DOCSLIB.ORG

Introducing Quaternions to Integer Factorisation

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Introducing Quaternions to Integer Factorisation Journal of Physical Science and Application 5 (2) (2015) 101-107 doi: 10.17265/2159-5348/2015.02.003 D DAVID PUBLISHING Introducing Quaternions to Integer Factorisation HuiKang Tong 4500 Ang Mo Kio Avenue 6, 569843, Singapore Abstract: The key purpose of this paper is to open up the concepts of the sum of four squares and the algebra of quaternions into the attempts of factoring semiprimes, the product of two prime numbers. However, the application of these concepts here has been clumsy, and would be better explored by those with a more rigorous mathematical background. There may be real immediate implications on some RSA numbers that are slightly larger than a perfect square. Key words: Integer factorisation, RSA, quaternions, sum of four squares, euler factorisation method. Nomenclature In Section 3, we extend the Euler factoring method to one using the sum of four squares and the algebra p, q: prime factors n: semiprime pq, the product of two primes of quaternions. We comment on the development of P: quaternion with norm p the mathematics in Section 3.1, and introduce the a, b, c, d: components of a quaternion integral quaternions in Section 3.2, and its relationship 1. Introduction with the sum of four squares in Section 3.3. In Section 3.4, we mention an algorithm to generate the sum of We assume that the reader know the RSA four squares. cryptosystem [1]. Notably, the ability to factorise a In Section 4, we propose the usage of concepts of random and large semiprime n (the product of two the algebra of quaternions into the factorisation of prime numbers p and q) efficiently can completely semiprimes. The method in Section 2.2 using break RSA, which is integral to many cryptographic Gaussian integers is brought into Section 4.1. Then we systems worldwide. We also assume that the reader is subsequently loosen one of its constrains in Section familiar with the state-of-the-art factoring methods [2], 4.2. We will also show the Euclidean algorithm for although its knowledge is not required to understand quaternions. Then we propose an alternative method our ideas in this paper, but is useful to judge the novelty in Section 4.3, the one which we feel has better of our work. potential to contribute to the research on the integer 1.1 Outline of the Paper factorisation problem. Finally we discuss the results in Section 5 and The Euler factorisation method is introduced in conclude in Section 6. Section 2, while our probably new pathway to the solution with the Gaussian integers is explained in 1.2 Contributions of the Paper Section 2.2, after the introduction to Gaussian integers The main contribution of this paper is to open up in Section 2.1. Then we state the limitations of the the concepts of sum of four squares in quaternions Euler factorisation method and address one of the into the attempts of factoring semiprimes. Sections 2.1, work previously done to make Euler factorisation 4.1 and 4.2 are adapted from standard mathematical method workable. texts. Expressing the Euler’s factoring method with Gaussian integers has not been specifically published Corresponding author: HuiKang Tong. E-mail: [email protected]. on, so content in Section 2.2 may be new. To the 102 Introducing Quaternions to Integer Factorisation author’s knowledge, quaternions has never been Gaussian integer is a sum of two squares, which is the employed in integer factorisation, so works from basis of the Euler factorisation method. The Section 4 onwards are original. explanation will be illustrated by a numerical example that is first factored by Euler: 2. The Euler Factorisation Method pqna b c d We will now look at the much neglected Euler 1000009 1000 3 972 235 factorisation method [3]. In essence, it instantly The sum of two squares can be factorised into obtains the factors of a semiprime when it is written as Gaussian integers: a sum of two square in two distinct ways. pq abiabi cdicdi pqna b c d 1000009 1000 3i1000 3i 972 235i972 235i 2.1 The Gaussian Integers The Gaussian integers can be further factorised. The The Gaussian integersare described in this section so two forms of the semiprime are actually that the reader can draw parallels with the algebra of re-arrangements of each other: quaternions, where the main ideas are built on. pq rsituituirsi Gaussian integers are complex numbers with rsituituirsi rational integers as coefficients for its real and where p rsirsi and q t uit ui imaginary components [4]: The norm of one of the terms is one of the factors. i α abia,b The term is obtained by