Kryptologi Opgave 5. Indledning. Øvelse 6.1. Øvelse Litteratur. Rune Højsgaard

Transcription

1 Kryptologi Opgave 5 Rune Højsgaard 6. marts 2007 Indledning Dette er besvarelsen af øvelsesopgave 5 på kurset Kryptologi 2007, Københavns Universitet. Opgaven består i at implementere og anvende to algoritmer fra [Sti95]. Disse er implementeret i C# og kan ndes i bilag A, En elektronisk udgave af dette dokument kan hentes fra http: //rune.hojsgaard.dk/datalogi/files/krypto07-opg5.pdf. Øvelse 6.1 Min implementation af Shanks algoritmen fra [Sti95, p. 237] ndes i bilag A linie 230. Ved hjælp af denne beregnes først log i Z : Shanks (24691, 106, 12375) = Hvilket bekræftes ved at tjekke at Så beregnes log i Z : (mod 24691) Shanks (458009, 6, ) = Hvilket bekræftes ved at tjekke at (mod ) Øvelse 6.5 Min implementation af Pohlig-Hellman algoritmen fra [Sti95, p. 243] ndes i bilag A linie 276. Ved hjælp af denne og metoden Exercise65 (linie 301) beregnes først log i Z : E x e r c i s e 6 5 (28703, 5, 8563) = 3909 Så beregnes log i Z : E x e r c i s e 6 5 (31153, 10, 12611) = Litteratur [Sti95] Douglas R. Stinson. Cryptography - Theory and Practice. CRC Press Inc,

2 A Kildekode 1 u s i n g System ; 2 u s i n g System. C o l l e c t i o n s. G e n e r i c ; 3 u s i n g System. Text ; 4 using xprocs.common. Converter ; // http ://www. codeproject.com/csharp/numberconvert. asp 5 6 namespace Kryptolog { 8 c l a s s Opgave5 9 { 10 /// <summary> 11 /// Calculates modulo. Built in won ' t do 12 /// </summary> 13 s t a t i c int mod( int b, int m) 14 { 15 return ( b % m < 0? (m + ( b % m) ) : b % m) ; 16 } /// <summary> 19 /// Calculates modulo. Built in won ' t do 20 /// </summary> 21 s t a t i c long mod( long b, long m) 22 { 23 return ( b % m < 0? (m + ( b % m) ) : b % m) ; 24 } /// <summary> 27 /// Creates an int array of the dim f i r s t primes 28 /// Based on h t t p ://www. o s i x. net /modules/ a r t i c l e /? id= /// </summary> 30 /// <param name="dim">number of primes</param> 31 /// <returns></returns> 32 p u b l i c s t a t i c int [ ] GeneratePrimes ( int dim ) 33 { 34 i f ( dim <= 0 ) 35 throw new ArgumentOutOfRangeException ( "Dim must be > 0" ) ; 36 else i f ( dim == 1 ) 37 return new int [ ] { 2 } ; 38 e l s e 39 { 40 int [ ] p = new int [ dim ] ; 41 int root ; 42 p [ 0 ] = 2 ; 43 p [ 1 ] = 3 ; 44 int k = 6 ; 45 int n ; 46 int n e e d l e = 1; 47 int index = 2 ; 48 bool prime = true ; 49 while ( i n d e x < dim ) 50 { 51 n = k + needle ; 52 r o o t = ( int ) System. Math. S q r t ( n ) + 1 ; 53 f o r ( int j = 0 ; j < index && p [ j ] <= root ; j++) 54 { 55 i f ( n % p [ j ] == 0 ) 56 { 57 // not prime 58 prime = f a l s e ; 59 break ; 60 } 61 } 62 i f ( prime ) 63 p [ i n d e x ++] = n ; // prime number 64 e l s e 65 prime = true ; 66 k = ( needle == 1? k + 6 : k ) ; 67 n e e d l e = 1; 68 } 69 return p ; 70 } 71 } /// <summary> 74 /// Array with the f i r s t 100 primes used by Factorize 75 /// </summary> 