天才一秒记住【狂风中文网】地址:https://www.kfzw.net
AllthisservestogiveanindithatthebyBobtoAlice,memodulon,deedbecalculatedwithouttoomucheffortonbehalfofBob'sputer.Allthesame,thenumbersinvolvedareiybig,somoreexplanatiooshowthattheydled.Thelargepowersinvolvedinebedealtwithinstagesbyaproasfastexpoion.Withoutgoihemethodinvolvessuccessivesquaringandmultiplyioarriveatmemodulonwiththebinaryfuidihmthroughtoquidtherequiredremaiivelyfewsteps.
EuclidshowsAlicehowtofindherdegnumber
Aliputerddusioolthatisover2,300yearsold,theEuAlgorithm,whichwillbeexplainedi.Eve'sputercouldofethingifitjustknewwhichequationtosolve.However,sindqareprivatetoAlice,sois(p-1)(q-1)akobegin.
&otheEuAlgorithm,thisbeginsfromtheobservationthatitispossibletofionfabersa〉bbysuccessivesubtra.(Thehcfisalsoknownasthegcd–greatestondivisor.)Wejustr=a-bhasthepropertythatanyonfaytwoofthethreenumbersa,b,andrwillalsobeafactorofthethird.Forexample,ifonfactorofaandb,sothata=db=cb1say,weseethatr=a-b=ca1-cb1=c(a1-b1),givingusafactorizationofrinvolvingthedivisorparticular,thehdbisthesameasthehdr.Sihesenumbersarelessthana,wehesameproblembutappliedtoasmallernumberpair.Repetitionofthisideatheuallyleadtoapairwherethehcfisobvious.(Iwonumbersinhauallybethesame,forifnotwecouldproorestep;theirohenthenumberweseek.)
&ofindthehcfofa=558andb=396,thefirstsubtrawouldgiveusr=558-396=162,soournewpairwouldbe396and162.Since396-162=234,ourthirdpairbees234and162,aihefulllistofnumberpairsis:
(558,396)→(396,162)→(234,162)→(162,72)→(90,72)→→(72,18)→(54,18)→(36,18)→(18,18)
andsothehd396is18.
Itispossibletowritedownthehberpairfromtheprimefactorizationsofthenumbersiion.Inthisexample,558=2×32×31,while396=22×32×11;takingtheonporimeeothefactorizatiohehcfas2×32=18.heless,ferakesmuchlessworktouseEuclid’sAlgorithmasitisgeoperformsubtrasthantofiorizations.
AnotherbonusoftheEuAlgorithmisthatitisalossibletoworkitbadinsodoihehtermsinaltwooseethisinathepreviousexample,itisbesttopressthecalwhenthesamenumberappearsseveraltimesoverinthecourseofthesubtras,representingthisasasiionasfollows:
558=396+162
396=2×162+72
162=2×72+18
72=4×18.
Beginningwiththesedtolastline,weleequatioetheieremaiime.Inthisexample,byusingfirstthepeioheo>
18=162-2×72=162-2×(396-2×162)=5×162-2×396
andfinallyusiequatioethefirstieremainderof162:
=5×(558-396)--2×396=5×558-7×396=18.
Thaterformthisreverseprocedureisimportantforbothpradtheoretis.Inparticular,tofindAlice’sdegnumberd,wewantdtosatisfythethatdeleavesaremainderof1whendividedbyφ(n).(Forbrevity,weshalldehesinglesymbolk.)Weowseethereasooneandkbeingaepair,asiftheirhighestonfactoris1,wheheEuAlgorithmonthepaireandk,thefihatappearsis,ofcourse,1.Byreversihm,wewilleventuallyexpress1asabinationofeandk;inparticular,wewillfondintegersddsuchthatck+de=1,orinotherwordsde=1-ck,sothatdewillleavearemainderof1whendividedbyk.
ThisrelativelysimpleprocesswillyieldAlice’sdegheinitialvalueofdobtaiheequationmayheraokbutifnot,byaddingasuitablemultipleofk,wewilleventuallyfindtheuniquehatrahasthemagicpropertythatdeleavesaremainderof1wheheuniquenessofdiseasilyproved,butwewoofurtherexplaishowthedegnumberdiscalculatedasweshtotheexamplegivenearlierwherep=5,q=13,sothatn=pq=5×13=65.-1)(q-1)=4×12=48.Alicesetse=11,andsind48aree,thisiswithihegame.TheEuAlgorithmappliedtoφ(n)=k=48ahengives:
48=4×11+4
11=2×4+3
4=1×3+1
ingthatthehdeisindeed1.Reversihm>
1=4-3=4-(11-2×4)=3×4-11=3(48-4×11)-11
=3×48-13×11.
Thisgivesaninitialvalueofd=-13asthesolutiontotherequirementthat11dleavesremainder1upondivisionby48,setapositivevalueofdintherequiredraothisd=48-13=35.
ThereasonwhydworksforAliceisalldowntomodulararithmetidthefactthatdeleavesaremainderof1whendividedbyk=φ(es(me)d=mdemoduloheform1+krforsomeintegerr.Asexplainedbefore,mkleavesaremainderof1whehisisoftenkheorem)andsothesameistrueof(mk)r=mkr.Hencem1+kr=m×mkrleavestheremaindermwhendividedbyailedverifiofthisrequiresalittlealgebra,butthatisens.)Inthisway,AliceretrievesBob’smessage,
AndinpassingitiswelltopointoutthattheEuAlgorithmprovidesthemissinglinkinourproofoftheuniquenessofprimefactorizationasitallowsustoverifytheeupropertythatifaprimepisafactoroftheproductab,sothatab=pcsay,thenpisafactorofatleastoneofaandb.Thereasonforthisisthatifpisnotafactorofathen,sincepisprime,thehdpis1.ByreversingtheEuAlgorithmliedtothepairaahenfindintegersrandssaysuchthatra+sp=1.Thisisenoughtoshoisthenafactorofbfor,sinceab=pc,>
b=b×1=b(ra+sp)=r(ab)+psb=r(pc)+psb=p(rc+sb).
Thisistherequiredfactorizationofbthatfeaturestheprimepasafa,theheRSAengmakesthesystemsound,althoughvariousprotocolsthathavenotbeenexplaiberespeuardtheiyofthesysteThereareissuesofauthentifi(whatifEvetactsAlidingtobeBob?),ion(whatifBobpretendsthatitwasEvewhoseoAlididentityfraud(whatifAliceabusestialidentifittoherbyBobaoimpersonatehimonliherweakhesystembeexposedwheableorrepeatedmessagesproliferate.However,thesedifficultiesmaypotentiallyariseinanypublickey.Theyeandinthemaiotheunderlyieiquesthatensurehighqualityandrobusten.
ThischapterhasdemonstratedamajorappliehetheoryofdivisibilityandremaimathematicsofEudthe18th-turytributionofEulerallowsthistobeexplaionlyinbroadpriiail.
&partofourbookclosester5whiespecialclassesofintegersassociatedwiththeeiourallyroupings.
本章未完,请点击下一章继续阅读!若浏览器显示没有新章节了,请尝试点击右上角↗️或右下角↘️的菜单,退出阅读模式即可,谢谢!