the Euclidean algorithm, which Similar to complex numbers, Gaussian integers has works for complex numbers [6]. The only difference its conjugate: from the algorithm forrational integersis is that the αabi remainder can be negative, so that the size of the The norm of any Gaussian integeris defined as: remainder can be continually reduced. Nmα ααabiabi a b 1000 3i 1972 235i 28 232i For Gaussian integers, the product of the norm is 972 235i 1 4i28 232i equal to the norm of its product: 72 109i NmαNmβ ααββαββααβαβ 28 232i 2i72 109i 7 58i Nmαβ 72 109i 2 i7 58i 0 A Gaussian prime cannot be expressed in terms of The norm of the greatest common divisor Nm7 two Gaussian integers that each has a smaller norm [5]. 58i 3413 is a prime factor. Hence, any prime number p congruent to 1 mod 4 is 2.3 Evaluation of the Method not a Gaussian prime, as it is factorable into: pρρ r sir si The Euler factorisation method works only when both prime factors is congruent to 1 mod 4, because 2.2 A Complex Approach only such semiprimes have the two representations [7]. The Euler factorisation method can be done with More importantly, there has not been a feasible way to Gaussian integers. We have independently derived this find the two representations of sum of two squares for relationship, although we expect one to have made this large semiprimes. minor result. However, to the author’s knowledge, However, in our literature review, we came across a nothing is specifically published on this concept. work that made the Euler factorisation method An alert reader would have noticed that norm of a feasible [8]. The result was an algorithm that factorises Introducing Quaternions to Integer Factorisation 103 / in On time. Our proposal focuses on quaternions a bicjdka bicjdk and the sum of four squares which should be totally aa bb cc dd different from his ideas. ab ba cd dci a c b d c a d b j 3. Extending to Quaternions ad bc cb dak Extending the concept of the Euler factorisation The conjugate of a quaternion has its imaginary method beyond Gaussian integers, we subsequently components negated: explore the quaternions, and the sum of four squares. P abicjdk Here is our justification why this may be novel. Our focus is on quaternions with integral coefficients, called a Lipchitz quaternion: 3.1 Comment on Mathematical Development P abicjdka,b,c,d Much rigorous work has already been done on the The concept of the norm is applicable to separate topics. RSA was patented in 1977, and the quaternions: RSA factoring challenge was put up on 1991. Attention NmP a b c d on factorising large semiprimes with factors of similar 3.3 Sum of Four Squares length, only then, has been emphasized. Before that, factorisation is acknowledged as difficult, and it is only The norm of the product of the quaternions is equal interested in special probable prime numbers like the to the product of the norm of the quaternions: Fermat numbers and the Mersenne prime candidates. NmPQ PQPQ PQQP P·NmQ ·P On the other hand, the theory of integral quaternions PP ·NmQ NmP ·NmQ and octonions are developed before the 1930s by The result is the Euler’s four-square identity [11]: Lipchitz and Hurwitz [9]. Modern usage on pq NmP ·NmQ quaternions only centres on rotation manipulation. a b c da b c d This may well explain and support the lack of usage of aa bb cc dd quaternions on the integer factorisation problem. ab ba cd dc ac bd ca db 3.2 Quaternions ad bc cb da We begin by defining integral quaternions [10], so NmPQ n as to draw parallels between them and Gaussian After knowing this set of information, the author integers. feels that the algebra of quaternions can be applied Quaternions has three instead of one imaginary into the problem of integer factorisation. component: In this paper, we denote a quaternion by an Aabicjdka,b,c,d upper-case letter, and the norm of the quaternion the Multiplication of quaternions is non-commutative, corresponding lower case. So quaternion P has a with the following properties: norm of p . Different subscripts distinguishes each i j k ijk1 quaternion with the same norm. More specifically: The Jacobi’s Theorem of Four Squares [7] specifies ij ji k the number of distinct representations of a number as jkkji a sum of four squares, which is equivalent to the kiikj number of quaternions with the same norm - the The multiplication of two quaternions is thus: number of ways to represent n as the sum of four 104 Introducing Quaternions to Integer Factorisation squares is eight times the sum of the divisors of n if n algorithm (explained in the following section). is odd, and 24 times the sum of the odd divisors of n However, there does not seem to be an easy method if n is even.
