Kruptografða Sumplhrwmatikèc Shmei Seic

Panepisthmio Patrwn - Poluteqnikh Sqolh
Tmma Mhqanikn Hlektronikn Upologistn

kai Plhroforikc
Kruptografa
Sumplhrwmatikc shmeiseic
Ptra, Mrtioc 2010
Perieqmena
1
Eisagwg sthn jewra arijmn
1.1
Basikc nnoiec
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1.2
Arijmhtikc prxeic me uploipa . . . . . . . . . . . . . . . . . . . . . . . . . . . .
11
Prwtkolla dhmosou kleidio
28
2.1
Dhmiourga kai antallag kleidin
. . . . . . . . . . . . . . . . . . . . . . . . . .
2.2
To prwtkollo dhmosou kleidio
2.3
To prwtkollo dhmosou kleidio tou
Rabin
2.4
El Gamal
RSA
. . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . .
Elegqoc prtwn arijmn
32
33
36
40
43
3.1
Pijanotiko algrijmoi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
44
3.2
O nteterministikc algrijmoc . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
48
Efarmogc thc kruptografac
51
4.1
Sqmata diamorashc mustiko kai prwtkolla dsmeushc . . . . . . . . . . . . . .
51
4.2
Eklogc, dhmoprasec kai oikonomikc sunallagc
53
. . . . . . . . . . . . . . . . . .
1 Eisagwg sthn jewra arijmn

Sthn enthta aut parousizoume me suntoma kpoiec basikc nnoiec thc stoiqeidouc jewrac arijmn, sqetik me to snolo
N = {0, 1, 2, . . .}
Z = {. . . , 2, 1, 0, 1, 2, . . .}
twn akerawn kai to snolo
twn fusikn arijmn. Epiplon, ja perigryoume orismnouc algorjmouc pou
mac epitrpoun na ektelsoume se poluwnumik qrno kpoiec basikc prxeic, pwc h eplush
grammikn exissewn, h eresh tetragwnikn rizn, klp.
1.1
Basikc nnoiec
Diairetthta kai diairtec
Ja xekinsoume parousizontac kpoiouc orismoc sqetik me thn diaresh. To gegonc ti nac

akraioc diaire kpoion llo enai pol shmantik sthn jewra arijmn. Ja sumbolzoume me
to ti
a = kd
isqei pwc
gia kpoion akraio
a>0
kai epiplon ti
enai pollaplsio tou

me
k,
an isqei ti
0.
en profanc isqei pwc kje akraioc diaire to
d|a,
tte isqei epshc ti
d|a,
en an o
|d| |a|.
den diaire ton
a,
d|a
An
Ja lme ti o akraioc
tte aut to sumbolzoume
d - a.
Suneqzontac, lme ti o akraioc
Epeid, an
d|a
tte isqei kai ti
enai diairthc enc akeraou
d|a,
an isqei ti
d|a
kai
d 0.
mporome qwrc blbh thc genikthtac na jewrsoume
ti oi diairtec enai mh arnhtiko akraioi, qontac kat nou ti gia kje diairth uprqei nac
arnhtikc arijmc pou epshc diaire ton
mno me jetikoc diairtec.
all qi megalteroc ap
Kje akraioc
diairtec tou
2, 3, 4
kai
a.
Sthn sunqeia tou keimnou epomnwc, ja asqolhjome
Isqei loipn pwc nac diairthc tou
|a|;
gia pardeigma, oi diairtec tou
18
diairetai ap touc tetrimmnouc diairtec
kalontai kai
pargontec
tou
a.
enai toulqiston soc me
enai oi
kai
1, 2, 3, 6
a,
kai
9.
en oi mh-tetrimmnoi
Gia pardeigma, oi pargontec tou
12
enai oi
6.
Jerhma thc diareshc, uploipa kai
An jewrsoume nan akraio
n,
modular
isodunamec
tte mporome na qwrsoume to snolo twn akerawn se
xna
metax touc uposnola.To na apoteletai ap ekenouc touc akeraouc pou enai pollaplsia tou
kai to detero ap autoc pou den enai pollaplsia tou
n.
Mporome na epektenoume aut
thn ida kai na diamersoume to detero uposnolo me bsh to uploipo thc diareshc me ton
To epmeno jerhma sunoyzei thn parapnw ida.
n.
Jerhma 1.
ttoioi
ste
0r<n
n|a
kai
q = a/n
O arijmc
ti
Gia kje akraio
an kai mno an
kai kje jetik akraio
a = qn + r
enai to
, uprqoun monadiko akraioi
kai
thc diareshc, en o
phlko
r = a mod n
to
. Isqei
uploipo
a mod n = 0.
Mporome epomnwc na qwrsoume touc akraiouc arijmoc se omdec me bsh to uploipo

thc diareshc touc me to
enai h
n.
klsh
[a]n = {a + kn : k Z}.
Gia pardeigma,
[4]7
omda mpore na sumboliste kai wc

pwc
a [b]n
kai wc
a b ( mod n).
Zn = {[a]n : 0 a n 1},
me thn katanhsh ti to
isodunamac
[10]7 .
modulo n
pou orzetai me bsh ton akraio
[3]7 = {. . . , 11, 4, 3, 10, 17, . . .},
en h dia
Mporome epshc na sumbolsoume to gegonc
To snolo lwn autn twn klsewn isodunamac enai to
en enallaktik mpore na sumboliste wc
[0]n ,
sumbolzei to
to
sumbolzei to
[1]n
Zn = {0, 1, 2, . . . , n 1}
klp. Geniktera, protimme
na sumbolzoume kje klsh me bsh to mikrtero mh-arnhtik stoiqeo thc, den prpei mwc na
xeqnme pwc kje ttoioc arijmc sumbolzei mia klsh arijmn, oi opooi enai peiroi sto plroc.
'Etsi, mia anafor ston arijm
klsh isodunamac
[n 1]n ,
kajc
Zn
wc mloc tou
enai sthn pragmatikthta mia anafor sthn
1 n 1 ( mod n).
Koino diairtec kai mgistoi koino diairtec
An o akraioc
diairthc
twn
enai diairthc tou
kai
koino diairtec tou
kai epshc diaire kai ton
b.
Gia pardeigma, oi diairtec tou
18
kai tou
20
enai oi
kai
2.
20
b,
enai oi
tte lme ti o
1, 2, 4, 5, 10
kai
enai
koinc
20,
sunepc oi
enai koinc
Isqei geniktera pwc o arijmc
diairthc opoioudpote zegouc akerawn.

Mia shmantik idithta enc koino diairth enai ti an
d|(a b).
kai
d|a kai d|b, tte isqei epshc d|(a + b)
Geniktera, isqei h pol shmantik idithta ti an
d|a
kai
d|b,
tte
d|(ax + by),
gia opoiousdpote akeraouc
twn
kai
b.
Epshc, an
x kai y .
a|b,
(1)
Me lla lgia, o
tte ete
|a| |b|
d diaire opoiondpote grammik sunduasm
b = 0,
pou sunepgetai ti an
a|b
kai
b|a,
tte
a = b.
O
mgistoc
koinc
diairthc
do akerawn
b,
kai
enai o megalteroc ap touc koinoc diairtec twn

pardeigma,
gcd(18, 20) = 2,
gcd(11, 13) = 1
kai
pou den isontai kai oi do me to mhdn,

kai
kai sumbolzetai wc
gcd(0, 19) = 19.
An oi
kai
gcd(a, b).
b
Gia
den enai kai
oi do mhdn, tte o
gcd(0, 0) = 0,
gcd(a, b)
enai nac akraioc metax tou
kai tou
min(|a|, |b|).
Orzoume ti
prokeimnou oi akloujec stoiqeideic sqseic na isqoun pntote.
gcd(a, b) = gcd(b, a),

gcd(a, b) = gcd(a, b),
gcd(a, b) = gcd(|a|, |b|),
gcd(a, 0) = |a|,
gcd(a, ka) = |a|,
k Z
To akloujo jerhma parqei nan diaforetik orism tou
gcd(a, b),
kajc ki nan mmeso
trpo eresc tou.
Jerhma
gcd(a, b)
2.
Gia
enai
sunduasmn twn
Apdeixh.
'Estw
s = ax + by
me to
s.
opoiousdpote
elqistoc
akeraouc
jetikc
akraioc
kai
tou
pou
den
isontai
kai
oi
do
{ax + by : x, y Z}
sunlou
kai
h tim tou mikrterou jetiko grammiko sunduasmo twn
gia kpoia
me
twn
to
mhdn,
grammikn
x, y Z.
'Estw epshc
q = a/s,
kai
kai stw
to phlko dhlad thc diareshc tou
Tte isqei ti
mod s = a qs
= a q(ax + by)
= a(1 qx) + b(qy),
kai epomnwc o
kai
b.
a mod s,
Epeid mwc
o opooc enai akraioc arijmc, enai epshc grammikc sunduasmc twn
a mod s < s,
jetikc grammikc sunduasmc. Sunepc,

o
ti
enai koinc diairthc twn
gcd(a, b)|s,
kajc o
twn do akerawn.
gcd(a, b) s
kai
kai
gcd(a, b)
Epeid
b,
gcd(a, b) s,
a
s|a
opte
kai
kai
s > 0,
prokptei pwc
kai
kajc o
enai o mikrteroc
s|b.
kai gia ton anlogo lgo isqei ti
gcd(a, b) s.
diaire ta
gcd(a, b)|s
mgistoc koinc diairthc twn
Prisma 3.
a mod s = 0,
qoume ti
Ap prohgomenh idithta sunepgetai
kai o
qoume ti
enai grammikc sunduasmc autn
gcd(a, b) s.
gcd(a, b) = s.
Sunduzontac to ti
Katalgoume loipn ti o
b.
Gia opoiousdpote akeraouc
kai
an
d|a
Epomnwc,
kai
d|b
tte
d| gcd(a, b)
enai o
Apdeixh.
Isqei kajc o
Prisma 4.
gcd(a, b)
enai grammikc sunduasmc twn
Gia louc touc akeraouc
a, b
kai gia
kje
mh-arnhtik
kai
b.
akraio
isqei
ti
gcd(an, bn) = n gcd(a, b).

