subject index - stanoyevitch

627

Subject Index

A

Abelian groups, 458–460, 465Absorption, set theoretic identities,

495Active attacks; See also specific

attacksbasic concepts, 12on OFB mode, 285

AdditionAES

AES algorithm operations, 433

computer program for, 449encryption, 423Galois fields, 413, 423nibble, 419, 445–446

algorithm complexity analysis, assessing work required to execute, 246, 247

elliptic curve, 454–458algebraic algorithm, 455–458computer implementations and

exercises, 483–484, 485curves over ℤp, 463–466geometric algorithm, 455, 456

finite fields, 383, 384Galois fields, 398, 413, 423rings, 378–379, 381, 410

matrix, 146–147, 149, 150, 175modular integer systems, 59polynomial; See Polynomials,

additionvector, 457

Addition algorithm with base b expansions, 229–231

Additive groups, 459Additive identity, 378, 383, 410

elliptic curve addition, 458modular arithmetic, 59

Additive inverses, 379Add Round Key operation, AES

computer program for, 447decryption, 431encryption, 422, 424, 429, 437exercises, 444–445full (128 bit ) AES, 438

ADFGVX cipher, 32–35, 102Adjacent digits, 78, 80Adjacent letters, 182, 183, 215Adjacent pairs, 34, 571

Adleman, Leonard, 22, 331, 338, 339Advanced encryption standard (AES)

protocol, 21, 417–449byte representation and arithmetic,

432–434computer implementations and

exercises, 445–449decryption algorithm, 439–440development of, 254, 417–419encryption algorithm, 437–438exercises, 441–445exercise solutions, 560–563,

609–611full (128 bit key) AES, 432,

437–438Galois fields, 399, 400nibbles, 419–421scaled-down version, 421–429

computer programs for, 446–449

decryption, 429–432encryption, 421–429encryption algorithm, 435–437,

438security of, 440

Affine cipherscomputer programs for, 136,

137–140with homophones, 138–139with homophones and nulls,

139–140with nulls, 137–138

evolution of codemaking, 96–100passive attacks on, 98–100

Affine function/mapping, 96AES, 444composition, 109–110digraph block cryptosystems,

132–133homophones, 105–106nulls, 103–104

Agrawal, Manindra, 309AKS test, 309Algebraic algorithm, elliptic curve

addition, 455–458Algorithm complexity analysis,

assessing work required to execute, 246–247

Algorithms, defined, 3–4Alice (literature convention), 2, 22, 23,

339, 340

K10916_Book.indb 627 7/13/10 11:09:43 AM

628 Subject Index

Alphabetsbasic concepts, 3cryptosystem components, 94English, 13–14, 95monoalphabetic and polyalphabetic

ciphers, 12–15number of characters, 95plaintext conversion to numerical

equivalents, 225–228American Standard Code for

Information Interchange (ASCII), 227, 254, 340

Ancient codes, 91–94Arab culture, cryptography in, 102Arithmetic

algorithm complexity analysis, assessing work required to execute, 246–247

elliptic curve, 451integers in different bases

addition algorithm with base b expansions, 229–231

computer implementations and exercises, 248–250

exercises, 241–247exercise solutions, 536–540large integers, 237–239multiplication algorithm

with base b expansions, 234–237

subtraction algorithm with base b expansions, 231–234

matrix, 175addition, subtraction, and scalar

multiplication, 146–147multiplication, 147–151;

See also Matrix multiplication

properties of, 149–150modular integer systems, 59; See

also Divisibility and modular arithmetic

nibbleaddition and multiplication,


exercises, 445–446ASCII, 227, 254, 340Assissi, Benicio de, 102Associativity

abelian group, 459addition, 378, 383, 459elliptic curve, 458, 483matrix arithmetic, 149, 150multiplication, 379, 383rings, 379set theoretic identities, 495

Asymmetric key cryptography, 21–22; See also Public key cryptography

Attacks on cryptosystems, 2; See also specific attacks

affine ciphers, 98–100evolution of codebreaking; See

Evolution of codebreaking till computer era

overview, 12–15Authentication

basic concepts, 1features of public key

cryptosystems, 25public key cryptography, 343–345

digital signatures, 343–345ElGamal cryptosystem,

347–349, 373RSA digital signatures, 371

Avalanche condition, strong, 419Avalanche effect, 272, 290–291

B

Babbage, Charles, 187, 207Babbage/Kasiski attack, 108

computer programs to aid in, 216–218

Vignière cipher demise, 188–192Bases; See also Integers in different

baseselliptic curve discrete logarithm

problem, 466Bayes’ formula, 510–511Belaso, Giovanni Battista, 15Ben-Or’s irreducibility determination

algorithm, 410–411, 414–415Biased, probabilities, 502Big-O notation, 247Bijections

finite fields, 382overview, 5–7

Binary alphabet, basic concepts, 3Binary expansions

AES algorithm operations, 434integers in different bases, 221,

224–227addition algorithm with base b

expansions, 231–234multiplication algorithm in base

b expansions, 234–237Binary operations

abelian group, 458–460algorithm complexity analysis,


elliptic curve, 483finite fields, 377–378rings, 378–379, 381, 406–407

Binary stringsbasic concepts, 3plaintext conversion to numerical

equivalents, 225–228

K10916_Book.indb 628 7/13/10 11:09:43 AM

Subject Index 629

Binary vectorsknapsack problem reformulation, 350nibble addition and multiplication,

419rings, 406–407

Binomial random variables, 511–513Birthday problem, 505–507Bit operations, work required to execute

algorithm complexity analysis, 246–247

Bits, word size, 238Bit strings, 238

conversion programs, 286nibble addition, 420plaintext conversion to numerical

equivalents, 225–228Bitwise representation, AES algorithm,

432, 433Bletchley Park, 22, 202, 206–208, 252Block ciphers, 20, 26

evolution of codebreaking, 190Hill cryptosystem, 162–166; See

also Hill cryptosystemPlayfair cipher as, 18

Block cryptosystems, 132–133, 251–292computer implementations and

exercises, 286–292DES, 265–272

adoption of, 252–254fall of, 272–273scaled-down version, 258–265triple, 273–274

evolution of computers into cryptosystems, 251–252

exercises, 279–286public key cryptography,

367–368solutions, 540–545, 599–601

Feistel cryptosystems, 255–258modes of operation for, 274–279

block mode, 274–276cipherblock chaining (CBC)

mode, 275–276cipher feedback (CFB) mode,

276–278electronic codebook (ECB)

mode, 274–275output feedback (OFB) mode,

278–279XOR operation, 254–255

Block matrix multiplication, 172–174Block mode operations, block

cryptosystem, 274–276Block size

AESversus Rijndael, 419scaled-down versus 128-bit key,

421DES, scaled-down, 258Feistel cryptosystems, 255

Bob (literature convention), 2, 22, 339, 340

Broadcast attack, RSA cryptosystem, 366

Brute-force approachDES attacks, 273elliptic curve discrete logarithm

problem, 467irreducibility test for polynomials in

ℤp[X], 394, 395knapsack problem, 374modular inverses, 87passive attacks on substitution

cipher, 13points on modular elliptic curve,

452–456, 462Byte, definition of, 276Byte arithmetic/operations, AES,

432–434AES algorithm operations, 432, 433computer program for, 449exercises, 443nibble-byte subtransformations,

444–445sub transformation, encryption

algorithm, 424, 436, 437, 439

C

Caesar cipher, 9–11, 94evolution of codemaking, 101shift ciphers, 95

Cardinality, 495, 496Carmichael, Robert, 311Carmichael numbers, 311–312 Carries

addition algorithm with base b expansions, 229, 230

multiplication algorithm with base b expansion, 234, 235, 236, 238

Cartesian product set, 496Cauchy, Augustus, 382CBC (cipherblock chaining) mode,

275–276Ceiling function, definition of, 48Certification, primes, 309CFB (cipher feedback) mode, 276–278Chain matrix multiplication, 167–168Champollion, Jean-Francois, 92Change of base formula, 224Chiffre indéchiffrable, le, 15, 108Chinese remainder theorem, 67–71,

