Int. J. Communications, Network and System Sciences, 2011, 4, 287-296 doi:10.4236/ijcns.2011.45033 Published Online May 2011 (http://www.SciRP.org/journal/ijcns) Protection of Sensitive Messages Based on Quadratic Roots of Gaussians: Groups with Complex Modulus* Boris Verkhovsky Computer Science Department, New Jersey Institute of Technology, University Heights, Newark, USA E-mail: [email protected] Received April 5, 2011; revised May 3, 2011; accepted May 20, 2011 Abstract This paper considers three algorithms for the extraction of square roots of complex integers {called Gaus- sians} using arithmetic based on complex modulus p + iq. These algorithms are almost twice as fast as the analogous algorithms extracting square roots of either real or complex integers in arithmetic based on modulus p, where p is a real prime. A cryptographic system based on these algorithms is provided in this paper. A procedure reducing the computational complexity is described as well. Main results are explained in several numeric illustrations. Keywords: Complex Modulus; Computational Efficiency; Cryptographic Algorithm; Digital Isotopes; Multiplicative Control Parameter; Octadic Roots, Quartic Roots, Rabin Algorithm, Reduction of Complexity, Resolventa, Secure Communication, Square Roots 1. Introduction and Problem Statement Gaussians, and let Gi:1 4 1,4 be the Gaussian modulus. Inside each square there is a number of Gaus- The concept of complex modulus was introduced by C. F. sian integers; plus every vertex of each square is also a Gauss [1]. The set of complex integers is an infinite sys- Gaussian integer. In order to avoid multiple counting of tem of equidistant points located on parallel straight lines, the same vertex, we consider that only the left-most bot- such that the infinite plane is decomposable into infi- tom vertex of each square belongs to that square [1]. For nitely many squares. Analogously, every integer that is more insights and graphics see [2]. divisible by a complex integer m = a + bi forms infini- This paper is a logical continuation of a recently pub- tely many squares, with sides equal to ab22 . lished paper [3], which considered a cryptographic scheme based on complex integers modulo real semi-prime pq. 1.1. Complex Moduli The above mentioned paper describes an extractor of quadratic roots from complex integers called Gaussians. A slightly different approach is considered in [4]. Several Let’s denote ab,: a bi. Associates of Gpq:, general ideas for computation of a square root in modular are –G, iG and –iG; they are the vertices of a square arithmetic are provided in [5-7]. where Gpq, ; iG 0, 1p , q q, p ; This paper considers arithmetic based on complex in- iG 0, 1 p,, q q p . tegers with Gaussian modulus. As demonstrated below, To understand the congruencies, let’s consider a sys- the extraction of square roots in such arithmetic requires tem of integer Cartesian coordinates. The squares on this a smaller number of basic operations. As a result, the system of coordinates are inclined to the former squares described cryptographic system is almost twice faster if neither of integers a, b is equal to zero [1]. Then the than the analogous systems in [3,4]. associates of the modulus pq, are rotations of “vec- Consider quadratic equation tor” pq, on 90 degrees. Let’s consider the plane of complex numbers and as an example, the complex prime x,,modycd2 pq,, (1) number 1, 4 : 1 4i [2]. Let the left-most bottom point of the mesh be the origin of the coordinate system for where modulus Gpq:, is a Gaussian prime; and let 22 *Dedicated to the memory of Samuel A. Verkhovsky. Npqpq:, . (2) Copyright © 2011 SciRes. IJCNS 288 B. VERKHOVSKY 1.2. General Properties lution for w, it implies that uw,1,01 ,0,p q mod G. (8) Proposition 1: Gaussian pq, is a prime if and only if its norm N is a real prime [1]. Hence, if a root x, y is known, then another root of Remark 1: Since pq,, qp, without loss c,d is uw, x,y mo d. G of generality we assume that, if pq, is prime, then p Quartic roots: There are four quartic roots of 1, 0 , 4 is odd and q is even {unless it is stated otherwise}. each satisfying qk 1, 0 : Proposition 2: If norm of pq, is a prime (2), then qq (1,0); ( 1,0); q 0,1 ;q 0, 1 ; (9) for every pq,, N 14 is an integer. 