### UC Berkeley, MICS, W202-Cryptography
### Week 02  Breakout 4
### Chinese Remainder Theorem (CRT)

Chinese Remainder Theorem (CRT) - solves a system of simultaneous linear congruences.  See Hoffstein 2.8

From Sun Tzu Suan Ching (Master Sun's Mathematical Manual) circa 300 AD, volume 3, problem 26:

* We have a number of things, but we do not know exactly how many. 
* If we count them by threes, we have two left over. 
* If we count them by fives, we have three left over.
* If we count them by sevens, we have two left over.
* How many things are there?

The above orignal example of the Chinese Remainder Theorem details a system of 3 simultanenous linear congruences. We can solve them manually by hand by writing a system of equations (see Hoffstein 2.8 for worked examples)  

The Chinese Remainder Theorem is said to have originated with the ancient Chinese armies.  Warriers were told to line up in 3 different configurations and the remainders were noted and used to quickly count large armies.

Below we will use brute force code below to find solutions to systems of simultaneous linear congruences.

The Chinese Remainder Theorem has a special representation or notation that we saw in our lecture material. This CRT notation helps us to manually understand and work mathematical problems, such as finding square roots in modulo.  Of special importance to cryptography is using the CRT notation to express numbers in modulo n where n = pq in terms of modulo p and modulo q.  Below we will see code to enumerate a modulus period using CRT notation.

Note that each line in the CRT notation is a system of linear congruences.

### Using the Chinese Remainder Theorem CRT to solve a system of linear congruences by brute force

In [1]:
from sage.all import *

In [2]:
def my_solve_crt(congruence_list):
    "Given a list containing a system of linear congruences (residue, modulus) solve the system using brute force"
    
    print ("\nCongruences:")
    for (residue, modulus) in congruence_list:
        print ("    x congruent " + str(residue) + " (mod " + str(modulus) + ")")
    
    modulus_product = 1
    
    start_value = 0
    
    for (residue, modulus) in congruence_list:
        modulus_product *= modulus
        if residue > start_value:
            start_value = residue
        
    
    print ("\nstart value:", start_value)
    print ("stop value :", modulus_product, "\n(inclusive)\n")
    
    if modulus_product > 200:
        print ("won't print the list since modulus product is > 200\n")
    
    found = False
    solution = -1
    
    for i in range(start_value, modulus_product):
        for (residue, modulus) in congruence_list:
            if (i % modulus) == residue:
                found = True
                solution = i
            else:
                found = False
                if modulus_product < 200:
                    print ("    ", i, "is NOT a solution")
                break
        if found:
            solution = i
            break
            
    if found:
        print ("\n***", solution, "is the solution ***")
        for (residue, modulus) in congruence_list:
            print ("    " + str(solution) + " (mod " + str(modulus) + ") = " + str(residue))
    else:
        print ("\n*** NO SOLUTION ***")

In [3]:
# Solve Sun Tzu Suan Ching (Master Sun's Mathematical Manual) circa 300 AD, volume 3, problem 26:

# We have a number of things, but we do not know exactly how many.
# If we count them by threes, we have two left over.
# If we count them by fives, we have three left over.
# If we count them by sevens, we have two left over.
# How many things are there?

my_solve_crt([(2,3),(3,5),(2,7)])


Congruences:
    x congruent 2 (mod 3)
    x congruent 3 (mod 5)
    x congruent 2 (mod 7)

start value: 3
stop value : 105 
(inclusive)

     3 is NOT a solution
     4 is NOT a solution
     5 is NOT a solution
     6 is NOT a solution
     7 is NOT a solution
     8 is NOT a solution
     9 is NOT a solution
     10 is NOT a solution
     11 is NOT a solution
     12 is NOT a solution
     13 is NOT a solution
     14 is NOT a solution
     15 is NOT a solution
     16 is NOT a solution
     17 is NOT a solution
     18 is NOT a solution
     19 is NOT a solution
     20 is NOT a solution
     21 is NOT a solution
     22 is NOT a solution

*** 23 is the solution ***
    23 (mod 3) = 2
    23 (mod 5) = 3
    23 (mod 7) = 2


In [4]:
# The Chinese Remainder Theorem is said to have originated with the ancient Chinese armies
# as a quick way to count large numbers of warriers

# assume warriers were told to line up:
# first into columns of 11 yielding 5 remainders
# then columns of 13 yielding 8 remainders
# then columns of 17 yielding 14 remainders

