#### MA124 Maths by Computer
# Project: Number Theory and Cryptography

#### Background
Cryptography is concerned with transmitting messages in such a way that they cannot be understood by an interceptor. Ever since written communication began, humankind has been using cryptography.  Constructing methods to do this is a very difficult problem, most methods eventually succomb to clever analysis. Number theory is at the heart of modern cryptography because there we find theoretical techniques with computational aspects which are very difficult to calculate in reasonable time using technology. These provide means to transmit messages securely.

#### Suggested reading/viewing
Most books on elementary number theory will contain relevant material (check the index for references to cryptography). Here are some specific suggestions ranging from YouTube/popular articles to academic papers.
- "The Code Book", Simon Singh 
- Computerphile videos on YouTube (Elliptic curves, Diffie Hellman key exchange)
- "Mathematics and Technology", Rousseau and Saint-Aubin, chapter 7
- "Number Theory for Beginners", Weil
- "The Improvement of Elliptic Curve Factorization Method to Recover RSA’s Prime Factors", Somsuk
- "A tale of two sieves", Pomerance (Notices of the American Mathematical Society)

#### Structure of Project
There are five tasks in the document below, tasks A1- A4 and then task B1. Your group should do all five of these tasks. Tasks A1 - A4 are worth approximately 50% of the credit for this submission and task B1 is worth the rest (approximately 50%).

#### Notes about submission
See the end of this document.

#### Allowed libraries for this project: 
`numpy`, `matplotlib`, `sympy`, `random`, `time`. You can use any of these at any time unless otherwise stated in the task description.

---
---
## Section A - (worth approximately 50% of the marks)
### Task A1 - Primality Testing (worth approximately 10% of the marks)

#### A1a
Below is a student's attempt to code a function ``prime_test_1`` which tests whether a given positive integer is prime. Note that it imports the ``time`` module to calculate how long function takes to run (the runtime). 

- Add the line ``prime_test_1(17)`` as the last line and run the cell to see that is not working correctly at the moment.
- Correct the code. 
- Replace ``prime_test(17)`` with ``prime_test(10**8+7)`` and note the runtime (this could be in the order of several seconds depending on the machine you are running this on). Comment on this in a markdown cell. Note that $100000007$ is a prime value.

*Add a markdown cell after the code cell below in which to make this comment.*
         

In [1]:
import time
import numpy as np

def prime_test_1(n):
    start_time = time.time()
    if n < 2 or not(isinstance(n,int)): 
        print("Input needs to be an integer greater than or equal to 2.")
        return
    else:
        isprime = True
        for i in range(2,n):
            if n % i == 0:
                isprime = False
    if isprime:
        print("The number",n,"is prime.")
    else:
        print("The number", n,"is not prime.")
    print("Runtime: %s seconds." % (time.time() - start_time))
    
prime_test_1(10**8+7)   

The number 100000007 is prime.
Runtime: 4.636547565460205 seconds.


## Comment (A1a)
prime_test_1 took 7.69 seconds to check whether 100000007 is prime.

#### A1b
By reducing the number of possible divisors which are tested, create a new function ``prime_test_2`` so that the runtime for `prime_test_2(100000007)` is less than half of what is was for `prime_test_1(100000007)` in the above. You may cut and paste code from the block above. The output from your code must display how long your code takes to run.

You may write several new functions in which the number of possible divisors which are tested is reduced with various improvements to runtime. You could explore this over a range of large prime and non-prime values.

*Insert code and markdown cells below, as appropriate, in which to provide your response to this task.*

In [2]:
import time
import numpy as np

def prime_test_2(n):
    start_time = time.time()
    if n < 2 or not(isinstance(n,int)): 
        print("Input needs to be an integer greater than or equal to 2.")
        return
    else:
        isprime = True
        for i in range(2,round(n**0.5)):
            if n % i == 0:
                isprime = False
    if isprime:
        print("The number",n,"is prime.")
    else:
        print("The number", n,"is not prime.")
    print("Runtime: %s seconds." % (time.time() - start_time))
    
prime_test_2(10**8+7)

The number 100000007 is prime.
Runtime: 0.005360841751098633 seconds.


## Comment (A1b)
By only checking whether the integers from 2 upto $\sqrt{n}$ divide n, the runtime of prime_test_2(100000007) is reduced to **0.000997** seconds, massively quicker than prime_test_1

### Task A2 - Highest common factors and multiplicative inverses modulo $n$ (worth approximatley 10% of the marks)

#### A2a - Two methods for calculating highest common factor of two integers.

Write two functions which calculate the highest common factor of two positive integers $m$ and $n$. 
- One which takes a "brute force" approach, testing all the values between 1 and the least of $m$ and $n$ in ascending order, the last common factor found will be the highest common factor, which should be returned. You may not use `sympy` for this.
- One which uses repeated applications of the Euclidean algorithm. The last non-zero remainder in this process is the highest common factor of the two integers given as in the example below where the highest common factor of $21$ and $8$ is calculated. The last non-zero remainder is $1$ which appears on the fourth line and this is the highest common factor of $21$ and $8$. You may not use `sympy` for this.

$$21 = 2 \times 8 + 5$$
$$8 = 1 \times 5 + 3$$
$$5 = 1 \times 3 + 2$$
$$3 = 1 \times 2 + 1$$
$$2 = 2\times 1 + 0.$$

Compare the total time taken by each of these functions to find the higest common factor of suitable number of pairs of random values of $n$ and $m$ between $1000$ and $9999$. 

