Lecture 07: INTEGERS Sections 2.4, 2.5, 2.6 Pages 153-212

1
Lecture 07 INTEGERSSections 2.4, 2.5,
2.6Pages 153-212
CS1050 Understanding and Constructing Proofs
Spring 2006

• Jarek Rossignac

2
Lecture Objectives

• Divisibility
• Primes
• GCD, LCM
• Congruence and applications random, hash,
  ciphers
• Representing, adding, multiplying integers in
  base 2
• Algorithms for computing b div m, b mod m, bn mod
  m
• Prime decomposition

3
When does x divide y?

• When y/x is an integer
• ?z?Z yzx
• Assuming that both are integers and x is not zero
• Notation x y
• I will write x ! y when x does not divide y

4
When is x a factor of y?

• when x y

5
What are important divisibility properties?

• Assume that a, b, and c are integers
• (a b) ? (a c) ? a (bc)
• if a divides b and c, it divides their sum
• Proof a b ? ?x?Z bxa , a c ? ?y?Z cya,
  bcxaya(xy)a
• a b ? ?c ( a bc )
• if a divides b, then it divides all multiples of
  b
• Proof
• a b ? b c ? a c
• if a divides b and b divides c, then a divides c
• Proof
• (a b) ? (a c) ? ?m?Z ?n?Z (a (mbnc))
• if a divides b and c, it divides their linear
  combinations with integer coef

6
When is p a prime?

• When
• p is an integer gt 1 and
• p and 1 are its only factors
• Examples 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31,
  37, 41, 43, 47
• An integer greater than 1 that is not prime is
  called composite

7
Fundamental theorem of arithmetic?

• Every integer greater than 1 can be written
  uniquely as a product of one or more primes
  (divisors) of non-decreasing size
• Example 100 2?2?5?5

8
Bound a prime divisor of a composite n

• n composite ? n has a prime divisor not exceeding
  vn
• Proof
• If n is composite, it can be written nab, with
  1lta and 1ltb
• If both a and b were gt vn we would have a
  contradiction
• Assume wlog that a vn
• If a is prime, we are done
• If not, it has a prime divisor lta (Fundamental
  theorem of Arithmetic)

9
How to check whether n is prime?

• n is prime ? ?prime p (p vn) ? (p ! n)
• Translate this into an algorithm

10
How to find the prime factorization of n?

• factors emptyList
• mn
• For all primes p from 2 to vn do
• if (pm) emptyList.add(p) mm/p
• Is this algorithm correct?
• If not, fix it!

11
Prove that there are infinitely many primes

• Euclids proof by contradiction
• Assume that the only primes are p1, p2pn
• Let Q p1p2pn1
• If Q is prime, we have a contradiction
• Otherwise, Q can be written as the product of 2
  or more primes.
• This is impossible, since if one of the primes pi
  divided Q it would also divide Q p1p2pn1

12
What is the division algorithm?

• Let a be an integer and d be a positive integer
• There are unique integers q and r with 0rltd such
  that adqr
• d is the divisor
• a is the dividend
• q is the quotient, can be written q a div d
• r is the remainder, can be written r a mod d
• What is 11 div 3 ?
• What is 11 mod 3 ?

13
Greatest common divisor of a and b?

• Assume that a and b are integers and at least one
  of them is not zero.
• Their greatest common divisor, gcd(a,b), is the
  largest integer d such that da and db
• What is gcd(24,36)?
• 2 (12,18)
• 2?2 (6,9)
• 2?2?3 (2,3)

14
When are two integers relatively prime?

• When their GCD is 1
• Find the smallest integer larger than 1 that is
  relatively prime with 9.

15
The least common multiple of a and b?

• Assume a and b are positive integers
• Their least common multiple lcm(a,b) is the
  smallest integer that is divisible by both.

16
What is gcd(a,b) ? lcm(a,b) ?

• gcd(a,b) ? lcm(a,b) ab
• What is the essence of a proof?

17
When are a and b congruent modulo m?

• Assume a, b, m are integers and m is positive.
• a is congruent to b modulo m if m divides ab
• Notation a?b (mod m)
• Theorem a?b (mod m) ? (a mod m) (b mod m)
• Theorem a?b (mod m) ? ?k?Z a bkm
• Theorem a?b (mod m) and c?d (mod m) ?
• ac?bd (mod m) and ac?bd (mod m)

18
What is a hashing function?

• Maps an integer k to a positive integer h(k) less
  than m
• To speed up search of people in a table (memory)
  of m entries.
• We want to hash each person to a memory location
  h(k) where k is the SS number.
• If we have more than one person hashed to the
  same location, we have a collision.
• Assign the next free location or use a pointer to
  a list of all people hashed there
• Most common hashing h(k)k mod m

19
How to generate pseudorandom numbers?

• Chose 4 integers
• m modulo
• a multiple with 2altm
• c increment with 0cltm
• x0 seed with 0 x0ltm
• Then iterate xn1(axnc) mod m
• How do you get random numbers between 0 and 1?

