Semi-random notes on numbers

1 Definitions
Definition 1. Trapdoor/one-way function
Function f satisfying:
1. f (m) can be computed quickly

2. f −1 (n) can be computed quickly with some information

3. f −1 (n) can’t be computed quickly without that information.
Definition 2. Inverse of c mod m
If s is such number that sc ≡ 1 mod m we call s inverse of c and write:

s ≡ c−1 mod m

Inverse (up to a residue) is unique (if it exists).

Definition 3. System of residues mod m (and standard, and reduced)
Set of integers containing exactly one integer from each abstract class.
Standard system: {0, 1, . . . , m − 1}
Reduced system: Contains exactly one representative of each invertible class.
Or symbolically: {c ∈ Z : 0 ≤ c < m ∧ gcd(c, m) = 1}
Definition 4. Euler totient function
Describes cardinality of reduces residues system that is

ϕ(m) = card{c ∈ Z : 0 ≤ c < m ∧ gcd(c, m) = 1}

Definition 5. Order mod m

Let gcd(a, m) = 1 the order of a mod m is smallest d such that

ad ≡ 1 mod m

notation
ordm (a) = d
Definition 6. Co-prime numbers
We say n, m ∈ Z are coprimes iff gcd(n, m) = 1

1
Definition 7. Primitive root modulo n
A number g is primitive root modulo n if every number a coprime to n is
congruent to a power of g modulo n.
In other words g generates multiplicative group modulo n. This is the case iff

gcd(g, n) = 1 ∧ ordn (g) = ϕ(n)

Definition 8. Multiplicative function

Let f be a function. We call f multiplicative if

gcd(a, b) = 1 =⇒ f (ab) = f (a)f (b)

We call f completely multiplicative iff

∀ a b ∈ Z : f (ab) = f (a)f (b)

Definition
Qn 9. Liouville λ function
Let n = i=0 pαi
i
then
n
Y Pn
αi αi
λ(n) := (−1) = (−1) i=0

i=0

Its completely multiplicative

Proof. Simply:
n
!
Y
λ(mn) = λ pα
i
i +βi

i=0
n
Y αi +βi
= (−1)
i=0
Yn n
Y
αi βi
= (−1) + (−1) = λ(n)λ(m)
i=0 i=0

Definition 10. Mobius µ function

Mobius function is defined as follows:
(
λ(n) if n is square-free
µ(n) :=
0 otherwise

is multiplicative:
Proof. Let gcd(m, n) = 1. Suppose both are square free. Then it follows from
the fact about λ function. Suppose one of them is not, without loss of generality
assume its m, then µ(mn) = 0 = µ(m)µ(n). To see that its not completely
multiplicative consider µ(p)µ(p) where p is prime.

2
Definition 11. Number of positive divisors τ (n)
We define τ (n) as number of positive divisors of n. That is

τ (n) = card{d ∈ Z+ : d | n}

Obvious properties. Let p be prime, then:

τ (p) = 2

and
τ (pk ) = k + 1

Definition 12. Sum of divisors σ

We define it: X
σ(n) = d
d | n

Obvious properties. Let p be prime:

σ(p) = p + 1

and a bit less obvious (using geometric sequence)

k

X pk+1 − 1
σ pk = pi =
i=0
p−1

Definition 13. Perfect number

We call number perfect iff its equal to sum of its proper divisors, that is

2n = σ(n)

example: 6 = 1 + 2 + 3
Definition 14. Open key cryptosystem
Algorithm with public and private keys

Definition 15. Big O

Let f (n), g(n) be two function in ZZ . We say that

g(n) ∈ O (f (n))

if
∃ N : ∀ n ≥ N : g(n) ≤ Cf (n)
Definition 16. Polynomial time
Algorithm is said to be polynomial time if number of bit operations required to
perform it is a in O class with some polynomial.

3
2 Algorithms
Algorithm 1. Fermat factorization
TODO
Algorithm 2. Successive squaring
Method to find an mod m
2i
P
1. We write n as sum of power of twos n = i
r
2. We compute the sequence cr := 22 mod m
3. We compute:
2i i
P Y
an ≡ a i ≡ a2 mod m
i

Example:
2360 mod 1739
First step:
360 = 28 + 26 + 25 + 23
Second step
0
22 ≡ 2 mod 1739
1
22 ≡ 4 mod 1739
22
2 ≡ 16 mod 1739
3
22 ≡ 256 mod 1739
24
2 ≡ 1193 mod 1739
5
22 ≡ 747 mod 1739
26
2 ≡ 1529 mod 1739
7
22 ≡ 625 mod 1739
28
2 ≡ 1089 mod 1739

Third step:
8 6 5 3
2360 ≡ 22 × 22 × 22 × 22 ≡ 1089 × 1529 × 747 × 256 ≡ 667 mod 1739

4
Algorithm 3. Compute kth root modulo Suppose

xk ≡ a mod m

Suppose k, a, m are given. We are looking for x.