76 static int [ ] p = GeneratePrimes ( ) ; s t a t i c int prime = 0 ; 79 s t a t i c int power = 1 ; /// <summary> 82 /// Factorize an integer to i t s primes 83 /// Based on h t t p ://www. o s i x. net /modules/ a r t i c l e /? id= /// NOTE: Dependant on the int [ ] p containing the f i r s t p. Length primes 85 /// </summary> 86 /// <param name="n"></param> 87 /// <returns>i n t [ prime ] [ ] primes, i n t [ power ] [ ] powers</returns> 2

3 88 p u b l i c static int [ ] [ ] F a c t o r i z e ( int n ) 89 { 90 int [ ] Fact = new int [ ] ; Fact. I n i t i a l i z e ( ) ; 91 int [ ] Exp = new int [ ] ; Exp. I n i t i a l i z e ( ) ; 92 int count = 0 ; 93 i f ( n < 2 ) throw new ArgumentOutOfRangeException ( "n must be a p o s i t i v e number > 1 " ) ; 94 t r y 95 { 96 long r o o t = ( long ) System. Math. S q r t ( n ) + 1L ; 97 f o r ( int i = 0 ; p [ i ] <= r o o t ; i ++) 98 { 99 i f ( n % p [ i ] == 0 ) 100 { 101 n /= p [ i ] ; 102 Fact [ count ] = p [ i ] ; 103 Exp [ count ] = 1 ; 104 while ( n % p [ i ] == 0 ) 105 { 106 n /= p [ i ] ; 107 Exp [ count ]++; 108 } 109 count++; 110 r o o t = ( long ) System. Math. S q r t ( n ) + 1 ; 111 } 112 } 113 i f ( n!= 1 ) 114 { 115 Fact [ count ] = n ; 116 Exp [ count++] = 1 ; 117 } 118 } 119 c a t c h 120 { 121 throw new ArgumentOutOfRangeException ( "P not long enough to f a c t o r i z e " + n ) ; 122 } 123 int [ ] [ ] rv = new int [ 2 ] [ ] ; 124 int [ ] rvfact = new int [ count ] ; 125 int [ ] rvexp = new int [ count ] ; 126 f o r ( int i = 0 ; i < count ; i ++) 127 { 128 rvfact [ i ] = Fact [ i ] ; 129 rvexp [ i ] = Exp [ i ] ; 130 } 131 rv [ 0 ] = rvfact ; 132 rv [ 1 ] = rvexp ; 133 return rv ; 134 } /// <summary> 137 /// Used when c a l l i n g squareandmultiply 138 /// </summary> 139 /// <param name="i">number to convert </param> 140 /// <returns>binary r e p r e s e n t a t i o n of i </returns> 141 static int [ ] B i n a r y R e p r e s e n t a t i o n ( int i ) 142 { 143 Po s it i on a ln o ta t i on C on v er t e r p = new Po s it i on a ln o t at i on C on v e rt e r ( 2 ) ; 144 char [ ] c s = p. T o S t r i n g ( i ). ToCharArray ( ) ; 145 int [ ] bs = new int [ c s. Length ] ; 146 f o r ( int j = 0 ; j < cs. Length ; j++) 147 bs [ c s. Length j 1 ] = c s [ j ] ' 0 ' ; 148 return bs ; 149 } /// <summary> 152 /// Implementation of algorithm 5.3 " Multiplicative Inverse (a, b ) ", Stinson p /// </summary> 154 /// <remarks>may throw Exception ' b + " has no i n v e r s e modulo " + a'</remarks> 155 /// <param name="a"></param> 156 /// <param name="b"></param> 157 /// <returns>m u l t i p l i c a t i v e i n v e r s of a and b</returns> 158 s t a t i c int M u l t i p l i c a t i v e I n v e r s e ( int a, int b ) 159 { 160 int a0 = a ; 161 int b0 = b ; 162 int t0 = 0 ; 163 int t = 1 ; 164 int q = ( int ) Math. F l o o r ( ( double ) a0 / ( double ) b0 ) ; 165 int r = a0 q b0 ; 166 while ( r > 0 ) 167 { 168 int temp = mod ( ( ( int ) t 0 q t ), a ) ; 169 t 0 = t ; 170 t = temp ; 171 a0 = b0 ; 172 b0 = r ; 173 q = ( int ) Math. F l o o r ( ( double ) a0 / ( double ) b0 ) ; 174 r = a0 q b0 ; 175 } 176 i f ( b0!= 1 ) 177 throw new E x c e p t i o n ( b + " has no i n v e r s e modulo " + a ) ; 3

