# Математические основы защиты информации
# Лабораторная работа №3
# Алгебраические уравнения в кольце вычетов

In [1]:
"""
    pow(number, power, base)
"""
function pow(number::Signed, power::Signed, base::Signed)::BigInt
    power = digits(power, base=2);
    result = BigInt(1);
    for i = length(power):-1:1
        result = BigInt(result^2 * number^power[i]) % base;
    end;

    return result;
end

pow

## Задание 1.
Китайская теорема об остатках

In [2]:
"""
    crt(b, n)

Chinese remainder theorem
"""
function crt(b::Vector{<:Integer}, n::Vector{<:Signed})
    N = prod(n)*ones(length(n)) ./ n .|> Signed;
    C = [invmod(N[i], n[i]) for i=1:length(n)];
    return (N.*C.*b |> sum) % prod(n);
end

crt

In [3]:
@time crt([1,2,4], [3,7,5])

  0.000004 seconds (9 allocations: 848 bytes)


79

## Задание 2.

In [4]:
"""
    garner(b, n)

Garner algorithm
"""
function garner(b::Vector{<:Integer}, n::Vector{<:Signed})
    N = 1;
    x = b[1] % n[1];
    
    for i=2:length(n)
        N *= n[i-1];
        C = invmod(N, n[i]);
        y = (C * (b[i] - x)) % n[i];
        x += N * y;
    end
    
    return (x + prod(n)) % prod(n);
end

garner

In [5]:
@time garner([1,2,4], [3,7,5])

  0.000002 seconds (2 allocations: 224 bytes)


79

## Задание 3.
Алгоритм Шенкса решения уравнения $x^2\equiv a (mod p)$.

In [6]:
"""
    qr(a, p)

Quadratic residue
"""
qr(a, p)::Bool = isodd(p) && pow(a, (p-1)/2 |> BigInt, p) == 1;

In [7]:
qr(1, 3)

true

In [8]:
"""
    qnr(a, p)

Quadratic non-residue
"""
qnr(a, p)::Bool = isodd(p) && pow(a, (p-1)/2 |> BigInt, p) == p-1;

In [9]:
qnr(3, 5)

true

In [10]:
function st(n::Integer)
    for s=0:BigInt(floor(log2(n)))
        t, r = divrem(n, 2^s);
        r == 0 && isodd(t) && return (s, t);
    end
    
    throw(error("Wrong number pattern"));
end

st (generic function with 1 method)

In [11]:
"""
    tsha(a, p)

Tonelli–Shanks algorithm
"""
function tsha(a::Signed, p::Signed)
    !qr(a, p) && throw(error("Not a quadratic residue"));
    
    s, t = st(p-1);
    
    b = rand(1:p-1);
    while !qnr(b, p)
        b = rand(1:p-1);
    end
    b = pow(b, t, p);
    r = pow(a, (t+1)/2 |> BigInt, p);
    
    d = 0;
    f = pow(a, t, p);
    c = b;
    for i=1:s-1
        c = pow(c, 2, p);
        if pow(f, 2^(s-1-i), p) != 1
            d += 2^i;
            f = f * c % p;
        end
    end
    
    return r * pow(b, d/2 |> BigInt, p) % p;
end

tsha

In [12]:
@time tsha(5, 41)

  0.000108 seconds (642 allocations: 32.445 KiB)


28

# Задание 4.
Символ Якоби.

In [13]:
"""
    jacobi(a, n)

Jacobi symbol
"""
function jacobi(a::Integer, n::Signed)
    iseven(n) && throw(error("Is even"));
    n == 1 && return 1;
            
    if a < 0
        a = -a;
        J *= (-1)^((n-1)/2);
    end
    
    J = 1;
    while true
        n == 1 && return J;
        a == 0 && return 0;
        s, t = st(a);
        J = isodd(s) && (n%8 == 3 || n%8 == 5) ? -J : J;
        J = n%4 == 3 && t%4 == 3 ? -J : J;
        a = n % t;
        n = t;
    end
end 

jacobi

In [14]:
p1 = 16395155176313139322021;
p2 = 1362766142559093439411703;
n = p1 * p2;

In [15]:
@time jacobi(11, n)

  0.074418 seconds (261.33 k allocations: 13.413 MiB)


-1

## Задание 5.
Квадратичный вычет по составному модулю

In [16]:
n = 29954257713341844882726300212966880336533960633968103018144945331133333436371206699195734174880801349;
c = [49; 4;
    29330039703069592573912994857286914210924413792661006744025887306232993847934692302536653638905430689;
    25233429919459802239726263188269030718225203863882357883976924180074984218686730911220223061682236019;
    2;]

5-element Array{BigInt,1}:
                                                                                                    49
                                                                                                     4
 29330039703069592573912994857286914210924413792661006744025887306232993847934692302536653638905430689
 25233429919459802239726263188269030718225203863882357883976924180074984218686730911220223061682236019
                                                                                                     2

In [17]:
[jacobi(c[i], n) for i=1:5]

5-element Array{Int64,1}:
  1
  1
  0
  1
 -1

In [18]:
[gcd(n, c[i]) for i=1:5]

5-element Array{BigInt,1}:
                                                   1
                                                   1
 171260152116800341740531314682536345379223656174383
                                                   1
                                                   1

In [19]:
q = gcd(n, c[3])

171260152116800341740531314682536345379223656174383

In [20]:
p = n / q |> BigInt

174905004714189910096422652301459480149207498675403

In [21]:
solve(i::Int) = let xq = tsha(c[i], q), xp = tsha(c[i], p)
    (garner([xq, xp], [q, p]), garner([-xq, xp], [q, p]), garner([xq, -xp], [q, p]), garner([-xq, -xp], [q, p]))
end

solve (generic function with 1 method)

In [22]:
solve(1)

(7, 28694770007636031336116196384535128720971217318018121377246007941640241857292034492166652758485725075, 1259487705705813546610103828431751615562743315949981640898937389493091579079172207029081416395076274, 29954257713341844882726300212966880336533960633968103018144945331133333436371206699195734174880801342)

In [23]:
solve(2)

(21755751996874407358121672674528272130542184257391496910360371633521835762859196844290976243884879899, 29954257713341844882726300212966880336533960633968103018144945331133333436371206699195734174880801347, 2, 8198505716467437524604627538438608205991776376576606107784573697611497673512009854904757930995921450)

In [24]:
solve(3)

ErrorException: [91mNot a quadratic residue[39m

In [25]:
x = solve(4)

(14022534859511198537277077996798959599563585324320536149125594932716226510632738816002975599187582958, 13080249596349550541677252890051573271525694181208882414787429012805000040874343663158497103911169077, 16874008116992294341049047322915307065008266452759220603357516318328333395496863036037237070969632272, 15931722853830646345449222216167920736970375309647566869019350398417106925738467883192758575693218391)

In [26]:
solve(5)

ErrorException: [91mNot a quadratic residue[39m

In [27]:
[jacobi(x[i], n) for i=1:4]

4-element Array{Int64,1}:
  1
 -1
 -1
  1

In [28]:
[pow(x[i], 2, n) == c[4] for i=1:4]

4-element Array{Bool,1}:
 1
 1
 1
 1