Math 5248 Lec 2 Homework 5 Due 4/30/13 REVISED DUE DATE 5/2/13 Ten questions, ten points each. 100 points total. Chapter 17: Let n = 1105= 5•13•17. 1. How many numbers b are there in the range 1<b<n such that gcd(b,n) =1. ANS: There are φ(1105)=φ(5)φ(13)φ(17)=4•12•16. 2. Use the CRT to count how many solutions there are to bn-1 ≡ 1 mod n, with gcd(b,n)=1. ANS: BY CRT, #sol’s mod n =(#sol’s mod 5) (#sol’s mod 13)(#sol’s mod 17). Let’s do 17 in detail. Let b be in the range 1<b<16. Then b1104 mod 17 = (b69)16 mod 17 = 1, by Fermat’s Theorem. So there are 16 solutions mod 17. The important point is that (17-1) divides (1105-1). Similarly, since (13-1) divides (1105-1) and (5-1) divides (1105-1), there are 12 solutions mod 13 and 4 solutions mod 5. So the number of solutions mod n is 4•12•16. 3. Find an integer b such that the Fermat test shows n is definitely composite (that is, find b relatively prime to n with bn-1 not congruent to 1 mod n), OR show that no such b exists. ANS: No such b exists, because the numbers in question 1 equals the number in question 2. 4. Using the procedure on page 230, (and not by guessing or brute force) find a b such that the Euler test shows n is definitely composite. ANS: We need to pick one of the primes and pull it out from 1105. Any of the three will work, and I will use p=5, m = 13•17. First we find a b0 which is a non-square mod 5. Let’s use 2. (You could also use 3, but not 1 or 4). Then we find a number b so that b%5=2 and b%221=1. We need to write 1 as a combination of 5 and 221. In general we would use the Euclidean algorithm, but here it is clear that 221-(44)(5) =221-220 = 1. Then for b we can pick (2)(221)-(1)(220)= 222. 222 1 1 Let’s check: 222552%1105=1. On the other hand, (1105 ) = (222 )(222 )(222 ) = (25)(13 )(17 ) = −1 5 13 17 The last three upper numbers, 2 and 1 and 1, should not be surprising; that’s how we picked b = 222. 5. In Z/21x, find the set L of all the false witnesses to the primality of 21. Then verify that L is a subgroup of Z/21x. ANS: The only numbers b in Z/21x with b10≡1 mod 21 are 1, 8, 13, and 20. But 810 %21=1, 8 while (21 ) = (83)(87) = (23)(17) = (−1)(+1) = −1, so 8 is not a false witness. For 13, we can do a similar calculation, or if we want to avoid as much calculation as possible, 8 1310≡(-8)10≡810 =1while (13 ) = (−8 ) = (−1 )( 8 ) = (21 ) = −1, so 13 is not a false witness. 21 21 21 21 Hence the set L of false witnesses is {1,20}, or {1,-1} We need to show that L is a subgroup if Z/21x. First, the identity, 1, is in L. Second, the inverse of 1 is 1 and the inverse of -1 is -1, so inverses are in L. Finally if g is ±1 and h is ±1, then gh is ±1, so all conditions for being a subgroup are satisfied. Chapter 16: 6. Find the 1000th point of the LCG given by sn+1 = (3sn + 15)%31 with s0 = 7. ANS: The period of the LCG equals the order of 3 in Z/31x, What is the order of 3 in Z/31x? The order is 30; indeed, 3 is a primitive root. So sn=sm where n≡m mod 30. Therefore s1000 = s10=14. Clever observation: Whatever the order of 3 may be, the order must be a divisor of 30, and that’s enough to show sn=sm where n≡m mod 30. 7. Find the fixed point of the LCG given by sn+1 = (53sn + 8)%113. ANS. The bad seed is – (𝑎 − 1)−1 𝑏 = −52−1 8 = −(50)(8) = −400 = 52 We can check that if sn = 52, then sn+1=(53)(52)+8≡52 mod 113. 8 Find the period of the length-eight (mod 2) LFSR with coefficients (c0, c1, …, c7) = (0, 1, 0, 1, 0, 1, 0, 1) and initial state (s0, s1, …, s7) = (0, 0, 0, 0, 1, 0, 0, 1) That is, determine the size of the loop of states that will repeat. ANS, In the best (worst?) case, the period could be 28-1=255. But let’s just calculate: ↔ ↔ … 00001001110000100111 and we see that the size of the loop is 10. 9. Find the 5th pseudorandom bit generated by the BBS pRNG with modulus n = (43)(11) and 0th state/seed s0 = 7. 10. Find the period length of the BBS pRNG with modulus n = (43)(11) and seed so = 7. What is the loop of pseudorandom bits? ANS to #9 and #10: The sequence sn is 7, ⏞ 49, 36, 350, 466 , ⏞ 49, 36, 350, 466…. and bn is: : 1, ⏞ 1, 0, 0, 0 , ⏞ 1, 0, 0, 0. So the 5th bit is 1 and the loop is 1,0,0,0, of length 4. In a more difficult problem, we might want to use the fact that n = pq; here it was easy to calculate directly. But you might want to check that the loop mod 11 has length 4 and the loop mod 43 has length 2, so the loop mod (43)(11) has length LCM(4,2)=4.