359computer implementations and

exercises, 89elliptic curve-based factoring

algorithm, 476RSA cryptosystem, 341

K10916_Book.indb 629 7/13/10 11:09:43 AM

630 Subject Index

Chor-Rivest cryptosystem, 356Chosen ciphertext attacks, 12, 32

affine ciphers, 99–100exercises, 133Hill cryptosystem, 164, 170RSA cryptosystem, 366

Chosen plaintext attacks, 12, 13, 99differential cryptanalysis, 272Hill cryptosystem, 164linear cryptanalysis, 273

Church, Alonzo, 207Cipherblock chaining (CBC) mode,

block cryptosystems, 275–276

Cipher feedback (CFB) mode, block cryptosystems, 276–278

Ciphergram, computer program for extracting data from ciphertext string, 216–218

CiphersADFGVX, 32–35versus code, 91Playfair, 18–25programming with integer

arithmetic, 38–39standards, 2substitution, 8–11terminology, 94Vignière, 15–18

Ciphertextbasic concepts, 2partial substitutions, program for,

215substitution ciphers, 8–11

Ciphertext attacksaffine ciphers, 99–100chosen; See Chosen ciphertext

attackstypes of, 12

Ciphertext-only attacks, 12, 13affine ciphers, 98, 136frequency analysis-based, 186homophonic cryptosystems and,

106–107on shift cipher, 38Vignière cipher, 200–201

Classical adjoint formula for matrix inversions, 159–162, 171–172, 176

Clay foundation, 24Closure, ring, 380Cocks, Clifford, 22, 23Code, versus cipher, 91Code-book attacks, DES, 274–275Codebreaking; See Decryption;

Evolution of codebreaking till computer era

Codemaking; See Encryption; Evolution of codemaking till computer era

Coding theorycongruency applications, 77–79Shannon’s contributions to, 25

Codomain, basic concepts, 4, 5Coefficient formula, polynomials, 387Coefficients, 385, 390Cofactor expansion algorithm, 153–154,

157, 160, 171–172, 529classical adjoint formula with, 159computer platform caveat, 161computer programs, 176

Cogitata Physica-Mathematica (Mersenne), 81

Cohen, Henri, 314Coincidence, index of, 193–201Column index, AES encryption

algorithm, 437–438Column matrix, 146Combinatorics, 495Common modulus attack, RSA

cryptosystem, 365Commutation, composition of functions

and, 110Commutative rings, 58Commutativity

addition, 378, 458elliptic curve

abelian group, 458–460addition, 458exercises, 483

matrix arithmetic, 148–149, 150ring multiplication, 379set theoretic identities, 495

Complementarity probability rule, 504Complementary keys, DES, 284Complementary plaintext, DES, 284Complement bit strings, exercise,

279–280Complements, set, 494, 495, 499Complexity analysis of algorithms,


Complexity of polynomials, RSA security guarantees, 357

Complex roots, elliptic curves over real numbers, 453

Composite integers, defined, 44Compositeness

Carmichael numbers, 311–312Miller–Rabin test, 314witness to, 309–310

Composite numbers, Lenstra’s algorithm application, 482

Composition of functions, 332–333dissection of Enigma machine into

permutations, 119–120evolution of codemaking, 109–110inverse of, 429permutations, computer program

for, 141

K10916_Book.indb 630 7/13/10 11:09:43 AM

Subject Index 631

repeated, 117scaled-down Enigma machine,

120–121triple, 122

Computational number theory, 309Computation issues

algorithm complexity analysis, assessing work required to execute, 246–247

floating point platform limitations, 85, 87, 161, 237, 240, 296, 314, 317–318, 325, 369, 483

elliptic curve operations, 483Lenstra’s algorithm, 477RSA cryptosystem, 341

Moore’s law, 440public key cryptography, 334vector representation of

polynomials, 387–388Computation of orders, 303Computer-generated random numbers,

40, 41Computer implementations and

exercisesAES, 445–449block cryptosystems, 286–292codebreaking evolution, 214–220

Babbage/Kasiski attack, programs to aid in, 216–218

frequency analysis, programs to aid in, 214–215

Friedman attack, programs related to, 218–220

index of coincidence, 218codemaking evolution, 136–143cofactor expansion method, 89, 161,

176DES, 287–292division algorithm, 86elliptic curve cryptography,

483–487modular elliptic curves, 484,

485nonsingular elliptic curve,

483–484, 485fast modular exponentiation, 240Feistel cryptosystems, 287finite fields, 411–415Hill cryptosystem, 177–178integers in different bases, 224,

248–250matrices and Hill cryptosystem,

174–179fast matrix multiplication, 179modular matrices, 175–177,

178–179scalar multiplication, 175square (invertible) matrix,

175–176Strassen’s algorithm, 179

modular arithmetic, 85–89Chinese remainder theorem, 89congruences, 88Euclidean algorithm, 86–88prime factorialization, 85–86

number theory and algorithms, 325–329

overview, 35–41computer-generated random

numbers, 39–41integer/text conversions, 36–37programming basic ciphers with

integer arithmetic, 38–39vector/string conversions, 35–36

public key cryptography, 369–375random substitution ciphers, 220readings in, 616three-round Feistel systems, 287XOR program, 287

Concatenation, 7Conditional probability, 507–509Conditioning, 195, 509–511Confederate cipher disk, 11Confusion

one-time pad, 25–26Shannon’s properties of, 272, 419

Congruence classes, 54–55Congruences

addition of elliptic curves over ℤp, 464

basic properties, 54Chinese remainder theorem, 67–71computer implementations and

exercises, 88congruent mod m, 53divisibility and modular arithmetic,

52–58exercises

credit card error detecting codes, 79–80

divisibility criteria, 82–83ISBN error detecting codes,

77–79round robin tournaments, 80

modular elliptic curves, 461–462solving, 61, 64–66validity of congruent substitutions

in modular arithmetic, 56–57in ℤp[X] modulo, 395–396

Conjugates, of permutation, 123Constant polynomial, 385Continuous infinite sets, 4Contrapositive, Fermat’s little theorem,

309Convergence, Gauss’s primitive root

finding algorithm, 325Conversions

integer/text, 36–37vector/string and string/vector,

35–36, 286

K10916_Book.indb 631 7/13/10 11:09:44 AM

632 Subject Index

Coppersmith, Don, 150, 272Correspondence, English alphabet, 95Counter mode of operation, block

cryptosystems, 285–286Counting principles, 495–499Credit card error-detecting codes,

79–80, 89Cryptanalysis

basic concepts, 3linear and differential, 272–273

Cryptography, 1–2Cryptosystems

basic concepts, 1–2block; See Block cryptosystemsformal definition, 94–96

Cycle decomposition form invariance, 205–206

Cyclic permutations/cycles, evolution of codemaking, 114–119

D

Daemen, Joan, 418Data encryption standard (DES),

20–21, 265–272adoption of, 252–254AES development, 417–419computer programs, 287–292exercises, 282–283fall of, 272–273public key cryptography, 333scaled-down version, 258–265self-decryption proof, 285triple, 273–274

Decimal expansion, integers in different bases, 222

Decomposition, disjoint cycle, 115–116, 117, 124

Decryption; See also specific systemsbasic concepts, 2–3codebreaking; See Evolution of

codebreaking till computer era

Playfair and Vignière ciphers, 39Decryption algorithm

AES, 439–440self-decryption proof, three-round

Feistel systems, 285Decryption exponent, 551, 552, 605,

606ElGamal cryptosystem, 345–346,

347RSA cryptosystem

computer programs for, 370, 371, 372

probabilistic factoring algorithms for RSA modulus, 358

public key, 340–341, 342security guarantee, 357

Decryption functionscryptosystem components, 94substitution ciphers, English

alphabet, 96Definitions of basic concepts, 1–4De Morgan’s Laws, 495Density, primes, 308Dependent events, 508DES; See Data encryption standardDES algorithm, 262, 264, 265, 267

computer programs for, 290scaled-down DES, 258–259

Descartes, René, 295Determinant, square (invertible)

matrix, 153–155Differential cryptanalysis, 272, 273Diffie, Whit, 21, 22, 331, 333Diffie–Hellman key exchange, 21, 22,

