‘Undergraduate Texts in Mathematies Abbas Undensandng Anais Cie: A Const erection to “Anglia: Mtberasics"A Conc Mistry Higher Asm Second etn, ‘nd Phiocphy (Cuunge Elementary Probabity Theory Readings n Mshomas. wth Stshai Proto, Third Angla/Lambe: Ts Heritage of Stee "Tee (Conse, Vat, Readings in Mathemates ‘2 Algritns Seed edition. Apa nteodcon Analytic Croom Base Concepts of Algebraic ‘Number Theor. Sond eto, “Topol Armstrong: Dost Tope. Cari Lice Alga: An etrodacory Armsrenf Gioup ar Somme: “Approach Fourth dion ‘Aver: Linear Alsbn Doe ip. Devin: The Jy of Set: Fundamentals Secon eon ‘of Contemporary Set Thay Reardon: Lite New Approach Sccond ton Real Aral Diamier Genel Topology. ‘BatNewman: Complex Anas, Drier: Why Ma Send eon EnbinghausFiany Thomas ancotWermer: Lies Algebra Natematal Logi Sead eitian Tah Geomery Second ediion. Edgar: Meas, Topas) and Fac erbeias A Fr Cousin Re Geometry ‘aa. [tad An ntoduconoDirence ie Conia an Cui A suis, Second ation {Cone ioduion to Apedic Exner: An Accompaniment to Higher Cares stems, Brim: Anion to ner Inde Cle Prabebisic Maeing FncRoenbergr The Funes Bresou Facorzaion aPrinaliy Theory of Aleta “Tsing scher Inet Real Anais Bressoud Second Year Cae ‘laigalKdan: Ces Two Linear Readings athonats, ‘a Nenlnea Functions. Second Brickman: Matter invasion ton ‘olin Propanmng and Care Fleming: Fncione of Several Vases, Theory ‘ecad elton Broder: Mahenate! Ansys Fea Conbtorl Optimization or “tn nrdocton ‘Undergragaes ‘Bucamanns ntostion to Fouls: OptimzatonTehaigues: An ‘Coosa. Tntedocton ‘bose Hoel: Toplopc Spacer Franklin: Mette of Mathematica rom Datanceo Neahtorond "sono, Ccataban: Th Geoncty ofpectine: Frasier a naducton to Wavelets Anforescton Special and Gener Trough Linear Algebra Rei Gunata: Complex Atala Cartevan Brut The Lebesgue Gordan: Dart Probably: ‘Steger neg A Pract irerWanner: Anaya le iso notion Readings Nathene {ceerberg: A Course i Modern ‘Gomis, Sond eon mina er es Johannes A, Buchmann Introduction to Cryptography SpringerJohannes A. Buchmann meres tye ey Department of Computer Science ro tat ‘Techateal University, Darmstadt rae 7 it jo " bruchmanntcdc informatie w-darmeade de torial Board S Asler EM Gebring KA. Ribee Mahematis Deparment Mathematics Department Mathematics Depart Stance ste" Retna Univesty a aldoria aires Univenity of ichigan at bene Son Francca,cA94D2 Aan ire MI@ION” erly a 7B wer athor photograph by Almat Kaa ‘MathematiesSaet Casein (0005 77 inary Gang aig ata Tneraction io crpograpy / Shanes A. Buca cm (Undearaaate wan mates) en biboeapialretrences and nde. Sie 79a (he paper Eadng henry 2 Geese. THe Serle, ‘eam etn: nbrang ine Kryapaphe © SprngeVera, Meer 198 ‘Shot Springer New Tork te ‘ig sre Thin work ma not be ransatadocopie i whole a pat ‘cou ne ween permis he pls (Sprnge nag New Yr es 79 ‘vows or schuty stata Gen cecion any fare of feats i ‘age and rereval, clecaronie adaptation compaterwoltware, or by Mma oat itfsnetholoy no Known reat dete fede ‘The wea gral earipve mer, ade name aerate i ha pbc ste eee opal iden sol at Production manage by A. Oran: manufacturing persia by ne Cute ‘Typeset by The ale on, arena Gx ed anund by bon ere An Ar Mt 91076 5.4.2 (Coreted second printing 2002) SpringerVeriag Now York erin Heder ‘Niner of enmannpine Sene Bes Media bth Preface cryptography is a key technology in electronic security systems. Modern eryptograpic techniques have many uses, suchas to digitally sign documents, for access control, to implement electronic money, and for copyright protection. Because of these important uses itis necessary that users be able to estimate the efficiency and security ‘of exyptographic techniques. It is not sufficient for them to know ‘nly how the techniques work ‘This book is written for readers who want to learn about mod- ‘em cryptographic algorithms and their mathematical foundation Dbut who do not have the necessary mathematical background. It is my goal to explain the basic techniques of modern cryptography, including the necessary mathematical results from linear algebra, Algebra, number theory, and probability theory. I assume only basic ‘mathematical knowledge. ‘The book is based on courses in cryptography that I have been teaching at the Technical University, Darmstadt, since 1996, | thank all students who attended the courses and who read the manuscript carefully for their interest and support. In particulay, ‘would like to thank Harald ater, Gabi Barking, Manuel Breuning Sa- fat Hamady, Birgit Henhapl, Michael Jacobson (oho also corrected my English), Andreas Koti, Markus Maurer, Andreas Meyer, Stefanvi __Preice eis, Sachar Paulus, Thomas Pahler, Marita Skrobic, Edlyn Teske, Patrick Theobald, and Ralf Philipp Weinmann. alao thank ehe staff at Springer-Verlag, in particular Martin Peters, Agnes Herrmann, Claudia Kebl, Ina Lindemann, and Terry Kornak, for their support in the preparation of this book. Darmstadt, Germany Johannes A. Buchmann September 2000 Contents Preface Integers 1 Basics 1.2 Divisibility 1.3 Representation of integers 14 O-and O-Notation 15 Costof Addition, Multiplication, and Division with Remainder 1.6 Polynomial Time 1.7 Greatest Common Divisor 18 Euclidean Algorithm 139 Extended Euclidean Algorithm 4110 Analysis ofthe Extended Euclidean Algorithm LAL Factoring into Primes 112 Exercises 2 Congruences and Residue Class Rings 21 Congruences 22 Semigroups 23 Groups