Freie Universität, Berlin FB Mathematik und Informatik Dr. Valentina Di Proietto Introduction to (Mathematical) Cryptography — Proseminar/Seminar WS2015/16 — Place: SR 119/A3 Seminarraum (Arnimallee 3-5)— Time: 16:00 -18:00 Cryptography is the study of secret writings; which means of the methods to transmit a message between two people in such a way that it is impossible for a third person to read the message. In this seminar we will give an overview of the mathematical tools used in Cryptography: we will focus on elementary number theory results and we will see how they are applied to quite recent cryptosystems. The only prerequisites you need is the basic of group theory, linear algebra and basic calculus. Only few talks of this program require more advanced mathematical tools, like ring theory. Our main reference is [HPS14], but there are several other books that treat the same topics: for example [Kob87], [TW06], [Kob98], [Ven09], [GB15]. We will study the cryptographic applications of several results of elementary number theory: you can find these results in [Bur89], [ES03], [HW79], [Rib89]. 1. Valentina Di Proietto (october 15) Intoduction: Simple Classical Cryptosystems and Cryptography before the Computer Age This talk is a general introduction to the main topics we will study in the seminar with some example of classical cryptosystems. ([HPS14, 1.1, 1.6], [Kob87, III], [TW06, 2] ) 2. Valentina Di Proietto (october 22) Divisibility, Greatest Common Divisor and Modular Arithmetic Present basic propriety of the divisibility of integer numbers and the Euclidean algorithm, with special emphasis on the number of iterations one needs to compute the greatest common divisor (follow [HPS14, 1.2]). In the second part of the talk present the modular arithmetic, following [HPS14, 1.3] up to [HPS14, 1.3.1]. 3. Sebastian Wagner (october 29) Prime Numbers, Unique Factorization, and Finite Fields Start explaining [HPS14, 1.3.1, 1.3.2]. Give the definition of a prime number and prove the fundamental theorem of arithmetic (follow [HPS14, 1.4], but for a complete proof of the fundamental theorem of arithmetic follow [Bur89, theorem 3.2]). In the second part of the talk introduce the finite field Fp and prove Fermat’s little theorem. Follow [HPS14, 1.4, 1.5]. 4. Valentina Di Proietto (november 5) Formulation of a cryptosystem in abstract mathematics Present the abstract mathematical way to treat cryptosystems [HPS14, 1.7]. Maybe add something regarding difficulty of computation [HPS14, 2.6] which is useful for the next paragraph, or something on basic group theory. 5. Ralf Bastian (november 12) Discrete Logarithm Problem Explain what is the Discrete Logarithm Problem ([HPS14, section 2.2]). The Diffie-Hellman key exchange is a method of publicly sharing a secret key and Egemal cryptosystem is the first example that we see of a public key cryptosystem; explain sections 2.3, 2.4 of [HPS14]. Skip section 2.5, and 2.6 [HPS14]. If you have time explain section 2.7. 6. Fernando Santos-Castelar (november 19) Chinese Remainder Theorem and Pohlig-Hellman Algorithm The Pohlig-Hellman algorithm is based on the Discrete Logarithm Problem for a module which is composite of primes. Explain and prove the Chinese Remainder Theorem and the Pohlig-Hellman Algorithm (follow [HPS14, 2.8, 2.9], the Chinese Remainder theorem is in almost every book of elementary number theory for example [Bur89, theorem 4.8]). 7. Philipp Donner (november 26) Euler’s formula and RSA RSA is the most famous public key cryptosystem. Explain the generalization of Fermat’s little theorem given by Euler’s formula for a module which is a composite of two primes [HPS14, 3.1] and present the RSA algorithm [HPS14, 3.2, 3.3] 8. Caner Aydin (december 3) Primality testing and the distribution of primes Give at least two proofs of the fact that there exist infinitely many prime numbers. Choose two proofs from [AZ14, 1]. Then we look for algorithms to decide if an integer number is a prime, explain [HPS14, 3.4]. Prove Proposition 3.18 following [Kob87, Proposition V.1.7], the proof assumes that you know that (Z/p2 Z)∗ is a cyclic group, you do not need to prove this, just assume it; on the contrary prove lemma 1 and lemma 2 at pag 119 of [Kob87]. Note also that the notion of a Miller-Rabin witness (definition before Proposition 3.18 in [HPS14]) corresponds to the notion of a strong pseudoprime in the notation of [Kob87] (definition before proposition V.1.5 [Kob87]) 9. Lelia Hanslik (december 10) Factorization Algoritms I In this talk we analyze the problem of factorizing an integer number. Present two algorithms: Pollard’s p − 1 factorization algorithm [HPS14, 3.5] and factorization via difference of squares [HPS14, 3.6]. 