331, 346computer program for, 369–370discrete logarithms, 334elliptic curve version, 467–468, 474

computer implementations and exercises, 486

exercises, 481exercises, 360–361, 366–367with groups, 459public key cryptography, 336–337

Diffusionone-time pad, 26Shannon’s properties of, 272, 419

Digital signatures and authentication, 25

ElGamal cryptosystem, 347–349, 373

public key cryptography, 343–345RSA cryptosystem, 340, 370–371

Digital Signature Standard (DSS), 345Digraphs, 107, 132–133Dimensions, matrix, 145Direct method, modular exponentiation,

247Discrete infinite sets, 4Discrete logarithm problem, 303, 306

exercises, 367on modular elliptic curves, 466–467modular elliptic curves, 480public key cryptosystems, 338review of, 334–335

Discrete random variable, defined, 511Discriminant, elliptic curve, 452Disjoint cases, multiplication principle,

498Disjoint ciphertext character sets, 189Disjoint cycle decomposition, 115–116,

124, 205–206Disjoint probabilities, addition to

Kolmogorov’s axiom, 510Disjoint sets, 492Disjoint union, sets, 509–510

K10916_Book.indb 632 7/13/10 11:09:44 AM

Subject Index 633

Distinct primes, square root modulo m, 84

Distributive lawsfinite fields, 384

division algorithm, 392polynomial multiplication, 387,

388rings, 379, 380, 384

matrix arithmetic, 149, 171multiplication algorithm in base b

expansions, 236Venn diagrams, 494

Distributivity, set theoretic identities, 495

Dividenddefinition of, 47division algorithm for ℤp[X], 391,

392Divisibility and modular arithmetic,

43–89Chinese remainder theorem, 67–71divisibility definition and examples,

43–44division algorithm, 47–48Euclidean algorithm, 48–52exercises, 71–85exercise solutions, 517–522,

572–581extended Euclidean algorithm,

61–64greatest common divisors and

relatively prime integers, 46–47

modular arithmetic and congruences, 52–58

modular integer systems, 58–60modular inverses, 60–61primes, 44–46solving linear congruences, 64–66

Divisibility criteria, application of congruences, 82–83

Division, polynomial; See Polynomials, division

Division algorithm, 519, 556–557, 563, 584

AES, 421, 434, 445computer implementations and

exercises, 86congruences, 55–56conversions among bases and

integer equivalents, 223addition algorithm with base b

expansions, 229subtraction algorithm with base

b expansions, 232Euclidean algorithm and, 48–50extended, 158Fermat’s little theorem, 297, 298,

546matrix arithmetic, 158

modular arithmetic, 47–48, 87, 547computer programs for, 80, 86congruences and remainders, 55,

56, 80Euclidean algorithm, 49, 50–51,

64exercises, 72

nibbles, 421, 445polynomial, 391–395, 421, 434

computer programs for, 412Euclidean algorithm, 404, 405exercises, 407, 408, 411

Divisordefinition of, 47division algorithm for ℤp[X], 391,

392Domain, basic concepts, 4, 5Dominance laws, set theoretic

identities, 495Dot product

horizontal shifted, computer program for, 218

matrix operations, 146, 148vectors, 199–200

Double complementation, set theoretic identities, 495

Double DES, 273

E

ECB (electronic codebook) mode, 274–275

Eckert, J. Presper, 252Egyptian hieroglyphics, 92, 93, 95Electronic codebook (ECB) mode,

block cryptosystems, 274–275

Electronic Numerical Integrator and Calculator (ENIAC), 252

Elementsmatrix, 145sets, 491

Elements, The (Euclid), 45–46, 503Elgamal, Taher, 345ElGamal cryptosystem, 345–347

computer programs, 372–373digital signatures with, 347–349discrete logarithms, 334elliptic curve addition, 466elliptic curve version, 481


plaintext representation, 471–473

procedure, 473–475exercises, 363–364, 366–367with groups, 459mathematical problems providing

security, 338modular exponentiation, 301

K10916_Book.indb 633 7/13/10 11:09:44 AM

634 Subject Index

Elliptic curve cryptography, 25, 451–487

addition of elliptic curves over ℤp, 463–466

addition operation for, 454–458computer implementations and

exercises, 483–487Diffie–Hellman key exchange

version, 467–468ElGamal cryptosystem version,

473–475elliptic curves over finite fields,

463elliptic curves over real numbers,

452–454elliptic curves over ℤp, 460–462exercises, 477–483exercise solutions, 563–567,

611–613factoring algorithm based on,

475–477groups, 458–462modular

discrete logarithm problem on, 466–467

fast integer multiplication of points on, 470–471

plaintext representation on, 471–473

sizes of, 462–463readings in, 616selections for further reading, 616

Ellis, James, 22–23Empty sets, 493Empty strings, 3, 7Encryption; See also specific systems

basic concepts, 2–3codemaking evolution; See

Evolution of codemaking till computer era

cryptosystem components, 94Encryption algorithm, AES, 435–439

128 bit keys, 437–439scaled-down, 435–437

Encryption exercises, block cryptosystems, 282–283

Encryption key, basic concepts, 2Encryption mapping, two-round,

541–543Encryption programs

AES, scaled-down, 421–425DES, scaled-down, 288public key cryptography

ElGamal cryptosystem, 372–373

Merkle–Hellman knapsack cryptosystem, 374–375

RSA cryptosystem, 370three-round Feistel systems, 287

English alphabet, 13–14, 95

ENIAC (Electronic Numerical Integrator and Calculator), 252

Enigma machinesattack methods, 201–205

German usage protocols, 202–203

Polish codebreakers, 203, 204Rejewski’s attack, 203–205

evolution of codemaking, 111–114computer programs, 141–143dissection into permutations,

119–126scaled-down, 120–121special properties of, 126–127

Entropy, 21Entry, matrix, 145Equal difference property, 444–445Equality, polynomials in ℤp[X], 385Equivalence relations, 54Error-detecting codes

credit card, 79–80, 89ISBN, 77–79, 88–89

Error propagation, block cryptosystems, 285

Euclid, 45, 503Euclidean algorithm


divisibility and modular arithmetic, 48–52

extended, 61–64, 347, 552addition of elliptic curves over

ℤp, 464computer implementations and

exercises, 414polynomials, 404RSA cryptosystem, 342

polynomials, 404–405, 408–409, 414RSA security guarantees, 360

Euclid’s lemma, 51, 312, 461Euler, Leonhard, 298, 299Euler’s little theorem, 297–298Euler’s phi function, 298–299, 303,

320, 326Euler’s theorem, 300–301, 302, 359

exercises, 320proof of, 546–547

Eve (literature convention), 2, 23Event, sample space subset, 502Evolution of codebreaking till computer

era, 181–200computer implementations and

exercises, 214–220Babbage/Kasiski attack,

programs to aid in, 216–218frequency analysis, programs to

aid in, 214–215Friedman attack, programs

related to, 218–220

K10916_Book.indb 634 7/13/10 11:09:44 AM

Subject Index 635

Enigmas, attack methods, 201–205German usage protocols,

202–203Polish codebreakers, 203, 204Rejewski’s attack, 203–205

exercises, 208–214exercise solutions, 530–536,

592–595frequency analysis attacks, 181–186index of coincidence, 193–201invariance of cycle decomposition

form, 205–208Turing and Bletchley Park,

206–208Vignière cipher demise, 187–192

Babbage/Kasiski attack, 188–192

Friedman attack, 192Evolution of codemaking till computer

era, 91–143affine ciphers, 96–100ancient codes, 91–94composition of functions, 109–110computer implementations and

exercises, 136–143cyclic permutations/cycles, 114–119enigma machines, 111–114

dissection into permutations, 119–126

special properties of, 126–127exercises, 127–136exercise solutions, 522–526,

581–587formal definition of cryptosystem,

94–96homophones, 105–109nulls, 102–105permutations

computer representations of, 140–143

cyclic, 114–119enigma machine dissection into,

119–126tabular form notation for,

110–111steganography, 100–102tabular form notation for

permutations, 110–111Exercise solutions, 451–487, 515–567Expansion function, DES, 266, 267Expansions

