Computer &

Network Security

Lecture 3: Introduction to Number Theory

Introduction to Number Theory

• Divisibility and division algorithm

• The Euclidean algorithm
• Modular arithmetic
• Prime numbers
• Fermat’s and Euler’s theorems
• Testing for primality
• The Chinese remainder theorem

2
Divisibility

• We say that a nonzero b divides a if a = mb for some m, where a, b,

and m are integers
• b divides a if there is no remainder on division
• The notation b | a is commonly used to mean b divides a
• If b | a we say that b is a divisor of a

The positive divisors of 24 are 1, 2, 3, 4, 6, 8, 12, and 24

13 | 182; - 5 | 30; 17 | 289; - 3 | 33; 17 | 0

3
Properties of Divisibility

• If a | 1, then a = ±1
• If a | b and b | a, then a = ±b
• Any b ≠ 0 divides 0
•If a | b and b | c, then a | c

•If b | g and b | h, then b | (mg + nh) for arbitrary integers m and n

11 | 66 and 66 | 198 = 11 | 198

4
Properties of Divisibility

• To see this last point, note that:

• If b | g , then g is of the form g = b * g1 for some integer g1
• If b | h , then h is of the form h = b * h1 for some integer h1
• So:
• mg + nh = mbg1 + nbh1 = b * (mg1 + nh1 )
and therefore b divides mg + nh

b = 7; g = 14; h = 63; m = 3; n = 2
7 | 14 and 7 | 63.
To show 7 (3 * 14 + 2 * 63),
we have (3 * 14 + 2 * 63) = 7(3 * 2 + 2 * 9),
and it is obvious that 7 | (7(3 * 2 + 2 * 9)).

5
 Division Algorithm

• Given any positive integer n and any nonnegative integer a, if we

divide a by n we get an integer quotient q and an integer
remainder r that obey the following relationship:

a = qn + r 0 ≤ r < n; q = 𝑎/𝑛

6
Noted that 𝑥 is the largest integer less than or equal to x
7
Greatest Common Divisor (GCD)

•The greatest common divisor of a and b is the largest integer that

divides both a and b
•We can use the notation gcd(a,b) to mean the greatest common
divisor of a and b
•We also define gcd(0,0) = 0
•Positive integer c is said to be the gcd of a and b if:
•c is a divisor of a and b
•Any divisor of a and b is a divisor of c

• An equivalent definition is:

gcd(a,b) = max[k, such that k | a and k | b]

8
Greatest Common Divisor (GCD)

•Because we require that the greatest common divisor be

positive, gcd(a,b) = gcd(a,-b) = gcd(-a,b) = gcd(-a,-b)
•In general, gcd(a,b) = gcd(| a |, | b |)

•Also, because all nonzero integers divide 0, we have

gcd(a,0) = | a |

gcd(60, 24) = gcd(60, - 24) = 12

9
Greatest Common Divisor (GCD)

We stated that two integers a and b are relatively prime if

their only common positive integer factor is 1; this is
equivalent to saying that a and b are relatively prime if
gcd(a,b) = 1

8 and 15 are relatively prime because the positive divisors of 8 are 1, 2, 4, and 8,
and the positive divisors of 15 are 1, 3, 5, and 15. So 1 is the only integer on both
lists.

10
Euclidean
• One of the basic techniques
Algorithm of number theory
• Procedure for determining
the greatest common
divisor of two positive
integers
• Two integers are relatively
prime if and only if their
only common positive
integer factor is 1

11
Euclidean Algorithm

12
 a=
qub + ry
b= qzritrz
∠

Euclidean Algorithm ri=

∠

q 3 r2 try

13
Finding the Greatest Common Divisor

14
Finding the Greatest Common Divisor

15
Euclidean Algorithm Example

16
Class Exercises

• Please use Euclidean algorithm to find the greatest common

divisor of 850 and 650.

• Please use Euclidean algorithm to find the greatest common

divisor of 73 and 23.