12 3 4 Proof: Let pk:2 1 and q:2 r. Then (2) implies where that 22 qq3,4 2mod Gqq ; 2 1 1,0 mod G . 2 Nkk14 1 r. Q.E.D. (3) 2.2. Quadratic Root Extractor (QRE-1) Proposition 3 {cyclic identity}: If gcdab , , pq , 1,0 and G is a prime, then the following identity holds: Step 1.1: Compute ab,mod,1,N 1 pq 0. (4) Nm:;pq22 :14;NzN 38 (10) Remark 2: More details about identity (4) are provided in the Appendix in Proposition 3.A. Step 2.1: if N is not a prime, then QRE-1 algorithm is Proposition 4 {Modular multiplicative inverse}: if not applicable, na ; Remark 4: gcdab , , pq , 1, 0, then pq1, 1, 0 mod G; (11) ab,,mo12 abN d G. (5) Step 3.1: Compute Remark 3: Yet, more computationally-efficient is to m solve an appropriate Diophantine equation. However, E:, cdmod G; (12) this is beyond the scope of this paper. Step 4.1: if E 0, 1 , then cd, is Gaussian qua- Definition 1: Gaussian x, y is called a quadratic dratic non-residue (GQNR }, i.e. its square root does not root of cd, modulo G if x, y and cd, satisfy exist; Equation (1); we denote it as Step 5.1: if E 1, 0 , then x,:ycd ,modG. (6) N 38 x,:yc ,d m od G; (13) 2. Quadratic Root Extraction Where Step 6.1: if E 1, 0 , then N 5mod8 R : 0, 1 modGG ; RE 1 mod ; (14) z Proposition 5: If pq, is prime and N 5mod8 , x,:yRcdG , mod; (15) then mN:14 is odd. Step 7.1 {2nd square root}: Proof: Notice that q mod 4 2 , otherwise (3) implies that N 1mod8. Q.E.D. tv,: p 1,, q xymodG (11). (16) 2.1. Quadratic and Quartic Roots of 1, 0 2.3. Validation of Algorithm Modulo pq, Proposition 6: Suppose Consider a quadratic root uw, of 1, 0mo d pq , : a) pq, is a prime and q 2mod4; (17) uw,: 1,0mod, pq . N 14 Then uw,2 u22 w,21 uw ,0mod pq,. This b) zN38; Ecd:, md o G; (18) 2 equation holds if either w = 0 and u 1modG; or if 1 u = 0 and c) REEGmod if 1, 0 or 1,0 ; (19) w2 1modG . (7) then z Since the last equation does not have a real integer so- cd,,mo R cdd G . (20) Copyright © 2011 SciRes. IJCNS B. VERKHOVSKY 289 Proof: First of all, (19) implies that Table 1. Quadratic root extraction and verification; N mod 8 = 5 . ER2 mod G 1,0 . (21) Yet, cd, (3, 8) (4, 8) (6, 7) (8, −2) (9, 2) (10, 5) N 34 m cd,R22 cd,,, cdN 14 R cd ER 2cd, (1, 0) (10, −2) (−1, 0) (−1, 0) (3, 9) (1, 0) .(22) z cd, (9, −2) QNR (5, 3) (11, 4) QNR (2, 2) cd, modG cd, z R (9, −2) na (7, 2) (7, −1) na (2, 2) Therefore, (21) and (22) imply equation x, y2 (3, 8) *** (6, 7) (8, −2) *** (10, 5) cd,,m2z R2 cdod G , (23) which itself implies that (20) is correct. Q.E.D. mN:1 8 dis and od N 716 is an integer. Proof: Since p = 8w + 3 and q = 4r, therefor e 22 3. Criterion of Gaussian Quadratic Nwwr 16 4 3 9 (2). Hence 16N 7 . If we assume that m is even; then Residuosity Where N 5mod8 Nm7 16 12. (27) Proposition 7: Gaussian cd, has a quadratic root Thus, if m 2 is integer, then N 716 is not (27). modulo Gaussian prime pq, only if This contradiction proves Proposition 8. Proposition 9 {criterion of Gaussian quadratic residu- N 14 cd,md1,0o G. (24) osity}: Let Example 1: Consider p91,q 6; N p,8317q , N 18 which is a prime; hence 91, 6 are Gaussian primes. Ecd:, mod G; (28) Compute mN: 1 4/ 2079; zN:3 8 1040 ; Let cd,81,71 . Since and gcdcd , , G 1 . 81,71m 96,85 1,0 mod 91, 6 (11), therefore, Then cd, has a quadratic root modulo Gaussian prime G if xy, 81,71 81,71 1040 0,1 (25) E:1 ,0;0 ,11; i; {see the algorithm below}. 57,75 mod 91, 6 . (29) Verification: Indeed, Proposition 10: Suppose 2 57,75 mod 91, 6 81,71. (26) a) p is odd and q 0mod4 ; (30) 4. Numeric Illustration b) zN 716 ; (31) c) Resolventa R satisfies the following conditions: Consider p = 10, q = −3. Then N = 109; m = 27; z = 14. m In Table 1 cd, are the quartic roots q of unity 1,0 modGE if 1,0 ; (32) k (9), i.e., RGE0, 1 mod if 1,0 ; (33) R:q1 1,0; q2 12,7 1,0 ;q3 3,9 0, 1 ; 3 . EGEmod if 0, 1 ; (34) qp10, 2 0,1 mod ,q 4 Then Step-by-step process of extraction of the square roots cd,,moz R cdd G . (35) and criteria of quadratic residuosity are illustrated for several values of cd, .