DES, 261, 269integers in different bases, 221, 222,

223, 224–227addition algorithm with base b

expansions, 229–231multiplication algorithm with

base b expansions, 234–237subtraction algorithm with base

b expansions, 231–234

Expected value, binomial random variable, 512–513

Experiment, defined, 501Exponentiation

algorithm complexity analysis, assessing work required to execute, 247

discrete logarithms, 334, 335fast modular, 239–240, 545–546squaring algorithm for, 250

Exponentsdecryption; See Decryption

exponentmagic, Fermat’s little theorem, 297,

298, 300modular exponentiation; See Fast

modular exponentiation; Modular exponentiation

RSA cryptosystem, 340, 341, 342signature, ElGamal cryptosystem,

347Extended Euclidean algorithm, 88,

347, 552addition of elliptic curves over ℤp,

464divisibility and modular arithmetic,

61–64polynomials, 404

F

Factorialization, prime; See Prime factorialization

Factorials, 13Factoring

elliptic curve arithmetic-based, 482elliptic curve cryptography-based

algorithm, 451, 475–477Miller–Rabin test with factoring

enhancement, 315–316, 328–329

Pollard p-1 factoring algorithm, 316–319

public key cryptosystemscomputer implementations and

exercises, 371–372elementary factoring method,

368one-way functions, 333RSA security guarantees, 358spread 331–368, 338

Factoring problem, 309Factorization

fundamental theorem of arithmetic, 44

primes, 44, 45, 85–86, 357, 358RSA cryptosystem, 342RSA security guarantees, 342, 357,

358Factors, divisibility, 43, 389

K10916_Book.indb 635 7/13/10 11:09:44 AM

636 Subject Index

Fair, probability concepts, 502Fast integer multiplication of points,

elliptic curve, 470–471, 485–486

Fast matrix multiplication, 150, 179Fast modular exponentiation, 239–240,

296–297, 545–546Diffie–Hellman key exchange,

elliptic curve protocol, 469discrete logarithms, 335Koblitz’s algorithm, 472, 473

Feedback modes, block cryptosystemscipher feedback (CFB) mode,

276–278output feedback (OFB) mode,

278–279Feistel, Horst, 253Feistel cryptosystems, 253, 255–258,

259, 260, 263, 264, 440, 542–543


DES, 265exercises, 280–281self-decryption proof, 285

Fermat, Pierre de, 295, 296Fermat’s little theorem, 295–298, 546

exercises, 319, 320Pollard p-1 factoring algorithm

basis, 317Fermat’s primality test, 309–311

computer programs for, 328exercises, 323

Feynman, Richard, 357Field isomorphism, 382Finite fields, 377–415

AES; See Advanced encryption standard protocol

binary operations, 377–378building from ℤp[X], 396–399computer implementations and

exercises, 411–415definition of, 381elliptic curves over, 463exercises, 406–411exercise solutions, 554–560,

608–609fields, 381–384

addition and multiplication tables, 384

definition of, 381inventory of, 382

Galois fields, 382, 399–403polynomials

Euclidean algorithm for, 404–406

vector representation of, 387–388

polynomials in ℤp[X]addition and multiplication of,

386–387congruences in modulo as fixed

polynomial, 395–396divisibility in, 389–390division algorithm for, 391–395as ring, 388–389

polynomials with coefficients in ℤp, 385

rings, 378–380Finite sets, 4, 452, 491Finite strings, 7First on, first off, 333Fixed elements, cyclic permutation,

115Floating point platform limitations,

240, 325; See also Computation issues

Floor function, 40, 47–48Flowers, Tommy, 252FORTRAN, 252Frequency analysis

computer program for modular frequency counts, 216

computer programs to aid in, 214–215

Frequency analysis attacksevolution of codebreaking, 181–186homophonic cryptosystems and,

106–107Vignière cipher, 189–190

Frequency vector, Friedman attack, 199

Friedman, William F., 188Friedman attack, 197–201

computer programs related to, 218–220

index of coincidence, 194Vignière cipher demise, 192

Functions; See also Mappingbasic concepts, 3composition of, evolution of

codemaking, 109–110cryptosystem components, 94overview, 4–8

inverse, 7–8one-to-one and onto, bijections,

5–7substitution ciphers, 8–11

Fundamental theorem of algebra, 453Fundamental theorem of arithmetic, 44,

46, 51–52

G

Gadsby (Wright), 14Galois, Evariste, 382, 383

K10916_Book.indb 636 7/13/10 11:09:44 AM

Subject Index 637

Galois fields, 254, 382, 399–403, 404AES; See also Advanced encryption

standard protocolAES algorithm operations, 432,

433encryption, 423–424, 432Mix Column mapping, 430nibble addition and

multiplication, 419, 420building finite fields from ℤp[X],

396–399computer programs for

addition/multiplication, 413computation of inverses, 414

Gauss, Carl Friedrich, 52–53, 382Gaussian elimination, 159Gauss’s algorithm

computer program for, 326exercises, 322, 325primitive roots, 307–308

General substitution cipher, known plaintext attack, 13

Geometric algorithm, elliptic curve addition, 455, 456

German usage protocols for Enigmas, 202–203

Government Communications Headquarters (GCHQ), 22, 23

Governments, 3, 356–357Gram, 190Graphs, elliptic curve, 453, 454, 455Greatest common divisors and

relatively prime integers, 46–47

Great Internet Mersenne Prime Search (GIMPS), 82

GroupsDES, 273elliptic curve cryptography,

458–462Group theory, 459–460

H

Hackers, 2Hadamard, Jacques, 294Hardy, Godfrey, 294Hasse’s Theorem, 463, 468Hawaiian alphabet, 210Hellman, Martin, 21, 22, 273, 331, 333,

352, 353Hexadecimal form

AES algorithm operations, 432, 433, 434

DES, 282computer programs, 290decryption program, 291

Galois field computations, 400, 401, 402, 403, 408

integers in different bases, 221, 224–227

addition algorithm with base b expansions, 231–234

multiplication algorithm in base b expansions, 234–237

nibble operations, 420Hieroglyphics, 92, 93, 95Hill, Lester, 162Hill cryptosystem, 162–166, 169

computer programs, 177–178exercises, 169–171

Hindu puzzle, 67–71History of cryptography

ADFGVX cipher, 33–34Caesar cipher, 9–11codebreaking; See Evolution of

codebreaking till computer era

codemaking; See Evolution of codemaking till computer era

communications technology, 108–109

Mersenne primes, 81–82one-time pad, 25–28public key cryptography, 21–25readings in, 615selections for further reading, 615

Homophones, 523–524, 593–594affine ciphers with, 138–140evolution of codemaking, 105–109randomized encryption system,

106–107Horizontal shifted dot products, 218Horizontal shifted match counts, 218

I

IBM, 252, 418, 419Identity

abelian group, 459additive, 379, 383, 410

elliptic curve addition, 458multiplicative, 379, 380, 383, 410polynomial, 390

Identity function, 110, 123Identity matrix, 151, 152Identity permutation, 96Image, basic concepts, 4Inclusion Exclusion principle,

probability rules, 504Independent events, 508Indeterminate X, 385Index of coincidence, 193–201, 218Indian culture, cryptography in, 102Industrial-grade primes, 314, 372

K10916_Book.indb 637 7/13/10 11:09:44 AM

638 Subject Index

Infinite sets, 4, 491Infinity

elliptic curves over modular integers, 460, 462

elliptic curves over real numbers, 452Initial permutation, DES, 265, 266,

270, 271computer program for, 289inverse, 264, 265, 289scaled-down, 259, 260, 263, 264

Input set, basic concepts, 5Institute of Electrical and Electronics

Engineers (IEEE), 238Integer arithmetic, overview, 38–39Integers

alphabets, 95–96divisibility and modular arithmetic;