Load more

Recommended publications
  • Arxiv:1001.0240V1 [Math.RA]
    Fundamental representations and algebraic properties of biquaternions or complexified quaternions Stephen J. Sangwine∗ School of Computer Science and Electronic Engineering, University of Essex, Wivenhoe Park, Colchester, CO4 3SQ, United Kingdom. Email: [email protected] Todd A. Ell† 5620 Oak View Court, Savage, MN 55378-4695, USA. Email: [email protected] Nicolas Le Bihan GIPSA-Lab D´epartement Images et Signal 961 Rue de la Houille Blanche, Domaine Universitaire BP 46, 38402 Saint Martin d’H`eres cedex, France. Email: [email protected] October 22, 2018 Abstract The fundamental properties of biquaternions (complexified quaternions) are presented including several different representations, some of them new, and definitions of fundamental operations such as the scalar and vector parts, conjugates, semi-norms, polar forms, and inner and outer products. The notation is consistent throughout, even between representations, providing a clear account of the many ways in which the component parts of a biquaternion may be manipulated algebraically. 1 Introduction It is typical of quaternion formulae that, though they be difficult to find, once found they are immediately verifiable. J. L. Synge (1972) [43, p34] arXiv:1001.0240v1 [math.RA] 1 Jan 2010 The quaternions are relatively well-known but the quaternions with complex components (complexified quaternions, or biquaternions1) are less so. This paper aims to set out the fundamental definitions of biquaternions and some elementary results, which, although elementary, are often not trivial. The emphasis in this paper is on the biquaternions as an applied algebra – that is, a tool for the manipulation ∗This paper was started in 2005 at the Laboratoire des Images et des Signaux (now part of the GIPSA-Lab), Grenoble, France with financial support from the Royal Academy of Engineering of the United Kingdom and the Centre National de la Recherche Scientifique (CNRS).
    [Show full text]
  • New Formulas for Semi-Primes. Testing, Counting and Identification
    New Formulas for Semi-Primes. Testing, Counting and Identification of the nth and next Semi-Primes Issam Kaddouraa, Samih Abdul-Nabib, Khadija Al-Akhrassa aDepartment of Mathematics, school of arts and sciences bDepartment of computers and communications engineering, Lebanese International University, Beirut, Lebanon Abstract In this paper we give a new semiprimality test and we construct a new formula for π(2)(N), the function that counts the number of semiprimes not exceeding a given number N. We also present new formulas to identify the nth semiprime and the next semiprime to a given number. The new formulas are based on the knowledge of the primes less than or equal to the cube roots 3 of N : P , P ....P 3 √N. 1 2 π( √N) ≤ Keywords: prime, semiprime, nth semiprime, next semiprime 1. Introduction Securing data remains a concern for every individual and every organiza- tion on the globe. In telecommunication, cryptography is one of the studies that permits the secure transfer of information [1] over the Internet. Prime numbers have special properties that make them of fundamental importance in cryptography. The core of the Internet security is based on protocols, such arXiv:1608.05405v1 [math.NT] 17 Aug 2016 as SSL and TSL [2] released in 1994 and persist as the basis for securing dif- ferent aspects of today’s Internet [3]. The Rivest-Shamir-Adleman encryption method [4], released in 1978, uses asymmetric keys for exchanging data. A secret key Sk and a public key Pk are generated by the recipient with the following property: A message enciphered Email addresses: [email protected] (Issam Kaddoura), [email protected] (Samih Abdul-Nabi) 1 by Pk can only be deciphered by Sk and vice versa.