Your code should demonstrate the functions in use by printing their output for some examples with suitable descriptive text.

*Insert code and markdown cells below, as appropriate, in which to provide your response to this task.*


In [3]:
import random, time

def brute_hcf(m,n):
    t0 = time.time()
    hcf = 1
    for i in range(1,min(m,n)+1):
        if (m % i == 0) & (n % i == 0):
            hcf = i
    return (hcf, time.time() - t0)

In [4]:
def euclid_hcf(m,n):
    t0 = time.time()
    m1 = max(m,n)
    n1 = min(m,n)
    r = [m1, n1]
    while r[-1] != 0:
        r.append(r[-2] % r[-1])
    return (r[-2], time.time() - t0)

In [14]:
i = 1
while i < 11:
    i += 1
    m = random.randint(10000,99999)
    n = random.randint(10000,99999)
    brute = brute_hcf(m,n)
    euclid = euclid_hcf(m,n)
    print('m=',m, '  ' , 'n=', n)
    print('HCF =', euclid[0], 'Brute force time =', round(brute[1], 6), 'Euclid algorithm time =', round(euclid[1], 6))
    print()

m= 34025    n= 24328
HCF = 1 Brute force time = 0.005871 Euclid algorithm time = 0.0

m= 66270    n= 31352
HCF = 2 Brute force time = 0.005209 Euclid algorithm time = 0.0

m= 68024    n= 75876
HCF = 4 Brute force time = 0.007132 Euclid algorithm time = 0.0

m= 35562    n= 10093
HCF = 1 Brute force time = 0.00104 Euclid algorithm time = 0.0

m= 28191    n= 49768
HCF = 1 Brute force time = 0.003029 Euclid algorithm time = 0.0

m= 20511    n= 27545
HCF = 1 Brute force time = 0.002092 Euclid algorithm time = 0.0

m= 80624    n= 43516
HCF = 4 Brute force time = 0.004182 Euclid algorithm time = 0.0

m= 31937    n= 97822
HCF = 1 Brute force time = 0.004074 Euclid algorithm time = 0.0

m= 75928    n= 78837
HCF = 1 Brute force time = 0.003029 Euclid algorithm time = 0.0

m= 16940    n= 58744
HCF = 28 Brute force time = 0.0 Euclid algorithm time = 0.0



#### A2b - Methods for calculating the multiplicative inverse modulo $n$

If $m$,$n$ are integers with $0<m<n$ and with highest common factor $1$ then $m$ has a multiplicative inverse module $n$. In other words, there will be a (unique) integer $k$ with $0<k<n$ such that $mk$ is congruent to $1$ modulo $n$. Write three functions as described below to find this multiplicative inverse. Each should take in the two integers $m$ and $n$ and return the integer $k$ described above if the highest common factor of $m$ and $n$ is $1$ and return $0$ otherwise. 
- One which takes a "brute force" approach, testing all the values between $1$ and $n-1$ inclusive. 
- One which uses repeated applications of the Euclidean algortithm which are then 'reversed' to find $k$. 
- One which makes use of Euler's theorem. This says that if $m$,$n$ are integers with $0<m<n$ and with highest common factor $1$ then $$m^{\phi(n)}\equiv 1 \text{ (mod } n\text{)}$$
where $\phi$ is the Euler totient function. It follows that $m^{\phi(n)-1} \text{ (mod }n\text{)}$ is the multiplicative inverse of $m$ modulo $n$. For this function you should make use of `sympy` which contains a totient function.

Compare the time taken by each of the functions by finding the total time they take to find the multiplicative inverse for an appropriate number of suitable random $n, m$ pairs.

Your code should demonstrates the functions in use by printing their output with suitable descriptive text.

*Insert code and markdown cells below, as appropriate, in which to provide your response to this task.*

----
### Task A3 The RSA algorithm (worth approximately 10% of the marks)
Begin by explaining the RSA algorithm and how and why it works (the basic steps are below and were covered  the lecture about this project given in week 2), based on Euler's theorem, in a markdown cell.

Then write code which <br>
    a. Finds random prime numbers $p$ and $q$ with $p\neq q$ each with 20 digits. `sympy` has some functions for doing this, see the lecture on this project give during week 2 of term 2.<br>
    b. Finds $e$ with $1<e<\phi(pq)$ chosen at random from those integers which are coprime to $\phi(pq)$.<br>
    c. Finds the unique value $d$ with $1 < d < \phi(pq)$ such that $de\equiv 1 \mod \phi(pq)$.<br>
    d. Encrypts the credit card number $1234567812345678$ using the standard RSA process that you described earlier with the values above.
    