17
Modular Arithmetic

• The modulus
• If a is an integer and n is a positive integer, we define a mod n to be
the remainder when a is divided by n; the integer n is called the
modulus
• Thus, for any integer a:
𝑎
𝑎 = 𝑞𝑛 + 𝑟, 0 ≤ 𝑟 < 𝑛; 𝑞 =
𝑎 𝑛
𝑎= × 𝑛 + 𝑎 𝑚𝑜𝑑 𝑛
𝑛

𝒂 𝒎𝒐𝒅 𝒏 = 𝒓 = 𝒂 − 𝒒𝒏

11 = 1x7+4; -11 = -2x7+3

11 mod 7 = 4; -11 mod 7 = 3

Modular Arithmetic

• Congruent modulo n
• Two integers a and b are said to be congruent modulo n if
(a mod n) = (b mod n)

• This is written as a ≡ b (mod n)

• Note that if a ≡ 0 (mod n), then n | a

73 = 4 (mod 23); 21 = - 9 (mod 10)

19
Properties of Congruence

•Congruences have the following properties:

1. a ≡ b (mod n) if n | (a – b)
2. a ≡ b (mod n) implies b ≡ a (mod n)
3. a ≡ b (mod n) and b ≡ c (mod n) imply a ≡ c (mod n)
•To demonstrate the first point, if n | (a - b), then (a - b) = kn for some k
•So we can write a = b + kn
•Therefore, (a mod n) = (remainder when b + kn is divided by n) = (remainder
when b is divided by n) = (b mod n)

23 ≡ 8 (mod 5) because 23 - 8 = 15 = 5 * 3
- 11 ≡ 5 (mod 8) because - 11 - 5 = - 16 = 8 * (- 2)
81 ≡ 0 (mod 27) because 81 - 0 = 81 = 27 * 3

20
Modular Arithmetic
•Modular arithmetic exhibits the following properties:
1. [(a mod n) + (b mod n)] mod n = (a + b) mod n

2. [(a mod n) - (b mod n)] mod n = (a - b) mod n

3. [(a mod n) * (b mod n)] mod n = (a * b) mod n

•We demonstrate the first property:

•Define (a mod n) = ra and (b mod n) = rb. Then we can
write a = ra + jn for some integer j and b = rb + kn for
some integer k
•Then:
(a + b) mod n = (ra + jn + rb + kn) mod n
= (ra + rb + (k + j)n) mod n
= (ra + rb) mod n
= [(a mod n) + (b mod n)] mod n 21
Remaining Properties:

• Examples of the three remaining properties:

11 mod 8 = 3; 15 mod 8 = 7
[(11 mod 8) + (15 mod 8)] mod 8 = 10 mod 8 = 2
(11 + 15) mod 8 = 26 mod 8 = 2
[(11 mod 8) - (15 mod 8)] mod 8 = - 4 mod 8 = 4
(11 - 15) mod 8 = - 4 mod 8 = 4
[(11 mod 8) * (15 mod 8)] mod 8 = 21 mod 8 = 5
(11 * 15) mod 8 = 165 mod 8 = 5

22
Arithmetic Modulo 8

23
Multiplication Modulo 8

24
Properties of Modular Arithmetic for Integers in Zn

25
Class Exercises

• Please use the properties of modular arithmetic to compute

11 𝑚𝑜𝑑 13. Note that 11 𝑚𝑜𝑑 13 = 4.

26
Multiplicative Inverse
• A multiplicative inverse or reciprocal for a number 𝒙 mod n,
denoted by 𝑥 mod n, is a number which when multiplied by 𝑥
yields the multiplicative identity, 1.

• The inverse of 𝑥 has the property that 0 ≤ 𝑥 < 𝑛 and 𝑥

𝑥 = 1 𝑚𝑜𝑑 𝑛. The inverse exists if and only if 𝑥 and 𝑛 have
only one common divisor, 1 (i.e. 𝑥 and 𝑛 are co-prime).