Apdeixh.
An
n = 0,
tte profanc isqei h sqsh, en an
{anx + bny}
elqistoc jetikc ekprswpoc tou sunlou

jetik ekprswpo tou sunlou
Prisma 5.
n > 0,
tte o
kai isotai me
gcd(an, bn)
enai o
forc ton elqisto
{ax + by}.
Gia louc touc jetikoc
akeraouc
n, a
kai
an
n|ab
kai
gcd(a, n) = 1
, tte
n|b
Prtoi kai snjetoi arijmo
Sthn sunqeia ja asqolhjome me touc prtouc arijmoc, stic idithtec twn opown baszontai
a>1
arket prwtkolla kruptografac. 'Enac akraioc
lgetai
prtoc
prtoc) tan oi mnoi diairtec tou enai oi tetrimmnoi diairtec
arijmc ( aplostera,
a.
kai
Shmeinoume pwc o
2 enai o mnoc zugc prtoc arijmc, kajc loi oi megalteroi zugo arijmo diairontai
arijmc
ap autn. 'Enac akraioc megalteroc tou
pou den enai prtoc, lgetai
snjetoc
arijmc. O
1 den enai ote prtoc ote snjetoc, pwc epshc o arijmc 0 kajc kai loi oi arnhtiko
arijmc
arijmo.
Do akraioi
dhlad an
enai oi
kai
gcd(a, b) = 1.
kai
5,
onomzontai
sqetik
Gia pardeigma, oi
en oi diairtec tou
prtoi
kai
enai oi
Jerhma
6.
gcd(ab, p) = 1
Apdeixh.
Gia
p,
kai
6.
1,
5
To akloujo jerhma dhlnei ti an
tte kai to ginmen touc enai nac akraioc
p.
opoiousdpote
akeraouc
a, b
kai
an
gcd(a, p) = 1
kai
gcd(b, p) = 1
tte
Prokptei ap to Jerhma 2 ti uprqoun akraioi
1 kai bx +py = 1.
pyy ) = 1.
enai sqetik prtoi, kajc oi diairtec tou
1, 2, 3
do akraioi enai sqetik prtoi me nan arijm

sqetik prtoc me ton
an o mnoc koinc touc diairthc enai to
x, y, x kai y , ttoioi ste ax+py =
Pollaplasizontac autc tic do sqseic, qoume ti
Prokptei loipn ti o arijmc
ab(xx )+p(ybx +y ax+
enai jetikc grammikc sunduasmc twn
ab
kai
p,
opte to Jerhma 2 arke gia na oloklhrwje h apdeixh.
Epiplon, ja lme pwc oi akraioi

gia
i = j .
n1 , n2 , . . . , nk
enai
sqetik prtoi an do
an
gcd(ni , nj ) = 1
Monadik paragontopohsh
'Ena apl all shmantik gegonc gia thn diaresh me prtouc enai to akloujo.
Jerhma
kai
ta
7.
Gia
louc
touc
kai
louc
touc
akeraouc
a, b
an
p|ab
tte
p|a
p|b
do).
Apdeixh.
Upojtoume pwc
p|ab
kajc oi mnoi diairtec tou

ote ton
ti
prtouc
p|ab,
b.
all
p-a
enai to
kai o
Ap to Jerhma 6 prokptei ti
afo ap to ti
p|ab
p - b.
kai
p,
Sunepc,
gcd(a, p) = 1
kai ap thn upjesh o
kai
gcd(b, p) = 1,
den diaire ote ton
gcd(ab, p) = 1, kti pou enai antjeto me thn upjesh
sunepgetai pwc
gcd(ab, p) = 1.
Aut h antfash oloklhrnei thn
apdeixh.
Mia shmantik sunpeia tou Jewrmatoc 7 enai to ti kje akraioc mpore na paragontopoihje se prtouc arijmoc me monadik trpo.
Jerhma 8.
me
monadik
. . . < pr
kai
(Jerhma monadikc paragontopohshc) 'Enac snjetoc arijmc
trpo
ei
wc
enai
ginmeno
jetikc
thc
morfc
a=
pe11 pe22
. . . perr
pou
pi
enai
mpore na grafe
prtoc,
p1 < p2 <
akraioc.
Mgistoc koinc diairthc
Se aut thn enthta, perigrfoume nan poluwnumik algri-
jmo pou prwtoparousisthke ap ton Eukledh gia thn eresh tou mgistou koino diairth do
akerawn.
H anlush tou qrnou ektleshc tou algorjmou apokalptei mia endiafrousa sn-
desh me thn akolouja twn arijmn
Fibonacci,
h opoa apotele to qeirtero stigmitupo pou
mpore na doje wc esodoc.

Sthn sunqeia, ja asqolhjome mno me mh-arnhtikoc akeraouc. Autc o periorismc dikaiologetai, kajc qoume dh diatupsei pwc
gcd(a, b) = gcd(|a|, |b|).
Prin proqwrsoume sthn parousash tou algorjmou tou Eukledh, parathrome pwc ma
enallaktik mjodoc gia ton upologism tou mgistot koino diairth
kai
gcd(a, b)
baszetai sthn monadik paragontopohsh autn twn akerawn.
a = pe11 pe22 . . . perr
kai
b = pf11 pf22 . . . pfrr ,
nou to snolo twn prtwn
p1 , p2 , . . . , pr
do akerawn
Ac upojsoume pwc
pou qrhsimopoiome kai mhdenikoc ekjtec prokeimna enai to dio gia ta
kai
b.
Tte, qoume
gcd(a, b) =
min (e1 ,f1 ) min (e2 ,f2 )

min (er ,fr )
p2
. . . pr
.
p1
To prblhma me thn parapnw mjodo enai pwc mqri stigmc oi kalteroi algrijmoi gia
thn paragontopohsh den oloklhrnoun thn ektles touc se poluwnumik qrno, sunepc den
uprqei h dunatthta na qrhsimopoihjon gia na dsoun nan apodotik algrijmo gia to prblhma
thc ereshc tou mgistou koino diairth.
O algrijmoc tou Eukledh baszetai sto akloujo jerhma.
Jerhma 9.
Gia kje mh-arnhtik
akraio
kai
kje
jetik
akraio
gcd(a, b) = gcd(b, a mod b).

Ja dexoume ti oi
Apdeixh.
gcd(a, b)
kai
gcd(b, a mod b)
diairon o nac ton llon, epomnwc
prpei na isontai (kajc kai oi do enai mh-arnhtiko akraioi).

Prta, ja dexoume pwc
d|b.
Isqei
twn
kai
(a mod b) = a qb, pou q = a/b.
b,
qoume ti
prokptei ti
tte
d|(a mod b).
d| gcd(b, a mod b),
To na dexoume ti
mod b),
gcd(a, b)| gcd(b, a mod b).
d|b
kai
An orsoume
Epeid o
Epomnwc, epeid
isodnama, ti
d|b
kai
d|(a mod b),
Epeid,
a = qb + (a mod b),
d|a,
(ap to Prisma 3), isodnama, ti
d| gcd(a, b)
Arke na sundusoume to ti
(a mod b).
pou
kai
d|a
kai
ap to Prisma 3
gcd(a, b)| gcd(b, a mod b).
gcd(b, a mod b) gnetai sqedn me ton dio trpo.
d|(a mod b).
tte
(a mod b) enai grammikc sunduasmc
enai grammikc sunduasmc twn

katalgoume ti
d = gcd(a, b),
An orsoume
q = a/b,
Sumperanoume loipn ti
gcd(a, b)| gcd(b, a mod b)
kai to ti
d|a.
d = gcd(b, a
qoume ti o
Epeid
d|b
kai
gcd(b, a mod b)| gcd(a, b).

gcd(b, a mod b)| gcd(a, b)
gia na oloklhrwje h apdeixh.
O algrijmoc tou Eukledh
O akloujoc algrijmoc prwtoparousisthke sta

na tan gnwstc ap palitera.
a kai b pou dnontai wc esodoc enai aujaretoi mh-arnhtiko
akraioi.
EUCLID(a, b)
b=0
a
tte epstreye
allic epstreye
(perpou to 300 p.Q.), an kai pijann
Mpore na ekfraste wc na anadromik prgramma basismno
apeujeac sto Jerhma 9. Oi arijmo
1 an
Stoiqea
EUCLID(b, a mod b)
Gia pardeigma, an ektelsoume ton parapnw algrijmo gia na brome ton mgisto koin diairth
tou
30
kai tou
21,
qoume
EUCLID(20, 15) = EUCLID(15, 5)

= EUCLID(5, 0)
= 5.
Ston parapnw upologism uprqoun do anadromikc klseic tou algorjmou tou Eukledh
(
EUCLID). H orjthta tou algorjmou phgzei ap to Jerhma 9 kai to gegonc ti an o algri-
jmoc epistrfei
sthn gramm
2,
tte
b = 0,
epomnwc
gcd(a, b) = gcd(a, 0) = a.
O algrijmoc
den kaletai anadromik ep' peiron, kajc to detero risma meinetai se kje anadromik klsh
kai enai pntote mh-arnhtikc akraioc. Sunepc, o algrijmoc tou Eukledh termatzei pntote
me to swst apotlesma.
Qrnoc ektleshc tou algorjmou
Sthn pargrafo aut ja exetsoume poioc enai o qrnoc ektleshc tou algorjmou sthn qeirterh
perptwsh. Ja ton ekfrsoume se sunrthsh me to mgejoc twn
thc genikthtac, ti
an
b > a 0,
a > b 0.
tte o
a kai b.
Upojtoume, qwrc blbh
Aut h upjesh mpore na aitiologhje ap thn paratrhsh pwc
EUCLID(a, b)
ja knei amswc anadromik klsh ston
EUCLID(b, a).
Me
lla lgia, an to prto risma enai mikrtero ap to detero, tte h prth anadromik klsh
enallsei thn seir twn orismtwn. Paromowc, an
mia anadromik klsh, afo
b = a > 0,
o algrijmoc termatzei met ap
a mod b = 0.
O sunolikc qrnoc ektleshc enai anlogoc me ton arijm twn anadromikn klsewn kai
dhlnetai sto akloujo Lmma.
Lmma 10.
An
a>b1
a Fk+2
klseic, tte
kai
kai h klsh tou algorjmou
b Fk+1
EUCLID a, b
(
) prokale
k1
anadromikc
To akloujo jerhma prokptei wc meso prisma tou parapnw lmmatoc.
Jerhma
11.
EUCLID a, b
(
Gia
kje
prokale
akraio
arijm
ligterec ap
k1
an
a>b1
kai
b < Fk+1
tte
algrijmoc
anadromikc klseic.
Epeid mporome na proseggsoume ton

pou
k -ost
ro thc akoloujac
Fibonacci Fk
enai h qrus tom, o arijmc twn anadromikn klsewn enai
O(log b).
wc
k / 5,
Sunepgetai
ti an o algrijmoc ektelesje me do orsmata twn

prxeic kai
me
bits
O( 3 )
apaiton
prxeic se
O( 2 )
bits
bits,
tte ja qreiaston
O()
arijmhtikc
(upojtoume pwc o pollaplasiasmc kai h diaresh do arijmn
prxeic me
bits).
Se aut thn enthta ja dome pc mporome
O genikeumnoc algrijmoc tou Eukledh
na tropopoisoume ton algrijmo tou Eukledh ste na apokomzoume perissterh plhrofora.