4 178 e l s e 179 return t ; 180 } /// <summary> 183 /// Implementation of algorithm 5.5 "Square and multiply (x, c, n) ", Stinson p /// </summary> 185 /// <param name="x"></param> 186 /// <param name="c">exponent, positive integer in binary representation </param> 187 /// <param name="n">modulo</param> 188 /// <returns>z = x^c mod n</returns> 189 s t a t i c long SquareAndMultiply ( int x, int [ ] c, int n ) 190 { 191 long z = 1 ; 192 f o r ( int i = c. Length 1 ; i >= 0 ; i ) 193 { 194 z = mod ( ( z z ), n ) ; 195 i f ( c [ i ] == 1 ) 196 z = mod ( ( z x ), n ) ; 197 } 198 return z ; 199 } /// <summary> 202 /// Implementation of \rho (a_1,..., a_n), Stinson p /// </summary> 204 /// <param name="a">(a_1,..., a_n)</param> 205 /// <param name="m">(m_1,...,m_n)</param> 206 /// <returns></returns> 207 s t a t i c int Rho ( int [ ] a, int [ ] m) 208 { 209 int sum = 0 ; 210 int M = 1 ; 211 f o r ( int i = 0 ; i < m. Length ; i++) 212 M = m[ i ] ; 213 f o r ( int i = 0 ; i < a. Length ; i++) 214 { 215 int Mi = M / m[ i ] ; 216 int y i = mod( M u l t i p l i c a t i v e I n v e r s e (m[ i ], Mi ), m[ i ] ) ; 217 sum += mod ( ( a [ i ] Mi y i ), M) ; 218 } 219 return sum ; 220 } // Stinson p /// <summary> 224 /// Implementation of algorithm 6.1 "Shanks (n, \alpha, \ beta ) ", Stinson p /// Input values are note checked! 226 /// </summary> 227 /// <param name="p">prime</param> 228 /// <param name="a">(\alpha ) primitive element modulo p</param> 229 /// <param name="b">log_a ( b ) in Z_p</param> 230 public s t a t i c int Shanks ( int p, int a, int b ) 231 { 232 int m = ( int ) Math. C e i l i n g ( Math. S q r t ( p 1 ) ) ; 233 SortedList <int, int> L1 = new SortedList <int, int >() ; 234 SortedList <int, int> L2 = new SortedList <int, int >() ; 235 int am = ( int ) SquareAndMultiply ( a, BinaryRepresentation (m), p ) ; 236 f o r ( int j = 0 ; j < m; j ++) 237 { 238 int l 1 v a l = ( int ) SquareAndMultiply (am, BinaryRepresentation ( j ), p ) ; 239 L1. Add( l 1 v a l, j ) ; 240 } 241 int a1 = ( int ) M u l t i p l i c a t i v e I n v e r s e ( p, a ) ; 242 f o r ( int i = 0 ; i < m; i ++) 243 { 244 int l 2 v a l = ( int )mod ( ( b SquareAndMultiply ( a1, B i n a r y R e p r e s e n t a t i o n ( i ), p ) ), p ) ; 245 L2. Add( l 2 v a l, i ) ; 246 } 247 int l 1 = 0, l 0 = 0 ; 248 b o o l match = f a l s e ; 249 f o r e a c h ( int k i n L1. Keys ) 250 { 251 i f ( L2. ContainsKey ( k ) ) 252 { 253 l 1 = L1 [ k ] ; 254 l 0 = L2 [ k ] ; 255 match = true ; 256 break ; 257 } 258 } 259 i f (! match ) 260 { 261 throw new E x c e p t i o n ( "No match... " ) ; 262 } 263 return mod ( (m l 1 + l 0 ), ( p 1 ) ) ; 264 } /// <summary> 4