We have this restrictions: gcd(k, φ(m)) = 1 and gcd(a, m) = 1
1. Find φ(m).
2. Find s, t such that
1 = s × k + t × φ(m)

3. Find x ≡ as mod m
See that

a ≡ ask+tφ(m)
≡ ask atφ(m)

Since aφ(m) ≡ 1

≡ ask

Example:
Lets find x101 ≡ 262 mod 667:
We start by noting that:

φ(667) = 22 ∗ 28 = 616

After extended euclidean

1 = (−10) × 616 + 61 × 101

We have
x ≡ 26261
We use successive squaring

61 = 25 + 24 + 23 + 22 + 20

Now:
0 2 4
2622 ≡ 262 2622 ≡ 581 2622 ≡ 146
1 3 5
2622 ≡ 610 2622 ≡ 59 2622 ≡ 639

We have
5 4 3 2 0
26261 ≡ 2622 × 2622 × 2622 × 2622 × 2622
≡ 262 × 581 × 59 × 146 × 639
≡ 223

5
Algorithm 4. RSA
Let Bob be the user!
1. First, bot chooses two big prime number p, q and computed

n = pq

and
phi(n) = (p − 1)(q − 1)
Finally Bob chooses encryption exponent e such that gcd(e, φ(n)) = 1.
Bob computes the decryption expontent

d ≡ e−1 mod φ(n)

2. Bob publish public key n, e and keeps p, q, φ(n), d in secret.

3. Alice encodes the message to get a sequence m1 , m2 . . . mn where 0 ≤
mi < n.
4. Alice encrypts the message by computing for each mi

m0i ≡ mei mod n

5. Bob deciphers the message by computing

d
mi ≡ (m0i ) mod n

Note if we now φ(n) and n we can easily find p, q. To see why:

φ(n) = (p − 1)(q − 1) = pq − p − q + 1
p + q = n − φ(n) + 1

We found a sum of p, q.
Consider a polynomial

g(x) = x2 − (p + q)x + n

Now

g(p) = p2 − p2 − pq + pq = 0
g(q) = q 2 − pq − q 2 + pq = 0

So p, q are roots of this polynomial, which can be also written as

g(x) = x2 − (n − φ(n) + 1)x + n

Algorithm 5. Fermat primality test

To test whether n is prime

6
 1. Choose a such that 1 < a < n
2. If gcd(a, n) 6= 1 then n is composite
3. Otherwise compute
an−1 mod n
if the result is not 1 its composite.
4. Repeat a few times.
Definition 17. Pseudoprime
If a, n are numbers such that
an−1 ≡ 1 mod n
and n is composite, we call n pseudo-prime for the base a.
Definition 18. Carmichael number
A composite number n is called Carmichael number if
an−1 ≡ 1 mod n
is satisfied for any a comprime with n.

3 Theorems
Theorem 1. Congruence’s form equivalence classes
1. a ≡ a
2. If a ≡ b mod m then b ≡ a
3. If a ≡ b and b ≡ c then a ≡ c
Theorem 2. Basic properties of modular arithmetic
Let a ≡ a0 mod m and b ≡ b0 mod m then
1. a + b ≡ a0 + b
2. ab ≡ a0 b0
Theorem 3. Modular cancellation
Let gcd(c, m) = 1 then ac ≡ bc mod m implies a ≡ b
Proof. We have
1 = sc + tm
it follows
sc ≡ 1 mod m
Multiplying both sides of ac ≡ bc we get
asc ≡ bsc
a≡b

7
Theorem 4. Divisibility and sum of digits
n is divisible by
1. 9 if its sum of digits is divisible by 9
2. 11 if alternative sum of its digits is

Proof. Similar cases:

1. We have
n
X
a= di 10i
i=0

See that
10 ≡ 1 mod 9 =⇒ 10n ≡ 1 mod 9
then
n
X
a≡ di mod 9
i=0

2. Similar argument but

n
10 ≡ −1 mod 11 =⇒ 10n ≡ (−1) mod 11

Theorem 5. Properties of euler totient function

If p is prime then
ϕ(p) = p − 1
and
ϕ(pd ) = pd − pd−1

Proof. First part is obvious, second:

