Showing posts with label Security. Show all posts
Showing posts with label Security. Show all posts

Monday, 25 September 2017

Fermat's Little Theorem.

Introduction.

Prime Numbers have uses in Cryptography, important part of Computer Sciences.

Functional Paradigm uses Mathematics for Computing extensively, therefore this article.


Fermat's Little Theorem.

If p is a prime number and a is a natural number, then:

ap≡a (mod p).

Furthermore, if p does not divide a, then there exists some smallest exponent d such that:

ad-1≡0 (mod p)

and d divides p-1. Hence,

a(p-1)-1≡0 (mod p).

The theorem is sometimes also simply known as 'Fermat's theorem' (Hardy and Wright 1979, p. 63).

This is a generalization of the Chinese hypothesis and a special case of Euler's totient theorem. It is sometimes called Fermat's primality test and is a necessary but not sufficient test for primality. Although it was presumably proved (but suppressed) by Fermat, the first proof was published by Euler in 1749. It is unclear when the term 'Fermat's little theorem' was first used to describe the theorem, but it was used in a German textbook by Hensel (1913) and appears in Mac Lane (1940) and Kaplansky (1945).

The theorem is easily proved using mathematical induction on a. Suppose p|a^p-a (i.e., p divides a^p-a). Then examine:

(a+1)p-(a+1).

From the binomial theorem,



Rewriting,



But p divides the right side, so it also divides the left side. Combining with the induction hypothesis gives that p divides the sum:



as assumed, so the hypothesis is true for any a. The theorem is sometimes called Fermat's simple theorem. Wilson's theorem follows as a corollary of Fermat's little theorem.

Fermat's little theorem shows that, if p is prime, there does not exist a base a < p with (a,p)=1 such that a(p-1)-1 possesses a nonzero residue modulo p. If such base a exists, p is therefore guaranteed to be composite. However, the lack of a nonzero residue in Fermat's little theorem does not guarantee that p is prime. The property of unambiguously certifying composite numbers while passing some primes make Fermat's little theorem a compositeness test which is sometimes called the Fermat compositeness test. A number satisfying Fermat's little theorem for some nontrivial base and which is not known to be composite is called a probable prime.

Composite numbers known as Fermat pseudoprimes (or sometimes simply 'pseudoprimes') have zero residue for some as and so are not identified as composite. Worse still, there exist numbers known as Carmichael numbers (the smallest of which is 561) which give zero residue for any choice of the base a relatively prime to p. However, Fermat's little theorem converse provides a criterion for certifying the primality of a number. A table of the smallest pseudoprimes P for the first 100 bases a follows (OEIS A007535; Beiler 1966, p. 42 with typos corrected).


aPaPaPaPaP
234122694220562638291
391233343776334183105
4152425444564658485
5124252845766511285129
63526274613366918687
7252765476567858791
892845484968698891
9282935496669858999
103330495051701699091
1115314951657110591115
12653233528572859293
1321338553657311193301
14153435545574759495
1534135515563759195141
165136915657767796133
1745374557657724797105
1825383958133783419899
194539955987799199145
20214091603418081100153
21554110561918185




































Source: Wolfram MathWorld.

Congruence.

Introduction.

Prime Numbers have uses in Cryptography, important part of Computer Sciences.

Functional Paradigm uses Mathematics for Computing extensively, therefore this article.


Congruence.

If two numbers b and c have the property that their difference b-c is integrally divisible by a number m (i.e., (b-c)/m is an integer), then b and c are said to be 'congruent modulo m.' The number m is called the modulus, and the statement 'b is congruent to c (modulo m)' is written mathematically as:





If b-c is not integrally divisible by m, then it is said that 'b is not congruent to c (modulo m),' which is written:



The explicit '(mod m)' is sometimes omitted when the modulus m is understood by context, so in such cases, care must be taken not to confuse the symbol ≡ with the equivalence sign.

The quantity b is sometimes called the 'base,' and the quantity c is called the residue or remainder. There are several types of residues. The common residue defined to be nonnegative and smaller than m, while the minimal residue is c or c-m, whichever is smaller in absolute value.



Congruence arithmetic is perhaps most familiar as a generalization of the arithmetic of the clock. Since there are 60 minutes in an hour, 'minute arithmetic' uses a modulus of m=60. If one starts at 40 minutes past the hour and then waits another 35 minutes, 40+35≡15 (mod 60), so the current time would be 15 minutes past the (next) hour.



Similarly, 'hour arithmetic' on a 12-hour clock uses a modulus of m=12, so 10 o'clock (a.m.) plus five hours gives 10+5≡3 (mod 12), or 3 o'clock (p.m.)

Congruences satisfy a number of important properties, and are extremely useful in many areas of number theory. Using congruences, simple divisibility tests to check whether a given number is divisible by another number can sometimes be derived. For example, if the sum of a number's digits is divisible by 3 (9), then the original number is divisible by 3 (9).

Congruences also have their limitations. For example, if a≡b and c≡d (mod n), then it follows that ax≡bx, but usually not that xc≡xd or ac≡bd. In addition, by 'rolling over,' congruences discard absolute information. For example, knowing the number of minutes past the hour is useful, but knowing the hour the minutes are past is often more useful still.

Let a≡a' (mod m) and b≡b' (mod m), then important properties of congruences include the following, where => means 'implies':

1. Equivalence: a≡b (mod 0)=>a≡b (which can be regarded as a definition).

2. Determination: either or .

3. Reflexivity: a≡a (mod m).

4. Symmetry: a≡b (mod m) => b≡a (mod m).

5. Transitivity: a≡b (mod m) and b≡c (mod m) => a≡c (mod m).

6. a+b≡a'+b' (mod m).

7. a-b≡a'-b' (mod m).

8. ab≡a'b' (mod m).

9. a≡b (mod m) => ka≡kb (mod m).

10. a≡b (mod m) => an≡bn (mod m).

11. a≡b (mod m1) and a≡b (mod m2) => a ≡b (mod [m1,m2]), where [m1,m2] is the least common multiple.

12. , where (k,m) is the greatest common divisor.

13. If a≡b (mod m), then P(a)≡P(b) (mod m), for P(x) a polynomial.

Properties (6-8) can be proved simply by defining:

a=a'+rm
b=b'+sm,

where r and s are integers. Then:

a+b=a'+b'+(r+s)m
a-b=a'-b'+(r-s)m
ab=a'b'+(a's+b'r+rsm)m,

so the properties are true.

Congruences also apply to fractions. For example, note that:

2×4≡1 3×3≡2 6×6≡1 (mod 7),

so:

1/2≡4 1/4≡2 2/3≡3 1/6≡6 (mod 7).

To find p/q (mod m) where (q,m)=1 (i.e., q and m are relatively prime), use an algorithm similar to the greedy algorithm. Let q0≡q and find:



where is the ceiling function, then compute:

q1≡q0p0 (mod m).

Iterate until qn=1, then:



This method always works for m prime, and sometimes even for m composite. However, for a composite m, the method can fail by reaching 0 (Conway and Guy 1996).

Finding a fractional congruence is equivalent to solving a corresponding linear congruence equation:

ax≡b (mod m).

A fractional congruence of a unit fraction is known as a modular inverse.

Source: Wolfram MathWorld.