Professional Documents
Culture Documents
Date: 03/12/2004 ECE575 - HW4 Venkat Suryadevara: K K 3 K K
Date: 03/12/2004 ECE575 - HW4 Venkat Suryadevara: K K 3 K K
Problem 8.6.1:
Show that if someone discovers the value of k used in the ElGamal signature scheme,
then a can also be determined.
Solution:
“a” can be found in the following way if “k” is used in ElGamal Signature Scheme
In ElGamal SS, s is given by
s = k ^–1 (m-a*r)
s*k = m-a*r
s*k – m = -a*r
(m-s*k)/r = a
Hence, if “k’ is known then “a” can be computed.
Problem 8.6.3:
Let p =11, q=5, =3, and k=3. Show that ( ^k (mod p)) (mod q) ( ^k (mod q))
(mod p). This shows that the order of operations in the DSA is important.
Solution:
3. Given the values p=11, q=5, =3, k=3
Problem 8.6.4:
Let p be a prime and let be an integer with p . Let h(x) ^x (mod p). Explain
why h(x) is not good cryptographic hash function.
Solution:
.Hash function is h(x) = x (mod p)
:h(x) is not a good hash function because
.Assume p=7, =5. and find different values of x
;We get the same value for x=3 ,x=9,x=15
> modp(Power(5,3),7);
6
> modp(Power(5,9),7);
6
> modp(Power(5,15),7);
6
Since the hash function is mapping different values of x to the same hash key, the given
function cannot be a good hash function.
Problem 15.6.2:
(a) List the points on the elliptic curve E: y2 = x3 – 2 (mod7).
(b) Find the sum (3, 2) + (6, 5) on E
(c) Find the sum (3, 2) + (3, 2) on E.
Solution:
(a)
x 0 y 2 2 mod 7 5 mod 7 no solution
x 1 y 2 1 mod 7 6 mod 7 no solution
x 2 y 2 6 mod 7 no solution
x 3 y 2 25 mod 7 (5) 2 mod 7 no solution
(3,5), (3,2)
x 4 y 2 62 mod 7 6 mod 7 no solution
x 5 y 2 214 mod 7 4 mod 7 (2) 2 mod 7
(5,2), (5,5)
y y1 5 2
2 1
x 2 x1 63
x3 x1 x 2 1 3 6 8 mod 7 6 mod 7
2
y ( x x ) y (3 6) 2 5 mod 7 2 mod 7
3 1 3 1
P+Q=R (3,2)+(6,5)=(6,2)
(c) P(x1, y1)=(3,2) on E
P(x1, y2)=(3,2) on E
Since we are adding point P to itself, it is one of the cases of the addition rule for Elliptic
Crypto Systems.
2
3 x1 a 3(3 2 )
mod 7( note a )
2 y1 2 2
27 4 1 mod 7 6 4 1 mod 7
6 2 mod 7 12 mod 7 5 mod 7
6 2 mod 7 12 mod 7 5 mod 7
x3 2 x1 x 2 25 3 3 19 mod 7 5 mod 7
y 3 ( x1 x3 ) y1 5(3 5) 2 12 mod 7 2 mod 7
Problem 15.6.10:
Let x = b1b2…bw be an integer written in binary. Let P be a point on the elliptic curve E.
(a) Show that Rw = xP
Let x be a positive integer and let P be a point on the elliptic curve.
(b) Show that the given procedure computes xP
Solution:
Excluded in this HW
Computer Problems
Problem 8.7.1:
Suppose we use ElGamal signature scheme with p=655539, =2, =33384. We send
two signed messages (m, r, s): (809, 18357, 2042) (=hi) and (22505, 18357, 26272)
(=bye).
(a) Show that the same value of k was used for each signature
(b) Use this fact to find this value of k and to find the value of a such that = ^a
(mod p)
Solution:
Given values: p=65539, alpha=2, beta=33384, m1=809, m2=22505, r=18357, s1=1042,
s2=26272
Now solving for “a” using the equation ar = m1-ks1 (mod p-1)
Problem 8.7.4:
(a) If there are 30 people in classroom, what is the probability that at least two have
the same birthday
(b) How many people should there be in a classroom in order to have a 99% chance
that at least two have the same birthday
(c) How many people should there be in a classroom in order to have 100%
probability that at least two have the same birthday
Solution:
(a)
> 1-mul(1.-i/365, i=1..29);
.7063162428
Problem 15.7.2:
You want to represent the message 12345 as a point (x, y) on the curve
y2=x3 + 7x + 11 (mod 593899) write x = 12345_ and find a value of the missing last digit
of x such that there is a point on the curve with this x- co-ordinate.
Solution:
After trying all possible solutions for x, we get…
For x = 123450, y2 = 474965 (mod 593899) It has no solution
For x = 123451, y2 = 426106 (mod 593899) It has no solution
For x = 123452, y2 = 524054 (mod 593899) It has no solution
For x = 123453, y2 = 174916 (mod 593899) It has no solution
For x = 123454, y2 = 566496 (mod 593899) It has no solution
For x = 123455, y2 = 511002 (mod 593899) It has no solution
For x = 123456, y2 = 8440 (mod 593899) It has no solution
For x = 123457, y2 = 246614 (mod 593899) It has no solution
For x = 123458, y2 = 37732 (mod 593899) It has no solution
For x = 123459, y2 = 569598 (mod 593899) It has no solution
Hence there exists no solution for x for which y has a square root.
Problem 15.7.4:
Let P= (2, 3) be a point on the elliptic curve y^2 x^3 – 10x +21 (mod 557).
(a) Show that 189P = but 63P and 27P
(b)Show that P has order 189
(c)Show that elliptical curve has 567 points using Hasse’s Theorem
Solution:
(a) > p=[2,3];
p = [2, 3]
> multell([2,3],189,-10,21,557);
["infinity", "infinity"]
> multell([2,3],63,-10,21,557);
[38, 535]
> multell([2,3],27,-10,21,557);
[136, 360]
(b)
> multell([2,3],189,-10,21,557);
["infinity", "infinity"]
(c) From the given problem, we know that the order of the given curve is 189 And
according to Lagrange’s Theorem, The number of points N is an integral multiple of
order Hence N = 189C. According to Hasse’s theorem, modulus (N – p – 1) 2 p.
Here p=557. So the condition becomes: absolute (189C - 557- 1) 47.
This condition is satisfied only if C = 567. Hence the number of points on the given curve
is N = 189*C = 189*3 = 567
Hence this elliptic curve has 567 points.
Problem 15.7.5:
Compute the difference (5, 9) – (1, 1) on the elliptic curve y^2 x^3 – 11x + 11 (mod
593899). Note that the answer involves large integers, even though the original points
have small coordinates.
Solution:
> addell([5,9],[1,-1],-11,11,593899);
[148475, 222715]
> x:=148475;
x := 148475
> y:=222715;
y := 222715
> y:=222715^2;
y := 49601971225
Answer: Hence the difference between the points is [148475, 222715] (substituting these
values of x and y, LHS=RHS)