The only possible values of that are not relatively prime to pd are

1, p, 2p, 3p . . . pd−1 p

Clearly there are pd−1 of them. Therefore

ϕ(pd ) = pd − pd−1

8
Theorem 6. Properties of euler totient function (cont)
Suppose
Yk
n= pα
i
i

i=0

Then
   
1 1
ϕ(n) = (pα0 − pα0 −1 )(pα1 pα1 −1 ) . . . (pαk pαk −1 ) = n 1 − ... 1 −
p0 pk

or using more formal notation

k k  
Y
αi −1
Y 1
ϕ(n) = pα
i − pi
i
=n 1−
i=0 i=0
pi

Proof. We have
k
!
Y
ϕ(n) = ϕ pα
i
i

i=0
k
Y
= ϕ(pα
i )
i

i=0
k
Y
αi −1
= pα
i − pi
i

i=0
k  
Y 1
= pα
i 1−
i

i=0
pi
k
! k
!
Y Y 1
= pα
i
i
1−
i=0 i=0
pi
k  
Y 1
=n 1−
i=0
pi

Theorem 7. Euler function is multiplicative

If gcd(m, n) = 1
ϕ(mn) = ϕ(m)ϕ(n)
Proof. From the definition we need to show:

card{c ∈ Z : 0 ≤ c < mn ∧ gcd(c, mn) = 1}

= card{c ∈ Z : 0 ≤ c < m ∧ gcd(c, m) = 1} × card{c ∈ Z : 0 ≤ c < n ∧ gcd(c, n) = 1}
= card({c ∈ Z : 0 ≤ c < m ∧ gcd(c, m) = 1} × {c ∈ Z : 0 ≤ c < m ∧ gcd(c, m) = 1})

9
To do this we will construct bijection between this sets.
Consider some (y, z) in sets of residues of m, n. Then by Chinese remainder
theorem there exists residua of mn: x such that

x≡y mod n
x≡z mod m

We have our bijection.

Theorem 8. Euclid theorem
If gcd(a, m) = 1 and m | ab then m | b
Proof. We have
1 = sa + tm
multiplying both sides by b
b = s(ab) + tm
clearly m divides right side - which means it divides left side as well.
Theorem 9. Chinese Remainder Theorem
Let m1 . . . mr ∈ Z+ .
Assume that for each 0 < i, k ≤ r such that i 6= q: gcd(mi , mk ) = 1. That is we
have list of pairwise relatively prime integers. Consider system

x ≡ a1 mod m1
...
x ≡ ar mod mr
Qr
then we can construct unique solution to this system modulo M = i=1 mi .
This method can sometimes be useful for finding big exponents. Suppose we
want to find
2360 mod 1739
We can then

x ≡ 2360 mod 37
360
x≡2 mod 47

Proof. Let
M
∀ 0 < k ≤ r : Mk :=
mk
similarly. For all k, let yk be such number that

M k yk ≡ 1 mod m1

Let
r
X
x := ai Mi yi
i=1

10
We claim that x is a number we all looking for. To prove it: let consider
r
X
x≡ ai Mi yi mod mc
i=1
≡ ac Mc yc mod mc
≡ ac mod mc

Theorem 10. Isomorphic systems

Let R be reduced system of residues modulo m, let gcd(a, m) = 1 then

aR := {ar : r ∈ R}

is also reduced system of residues.

Proof. First, we will show all elements are distinct

ar ≡ ar0 =⇒ r ≡ r0 =⇒ r = r0

Since all ar are distinct representatives from each invertible congruent class ar
is reduced system.
Theorem 11. Euler-Fermat theorem
Let gcd(a, m) = 1 then
aϕ(m) ≡ 1 mod m
Proof. Consider reduced system of residues

R := {r0 , r1 . . . , rϕ(m) }

Then, from previous proposition aR generates the same set but in “different
order”. That gives as
Note that first step is valid because each ri ≡ 1 mod m

1 ≡ r0 r1 r2 . . . rϕ(m)
≡ ar0 × ar1 × ar2 . . . arϕ(m)
≡ aϕ(m) r0 r1 r2 . . . rϕ(m)
≡ aϕ(m)