See Divisibility and modular arithmetic

floor function, 40modular orders of invertible

modular integers, 301–302number theory, 43

Integers in different bases, 221–250arithmetic with large integers,


exercises, 248–250exercises, 241–247exercise solutions, 536–540,

595–599fast modular exponentiation,

239–240hexadecimal and binary expansions,

224–227addition algorithm with base b

expansions, 231–234multiplication algorithm in base

b expansions, 234–237representation of, 221–224

Integer sizeRSA cryptosystem, 341symbolic versus floating point

systems, 240, 314Integers modulo m, 58Integer systems

modular, 58–60relatively prime integers, 46–47

Integer/text conversions, 36–37Integral domains, 409–410Integrity, basic concepts, 1Intersection, sets, 492–495Invariance of cycle decomposition

form, 205–208Inverse functions

overview, 7–8S-box, 430shift permutation, 10substitution ciphers, English

alphabet, 96

Inverse permutationcomputer program for, 141cycle, 116DES, 289substitution ciphers, English

alphabet, 96Inverse problem, 24Inverses/inversion/invertibility

abelian group, 459AES

computer programs for, 448S-box, 444, 448

composition of functions, 332–333, 429

elliptic curve addition, 458finite fields

Galois fields, 414polynomial Euclidean algorithm

for determination of, 408–409

rings, 379–380, 407matrices, 176–177, 430

classical adjoint for, 159–162computer implementations and

exercises, 174–176, 178–179definition of, 151–153definition of invertible matrix,

151–152determinant of, 153–155Hill cryptosystem, 162–166square (invertible), 155–156square modular integer,

157–158modular, 60–61

brute-force approach, 87extended Euclidean algorithm,

88modular orders of invertible

modular integers, 301–302notation for, 332

Invertible affine mapping, AES S-box description, 444

Inv Mix Column, 440Inv Nibble Sub mapping, 430, 431,

439–440Inv Shift Row, 440Irreducible polynomials; See

Polynomials, irreducible/irreducibility

ISBN error detecting codes, 77–79, 88–89

Isomorphism, field, 382

J

Jacobi, Carl Gustav, 382Japan, Enigma machine, 112Jefferson, Thomas, 107–108j-fold composition, 117j-unit shift, 123

K10916_Book.indb 638 7/13/10 11:09:45 AM

Subject Index 639

K

Kasiski, Friederich W., 187Kayal, Neeraj, 309k-cycle, 116Keyboard, Enigma machine elements,

112, 113, 121Key exchange

Diffie–Hellman, 336–337secure, quest for, 332–333

Key exchange protocols, 331Key extraction permutation, DES, 261Key generation matrix, AES

encryption, 425, 426Key , AES encryption, 424Keylength

AES, 417, 419DES cryptosystem, 253one-time pad, 27, 40Vignière cipher, 189, 190, 191, 198,

572Babbage/Kasiski attack, 216Friedman attack, 201

Key permutation, English alphabet substitution cyphers, 96

Keysbasic concepts, 2cryptosystem components, 94one-time pad, program for creating,

40private key cryptosystems, 21public key cryptography, 23substitution ciphers, 9

Key schedule, Feistel cryptosystems, 255Key search, Moore’s law, 440Key size

AES, 417, 421, 432DES, 254

scaled-down, 258triple, 273–274

KeyspaceDES, 265Diffie–Hellman key exchange, 336,

337RSA cryptosystem, 340

Knapsack problems/cryptosystems, 349–352

computer programs for, 374–375mathematical problems providing

security, 338Merkle–Hellman, 352–356public key cryptosystems, 338

Known plaintext attacks, 12, 13, 32, 132, 583

AES Nibble/Byte Sub Transformations and, 445

affine ciphers, 98–99ElGamal cryptosystem, 367Hill cipher, 177–178

Koblitz, Neal, 158, 451

Koblitz’s algorithm, 472, 473, 481, 486Kolmogorov, Andrey, 503Kolmogorov axioms, 503–504, 505, 510Kolmogorov probability functions, 507Kronecker delta, 192

L

Lampboard, Enigma machine elements, 112, 113

Large integers, arithmetic with, 24, 237–239

Leading term, polynomials in ℤp[X], 387

Lenstra, Hendrik, 451Lenstra’s algorithm, 476–477, 482, 487Letter frequency, English alphabet,

13–14, 107Linear congruences

Chinese remainder theorem, 67–71solving, 64–66

Linear cryptanalysis, 272, 273Linguistic properties of language, and

frequency-based attacks, 182Logarithms, discrete, 334–335Lorenz cipher, 252Lorenz encryption machines, 252Lucifer system, 95

M

Magic exponent, Fermat’s little theorem, 297, 298, 300

Mallory (literature convention), 2, 23Mapping, 4; See also Functions

AESdecryption, 429–432encryption, 422–423, 424,

436–437, 439–440affine function; See Affine function/

mappingtwo-round, 541–543

MARS, 418Match counts, horizontal shifted, 218Mathematical description, AES S-box,

443–444Mathematical foundations of

cryptography, 2, 3readings in, 615–616selections for further reading,

615–616Matrices, 145–179

AES, 424–425, 437, 444anatomy of matrix, 145–146arithmetic operations, 149–151

addition, subtraction, and scalar multiplication, 146–147, 149, 150, 175

multiplication; See also Matrix multiplication

K10916_Book.indb 639 7/13/10 11:09:45 AM

640 Subject Index

classical adjoint for matrix inversions, 159–162


definition of, 147–148exercises, 166–174exercise solutions, 526–530,

587–592Hill cryptosystem, 162–166modular integer systems, 156–158,

161multiplication, 147–149nibble, 424–425, 427

exercises, 441scaled-down AES encryption,

422noncommutative ring, 379noncommutativity of, 148–149square (invertible) matrix

definition of, 151–153determinant of, 153–155inverses of 2x2 matrices,

155–156transpose of matrix, 156

Matrix distributive law, 171Matrix multiplication, 147–149

AES decryption, 440AES encryption, 423associativity property, 149block, 172–173chain, 167–168computer implementations and

exercises, 179definition of, 147–148Mix Column mapping, 430nibble, 441noncommutativity of, 148–149ring axioms and, 379scalar; See Scalar multiplicationStrassen’s algorithm, 173–174

Matsui, Mitsuru, 273Mauchly, John W., 252Members, set, 491Menezes, Alfred, 273, 616, 617Merkle, Ralph, 22, 273, 331, 352, 353Merkle–Hellman knapsack

cryptosystem, 352–356computer program for, 374–375exercises, 364–365

Mersenne, Marin, 81Mersenne primes, 342Microdots, 100Miller, Gary, 312Miller, Victor, 451Miller–Rabin test, 312–314

computer program for, 327–329exercises, 323with factoring enhancement,

315–316, 323Minoan script, 93, 94

Mix Column Transformation, AES, 440computer programs for, 447, 448decryption, 431, 440, 448encryption, 422–423, 424, 428,

436–437exercises, 444–445inverse, 431, 440

Modes of operation, block cryptosystems, 274–279, 285

mod function, computer, 57, 86–87, 161Mod n primitive roots, exercises,

321–322Modular arithmetic; See also

Divisibility and modular arithmetic

AES algorithm operations, 433, 434Chinese remainder theorem, 67–71computer implementations and

exercises, 175–179and congruences, 52–58elliptic curve-based factoring

algorithm, 476exercises, 321integer systems, 58–60inverses, 60–61matrix, 175Mix Column mapping, 430public key cryptography; See Public

key cryptographysolving linear congruences, 64–66square root modulo m, 83–84

Modular elliptic curvesaddition of elliptic curves over ℤp,


exercises, 484, 485Diffie–Hellman key exchange,

467–470discrete logarithm problem on,

466–467exercises, 478, 479, 480, 481,

482–483fast integer multiplication of points

on, 470–471plaintext representation on, 471–473properties of, 460–462sizes of, 462–463

Modular exponentiationalgorithm complexity analysis,

assessing work required to execute, 247

discrete logarithms, 334, 335Euler’s theorem, 300–301exercises, 319, 320fast, 239–240, 296–297, 545–546;

