nxn determinant and Hill cypher

advertisement
ENGG2013 Unit 10
n  n determinant and
an application to cryptography
Feb, 2011.
Yesterday – A formula
for matrix inverse using cofactors
cofactors
Usually called the adjoint of A
Suppose that det A is nonzero.
Three steps in computing above formula
1. for i,j = 1,2,3, replace each aij by cofactor Cij
2. Take the transpose of the resulting matrix.
3. divide by the determinant of A.
kshum
ENGG2013
2
Outline
•
•
•
•
nxn determinant
Caesar Cipher
Modulo arithmetic
Hill Cipher
kshum
ENGG2013
3
DETERMINANT IN GENERAL
kshum
ENGG2013
4
A pattern
• Arrange the products so that the first
subscripts are in ascending order.
• All possible orderings of the second subscripts
appear once and only once.
kshum
ENGG2013
5
Transposition
• A transposition is an exchange of two objects
in a list of objects.
Examples:
ABCD
21453
ACBD
12453
“Transposition” is another
mathematical term, and is
not the same as matrix tranpose.
kshum
ENGG2013
6
Another pattern
• The sign of each term is closely related to the
number of transpositions required to obtain
the second subscripts, starting from (1,2) for
the 2x2 case or (1,2,3) for the 3x3 case.
kshum
ENGG2013
7
The sign
• Let p(1), p(2), …, p(n) be an order of 1,2,…,n.
– For example p(1)=3, p(2) = 2, p(3)=1 is an ordering
of 1, 2, 3.
• Starting from (1,2,…,n), if we need an odd no.
of transpositions to get ( p(1), p(2), …, p(n) ),
we define the sign of (p(1), p(2),…,p(n)) be –1.
• Otherwise, if we need an even no. of
transpositions to get ( p(1), p(2), …, p(n) ), we
define the sign of (p(1), p(2),…,p(n)) be +1.
kshum
ENGG2013
8
Definition of nn determinant
1
• The summation is over all n! possible
orderings p = ( p(1), p(2), …, p(n) ) of 1,2,…,n.
– There are n! terms.
• sgn(p) is either +1 or –1, usually called the
signature or signum of p.
http://en.wikipedia.org/wiki/Determinant
kshum
ENGG2013
9
Properties of determinant
• Determinant of nn identity matrix equals 1.
• Exchange two rows (or columns)  multiply
determinant by –1.
• Multiply a row (or a column) by a constant k
 multiply the determinant by k.
• Add a constant multiple of a row (column) to
another row (column)  no change
• Additive property as in the 33 and 22 case.
kshum
ENGG2013
10
Cofactor and the adjoint formula
for matrix inverse
• Cofactors are defined in a similar way as in the 3x3 case.
– The cofactor of the (i,j)-entry of a matrix A, denoted by Cij, is
defined as (–1)i+j Aij, where A is the determinant of the submatrix obtained by removing the i-th row and the j-th column.
• We have similar expansion along a row or a column (also
called the Laplace expansion) as in the 3x3 case.
• The adjoint formula:
transpose
A
adjoint of A
nxn identity
The formula in this form holds when det A = 0 also
kshum
ENGG2013
11
CAESAR CIPHER
kshum
ENGG2013
12
Caesar and his army
ATTACK
Soldier carrying the
message “ATTACK”
Message may be intercepted
by enemy
kshum
ENGG2013
13
Caesar cipher
http://en.wikipedia.org/wiki/Caesar_cipher
ATTACK
Soldier carrying the
encrypted message
“DWWDFN”
The encrypted message
looks random and meaningless
kshum
ENGG2013
14
Private key encryption
Key
Plain text
Plain text
The value of “key” is kept
secret
Encryption
function
Decryption
function
Ciphertext
Ciphertext
key
kshum
ENGG2013
15
Mathematical description
Caesar cipher is not secure
enough, because the number
of keys is too small.
Key =3
ATTACK
Shift to the right
by 3
ATTACK
Shift to the left
by 3
DWWDFN
DWWDFN
Key = 3
kshum
ENGG2013
16
MODULO ARITHMETIC
kshum
ENGG2013
17
Mod 12
• Clock arithmetic
6+8= 2 mod 12
12
1
11
10
5+12 = 5 mod 12
2
9
3
4
8
7
kshum
6
ENGG2013
5
18
Mod 7
• Week arithmetic
0
Sun
1+9 = 3 mod 7
2+3 = 5 mod 7
1
2
3
4
Mon
Tue
Wed
Thr
5
Fri
6
Sat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
6
kshum
ENGG2013
19
Mod 60
http://www.hko.gov.hk/gts/time/stemsandbranchesc.htm
• 天干地支 arithmetic
1 2 3 4 5 6 7 8 9 10 11 12
甲 乙 丙 丁 戊 己 庚 辛 壬 癸 甲 乙
子 丑 寅 卯 辰 巳 午 未 申 酉 戌 亥
13 14 15 16 17 18 19 20 21 22 23 24
丙 丁 戊 己 庚 辛 壬 癸 甲 乙 丙 丁
子 丑 寅 卯 辰 巳 午 未 申 酉 戌 亥
25 26 27 28 29 30 31 32 33 34 35 36
戊 己 庚 辛 壬 癸 甲 乙 丙 丁 戊 己
子 丑 寅 卯 辰 巳 午 未 申 酉 戌 亥
Year of rabbit
37 38 39 40 41 42 43 44 45 46 47 48
庚 辛 壬 癸 甲 乙 丙 丁 戊 己 庚 辛
子 丑 寅 卯 辰 巳 午 未 申 酉 戌 亥
49 50 51 52 53 54 55 56 57 58 59 60
壬 癸 甲 乙 丙 丁 戊 己 庚 辛 壬 癸
子 丑 寅 卯 辰 巳 午 未 申 酉 戌 亥
kshum
ENGG2013
20
Mod n – formal definition
• n is a fixed positive integer
• Definition: a mod n is the remainder of a after
division by n.
