### UC Berkeley, MICS, W202-Cryptography
### Week 01 Breakout 3
### Euclidean Algorithm, Greatest Common Divisor, Relatively Prime Numbers
### Extended Euclidean Algorithm, Bezout's Identity
### Euler's Totient Function, Fermat-Euler Theorem

The Euclidean Algorithm in SageMath is gcd() and it gives us the Greatest Common Divisor between two integers.

When the gcd(x,y) = 1, we know that x and y are Relatively Prime Numbers, so it's very easy to check and see if two integers are relatively prime.

Bezout's Identity tells us that there exists two integers a and b such that:
ax + by = gcd(x,y)

If x and y are relatively prime, then gcd(x,y) = 1 so:
ax + by = 1

We can use the Extended Euclidean Algorithm to find a and b for any case.  The Extended Euclidean Algorithm in SageMath is xgcd()

Execute and discuss the code cells below.

In [1]:
from sage.all import *

In [2]:
def my_gcd_xgcd(x,y):
    "find the gcd between two integers, the factors of the integers, see if they are relatively prime or not, and solve bezout's identity"
    
    if x <=1 or y <=1:
        print ("both x and y must be > 1")
        return
    
    if gcd(x,y) == 1:
        s = "relatively prime"
    else:
        s = "NOT relatively prime"
    print ("\ngcd(" + str(x) + "," + str(y) +") = ", gcd(x,y), s, "\n")
    
    if is_prime(x):
        s = "prime"
    else:
        s = "composite"
    print (str(x), "factors:", factor(x), s)
    
    if is_prime(y):
        s = "prime"
    else:
        s = "composite"
    print (str(y), "factors:", factor(y), s)
    
    (g, a, b) = xgcd(x,y)
    print ("\nax + by = gcd(x,y)")
    print ("(" + str(a) + " * " + str(x) + ") + (" + str(b) + " * " + str(y) + ") = " + str(g))

In [3]:
my_gcd_xgcd(5,3)


gcd(5,3) =  1 relatively prime 

5 factors: 5 prime
3 factors: 3 prime

ax + by = gcd(x,y)
(-1 * 5) + (2 * 3) = 1


In [4]:
# note that 27 is composite and they are still relatively prime

my_gcd_xgcd(7, 27)


gcd(7,27) =  1 relatively prime 

7 factors: 7 prime
27 factors: 3^3 composite

ax + by = gcd(x,y)
(4 * 7) + (-1 * 27) = 1


In [5]:
my_gcd_xgcd(14, 8)


gcd(14,8) =  2 NOT relatively prime 

14 factors: 2 * 7 composite
8 factors: 2^3 composite

ax + by = gcd(x,y)
(-1 * 14) + (2 * 8) = 2


In [6]:
# note that both are composite, but they are still relatively prime

my_gcd_xgcd(12837483,38293838)


gcd(12837483,38293838) =  1 relatively prime 

12837483 factors: 3^2 * 19 * 37 * 2029 composite
38293838 factors: 2 * 11^2 * 229 * 691 composite

ax + by = gcd(x,y)
(106853 * 12837483) + (-35821 * 38293838) = 1


In [7]:
my_gcd_xgcd(12837482,38293838)


gcd(12837482,38293838) =  2 NOT relatively prime 

12837482 factors: 2 * 7 * 17 * 53939 composite
38293838 factors: 2 * 11^2 * 229 * 691 composite

ax + by = gcd(x,y)
(3225078 * 12837482) + (-1081163 * 38293838) = 2


In [8]:
my_gcd_xgcd(6266806, 48900194)


gcd(6266806,48900194) =  14 NOT relatively prime 

6266806 factors: 2 * 7^2 * 13 * 4919 composite
48900194 factors: 2 * 7 * 17 * 205463 composite

ax + by = gcd(x,y)
(82408 * 6266806) + (-10561 * 48900194) = 14


### Euler's Totient - phi()

Euler's Totient phi(n) for an integer n > 1 is the number of integers in the range [1,(n-1)] that are relatively prime to n.  Note that these numbers can be composite, they just have to be relatively prime to n.

In the special case of p a prime number, phi(p) = (p-1).

In the special case of p and q both prime, phi(pq) = (p-1)(q-1)

Execute and discuss the following code cells.