    [Show full text]
  • Gaussian Prime Labeling of Super Subdivision of Star Graphs
    of Math al em rn a u ti o c J s l A a Int. J. Math. And Appl., 8(4)(2020), 35{39 n n d o i i t t a s n A ISSN: 2347-1557 r e p t p n l I i c • Available Online: http://ijmaa.in/ a t 7 i o 5 n 5 • s 1 - 7 4 I 3 S 2 S : N International Journal of Mathematics And its Applications Gaussian Prime Labeling of Super Subdivision of Star Graphs T. J. Rajesh Kumar1,∗ and Antony Sanoj Jerome2 1 Department of Mathematics, T.K.M College of Engineering, Kollam, Kerala, India. 2 Research Scholar, University College, Thiruvananthapuram, Kerala, India. Abstract: Gaussian integers are the complex numbers of the form a + bi where a; b 2 Z and i2 = −1 and it is denoted by Z[i]. A Gaussian prime labeling on G is a bijection from the vertices of G to [ n], the set of the first n Gaussian integers in the spiral ordering such that if uv 2 E(G), then (u) and (v) are relatively prime. Using the order on the Gaussian integers, we discuss the Gaussian prime labeling of super subdivision of star graphs. MSC: 05C78. Keywords: Gaussian Integers, Gaussian Prime Labeling, Super Subdivision of Graphs. © JS Publication. 1. Introduction The graphs considered in this paper are finite and simple. The terms which are not defined here can be referred from Gallian [1] and West [2]. A labeling or valuation of a graph G is an assignment f of labels to the vertices of G that induces for each edge xy, a label depending upon the vertex labels f(x) and f(y).
    [Show full text]
  • Arxiv:1412.5226V1 [Math.NT] 16 Dec 2014 Hoe 11
    q-PSEUDOPRIMALITY: A NATURAL GENERALIZATION OF STRONG PSEUDOPRIMALITY JOHN H. CASTILLO, GILBERTO GARC´IA-PULGAR´IN, AND JUAN MIGUEL VELASQUEZ-SOTO´ Abstract. In this work we present a natural generalization of strong pseudoprime to base b, which we have called q-pseudoprime to base b. It allows us to present another way to define a Midy’s number to base b (overpseudoprime to base b). Besides, we count the bases b such that N is a q-probable prime base b and those ones such that N is a Midy’s number to base b. Furthemore, we prove that there is not a concept analogous to Carmichael numbers to q-probable prime to base b as with the concept of strong pseudoprimes to base b. 1. Introduction Recently, Grau et al. [7] gave a generalization of Pocklignton’s Theorem (also known as Proth’s Theorem) and Miller-Rabin primality test, it takes as reference some works of Berrizbeitia, [1, 2], where it is presented an extension to the concept of strong pseudoprime, called ω-primes. As Grau et al. said it is right, but its application is not too good because it is needed m-th primitive roots of unity, see [7, 12]. In [7], it is defined when an integer N is a p-strong probable prime base a, for p a prime divisor of N −1 and gcd(a, N) = 1. In a reading of that paper, we discovered that if a number N is a p-strong probable prime to base 2 for each p prime divisor of N − 1, it is actually a Midy’s number or a overpseu- doprime number to base 2.
    [Show full text]
  • Hypercomplex Numbers
    Hypercomplex numbers Johanna R¨am¨o Queen Mary, University of London [email protected] We have gradually expanded the set of numbers we use: first from finger counting to the whole set of positive integers, then to positive rationals, ir- rational reals, negatives and finally to complex numbers. It has not always been easy to accept new numbers. Negative numbers were rejected for cen- turies, and complex numbers, the square roots of negative numbers, were considered impossible. Complex numbers behave like ordinary numbers. You can add, subtract, multiply and divide them, and on top of that, do some nice things which you cannot do with real numbers. Complex numbers are now accepted, and have many important applications in mathematics and physics. Scientists could not live without complex numbers. What if we take the next step? What comes after the complex numbers? Is there a bigger set of numbers that has the same nice properties as the real numbers and the complex numbers? The answer is yes. In fact, there are two (and only two) bigger number systems that resemble real and complex numbers, and their discovery has been almost as dramatic as the discovery of complex numbers was. 1 Complex numbers Complex numbers where discovered in the 15th century when Italian math- ematicians tried to find a general solution to the cubic equation x3 + ax2 + bx + c = 0: At that time, mathematicians did not publish their results but kept them secret. They made their living by challenging each other to public contests of 1 problem solving in which the winner got money and fame.