Pio sugkekrimna, tropopoiome ton algrijmo tsi ste na upologzontai oi akraioi
pou ikanopoion thn sqsh
d = gcd(a, b) = ax + by .
Shmeinoume ti oi
kai
kai
mpore na enai
kai mh-jetiko akraioi kai ja mac fanon qrsimoi gia ton upologism tou pollaplasiastiko
antistrfou. O algrijmoc
EXTENDED-EUCLID
akerawn kai epistrfei mia trida thc morfc
dqetai wc risma na zeugri mh-arnhtikn
(d, x, y)
pou ikanopoie thn sqsh
d = gcd(a, b) =
ax + by .
EXTENDED-EUCLID(a, b)
1 an
2
b=0
tte epstreye
(d , x , y ) EXTENDED-EUCLID(b, a mod b)
(d, x, y) (d , y , x )a/by
5 epstreye
(d, x, y)
O parapnw algrijmoc baszetai ston algrijmo tou Eukledh. Arqik, h gramm 1 enai isodnamh me ton legqo an
EUCLID
b = 0
epistrfei qi mno
ste na isqei
tsi ste
a = ax + by .
sthn gramm 1 tou
d=a
An
d = gcd(b, a mod b)
EUCLID,
proume
kai
b = 0,
EXTENDED-EUCLID
b = 0,
tte o
EXTENDED-
x=1
prta upologzei to
kai
y = 0,
(d , x , y )
kai
mod b)y
se aut thn perptwsh qoume ti

ste
An
sthn gramm 2, all kai touc suntelestc
d = bx + (a
Ston
EUCLID.
d = ax + by ,
(2)
d = gcd(a, b) = d = gcd(b, a mod ).
xanagrfoume thn isthta 2 qrhsimopointac to ti
d = bx + (a a/bb)y
= ay + b(x a/by ).
Gia na
d = d.
Sunepc, jtontac
x = y kai y = x a/by ikanopoietai h exswsh d = ax+by kai apodeiknetai
h orjthta tou algorjmou
EXTENDED-EUCLID.
Epeid o arijmc twn anadromikn klsewn pou gnontai ston

soc me ton arijm twn anadromikn klsewn pou gnontai ston
EXTENDED-EUCLID
gia
a>b>0
1.2
diafrei ap autn tou
EUCLID
o arijmc twn anadromikn klsewn enai
EXTENDED-EUCLID
enai
EUCLID, o qrnoc ektleshc tou
kat nan stajer pargonta, dhlad,
O(log b).
Arijmhtikc prxeic me uploipa
Sthn sunqeia ja parousisoume orismnouc basikoc algrijmouc pou qrhsimopoiontai sthn

arijmhtik me uploipa. Mpore kanec na jewrsei thn arijmhtik tan douleoume me uploipa wc
thn kanonik arijmhtik me akraiouc arijmoc, mno pou tan douleoume
arijm
modulo kpoion akraio
n, antikajistome kje apotlesma x me kpoio stoiqeo ap to snolo {0, 1, . . . , n1} pou
enai isodnamo me to
x mod n.
Aut h anepshmh jerhsh enai arket prokeimnou na perigryei
kanec tic prxeic thc prsjeshc, thc afareshc kai tou pollaplasiasmo. Gia na dsoume nan
pio epshmo orism, prpei prta na perigryoume thn nnoia thc
Peperasmnec
telest
Mia omda
omdec
pou orzetai sto
1. Kleistthta: Gia kje
a, b S ,
tou sunlou, ttoio ste
tsi ste
a, b, c S ,
e S,
gia kje
omda
(S, )
tte kaletai
isqei
peperasmnh
omda.
pou kaletai
oudtero
stoiqeo
(a b) c = a (b c).
a S , uprqei na monadik stoiqeo, pou kaletai
antstro-
a b = b a = e.
(Z, +)
twn akerawn
enai to oudtero stoiqeo kai o antstrofoc tou
ikanopoie thn idithta thc antimetajetikthtac

abelian
sundedemno me nan duadik
a S.
Gia pardeigma, mpore kanec na jewrsei thn gnrimh omda

prxh thc prsjeshc: to
group).
a b S.
ae=ea=a
4. 'Uparxh antistrfou: Gia kje
a,
isqei
Uprqei na stoiqeo
3. Prosetairistikthta: Gia la ta
tou
enai na snolo
gia to opoo isqoun oi akloujec idithtec:
2. 'Uparxh oudterou stoiqeou:
fo
(S, )
omdac
, en an gia mia omda
omda
(S, ),
ab = ba
isqei ti
enai o
Z
a.
gia la ta
|S| < ,
gia thn
An mia
a, b S ,
tte kaletai
Omdec pou orzontai ap thn prsjesh kai ton pollaplasiasm me uploipa
Mporome na sqhmatsoume do peperasmnec abelianc omdec qrhsimopointac tic prxeic thc

prsjeshc kai tou pollaplasiasmo
modulo n,
pou
enai nac jetikc akraioc.
modulo n,
omdec baszontai stic klseic isodunamac twn akerawn
Autc oi
pou orsthkan sto prohgo-
meno keflaio.
Gia na orsoume mia omda sto
Zn
prpei na qoume katllhlec duadikc prxeic, tic opoec
mporome tic apoktsoume tropopointac katllhla tic sunhjismnec prxeic thc prsjeshc kai
tou pollaplasiasmo. Enai ekolo na orsoume thn prsjesh kai ton pollaplasiasm gia to
Zn ,
epeid h klsh isodunamac do akerawn prosdiorzei me monadik trpo thn klsh isodunamac
tou ajrosmatoc tou ginomnou touc. Dhlad, an
a a ( mod n)
kai
b b ( mod n),
tte
a + b a + b ( mod n),
ab a b (
mod n).
Sunepc, orzoume thn prsjesh kai ton pollaplasiasm
+n
kai
n ,
modulo n, me antstoiqouc sumbolismoc
wc exc:
[a]n +n [b]n = [a + b]n ,
(3)
[a]n n [b]n = [ab]n .
(4)
Parathrome pwc h afaresh mpore na oriste me parmoio trpo sto
[a b]n ,
Zn
wc
[a]n n [b]n =
all h perptwsh thc diareshc enai perisstero perplokh kai ja exetaste argtera.
Ta parapnw dikaiologon thn sunjh praktik na qrhsimopoiome ton mikrtero mh-arnhtik

akraio kje klshc isodunamac wc antiprswp thc tan knoume prxeic sto
Zn .
Oi prxeic thc
prsjeshc, thc afareshc kai tou pollaplasiasmo gnontai me orsmata touc antiprospouc twn
klsewn isodunamac kai sthn sunqeia kje apotlesma
thc klshc (dhlad ap to
x mod n).
Qrhsimopointac ton parapnw orism thc prsjeshc

jeshc
modulo n
Jerhma 12.
wc
(Zn , +n ).
omda
To mgejoc thc omdac enai
(Zn , +n )
enai
peperasmnh
Qrhsimopointac ton orism tou pollaplasiasmo

asmo
modulo n
wc
antikajstatai ap ton antiprswpo
(Zn , n ).
kai
modulo n,
orzoume thn omda prs-
|Zn | = n.
abelian.
modulo n, orzoume thn omda pollaplasi-
Ta stoiqea autc thc omdac enai to snolo
Zn
twn akerawn tou
Zn
pou enai sqetik prtoi me to
n:
Zn = {[a]n Zn : gcd(a, n) = 1}.

Gia na dome ti to snolo
Zn
enai kalc orismno, parathrome ti gia
a (a+kn) ( mod n) gia louc touc akeraouc k .

pwc
Zn
gcd(a + kn, n) = 1
gia louc touc akeraouc
Sunepc, ap to ti
k.
Epeid
0 a < n,
isqei ti
gcd(a, n) = 1 sunepgetai
[a]n = {a + kn : k Z},
to snolo
enai kalc orismno. 'Ena pardeigma ttoiac omdac enai to
Z12
= {1, 5, 7, 11},
pou h prxh tou pollaplasiasmo gnetai
Jerhma 13.
omda
(Zn , n )
modulo 12.
enai peperasmnh
kai
abelian.
Wc na pardeigma upologismo pollaplasiastiko antistrfou, upojtoume pwc
n = 11.
Tte o
5 (2) + 11 1.
EXTENDED-EUCLID(a, n)
Sunepc, to
(dhlad to
epistrfei
9 mod 11)
(d, x, y) = (1, 2, 1),
a=5
tsi ste
kai
1 =
enai pollaplasiastikc antstrofoc tou
5 modulo 11.
'Otan douleoume me tic omdec
(Zn , +n ) kai (Zn , n ) sthn sunqeia tou keimnou, ja suneqsoume
thn sunjh praktik na qrhsimopoiome ton ekprswpo miac klshc isodunamac gia na sumbolsoume thn klsh, kajc kai ta
metatrpoume tic isodunamec
modulo n
kai
gia na sumbolsoume ta
se exisseic sto
Zn .
+n
kai
n .
Epiplon, ja
Gia pardeigma, oi akloujec do
protseic enai isodnamec:
ax b (
mod n)
[a]n n [x]n = [b]n .

Epiplon, merikc forc ja anafermaste sthn omda
ap ta sumfrazmena.
Zn
(S, ) aplc wc S ,
Epomnwc, ja anafermaste stic omdec
tan h prxh uponoetai
(Zn , +n )
kai
(Zn , n )
wc
Zn
kai
antstoiqa.
O pollaplasiastikc antstrofoc enc stoiqeou
modulo n
orzetai ap thn exswsh
71 7 ( mod 12),
afo
a/b ab1 ( mod n).
7 7 49 1 ( mod 12),
Se antjesh me to snolo
Zn
a sumbolzetai me (a1 mod n).
pou isqei ti
kai tsi
|Zn | = n,
Gia pardeigma, sto
Z12
H diaresh
qoume ti
2/7 2 7 2 ( mod 12).

gia to snolo
Zn
ta prgmata den
enai tso apl kai qreizetai na orsoume mia na posthta gia na perigryoume to pljoc twn
stoiqewn tou. O arijmc loipn twn akerawn sto

gnwst kai wc
sunrthsh
tou
Euler,
sumbolzetai me
p|n
Aut h sunrthsh,
1
(1 ),
p
(5)
p diatrqei louc touc prtouc arijmoc pou diairon to n, en an to n enai prtoc tte
sumperilambnetai kai aut. Diaisjhtik, arqzoume ap mia lsta twn
1}
(n).
ikanopoie thn sqsh
(n) = n
pou to
Zn
kai gia kje prto
n,
pou diaire to
upolopwn
diagrfoume la ta pollaplsia tou
Gia pardeigma, efson oi prtoi diairtec tou
12
enai to
{0, 1, . . . , n
ap thn lsta.
kai to
1
1
(12) = 12(1 )(1 )
2
3
1 2
= 12( )( )
2 3
= 4,
to opoo epalhjeetai ap touc prohgomenouc upologismoc mac gia thn sstash tou
enai prtoc arijmc, tte
Zp = {1, 2, . . . , p 1}
.
Z12
An o
kai
(p) = p 1,
en an o
enai snjetoc, tte
Upoomdec
An to
omda, tte to
(S , )
(S, )
(6)
(n) < n 1.
enai omda, uprqei na snolo
kaletai upoomda tou
(S, ).
S S
kai to
(S , )
enai epshc
Gia pardeigma, oi zugo akraioi arijmo
apotelon upoomda twn akerawn gia thn prxh thc prsjeshc.
To akloujo jerhma dhlei
pwc arke na isqei h prxh thc kleistthtac gia na enai na uposnolo upoomda.
Jerhma
uposnolo
14.
tou
An
to
ttoio
(S, )
enai
mia
peperasmnh
a b S
ste
gia
kje
omda
a, b S
kai
to
tte
S
to
enai
opoiodpote
(S , )
enai
mh-ken
upoomda
tou
(S, )
Gia pardeigma, to snolo
{0, 2, 4, 6} apotele upoomda tou Z8 , kajc enai mh-ken kai isqei
h idithta thc kleistthtac gia thn prxh thc prsjeshc. To akloujo jerhma perigrfei na
qrsimo periorism gia to mgejoc miac upoomdac.
Jerhma 15.
(Jerhma tou
enai upoomda tou
(S, )
, tte
Lagrange
) An to
to
|S |
(S, )
enai mia peperasmnh omda kai to
enai mh-tetrimmnoc diairthc
tou
|S|
(S , )
Mia upoomda
miac omdac
kaletai
upoomda an
kanonik
ja fane qrsimo kat thn anlush tou elgqou
S = S .
To akloujo prisma
Miller-Rabin gia to an nac arijmc enai prtoc
qi.
Prisma 16.
Upoomdec
An to
pou
enai kanonik
prokptoun
upoomda miac peperasmnh
ap
(S, ):
a(k)
a(k) =
gia
1ik
Gia pardeigma, an
Sthn omda
a=2
Zn ,
gia thn omda
qoume
Efson, to
a(i) a(j) = a(i+j) ,
upoomda tou
S.
S.
|S | |S|/2
kai epil-
qrhsimopointac thn prxhc thc
wc
h akolouja
a(1) , a(2) , . . .
kai sthn omda
<a>
Zn
enai
qoume
(< a >, )
dhmiourge thn upoomda
enai peperasmnh omda, to
pijann na periqei la ta stoiqea tou

ti
k1
sumbolzetai me
en ja lme ti to stoiqeo
tte
a
| a
{z. . . a} .
a(k) = ka mod n
upoomda pou prokptei ap to
{a(k) : k 1},
Z6 ,
dialgoume na stoiqeo
goume la ta stoiqea pou mporon na dhmiourghjon ap to

omdac. Pio sugkekrimna, orzoume to
To jerhma 14 mac dnei nan trpo na
stoiqeo
dhmiourgome mia upoomda miac peperasmnh omdac
omdac
< a >
2, 4, 0, 2, 4, 0, . . ..
a(k) = ak mod n.
kai orzetai wc
enai peperasmnh upoomda tou
<a>
Gia pardeigma, merikc upoomdec sto
< a >=
< a >.
Epeid, ap thn prosetairistikthta tou
isqei h kleistthta gia to
kai ap to jerhma 14, to
Z6
S,
pou
prokptei
<a>
enai
enai oi
< 0 > = {0}