In [9]:
def my_phi(n):
    "given a number find Euler's Totient"
    
    if n <= 1:
        print ("n must be > 1")
        return
    
    if is_prime(n):
        s = "prime"
    else:
        s = "composite"
    
    print ("\nn = ", n, s, "\n")
    
    phi = 0
    
    for i in range(1,n):
        
        if is_prime(i):
            s1 = "prime"
        elif i == 1:
            s1 = "neither"
        else:
            s1 = "composite"
                
        if gcd(i,n) == 1:
            phi += 1
            s2 = "relatively prime"
        else:
            s2 = "NOT relatively prime, gcd is " + str(gcd(i,n))
            
        print ("  ", i, s1, ",", s2)
        
    print ("\n   phi", phi)
    
    return phi
            

In [10]:
my_phi(7)


n =  7 prime 

   1 neither , relatively prime
   2 prime , relatively prime
   3 prime , relatively prime
   4 composite , relatively prime
   5 prime

 , relatively prime
   6 composite , relatively prime

   phi 6


6

In [11]:
my_phi(4)


n =  4 composite 

   1 neither , relatively prime
   2 prime , NOT relatively prime, gcd is 2
   3 prime , relatively prime

   phi 2


2

In [12]:
my_phi(27)


n =  27 composite 

   1 neither , relatively prime
   2 prime , relatively prime
   3 prime , NOT relatively prime, gcd is 3
   4 composite , relatively prime
   5 prime , relatively prime
   6 composite , NOT relatively prime, gcd is 3
   7 prime , relatively prime
   8 composite , relatively prime
   9 composite , NOT relatively prime, gcd is 9
   10 composite , relatively prime
   11 prime , relatively prime
   12 composite , NOT relatively prime, gcd is 3
   13 prime , relatively prime
   14 composite , relatively prime
   15 composite , NOT relatively prime, gcd is 3
   16 composite , relatively prime
   17 prime , relatively prime
   18 composite , NOT relatively prime, gcd is 9
   19 prime , relatively prime
   20 composite , relatively prime
   21 composite , NOT relatively prime, gcd is 3
   22 composite , relatively prime
   23 prime , relatively prime
   24 composite , NOT relatively prime, gcd is 3
   25 composite , relatively prime
   26 composite , relatively prime

   

18

In [13]:
def my_phi_2(x, y):
    "Find Euler's Totient for the product of two integers"
    
    if x <= 1 or y <= 1:
        print ("x and y must both be > 1")
        return
    
    phi_x = my_phi(x)
    phi_y = my_phi(y)
    phi_xy = my_phi(x*y)
    
    print ("\n" + str(x-1) + " * " + str(y-1) + " = " + str((x-1)*(y-1)))

In [14]:
my_phi_2(3, 5)


n =  3 prime 

   1 neither , relatively prime
   2 prime , relatively prime

   phi 2

n =  5 prime 

   1 neither , relatively prime
   2 prime , relatively prime
   3 prime , relatively prime
   4 composite , relatively prime

   phi 4

n =  15 composite 

   1 neither , relatively prime
   2 prime , relatively prime
   3 prime , NOT relatively prime, gcd is 3
   4 composite , relatively prime
   5 prime , NOT relatively prime, gcd is 5
   6 composite , NOT relatively prime, gcd is 3
   7 prime , relatively prime
   8 composite , relatively prime
   9 composite , NOT relatively prime, gcd is 3
   10 composite , NOT relatively prime, gcd is 5
   11 prime , relatively prime
   12 composite , NOT relatively prime, gcd is 3
   13 prime , relatively prime
   14 composite , relatively prime

   phi 8

2 * 4 = 8


In [15]:
my_phi_2(4,3)


n =  4 composite 

   1 neither , relatively prime
   2 prime , NOT relatively prime, gcd is 2
   3 prime , relatively prime

   phi 2

n =  3 prime 

   1 neither , relatively prime
   2 prime , relatively prime

   phi 2

n =  12 composite 

   1 neither , relatively prime
   2 prime , NOT relatively prime, gcd is 2
   3 prime , NOT relatively prime, gcd is 3
   4 composite , NOT relatively prime, gcd is 4
   5 prime , relatively prime
   6 composite , NOT relatively prime, gcd is 6
   7 prime , relatively prime
   8 composite , NOT relatively prime, gcd is 4
   9 composite , NOT relatively prime, gcd is 3
   10 composite , NOT relatively prime, gcd is 2
   11 prime , relatively prime

   phi 4

3 * 2 = 6


### Fermat-Euler Theorem

The Fermat-Euler Theorem tells us that if m and n are relatively prime, then m^phi(n) is congruent to 1 (mod n)

n does NOT have to be prime!

Execute and discuss the following code cells

In [16]:
def my_fermat_euler(m, n):
    "given m and n demonstrate that fermat euler holds"
    
    if m <=1 or n <= 1:
        print ("m and n must both be > 1")
        return
    
    if gcd(m, n) != 1:
        print ("m and n must be relatively prime, gcd = ", gcd(m,n))
        return
    
    phi = my_phi(n)
    
    print ("\n" + str(m) + "^" + str(phi) + " = " + str(power(m, phi)) + " (mod " + str(n) + ") = ", power_mod(m, phi, n))
    
    