• Example: 𝑥 = 4, 𝑛 = 19, then 𝑥 = 5 𝑚𝑜𝑑 𝑛, because 4 5 =

20 𝑚𝑜𝑑 19 = 1.
Additive
and
Multiplicative
Inverse
Modulo 8
28
Exercise : Setting up RSA

a -
b Co -

prime

29
30
Euclidean Algorithm Revisited

• The Euclidean algorithm can be based on the following theorem: For

any integers a, b, with 𝑎 ≥ 𝑏 ≥ 0,
gcd(a, b) = gcd(b, a mod b)

31
Euclidean Algorithm Revisited

• We can define the Euclidean algorithm concisely as the following

recursive function.

Euclid(a,b)
if (b=0) then return a;
else return Euclid(b, a mod b);

32
Euclidean Algorithm vs. Extended EA

• Euclidean Algorithm is to find the greatest common divisor

d.
• gcd (a, b) = d

• Extended Euclidean Algorithm

• a x + b y = d = gcd(a, b)
• Also find two additional integers x, and y, satisfying the above
equation.
• Useful for finite field operations, and encryption algorithm, RSA.

33
Example

• Let a = 42 and b = 30, gcd(42, 30) = 6.

• All of the entries are divisible by 6

• In general, it can be shown that for given integers a and b, the smallest
positive value of ax + by is equal to gcd(a, b)

34
Extended Euclidean Algorithm

• Now let us show how to extend the Euclidean algorithm to determine

(x, y, d) given a and b.

• we assume that at each step i we can find integers xi and yi that

satisfy ri = axi + byi. We end up with the following sequence.

35
Extended Euclidean Algorithm

36
Extended Euclidean Algorithm

ri = ri-2 - qiri-1
xi = xi-2 - qixi-1
yi = yi-2 - qiyi-1

• In each row, we calculate a new remainder ri based on the

remainders of the previous two rows, namely ri-1 and ri-2. To start the
algorithm, we need values for r-1 and r0, which are just a and b.

• It is then straightforward to determine the required values for x-1, y-1,

x0, and y0.

37
Extended Euclidean Algorithm

d = rn = axn + byn 38
Extended Euclidean Algorithm Example
Let us use a = 1759 and b = 550 and solve for 1759x + 550y = gcd(1759,
550). The results are shown in Table 2.4. Thus, we have 1759 * (-111) +
550 * 355 = -195249 + 195250 = 1.

39
Prime Numbers
• Prime numbers only have divisors of 1 and itself.
• They cannot be written as a product of other numbers

• Numbers are said to be relatively prime (or co-prime) iff they only
have a common divisor of 1 (only share a same divisor of 1).

• Any integer 𝑎 > 1 can be factored in a unique way as

𝑎 = 𝑝 × 𝑝 × ⋯× 𝑝
where 𝑝1 < 𝑝2 < . . . < 𝑝 are prime numbers and where each 𝑎𝑖 is
a positive integer.
• This is known as the fundamental theorem of arithmetic.

2 and 5 are prime numbers

2 and 5 are relatively prime
50 = 2 × 5
Primes Under 2000

41
Fermat's Theorem

•States the following:

•If p is prime and a is a positive integer not divisible by p then
ap-1 ≡ 1 (mod p)
•An alternate form is:
•If p is prime and a is a positive integer then (does not requires gcd(a,p)=1)
ap ≡ a (mod p)

Example:
Try :
13^(3-1) ≡ 1 (mod 3)
15^(3-1) ≡ 0 (mod 3) --- a should not be divisible by p
42
 2
x =
4x

Class Exercises x 4 (x )
≈

• Please use the Fermat theorem to calculate 𝑎 𝑚𝑜𝑑 𝑝 when

• p = 5, a = 3 }
5"
≡ 11 mod 5 )
• p = 5, a = 10

.
a 1
p Co -

prime 351 ≡ 1 ( mody ) ≡ 34 mod 5 ≡ 81 mod 5

≡ 1 mod y

. a ,
p not co -

prime 105 ≤ 101 mody )

三 O ( mod 5 )

43
Class Exercises

• Please use the Fermat theorem to calculate 𝑎 𝑚𝑜𝑑 𝑝 when

• p = 5, a = 3
• p = 5, a = 10

44
 Euler’s Totient Function ø(n)

0
Euler’s totient function, written as ø(n), is defined as the number of positive
0integers less than n and relatively prime to n. By convention, ø(n)=1.