< 1 > = {0, 1, 2, 3, 4, 5}
< 2 > = {0, 2, 4}.
Paromowc, gia to
Z7 ,
oi prtec upoomdec enai oi
< 1 > = {1}

< 2 > = {1, 2, 4}
< 3 > = {1, 2, 3, 4, 5, 6}.
H
txh
tou
a (gia thn omda S ) orzetai wc o elqistoc jetikc akraioc gia ton opoo a(t) = e
kai sumbolzetai wc
ord(a).
Jerhma 17.
me
to
Gia kje peperasmnh omda
mgejoc thc
Prisma 18.
an kai
mno an
(S, )
upoomdac pou dhmiourge,
akolouja
a(1) , a(2) , . . .
enai
kai kje
aS
ord a = | < a > |
allic
periodik
me
perodo
t =ord(a)
Prisma
aS
),
dhlad
a(i) = a(j)
gia kje akraio
19.
An
to
(S, )
a(0)
wc
e kai to a(i)
wc
a(i
mod t) ,
i.
enai
peperasmnh
omda
me
oudtero
stoiqeo
to
tte
gia
kje
a(|S|) = e
isqei ti
Eplush
t =ord a
i j ( mod t)
Smfwna me to parapnw prisma, mporome na orsoume to

pou
, h txh enc stoiqeou isotai
grammikn
Se aut thn enthta ja asqolhjome me thn eplush
exissewn
exissewn thc morfc
ax b ( mod n),
pou
a>0
kai
n > 0.
(7)
Uprqoun arketc efarmogc auto tou problmatoc; gia pardeigma ja
to qrhsimopoisoume wc mroc thc diadikasac ereshc kleidin sto prwtkollo

toume ti mac dnoun touc arijmoc
a, b
kai
RSA.
Upoj-
x modulo n
kai prpei na brome tic timc tou
pou
ikanopoion thn exswsh 7. Mpore na uprqoun kama, ma kai perissterec ttoiec lseic.
<a>
'Estw
h upoomda tou
x > 0} = {ax mod n : x > 0},

Lagrange
mac lei ti to
Gia
pou dhmiourgetai ap to stoiqeo
h exswsh 7 qei lsh an kai mno an
|<a>|
nan akrib qarakthrism tou
Jerhma 20.
Zn
prpei na enai diairthc tou
a.
Epeid
b < a >.
< a >= {a(x) :
To jerhma tou
n.
To akloujo jerhma parqei
an
d = gcd(a, n)
< a >.
opoiousdpote jetikoc
akeraouc
kai
tte
< a >=< d >= {0, d, 2d, . . . , ((n/d) 1)d},

sto
Zn
kai
Apdeixh.
sunepc
Arqzoume apodeiknontac pwc
pargei akeraouc
d < a >.
| < a > | = n/d
kai
(8)
d < a >.
ttoiouc ste
Upenjumzoume ti o
ax + ny = d.
Sunepc,
EXTENDED-EUCLID(a, n)
ax d ( mod n)
opte
Epeid,
d < a >
pollaplsio enc pollaplsiou tou
periqei kje stoiqeo ap to snolo
kai sunepc
m = ax + ny
ap thn exswsh 1. 'Ara,
{0, d, 2d, . . . , ((n/d) 1)d}.

An
m < a >,
y.
gia kpoion akraio
| < a > | = n/d,
kai to
n 1,
'Omwc,
22.
parathrome ti uprqoun akribc
ax b ( mod n)
exswsh
, ete den
a > |
qei
ax b ( mod n)
| < a > | = n/d.
ai mod n,
akribc
gia
qei
b < a >,
i = 0, 1, . . . , n 1,
23.
upologzontai
'Estw
gia
qei wc
ap
ap
ton
ap tic lseic
tte to
afo to
d = gcd(a, n)
pardeigma
ma
proc
ete
kai
d|n
gia kpoion
d|m
kai epomnwc
< a >=< d >.
pollaplsia tou
to
Gia na dexoume
anmesa sto
se
block
gia
mno an
gcd(a, n)|b
modulo n
lseic
mkouc
n 1.
pou
n/d
Oi dektec
me timc
twn
ord(a) = | <
enai periodik me
forc sthn akolouja
< a >
epanalambnetai
jsewn gia tic opoec
ax
ax b ( mod n).
kai
d = ax + ny
gia
EXTENDED-EUCLID
tic thn tim
x0
kpoiouc
).
pou
d(b/d) (
mod n.
mod n)
mod n)
b ( mod n),
enai lsh gia to
i = 0, 1, . . .,
emfanzetai akribc
ax0 ax (b/d) (
x0
an kai
Ap to Jerhma 17,
Isqei ti
kai sunepc to
diaforetikc
ai mod n,
x0 = x (b/d)
Apdeixh.
n/d
b < a >.
qei lsh, tte
enai oi lseic thc exswshc
Jerhma
mod n)
An
forc so auxnetai to
mod n = b
< d >< a >.
m = ax mod n
d|a
<a>
kama lsh.
ax b ( mod n)
An h
lnetai wc
kai epomnwc sunepgetai ti h akolouja
perodo
'Ara, to
m < d >.
H exswsh
d = gcd(a, n)
Apdeixh.
a.
miac kai kje
sumperilambanomnwn twn krwn.
Prisma 21.
Prisma
Epomnwc,
tte
Sunduzontac ta parapnw apotelsmata, katalgoume ti

pwc
< a >,
ankei sto
enai me thn seir tou pollaplsio tou
< a >< d >.
Ja dexoume tra pwc

akraio
petai ti kje pollaplsio tou
ax b ( mod n).
An
d|b
akeraouc
tte
kai
exswsh
(pwc
ax b (
Jerhma 24.
kai pwc to
x0
'Estw ti h exswsh
enai mia lsh gia thn exswsh.
modulo n
, pou dnontai ap
Apdeixh.
ax b ( mod n)
n/d > 0
Afo
kai
modulo n.
lec diaforetikc
ax0 mod n = b.
thn sqsh
Efson to
axi
x0
d|b
Tte, h exswsh qei akribc
xi = x0 + i(n/d)
0 i(n/d) n
Sunepc, gia
epiletai (dhlad
gia
gia
d = gcd(a, n)
),
diaforetikc lseic
i = 0, 1, . . . , d 1
i = 0, 1, . . . , n 1,
oi timc
enai lsh thc exswshc
i = 0, 1, . . . , d 1,
, pou
x0 , x1 , . . . , xd1
ax b ( mod n),
enai
qoume
qoume
mod n = a(x0 + in/d) mod n

= (ax0 + ain/d)
= ax0
mod n
mod n
= b,
kai epomnwc to
enai oi
xi
enai epshc lsh. Ap to prisma 22, uprqoun akribc
d lseic,
opte autc
x0 , x1 , . . . , xd1 .
'Wc tra qoume parousisei to aparathto majhmatik upbajro pou qreizetai gia na lsoume
thn exswsh
Oi esodoi
ax b ( mod n); o akloujoc algrijmoc upologzei lec tic lseic gia thn exswsh.
kai
enai aujaretoi jetiko akraioi, en to
enai nac aujaretoc akraioc.
MODULAR-LINEAR-EQUATION-SOLVER(a, b, n)
1
(d, x , y ) EXTENDED-EUCLID(a, n)
2 an
3
d|b
tte
x0 x (b/d) mod n
gia
i0
5
6
mqri
tpwse
d1
(x0 + i(n/d)) mod n
allic tpwse den uprqei lsh
Wc na pardeigma thc leitourgac tou parapnw algorjmou, ac exetsoume thn exswsh
( mod 21),
1, parnoume
pou
(d, x, y) = (3, 3, 1).
upologzoume to
lseic
kai
a = 6, b = 3, n = 21.
11.
Epeid
Kalntac ton
3|3,
x0 = (3)(1) mod 21 = 18,
EXTENDED-EUCLID
6x 3
sthn gramm
ektelontai oi grammc 3-5 kai sthn gramm 3

en o brqoc stic grammc 4-5 tupnei tic do
MODULAR-LINEAR-EQUATION-SOLVER ektele O(log n+gcd(a, n)) arijmhtikc prx-
eic, kajc o
EXTENDED-EUCLID
qreizetai
O(log n)
arijmhtikc prxeic kai kje epanlhyh
tou brqou apaite stajer arijm ap arijmhtikc prxeic.

Ta aklouja porsmata tou Jewrmatoc 24 parousizoun idiatero endiafron.
Prisma 25.
lsh
Gia kje
n>1
, an
, tte h exswsh
ax b ( mod n)
qei monadik
modulo n
An
b = 1,
mia sunhjismnh perptwsh me idiatero endiafron, to
laplasiastikc antstrofoc tou
Prisma 26.
lsh
gcd(a, n) = 1
modulo n
Gia kje
allic
, an
gcd(a, n) = 1
, tte h exswsh
ax 1 ( mod n)
jome ston pollaplasiastik antstrofo tou
gcd(a, n) = 1,
epistrfetai apo ton
qei monadik
uprqei lsh.
To prisma 26 mac epitrpei na qrhsimopoisoume ton sumbolism
touc. An
pou anazhtme enai pol-
a modulo n.
n>1
den
a modulo n,
tte mia lsh gia thn exswsh
EXTENDED-EUCLID,
tan ta
(a1 mod n) gia na anafera
kai
ax 1 ( mod n)
enai prtoi metax
enai o akraioc
pou
kajc h exswsh
gcd(a, n) = 1 = ax + ny
uponoe ti
ax 1 ( mod n).
qrhsimopointac ton
Sunepc, mporome na upologsoume to
Stouc prtouc ainec m.Q. o Kinzoc majhmatikc
asqoljhke ki luse to prblhma thc ereshc ekenwn twn akerawn
2 tan diairejon me to 3, 5 kai to 7 antstoiqa.
qoun thn morf
23 + 105k
upolopwn (gia pardeigma
gia aujaretouc akeraouc
3, 5
kai
7)
k.
kai miac exswshc
Sun Tzu
pou afnoun uploipo
Mia ttoia lsh enai to
parqei mia antistoiqa anmesa se na ssthma exissewn
to
apodotik
EXTENDED-EUCLID.
Kinziko jerhma upolopwn
kai
(a1 mod n)
2, 3
x = 23; lec oi lseic
To Kinziko jerhma twn upolopwn
modulo enc sunlou sqetik prtwn
modulo
to ginmeno touc (gia pardeigma
105).
To Kinziko jerhma twn upolopwn qei do shmantikc qrseic. 'Estw nac akraioc
paragontopoietai wc
n = n1 n2 . . . nk ,
pou oi pargontec
ni
pou
enai ana do prtoi metax touc.
Arqik, to jerhma enai na perigrafik domik jerhma pou perigrfei thn dom tou
parmoia me aut tou kartesiano ginomnou
Zn
wc
Zn1 Zn2 . . .Znk , me prsjesh kai pollaplasiasm
modulo ni
gia to
i-ost
sustatik.
Epiplon, aut h perigraf mpore na qrhsimopoihje ste
na sqediaston apodotiko algrijmoi, kajc enai apodotiktero na efarmoston se kajna ap

