### UC Berkeley, MICS, W202-Cryptography
### Week 03 Breakout 6

### Modular Division - finding multiplicative inverses in modulo prime by the Extended Euclidean Algorithm and by Fermat-Euler Theorem


In our lectures, we learned about Modular Division.  

From a cryptographic standpoint, our main interest in modular division is finding multiplicative inverses in modulo prime.

We learned that if we can find a multiplicative inverse in modulo prime, it's the equivalent of modular division in modulo prime.  We will be using this when we get to Elliptic Curves over finite fields in modulo prime GF(p), specfically to calculate the slope of lines when doing point addition.

If we know x (mod p), we want to find an x^-1 (mod p).  We know that x * x^-1 (mod p) = (x / x) (mod p) = 1 (mod p), essentially the multiplicative inverse allow us to perform modular division.

We can use the Extended Euclidean Algorithm for x and p to solve Bezout's Identity.  The coefficient of x cut in modulo p, will be x^-1 (mod p), the multiplicative inverse of x (mod p)

We can also use the Fermat-Euler Theorem, which tells us that x^-1 (mod p) = x^(p-2) (mod p).  This one will be the main one we will use when we get to Elliptic Curves over GF(p).

SageMath's built in function, power_mod() works with a -1 power, such as power_mod(x, -1, p)

The lectures also briefly mention multiplicative inverses over composite numbers, but we won't be directly using this in this course. Note that the SageMath built in function power_pod() also works with composite moduli.


In [1]:
from sage.all import *

In [2]:
def find_multiplicative_inverses_modulo_prime(p):
    """given p a prime number, loop through 1..(p-1) finding for each its multiplicitive inverse 
    using Extended Euclidean Algorithm and also using Fermat-Euler Theorem"""
    
    if not is_prime(p):
        print ("p must be prime!")
        return
    
    print ("\nFinding all the multiplicitive inverses in modulo ", p, "\n")
    
    print ("Using Extended Euclidean Algorithm, find xgcd(x, p) to find x * x^-1 = 1 (mod p), the coefficient of x in Bezout's Identity will by x^-1\n")
    
    print ("Using Fermat-Euler Theorem, x^(p-2) = x^-1 (mod p)\n")
    
    print ("Using the SageMath power_mod() function, raise x to the -1 power mod p\n")
    
    for i in range(1,p):
        
        print (str(i) + "^-1 (mod " + str(p) + ") = \n")
        
        # first use the Extended Euclidean Algorithm to solve Bezout's Identity for the coefficient of i
        
        xgcd_save = xgcd(i,p)
        
        print ("             xgcd(" + str(i) + ", " + str(p) + ") = (" + str(xgcd_save[1]) + " * " + str(i) + ") + (" \
        + str(xgcd_save[2]) + " * " + str(p) + ") = 1, " + str(xgcd_save[1]) + " (mod " + str(p) + ") = " + str(xgcd_save[1] % p))
        
        # next, use Fermat Euler Theorem to solve
        
        print ("             " + str(i) + "^(" + str(p-2) + ") (mod " + str(p) + ") = " + str(power_mod(i,p-2,p)))
        
        # next, use the SageMath built in power_mod() function to simply raise to the -1 power
        
        print ("             power_mod(" + str(i) + ", -1, " + str(p) + ") = " + str(power_mod(i,-1,p)) + "\n")

In [3]:
find_multiplicative_inverses_modulo_prime(3)


Finding all the multiplicitive inverses in modulo  3 

Using Extended Euclidean Algorithm, find xgcd(x, p) to find x * x^-1 = 1 (mod p), the coefficient of x in Bezout's Identity will by x^-1

Using Fermat-Euler Theorem, x^(p-2) = x^-1 (mod p)

Using the SageMath power_mod() function, raise x to the -1 power mod p

1^-1 (mod 3) = 

             xgcd(1, 3) = (1 * 1) + (0 * 3) = 1, 1 (mod 3) = 1
             1^(1) (mod 3) = 1
             power_mod(1, -1, 3) = 1

2^-1 (mod 3) = 

             xgcd(2, 3) = (-1 * 2) + (1 * 3) = 1, -1 (mod 3) = 2
             2^(1) (mod 3) = 2
             power_mod(2, -1, 3) = 2



In [4]:
find_multiplicative_inverses_modulo_prime(5)


