*A Course in Cryptography* by Heiko Knospe, American Mathematical Society, Pure and Applied Undergraduate Texts 40

## Code examples of Chapter 4 - Algebraic Structures

This SageMath notebook by Heiko Knospe is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 International License</a>.

Download SageMath from http://www.sagemath.org/download.

Check whether $g \in \mathbb{Z}^*_p$ is a generator, i.e., a primitive root modulo $p$.

In [1]:
def checkgen(g,p):
    if is_prime(p) == False: 
        return "not a prime"
    if gcd(g,p) != 1:
        return "not invertible mod p"
    result = True;
    n = p-1 # order of GF(p)
    for q in prime_factors(n):
        b = power_mod(g,n//q,p)
        if b==1:
            result = False # g is not a generator
            break
    return result

In [2]:
p=2535301200456458802993406412663; g=3; 
checkgen(g,p)

False

In [3]:
g=5
checkgen(g,p)

True

In [4]:
factor(p-1) # element orders are divisors of p-1

2 * 1267650600228229401496703206331

In [5]:
q=1267650600228229401496703206331 # p-1=2q
power_mod(3,q,p) # ord(3)=q

1

In [6]:
power_mod(5,q,p) # ord(5)=p-1, i.e., 5 is a primitive root.

2535301200456458802993406412662

In [7]:
mod(5,p).multiplicative_order() == p-1 # use SageMath to check that ord(5)=p-1.

True

Computations in the polynomial ring $GF(2)[x]$.

In [8]:
R.<x> = PolynomialRing(GF(2),x)
f = x^6+x^5+x^3+x^2+x+1
g = x^4+x^3+1
q= f // g
r= f % g
print(q) # quotient
print(r) # remainder
print(q*g+r) # f=q*g+r

x^2
x^3 + x + 1
x^6 + x^5 + x^3 + x^2 + x + 1


In [9]:
gcd(x^3+1,x^2+1) # gcd in R=GF(2)[x]

x + 1

In [10]:
R.<x> = PolynomialRing(GF(2), x)
g=x^8+x^4+x^3+x+1

In [11]:
g.is_irreducible() # g is irreducible over GF(2)

True

In [12]:
K.<a>=R.quotient_ring(g) # quotient ring is the field K=GF(256)

`a` represents $\ x \mod g$. 

In [13]:
a^7*(a+1) # computation in the residue field K

a^7 + a^4 + a^3 + a + 1

In [14]:
1/(a+1) # multiplicative inverse in K

a^7 + a^6 + a^5 + a^4 + a^2 + a

Exercise 5. 

Use the function `checkgen` defined above.

In [15]:
checkgen(2,23)

False

In [16]:
checkgen(5,23) # generator with maximum order 22

True

Exercise 6.

In [17]:
checkgen(2,19) # ord(2)=18

True

In [18]:
checkgen(5,19) # ord(5)=9

False

Exercise 16.

In [19]:
R.<x> = PolynomialRing(GF(2), x)
h=1+x+x^6; h.is_irreducible() # example of an irreducible polynomial of degree 6 over GF(2)

True

Exercise 17.

In [20]:
R.<x> = PolynomialRing(GF(2), x)
R(x^256-x).factor() 
# one of the factors is x^8+x^4+x^3+x+1

x * (x + 1) * (x^2 + x + 1) * (x^4 + x + 1) * (x^4 + x^3 + 1) * (x^4 + x^3 + x^2 + x + 1) * (x^8 + x^4 + x^3 + x + 1) * (x^8 + x^4 + x^3 + x^2 + 1) * (x^8 + x^5 + x^3 + x + 1) * (x^8 + x^5 + x^3 + x^2 + 1) * (x^8 + x^5 + x^4 + x^3 + 1) * (x^8 + x^5 + x^4 + x^3 + x^2 + x + 1) * (x^8 + x^6 + x^3 + x^2 + 1) * (x^8 + x^6 + x^4 + x^3 + x^2 + x + 1) * (x^8 + x^6 + x^5 + x + 1) * (x^8 + x^6 + x^5 + x^2 + 1) * (x^8 + x^6 + x^5 + x^3 + 1) * (x^8 + x^6 + x^5 + x^4 + 1) * (x^8 + x^6 + x^5 + x^4 + x^2 + x + 1) * (x^8 + x^6 + x^5 + x^4 + x^3 + x + 1) * (x^8 + x^7 + x^2 + x + 1) * (x^8 + x^7 + x^3 + x + 1) * (x^8 + x^7 + x^3 + x^2 + 1) * (x^8 + x^7 + x^4 + x^3 + x^2 + x + 1) * (x^8 + x^7 + x^5 + x + 1) * (x^8 + x^7 + x^5 + x^3 + 1) * (x^8 + x^7 + x^5 + x^4 + 1) * (x^8 + x^7 + x^5 + x^4 + x^3 + x^2 + 1) * (x^8 + x^7 + x^6 + x + 1) * (x^8 + x^7 + x^6 + x^3 + x^2 + x + 1) * (x^8 + x^7 + x^6 + x^4 + x^2 + x + 1) * (x^8 + x^7 + x^6 + x^4 + x^3 + x^2 + 1) * (x^8 + x^7 + x^6 + x^5 + x^2 + x + 1) * (x^8 + x

Exercise 21.

In [21]:
A=matrix(CC,[[1+i,1-i],[1-i,1+i]])*.5

In [22]:
A.inverse()

[0.500000000000000 - 0.500000000000000*I 0.500000000000000 + 0.500000000000000*I]
[0.500000000000000 + 0.500000000000000*I 0.500000000000000 - 0.500000000000000*I]

In [23]:
A.inverse()==A.conjugate_transpose() # A is unitary

True

Exercise 23.

In [24]:
A=matrix(GF(2),[[1,1,1],[1,1,0],[0,1,1]])  # f(x)=Ax+b

In [25]:
A.inverse() 

[1 0 1]
[1 1 1]
[1 1 0]

Then $f^{-1}(x)=A^{-1}(x)-A^{-1}(b)=A^{-1}(x+b)$.

Exercise 24.

In [26]:
V=matrix(GF(2),[[0,0,1],[1,0,1],[0,1,1]]) 

In [27]:
W=matrix(GF(2),[[1,1,1],[0,0,1],[0,1,1]]) 

In [28]:
W*(V.inverse()) # matrix of f

[1 1 1]
[1 0 0]
[0 0 1]

In [None]:
factorial(1000000) # 10!

In [3]:
import time

time_start=time.time()
factorial(100000000)
time_end=time.time()
print('time cost',time_end-time_start,'s')

time cost 54.47358584403992 s


In [7]:
factor(1024) 
prime_divisors(1024)
divisors(1024) #所有因子

[1, 2, 4, 8, 16, 32, 64, 128, 256, 512, 1024]

In [6]:
prime_divisors(1024)

[2]

In [4]:
q = (2^61) - 1