ta
Zni
par na efarmoston
Jerhma 27.
do
prta
(Kinziko
metax touc.
modulo n.
jerhma
twn
Jewrome tic
upolopwn)
n = n1 n2 nk
'Estw
pou
ta
ni
enai
an
antistoiqec
a (a1 , a2 , . . . , ak ),
pou
a Zn , ai Zni
kai
antistoiqa anmesa sto
efarmzontai
to
na
sta
ai = a mod n
Zn
stoiqea
efarmzontai
gia
i = 1, 2, . . . , k
kai sto kartesian ginmeno
tou
anexrthta
Zn
mporon
se
kje
(9)
isodnama
antstoiqo
Tte,
antistoiqa
Zn1 Zn2 . . . Znk
na
efarmoston
ssthma
stic
(9)
enai
`1-1`
Oi leitourgec pou
antstoiqec
suntetagmnwn.
mia
Aut
-dec
me
shmanei
pwc
sto
an
a (a1 , a2 , . . . , ak )
b (b1 , b2 , . . . , bk ),
tte
(a + b) mod n ((a1 + b1 ) mod n1 , . . . , (ak + bk )
mod nk ),
(a b) mod n ((a1 b1 ) mod n1 , . . . , (ak bk )
mod nk ),
(ab) mod n ((a1 b1 )

Apdeixh.
mod n1 , . . . , (ak bk )
mod nk ).
H metbash ap thn ma anaparstash sthn llh enai arket apl.
(a1 , a2 , . . . , ak )
apaitontai mno
diairseic.
O upologismc tou
apo ta
(a1 , a2 , . . . , ak )
perisstero polplokoc kai epitugqnetai wc akolojwc. Arqik, orzoume to
1, 2, . . . , k;
ra to
mi
enai to ginmeno lwn twn
nj
Ap to
mi = n/ni
pou enai diaforetik ap to
ni .
enai
gia
i=
Akolojwc,
orzoume to
ci = mi (m1
i
gia
i = 1, 2, . . . , k .
mod ni )
(10)
H exswsh 10 enai pntote kalc orismnh: epeid ta
metax touc (ap to Jerhma 6), to Prisma 26 eggutai ti uprqei to
mi
kai
(m1
i
ni
enai prtoi
mod n).
Tloc,
mporome na upologsoume to
wc sunrthsh twn
a1 , a2 , . . . , ak
a (a1 c1 + a2 c2 + . . . + ak ck ) (
Ja dexoume tra ti h exswsh 11 eggutai pwc
ti an
j = i,
epshc ti
mj 0 ( mod ni ),
tte
ci 1 ( mod ni ),
wc exc:
mod n).
(11)
a ai ( mod ni ) gia i = 1, 2, . . . , k .
Parathrome
cj mj 0 ( mod ni ).
Parathrome
to opoo uponoe ti
ap thn exswsh 10. 'Eqoume tsi thn qrsimh antistoiqa
ci (0, 0, . . . , 0, 1, 0, . . . , 0)
na dinusma pou qei panto
ci
ektc ap thn
i-ost
suntetagmnh, pou uprqei
sqhmatzoun kat kpoion trpo mia bsh gia thn anaparstash. Gia kje
a ai ci (
1;
epomnwc ta
qoume
mod ni )
ai mi (m1
i
mod ni ) (
mod ni )
ai ( mod ni ),
to opoo enai aut pou jlame na apodexoume. H mjodoc upologismo tou
na
pou ikanopoie touc periorismoc
a ai ( mod ni )
gia
i = 1, 2, . . . , k .
ap ta
ai
pargei
H antistoiqa enai
`1-1`, afo mporome na metabome kai proc tic do kateujnseic.
Ta epmena porsmata ja qrhsimopoihjon argtera.
Prisma 28.
touc
n1 , n2 , . . . , nk
modulo n
lsh
Prisma 29.
touc akeraouc
ta
a1 , a2 , . . . , ak
akeraouc
monadik
An
kai
gia
to
ssthma
ton gnwsto
n1 , n2 , . . . , nk
An ta
enai
prtoi
exissewn
i = 1, 2, . . . , k
touc
kai
n = n1 n2 nk
x ai ( mod ni )
gia
tte
gia
louc
i = 1, 2, . . . , k
qei
enai prtoi metax touc kai
n = n1 n2 nk
, tte gia louc
xa(
gia
metax
an
kai
mod n)
mno an
x a ( mod n).
Wc pardeigma miac efarmogc tou Kinzikou jewrmatoc twn upolopwn, ac upojsoume ti
qoume do exisseic
a 2(
mod 5)
a 3(
mod 13),
tsi ste
mod 65,
a1 = 2, n1 = m2 = 5, a2 = 3
miac kai
n = 65.
Epeid
n2 = m1 = 13,
kai
131 2 ( mod 5)
kai
kai jloume na upologsoume to
51 8 ( mod 13),
c1 = 13(2
mod 5) = 26,
c2 = 5(8
mod 13) = 40,
qoume
kai
a 2 26 + 3 40 (
52 + 120 (
42 (
Sunepc, mporome na douleoume
mod 65)
mod 65)
mod 65).
modulo n
apeujeac na doulyoume sthn metasqhmatismnh
anaparstash qrhsimopointac bolikoc xeqwristoc upologismoc
'Uywsh enc stoiqeou se dnamh
modulo ni .
'Opwc enai logik na exetsoume ta pollaplsia enc
arijmo
a modulo n, enai epshc logik na exetsoume thn akolouja twn dunmewn tou a modulo
n,
a Zn :
pou
a0 , a1 , a2 , a3 , . . . ,
modulo n.
h
i-ost
Deiktodotntac ap to
tim enai to
2i
ai mod n.
i
mod 7
en oi dunmeic tou
Se autn thn enthta,
h mhdenik tim autc thc akoloujac enai
Gia pardeigma oi dunmeic tou

2
10
11
...
...
sto
Z7
isotai me to mgejoc tou
Jerhma 30.
kai
Zn
kai
me
enai
10
11
...
...
stw
a0 mod n,
enai
< a >
h upoomda tou
epanalambanmenouc pollaplasiasmoc, kai stw
< 2 >= {1, 2, 4}
2 modulo 7
3 modulo 7
i
3i mod 7
0,
ord7 (2) = 3.
ordn (a)
Zn
pou dhmiourgetai ap to
h txh tou
sto
Zn .
Gia pardeigma,
Qrhsimopointac to ti h sunrthsh
tou
Euler
kajc kai to Prisma 19 odhgomaste sta aklouja jewrmata.
(Jerhma tou
Euler
) Gia
louc touc akeraouc
a(n) 1 (
mod n), a Zn .
n>1
Jerhma 31.
(Jerhma tou
Fermat
An o
Ap thn exswsh 6,
(p) = p 1
an o
enai prtoc.
Zp
H teleutaa sqsh isqei gia kje stoiqeo sto

llh, gia kje
An
ordn (g) = |Zn |
enai rza (
modulo 7
kuklik
, gia
ap a ( mod p)
Zn
tte kje stoiqeo tou
ektc ap to
an o
generator)
den enai rza
modulo 7.
An to
Zn
efson
0
/ Zp .
Ap thn
enai prtoc.
enai dnamh tou
dhmiourgc (
0,
tou
Zn .
g modulo n,
kai lme ti to
Gia pardeigma, to
enai rza
qei rza, tte lme ti h omda
Zn
enai
32.
Oi
kje prto
An to
( mod n).
bsh
isqei ti
primitive root)
all to
Jerhma
2pe
a Zp ,
arijmc, tte
mod p), a Zp .
a(p) 1 (
Apdeixh.
enai prtoc
timc
tou
p>2
kai
enai rza tou
Aut to
Zn
n>1
louc
kai to
to kalome
gia
tic
opoec
touc jetikoc
to
Zn
enai
akeraouc
kuklik
omda
logrijmo
tou
2, 4, pe
oi
kai
a enai stoiqeo tou Zn , tte uprqei na z

diakrit
enai
ttoio ste
gz a
modulo n
gia thn
tan douleoume
g.
Jerhma
33.
(Jerhma
g z g z ( mod n)
Apdeixh.
tou
isqei an kai
diakrito
mno
an isqei
x y ( mod (n)).
'Estw ti
logarjmou)
Tte,
An
exswsh
to
enai
rza
tou
Zn
tte
exswsh
x y ( mod (n))
x = y + k(n)
gia kpoion akraio
k.
Gi' autn
ton lgo
g x g y+k(n) ( mod n)
g y (g (n) )k (
g y 1k (
mod n)
mod n)
g y ( mod n)
Ap thn llh pleur, stw
kje stoiqeo tou
twn dunmewn tou
kai
<g>
g
g x g y ( mod n).
kai
| < g(n) > | = (n),
enai periodik me perodo
x y ( mod n).
Epeid h akolouja twn dunmewn tou
g dhmiourge
ap to Prisma 18 sunepgetai ti h akolouja
(n).
Sunepc, an
g x g y ( mod n)
tte prpei
'Uywsh se dnamh me epanalambanmeno tetragwnism
suqn sthn jewra arijmn enai h ywsh enc arijmo se mia dnamh
mia prxh pou enai gnwst kai wc
ywsh parousa upolopou
Mia prxh pou sunanttai
modulo kpoion llo arijm;
modular exponentiation).
akrbeia, aut pou anazhtome enai nac apodotikc trpoc na upologsoume to

ta
a kai b enai mh-arnhtiko akraioi kai to n enai jetikc akraioc.
Gia thn
ab mod n,
pou
H ywsh parousa upolopou
enai mia shmantik prxh se pollc mejdouc pou elgqoun an nac arijmc enai prtoc qi,
kajc kai sto prwtkollo
RSA. H mjodoc tou
epanalambanmenou tetragwnismo
prblhma apodotik, qrhsimopointac thn duadik anaparstash tou

'Estw
< bk , bk1 , . . . , b1 , b0 >
anaparstash qei mkoc

shmantik
bit.
h duadik anaparstash tou
k + 1 bits,
to
bk
enai to pio shmantik
O akloujoc algrijmoc upologzei to
asmoc kai prosjseic ap
se
b.
lnei aut to
b.
Aut shmanei ti h duadik
bit,
en to
b0
enai to ligtero
ac mod n, kajc to c auxnetai me diplasi-
b.
MODULAR-EXPONENTIATION(a, b, n)
1
c0
d1
3 stw
< bk , bk1 , . . . , b1 , b0 >
4 gia
ik
c 2c
d (d d) mod n
an
mqri
h duadik anaparstash tou
bi = 1
tte
d (d a) mod n
9
epstreye
cc+1
H ywsh sto tetrgwno sthn gramm 6 exhge giat h mjodoc aut onomzetai epanalambanmenoc
tetragwnismc.
Gia pardeigma, an
akolouja timn
modulo 561,
a = 7, b = 560
kai
pwc fanontai paraktw.
mopoiontai fanetai sthn gramm me dekth
c.
n = 561,
o algrijmoc upologzei mia
H akolouja twn ekjetn pou qrhsi-
H metablht
den enai anagkaa gia thn ektlesh
tou algorjmou, all sumperilambnetai giat bohjei sthn katanhsh kai thn anlus tou.
i
bi
c
d
17
35
70
140
280
560
49
157
526
160
241
298
166
67
O algrijmoc enai sqediasmnoc tsi ste na isqoun ta aklouja:
1. H tim tou
tou
2.
enai dia me to prjema
< bk , bk1 , . . . , b1 , b0 >
thc duadikc anaparstashc
kai
d = ac mod n
An oi esodoi
a, b
kai
enai arijmo me
prxewn pou apaitontai enai
Tetragwnik
uploipa
O()
kai
bits,
tte o sunolikc arijmc twn arijmhtikn
kai o sunolikc arijmc twn prxewn se
eresh
tetragwnikn
rizn
bits
enai
O( 3 ).
Sthn pargrafo aut ja
exetsoume to prblhma thc eplushc thc exswshc
x2 = a ( mod n),
(12)
me lla lgia to prblhma thc ereshc tetragwnikn rizn.