    [Show full text]
  • Split Quaternions and Spacelike Constant Slope Surfaces in Minkowski 3- Space
    Split Quaternions and Spacelike Constant Slope Surfaces in Minkowski 3- Space Murat Babaarslan and Yusuf Yayli Abstract. A spacelike surface in the Minkowski 3-space is called a constant slope surface if its position vector makes a constant angle with the normal at each point on the surface. These surfaces completely classified in [J. Math. Anal. Appl. 385 (1) (2012) 208-220]. In this study, we give some relations between split quaternions and spacelike constant slope surfaces in Minkowski 3-space. We show that spacelike constant slope surfaces can be reparametrized by using rotation matrices corresponding to unit timelike quaternions with the spacelike vector parts and homothetic motions. Subsequently we give some examples to illustrate our main results. Mathematics Subject Classification (2010). Primary 53A05; Secondary 53A17, 53A35. Key words: Spacelike constant slope surface, split quaternion, homothetic motion. 1. Introduction Quaternions were discovered by Sir William Rowan Hamilton as an extension to the complex number in 1843. The most important property of quaternions is that every unit quaternion represents a rotation and this plays a special role in the study of rotations in three- dimensional spaces. Also quaternions are an efficient way understanding many aspects of physics and kinematics. Many physical laws in classical, relativistic and quantum mechanics can be written nicely using them. Today they are used especially in the area of computer vision, computer graphics, animations, aerospace applications, flight simulators, navigation systems and to solve optimization problems involving the estimation of rigid body transformations. Ozdemir and Ergin [9] showed that a unit timelike quaternion represents a rotation in Minkowski 3-space.
    [Show full text]
  • Quaternion Algebra and Calculus
    Quaternion Algebra and Calculus David Eberly, Geometric Tools, Redmond WA 98052 https://www.geometrictools.com/ This work is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/ or send a letter to Creative Commons, PO Box 1866, Mountain View, CA 94042, USA. Created: March 2, 1999 Last Modified: August 18, 2010 Contents 1 Quaternion Algebra 2 2 Relationship of Quaternions to Rotations3 3 Quaternion Calculus 5 4 Spherical Linear Interpolation6 5 Spherical Cubic Interpolation7 6 Spline Interpolation of Quaternions8 1 This document provides a mathematical summary of quaternion algebra and calculus and how they relate to rotations and interpolation of rotations. The ideas are based on the article [1]. 1 Quaternion Algebra A quaternion is given by q = w + xi + yj + zk where w, x, y, and z are real numbers. Define qn = wn + xni + ynj + znk (n = 0; 1). Addition and subtraction of quaternions is defined by q0 ± q1 = (w0 + x0i + y0j + z0k) ± (w1 + x1i + y1j + z1k) (1) = (w0 ± w1) + (x0 ± x1)i + (y0 ± y1)j + (z0 ± z1)k: Multiplication for the primitive elements i, j, and k is defined by i2 = j2 = k2 = −1, ij = −ji = k, jk = −kj = i, and ki = −ik = j. Multiplication of quaternions is defined by q0q1 = (w0 + x0i + y0j + z0k)(w1 + x1i + y1j + z1k) = (w0w1 − x0x1 − y0y1 − z0z1)+ (w0x1 + x0w1 + y0z1 − z0y1)i+ (2) (w0y1 − x0z1 + y0w1 + z0x1)j+ (w0z1 + x0y1 − y0x1 + z0w1)k: Multiplication is not commutative in that the products q0q1 and q1q0 are not necessarily equal.
