### UC Berkeley, MICS, W202-Cryptography
### Week 04 Breakout 1
### Discrete Logarithms - Finding Generators (Primitive Roots) for a Discrete Logarithm using Brute Force

Discrete Logarithm Problem: give a large prime p, a generator (primitive root) g, a in 1..(p-1) inclusive, find k such that g ^ k is congruent to a (mod p)

Solving the discrete logarithm problem is computationally intractible given a large prime p.  

A generator (primitive root), when raised to powers between 1..(p-1) inclusive, produces all values from 1..(p-1) inclusive

The subject of this breakout is how to find a generator (primitive root) for a discrete logarithm using brute force, using ridiculously low numbers for learning purposes only.  

Finding a generator for a large p in computationally intractible, unless we use our special method of p = 2q + 1, which we will cover in the next breakout.

For a small prime p, we can find all generators (primitive root) by brute force:

* we will loop through each integer a from 1 to (p - 1) inclusive and check to see if it is a generator

* for each integer a we loop i from 1 to (p - 1) inclusive, find a ^ i (mod p)

* if any a ^ i (mod p) is 1, except for a ^ (p - 1) (mod p), then a is NOT a generator

* we will also see below that the period of a ^ i (mod p) ends with 1

* note the generators always have a period of (p - 1), essentially the period never repeats

* note the non-generators will have a period < (p - 1), and note that their period repeats



In [1]:
from sage.all import *

In [2]:
def my_find_discrete_log_generator_brute_force(p):
    "given a prime p, find all generators for a discrete logarithm modulo prime p by brute force"
    
    if not is_prime(p):
        print ("p must be prime!")
        return
    
    print ("\nThe period of a generator must be (p-1), so if a 1 occurs before the (p-1) position, we know it's not a generator")
    print ("\nAs you can see, 1 and (p-1) will never be generators\n")
    
    print ("Finding all discrete logarithm generators (primitive roots) for modulo prime ", p, "\n")
    
    generators = []
    
    for a in range(1,p):
        
        print ("  Checking " + str(a) + " to see if it's a discrete logarithm generator (primitive root) in modulo prime " + str(p))
        
        is_generator = True
        
        a_2_i_list = []
        
        for i in range(1,p):
            
            a_2_i = power_mod(a, i, p)
            
            a_2_i_list.append(a_2_i)
            
            if a_2_i == 1 and i != (p - 1):
                is_generator = False
                
            
        print ("    ", a_2_i_list)
        
        if is_generator:
            print ("     generator\n")
            generators.append(a)
        else:
            print ("     NOT a generator\n")
        
    print ("\nDiscrete logarithm generators for modulo prime " + str(p) + ":", generators)

In [3]:
my_find_discrete_log_generator_brute_force(3)


The period of a generator must be (p-1), so if a 1 occurs before the (p-1) position, we know it's not a generator

As you can see, 1 and (p-1) will never be generators

Finding all discrete logarithm generators (primitive roots) for modulo prime  3 

  Checking 1 to see if it's a discrete logarithm generator (primitive root) in modulo prime 3
     [1, 1]
     NOT a generator

  Checking 2 to see if it's a discrete logarithm generator (primitive root) in modulo prime 3
     [2, 1]
     generator


Discrete logarithm generators for modulo prime 3: [2]


In [4]:
my_find_discrete_log_generator_brute_force(5)


The period of a generator must be (p-1), so if a 1 occurs before the (p-1) position, we know it's not a generator

As you can see, 1 and (p-1) will never be generators

Finding all discrete logarithm generators (primitive roots) for modulo prime  5 

  Checking 1 to see if it's a discrete logarithm generator (primitive root) in modulo prime 5
     [1, 1, 1, 1]
     NOT a generator

  Checking 2 to see if it's a discrete logarithm generator (primitive root) in modulo prime 5
     [2, 4, 3, 1]
     generator

  Checking 3 to see if it's a discrete logarithm generator (primitive root) in modulo prime 5
     [3, 4, 2, 1]
     generator

  Checking 4 to see if it's a discrete logarithm generator (primitive root) in modulo prime 5
     [4, 1, 4, 1]
     NOT a generator


Discrete logarithm generators for modulo prime 5: [2, 3]