Katarqc, tonzoume ti h parapnw exswsh endqetai na mhn qei kan kpoia lsh. Oi akraioi
gia touc opoouc h exswsh (12) qei kpoia lsh onomzontai
residues) modulo a,
uploipa
to an o
tetragwnik uploipa
en auto gia touc opoouc den uprqei lsh onomzontai
quadratic non-residues).
quadratic
tetragwnik
mh-
Sthn sunqeia, diakrnoume do periptseic pou orzontai ap
enai prtoc snjetoc.
Sthn perptwsh pou enai prtoc, tte, akoloujntac thn smbash na sumbolzoume touc
prtouc arijmoc me
p,
prokptei h isodunama
sqetzetai me ta tetragwnik uploipa
Jerhma 34.
nan
'Enac akraioc
peritt prto arijm
an
modulo
sto disthma
kai
x2 = a ( mod p).
nan prto arijm enai to kritrio tou
1ap1
Qp
Euler.
enai tetragwnik uploipo
modulo
mno an
a 2 (p1) = 1 (
An sumbolsoume me
'Ena basik apotlesma pou
(antstoiqa, me
Qp )
mod p).
to snolo twn tetragwnikn upolopwn (an-
tstoiqa, twn tetragwnikn mh-upolopwn) tan douleoume
modulo
nan prto arijm
p,
tte
isqei ti
|Qp | = |Qp | = |Zp | = (p 1)/2,
tetragwnik uploipa
modulo p.
Q13 = {2, 5, 6, 7, 8, 11},
Sthn perptwsh pou o

tte nac akraioc
uploipo tso
kai
Gia pardeigma, tan
p = 13
modulo p so kai modulo q .
|Qq | = 3(p 1)(q 1)/4.
modulo n
Epomnwc, isqei ti
Gia pardeigma, an
n = 21,
kai
kok.
n enai snjetoc arijmc ttoioc ste n = pq , pou p, q
a Zn
enai
Q13 = {1, 3, 4, 9, 10, 12}
tte
16 = 1 ( mod 13), 26 = 12 ( mod 13)
giat
Zp
me lla lgia akribc oi miso akraioi sto
prtoi arijmo,
an kai mno an enai tetragwnik
|Qn | = |Qp ||Qq | = (p1)(q1)/4
tte
Q21 = {1, 4, 16}
kai
Q2 1 =
{2, 5, 8, 10, 11, 13, 17, 19, 20}.

Sthn sunqeia ja asqolhjome me to prblhma thc ereshc thc tetragwnikc rzac enc
tetragwniko upolopou, me lla lgia me ton upologism enc
mod n), tan gnwrzoume ti a Qn .
x Zn
ttoiou ste
Knoume pli thn dikrish sqetik me to an o
x2 = a (
n enai prtoc
snjetoc.
'Estw loipn ti douleoume
modulo
nan prto arijm
kai mlista upojtoume ti isqei
p = 3 ( mod 4).
Gia thn eresh thc lshc qrhsimopoiome to akloujo lmma.
Lmma 35.
modulo p
An
, tte oi
enai
prtoc
lseic thc
arijmc
thc
morfc
4k 1
kai
to
enai
tetragwnik
uploipo
exswshc
x2 = a (
mod p)
dnetai ap thn sqsh
x = ak
Apdeixh.
Euler
Epeid gnwrzoume pwc to
( mod p).
modulo p,
to kritrio tou
dnei
1
a 2 (p1) = 1 (
Epeid
k = 14 (p + 1),
mod p).
qoume pwc
1
a 4 (p+1) a 4 (p+1) = a 2 (p+1) = a 2 (p1) a

= a (
Sthn perptwsh pou douleoume

ste
p = q = 3 ( mod 4),
mod p).
modulo nan snjeto n = pq , pou p, q
tte akoloujome ta aklouja bmata.
prtoi arijmo ttoioi
1. Arqik prpei na brome tic lseic
(r, r)
2. Upologzoume antistoqwc tic lseic
3. Upologzoume
c, d
ttoia ste
mopointac ton algrijmo
4. Upologzoume ta
thc isodunamac
(s, s)
thc isodunamac
cp + dq = 1.
5. Epistrfoume wc lseic touc arijmoc
kai
x2 = a ( mod q).
Shmeinoume pwc aut enai efikt qrhsi-
EXTENDED-EUCLID
x = rdq + scp ( mod n)
x2 = a ( mod p).
afo
gcd(p, q) = 1.
y = rdq scp ( mod n).
(x, y).
Parathrome ti o parapnw algrijmoc baszetai sthn gnsh thc paragontopohshc tou
n.
Geniktera, isqei to isqurtero apotlesma ti to prblhma thc ereshc tetragwnikn rizn
modulo n
tan
n = pq
enai upologistik isodnamo me to prblhma thc paragontopohshc tou
stouc prtouc pargontec
kai
q.
An qoume nan poluwnumik algrijmo gia to prblhma thc
paragontopohshc, tte ton qrhsimopoiome gia na brome ta
p, q
parapnw algrijmo gia na brome tic tetragwnikc rzec.
Gia thn antjeth katejunsh, stw
ti qoume nan poluwnumik algrijmo
modulo n.
Tte arke na dialxoume na
ektelsoume ton
A(a, n)
kai stw
A(a, n)
kai sthn sunqeia ektelome ton
pou epistrfei kpoia tetragwnik rza tou
x Zn ,
na upologsoume to
a = x2 ( mod n)
h epistrefmenh tetragwnik rza.
An
kai na
y = x ( mod n),
tte apotqame kai prpei na dokimsoume pli dialgontac kpoia diaforetik tim gia to
allic o
gcd(x y, n)
'Enac arijmc
enai pargontac tou
kaletai
an epalhjeei thn exswsh

rzec:
35.
1 modulo n.
mh
tetrimmnh
n,
ete o
tetragwnik
x2 1 ( mod n)
Gia pardeigma to
ete o
rza
x,
q.
tou
1,
tan douleoume
modulo n
all enai diaforetikc ap tic do tetrimmnec
enai mh-tetrimmnh tetragwnik rza tou
1 modulo
To akloujo prisma ja mac fane qrsimo gia na apodexoume thn orjthta tou elgqou
Miller-Rabin
gia to an nac arijmc enai prtoc qi.
Prisma 36.
An uprqei mh-tetrimmnh
rza tou
1 modulo n
tte o
enai
snjetoc arijmc.
2 Prwtkolla dhmosou kleidio

Sthn enthta aut afo orsoume ti enai ta prwtkolla dhmosou kleidio kai knoume mia
sgkrish anmesa sta prwtkolla dhmsiou kai idiwtiko kleidio, sthn sunqeia parousizoume
orismna prwtkolla dhmosou kleidio, dnontac idiaterh mfash sto prwtkollo
RSA.
'Ena ssthma dhmosou kleidio mpore na qrhsimopoihje gia na kruptografhjon ta mhnmata

pou do ontthtec jloun na antallxoun kat thn epikoinwna touc.
O stqoc enai na mhn
mpore kpoioc pou krufakoei to kanli epikoinwnac na katalbei to perieqmeno tou, en na

ssthma dhmosou kleidio epitrpei epshc ston apostola na episunyei sto mnuma mia yhfiak
upograf pou den gnetai na plastografhje.
Mia ttoia upograf mpore na jewrhje wc to
hlektronik antstoiqo thc qeirgrafhc upografc se na kemeno grammno se qart.
Mpore
ekola na epalhjeuje ap opoiondpote diabzei to kemeno, all dskola mpore kpoioc na

thn plastografsei, epiplon, an allxei stw ki na
egkurtht thc.
bit
ap to kemeno, h upograf qnei thn
Epomnwc, parqei nan trpo na pistopoietai tso h tautthta tou qrsth-
apostola, so kai to perieqmeno tou mhnmatoc.

Se na ssthma dhmosou kleidio, kje summetqon mroc qei na
mustik
kleid
Kje kleid periqei na kommti plhroforac.
dhmsio
kleid
kai na
Enai snhjec ta summetqonta
mrh pou epijumon na qrhsimopoisoun kruptografikc mejdouc kat thn epikoinwna touc na
kalontai me ta onmata
ta kleidi tou
Alice kai Bob.
Sumbolzoume me
PA , SA ta kleidi thc Alice kai me PB , SB
Bob.
Kje summetqwn dhmiourge to dik tou dhmsio kai mustik kleid kai frontzei tsi ste to
mustik kleid na mhn to mjei kanec lloc, all mpore na anakoinsei to dhmsio se opoiondpote
kai na to dhmosiopoisei se louc.
Sthn pragmatikthta, h deterh epilog enai protimterh
kai sunjwc uprqei nac dhmsioc katlogoc pou periqei dhmsia kleidi diafrwn qrhstn,
tsi ste na dieukolnetai h eresh tou dhmsiou kleidio kpoiou qrsth.
To dhmsio kai to mustik kleid kajorzoun kpoiec sunartseic-metasqhmatismoc efarmzontai se opoiodpote mnuma.
pardeigma, to
'Estw
to snolo lwn twn epitreptn mhnumtwn.
Gia
mpore na enai to snolo lwn twn akoloujin me peperasmno arijm ap
bits.
Ston arqik, kai aplostero, orism thc kruptografac dhmosou kleidio, apaitetai to dhmsio
kai to mustik kleid na kajorzoun sunartseic `1-1' ap to
antistoiqe sto dhmsio kleid
PA
thc
ston eaut tou. H sunrthsh pou
Alice sumbolzetai me PA () kai h sunrthsh pou antistoiqe
sto mustik kleid

ojtoume ti oi
kleidin
PA
kai
SA
PA ()
me
SA ().
kai
SA ()
Oi sunartseic
PA ()
kai
SA ()
enai loipn metajseic tou
D.
Up-
mporon na upologisjon apodotik, dedomnwn twn antstoiqwn
SA .
To dhmsio kleid kai to mustik kleid kje qrsth apotelon zeugri up thn nnoia ti
orzoun sunartseic pou h ma enai antstrofh thc llhc, dhlad
gia opoiodpote mnuma
SA ,
m D.
M = SA (PA (M )),
(13)
M = PA (SA (M )),
(14)
An metasqhmatsoume epituqc to
me ta do kleidi
me opoiadpote seir, ja prpei na katalxoume kai pli sto arqik mnuma
PA
M.
Se na ssthma dhmosou kleidio enai shmantik na mhn mpore kanec par mno h
na upologsei thn sunrthsh
SA ()
se kpoio logik qronik disthma.
Alice
lektronikc epikoinwnac pou kruptografetai kai stlnetai sthn