See also Fast modular exponentiation

squaring algorithm for, 250Modular frequency counts, computer

program for, 216

K10916_Book.indb 640 7/13/10 11:09:45 AM

Subject Index 641

Modular integer matrices, 156–158computer implementations and

exercises, 175–177, 178–179addition and scalar

multiplication, 175determinant of, computing using

cofactor expansion, 176invertibility, 157–158, 161, 175–176,

178–179Modular integers

alphabets, 95–96elliptic curve-based factoring

algorithm, 476elliptic curves over, 459, 460–462invertible, modular orders of,

301–302rings, 379

Modular inversesbrute-force approach, 87Hill cryptosystem decryption, 164

Modular orders of invertible modular integers, 301–302

Modular polynomials, 402–403, 406, 411, 443

Modular powers, 321Modulus attacks, RSA cryptosystem,

342, 365Monoalphabetic ciphers, passive attacks

on substitution cipher, 12–15Monotonicity, probability rules, 504Moore, Gordon, 356Moore’s law, 356–357, 440Multiples, divisibility, 43, 389Multiple solutions, knapsack problems,

349–350Multiplication

AES algorithm operations, 433, 434

algorithm complexity analysis, assessing work required to execute, 246, 247

algorithm with base b expansions, 234–237

counting principles, 495–499fast integer multiplication of points

on modular elliptic curves, 470–471

fields, 383finite fields, 384Galois fields, 399, 400, 401, 402

AES encryption, scaled-down version, 423

AES security, 417computer program for, 413

matrix; See Matrix multiplicationmodular integer systems, 59mutativity of, 380nibble, 419, 446polynomials; See Polynomials,

multiplication

rings, 378, 380, 381, 406–407, 410scalar; See Scalar multiplicationvector, polynomials in ℤp[X],

388Multiplication principle, 13, 495–499Multiplication rule, 509Multiplicative functions, exercises,

324–325Multiplicative groups, 459Multiplicative identity, 379, 383, 410Multiplicative inverse, rings, 379–380Mutativity of multiplication, and

distributive law, 380Mutually exclusive events, 503,

509–510Mutually exclusive (disjoint) sets, 493

N

Nagell, Tryqve, 294National Bureau of Standards (NB),

253National Institute of Standards and

Technology (NIST), 251, 253, 254, 345, 417, 418

National Security Agency (NSA), 3, 252–253, 357

Native American languages, 93–94Navajo speakers in WW II, 93n-gram, 190Nibbles, AES, 419–421


encryption, 424–425, 427exercises, 441, 444–445

Nibble Sub mapping, inverse of, 430, 439–440

Nibble Sub Transformation, AEScomputer programs for, 447decryption, 431encryption, 422, 424, 428exercises, 445

Nicolas, Jean Gustave, Baron de la Vallée Poussin, 294

Noncommutative ring, 379Nonrepudiation, 25, 340Nonsingular elliptic curve

as abelian group under addition operation, 465

computer implementations and exercises, 483–484, 485

definition of, 452exercises, 478, 479, 480, 481, 483fast integer multiplication of points

on, 470–471graphs, 453, 454over modular integers, 460–461over real numbers, 452Waterhouse’s Theorem, 463

NP complete problems, 24, 350

K10916_Book.indb 641 7/13/10 11:09:45 AM

642 Subject Index

Nullsaffine ciphers with, computer

programs, 137–138evolution of codemaking, 102–105homophones combined with, 107

Number of roundsDES, scaled-down, 258Feistel cryptosystems, 255

Numbers, matrix terminology, 146Number systems, abelian group,

458–460Number theory and algorithms, 43,

293–329Carmichael numbers, 311–312computer implementations and

exercises, 325–329divisibility and modular arithmetic;

See Divisibility and modular arithmetic

Euler phi function, 298–299Euler’s theorem, 300–301exercises, 319–325exercise solutions, 545–550,

601–604Fermat’s little theorem, 295–298Fermat’s primality test, 309–311Miller–Rabin test, 312–316

with factoring enhancement, 315–316

modular orders of invertible modular integers, 301–302

order of powers formula, 305–308Pollard p-1 factoring algorithm,

316–319prime number generation,

308–309prime number theorem, 293–295primitive roots, 302–305

determination of, 304–305existence of, 304

O

Object weights, knapsack problems, 349, 350–352

computer programs for, 374Merkle–Hellman knapsack

cryptosystem, 352–356Octal expansions, 225OFB (output feedback) mode, 278–279One, multiplicative identity in R, 379One-time pad, 25–28, 40One-to-one functions

overview, 5–7substitution ciphers, 8–11

One-unit shift permutations, 119One-way functions

Merkle–Hellman knapsack cryptosystem, 353

public key cryptography, 333–334

Onto functionsoverview, 5–7substitution ciphers, 8–11

Ordered lists, Cartesian product set, 496

Ordered pairs, 20, 378, 564, 583binary operations, 377, 378elliptic curves

modular, 460, 461, 462over real numbers, 452

Order of powers formula, 305–308Orders, 293

computer program for, 326computing, 303elliptic curve

addition of elliptic curves over ℤp, 465, 466


exercises, 321modular, of invertible modular

integers, 301–302Outcome, experiment definition, 501Output feedback (OFB) mode

active attack on, 285block cryptosystems, 278–279

Output target set, basic concepts, 5Overview, 1–41

attacks on cryptosystems, 12–15computer implementations and

exercises, 35–41computer-generated random

numbers, 39–41integer/text conversions, 36–37programming basic ciphers with

integer arithmetic, 38–39vector/string conversions, 35–36

definitions of basic concepts, 1–4exercises, 28–35

ADFGVX cipher, 32–35solutions, 515–517, 569–572

functions, 4–8inverse, 7–8one-to-one and onto, bijections,

5–7one-time pad, perfect secrecy,

25–28Playfair cipher, 18–25substitution ciphers, 8–11Vignière cipher, 15–18

P

P NP question, 24Painvin, Georges, 33–34Pairwise mutually exclusive events,

503, 509–510Paradoxes, set definition, 491Partial substitutions, computer program

for, 215

K10916_Book.indb 642 7/13/10 11:09:45 AM

Subject Index 643

Pascal, Blaise, 295Passive attacks

on affine ciphers, 98–100basic concepts, 12on substitution cipher, 12–15

Perfect secrecy, 26Performance guarantee, Miller–Rabin

test, 314Periodicity, powers of mod integers,

293Periodic substitution ciphers, Friedman

attack, 192Permutation ciphers, 101Permutations

conjugates of, 123evolution of codemaking

computer representations of, 140–143

cyclic, 114–119enigma machine dissection into,

119–126tabular form notation for,

110–111random, computer program for

generating, 219–220substitution ciphers, 9

Phaistos disk, 92–93, 94Phi function, Euler’s, 298–299, 303,

320Plaintext

basic concepts, 2, 3conversion to numerical equivalents,

225–228cryptosystem components, 94Enigma machine properties, 126monoalphabetic and polyalphabetic

ciphers, 12–13representation on modular elliptic

curves, 471–473computer implementations and

exercises, 486exercises, 481, 482

scytale cipher, 101–102substitution ciphers, 8–11

Plaintext attacks, 12affine ciphers, 98–99chosen; See Chosen plaintext

attacksknown; See Known plaintext attacks

Playfair, Lyon, 18Playfair cipher

overview, 18–25programming with integer

arithmetic, 39Plugboard, Enigma machine elements,

112, 113, 121Points, elliptic curve, 451

addition, 455computer implementations and

exercises, 484, 485–486

Diffie–Hellman key exchange, 468elliptic curves over real numbers,

452modular, determination of number

of, 462, 463Polish codebreakers, Enigma attack

methods, 203, 204Pollard, John, 317Pollard p-1 factoring algorithm,

316–319comparison with Lenstra’s

algorithm, 487computer program for, 329exercises, 323

Polyalphabetic ciphers, passive attacks on substitution cipher, 12–15

Polynomial complexity, RSA security guarantees, 357

Polynomialsaddition, 388, 398

computer program for, 411exercises, 407nibble, 419, 420polynomials in ℤp[X], 386–387