# as you can see below there are 1204 warriers that could be quickly counted 
# just by counting the remainders

my_solve_crt([(5,11),(8,13),(14,17)])


Congruences:
    x congruent 5 (mod 11)
    x congruent 8 (mod 13)
    x congruent 14 (mod 17)

start value: 14
stop value : 2431 
(inclusive)

won't print the list since modulus product is > 200


*** 1204 is the solution ***
    1204 (mod 11) = 5
    1204 (mod 13) = 8
    1204 (mod 17) = 14


In [5]:
my_solve_crt([(1,5),(7,9)])


Congruences:
    x congruent 1 (mod 5)
    x congruent 7 (mod 9)

start value: 7
stop value : 45 
(inclusive)

     7 is NOT a solution
     8 is NOT a solution
     9 is NOT a solution
     10 is NOT a solution
     11 is NOT a solution
     12 is NOT a solution
     13 is NOT a solution
     14 is NOT a solution
     15 is NOT a solution

*** 16 is the solution ***
    16 (mod 5) = 1
    16 (mod 9) = 7


In [6]:
my_solve_crt([(1,4),(2,7),(8,11),(11,13)])


Congruences:
    x congruent 1 (mod 4)
    x congruent 2 (mod 7)
    x congruent 8 (mod 11)
    x congruent 11 (mod 13)

start value: 11
stop value : 4004 
(inclusive)

won't print the list since modulus product is > 200


*** 1493 is the solution ***
    1493 (mod 4) = 1
    1493 (mod 7) = 2
    1493 (mod 11) = 8
    1493 (mod 13) = 11


In [7]:
my_solve_crt([(3,5),(2,11),(18,27)])


Congruences:
    x congruent 3 (mod 5)
    x congruent 2 (mod 11)
    x congruent 18 (mod 27)

start value: 18
stop value : 1485 
(inclusive)

won't print the list since modulus product is > 200


*** 288 is the solution ***
    288 (mod 5) = 3
    288 (mod 11) = 2
    288 (mod 27) = 18


In [8]:
my_solve_crt([(3,7),(2,11)])


Congruences:
    x congruent 3 (mod 7)
    x congruent 2 (mod 11)

start value: 3
stop value : 77 
(inclusive)

     3 is NOT a solution
     4 is NOT a solution
     5 is NOT a solution
     6 is NOT a solution
     7 is NOT a solution
     8 is NOT a solution
     9 is NOT a solution
     10 is NOT a solution
     11 is NOT a solution
     12 is NOT a solution
     13 is NOT a solution
     14 is NOT a solution
     15 is NOT a solution
     16 is NOT a solution
     17 is NOT a solution
     18 is NOT a solution
     19 is NOT a solution
     20 is NOT a solution
     21 is NOT a solution
     22 is NOT a solution
     23 is NOT a solution

*** 24 is the solution ***
    24 (mod 7) = 3
    24 (mod 11) = 2


### Chinese Remainder Theorem CRT Notation

Note that each line in the CRT notation is a system of linear congruences.

In [9]:
def my_crt_notation(n):
    "given an integer n, factor it into p and q, and write 1 period [0,(n-1)] inclusive using Chinese Remainder Theorem CRT Notation"
    
    if n <= 1:
        print ("must be > 1")
        return
    
    f = factor(n)
    
    if len(f) != 2:
        print ("not a product of two primes")
        return
        
    if f[0][1] != 1:
        print ("not a product of two primes")
        return
        
    q = f[0][0]
    p = f[1][0]
    
    
    print ("\nn = ", n)
    print ("\nq = ", q)
    print ("p = ", p,  "\n")
    
    for i in range(0,n):
        
        if (i % q) == 0 or (i % p) == 0:
            s = "  a zero tells us it's NOT relatively prime"
        else:
            s = ""
            
        print (str(i) + " mod " + str(n) + " = < " + str(i % q) + " mod " + str(q) + " , " + str(i % p) + " mod " + str(p) + " > " + s)
    