yhfiakc upografc thc
thn
SA ().
Alice
sthrzontai sthn upjesh ti mno h
Aut h propjesh exhge giat h
Alice
kai
Alice
H idiwtikthta thc h-
kai h aujentikthta thc
Alice
mpore na upologsei
prpei na kratsei mustik to
SA ;
an den to
knei, tte qnei thn monadiktht thc wc qrsthc kai to ssthma dhmosou kleidio den mpore
na thn prostatesei. H upjesh ti mno h
akma ki an kajnac gnwrzei to
pou enai antstrofh thc
SA ().
PA
Alice mpore na upologsei thn SA () prpei na isqei
kai mpore se logik qronik disthma na upologsei thn
PA (),
H meglh duskola ston sqediasm enc praktiko sustmatoc
dhmosou kleidio enai to pc ja dhmiourghje na prwtkollo pou epitrpei thn dhmosiopohsh

thc
PA (),
qwrc na mpore na breje h antstrofh sunrthsh
SA ().
Se na ssthma dhmosou kleidio, h kruptogrfhsh gnetai wc exc: upojtoume ti o

jlei na stelei sthn
Alice
na mnuma
Bob
me ttoio trpo tsi ste opoiosdpote krufakoei to
kanli epikoinwnac na mhn mpore na katalbei ti enai to mnuma.
To prwtkollo douleei wc
exc:
Bob
brskei to dhmsio kleid
apeujeac ap thn
Bob
PA
thc
Alice
Alice).
upologzei to kruptografhmno mnuma
kai stlnei to
(ete ap kpoion dhmsio katlogo ete
sthn
Alice.
C = PA (M )
pou antistoiqe sto mnuma
Alice
'Otan h
gia na anaktsei to arqik mnuma
Epeid oi
ap to
C,
lbei to kruptografhmno mnuma
SA
qrhsimopoie to mustik thc kleid
M = SA (C).
SA () kai PA () enai antstrofec sunartseic, h Alice mpore na upologsei to mnuma
C.
Epeid mno h
pou mpore na upologsei to
Alice
mpore na upologsei thn
C.
ap to
SA (),
H kruptogrfhsh tou
enai tautqrona kai h mnh

me thn
PA ()
perieqmeno tou mhnmatoc kai den epitrpei thn angnws tou, par mno sthn
prostateei to
Alice.
Oi yhfiakc upografc enai epshc ekolo na ulopoihjon me autn ton orism tou sustmatoc
dhmosou kleidio.
Shmeinoume pwc uprqoun ki llec mjodoi na proseggiste to prblhma
dhmiourgac yhfiakn upografn, all den ja mac apasqolsoun sthn parosa enthta.
jtoume ti h
Alice
jlei na apantsei ston
Bob
me na mnuma
Upo-
pou qei upografe yhfiak,
opte prokptoun ta aklouja.
Alice
upologzei thn yhfiak thc upograf
mustik kleid
'Otan o
Alice
SA
kai thn sqsh
lbei to
(M , ),
na qrhsimopoisei.
numa
qrhsimopointac to
(M , )
ston
Bob.
mpore na epibebaisei ti prorqetai ap thn
mopointac to dhmsio kleid thc

ojtoume ti to
gia to mnuma
= SA (M ).
stlnei to zegoc mhnmatoc-upografc
Bob
Alice
gia na epalhjesei thn sqsh
periqei to noma thc
Alice,
ste o
An h sqsh epalhjeute, tte o
periqei ntwc thn yhfiak upograf thc
Bob
Bob
Alice.
Alice
qrhsi-
M = PA ().
Up-
na xrei poio dhmsio kleid
mpore na sumpernei ti to mAn den epalhjeute, tte o
Bob
mpore na sumpernei ete ti to mnuma ete h yhfiak upograf peirqthkan kat thn
metdosh. Aut mpore na ofeletai se ljoc tou kanalio metdoshc, mpore mwc kai na
gine appeira plastogrfhshc thc upografc appeira tropopohshc tou mhnmatoc.
Epeid h yhfiak upograf prosfrei tautqrona tautopohsh tou apostola pou upogrfei
kai pistopohsh tou perieqomnou tou mhnmatoc, enai anlogh me thn qeirgrafh upograf se
na kemeno pou uprqei sto qart.
Mia shmantik idithta thc yhfiakc upografc enai ti mpore na epibebaiwje ap opoiondpote pou qei prsbash sto dhmsio kleid tou apostola. 'Ena upogegrammno mnuma mpore na
epibebaiwje ap nan qrsth kai met na metabibaste se llouc qrstec, oi opooi akolojwc
mporon na epibebaisoun thn upograf. Gia pardeigma, to mnuma mpore na enai mia hlektronik epitag ap thn
Alice gia ton Bob.
Afo o
Bob epalhjesei thn yhfiak upograf thc Alice,
mpore na dsei thn epitag sthn trpez tou, h opoa mpore epshc na epalhjesei thn upograf
thc
Alice
kai na probe sthn antstoiqh sunallag.
Shmeinoume ti wc tra jewrome ti to mnuma den qei kruptografhje, metaddetai pwc

enai kai den prostateetai ap kpoion pou parakolouje to kanli epikoinwnac.
Sunjtontac
to prwtkollo thc kruptogrfhshc me aut thc yhfiakc upografc, mporome na dhmiourgsoume mhnmata pou enai tautqrona kruptografhmna kai upogegrammna. O apostolac prta
episunptei thn yhfiak upograf sto tloc tou mhnmatoc kai akolojwc kruptografe to zegoc
mhnmatoc-upografc me to dhmsio kleid tou paralpth. O paralpthc, afo lbei to mnuma,
apokruptografe me to mustik tou kleid gia na apoktsei to zegoc mhnmatoc upografc kai
sthn sunqeia epalhjeei thn upograf qrhsimopointac to dhmsio kleid tou apostola.
antstoiqh diadikasa se ggrafh epikoinwna ja tan na upogryei o apostolac to ggrafo kai

sthn sunqeia na to blei se kleist fkelo pou ja anoiqje mno ap ton paralpth.
Sgkrish me prwtkolla idiwtiko kleidio
H basik diafor metax twn prwtokll-
wn dhmosou kleidio kai idiwtiko kleidio enai ti sta prta den uprqei h apathsh to kleid
pou qrhsimopoietai gia thn kruptogrfhsh enc mhnmatoc na enai dio me aut pou qrhsimopoietai gia thn apokruptogrfhsh.
To gegonc aut epitrpei thn dhmosiopohsh tou kleidio pou
qrhsimopoietai gia thn kruptogrfhsh, me ton shmantik periorism ti ja prpei na mhn enai
efikt na qrhsimopoihje aut h gnsh ste na prokyei to kleid thc apokruptogrfhshc, to
opoo apokaletai kai
mustik
kleid
Antjeta, sta prwtkolla idiwtiko kleidio ta do aut
kleidi tautzontai kai gi' aut prpei na paramenoun mustik.

Ma prth sunpeia enai ti na prwtkollo dhmosou kleidio sto opoo summetqoun
qrstec apaite
kleidi (sthn pragmatikthta apaite
zegh thc morfc dhmsio kleid -
mustik kleid), en na antstoiqo prwtkollo idiwtiko kleidio apaite

kajc prpei na dhmiourghje na kleid gia kje zegoc qrhstn.
(n)
2
n(n1)
2
kleidi,
Ap thn llh pleur, ta
prwtkolla idiwtiko kleidio enai arket taqtera ap ta antstoiqa dhmosou kleidio.
2.1
Dhmiourga kai antallag kleidin
En sta prwtkolla dhmosou kleidio enai ekolo na brei kanec to kleid me to opoo
prpei na kruptografsei to mnuma proc kpoion sugkekrimno apostola (efson autc to
dhmosiopoie), sta prwtkolla idiwtiko kleidio genntai to erthma tou pc do qrstec ja
sumfwnsoun se na sugkekrimno kleid. H phg tou problmatoc enai ti mqri na oristikopoihje kpoio kleid to kanli epikoinwnac enai anasfalc, epomnwc opoiodpote mnuma metax
autn twn do qrhstn mpore na anagnwsje ap louc soi qoun prsbash sto kanli.
Me
lla lgia, antimetwpzoume to prblhma thc dhmiourgac enc asfaloc kleidio me qrsh enc
anasfaloc kanalio epikoinwnac.
Sthn sunqeia, parousizoume me suntoma thn lsh pou protjhke to
Die
U
kai
Martin Hellman
gia to sugkekrimno prblhma.
qrstec ki stw
ui
ap
i-ostc
qrsthc.
sumfwnsoun se nan meglo prto arijm
qrstec
ui
kai
uj
ui
upologzei to
a
Ai j
upologsei to
qrstec
ui
kai
uj
Arqik, ja prpei loi auto oi qrstec na
g Zp .
ui
Epiplon, kje qrsthc
kai na upologsei to
Ai = g ai mod p.
prpei na
An tra do
jloun na dhmiourgsoun na idiwtik kleid ste na mporon sthn sunqeia
ui
na epikoinwnon, tte arke o

o
ai Zp
Upojtoume ti qoume na snolo
p (ja prpei na enai pol megalteroc ap to pljoc
twn qrhstn) kajc kai na dhmiourg-stoiqeo

dhmiourgsei tuqaa na stoiqeo
1976 ap touc Whiteld
Aaj i
na stelei to
Ai
ston
uj
kai o
uj
to
Aj
ston
mod p = (g aj mod p)ai mod p = g ai aj mod p
mod p = (g ai )aj mod p = g ai aj mod p.
ui .
Sthn sunqeia,
kai antstoiqa o
uj
na
Parathrome ti telik oi do
qoun upologsei thn dia posthta, h opoa apotele kai to idiwtik kleid gia
to sugkekrimno zegoc qrhstn.

