## Reading: Modular Exponentiation

In [5]:
def fast_modular_exponentiation(b, e, m):
    assert m > 0 and e >= 0
#    print(f"b = {b} e = {e} m = {m}")
    if e == 0:
        return 1
    if e == 1:
        return b
    if e % 2 == 0:
        return fast_modular_exponentiation((b * b) % m, e // 2, m)
    else:
        return (fast_modular_exponentiation(b, e - 1, m) * b) % m


Estimate upper bound for number of multiplications.

$x^n$ (for some $n > 1$) can be computed in at most $2\ log_{2}\ n$ multiplications.

In [3]:
import math
math.log(271, 2)

8.082149041353873

$314^{271}\ mod\ 123$

In [2]:
fast_modular_exponentiation(314, 271, 123)

b = 314 e = 271 m = 123
b = 314 e = 270 m = 123
b = 73 e = 135 m = 123
b = 73 e = 134 m = 123
b = 40 e = 67 m = 123
b = 40 e = 66 m = 123
b = 1 e = 33 m = 123
b = 1 e = 32 m = 123
b = 1 e = 16 m = 123
b = 1 e = 8 m = 123
b = 1 e = 4 m = 123
b = 1 e = 2 m = 123
b = 1 e = 1 m = 123


38

In [8]:
fast_modular_exponentiation(314159265358, 2718281828, 123456789)

32073907

$314159265358^{2718281828}\ mod\ 123456789$


In [4]:
b = 314159265358
e = 2718281828
m = 123456789
assert fast_modular_exponentiation(b, e, m) == pow(b, e, m)

The number of multiplications when computing $x^n$ (for $n >= 1$) with this function/method using binary notation is:

*(number of bits in $n$) + (number of ones in $n$) - 2*

where counting the bit and ones in $n$ we use the binary representation of $n$.

In [4]:
bin(77)

'0b1001101'

## Reading: Fast Modular Exponentiation
$b_i = b^{2^i} mod\ m$

In [3]:
# Return b_i array (list) where range of index "i" is from 0 to k.
def bkm(b, k, m):
    x = [ b % m ]
    for i in range(1, k + 1):
        b_i = x[i-1] * x[i-1] % m
        x.append(b_i)
    return x

In [4]:
# Check b_i array. Same example, but with a power of 2 exponent.
assert bkm(314, 256, 123)[256] == pow(314, 256, 123)

In [5]:
def bem(b, e, m):
    assert e >= 0 and m > 0
    e_i = bin(e)[2:] # Remove "0b" prefix.
    e_i = e_i[::-1] # Reverse string such that e_0 is first.

    product = 1
    k = len(e_i)
    b_i = bkm(b, k, m)
    for i, val in enumerate(e_i):
        if val == "1":
            product = product * b_i[i] % m
    
    return product


In [7]:
assert bem(314, 271, 123) == pow(314, 271, 123)