For a prime number p, ø(p)=p-1.

φ 15 ) = 4
↓ 正出出
φ
( 6 ) = 21 , 2
√
, 3 . 4 . 5
√

Example:

(21) = 12

Co-primes are:
1, 2, 4, 5, 8, 10,
11, 13, 16, 17, 19, 20

Total: 12 of them.
一
Property of Euler’s Totient Function ø(n)

Now suppose that we have two prime numbers p and q with p ≠ q.

Then we can show that, for n = pq,

(n) = (pq) = (p) × (q) = (p - 1) × (q - 1)

Example:

(21) = (3) × (7) = 2 × 6

= 12
 Euler's Theorem
• For every a and n that are relatively prime:
aø(n) = 1 (mod n)
• An alternative form is (does not requires gcd(a,n)=1):
aø(n)+1 = a (mod n)

Example1: 𝑎 = 13, 𝑛 = 5, we have 13 = 13 = 1 (𝑚𝑜𝑑 5)

verify: 13 = 28561 (𝑚𝑜𝑑 5) = 1 (𝑚𝑜𝑑 5)
Example2: 𝑎 = 13, 𝑛 = 5, we have 13 = 13 = 13 (𝑚𝑜𝑑 5)
verify: 13 = 371293 (𝑚𝑜𝑑 5) = 3 (𝑚𝑜𝑑 5) = 13 (𝑚𝑜𝑑 5)
Example

48
Testing for Primality - Miller-Rabin Algorithm
• For many cryptographic algorithms, it is necessary to select one or more
very large prime numbers at random.
• Thus, we are faced with the task of determining whether a given large
number is prime.
• There is no simple yet efficient means of accomplishing this task.
• We present one attractive and popular algorithm.
• Note that this algorithm yields a number that is not necessarily a prime.

49
Testing for Primality - Miller-Rabin Algorithm
•A composite number is a positive integer that can be formed by multiplying two
smaller positive integers.
•Typically used to test a large number for primality
•Algorithm is:
TEST (n)

1. • Find integers k, q, with k > 0, q odd, so that (n – 1)=2kq ;

2. • Select a random integer a, 1 < a < n – 1 ;

3. • if aq mod n = 1 then return (“inconclusive") ;

4. • for j = 0 to k – 1 do
j
5. • if (a2 q mod n = n – 1) then return (“inconclusive") ;

6. • return (“composite") ;
50
Example
• If n = 29, is a prime number
• (n – 1) = 28 = 2^2(7)  k = 2, q = 7
• Try a = 10
• 10^7 mod 29 = 17
• 10^(2*7) mod 29 = 28
• Try a = 2
• 2^7 mod 29 = 12
• 2^(2*7) mod 29 = 28
• All inconclusive results

• If n = 13 * 17 = 221, a composite number

• (n-1) = 220 = 2^2*(55)  k = 2, q = 55
• Try a = 5
• 5^55 mod 221 = 112
• 5^(2*55) mod 221 = 168
• return composite
• Try a = 21
• 21^55 mod 221 = 200
• 21^(2*55) mod 221 = 220
• return inclusive
• From 2 to 219 for the number 221
• We have 21, 47, 174, 200, shows that the test is inconclusive! 51
Deterministic Primality Algorithm
•Prior to 2002 there was no known method of efficiently proving
the primality of very large numbers
•All of the algorithms in use produced a probabilistic result
•In 2002 Agrawal, Kayal, and Saxena developed an algorithm that
efficiently determines whether a given large number is prime
•Known as the AKS algorithm
•Does not appear to be as efficient as the Miller-Rabin algorithm