Corollary: Fermat little theorem

ap−1 ≡ 1 mod p
where p is prime and a 6= p.
Theorem 12. ord and ϕ
Let gcd(a, m) = 1 then
ordm (a) | ϕ(m)

11
Proof. From Euler-Fermat aϕ(m) ≡ 1 mod m. Consider ϕ(m) = qordm (a) + r
then:
aϕ(m) ≡ aqordm (a) ar ≡ ar ≡ 1 mod m
Since r can’t be positive integer smaller then d it must be zero.
Theorem 13. Little Fermat Euler 2
Let p be prime
ap ≡ a mod p
Proof. If gcd(a, p) = 1 then its immediate consequence of Little 1. Else

a ≡ 0 ≡ ap mod m

Theorem 14. Little 3

Let p, q be distinct primes then

aϕ(pq)+1 ≡ a mod pq

Theorem 15. RSA theorem

Proof.
Theorem 16. Sum of divisors and multiplicative function
Let f be multiplicative. Then the function
X
F (n) := f (d)
d | n

is also multiplicative.
Proof. Let gcd(m, n) = 1 First lets proof that there is a bijection

{d | n} × d | m

and
{d | nm}
See that (a, b) 7→ ab, because m, n are relatively prime Now:
X
F (nm) = f (d)
d | nm

from the fact shown above

X
= f (d1 d2 )
(d1 ,d2 )∈{d | n}×{d | m}
X X
= f (d1 )f (d2 )
d2 | n d2 | m

12
Here we can push independent term before second sum
  
X X
= f (d) f (d)
d | n d | m

= F (n)F (m)

Theorem 17. τ and σ are multiplicative

Proof. From obvious fact that λ x. 1 is multiplicative it follows that
X
(λ x. 1)d
d | n

also is. And that means that τ is.

For σ consider the function id(x) = x.
Theorem 18. Even perfect numbers
Even number is perfect iff its of the form

n = 2k 2k+1 − 1

and 2k+1 − 1 is prime (its mersenne prime!)

Proof. Suppose n is a perfect even number
then we can write
n = 2k m
where m is odd.
Since σ(n) = 2n we have
σ(2k ) = 2k+1 − 1
and since σ(n) = σ(2k )σ(m) = 2n

2k+1 − 1 | 2n = 2k+1 m

it follows that m is of the form

m = (2k+1 − 1)l

for some l ∈ Z. Lets assume that l > 1. Then

σ((2k+1 − 1)l) ≥ 1 + (2k+1 − 1) + l + (2k+1 − 1)l > 2k+1 l

contradiction. Now lets suppose we have a number of the form given above,
then
σ(2k (2k+1 − 1)) = σ(2k+1 − 1)σ(2k ) = 2k+1 (2k+1 − 1)

13
Theorem 19. Sum of divisor over euler phi
We want to show: X
φ(d) = n
d | n

Proof. Lets first consider

n = pk
where p is prime. Then

X k
X
φ(d) = φ(pk )
d | pk i=0
k
X
=1+ pi − pi−1
i=1

Notice that we have a telescoping series, therefore

= 1 + pk − 1
= pk

Now let Y
n= pα
i
i

then (we use the fact the φ is multiplicative and that sum over divisors also is)
 
X Y X
φ(d) =  d
i α
d | n d | pi i
Y
= pα
i
i

i
=n

Theorem 20. Sum of divisor over euler phi (second proof)

Proof.
Theorem 21. Cardinality of the set

{a ∈ Z : 0 ≤ a < n ∧ gcd(a, n) = d}

is equal to φ( nd )

14
Proof. Lets consider this given set.
If we divide every element of this set by d we get a reduced residua system of
some number. Lets describe this set:
na o
∈ Z : 0 ≤ a < n ∧ gcd(a, n) = d
d
n
We see that all elements in this set are less then d. Lets consider b in this set
and  n
gcd b,
d
If d | b then d2 | bd. Now if d | nd we get contradiction because in original set we
would have gcd equal to d2 . And if d 6 | nd gcd must be 1. Similarly, if d 6 | b gcd
must be one. Therefore this set is clearly a subset of reduced residua classes.
Now suppose that x is element of reduced residua class of nd . Then
n
1 = sx + t
d
multiplying both sides by d
d = (sd)x + tn
That is, it must be part of original set.
Theorem 22. Sum of divisors of n under µ
We will show X n
µ(d) = 1 if n = 10 if n > 1
d | n