AES algorithm operations, 432, 433–434

Ben-Or’s irreducibility determination algorithm, 410–411

building finite fields from, 396–399with coefficients in ℤp, 385computer programs

for checking irreducibility, 412for extended and regular

Euclidean algorithm for, 414for multiplication, 413

congruences in ℤp[X] modulo as fixed polynomial, 395–396

constant, 385divisibility in, 389–390division, 407, 408

computer program for, 412division algorithm for, 391–395nibble operations, 421

elliptic curves over, 460–462Euclidean algorithm, 404–406,

408–409fundamental theorem of algebra, 453Galois fields, 382, 399–403irreducible/irreducibility, 405

Ben-Or’s irreducibility determination algorithm, 410–411, 414–415

computer program for checking, 412

computer programs for checking, 412

defined, 390exercises, 408test of, 394, 395

modular, 402–403, 406, 411, 443

K10916_Book.indb 643 7/13/10 11:09:45 AM

644 Subject Index

multiplication, 386–387, 388, 398, 407

AES algorithm operations, 433, 434

computer programs for, 412, 413nibble, 419, 420in ℤp[X], 386–387in ℤp[X](mod m), 413

nibble addition and multiplication, 419, 420

as ring, 388–389vector representation of, 387–388

Polynomial time algorithms, 309, 355–356

Schoof’s, 468Polynomial time prime factorization

algorithm, 357Positive integers, number theory, 43Positive integer solutions, 70, 295, 320Powers

exercises, 321modular orders of invertible

modular integers, 301–302order of powers formula, 305–308periodicity in, 293

P problems, 24Prime certification tests, 309Prime factorialization, 24, 309, 357


elliptic curve arithmetic-based algorithms, 451

Prime factors, 45, 46elliptic curves, 476modular inverses, 60–61Pollard p-1 factoring algorithm,

317, 318prime factorization program, 85–86prime number theorem, 294public key cryptography, 605RSA cryptosystem, 347, 368

Prime moduluselliptic curve points, 478elliptic curves over modular

integers, 459, 460–462Prime numbers

Diffie–Hellman key exchange, 336, 337

ElGamal cryptosystem, 347Fermat’s primality test, 309–311finite fields, 377generation of, 308–309industrial-grade, 314modular arithmetic, 44–46


factorizations, 44, 45fundamental theorem of

arithmetic, 44Mersenne primes, 81–82

relatively prime integers, 46–47square root modulo, 83–84Wilson’s theorem, 84–85

modular powers, 321Pollard p-1 factoring algorithm,

316–319primitive roots, 303RSA cryptosystem, 340, 342Sophie Germain primes, 337tests of primality

Carmichael numbers, 311–312computer programs for, 327–329exercises, 323–324Fermat’s little theorem, 309–311Fermat’s primality test, 309–311,

327Miller–Rabin test, 312–316,

327–329Pollard p-1 factoring algorithm,

316–319Prime number theorem, 293–295

exercises, 319, 545prime number generation, 308

Primitive rootselliptic curve analogues, 466modular elliptic curves, 461number theory, 293, 302–305,

547–548public key cryptography

computer programs for, 326determination of, 304–305Diffie–Hellman key exchange,

336, 337exercises, 321–322existence of, 304Gauss’s algorithm, 307–308number theory concepts,

302–305Private key

Diffie–Hellman key exchange, 469, 470

public key cryptography, 23, 24, 338ElGamal cryptosystem, 346Merkle–Hellman knapsack

cryptosystem, 353Private key cryptosystems, 21Probabilistic factoring algorithm, RSA

security guarantees, 358Probabilistic primality test, 308Probability, 295; See also Randomness

and probabilityProbability function, 502, 504, 507Probability rules, 504Product

matrix multiplication, 148nibble, 419polynomials in ℤp[X], 386rings, 410

Proper subsets, 493Pseudoprime generating program, 329

K10916_Book.indb 644 7/13/10 11:09:45 AM

Subject Index 645

Pseudorandom numbers, 27Public key

ElGamal cryptosystem, 346Merkle–Hellman knapsack

cryptosystem, 353public key cryptography, 23, 338RSA security guarantees, 357

Public key cryptography, 21–22, 331–375


definition of, 94Diffie–Hellman key exchange,

336–337digital signatures and

authentication, 343–345discrete logarithm problem, review

of, 334–335ElGamal cryptosystem, 345–349

digital signatures with, 347–349exercises, 360–369exercise solutions, 550–554,

604–607features of cryptosystems, 24–25government controls on

cryptography, 356–357informal analogy for cryptosystem,

331–332knapsack problems, 349–356

Merkle–Hellman knapsack cryptosystem, 352–356

number theory conceptsorders, 301–302primitive roots, 302–305

one-way functions, 333–334quest for complete public key

cryptosystem, 337–338quest for secure electronic key

exchange, 332–333RSA cryptosystem, 338–343RSA security guarantees, 357–360

Puzzles, Chinese remainder theorem, 67–71

Q

Quality control, 510–511Quantum computers, 357Quotient

definition of, 47division algorithm for ℤp[X], 391,

392

R

Rabin, Michael, 312rand, random integer generation, 40Randomized encryption

homophones, 106–107nulls, 104–105

Randomly generated matrix, computation of invertibility probability, 178–179

Randomness and probability, 501–513binomial random variables,

511–513birthday problem, 505–507conditional probability, 507–509conditioning and Bayes’ formula,

509–511pseudorandom number generation

algorithm, 27random variables, 511–513terminology and axioms, 501–507

Random numbers, computer-generated, 28, 39–41

Random permutations, computer program for generating, 219–220

Random substitution ciphers, 220Random variables

binomial, 511–513discrete, 511

Range, functions, 4, 5RC6, 418Real numbers

elliptic curves over, 452–454, 478, 483–484

floor function, 40Rearrangement, substitution ciphers, 9Reflection, and associativity, 483Reflector, Enigma machine elements,

112, 113Reflexivity, congruency properties, 54Rejewski, Marian, 203, 204Rejewski’s attack, 203–205Relative complements, set, 493Relatively prime integers, 50, 60, 61, 96

exercises, 83, 324modular arithmetic, 46–47pairwise, 68, 69, 70, 71passive attacks on affine cipher,

98, 99programs, 89

Remainder(s)congruences and, 55–56definition of, 47division algorithm for ℤp[X], 391,

392Rijmen, Vincent, 418Rijndael, 418–419Rings

AES S-box, 444building finite fields from ℤp[X],

396–399commutative, 58congruences in ℤp[X] modulo as

fixed polynomial, 395–396exercises, 406–407, 408finite fields, 378–380, 381, 383, 384

K10916_Book.indb 645 7/13/10 11:09:46 AM

646 Subject Index

integral domains, 409–410polynomials in ℤp[X] as, 388–389

Ritter, Richard, 111Rivest, Ronald, 22, 331, 338, 339Root cubic equation, elliptic curve

graphs, 453Roots

elliptic curves over real numbers, 453

Gauss’s algorithm, 325matrix, computer implementations

and exercises, 174modular elliptic curves, 461polynomials in ℤp[X], 409primitive; See Primitive roots

Rosetta stone, 92rot13 cipher shift, 10Rotate Nibble operator, 425Rotors, Enigma machine elements, 112,

113, 120, 121–122Rotor window, Enigma machine

elements, 113Round constants, AES encryption, 425,

439Round key function

DES, 267, 269computer programs for, 288,

289–290scaled-down, 263, 281

Feistel cryptosystems, 255Round keys

AES, 422, 424computer program for, 446exercises, 441, 442

DES, 259, 265, 271, 282computer programs for,

287–288, 289generation of, 259

Round-off errors, 161Round robin tournaments, application

of congruences, 80Rounds

AES, 421, 422, 440DES, 258, 260, 261, 264Feistel cryptosystems, 255

Row matrix, 146Rózycki, Jerzy, 203, 204RSA (Rivest, Shamir, Adleman)

cryptosystem, 24, 273, 339computer programs for, 370–371,

372development of, 22digital signatures, 344–345exercises, 361–363, 365–366,

367–368mathematical problems providing

security, 338Public key cryptography, 338–343security guarantees, 357–360

RSA RC6, 418

RSA Security, 45, 294, 345RSA-640, 327, 372Russian alphabet, 95

S

Sample space, experiment, 501–503partitioned, 509–510reduced, conditional probability,