20
What was Caesars cipher?

• An important application of congruence is
  cryptology
• Caesars shift cipher
• Map letters of the alphabet to consecutive
  integers 0, 1, 2
• Perform a circular shift by 3
• A?D, C?E,Z?C
• How would you encode it using congruence?
• How would you decode it using congruence?
• How many variables need to be guessed to break
  the code?
• How could you break it?
• Increase security to require 3 variables.

21
How to represent integer n in base b?

• Assume b is an integer gt1
• There is a unique way of writing n as
• nakxkak1xk1a1xa0
• where
• k is a non-negative integer,
• ak, ak1, a1 , a0 are non-negative integers
  less than b,
• ak?0
• b is the base of the expansion of n

22
What is the binary expansion of n?

• Bit string akak1 a1a0 of the expansion of n in
  base 2

23
How to expand n in base b?

• Let mn
• Let Eempty string
• Repeat
• E (m mod b)E pre-concatenation quotient to
  stings
• m m div b keep the reminder mbqr
• until (m0)
• Example What is the binary expansion of 241?
• Hexadecimal expansion base 16
• Blocks of 4 consecutive bits in base 2
• Written 0, 1, 9, A, B, C, D, E, F

24
How to add integers in base 2?

• Usual right-to-left addition with carry
  propagation
• 000, 101, 1110
• Example add use base 2 to add 89 and verify
• Binary expansion of 8 ()2
• Binary expansion of 9 ()2
• Sum in base 2 ()2
• Decimal value

25
How to program the addition?

• Let o be the carry from adding the previous bits
• We want the new carry c and sum s of adding bits
  a and b
• Provide Boolean expressions for
• s
• c

o a b c s
0 0 0 0 0
0 0 1 0 1
0 1 0 0 1
0 1 1 1 0
1 0 0 0 1
1 0 1 1 0
1 1 0 1 0
1 1 1 1 0
26
How to multiply two k-bit integers?

• aak2kak12k1a12a0
• bbk2kbk12k1b12b0
• abakb2kak1b2k1a1b2a0b
• Sum the terms ajb2j where aj1
• Obtain ajb2j by shifting b to the left j times,
  padding with a 0
• How many one bit shifts are needed ?
• Can we use Horners rule here? How?

27
What is the fast modular exponentiation?

• How to compute bn mod m?
• Important in cryptology to compute bn mod m for
  large b, n, m.
• Cant compute bn and then the remainder, because
  bn is too large
• Instead, use binary expansion
• Assume n(ak1 a1a0)2
• Successively compute pjb2j mod m as (pj1)(pj1)
  mod m
• Keep track of the sum of pj values where aj1

28
How to compute a div d and a mod d?

• q0 ra while (rd) rrd qq1
• if ((alt0) (rgt0)) rdr q(q1) q a div
  d, r a mod d

qd
r
0
d
r
0
d
a
qd
0
d
(q1)d
r
0
d
29
What is the Euclidean algorithm?

• A faster method for gcd
• Note that gcd(bqr,b)gcd(b,r)
• Proof Assume dbqr and db. Then d(bqrqb).
  Hence db and dr.
• Assume db and dr. Then d(bqr).
• Hence common divisors of bqr and b are the same
  as those of b and r.
• Euclidean algorithm gcd(a,b)
• xa yb while (y!0) rx mod y xy yr
  return(x)
• gcd(662,414)
• 6624141248
• 4142481166
• 248166182
• 1668222
• 822410 gcd(414,662)2 , the last non zero
  remainder

30
Find s and t such that gcd(a,b)satb

• gcd(252,198)18252s198t
• 18 54 (198 (252 198 1 )3 )1
• 252 198 1 54 18 54 (198 (54)3
  )1
• 198 54 3 36 18 54 (36)1
• 54 36 1 18
• 36 18 2

31
Lemma

• Assume that a, b, and c are positive integers
• gcd(a,b)1 and abc then ac
• a does not divide b, but divides bc, so it must
  divide c
• Proof
• abc ? atbc (from slide 5)
• asac and actb ? a(sacctb) (from slide 5)
• gcd(a,b)1 ? satb1 ? sacctbc, multiply by c

