CNT 6519, Fall 2019 Assigned: 10/14/2019

S. Lang Assignment #4 (30 pts.) Due: 9 pm EDT, 10/30/2019 on UCF’s WebCourses

Objectives: To learn and answer a few questions about Euler’s Totient function, the RSA
public-key encryption algorithm, Diffie-Hellman Key Exchange algorithm, and polynomial
arithmetic over finite fields.
Notes on the Writing Format and Details Requirements: Be sure to include your work,
including brief explanations, in your answers using your own words in the first tense (and do
not copy/paste the assignment’s questions or instructions as part of your answer!) to each of
the questions; otherwise, inadequate descriptions/explanations or not following the prescribed
format for your work will result in up to 3 points (i.e., 10%) deducted from your assignment’s
grade.
Submission Instructions: Submit your answer in a single file in Word or PDF format to
WebCourses, using the name of: <Last (family) name>,<First (given) full
name>_Assignment<number>.<filetype>, for example, Smith,Jonathan_Assignment4.pdf.
Note: The document “HW4-Remarks.pdf” is provided for your reference, but be sure you
read and understand its “spoiler alert/disclaimer.”

1. (7 pts.) First, recall the definition of Euler’s Totient function (p.42 of Notes#5 on Modular
Arithmetic). For integer n  2, the set of integers  1 and  n1, that are relatively prime
to n, form a (multiplicative) abelian group G; Euler’s Totient function is defined as (n) =
|G|. That is, for integer n  2, (n) = the count of integers, in the range of 1 through n1,
which share no common factors with n except for 1. For example, (8) = 4, since the set
of integers  1 and  7, that are relatively prime to 8, is {1,3,5,7} which has 4 elements;
for any prime p, (p) = p1, since all integers 1, 2, .., p1, are relatively prime to p (by the
definition of p being a prime). There is also a formula for computing (n) once we know
the prime factorization of n:

 1  1  1   1 
 (n)  n 1    n1  1  ...1  , assumingp1 , p 2 ,..., p r , are the prime factors for n
p| n
 p  p1  p 2   p r 

Answer the below two questions:

(a) Suppose for an integer n  2, n = pk, for some prime number p and an integer k  1. In
this question you are to derive the formula for (pk) = pk  pk1 by using a counting
(combinatorial) argument described below (that is, do not use the above general
formula, or use any other formulas directly available in the literature, for answering
this question):
Hint: Consider the set of integers {1, 2, …, n1}, where n = pk, and within this set,
count how many integers that are not relatively prime to n, i.e., count those that share
a common factor with n when n is of the form pk, p a prime. You need to briefly
explain your logic, using Venn diagrams maybe useful (but not mandatory). Also, be
sure in your logic/reasoning that you use the fact that p is a prime. (For example, does
your logic apply when n = 62?)
(b) Determine the last decimal digit of the number 32019 without using a calculator or any
computing tools (including: online tools, computer programs, scripts, etc.).
Hint: The question is the same as computing 32019 (mod 10). Apply Euler’s Totient
Function Theorem (p.42 of Notes#5 on Modular Arithmetic), and simple algebra that
since 34 = 81 =1 (mod 10), 38 = 342 = (34)2 = 1 (mod 10), 312 = 1 (mod 10), etc.
2. (7 pts.) Public-key encryption, also known as asymmetric key encryption, uses a key for
encryption and a different key for decryption (therefore the name “asymmetric”). An
individual (person A) using public-key encryption first needs to create a pair of keys, E
(for encryption) and D (for decryption), using an algorithm such as the RSA algorithm.
The individual (person A) makes the encryption key E public while keeping the
decryption key D secret. Anyone wishing to send a message T (“plaintext”) to person A in
secret would encrypt the message using A’s public key, resulting in a ciphertext C = E(P),
expressed here using the function notation. When person A received the ciphertext C,
applying the decryption D would result in D(C) = D(E(T)) = T, the plaintext. Since person
A is the only person that knows the decryption key D, this encryption method is secure
(even if the encrypted message C is captured by an attacker). The well-known RSA
algorithm for public-key encryption basically uses two large primes to generate the keys,
keeping the two large primes secret while making their product public. The security of
RSA is dependent on the fact that there are currently no known efficient (“polynomial-
time”) algorithms for factoring large numbers.
Answer the below questions which demonstrate the basic ideas of how the RSA algorithm
works.