Proof. Since µ is multiplicative we only need to check if equation holds for pk

where pk is prime. Clearly n = 1 holds. Now lets consider
n
X
µ(pi ) = µ(p0 ) + µ(p1 ) = 1 − 1 = 0
i=0

Theorem 23. Mobius inversion formula

Suppose f is multiplicative function and F is now and given by
X
F (n) = f (d)
d | n

We claim that X n X n

f (n) = F µ(d) = F (d)µ
d d
d | n d | n

15
Proof. Lets get to it:
 
X n X X
µ(d)F = µ(d) f (e)
d n
d | n d | n e | d
X X
= µ(d)f (e)
n
d | ne | d

n n
There exist bijection from (d, e) with d | n and e | d to e | n and d | e
X X
= µ(d)f (e)
n
e | nd | e
X X
= f (e) µ(d)
n
e | n d | e

From previous theorem we can see that only case when second sum is non zero
is when ne = 1, that is n = e

=n

Exercise 1. example use of mobius inversion formula Recall that we used

(λ x. 1) to construct τ and id to construct σ. Therefore:
X n
1= τ (n)µ
d
d | n

and X n
n= σ(n)µ
d
d | n

Finally we can describe X

n= φ(n)
d | n

So after mobius inversion

X n
φ(n) = dµ
d
d | n

16
Algorithm 6. Complexity of operations:
Addition: O (n)
Subtraction: O (n)
Long multiplication: O n2

Karatsuba: O nlog2 3

Schonhage-Strassen: O (n log n log log n)

Long division: O n2

Computing factorial (naive): O 2k

Computing gcd: O n3

Successive squaring: O n3


√ k 
Checking primality (naive): O 2

Theorem 24. Properties of Big O

• If f (k), f 0 (k) ∈ O (g(k)) then
f (k) + f 0 (k) ∈ O (g(k))

• If f1 (k) ∈ O (g1 (k)) and f2 (k) ∈ O (g2 (k)) then

f1 (k) × f2 (k) ∈ O (g1 (k) × g2 (k))

• Its transitive!
Theorem 25. Relation of Big O with limits
If
f (k)
lim =L<∞
k→∞ g(k)

then f (k) is in O (g(k)).

If
f (k)
lim =∞
k→∞ g(k)
then f (k) 6∈ O (g(k)).
Theorem 26. Polynomial congruences
Suppose we have a polynomial
n
X
g(x) = ai xi
i=0

We consider
g(x) ≡ 0 mod m
And here are two assertions

17
 1. We can replace ai with another coefficient

a0i ≡ ai mod m

and this will not change a set of solutions

2. If x is a solution then y ≡ x also is.
Theorem 27. Number of solutions of polynomial congruence
Suppose p is prime. Consider congruence
n
X
f (x) = ai xi ≡ 0 mod p
i=0

The set of solutions to this congruence is a union of at most d congruence classes

modulo p.
Proof. Induction on d.
For d = 1 we have
ai x + a0 ≡ 0 mod p
so solution is
x ≡ −a0 a−1
i mod p
Step:
If there are no solutions we have nothing to prove. Suppose that c is a solution.
Then we can write

f (x) ≡ f (x) − f (c)

n+1
X
≡ ai (xi − ci ) ≡ 0 mod p
i=0
≡ (x − c)g(x)

Where g(x) has a degree at most d. Thesis follows from induction.

4 Tutorials
4.1 Tut1
Exercise 2. Use Fermat’s factorization method to factorize 629 and 3139.
Exercise 3. Let k be a positive integer and p a prime. Find a formula for the
sum of all the (positive integer) divisors of pk .
Proof. Simply:
k
X
pi
i=0

18
Exercise 4. Show that for any a, b ∈ Z+ we have

gcd(2a − 1, 2b − 1) = 2gcd(a,b) − 1

Proof. First I will show b | a =⇒ 2b − 1 | 2a − 1.

Assume a = qb, then
q
2a − 1 = 2b − 1 = (2b − 1)(. . . )

Assertion follows. And also collary: if a is composite number so is 2a − 1.

Now I will show that if a = qb + r then 2a − 1 ≡ 2r − 1.

2b − 1 | 2a − 2r

After re-writing
2b − 1 | 2r (2qb − 1)
which follows from first assertion.
Now we notice the analogy of to Euclidean algorithm and we are done.
Exercise 5. Determine all pairs of positive integers n, m such that p = n4 +4m4
is prime.

