V_HW#5answers

advertisement
Math 5248 Lec 2 Homework 5 Due 4/30/13 REVISED DUE DATE 5/2/13
Ten questions, ten points each. 100 points total.
Chapter 17: Let n = 1105= 5•13•17.
1. How many numbers b are there in the range 1<b<n such that gcd(b,n) =1.
ANS: There are φ(1105)=φ(5)φ(13)φ(17)=4•12•16.
2. Use the CRT to count how many solutions there are to bn-1 ≡ 1 mod n, with gcd(b,n)=1.
ANS: BY CRT, #sol’s mod n =(#sol’s mod 5) (#sol’s mod 13)(#sol’s mod 17). Let’s do 17 in
detail. Let b be in the range 1<b<16. Then b1104 mod 17 = (b69)16 mod 17 = 1, by Fermat’s
Theorem. So there are 16 solutions mod 17. The important point is that (17-1) divides (1105-1).
Similarly, since (13-1) divides (1105-1) and (5-1) divides (1105-1), there are 12 solutions mod
13 and 4 solutions mod 5. So the number of solutions mod n is 4•12•16.
3. Find an integer b such that the Fermat test shows n is definitely composite (that is, find b
relatively prime to n with bn-1 not congruent to 1 mod n), OR show that no such b exists.
ANS: No such b exists, because the numbers in question 1 equals the number in question 2.
4. Using the procedure on page 230, (and not by guessing or brute force) find a b such that the
Euler test shows n is definitely composite.
ANS: We need to pick one of the primes and pull it out from 1105. Any of the three will work,
and I will use p=5, m = 13•17. First we find a b0 which is a non-square mod 5. Let’s use 2.
(You could also use 3, but not 1 or 4). Then we find a number b so that b%5=2 and b%221=1.
We need to write 1 as a combination of 5 and 221. In general we would use the Euclidean
algorithm, but here it is clear that
221-(44)(5) =221-220 = 1. Then for b we can pick (2)(221)-(1)(220)= 222.
222
1
1
Let’s check: 222552%1105=1. On the other hand, (1105
) = (222
)(222
)(222
) = (25)(13
)(17
) = −1
5
13
17
The last three upper numbers, 2 and 1 and 1, should not be surprising; that’s how we picked b =
222.
5. In Z/21x, find the set L of all the false witnesses to the primality of 21. Then verify that L is a
subgroup of Z/21x.
ANS: The only numbers b in Z/21x with b10≡1 mod 21 are 1, 8, 13, and 20. But 810 %21=1,
8
while (21
) = (83)(87) = (23)(17) = (−1)(+1) = −1, so 8 is not a false witness. For 13, we can do
a similar calculation, or if we want to avoid as much calculation as possible,
8
1310≡(-8)10≡810 =1while (13
) = (−8
) = (−1
)( 8 ) = (21
) = −1, so 13 is not a false witness.
21
21
21 21
Hence the set L of false witnesses is {1,20}, or {1,-1}
We need to show that L is a subgroup if Z/21x. First, the identity, 1, is in L. Second, the inverse
of 1 is 1 and the inverse of -1 is -1, so inverses are in L. Finally if g is ±1 and h is ±1, then gh is
±1, so all conditions for being a subgroup are satisfied.
Chapter 16:
6. Find the 1000th point of the LCG given by sn+1 = (3sn + 15)%31 with s0 = 7.
ANS: The period of the LCG equals the order of 3 in Z/31x, What is the order of 3 in Z/31x?
The order is 30; indeed, 3 is a primitive root. So sn=sm where n≡m mod 30. Therefore s1000 =
s10=14. Clever observation: Whatever the order of 3 may be, the order must be a divisor of 30,
and that’s enough to show sn=sm where n≡m mod 30.
7. Find the fixed point of the LCG given by sn+1 = (53sn + 8)%113.
ANS. The bad seed is – (𝑎 − 1)−1 𝑏 = −52−1 8 = −(50)(8) = −400 = 52
We can check that if sn = 52, then sn+1=(53)(52)+8≡52 mod 113.
8 Find the period of the length-eight (mod 2) LFSR with coefficients
(c0, c1, …, c7) = (0, 1, 0, 1, 0, 1, 0, 1)
and initial state
(s0, s1, …, s7) = (0, 0, 0, 0, 1, 0, 0, 1)
That is, determine the size of the loop of states that will repeat.
ANS, In the best (worst?) case, the period could be 28-1=255. But let’s just calculate:
↔
↔
…
00001001110000100111
and we see that the size of the loop is 10.
9. Find the 5th pseudorandom bit generated by the BBS pRNG with modulus n = (43)(11) and
0th state/seed s0 = 7.
10. Find the period length of the BBS pRNG with modulus n = (43)(11) and seed so = 7. What is
the loop of pseudorandom bits?
ANS to #9 and #10: The sequence sn is 7, ⏞
49, 36, 350, 466 , ⏞
49, 36, 350, 466…. and
bn is: : 1, ⏞
1, 0, 0, 0 , ⏞
1, 0, 0, 0. So the 5th bit is 1 and the loop is 1,0,0,0, of length 4.
In a more difficult problem, we might want to use the fact that n = pq; here it was easy to
calculate directly. But you might want to check that the loop mod 11 has length 4 and the loop
mod 43 has length 2, so the loop mod (43)(11) has length LCM(4,2)=4.
Download