MATH 470 Lecture 27

« previous | Thursday, April 25, 2013 | next »

From the Practice Final

Prime Fields

Find ${\displaystyle {\frac {1}{t}}}$, ${\displaystyle {\frac {1}{t+1}}}$, ${\displaystyle {\frac {1}{t^{2}}}}$ in ${\displaystyle \mathbb {F} _{7^{3}}=\mathbb {F} _{343}}$ realized as ${\displaystyle \mathbb {F} _{7}\left[t\right]/\left\langle t^{3}+t+1\right\rangle }$

First Way

Tricks: While you can use Extended Euclidean Algorithm, you can do some faster trickery:

Key: ${\displaystyle t^{3}+t+1=0}$, therefore ${\displaystyle t^{2}+1+{\frac {1}{t}}=0}$ and ${\displaystyle {\frac {1}{t}}=-1-t^{2}=6+6t^{2}}$.

What if we can do the same thing with ${\displaystyle {\frac {1}{t+1}}}$?

${\displaystyle {\begin{aligned}t^{3}+t+1&=0\\t+1&=-t^{3}\\{\frac {1}{t+1}}&=-{\frac {1}{t^{3}}}\\&=-{\frac {1}{t}}\left({\frac {1}{t^{2}}}\right)\\&=-\left(6+6t^{2}\right)\,\left({\frac {1}{t^{2}}}\right)\\&=\left(1+t^{2}\right)\,\left({\frac {1}{t^{2}}}\right)\\&={\frac {1}{t^{2}}}+1\\&=\left({\frac {1}{t}}\right)^{2}+1\\&=\left(-1-t^{2}\right)^{2}+1\\&=\left(1+2t^{2}+t^{4}\right)+1\\&=\left(1+2t^{2}+\left(-t-t^{2}\right)\right)+1\\&=\left(1+6t+t^{2}\right)+1\\&=2+6t+t^{2}\end{aligned}}}$

Second Way

Easier way to figure out ${\displaystyle {\frac {1}{t^{2}}}}$:

${\displaystyle {\begin{aligned}t^{3}+t+1&=0\\t+{\frac {1}{t}}+{\frac {1}{t^{2}}}&=0\\{\frac {1}{t^{2}}}&=-{\frac {1}{t}}-t\\&=1+t^{2}-t\\&=1+6t+t^{2}\end{aligned}}}$

Third Way

Third way to find ${\displaystyle {\frac {1}{t^{2}}}}$ (Extended Euclidean Algorithm):

Look for polynomials ${\displaystyle p,q\in \mathbb {F} _{7}\left[t\right]}$ with ${\displaystyle p(t)\,t^{2}+q(t)\,\left(t^{3}+t+1\right)=1}$

${\displaystyle {\begin{bmatrix}1&0\\0&1\\t^{2}&t^{3}+t+1\end{bmatrix}}\rightarrow {\begin{bmatrix}1&-t\\0&1\\t^{2}&t+1\end{bmatrix}}\rightarrow {\begin{bmatrix}1+t^{2}&-t\\-t&1\\-t&t+1\end{bmatrix}}\rightarrow {\begin{bmatrix}1+t^{2}&1-t+t^{2}\\-t&1-t\\-t&1\end{bmatrix}}}$

Therefore ${\displaystyle \left(1-t+t^{2}\right)\,t^{2}+\left(1-t\right)\,\left(t^{3}+t+1\right)=1}$ and our inverse ${\displaystyle {\frac {1}{t^{2}}}=1+6t+t^{2}}$

Note: EEA is the safer method for more complicated inverses, e.g. ${\displaystyle {\frac {1}{3-t+2t^{2}}}}$

Elliptic Curve Cryptography

Suppose you would like to transmit "21" in an elliptic curve cipher via the elliptic curve ${\displaystyle E:y^{2}=x^{3}+7x+15/\mathbb {F} _{593}}$. In particular, you will transmit the point. (note: 593 is prime)

We want to find a point ${\displaystyle (210+a,y)\in E}$, where ${\displaystyle a\in \left\{0,\ldots ,9\right\}}$.

Which ${\displaystyle a}$ would work?

Nothing more than a Jacobi square-root question in disguise!

${\displaystyle a}$	${\displaystyle 210+a}$	${\displaystyle \left(210+a\right)^{3}+7\left(210+a\right)+15}$	${\displaystyle \left({\frac {\Box }{593}}\right)}$
0	210	228	-1
1	211	432	-1
2	212	123	1
3	213	493
…	…	…	…

So ${\displaystyle a=2}$ works

Elliptic Curves

(Not on practice final... yet)

Suppose you are trying to compute

${\displaystyle [12,252,240](2,1)}$ on ${\displaystyle y^{2}=x^{3}+254x-515{\pmod {n}}}$ with ${\displaystyle n=1,713,761,513}$

In particular, you observe

${\displaystyle 12,252,240=2^{4}+2^{6}+\dots +2^{20}+2^{21}+2^{33}}$

and

${\displaystyle [2^{4}+2^{6}+\ldots +2^{21}(2,1)\oplus [2^{23}](2,1)=(390104967,128395638)\oplus (520835552,974225979)}$

Suppose the last addition is undefined mod ${\displaystyle n}$. Find a non-trivial factor of ${\displaystyle n}$.

...what? (Sherlock Holmes moment where an addition is undefined and therefore we find a non-trivial factor)

If the addition is undefined, we must have ${\displaystyle 520835552-390104967}$ is non-invertible mod ${\displaystyle n}$.

In other words, ${\displaystyle \mathrm {gcd} (520835552-390104967,n)>1}$, so one of the factors of the difference is a factor of ${\displaystyle n}$, namely 26927 (or 63719)