In [10]:
my_crt_notation(21)


n =  21

q =  3
p =  7 

0 mod 21 = < 0 mod 3 , 0 mod 7 >   a zero tells us it's NOT relatively prime
1 mod 21 = < 1 mod 3 , 1 mod 7 > 
2 mod 21 = < 2 mod 3 , 2 mod 7 > 
3 mod 21 = < 0 mod 3 , 3 mod 7 >   a zero tells us it's NOT relatively prime
4 mod 21 = < 1 mod 3 , 4 mod 7 > 
5 mod 21 = < 2 mod 3 , 5 mod 7 > 
6 mod 21 = < 0 mod 3 , 6 mod 7 >   a zero tells us it's NOT relatively prime
7 mod 21 = < 1 mod 3 , 0 mod 7 >   a zero tells us it's NOT relatively prime
8 mod 21 = < 2 mod 3 , 1 mod 7 > 
9 mod 21 = < 0 mod 3 , 2 mod 7 >   a zero tells us it's NOT relatively prime
10 mod 21 = < 1 mod 3 , 3 mod 7 > 
11 mod 21 = < 2 mod 3 , 4 mod 7 > 
12 mod 21 = < 0 mod 3 , 5 mod 7 >   a zero tells us it's NOT relatively prime
13 mod 21 = < 1 mod 3 , 6 mod 7 > 
14 mod 21 = < 2 mod 3 , 0 mod 7 >   a zero tells us it's NOT relatively prime
15 mod 21 = < 0 mod 3 , 1 mod 7 >   a zero tells us it's NOT relatively prime
16 mod 21 = < 1 mod 3 , 2 mod 7 > 
17 mod 21 = < 2 mod 3 , 3 mod 7 > 
18 mod 21 

In [11]:
my_crt_notation(15)


n =  15

q =  3
p =  5 

0 mod 15 = < 0 mod 3 , 0 mod 5 >   a zero tells us it's NOT relatively prime
1 mod 15 = < 1 mod 3 , 1 mod 5 > 
2 mod 15 = < 2 mod 3 , 2 mod 5 > 
3 mod 15 = < 0 mod 3 , 3 mod 5 >   a zero tells us it's NOT relatively prime
4 mod 15 = < 1 mod 3 , 4 mod 5 > 
5 mod 15 = < 2 mod 3 , 0 mod 5 >   a zero tells us it's NOT relatively prime
6 mod 15 = < 0 mod 3 , 1 mod 5 >   a zero tells us it's NOT relatively prime
7 mod 15 = < 1 mod 3 , 2 mod 5 > 
8 mod 15 = < 2 mod 3 , 3 mod 5 > 
9 mod 15 = < 0 mod 3 , 4 mod 5 >   a zero tells us it's NOT relatively prime
10 mod 15 = < 1 mod 3 , 0 mod 5 >   a zero tells us it's NOT relatively prime
11 mod 15 = < 2 mod 3 , 1 mod 5 > 
12 mod 15 = < 0 mod 3 , 2 mod 5 >   a zero tells us it's NOT relatively prime
13 mod 15 = < 1 mod 3 , 3 mod 5 > 
14 mod 15 = < 2 mod 3 , 4 mod 5 > 


In [12]:
my_crt_notation(35)


n =  35

q =  5
p =  7 

0 mod 35 = < 0 mod 5 , 0 mod 7 >   a zero tells us it's NOT relatively prime
1 mod 35 = < 1 mod 5 , 1 mod 7 > 
2 mod 35 = < 2 mod 5 , 2 mod 7 > 
3 mod 35 = < 3 mod 5 , 3 mod 7 > 
4 mod 35 = < 4 mod 5 , 4 mod 7 > 
5 mod 35 = < 0 mod 5 , 5 mod 7 >   a zero tells us it's NOT relatively prime
6 mod 35 = < 1 mod 5 , 6 mod 7 > 
7 mod 35 = < 2 mod 5 , 0 mod 7 >   a zero tells us it's NOT relatively prime
8 mod 35 = < 3 mod 5 , 1 mod 7 > 
9 mod 35 = < 4 mod 5 , 2 mod 7 > 
10 mod 35 = < 0 mod 5 , 3 mod 7 >   a zero tells us it's NOT relatively prime
11 mod 35 = < 1 mod 5 , 4 mod 7 > 
12 mod 35 = < 2 mod 5 , 5 mod 7 > 
13 mod 35 = < 3 mod 5 , 6 mod 7 > 
14 mod 35 = < 4 mod 5 , 0 mod 7 >   a zero tells us it's NOT relatively prime
15 mod 35 = < 0 mod 5 , 1 mod 7 >   a zero tells us it's NOT relatively prime
16 mod 35 = < 1 mod 5 , 2 mod 7 > 
17 mod 35 = < 2 mod 5 , 3 mod 7 > 
18 mod 35 = < 3 mod 5 , 4 mod 7 > 
19 mod 35 = < 4 mod 5 , 5 mod 7 > 
20 mod 35 = < 0 mod 5 , 6 