5 267 /// Implementation of algorithm 6.3 "Pohlig Hellman (G, n, \alpha, \eta, q, c ) ", Stinson p /// </summary> 269 /// <param name="g">m u l t i p l i c a t i v e group</param> 270 /// <param name="n">order</param> 271 /// <param name="a">(\alpha ) element of order n in m u l t i p l i c a t i v e group G</param> 272 /// <param name="b">integer </param> 273 /// <param name="q">prime</param> 274 /// <param name="c">exponent</param> 275 /// <returns></returns> 276 s t a t i c int [ ] PohligHellman ( int G, int a, int b, int q, int c ) 277 { 278 int j = 0 ; 279 int [ ] b j = new int [ c + 1 ] ; 280 b j [ j ] = b ; 281 int d ; 282 int [ ] ac = new int [ c ] ; 283 int a1 = M u l t i p l i c a t i v e I n v e r s e (G, a ) ; 284 while ( j < c ) 285 { 286 int i = 0 ; 287 d = ( int )mod( SquareAndMultiply ( bj [ j ], BinaryRepresentation ( (G 1) / ( int ) Math. Pow( q, j + 1 ) ), G), G) ; 288 while ( d!= SquareAndMultiply ( a, BinaryRepresentation ( i (G 1) / q ), G) ) 289 i ++; 290 ac [ j ] = i ; 291 b j [ j + 1 ] = ( int )mod ( ( b j [ j ] SquareAndMultiply ( a1, 292 B i n a r y R e p r e s e n t a t i o n (ac [ j ] ( ( int ) Math. Pow( q, j ) ) ), G) ), G) ; 293 j ++; 294 } 295 return ac ; 296 } /// <summary> 299 /// C a l c ulations of Exercise 6.5, Stinson p /// </summary> 301 public s t a t i c int Exercise65 ( int p, int a, int b ) 302 { 303 int [ ] [ ] f a c t o r s = F a c t o r i z e ( p 1 ) ; 304 int [ ] pa = new int [ f a c t o r s [ prime ]. Length ] ; 305 int [ ] pm = new int [ f a c t o r s [ prime ]. Length ] ; 306 f o r ( int i = 0 ; i < f a c t o r s [ prime ]. Length ; i ++) 307 { 308 int [ ] ic = PohligHellman ( p, a, b, f a c t o r s [ prime ] [ i ], f a c t o r s [ power ] [ i ] ) ; 309 int sum = 0 ; 310 f o r ( int j = 0 ; j < ic. Length ; j++) 311 sum += ic [ j ] ( int ) Math. Pow( f a c t o r s [ prime ] [ i ], j ) ; 312 pa [ i ] = sum ; 313 pm[ i ] = ( int ) Math. Pow( f a c t o r s [ prime ] [ i ], f a c t o r s [ power ] [ i ] ) ; 314 } 315 int c a l c u l a t e d M o d = 1 ; 316 f o r e a c h ( int m i n pm) 317 c a l c u l a t e d M o d = m; 318 int rhoval = mod(rho (pa, pm), p 1) ; 319 return rhoval ; 320 } s t a t i c void Main ( s t r i n g [ ] a r g s ) 324 { 325 // Exercise 6.1 a 326 C onsole. WriteLine ( " E x e r c i s e 6. 1 a : " ) ; 327 Console. WriteLine ( " Shanks (24691, 106, 12375) = " + Shanks (24691, 106, 12375) + "\ r \n" ) ; // Exercise 6.1 b 330 C onsole. WriteLine ( " E x e r c i s e 6. 1 b : " ) ; 331 Console. WriteLine ( " Shanks (458009, 6, ) = " + Shanks (458009, 6, ) + "\ r \n" ) ; // Exercise 6.5 a 334 C onsole. WriteLine ( " E x e r c i s e 6. 5 a : " ) ; 335 Console. WriteLine ( " Exercise65 (28703, 5, 8563) = " + Exercise65 (28703, 5, 8563) + "\ r \n" ) ; // Exercise 6.5 b 338 C onsole. WriteLine ( " E x e r c i s e 6. 5 b : " ) ; 339 Console. WriteLine ( " Exercise65 (31153, 10, 12611) = " + Exercise65 (31153, 10, 12611) ) ; 340 C onsole. Read ( ) ; 341 } 342 } 343 } 5