *q* and *r* satisfying 0 $\leq$ r < d, such that *a = dq + r*. Here *a* is called the dividend, *d* is called the divisor, *q* is called the quotient, and *r* is called the remainder.

For example : a = 5, d = 2; then $q = floor(a/d) => floor(5/2) = 2$ and $r =  a - d * q => 5 -2*2 = 1$
<br> 
$a = d*q + r => 2 * 2 + 1 = 5$

**Floor Function** : is a function from the set of real numbers to the set of integers, defined by

floor(x) = $\lfloor x  \rfloor$ = the greatest integer *k* that is less than or equal to *x*. For example, floor(5.7) = 5.

### Coding Exercise

* Implement the Division Algorithm

In [19]:
#Division Algorithm
function DivAlg(a,d)
    #  a is the dividend
    # d id the divisor
    q = floor(a/d);
    r = a - d * q;
    return q,r;
end



DivAlg (generic function with 1 method)

In [20]:
(q,r) = DivAlg(5,2)

(2.0,1.0)

**The Euclidean Algorithn**

In Euclidean algorithm, we repeatedly apply division algorithm. It is based on the following propety.

If *a*, *d*, *q*, *r* are the dividend, divisor, quotient and remainder respectively, then **gcd(a,d) = gcd(d,r)** .
<br>
From Theorem 2.1(b)  * If **a|b** and **a|c** then **a|(bx+cy)** for any integers **x** and  * **y**. Now consider the case ** a = dq + r **, if **e|d** and **e|r** then **e|(dq+r)** => **e|a**. Rearranging, we get **r = a - dq**, since **e|a** and **e|d** then **e|(a-dq)** => **e|r**. This means the set of all common divisors for *r* and *d* is equal to the set of all common divisors for *a* and *d*.

For example: Find gcd(100,24)

Factors of 100| 2 | 2 | 5 | 5 |
---|
**Factors of 24** |** 2 **| **2** | 2 | 3 
<br>
From above table the gcd(100,24) = $ 2 * 2 $ = 4
<br> 
Now using **Euclidean Algorithm** gcd(a,d) = gcd(d,r)

$100 = 24 * 4 + 4  $
<br>
$24 = 4 * 6 + 0 $
<br>
The last divisor i.e.. 4 is the solution

Example 2: Find gcd(100,78)

Now applying *Eucledian Algorithm*:
$Dividend  =  Divisor * quotient + Remainder => a = d * q + r$
<br>
Step1 : 100 = 78 x 1 + 22
<br>
Step2 : 78 = 22 x 3 + 12
<br>
Step3 : 22 = 12 x 1 + 10
<br>
Step4: 12 = 10 x 1 + 2
<br>
Step5 : 10 = 2 x 5 + 0
<br>
From Euclidean algorithm we know the last divisor 2 is the solution i.e.. gcd(100,78). during each step, If **r1(remainder) ≠ 0**,then continue by dividing the successive divisors by successive remainders until a zero remainder is reached.


**Algorithm**

 **Input** : A pair of integers *a* and *b*, not both equal to zero
 <br>
 **Output** : gcd(a,b)
 <br>
 *Step 1* : Let us assume a $a\geq b$. If not switch *a* and *b*.
 <br>
 *Step 2* : Apply the division algorithm to write ** $ a = q1 * b + r1$**
 <br>
 *Step 3* : If **r1 = 0**, **gcd(a,b) = b**.
 <br>
 *Step 4* : If **r1  ≠  0**,then continue by dividing the successive divisors by successive remainders until a zero remainder is reached.

### Coding Exercise

* Implement Euclidean algorithm

In [26]:
function EuclidAlg(a,b)
#**Input** : A pair of integers *a* and *b*, not both equal to zero
#**Output** : gcd(a,b)

aa = max(a,b);
dd = min(a,b);
q = floor(aa/dd);
r = aa - q * dd;



while r > 0
    aa = dd;
    dd = r;
    q = floor(aa/dd);
    r = aa - dd * q;
    
end
d = dd; # The last non -zero remainder
end



In [27]:
EuclidAlg(100,78)

2.0

** Extended Euclidean Algorithm**

*Input* : A pair of positive integers *a* and *b* with a $\geq$ b.
<br>
*Output* : Three integers, d = gcd(a,b), x and y which satisfies the equation $d = a * x + b * y$

For example: a = 100; b = 78;
Now applying *Eucledian Algorithm*:
$Dividend  =  Divisor * quotient + Remainder => a = d * q + r$
<br>
Step1 : 100 = 78 x 1 + 22
<br>
Step2 : 78 = 22 x 3 + 12
<br>
Step3 : 22 = 12 x 1 + 10
<br>
Step 4: 12 = 10 x 1 + 2
<br>
Step5 : 10 = 2 x 5 + 0
<br>
From Euclidean algorithm we know the last divisor 2 is the solution i.e.. gcd(100,78). During each step, If **r1(remainder) ≠ 0**, then continue by dividing the successive divisors by successive remainders until a zero remainder is reached.