32
Prime factorization

• (p is prime) ? (pa1a2an) then ?j paj
• The factorization of an integer into prime,
  listed in non-decreasing order is unique
• Proof By contradiction
• Assume that we have two different factorizations
  A and B).
• Remove their common primes, we still have AB.
• Then, a prime p of one (say A) must divide B
  (since AB)
• So, p must divide one of the primes of B
• But p is not a prime listed in B and hence we
  have a contradiction

33
Another property

• Let a, b, c, and m be integers. Assume mgt0.
• (ac?bc (mod m)) ? (gcd(c,m)1) ? a?b (mod m)
• When computing mod m, we can divide both terms by
  a common divisor that is relatively prime to m

34
What is the inverse modulo m?

• Let a and m be relatively prime integers and mgt1.
• ?a is the inverse of a module m if a?a ?1 (mod
  m)
• Theorem ?a exists and is unique (modulo m)
• What is the inverse of 3 modulo 7?
• gcd(3,7)1, hence, the inverse of 3 exists
  (theorem)
• 7 2 3 1
• 1 7 2 3 1
• (1 7 2 3) mod 7 1
• (2 3) mod 7 1 2 is the inverse of 3 modulo
  7
• (7 3 2 3) mod 7 1
• (5 3) mod 7 1 5 is the inverse of 3 modulo 7

35
How to solve a linear congruence?

• An equation of the form ax?b (mod m) is a linear
  congruence.
• To find all x that satisfy this equation,
• Find the inverse ?a of a modulo m
• Multiply both sides by ?a to get ?aax??ab (mod
  m)
• Since ?aa ?1 (mod m), we obtain x??ab (mod m)

36
What is the Chinese reminder theorem?

• The system of linear congruences x ? ai (mod mi)
• where the mi are pairwise relatively prime
• has a unique solution modulo m?mi
• Example. Solve x ? 2 (mod 3), x ? 3 (mod 5), x ?
  2 (mod 7)
• m357105, M1m/335, M2m/521, M3m/715.
• The inverse y1 of M1 modulo 3 is 2, since (352)
  mod 3 1.
• The inverse y2 of M2 modulo 5 is 1, since (211)
  mod 5 1.
• The inverse y3 of M3 modulo 7 is 1, since (151)
  mod 7 1.
• The solutions are x ? a1M1y1a2M2y2a3M3y3 mod M
• here x ? 233 ? 23 (mod 105)

37
How to compute with large integers

• Relatively prime integers mi larger than 1 form a
  basis
• Let m be their product
• Any positive integer a lt m can be uniquely
  represented as
• (a mod m1, a mod m2, a mod mn)
• We can use this representation for large integers
  and distribute the arithmetic operations to the
  components.
• Then, we recover the solution by solving the
  system of congruences.

38
What is Fermats little theorem?

• If p is prime and a is an integer not divisible
  by p, then
• ap1 ? 1 (mod p)
• Furthermore, for every integer a, we have
• ap ? a (mod p)
• Note that ap1 ? 1 (mod p) does not imply that p
  is prime.
• When bn1 ? 1 (mod n) and n is not prime, we say
  that it is pseudoprime to the base b
• If n does not satisfy bn1 ? 1 (mod n) then it is
  composite. We can use several bases to weed out
  composites when looking from primes.

39
What is the RSA encryption?

• I have a publicly known encryption key.
• You can use it to send me an encrypted message,
  but cannot decrypt messages others send me.
• I keep the decryption key secret!
• In 1976 Rivest, Shamir, Adleman introduced the
  RSA system based on the product of two large
  primes
• Given two encryption keys modulus npq (where p
  anq q are large primes) and exponent e relatively
  prime to (p1)(q1),
• you encode an integer M (representing several
  characters) as
• CMe mod n (use fast modular exponentiation p
  176)
• I have p, q and d, the inverse of e modulo
  (p1)(q1). I decode your message as MCd mod pq
• To compute d, you would need to factor n. Too
  slow.

40
Assigned Homework

• Next quiz will cover 2.22.7 (two lectures)
• Caesars cipher and its variations
• Exercises 13, 17, 37b page 167
• Exercises 40 page 168
• Exercises 1a, 3a page 179
• Exercises 27, 31 page 180
• Exercises 7, 15, 19, 37 page 194-195

41
Assigned Project

• P3 Constructive Solid Geometry in 2D
• Due Feb 14 before class through your PPP