    [Show full text]
  • Number Theory Course Notes for MA 341, Spring 2018
    Number Theory Course notes for MA 341, Spring 2018 Jared Weinstein May 2, 2018 Contents 1 Basic properties of the integers 3 1.1 Definitions: Z and Q .......................3 1.2 The well-ordering principle . .5 1.3 The division algorithm . .5 1.4 Running times . .6 1.5 The Euclidean algorithm . .8 1.6 The extended Euclidean algorithm . 10 1.7 Exercises due February 2. 11 2 The unique factorization theorem 12 2.1 Factorization into primes . 12 2.2 The proof that prime factorization is unique . 13 2.3 Valuations . 13 2.4 The rational root theorem . 15 2.5 Pythagorean triples . 16 2.6 Exercises due February 9 . 17 3 Congruences 17 3.1 Definition and basic properties . 17 3.2 Solving Linear Congruences . 18 3.3 The Chinese Remainder Theorem . 19 3.4 Modular Exponentiation . 20 3.5 Exercises due February 16 . 21 1 4 Units modulo m: Fermat's theorem and Euler's theorem 22 4.1 Units . 22 4.2 Powers modulo m ......................... 23 4.3 Fermat's theorem . 24 4.4 The φ function . 25 4.5 Euler's theorem . 26 4.6 Exercises due February 23 . 27 5 Orders and primitive elements 27 5.1 Basic properties of the function ordm .............. 27 5.2 Primitive roots . 28 5.3 The discrete logarithm . 30 5.4 Existence of primitive roots for a prime modulus . 30 5.5 Exercises due March 2 . 32 6 Some cryptographic applications 33 6.1 The basic problem of cryptography . 33 6.2 Ciphers, keys, and one-time pads .
    [Show full text]
  • The RSA Algorithm Clifton Paul Robinson
    Bridgewater State University Virtual Commons - Bridgewater State University Honors Program Theses and Projects Undergraduate Honors Program 5-1-2018 The Key to Cryptography: The RSA Algorithm Clifton Paul Robinson Follow this and additional works at: http://vc.bridgew.edu/honors_proj Part of the Computer Sciences Commons Recommended Citation Robinson, Clifton Paul. (2018). The Key ot Cryptography: The RSA Algorithm. In BSU Honors Program Theses and Projects. Item 268. Available at: http://vc.bridgew.edu/honors_proj/268 Copyright © 2018 Clifton Paul Robinson This item is available as part of Virtual Commons, the open-access institutional repository of Bridgewater State University, Bridgewater, Massachusetts. The Key to Cryptography: The RSA Algorithm Clifton Paul Robinson Submitted in Partial Completion of the Requirements for Commonwealth Interdisciplinary Honors in Computer Science and Mathematics Bridgewater State University May 1, 2018 Dr. Jacqueline Anderson Thesis Co-Advisor Dr. Michael Black, Thesis Co-Advisor Dr. Ward Heilman, Committee Member Dr. Haleh Khojasteh, Committee Member BRIDGEWATER STATE UNIVERSITY UNDERGRADUATE THESIS The Key To Cryptography: The RSA Algorithm Author: Advisors: Clifton Paul ROBINSON Dr. Jackie ANDERSON Dr. Michael BLACK Submitted in Partial Completion of the Requirements for Commonwealth Honors in Computer Science and Mathematics Dr. Ward Heilman, Reading Committee Dr. Haleh Khojasteh, Reading Committee ii Dedicated to Mom, Dad, James, and Mimi iii Contents Abstractv 1 Introduction1 1.1 The Project Overview........................1 2 Theorems and Definitions2 2.1 Definitions..............................2 2.2 Theorems...............................5 3 The History of Cryptography6 3.1 Origins................................6 3.2 A Transition.............................6 3.3 Cryptography at War........................7 3.4 The Creation and Uses of RSA...................7 4 The Mathematics9 4.1 What is a Prime Number?.....................9 4.2 Factoring Numbers........................
    [Show full text]
  • Some New Results on Odd Perfect Numbers
    Pacific Journal of Mathematics SOME NEW RESULTS ON ODD PERFECT NUMBERS G. G. DANDAPAT,JOHN L. HUNSUCKER AND CARL POMERANCE Vol. 57, No. 2 February 1975 PACIFIC JOURNAL OF MATHEMATICS Vol. 57, No. 2, 1975 SOME NEW RESULTS ON ODD PERFECT NUMBERS G. G. DANDAPAT, J. L. HUNSUCKER AND CARL POMERANCE If ra is a multiply perfect number (σ(m) = tm for some integer ί), we ask if there is a prime p with m = pan, (pa, n) = 1, σ(n) = pα, and σ(pa) = tn. We prove that the only multiply perfect numbers with this property are the even perfect numbers and 672. Hence we settle a problem raised by Suryanarayana who asked if odd perfect numbers neces- sarily had such a prime factor. The methods of the proof allow us also to say something about odd solutions to the equation σ(σ(n)) ~ 2n. 1* Introduction* In this paper we answer a question on odd perfect numbers posed by Suryanarayana [17]. It is known that if m is an odd perfect number, then m = pak2 where p is a prime, p Jf k, and p = a z= 1 (mod 4). Suryanarayana asked if it necessarily followed that (1) σ(k2) = pa , σ(pa) = 2k2 . Here, σ is the sum of the divisors function. We answer this question in the negative by showing that no odd perfect number satisfies (1). We actually consider a more general question. If m is multiply perfect (σ(m) = tm for some integer t), we say m has property S if there is a prime p with m = pan, (pa, n) = 1, and the equations (2) σ(n) = pa , σ(pa) = tn hold.