In [5]:
my_find_discrete_log_generator_brute_force(7)


The period of a generator must be (p-1), so if a 1 occurs before the (p-1) position, we know it's not a generator

As you can see, 1 and (p-1) will never be generators

Finding all discrete logarithm generators (primitive roots) for modulo prime  7 

  Checking 1 to see if it's a discrete logarithm generator (primitive root) in modulo prime 7
     [1, 1, 1, 1, 1, 1]
     NOT a generator

  Checking 2 to see if it's a discrete logarithm generator (primitive root) in modulo prime 7
     [2, 4, 1, 2, 4, 1]
     NOT a generator

  Checking 3 to see if it's a discrete logarithm generator (primitive root) in modulo prime 7
     [3, 2, 6, 4, 5, 1]
     generator

  Checking 4 to see if it's a discrete logarithm generator (primitive root) in modulo prime 7
     [4, 2, 1, 4, 2, 1]
     NOT a generator

  Checking 5 to see if it's a discrete logarithm generator (primitive root) in modulo prime 7
     [5, 4, 6, 2, 3, 1]
     generator

  Checking 6 to see if it's a discrete logarithm generator (

In [6]:
my_find_discrete_log_generator_brute_force(11)


The period of a generator must be (p-1), so if a 1 occurs before the (p-1) position, we know it's not a generator

As you can see, 1 and (p-1) will never be generators

Finding all discrete logarithm generators (primitive roots) for modulo prime  11 

  Checking 1 to see if it's a discrete logarithm generator (primitive root) in modulo prime 11
     [1, 1, 1, 1, 1, 1, 1, 1, 1, 1]
     NOT a generator

  Checking 2 to see if it's a discrete logarithm generator (primitive root) in modulo prime 11
     [2, 4, 8, 5, 10, 9, 7, 3, 6, 1]
     generator

  Checking 3 to see if it's a discrete logarithm generator (primitive root) in modulo prime 11
     [3, 9, 5, 4, 1, 3, 9, 5, 4, 1]
     NOT a generator

  Checking 4 to see if it's a discrete logarithm generator (primitive root) in modulo prime 11
     [4, 5, 9, 3, 1, 4, 5, 9, 3, 1]
     NOT a generator

  Checking 5 to see if it's a discrete logarithm generator (primitive root) in modulo prime 11
     [5, 3, 4, 9, 1, 5, 3, 4, 9, 1]
     NOT 

In [7]:
my_find_discrete_log_generator_brute_force(13)


The period of a generator must be (p-1), so if a 1 occurs before the (p-1) position, we know it's not a generator

As you can see, 1 and (p-1) will never be generators

Finding all discrete logarithm generators (primitive roots) for modulo prime  13 

  Checking 1 to see if it's a discrete logarithm generator (primitive root) in modulo prime 13
     [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1]
     NOT a generator

  Checking 2 to see if it's a discrete logarithm generator (primitive root) in modulo prime 13
     [2, 4, 8, 3, 6, 12, 11, 9, 5, 10, 7, 1]
     generator

  Checking 3 to see if it's a discrete logarithm generator (primitive root) in modulo prime 13
     [3, 9, 1, 3, 9, 1, 3, 9, 1, 3, 9, 1]
     NOT a generator

  Checking 4 to see if it's a discrete logarithm generator (primitive root) in modulo prime 13
     [4, 3, 12, 9, 10, 1, 4, 3, 12, 9, 10, 1]
     NOT a generator

  Checking 5 to see if it's a discrete logarithm generator (primitive root) in modulo prime 13
     [5, 12, 8,

In [8]:
my_find_discrete_log_generator_brute_force(17)


The period of a generator must be (p-1), so if a 1 occurs before the (p-1) position, we know it's not a generator

As you can see, 1 and (p-1) will never be generators

Finding all discrete logarithm generators (primitive roots) for modulo prime  17 

  Checking 1 to see if it's a discrete logarithm generator (primitive root) in modulo prime 17
     [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1]
     NOT a generator

  Checking 2 to see if it's a discrete logarithm generator (primitive root) in modulo prime 17
     [2, 4, 8, 16, 15, 13, 9, 1, 2, 4, 8, 16, 15, 13, 9, 1]
     NOT a generator