Now Extended Euclidean algorithm gives three integers d = gcd(a,b), x and y which satisfies the equation $d = a * x + b * y$ as output.
<br>

*Step1*
* From the above example the remainder from Step4 can be represented as  **gcd(100,78) = 4 = 22 - 12 x 1**
<br> 
* The remainder from Step3 can be represented as **10 = 12 - 2**. Similarly the remainders from Step2 and Step1 can be represented as **12 = 78 - 22 x 3** and **22 = 100 - 78 x 1** respectively. 
* Our aim is to write **$gcd(100,78) = 100 * x + 78 * y$** .
<br>
*Step2*
<br>
* We know 2 = 12 - 10. Now replacing 12 by (78 - 22 x 3) and replacing 10 by  (22 - 12)
<br>
* 2 = (78 - 22 x 3) -(22 - 12).
<br>
* Now replacing 22 by (100 -78) in  the above equation.
<br>
* 2 = (78 - (100 -78) x 3) - ((100 - 78) - 12)
<br>
* Now replacing 12 by (78 - 22 x 3)
<br> 
* 2 = (78 - (100 -78) x 3) - ((100 - 78) - (78 - 22 x 3))
* Now replacing 22 by (100 -78) in  the above equation
* 2 = (78 - (100 -78) x 3) - ((100 - 78) - (78 -(100 -78) x 3))
* 2 = - 7 x 100 + 9 x 78


### Coding Exercise 

* Implement Euclidean algorithm

In [24]:
function EuclidAlgExt(a,b)
    aa = max(a,b);
    bb = min(a,b);
    U = [aa 1 0];
    V = [bb 0 1];
    while V[1] > 0
        W = U - floor(U[1]/V[1]) * V;
        U = V;
        V = W;
    end
    d = U[1];
    x = U[2];
    y = U[3];
    OutVec = [d x y];
end

EuclidAlgExt (generic function with 1 method)

In [28]:
a = 100;
b = 78;
EuclidAlgExt(a,b)

1×3 Array{Float64,2}:
 2.0  -7.0  9.0

### Modular Arithmetic and Congruences

*" It is not knowledge, but the act of learning, not possession but the act of getting there, which grants the greatest enjoyment." *
 ** - Carl Friedrich Gauss**



<img src="carl.jpg" align =left height="200" width="200" >
<br>
Figure2.1 Carl Friedrich Gauss
<br>

*Carl Friedrich Gauss* was a German mathematician who had made significant contribution in   the field of number theory, algebra, statistics, analysis, differential geometry, geodesy, geophysics, mechanics, electrostatics, astronomy, matrix theory, and optics. His work on *congruences and modular arithmetic* plays a crucial role in various cryptosystems
<br>

 ** Definition**  
 <br>
 Let *m* be a positive integer. We say that two integers a and b are ** congruent mod(ulo) *m* **, and denote this as **a  ≡ b x (mod m)**, if m | (a - b). The number **m** is called the modulus of the congruency. If m $\nmid$ ( a- b), we say that a  and b are ** incongruent mod *m* **, and write this as
 <br>
 **a  ≢  b x mod(m)**

For example: Check 20 $\equiv$ 10 x mod(5) is valid?
<br>
From definition of conruent modulo, **a  ≡ b x (mod m)** implies m divides (a - b) written as m | (a - b). Here a = 20, b = 10, m = 5. This means 20  ≡ 10 x mod(5) is valid.

** Basic Properties of Congruences **

* **Reflexivity** - a  ≡ a(mod *m*) for any integer a
* **Symmetry** - If a  ≡ b(mod *m*), then b  ≡ a(mod *m*) for any integers a, b.
* **Transitivity** - If a  ≡ b(mod *m*) and b  ≡ a(mod *m*), then a  ≡ c(mod *m*) for any integers a,b,c.

### Modular Integer Systems

If *m* is a positive integer, the set of integers modulo *m*, denoted by $\mathbb{Z}_m$ is the set of possible remainders when dividing by *m* :
<br>
$\mathbb{Z}_m$ = {0, 1, 2, ...., m-1}
<br>
* We define the arithmetic operations of addition, subtraction, multiplication and exponentiation on $\mathbb{Z}_m$ by performing corresponding arithmetic operations on the integers, converting, whenever convenient, in the final answer to an element of $\mathbb{Z}_m$ 

** Addition Table for $\mathbb{Z}_5$**
<br>
$\mathbb{Z}_5$ = {0, 1, 2, 3, 4}

<img src="mod5png" align =left height="200" width="200" >

** Multiplication table for $\mathbb{Z}_5$**

<img src="mod5mult.GIF" align =left height="200" width="200" >


**Modular Inverses**

For any a $\in$ $\mathbb{Z}_m$, we say that a is invertible (or a has a inverse) if there exist another element $a^{-1}$ such that **a . $a^{-1}$ = $a^{-1}$ . a = 1 **. The element $a^{-1}$ if it exist is called multiplicative inverse of a.

Implement a program to find the modular inverse of a number

In [44]:
function ModInv(a,n)

    (d,x,y) = EuclidAlgExt(a,n);
    if d > 1
        error("The number d = $d has no inverse");
    end
    if a < n
    ainv = mod(y,n);
else 
    ainv = mod(x,n);
end
end



ModInv (generic function with 1 method)

In [45]:
a = 4;
n = 5;
ModInv(a,n)

4.0

In [51]:
function moduinv(a,n)
    # a is the number
    # n is the modulo n
out = [];
for i = 0 : n-1
    if mod(a * i,n) == 1
        out = i;
        println(out)
        end
end
if out == []
    println("No Inverse")
end
end

moduinv (generic function with 1 method)

### Reference


[1] Stanoyevitch, Alexander. Introduction to Cryptography with mathematical foundations and computer implementations. CRC Press, 2010.