Finding all the multiplicitive inverses in modulo  5 

Using Extended Euclidean Algorithm, find xgcd(x, p) to find x * x^-1 = 1 (mod p), the coefficient of x in Bezout's Identity will by x^-1

Using Fermat-Euler Theorem, x^(p-2) = x^-1 (mod p)

Using the SageMath power_mod() function, raise x to the -1 power mod p

1^-1 (mod 5) = 

             xgcd(1, 5) = (1 * 1) + (0 * 5) = 1, 1 (mod 5) = 1
             1^(3) (mod 5) = 1
             power_mod(1, -1, 5) = 1

2^-1 (mod 5) = 

             xgcd(2, 5) = (-2 * 2) + (1 * 5) = 1, -2 (mod 5) = 3
             2^(3) (mod 5) = 3
             power_mod(2, -1, 5) = 3

3^-1 (mod 5) = 

             xgcd(3, 5) = (2 * 3) + (-1 * 5) = 1, 2 (mod 5) = 2
             3^(3) (mod 5) = 2
             power_mod(3, -1, 5) = 2

4^-1 (mod 5) = 

             xgcd(4, 5) = (-1 * 4) + (1 * 5) = 1, -1 (mod 5) = 4
             4^(3) (mod 5) = 4
             power_mod(4, -1, 5) = 4



In [5]:
find_multiplicative_inverses_modulo_prime(7)


Finding all the multiplicitive inverses in modulo  7 

Using Extended Euclidean Algorithm, find xgcd(x, p) to find x * x^-1 = 1 (mod p), the coefficient of x in Bezout's Identity will by x^-1

Using Fermat-Euler Theorem, x^(p-2) = x^-1 (mod p)

Using the SageMath power_mod() function, raise x to the -1 power mod p

1^-1 (mod 7) = 

             xgcd(1, 7) = (1 * 1) + (0 * 7) = 1, 1 (mod 7) = 1
             1^(5) (mod 7) = 1
             power_mod(1, -1, 7) = 1

2^-1 (mod 7) = 

             xgcd(2, 7) = (-3 * 2) + (1 * 7) = 1, -3 (mod 7) = 4
             2^(5) (mod 7) = 4
             power_mod(2, -1, 7) = 4

3^-1 (mod 7) = 

             xgcd(3, 7) = (-2 * 3) + (1 * 7) = 1, -2 (mod 7) = 5
             3^(5) (mod 7) = 5
             power_mod(3, -1, 7) = 5

4^-1 (mod 7) = 

             xgcd(4, 7) = (2 * 4) + (-1 * 7) = 1, 2 (mod 7) = 2
             4^(5) (mod 7) = 2
             power_mod(4, -1, 7) = 2

5^-1 (mod 7) = 

             xgcd(5, 7) = (3 * 5) + (-2 * 7) = 1, 3 (mod 7) = 3


In [6]:
find_multiplicative_inverses_modulo_prime(11)


Finding all the multiplicitive inverses in modulo  11 

Using Extended Euclidean Algorithm, find xgcd(x, p) to find x * x^-1 = 1 (mod p), the coefficient of x in Bezout's Identity will by x^-1

Using Fermat-Euler Theorem, x^(p-2) = x^-1 (mod p)

Using the SageMath power_mod() function, raise x to the -1 power mod p

1^-1 (mod 11) = 

             xgcd(1, 11) = (1 * 1) + (0 * 11) = 1, 1 (mod 11) = 1
             1^(9) (mod 11) = 1
             power_mod(1, -1, 11) = 1

2^-1 (mod 11) = 

             xgcd(2, 11) = (-5 * 2) + (1 * 11) = 1, -5 (mod 11) = 6
             2^(9) (mod 11) = 6
             power_mod(2, -1, 11) = 6

3^-1 (mod 11) = 

             xgcd(3, 11) = (4 * 3) + (-1 * 11) = 1, 4 (mod 11) = 4
             3^(9) (mod 11) = 4
             power_mod(3, -1, 11) = 4

4^-1 (mod 11) = 

             xgcd(4, 11) = (3 * 4) + (-1 * 11) = 1, 3 (mod 11) = 3
             4^(9) (mod 11) = 3
             power_mod(4, -1, 11) = 3

5^-1 (mod 11) = 

             xgcd(5, 11) = (-2 * 5) + (

In [7]:
find_multiplicative_inverses_modulo_prime(13)