In [13]:
my_crt_notation(77)


n =  77

q =  7
p =  11 

0 mod 77 = < 0 mod 7 , 0 mod 11 >   a zero tells us it's NOT relatively prime
1 mod 77 = < 1 mod 7 , 1 mod 11 > 
2 mod 77 = < 2 mod 7 , 2 mod 11 > 
3 mod 77 = < 3 mod 7 , 3 mod 11 > 
4 mod 77 = < 4 mod 7 , 4 mod 11 > 
5 mod 77 = < 5 mod 7 , 5 mod 11 > 
6 mod 77 = < 6 mod 7 , 6 mod 11 > 
7 mod 77 = < 0 mod 7 , 7 mod 11 >   a zero tells us it's NOT relatively prime
8 mod 77 = < 1 mod 7 , 8 mod 11 > 
9 mod 77 = < 2 mod 7 , 9 mod 11 > 
10 mod 77 = < 3 mod 7 , 10 mod 11 > 
11 mod 77 = < 4 mod 7 , 0 mod 11 >   a zero tells us it's NOT relatively prime
12 mod 77 = < 5 mod 7 , 1 mod 11 > 
13 mod 77 = < 6 mod 7 , 2 mod 11 > 
14 mod 77 = < 0 mod 7 , 3 mod 11 >   a zero tells us it's NOT relatively prime
15 mod 77 = < 1 mod 7 , 4 mod 11 > 
16 mod 77 = < 2 mod 7 , 5 mod 11 > 
17 mod 77 = < 3 mod 7 , 6 mod 11 > 
18 mod 77 = < 4 mod 7 , 7 mod 11 > 
19 mod 77 = < 5 mod 7 , 8 mod 11 > 
20 mod 77 = < 6 mod 7 , 9 mod 11 > 
21 mod 77 = < 0 mod 7 , 10 mod 11 >   a zero tells us 


69 mod 77 = < 6 mod 7 , 3 mod 11 > 
70 mod 77 = < 0 mod 7 , 4 mod 11 >   a zero tells us it's NOT relatively prime
71 mod 77 = < 1 mod 7 , 5 mod 11 > 
72 mod 77 = < 2 mod 7 , 6 mod 11 > 
73 mod 77 = < 3 mod 7 , 7 mod 11 > 
74 mod 77 = < 4 mod 7 , 8 mod 11 > 
75 mod 77 = < 5 mod 7 , 9 mod 11 > 
76 mod 77 = < 6 mod 7 , 10 mod 11 > 


In [14]:
my_crt_notation(781)


n =  781

q =  11
p =  71 

0 mod 781 = < 0 mod 11 , 0 mod 71 >   a zero tells us it's NOT relatively prime
1 mod 781 = < 1 mod 11 , 1 mod 71 > 
2 mod 781 = < 2 mod 11 , 2 mod 71 > 
3 mod 781 = < 3 mod 11 , 3 mod 71 > 
4 mod 781 = < 4 mod 11 , 4 mod 71 > 
5 mod 781 = < 5 mod 11 , 5 mod 71 > 
6 mod 781 = < 6 mod 11 , 6 mod 71 > 
7 mod 781 = < 7 mod 11 , 7 mod 71 > 
8 mod 781 = < 8 mod 11 , 8 mod 71 > 
9 mod 781 = < 9 mod 11 , 9 mod 71 > 
10 mod 781 = < 10 mod 11 , 10 mod 71 > 
11 mod 781 = < 0 mod 11 , 11 mod 71 >   a zero tells us it's NOT relatively prime
12 mod 781 = < 1 mod 11 , 12 mod 71 > 
13 mod 781 = < 2 mod 11 , 13 mod 71 > 
14 mod 781 = < 3 mod 11 , 14 mod 71 > 
15 mod 781 = < 4 mod 11 , 15 mod 71 > 
16 mod 781 = < 5 mod 11 , 16 mod 71 > 
17 mod 781 = < 6 mod 11 , 17 mod 71 > 
18 mod 781 = < 7 mod 11 , 18 mod 71 > 
19 mod 781 = < 8 mod 11 , 19 mod 71 > 
20 mod 781 = < 9 mod 11 , 20 mod 71 > 
21 mod 781 = < 10 mod 11 , 21 mod 71 > 
22 mod 781 = < 0 mod 11 , 22 mod 71 >   a zer