Consider two primes p = 137 and q = 79. (These are very small primes, used here for
demonstration purposes.). Define n = pq = (137)(79) = 10823.
(a) Compute (pq) where () is Euler’s Totient function.
(b) Determine a number E, 2  E  (pq), so that GCD(E, (pq)) = 1. (Hint: Try E = 5, or
use randomly generated values for E until finding one that works.)
(c) For E selected from (b) find its multiplicative inverse D such that DE  1 mod (pq).
(Hint: use the Extended Euclid’s GCD algorithm on pages 40, 41 of Notes#5 on
Modular Arithmetic.)
(d) For each value of T, T = 99 and 102, compute C = TE mod n, then compute CD mod n,
where n = pq = 10823. What is your conclusion?
(e) Similar to (d), for each value of T = 99 and 102, compute C = TD mod n, then compute
CE mod n, where n = pq = 10823. What is your conclusion?
3. (6 pts.) Consider a variation (simplified and broken version) of the DH Key Exchange
algorithm using a public-key protocol: Two parties A and B wanting to communicate first
agree on a public key (n, g) where n is a (large) prime number, and g a fixed number, 2 
g  n 1. To establish a secret key between A and B, party A chooses a private key
(random number) x, calculates X = g x (mod n), then sends it to party B. Similarly, party
B chooses its own private key y, calculates Y = g y (mod n), then sends it to party A.
When A receives the value Y = g y, it calculates the secret key K = g x + g y (mod n).
Similarly, party B after receiving X = g x (mod n) from A, calculates g y + g x (mod n),
then use it as the secret key. Note that an eavesdropper E monitoring the communications
can capture both X and Y (i.e., both g x and g y, modulo n) although E does not know the
two private keys (random numbers) x and y. (E does know the public key (n, g).) Now
answer the below questions regarding this new secret key exchange algorithm.
(a) Show/explain why the above algorithm works in the sense that it allows the
communicating parties A and B establish a (common) secret key.
(b) Suppose the eavesdropper E, after capturing the value g x (mod n), uses the below
algorithm to calculate/crack the private key x:
Step 1. Set k = 1
Step 2. Compute g k (mod n)
Step 3. Test if g k = (the captured value) g x (mod n): if equal, then found the
private key k, declare “Success” and stop
 Step 4. Otherwise, increment k by 1, go back to Step 2 (unless the value of k =
n; in that case, declare “Failure” and stop)
Explain why the above “brute-force” algorithm is considered inefficient, e.g., suppose
n is a large prime with 600 decimal digits.
(c) Suppose a “smarter” eavesdropper S who also captured the value X = g x (mod n),
realized that the private key x = g1 X (mod n), where g1 denotes the “multiplicative
inverse” of g (mod n). Based on this idea, describe an “efficient” algorithm that
calculates (cracks) the private key x.
(d) (Extra-credit, up to 2 pts.) Describe an efficient algorithm/method, including an
analysis of its time complexity, for an eavesdropper to determine/crack the (common)
secret key established between communicating parties A and B, without having the
need to crack the parties’ private keys.
4. (5 pts.) Determine all divisors of the polynomial f(x) = x5 + x4 + x3 + 1 over GF(2). (Hint:
First, find a degree one polynomial divisor f(x) (if any); if not found, try to find a degree-
two polynomial divisor. When a divisor is identified, divide it into x5 + x4 + x3 + 1 to get a
quotient polynomial. Continue the process by finding the divisors of the quotient
polynomial, etc, until reaching an irreducible polynomial, i.e., no more divisors can be
found. Once you have a complete factorization of f(x), list all its divisors.)
5. (5 pts.) Determine the multiplicative inverse of x3 + x2 + 1 in GF(24), using the prime
(irreducible) polynomial m(x) = x4 + x + 1 as the modulo polynomial. (Hint: Adapt the
Extended Euclid’s GCD algorithm, on pages 40, 41 of Notes#5 on Modular Arithmetic, to
polynomials.)