Finding all the multiplicitive inverses in modulo  13 

Using Extended Euclidean Algorithm, find xgcd(x, p) to find x * x^-1 = 1 (mod p), the coefficient of x in Bezout's Identity will by x^-1

Using Fermat-Euler Theorem, x^(p-2) = x^-1 (mod p)

Using the SageMath power_mod() function, raise x to the -1 power mod p

1^-1 (mod 13) = 

             xgcd(1, 13) = (1 * 1) + (0 * 13) = 1, 1 (mod 13) = 1
             1^(11) (mod 13) = 1
             power_mod(1, -1, 13) = 1

2^-1 (mod 13) = 

             xgcd(2, 13) = (-6 * 2) + (1 * 13) = 1, -6 (mod 13) = 7
             2^(11) (mod 13) = 7
             power_mod(2, -1, 13) = 7

3^-1 (mod 13) = 

             xgcd(3, 13) = (-4 * 3) + (1 * 13) = 1, -4 (mod 13) = 9
             3^(11) (mod 13) = 9
             power_mod(3, -1, 13) = 9

4^-1 (mod 13) = 

             xgcd(4, 13) = (-3 * 4) + (1 * 13) = 1, -3 (mod 13) = 10
             4^(11) (mod 13) = 10
             power_mod(4, -1, 13) = 10

5^-1 (mod 13) = 

             xgcd(5, 13) = (-5

In [8]:
find_multiplicative_inverses_modulo_prime(17)


Finding all the multiplicitive inverses in modulo  17 

Using Extended Euclidean Algorithm, find xgcd(x, p) to find x * x^-1 = 1 (mod p), the coefficient of x in Bezout's Identity will by x^-1

Using Fermat-Euler Theorem, x^(p-2) = x^-1 (mod p)

Using the SageMath power_mod() function, raise x to the -1 power mod p

1^-1 (mod 17) = 

             xgcd(1, 17) = (1 * 1) + (0 * 17) = 1, 1 (mod 17) = 1
             1^(15) (mod 17) = 1
             power_mod(1, -1, 17) = 1

2^-1 (mod 17) = 

             xgcd(2, 17) = (-8 * 2) + (1 * 17) = 1, -8 (mod 17) = 9
             2^(15) (mod 17) = 9
             power_mod(2, -1, 17) = 9

3^-1 (mod 17) = 

             xgcd(3, 17) = (6 * 3) + (-1 * 17) = 1, 6 (mod 17) = 6
             3^(15) (mod 17) = 6
             power_mod(3, -1, 17) = 6

4^-1 (mod 17) = 

             xgcd(4, 17) = (-4 * 4) + (1 * 17) = 1, -4 (mod 17) = 13
             4^(15) (mod 17) = 13
             power_mod(4, -1, 17) = 13

5^-1 (mod 17) = 

             xgcd(5, 17) = (7 *

In [9]:
find_multiplicative_inverses_modulo_prime(23)


Finding all the multiplicitive inverses in modulo  23 

Using Extended Euclidean Algorithm, find xgcd(x, p) to find x * x^-1 = 1 (mod p), the coefficient of x in Bezout's Identity will by x^-1

Using Fermat-Euler Theorem, x^(p-2) = x^-1 (mod p)

Using the SageMath power_mod() function, raise x to the -1 power mod p

1^-1 (mod 23) = 

             xgcd(1, 23) = (1 * 1) + (0 * 23) = 1, 1 (mod 23) = 1
             1^(21) (mod 23) = 1
             power_mod(1, -1, 23) = 1

2^-1 (mod 23) = 

             xgcd(2, 23) = (-11 * 2) + (1 * 23) = 1, -11 (mod 23) = 12
             2^(21) (mod 23) = 12
             power_mod(2, -1, 23) = 12

3^-1 (mod 23) = 

             xgcd(3, 23) = (8 * 3) + (-1 * 23) = 1, 8 (mod 23) = 8
             3^(21) (mod 23) = 8
             power_mod(3, -1, 23) = 8

4^-1 (mod 23) = 

             xgcd(4, 23) = (6 * 4) + (-1 * 23) = 1, 6 (mod 23) = 6
             4^(21) (mod 23) = 6
             power_mod(4, -1, 23) = 6

5^-1 (mod 23) = 

             xgcd(5, 23) = (-9