332 mod 781 = < 2 mod 11 , 48 mod 71 > 
333 mod 781 = < 3 mod 11 , 49 mod 71 > 
334 mod 781 = < 4 mod 11 , 50 mod 71 > 
335 mod 781 = < 5 mod 11 , 51 mod 71 > 
336 mod 781 = < 6 mod 11 , 52 mod 71 > 
337 mod 781 = < 7 mod 11 , 53 mod 71 > 
338 mod 781 = < 8 mod 11 , 54 mod 71 > 
339 mod 781 = < 9 mod 11 , 55 mod 71 > 
340 mod 781 = < 10 mod 11 , 56 mod 71 > 
341 mod 781 = < 0 mod 11 , 57 mod 71 >   a zero tells us it's NOT relatively prime
342 mod 781 = < 1 mod 11 , 58 mod 71 > 
343 mod 781 = < 2 mod 11 , 59 mod 71 > 
344 mod 781 = < 3 mod 11 , 60 mod 71 > 
345 mod 781 = < 4 mod 11 , 61 mod 71 > 
346 mod 781 = < 5 mod 11 , 62 mod 71 > 
347 mod 781 = < 6 mod 11 , 63 mod 71 > 
348 mod 781 = < 7 mod 11 , 64 mod 71 > 
349 mod 781 = < 8 mod 11 , 65 mod 71 > 
350 mod 781 = < 9 mod 11 , 66 mod 71 > 
351 mod 781 = < 10 mod 11 , 67 mod 71 > 
352 mod 781 = < 0 mod 11 , 68 mod 71 >   a zero tells us it's NOT relatively prime
353 mod 781 = < 1 mod 11 , 69 mod 71 > 
354 mod 781 = < 2 mod 11 , 70 mo

The above are showing 1 period with respect to n.

Take a look at the residues for each of p and q and see their periods.

### Each row in the Chinese Remainder Theorem CRT Notation is a System of Linear Congruences

So far, we have discussed using the CRT to solve a system of linear congruences.  We also discussed the CRT Notation.  Now we tie them together by demonstrating that 1 line in CRT Notation is a system of linear congruences which can be solved to resolve the CRT Notation.


In [15]:
# 7 mod 15 = < 1 mod 3 , 2 mod 5 > 

# is equivalent to: 

# x congruent 1 (mod 3)
# x congruent 2 (mod 5)

# looking at the CRT line at the top, the answer should be 7

my_solve_crt([(1,3),(2,5)])


Congruences:
    x congruent 1 (mod 3)
    x congruent 2 (mod 5)

start value: 2
stop value : 15 
(inclusive)

     2 is NOT a solution
     3 is NOT a solution
     4 is NOT a solution
     5 is NOT a solution
     6 is NOT a solution

*** 7 is the solution ***
    7 (mod 3) = 1
    7 (mod 5) = 2


In [16]:
# 74 mod 77 = < 4 mod 7 , 8 mod 11 > 

# is equivalent to: 

# x congruent 4 (mod 7)
# x congruent 8 (mod 11)

# looking at the CRT line at the top, the answer should be 74

my_solve_crt([(4,7),(8,11)])


Congruences:
    x congruent 4 (mod 7)
    x congruent 8 (mod 11)

start value: 8
stop value : 77 
(inclusive)

     8 is NOT a solution
     9 is NOT a solution
     10 is NOT a solution
     11 is NOT a solution
     12 is NOT a solution
     13 is NOT a solution
     14 is NOT a solution
     15 is NOT a solution
     16 is NOT a solution
     17 is NOT a solution
     18 is NOT a solution
     19 is NOT a solution
     20 is NOT a solution
     21 is NOT a solution
     22 is NOT a solution
     23 is NOT a solution
     24 is NOT a solution
     25 is NOT a solution
     26 is NOT a solution
     27 is NOT a solution
     28 is NOT a solution
     29 is NOT a solution
     30 is NOT a solution
     31 is NOT a solution
     32 is NOT a solution
     33 is NOT a solution
     34 is NOT a solution
     35 is NOT a solution
     36 is NOT a solution
     37 is NOT a solution
     38 is NOT a solution
     39 is NOT a solution
     40 is NOT a solution
     41 is NOT a solution
     