    [Show full text]
  • Generating Provable Primes Efficiently on Embedded Devices
    Generating Provable Primes Efficiently on Embedded Devices Christophe Clavier1, Benoit Feix1;2, Lo¨ıc Thierry2;?, and Pascal Paillier3 1 XLIM, University of Limoges, [email protected] 2 INSIDE Secure [email protected],[email protected] 3 CryptoExperts [email protected] Abstract. This paper introduces new techniques to generate provable prime numbers efficiently on embedded devices such as smartcards, based on variants of Pocklington's and the Brillhart-Lehmer-Selfridge-Tuckerman- Wagstaff theorems. We introduce two new generators that, combined with cryptoprocessor-specific optimizations, open the way to efficient and tamper-resistant on-board generation of provable primes. We also report practical results from our implementations. Both our theoretical and ex- perimental results show that constructive methods can generate provable primes essentially as efficiently as state-of-the-art generators for probable primes based on Fermat and Miller-Rabin pseudo-tests. We evaluate the output entropy of our two generators and provide techniques to ensure a high level of resistance against physical attacks. This paper intends to provide practitioners with the first practical solutions for fast and secure generation of provable primes in embedded security devices. Keywords: Prime Numbers, Pocklington's theorem, Public Key Cryp- tography, Embedded Software, Modular Exponentiation, Cryptographic Accelerators, Primality Proving. 1 Introduction Large prime numbers are a basic ingredient of keys in several standardized primi- tives such as RSA [21], Digital Signature Algorithm (DSA) [12] or Diffie-Hellman key exchange (DH) [10]. This paper precisely addresses the generation of prov- able prime numbers in embedded, crypto-enabled devices. When it comes to RSA key generation, two approaches coexist: key pairs may be generated off-board (i.e.
    [Show full text]
  • THE GAUSSIAN INTEGERS Since the Work of Gauss, Number Theorists
    THE GAUSSIAN INTEGERS KEITH CONRAD Since the work of Gauss, number theorists have been interested in analogues of Z where concepts from arithmetic can also be developed. The example we will look at in this handout is the Gaussian integers: Z[i] = fa + bi : a; b 2 Zg: Excluding the last two sections of the handout, the topics we will study are extensions of common properties of the integers. Here is what we will cover in each section: (1) the norm on Z[i] (2) divisibility in Z[i] (3) the division theorem in Z[i] (4) the Euclidean algorithm Z[i] (5) Bezout's theorem in Z[i] (6) unique factorization in Z[i] (7) modular arithmetic in Z[i] (8) applications of Z[i] to the arithmetic of Z (9) primes in Z[i] 1. The Norm In Z, size is measured by the absolute value. In Z[i], we use the norm. Definition 1.1. For α = a + bi 2 Z[i], its norm is the product N(α) = αα = (a + bi)(a − bi) = a2 + b2: For example, N(2 + 7i) = 22 + 72 = 53. For m 2 Z, N(m) = m2. In particular, N(1) = 1. Thinking about a + bi as a complex number, its norm is the square of its usual absolute value: p ja + bij = a2 + b2; N(a + bi) = a2 + b2 = ja + bij2: The reason we prefer to deal with norms on Z[i] instead of absolute values on Z[i] is that norms are integers (rather than square roots), and the divisibility properties of norms in Z will provide important information about divisibility properties in Z[i].
    [Show full text]