In [17]:
my_fermat_euler(5,7)


n =  7 prime 

   1 neither , relatively prime
   2 prime , relatively prime
   3 prime , relatively prime
   4 composite , relatively prime
   5 prime , relatively prime
   6 composite , relatively prime

   phi 6

5^6 = 15625 (mod 7) =  1


In [18]:
my_fermat_euler(13,11)


n =  11 prime 

   1 neither , relatively prime
   2 prime , relatively prime
   3 prime , relatively prime
   4 composite , relatively prime
   5 prime , relatively prime
   6 composite , relatively prime
   7 prime , relatively prime
   8 composite , relatively prime
   9 composite , relatively prime
   10 composite , relatively prime

   phi 10

13^10 = 137858491849 (mod 11) =  1


In [19]:
my_fermat_euler(2,9)


n =  9 composite 

   1 neither , relatively prime
   2 prime , relatively prime
   3 prime , NOT relatively prime, gcd is 3
   4 composite , relatively prime
   5 prime , relatively prime
   6 composite , NOT relatively prime, gcd is 3
   

7 prime , relatively prime
   8 composite , relatively prime

   phi 6

2^6 = 64 (mod 9) =  1


### Fermat's Little Theorem and Finding Large Primes

A variation of Fermat-Euler is Fermat's Little Theorem which states:

If a is an integer and p is prime, then a^p is congruent to a (mod p)

We can use this to check to see if a number is composite. we typically use 2 for a since it's the smallest prime number, it will be the least computationally intensive. 

If Fermat's Little Theorem does not hold, we know the number is for sure composite.

If Fermat's Little Theroem holds, it may be prime, but it may also be composite. These are called the Carmichael Numbers (a recent TV commercial features a mathematician trying to solve Carmichael's Totient Conjecture which is still an open problem)

We only need to check odd numbers, as 2 is the only even prime number

There are several algorithms presented in our textbook to find large primes.  Most of them generate a large random odd number, use Fermat's Little Theorem to rule out most composite numbers (primes are much rarer than composite numbers), and then use further test usually called "witness tests" to verify primes.  Prime numbers are generally approximately spaced at distances of the natural logarithm (log base e where e is 2.7..) of the last prime number.

Execute and discuss the following code cells

In [20]:
def my_fermat_little(start, end):
    "using Fermat's Little Theorem, check to see if odd integers between start and end inclusive are composite, prime, or Carmichael Numbers"
    
    if start <= 1:
        print ("start must be > 1")
        return
    
    if is_even(start):
        start += 1
    
    for i in range(start, end + 1, 2):
        if is_prime(i):
            s = "prime"
        else:
            s = "composite"
        print (i, s) 
        print ("   Fermat: 2^" + str(i) + " = " + str(power_mod(2, i, i)) + " (mod ",i,")" "\n")
        if (not is_prime(i)) and power_mod(2, i, i) == 2:
            print ("*** Carmichael Number:", i, " ***")

In [21]:
my_fermat_little(2, 100)

3 prime
   Fermat: 2^3 = 2 (mod  3 )

5 prime
   Fermat: 2^5 = 2 (mod  5 )

7 prime
   Fermat: 2^7 = 2 (mod  7 )

9 composite
   Fermat: 2^9 = 8 (mod  9 )

11 prime
   Fermat: 2^11 = 2 (mod  11 )

13 prime
   Fermat: 2^13 = 2 (mod  13 )

15 composite
   Fermat: 2^15 = 8 (mod  15 )

17 prime
   Fermat: 2^17 = 2 (mod  17 )

19 prime
   Fermat: 2^19 = 2 (mod  19 )

21 composite
   Fermat: 2^21 = 8 (mod  21 )

23 prime
   Fermat: 2^23 = 2 (mod  23 )

25 composite
   Fermat: 2^25 = 7 (mod  25 )

27 composite
   Fermat: 2^27 = 26 (mod  27 )

29 prime
   Fermat: 2^29 = 2 (mod  29 )

31 prime
   Fermat: 2^31 = 2 (mod  31 )

33 composite
   Fermat: 2^33 = 8 (mod  33 )

35 composite
   Fermat: 2^35 = 18 (mod  35 )

37 prime
   Fermat: 2^37 = 2 (mod  37 )

39 composite
   Fermat: 2^39 = 8 (mod  39 )

41 prime
   Fermat: 2^41 = 2 (mod  41 )

43 prime
   Fermat: 2^43 = 2 (mod  43 )

45 composite
   Fermat: 2^45 = 17 (mod  45 )

47 prime
   Fermat: 2^47 = 2 (mod  47 )

49 composite
   Fermat: 2^49 =

In [22]:
my_fermat_little(561, 561)

561 composite
   Fermat: 2^561 = 2 (mod  561 )

*** Carmichael Number: 561  ***


In [23]:
my_fermat_little(1105, 1105)

1105 composite
   Fermat: 2^1105 = 2 (mod  1105 )

*** Carmichael Number: 1105  ***


In [24]:
my_fermat_little(1729, 1729)

1729 composite
   Fermat: 2^1729 = 2 (mod  1729 )

*** Carmichael Number: 1729  ***