10. Tim Dittmann (december 17) Factorization Algoritms II In this talk we study two other methods for factoring an integer, the quadratic sieve and the number theory sieve, explain [HPS14, 3.7], but note that to understand 3.7.3 you need to know at bit of ring theory, which is recalled in [HPS14, 2.10]. End your talk explaining [HPS14, 3.8]. 11. Fabian Junginger (january 7) Quadratic reciprocity law and Goldwasser-Mical Cryptosystem Explain 3.9 of [HPS14], and give a proof of the Quadratic Reciprocity Law (Theorem 3.62). The Quadratic Reciprocity Law is one of the theorem with the largest number of proofs, but it is not proven in [HPS14]. You can choose your favorite proof and explain it (follow for example [ES03, 2.40-2.51]). If you have time explain 3.10 of [HPS14]. 12. Patrick Adams (january 14) Digital signatures In this talk we study the problem of the digital signature: we want to find a way to verify that a digital signature is authentic. Describe the algorithms doing that: RSA digital signature, Elgamal Digital Signature and DSA, follow [HPS14, 4]. 13. Jan Hilsberg (january 21) Elliptic curves: definitions and general proprieties The theory of elliptic curves is really vast. In this seminar we will concentrate on cryptographic applications of these geometric objects. Explain the basic facts about elliptic curves, and elliptic curves over finite fields (following [HPS14, 6.1, 6.2] or [Ven09, 1.1, 1.2, 2.1]). If you have time present the computational problems explained in [Ven09, 2.2]. 14. Niklas Jacob (january 28) Elliptic curves Discrete Logarithm Problem We have already studied the Discrete Logarithm Problem in the field Fp , in this talk we study its variant using elliptic curves. Explain [HPS14, 6.3], up to 6.3.2. Explain then [HPS14, 5.4] and [HPS14, 6.3.2]. 15. Aiko Pipo (february 4) Elliptic Curves Cryptography and Lenstra’s algorithm We study cryptographic applications of elliptic curves, elliptic curves analogue of DiffieHelman key exchange, Elgamal public Key cryptosystems and elliptic curves signature. We end with Lenstra’s algorithm which uses elliptic curves to factor an integer number. Explain [HPS14, 6.4, 6.5, 6.6]. 16. Pit Ronk Free spot (february 11) References [AZ14] Martin Aigner and Günter M. Ziegler, Proofs from The Book, fifth ed., Springer-Verlag, Berlin, 2014, Including illustrations by Karl H. Hofmann. MR 3288091 [Bur89] David M. Burton, Elementary number theory, second ed., W. C. Brown Publishers, Dubuque, IA, 1989. MR 990017 (90e:11001) [ES03] Paul Erdős and János Surányi, Topics in the theory of numbers, Undergraduate Texts in Mathematics, Springer-Verlag, New York, 2003, Translated from the second Hungarian edition by Barry Guiduli. MR 1950084 (2003j:11001) [GB15] M. Kreuzen G. Rosenberger G. Baumslag, B. Fine, A course in Mathematical Cryptography, De Gruyter, 2015. [HPS14] Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman, An introduction to mathematical cryptography, second ed., Undergraduate Texts in Mathematics, Springer, New York, 2014. MR 3289167 [HW79] G. H. Hardy and E. M. Wright, An introduction to the theory of numbers, The Clarendon Press, Oxford University Press, New York, 1979. MR 568909 (81i:10002) [Kob87] Neal Koblitz, A course in number theory and cryptography, Graduate Texts in Mathematics, vol. 114, Springer-Verlag, New York, 1987. MR 910297 (88i:94001) [Kob98] , Algebraic aspects of cryptography, Algorithms and Computation in Mathematics, vol. 3, Springer-Verlag, Berlin, 1998, With an appendix by Alfred J. Menezes, Yi-Hong Wu and Robert J. Zuccherato. MR 1610535 (2000a:94012) [Rib89] Paulo Ribenboim, The book of prime number records, second ed., Springer-Verlag, New York, 1989. MR 1016815 (90g:11127) [TW06] Wade Trappe and Lawrence C. Washington, Introduction to cryptography with coding theory, second ed., Pearson Prentice Hall, Upper Saddle River, NJ, 2006. MR 2372272 (2008k:94055) [Ven09] D. Venturi, Lecture notes in algorithmic number theory, vol. 16, Electronic Colloquium on Computational Complexity (ECCC), http://eccc.hpi-web.de/report/2009/062/, 2009. http://www.mi.fu-berlin.de/users/diproietto October 26, 2015