52
Chinese Remainder Theorem (CRT)
•Believed to have been discovered by the Chinese mathematician
Sun-Tsu in around 100 A.D.
•One of the most useful results of number theory
•Says it is possible to reconstruct integers in a certain range from
their residues modulo a set of pairwise relatively prime moduli

Provides a way to manipulate (potentially very large)

numbers mod M in terms of tuples of smaller numbers
• This can be useful when M is 150 digits or more
• However, it is necessary to know beforehand the
factorization of M

53
CRT-韩信点兵
相传，楚汉争霸之时，韩信率1500名将士与楚军交战败退，
退往山上，这时候敌军率五百骑杀奔而来，韩信便急速点
兵迎敌。

韩信命令士兵3人一排，结果多出2名；接着命令士兵5人
一排，结果多出3名；他又命令士兵7人一排，结果又多出
2名。

韩信马上算出，军中还剩1073人，而敌人不足五百，而且
居高临下、以众击寡，于是率军杀得敌方大败而逃。

*在南北朝时期，《孙子算经》记述了上面这个问题。《孙子算 54
经》的作者和《孙子兵法》的孙武是不同的人
CRT-Math modeling
a1 ≡ 2 (mod 3)
a2 ≡ 3 (mod 5)
a3 ≡ 2 (mod 7)

Numbers that mod 3 equals to 2: 2、5、8、11、14、17、20、23、26……

Numbers that mod 5 equals to 3: 3、8、13、18、23、28、33、38……

Common numbers are: 8、23、38…… -> x = 8+15k

Numbers that satisfied the above conditions x = 8+15k:

8、23、38、53、68、83、98、113、128……

Numbers that mod 7 equals to 2: 2、9、16、23、30、37、44、51……

Common numbers are: 23、128、233…… -> x = 23+105k

Final results: 105×10+23=1073 55
Chinese Remainder Theorem (CRT)

Let ↑ 累乘

𝑀= 𝑚
mi 两两互质
where mi are pairwise relatively prime.
最好都为质数
That is, gcd(mi, mj) = 1 for 1 … i, j … k, and i ≠ j. We can represent
0

any integer A in ZM by a k-tuple whose elements are in Zmi using

the following correspondence:
𝐴 ↔ (𝑎 , 𝑎 , … , 𝑎 )
where A ∈ ZM, ai ∈ Zm , and ai = A mod mi for 1 ≤ 𝑖 ≤ 𝑘.
i

56
Normal Form to CRT Form

𝑀= 𝑚

𝐴 ↔ (𝑎 , 𝑎 , … , 𝑎 )

To represent 973 mod 1813 as a pair of numbers mod 37 and 49,

define
M =1813
= m1 * m2 = 37 * 49
A =973

𝐴 ↔ (973 𝑚𝑜𝑑 37, 973 𝑚𝑜𝑑 49) ↔ (11, 42)

57
CRT Form to Normal Form

58
CRT Arithmetic

59
CRT Arithmetic Example

60
CRT Arithmetic Example

61
Primitive Root of Unity Modulus 𝑝

• 𝑎 is a primitive 𝑛-th root of unity modulo 𝑝 iff 𝑎 =

1 (𝑚𝑜𝑑 𝑝) and 𝑎𝑘 ≠ 1 (𝑚𝑜𝑑 𝑝) for any positive integer 𝑘 <
𝑛. The number 𝑎 is also called the generator of the ring of
integers modulo 𝑝 (finite ring 𝑍 ).

Example1: Check the table on the next slide. The numbers 2, 3,

10, 13, 14, and 15 are primitive 18-th root of unity modulus 19.

Example2: The numbers 7 and 11 are primitive 3rd root of unity

modulus 19.

Example3: Number 18 is primitive 2nd root of unity modulus 19.

62
Powers of Integers, Modulo 19

63
Assignment 3

cryptography-and-network-security_-principles-and-
practice-7th-global-edition.pdf

Review Questions->2.3, 2.4

Problems-> 2.3(b)(c), 2.8(b),2.16(b),2.22,2.34,2.36

Named after A3_xxxxxxxx.pdf, only e-version accepted.

64