  Checking 3 to see if it's a discrete logarithm generator (primitive root) in modulo prime 17
     [3, 9, 10, 13, 5, 15, 11, 16, 14, 8, 7, 4, 12, 2, 6, 1]
     generator

  Checking 4 to see if it's a discrete logarithm generator (primitive root) in modulo prime 17
     [4, 16, 13, 1, 4, 16, 13, 1, 4, 16, 13, 1, 4, 16, 13, 1]
     NOT a generator

  Checking 5 to see if it's a discrete logarithm

In [9]:
my_find_discrete_log_generator_brute_force(19)


The period of a generator must be (p-1), so if a 1 occurs before the (p-1) position, we know it's not a generator

As you can see, 1 and (p-1) will never be generators

Finding all discrete logarithm generators (primitive roots) for modulo prime  19 

  Checking 1 to see if it's a discrete logarithm generator (primitive root) in modulo prime 19
     [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1]
     NOT a generator

  Checking 2 to see if it's a discrete logarithm generator (primitive root) in modulo prime 19
     [2, 4, 8, 16, 13, 7, 14, 9, 18, 17, 15, 11, 3, 6, 12, 5, 10, 1]
     generator

  Checking 3 to see if it's a discrete logarithm generator (primitive root) in modulo prime 19
     [3, 9, 8, 5, 15, 7, 2, 6, 18, 16, 10, 11, 14, 4, 12, 17, 13, 1]
     generator

  Checking 4 to see if it's a discrete logarithm generator (primitive root) in modulo prime 19
     [4, 16, 7, 9, 17, 11, 6, 5, 1, 4, 16, 7, 9, 17, 11, 6, 5, 1]
     NOT a generator

  Checking 5 to see if it's

In [10]:
my_find_discrete_log_generator_brute_force(23)


The period of a generator must be (p-1), so if a 1 occurs before the (p-1) position, we know it's not a generator

As you can see, 1 and (p-1) will never be generators

Finding all discrete logarithm generators (primitive roots) for modulo prime  23 

  Checking 1 to see if it's a discrete logarithm generator (primitive root) in modulo prime 23
     [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1]
     NOT a generator

  Checking 2 to see if it's a discrete logarithm generator (primitive root) in modulo prime 23
     [2, 4, 8, 16, 9, 18, 13, 3, 6, 12, 1, 2, 4, 8, 16, 9, 18, 13, 3, 6, 12, 1]
     NOT a generator

  Checking 3 to see if it's a discrete logarithm generator (primitive root) in modulo prime 23
     [3, 9, 4, 12, 13, 16, 2, 6, 18, 8, 1, 3, 9, 4, 12, 13, 16, 2, 6, 18, 8, 1]
     NOT a generator

  Checking 4 to see if it's a discrete logarithm generator (primitive root) in modulo prime 23
     [4, 16, 18, 3, 12, 2, 8, 9, 13, 6, 1, 4, 16, 18, 3, 12, 2, 8, 9,

In [11]:
my_find_discrete_log_generator_brute_force(31)


The period of a generator must be (p-1), so if a 1 occurs before the (p-1) position, we know it's not a generator

As you can see, 1 and (p-1) will never be generators

Finding all discrete logarithm generators (primitive roots) for modulo prime  31 

  Checking 1 to see if it's a discrete logarithm generator (primitive root) in modulo prime 31
     [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1]
     NOT a generator

  Checking 2 to see if it's a discrete logarithm generator (primitive root) in modulo prime 31
     [2, 4, 8, 16, 1, 2, 4, 8, 16, 1, 2, 4, 8, 16, 1, 2, 4, 8, 16, 1, 2, 4, 8, 16, 1, 2, 4, 8, 16, 1]
     NOT a generator

  Checking 3 to see if it's a discrete logarithm generator (primitive root) in modulo prime 31
     [3, 9, 27, 19, 26, 16, 17, 20, 29, 25, 13, 8, 24, 10, 30, 28, 22, 4, 12, 5, 15, 14, 11, 2, 6, 18, 23, 7, 21, 1]
     generator

  Checking 4 to see if it's a discrete logarithm generator (primitive root) in modulo p