Proof. Notice that

n4 + 4m4 = (n2 − 2nm + 2m2 )(n2 + 2nm + 2m2 )

We see that n2 − 2nm + 2m2 must equal 1 if p is prime.

That is the case if n = m = 1. If n = m > 1 then p is not prime.
Suppose n = m + k then n2 − 2nm + 2m2 = m2 + k 2 .
That tells as that only prime of this form is n = m = 1 that is 5.

4.2 Tut 2
Exercise 6. Show that l2 ≡ k 2 mod p =⇒ l ≡ ±k mod p if p is prime.
Proof. Consider
(l2 − k 2 ) ≡ 0 mod p
that means
p | (l − k)(l + k)
which can only be a case if l = ±k
Exercise 7. Suppose p is prime and q is prime such that q is a divisor of 2p − 1.
Show that
q ≡ 1 mod p

19
Proof. Its given that
2p − 1 ≡ 0 mod q
which we will rewrite as
2p ≡ 1 mod q
We notice that this means ordq (2) | p. But since
ordq (2) > 1
we have
ordq (2) = p
From Fermat Little theorem
2q−1 ≡ 1 mod q
Since only multiple of ord can give 1 we now that
ordq (2) | q − 1
which is equivalent to stating
p | q−1
But then
q≡1 mod p

4.3 Tut 3
Exercise 8.

5 Quiz
5.1 Sample quiz 1
Exercise 9. Find gcd(1020 , 84).
We start by observing:
1020 = 220 × 520
84 = 22 × 3 × 7
Clearly greatest common divisor is 22 = 4.
Exercise 10. Find the smallest prime that divides 123456789123456789.
Clearly its not 2 since 2 6 | 9. We recall that number is divisible by 3 iff sum of
its digits is divisible by 3 and now we can check:
1+2+3+4+5+6+7+8+9+1+2+3+4+5+6+7+8+9 = 2×(1+2+3+4+5+6+7+8+9) = 3+3+9+6+15+9
Notice that all terms in a last sum are divisible by 3 therefore sum also is, and
number as well.

20
Exercise 11. Find which elements 1 ≤ x < 59 is inverse to 17 modulo 59
TODO
Exercise 12. Find the order of 5 modulo 31.

5≡5
52 ≡ 25
53 ≡ 1

So ord31 (5) = 3
Exercise 13. Find the residua of 31010 modulo 7
We see that 1010 = 2 × 505

3≡3
32 ≡ 2
34 ≡ 4
35 ≡ 5
36 ≡ 1

See that 1010 = 168 ∗ 6 + 2. We have

168
(36 ) × 32 ≡ 32 ≡ 2

Exercise 14. Find 0 ≤ x < 195 such that

x≡3 mod 14
x≡2 mod 15

TODO
Exercise 15. Find 21010 mod 111.
We see that 2φ(111) ≡ 2ϕ(3)ϕ(37) ≡ 272 ≡ 1
Exercise 16. Find σ(640), sum of the positive divisors of 640.
See that 640 = 64 × 10 = 27 × 5
Therefore
28 − 1
σ(640) = σ(27 )σ(5) = (5 + 1) = 6(28 − 1)
2−1
Exercise 17. What is the smallest positive integer with exactly 10 positive
divisors.
TODO
Exercise 18. If a simple substitution cipher encrypts the word SUGAR as
JWZXD, what is the decryption of XDZWJ?
TODO

21
Exercise 19. What would be the output of the following MAGMA commands?
> V:=VigenereCryptosystem(3);
> encipheringkey:=V!”BAY”;
> Enciphering(encipheringkey,Encoding(V,”HOTEL”));
TODO

Exercise 20. Suppose you are given two long ciphertexts sct1 and sct2 and
told that one of them is some ordinary English text enciphered with a block
transposition cipher and the other is the same English text enciphered with a
Vigenere cipher. If you see the following MAGMA code, which one was (prob-
ably) enciphered using the block transposition cipher?
> CoincidenceIndex(sct1);
0.0652012312147048057406882815071
> CoincidenceIndex(sct2);
0.0415879787948780874621427836594
The sct1.
Exercise 21. If an RSA cryptosystem has public key (22, 3), what is the
decryption exponent?
TODO
Exercise 22. Suppose that an RSA cryptosystem has a public key of (33, 3).
Encrypt the message [4, 6].
TODO

Exercise 23. What would be the output of the following MAGMA commands?
> p:=NextPrime(100);
> 6p mod p;
From Fermat Little Theorem it follows that output would be 6.

22