– Example: 25 = 1 mod 12.
• Addition and multiplication: If the sum or
product of two integers is larger than or equal
to n, divide by n and take the remainder.
– Example: 2+10 = 0 mod 12.
– Example: 25 = 3 mod 12.
kshum
ENGG2013
21
More examples
•
•
•
•
10 mod 7 = 3
4+5 mod 7 = 2
6+7 mod 7 = 6
27 mod 7 = 0
kshum
ENGG2013
22
Mod 26
A
B
C
D
E
F
G
H
I
J
K
L
M
0
1
2
3
4
5
6
7
8
9
10
11
12
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
13
14
15
16
17
18
19
20
21
22
23
24
25
Fix a one-to-one correspondence between the English alphabets
and the integers mod 26.
Caesar’s cipher: shifting a letter to the right by 3
is the same as adding 3 in mod 26 arithmetic.
kshum
ENGG2013
23
Examples of mod 26 calculations
•
•
•
•
A
B
C
D
E
F
G
H
I
J
K
L
M
0
1
2
3
4
5
6
7
8
9
10
11
12
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
13
14
15
16
17
18
19
20
21
22
23
24
25
3+19 = ? mod 26
13+20 = ? mod 26
34 = ? Mod 26
134 = ? Mod 26
kshum
ENGG2013
24
Peculiar phenomena
in modulo arithmetic
• Non-zero times non-zero may be zero
– 49 = 0 mod 12
– 22 = 0 mod 4
• Multiplicative inverse may not exist
– Cannot find an integer x such that 4x = 1 mod 12.
4-1 does not exist mod 12.
kshum
ENGG2013
25
No fraction in modulo arithmetic
• In mod 12, don’t write 1/3 or 3-1 because it
does not exist.
• But 5-1 is well-defined mod 12, because we
can solve 5x=1 mod 12.
Indeed, we have 55 = 1 mod 12.
Therefore 5-1 = 5 mod 12.
Fact from number theory:
multiplicative inverse of x mod n exists
if and only the gcd of x and n is 1.
kshum
ENGG2013
Fraction
26
HILL CIPHER
kshum
ENGG2013
27
Hill cipher
http://en.wikipedia.org/wiki/Hill_cipher
• Invented by L. S. Hill in 1929.
• Inputs : String of English letters, A,B,…,Z.
An nn matrix K, with entries drawn from 0,1,…,25.
(The matrix K serves as the secret key. )
• Divide the input string into blocks of size n.
• Identify A=0, B=1, C=2, …, Z=25.
• Encryption: Multiply each block by K and then
reduce mod 26.
• Decryption: multiply each block by the inverse of
K, and reduce mod 26.
kshum
ENGG2013
28
Note
• The decryption must be the inverse function of
the encryption function.
– It is required that K-1 K = In mod 26.
• Provided that det(K) has a multiplicative inverse
mod 26, i.e., if det(K) and n has no common
factor, the inverse of K can be computed by the
adjoint formula for matrix inverse.
• Inverse of an integer mod 26 can be obtained by
trial and error.
kshum
ENGG2013
29
Example
• Plain text: “LOVE”, Secret Key:
• “LO” 
• “VE” 
• 2, 3, 16, 5 are transformed to cipher text
“CDQF”
A
B
C
D
E
F
G
H
I
J
K
L
M
0
1
2
3
4
5
6
7
8
9
10
11
12
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
13
14
15
16
17
18
19
20
21
22
23
24
25
kshum
ENGG2013
30
How to decode?
• Given “CDQF”, and the encryption matrix
• How do we decrypt?
– We need to compute the inverse of
• Remind that all arithmetic are mod 26. There
is no fraction and care should be taken in
computing multiplicative inverse mod 26.
kshum
ENGG2013
31
Determinant
• The determinant of
equals 20(7)-3(15),
which is 17 mod 26.
• Find the multiplicative inverse of 17 mod 26,
i.e., find integer x such that 17x = 1 mod 26.
• Just try all 26 possibilities for x:
171 = 17 mod 26
172= 8 mod 26
173 = 25 mod 26
174 = 16 mod 26
175 = 7 mod 26
176 = 24 mod 26
177 = 15 mod 26
kshum
178 = 6 mod 26
179= 23 mod 26
1710 = 14 mod 26
1711 = 5 mod 26
1712 = 22 mod 26
1713 = 13 mod 26
1714 = 4 mod 26
ENGG2013
1715 = 21 mod 26
1716= 12 mod 26
1717 = 3 mod 26
1718 = 20 mod 26
1719 = 11 mod 26
1720 = 2 mod 26
1721 = 19 mod 26
1722 = 10 mod 26
1723= 1 mod 26
1724 = 18 mod 26
1725 = 9 mod 26
170 = 0 mod 26
32
Computing the inverse mod 26
• From 1723= 1 mod 26, we know that the
multiplicative inverse of 17 mod 26 is 23.
• Using the formula for 2  2 matrix inverse
we get
kshum
Replace (17)-1 mod 26 by 23
ENGG2013
33
Decryption
• Given the ciphertext “CDQF”, we decrypt by
multiplying by
• From the table in p.23, 11, 14, 21, 4 is “LOVE”.
kshum
ENGG2013
34
Download