Your code should print all of the following values with suitable annotation so it is clear what each value is:

$$p, q, pq, \phi(pq),d,e, \text{the encrypted number},\text{the decrypted number}, \text{true/false - the boolean for whether decrypted number is the same as the original number}.$$
      
Explain why the credit card number given above is coprime with $pq$ in a markdown cell or in a comment in your code.

*Insert code and markdown cells below, as appropriate, in which to provide your response to this task.*

### Task A4 - Group operation on the points on an elliptic curves (worth approximately 20% of the marks)

#### A4a 
Write a function, with suitable commenting, in the code block below which 
1. takes in the parameters $a$, $b$ and prime $p$ in the elliptic curve $y^2 = x^3 + ax + b \text{ (mod }p\text{)}$; and two points $A = (x_1,y_1)$ and $B = (x_2,y_2)$ on the curve 
2. returns the value of $A+ B$ according to the binary operation (below) as was defined in project lecture.
3. the function should return $0$ if either of $A$ or $B$ is not on the elliptic curve and return $-1$ if $A+B$ is the point at infinity, which we'll denote as $-1$

Let $P$ be the set of points on the curve $y^2 = x^3 + ax + b \text{ (mod }p\text{)}$ and let $-1$ represent the point at infinity. A binary operation is defined on $P\cup\{-1\}$ as follows.

Let $A,B\in P\cup\{-1\}$. Then 
- if $A = -1$ then $A+ B = B$
- if $B = -1$ then $A+ B = A$
- if $A = B$ then $A+B = -1$ (the "point at infinity") if $y_1=0$ and otherwise $A+B = (x,y)$ where $$A = B= (x_1,y_1)$$ $$m = \displaystyle\frac{3x_1^2+a}{2y_1}\text{ (mod }p\text{)}$$ $$x = m^2 - 2x_1\text{ (mod }p\text{)}$$ $$y = m(x_1-x)-y_1 \text{ (mod }p\text{)}.$$
- if $A\neq B$ then $A+B = -1$ (the "point at infinity") if $x_1=x_2$ and otherwise $A+B = (x,y)$ where $$A = (x_1,y_1), B = (x_2,y_2)$$ $$m = \displaystyle\frac{y_2-y_1}{x_2-x_1}\text{ (mod }p\text{)}$$ $$x = m^2 - x_1-x_2\text{ (mod }p\text{)}$$ $$y = m(x_1-x)-y_1 \text{ (mod }p\text{)}.$$

You should include markdown cells which explain the derivation of the formula given above.

*Insert code and markdown cells below, as appropriate, in which to provide your response to this task.*

#### A4b
Write code which generates a random prime with 20 digits and calculates the list of multiples $A$,$2A$,$3A$,... of the point $A=(0,1)$ on the elliptic curve $y^2 = x^3 + x + 1 \text{ (mod }p\text{)}$ with respect to the binary operation above for one minute. Which multiple can you reach in one minute of computing time?

*Insert code and markdown cells below, as appropriate, in which to provide your response to this task.*

---
---
## Section B - (worth approximately 50% of the marks)

### Task B1
Write about one or more of the following. What you write can include both code cells and markdown cells. You may re-use any code from part A above and you may use any of the allowed libraries.

- #### Primality testing and implications for internet security
Explore primality testing further. You may wish to look at Shor's algorithm and the implications for the security of the RSA algorithm. Your work should include code, output from code and descriptons/discussion of the underlying mathematics.

- #### Use of elliptic curves in cryptography
Explore the role of elliptic curves in cryptography. You could look at how elliptic curves are use in factorisation (Lenstra) or in the Diffie–Hellman key exchange. Your work should include code, output from code and descriptons/discussion of the underlying mathematics.

- #### The history of cryptography
You may wish to look into other methods of cryptography used throughout history and their implementation in Python. For example Caeser ciphers, the Vignere Cipher; frequency analysis. Your work should include code, output from code and descriptons/discussion of the underlying mathematics.

*Insert code and markdown cells below, as appropriate, in which to provide your response to this task.*

## Notes about this submission

You will submit a single Jupyter notebook for this project assignment. Details of this will be provided on the MA124 Moodle page.

- The last thing you should do before submitting the notebook is to Restart Kernel and Run All Cells. You should then save the notebook and submit the .ipynb file. **You will lose marks if you submit a notebook that has not been run.**

- You are expected to add code and markdown cells to this document as appropriate to provide your responses to the tasks. Instructions about this are given throughout but feel free to add markdown cells at any point to provide clarity or comments.

- Likewise, to help the reader, please provide appropriate comments in your code (for example functions or blocks of code should have comments about what they do, variables should be described in comments, as appropriate).