507Saxena, Nitin, 309S-box

AEScomputer programs for,

446–447, 448, 449encryption, 423–424, 428encryption algorithm, 437, 439exercises, 441, 443–444inverse, 430, 448

DES, 267, 268computer programs for, 288, 289exercise, 284scaled-down, 261–262, 281, 282

S-box table, AES, 423Scalar multiplication


elliptic curve exercises, 480matrix, 146–147polynomials in ℤp[X], 388

Scalars, defined, 146, 147Scaled-down AES; See Advanced

encryption standard protocolScaled-down DES

computer programs for, 287–289exercises, 281–282

Scaled-down Enigma machinescomposition of functions, 120–121computer programs, 141–143

Scherbius, Arthur, 111Schoof’s algorithm, 468Scytale, 101Scytale cipher, 101–102, 128, 136–137Second quotient, division algorithm for

ℤp[X], 391Self-cancelling properties, XOR, 255,

429Self-decryption proof, DES and Feistel

cryptosystems, 285Serpent, 419Set differences, 494Sets

basic concepts, 4, 5basic counting principles, 495–499binary operations, 377concepts and notations, 491–495finite fields, 377modular elliptic curves, 452

Set theory, probability theory and, 503Shamir, Adi, 22, 338, 339, 355–356

K10916_Book.indb 646 7/13/10 11:09:46 AM

Subject Index 647

Shannon, Claude, 25, 26Shannon’s properties of diffusion and

confusion, 272, 419Shift cipher, 38, 95Shift permutation, 189

Caesar cipher, 10one-unit, 119

Shift register, cipher feedback (CFB) mode, 276

Shift Row mappinginverse of, 440reverse order, 429

Shift Row Transformation, AESdecryption, 431encryption, 422, 424, 428, 429, 436exercises, 444–445

Shor, Peter, 357Signature exponent, ElGamal

cryptosystem, 347Significant digits, computing

platforms and, 325; See also Computation issues

Simultaneous congruences, Hindu puzzle, 67–71

Single linear congruence, solving, 66Singleton set, 492Singular elliptic curve

definition of, 452graphs, 454over modular integers, 460over real numbers, 452

Sizesmatrix, 145of modular elliptic curves, 462–463

Sophie Germain primes, 337Spaces

frequency analysis-based attacks, 183

RSA cryptosystem, 340substitution ciphers, 10

Spinner, randomized encryption, 104–105

Square (invertible) matrixcomputer implementations and

exercises, 175–176definition of, 146, 151–153determinant computation, 159determinant of, 153–155general cofactor expansions,

171–172inverses of 2x2 matrices, 155–156,

174–175Square roots

modular elliptic curves, 461, 462modulo m, 83–84

Standards, 2Digital Signature Standard (DSS), 345encryption; See Advanced

encryption standard protocol; Data encryption standard

State matrix, Mix Column mapping, 430

State transformations (mappings); See Mapping

Statistical frequency counts, 13–14Steganography, 100–102Storage

two’s complement representation scheme, 245–246

as vectors or strings, 248Strassen, Volker, 150Strassen’s algorithm, 150–151, 173–174,

179Stream modes, block cryptosystems,

276–279Strings, 254

basic concepts, 3computer programs

for extracting ciphertext data from ciphertext string, 216–218

XOR operation, 287integers in different bases, 248–250vector/string conversions, 35–36

String size, AES, 417Strong avalanche condition, AES, 419Subblocks, cipher feedback (CFB)

mode, 276Submatrix, 154Sub Nibble operator, 425Subsets, 5, 492Substitution box, DES, 261–262, 267,

268Substitution ciphers

Caesar cipher, 9–11evolution of codemaking, 102

cryptosystem components, 95homophonic, 107steganography, 100–101

frequency analysis-based attacks, 183–186

overview, 8–11passive attack example, 12–15random, computer implementations

and exercises, 220Substitution permutation network, 419Substitutions

congruent, 56–57partial, computer program for, 215

Subtractionalgorithm complexity analysis,


matrix, 146–147rings, 379

Subtraction algorithm with base b expansions, 231–234

Sumaddition of elliptic curves over ℤp, 464elliptic curve addition, 455

K10916_Book.indb 647 7/13/10 11:09:46 AM

648 Subject Index

nibble, 419polynomials in ℤp[X], 386

Superincreasing weights, knapsack problem, 350–352

computer programs for, 374exercises, 364–365Merkle–Hellman knapsack

cryptosystem, 352–356Symbolic Analysis of Relay and

Switching Circuits, A. (Shannon), 25

Symbolic computing platforms, 296, 314, 325, 334, 369

elliptic curve operations, 483Lenstra’s algorithm, 477public key cryptography, 334RSA cryptosystem, 341

Symmetric key cryptosystems, 21, 23, 24; See also Private key cryptosystems

definition of, 94DES development, 95substitution ciphers, English

alphabet, 96Symmetry

congruency properties, 54matrix, 156

T

Tablesbasic concepts, 3–4tabular form notation for

permutations, 110–111, 220Tangent line, elliptic curve properties,

453T-attack, 272–273Tempest devices, 357Ternary expansions, 225Text

integer/text conversions, 36–37plaintext; See Plaintext

Three-round Feistel systems, 280–281


self-decryption proof, 285Time algorithm, Schoof’s, 468Traicté des Chiffres ou Secrètes

Manières d’Escrire (Vignière), 15

Transitivitycongruency properties, 54divisibility, 44, 68, 389

Transpose of matrix, 156, 171Transposition ciphers, 101–102Trapdoor (one-way) function, 333–334,

353Treatise on Numerals and Secret Ways

of Writing (Vignière), 15

Tree diagram, counting principles, 496Trial (experiment), defined, 501Trigram, 190Trigraphs, 107Triple composition, 122Triple DES, 273–274, 291–292, 333Trithemius, Johannes, 15Trivial cycle, 115, 116Turing, Alan, 206–208Twofish, 419Two-round encryption mapping,

541–543Two-round Feistel systems, 258, 259,

263, 280Two’s complement representation

scheme, 245–246

U

Union, sets, 491, 492–495Unique factorization, in ℤp[X], 405Universal set, 494

V

Vacuously true, 493van Oorschot, Paul, 273, 617Vanstone, Scott, 273, 616, 617Vatican ciphers, 102Vaudenay, Serge, 356Vector addition, 457Vector multiplication, polynomials in

ℤp[X], 388Vectors, 254

Cartesian product set, 496conversion programs, 286dot product formula, 199–200integers in different bases,

248–250knapsack problem reformulation,

350nibble addition and multiplication,

419polynomial representations,

387–388rings, 406–407XOR program, 287

Vector/string conversions, 35–36Venn diagrams, 492–495, 505Vernam, Gilbert S., 26Vernam cipher, 26Verser, Rocke, 273Vignière, Blaise de, 15Vignière cipher, 107

demise of, 187–192Babbage/Kasiski attack,

188–192Friedman attack, 192

Friedman attack, 197–201ciphertext-only, 200–201

K10916_Book.indb 648 7/13/10 11:09:46 AM

Subject Index 649

Hill cryptosystem with, 166one-time pad as, 28overview, 15–18programming with integer

arithmetic, 38–39Vignière tableau, 16, 17

W

Waterhouse’s theorem, 463, 476Weak keys, DES, 284Weights, object; See Object weights,

knapsack problemsWheatstone, Charles, 18Wilson’s theorem, 84–85Winograd, Shmuel, 150Witness, primality test, 309–311, 314Word length, 10, 240Word size, 238Wright, Edward V., 294Wright, Ernest Vincent, 14

X

XOR operation, 254–255, 383, 407AES, 428, 445

computer implementations and exercises, 447, 449

encryption, 427exercise, 285nibble addition, 420self-cancelling properties, 255, 429

Y

Young, Thomas, 92

Z

Zero, 378Zero polynomial, 385, 387, 394Zuse, Konrad, 251, 252Zygalski, Henryk, 203, 204

K10916_Book.indb 649 7/13/10 11:09:46 AM

subject index - stanoyevitch

Documents