the birthday problem with applications to cryptography amy prager
TRANSCRIPT
The Birthday Problem with Applications to Cryptography
Amy Prager
The Birthday Problem• How many people need to be in a room in
order to have the probability >1/2 (more likely than not) that at least 2 people share the same birthday?
Probability theory• Probability of an event is
• Number of successful outcomes/number of possible outcomes
• Probability of (any possibility) occurring is 1:
• Number of possible outcomes/number of possible outcomes =1
• Why does this definition make sense?
Examples of probability• Probability of rolling a 2 on a die:
• 1/6 as there are 6 possible outcomes (1,2,3,4,5,6)• But only 1 successful outcome (2)
• Probability of rolling an even number on a die:
3/6=1/2 as there are 6 possible outcomes (1,2,3,4,5,6)
But only 3 successful outcomes (2,4,6)
Probability Quiz!• What is the probability that you pick a spade out of a deck
of cards?• Hint: There are 4 suits (spades,hearts,clubs,diamonds), all
equally distributed
• What is the probability that you pick a 4 out of a deck of cards?
• Hint: There are 13 values of cards (Ace,2,3,4,5,6,7,8,9,10,jack,queen,king), all equally distributed
2 people with the same birthday?
• First person’s birthday matches first person’s birthday: probability 1
• But what about the second person? let’s compute the probability that she doesn’t
What is he probability that something doesn’t happen?• What is the probability that you don’t roll a 2?
• Good outcomes: (1,3,4,5,6)• Bad outcomes: (2)
• Probability of a good outcome: 5/6• Probability of a bad outcome: 1/6
• Probability of a good outcome = 1-probability of a bad outcome
Why is the probability that something doesn’t happen 1-(the probability that it does)?• Probability that anything happens=1
number of possible outcomes/number of possible outcomes=1 ALWAYS!
So
probability (good outcomes)+probability (bad outcomes)
=probability(all outcomes)=1
So
Probability(good outcomes)=1-probability(bad outcomes)
Probability that she doesn’t
• Person 2’s birthday:
• 364 bad outcomes
• 1 good outcome (person 1’s birthday)
• probability of a good outcome
• =1/365
• Probability of a bad outcome
• =364/365
2 people having the same birthday
• 2 people not having the same birthday:
• 364/365
• 2 people having the same birthday:
• 1-364/365: 1/365
A group of 3 people with at least 2 having the same birthday•person 3:
•2 bad outcomes
•probability 363/365
None of the 3 people can share a birthday• Since person 3 cannot share a birthday with person 1 or
person 2:• 363/365• Since person 2 cannot share a birthday with person 1:• 364/365
• What do we do with these 2 values?
Multiplying probabilities together• If we wish to know the probability that 2 events both
happen together, we multiply probabilities together:
• Probability that a card is a spade and a 4 (the 4 of spades):
• Probability that a card is a spade ¼• Probability that a card is a 4 1/13• Probability that a card is the 4 of spades: 1/52
• Why does this make sense?
A card must be a spade and a 4• Only ¼ of the cards are spades• Of these 13 cards that are spades, only 1 of the 13 is a 4.• So only 1/13 of the spades (which are ¼ of the deck) is
the 4 of spades• 1/13*1/4=1/52
What is the general case?• What if we wanted to know the probability that in a group
of n people no 2 people share same birthday?• Can anyone think of a general formula?• How would we go about deriving such a general formula?
n people have the same birthday
•person n
•n-1 bad days
•1-((364/365)*(363/365)...*(365-(n-1))/365))
Probability that 3 people do not share a birthday• Person 3 does not share a birthday with persons 1 and 2• AND• Person 2 does not share a birthday with person 1
• (363/365)*(364/365)
Probability that 3 people do share a birthday• Probability that an event happens=• 1-(probability that it doesn’t happen)
• Probability (3 people share a birthday)=• 1-(probability that they do not share a birthday)
• =1-(363/365*364/365)
Now do you see why we computed it in this way?• It is a lot easier to think of all the ways they do not share a
birthday than the ways that they do!• If you had 4 people:• Person 1 could match person 2 or 3 or 4• Person 2 could match person 1 or 3 or 4• Person 3 could match person 1 or 2 or 4• Person 4 could match person 1 or 2 or 3
• This is difficult to compute. Why?• Large number of terms• Have to be careful to avoid duplication
How many people do you need in a room to have the probability >.5 that 2 people have the same birthday?
• The answer is 23. Why is this?
• Our formula, • 1-((364/365)*(363/365)*…*(365-(n-1)/365))• Grows at an incredibly fast pace!• Why?• Because you are multiplying the part subtracted from 1 by
smaller and smaller quantities
What does this have to do with cryptography?
• Let’s say you are encryping data and someone wants to know your code.
• How could she figure it out?
Let’s say we are using y=2x2-1• Our codebraker could guess some values and see what
the encrypted values are
• x=0 gives us y=-1• X=1 gives us y=3• X=2 gives us y=7
• Could our encryption algorithm be y=4x-1?• After all, this works in all of our guesses!• How can we know for sure?
What if we get the same output twice?
• Y=2x2-1
• x=1 gives y=1• x=-1 gives y=1
• Now we know what the code must be!
• The only function that fits is y=2x2-1!
• Yay!
Why can’t we just guess from a set of values?• Because you never know if there is another higher power
lurking out there in the background!• In our example, we found that • Y(x)=4x-1 worked in several cases!• But we were not sure and could not be sure that
we were correct until we found 2 inputs that gave the same output.
The correct answer is not y=4x-1, but y=2x2-1
What if we had 365 possible outputs?• Let’s say our encryption algorithm had 365 possible
outputs. Would this be easy to crack?• Isn’t this just the birthday problem?
How could you crack a code with 365 possible outputs?• You would need to find 2 inputs that gave you the same
output• Since you would need on average 23 people in a room to
have 2 have the same birthday (why?)• You would need 23 guess on average to have 2 outputs
the same, thinking of the possible outputs as birthdays• You would need 23 guesses on average to be able to
crack the code!• This wouldn’t be very secure, would it?
How many different outputs do we need?• Because the functions of the type we have seen grow so
rapidly, we need very very large numbers of possible outputs to encrypt data securely.