To prwtkollo twn
Die
kai
Hellman
baszetai sto prblhma tou diakrito logarjmou, me
lla lgia sto ti en enai ekolo dojntwn twn
p, g
kai
ai
na upologiste to
enai upologistik dskolo na antistrafe aut h prxh kai dojntwn twn

sugkekrimno
p, g
Ai = g ai mod p,
kai
Ai
na breje to
ai .
Oloklhrnoume aut thn pargrafo me na pardeigma ki stw ti oi qrstec qoun sumfwnsei ston prto arijm
p = 71
kai sto dhmiourg stoiqeo
g = 7.
Do qrstec
u2
dialgoun tuqaa ap nan arijm ap to
Z71
ti
A1 = g a1 mod p = 75 mod 71 = 51
A2 = g a2 mod p = 713 mod 71 = 4.
kai
ki stw
a1 = 5
kai
a2 = 12.
u1
kai
Tte isqei
wc, afo oi sugkekrimnoi qrstec antallxoun ta parapnw mhnmata, upologzei o
Epomn-
u1
to
45
mod 71 = 30
kai o
u2
to
5112 mod 71 = 30.
u1
kai
u2
gia thn metax touc epikoinwna enai o arijmc
qrhsimopoion oi
Sunepc, to idiwtik kleid pou ja prpei na
30.
Shmeinoume ti
gia ton upologism thc ywshc se dnamh oi qrstec prpei na qrhsimopoisoun ton algrijmo
MODULAR-EXPONENTIATION
2.2
pou parousisame sthn Enthta 1.2.
RSA
RSA
baszetai sthn meglh diafor anmesa sthn eukola
ereshc meglwn prtwn arijmn kai thn duskola paragontopohshc tou ginomnou do meglwn
prtwn arijmn.
Sthn enthta 3 perigrfetai mia apodotik diadikasa gia thn eresh meglwn
prtwn arijmn.
Kje qrsthc dhmiourge to dhmsio kai to mustik kleid me thn akloujh diadikasa.
1. Epilgei tuqaa do meglouc prtouc arijmoc

upojtoume ti enai
2. Upologzei to
512 bits
tsi ste
p = q .
Oi prtoi arijmo
n = pq.
d,
o opooc enai sqetik prtoc me to
to opoo enai to pollaplasiastik antstrofo tou
Prisma 26 eggutai ti to
(n),
to opoo
d uprqei kai enai monadik.
e modulo (n).
Gia na upologsei to
To
d ap ta e kai
mpore na akoloujsei thn mjodo thc enthtac 1.2.
5. Dhmosiopoie to zegoc
P = (e, n),
6. Krat mustik to zegoc
to opoo enai to dhmsio
S = (d, n),
Se aut thn mjodo, to pedo
pou sqetzetai me to dhmsio kleid
RSA
to opoo enai to mustik
enai to snolo
P = (e, n)
Zn .
kleid tou.
RSA
kleid tou.
O metasqhmatismc enc mhnmatoc
enai o
P (M ) = M e (
mod n).
O metasqhmatismc tou kruptografhmnou mhnmatoc
(d, n)
(p 1)(q 1).
4. Upologzei to
(n)
kai
o kajnac.
3. Epilgei nan mikr peritt akraio

isotai me
pou sqetzetai me to mustik kleid
(15)
S=
enai o
S(C) = C d (
mod n).
(16)
Autc oi do exisseic efarmzontai kai gia thn kruptogrfhsh kai gia thn upograf.
Gia na
upogryei to mnuma, o qrsthc efarmzei to mustik tou kleid sto kajar mnuma, ant gia to
kruptografhmno.
Gia na epalhjesei mia upograf, o paralpthc efarmzei to dhmsio kleid
tou apostola sthn upograf, ant gia to mnuma.

Oi prxeic gia thn dhmiourga tou dhmsiou kai tou mustiko kleidio mporon na gnoun qrhsimopointac thn diadikasa
enthta 1.2.
log n .
O( 2 )
kai
(e, n)
ikanopoion
Apdeixh.
bits.
prxeic se
Jerhma
kai to mustik kleid
(d, n)
ikanopoion tic sqseic
Tte, h qrsh enc dhmsiou kleidio apaite
prxeic se
O( 3 )
pwc aut parousisjhke sthn
Gia thn anlush tou qrnou ektleshc twn prxewn autn, upojtoume ti to
dhmsio kleid
kai
37.
Oi
log e = O(1), log d
O(1) modular
H qrsh enc mustiko kleidio apaite
pollaplasiasmoc kai
O() modular
pollaplasiasmoc
bits.
exisseic
tic sqseic 13 kai
15
kai
16
orzoun
antstrofouc
metasqhmatismoc
14.
Ap tic exisseic 15 kai 16, qoume ti gia kje
M Zn
P (S(M )) = S(P (M )) = M ed ( mod n).

Epeid ta
kai
enai pollaplasiastiko antstrofoi
modulo (n) = (p 1)(q 1),
ed = 1 + k(p 1)(q 1)
gia kpoion akraio
k.
Tte mwc, an
M = 0 ( mod p),
tte qoume
M ed M (M p1 )k(q1) ( mod p)
M (1)k(q1) ( mod p)
M (
Epshc,
M ed M ( mod p)
an
mod p).
M 0 ( mod p).
Sunepc,
M ed M ( mod p)
gia kje
M.
Paromowc,
M ed M (
mod q)
sto
Zn
pou
gia kje
M.
Opte, ap to Prisma 29 gia to Kinziko jerhma twn upolopwn, qoume
M ed M ( mod n)
gia kje
M.
RSA
H asfleia tou prwtokllou
baszetai se meglo bajm sto ti enai upologistik
dskolh h paragontopohsh meglwn akerawn. An nac antpaloc mpore na paragontopoisei

to
n se na dhmsio kleid, tte mpore na apoktsei to mustik kleid ap to dhmsio kleid, qrhsip
mopointac thn gnsh twn paragntwn
kai
q,
me ton dio trpo pou o dhmiourgc tou dhmosou
kleidio touc qrhsimopohse. Epomnwc, an enai upologistik ekolh h paragontopohsh meglwn

akerawn, tte enai upologistik ekolo na parabiaste to prwtkollo
RSA. H antjeth prtash
den qei apodeiqje, sunepc mia apdeixh ti h paragontopohsh enai upologistik dskolh den
ja apodeknue ti to
RSA enai asfalc.
Mporome mwc, met ap sqedn 30 qrnia ereunhtikn
RSA
prospajein, na pome ti o eukolteroc trpoc na parabiaste h asfleia tou

thc paragontopohshc meglwn akerawn. Epilgontac tuqaa do arijmoc twn
enai msw
512 bits
kai pol-
laplasizontc touc, mpore kanec na dhmiourgsei na dhmsio kleid pou den mpore na spsei
se logik qrno me bsh thn parosa teqnologik katstash.
Katalgontac, an den epljei
kpoia drastik allag kai prodoc sthn jewra arijmn, to prwtkollo
RSA
enai asfalc,
tan ulopoietai proseqtik.

Epigrammatik, pijano trpoi ste na parabiaste h asfleia tou prwtokllou
RSA
enai oi
akloujoi:
Msw paragontopohshc tou
n = pq ,
tte mpore na brei to
Msw upologismo tou
(n):
n:
Profanc, an o antpaloc brei ta
(n) = (p 1)(q 1)
An to
(n)
kai
kai to mustik kleid
gia ta opoa
d.
enai gnwst, tte mpore na upologiste to
Enai ekolo mwc na dome pwc h gnsh tou

Aut sumbanei lgw twn sqsewn
(n)
odhge sthn paragontopohsh tou
p + q = n (n) + 1, (p 1)2 = (p + q)2 4n
d.
n.
kai
q = 21 [(p + q) (p q)].
Gia lgouc eukolac kai taqthtac, arket suqn qrhsimopoietai sthn prxh na ubridik
sqma pou periqei kai grgora prwtkolla pou den baszontai se dhmsia kleidi.
Se na t-
toio ubridik ssthma, ta kleidi pou qrhsimopoiontai gia thn kruptogrfhsh kai thn apokruptogrfhsh enai dia.
An h
Alice
jlei na stelei na mnuma
ston
Bob,
epilgei tuqaa na
kleid
kai kruptografe me grgoro trpo to
to kruptografhmno mnuma
C.
To
qrhsimopointac to
enai diou megjouc me to
mikr se mgejoc. Sthn sunqeia, kruptografe to

d, to
enai mikr se mgejoc, o upologismc tou
PB (K)
PB (M )).
Bob,
gia na prei to
apokruptografsei to mnuma
PB (K)
opte qei upologsei
all to
enai arket
me bsh to dhmsio kleid tou
ap ti ja qreiaztan gia na upologiste to

o opooc apokruptografe to
M,
K,
Bob.
Epei-
gnetai grgora (pol grhgortera
Akolojwc, metaddei to
K,
gia na prei to arqik mnuma
(C, PB (K))
ston
to opoo to qrhsimopoie gia na
M.
Mia parmoia ubridik prosggish qrhsimopoietai gia thn grgorh dhmiourga yhfiakn upografn. To
RSA sunduzetai me mia dhmsia one-way hash function h; mia sunrthsh pou mpore
na upologiste ekola all gia thn opoa enai upologistik adnato na brejon do mhnmata
kai
ttoia ste
tou mhnmatoc
M.
gia na prei to
Bob
to
h(M ) = h(M ).
An h
h(M ),
Alice
H tim
h(M )
enai na mikr (ac pome
jlei na upogryei to mnuma
M,
Bob
apotpwma
efarmzei prta thn
to opoo upogrfei me to mustik thc kleid.
(M, SA (h(M ))).
160 bits)
sto
PA
sto
SA (h(M ))
Akolojwc, stlnei ston
h(M )
mpore na epalhjesei thn upograf upologzontac to
kai epalhjeontac ti an efarmsei to
pou labe ja prei to
h(M ).
Epeid
enai upologistik adnato na dhmiourghjon do mhnmata me to dio apotpwma, enai upologistik adnato na alloiwje na upogegrammno mnuma kai na paramenei anallowth h yhfiak
upograf.
Tloc, anafroume ti h qrsh
dhmoswn kleidin.
pistopoihtikn
certicates) knei eukolterh thn dianom twn
Gia pardeigma, upojtoume ti uprqei mia mpisth arq
dhmsio kleid enai gnwst se louc. H

(pistopoihtik) ap thn
T,
Alice
T,
thc opoac to
mpore na tte na prei na upogegrammno mnuma
to opoo ja lei ti to dhmsio kleid thc
Alice
enai to
to pistopoihtik pistopoie kat kpoion trpo ton eaut tou, kajc loi xroun to
PA .
PT .
Aut
Alice
mpore na episunyei to pistopoihtik se kje upogegrammno mnum thc, opte o paralpthc

qei sthn dijes tou amswc to dhmsio kleid me to opoo ja epalhjesei thn upograf. Epeid
to kleid thc enai pistopoihmno ap thn
T,
o paralpthc mpore na enai sgouroc ti qei sthn
dijes tou to pragmatik dhmsio kleid thc
2.3
Alice.
'Opwc proanaframe sthn suzthsh gia to prwtkollo
Rabin
RSA,
gnwrzoume ti mpore na para-
biaste an uprqei kpoioc apodotikc algrijmoc gia to prblhma thc paragontopohshc. Qrhsi-
mopointac rouc upologistikc poluplokthtac, aut mpore na anaparastaje wc
RSA Paragontopohsh.
Parabash
Den qei apodeiqje mwc ti to prblhma
RSA enai upologistik tso dskolo so to prblhma
thc paragontopohshc.
Mia diaforetik ida, pou epshc baszetai sthn jewra arijmn, protjhke ap ton
to 1979. O
Rabin
M. Rabin
prteine na prwtkollo dhmosou kleidio to opoo enai apodedeigmna tso
dskolo so to prblhma thc paragontopohshc.
Kje qrsthc epilgei na zeugri
diaforetikoc prtouc akeraouc, to opoo kratei mustik.
(p, q)
Dialgei epshc nan akraio
ap
B <
N = pq .
To dhmsio kleid enai to zegoc
(B, N ).
To mustik kleid enai h paragontopohsh

H sunrthsh kruptogrfhshc
(p, q)
tou
M,
enc mhnmatoc
N.
pou to
(an enai meglo, mporome na
to qwrsoume se tmmata) anaparstatai wc nac akraioc sto disthma
e(M ) = M (M + B) (
An sumbolsoume to kruptografhmno mnuma me
enai na breje na
{1, . . . , N 1},
enai
mod N ).
C , tte to prblhma thc apokruptogrfhshc
ttoio ste
M2 + MB = C
mod N ).
(17)
H kentrik ida tou prwtokllou enai h akloujh.
Lmma 38.
Mia lsh
gia
thn isodunama
x2 + Bx = C
mpore na breje
kai
akeraouc
a=1 (
an brome
kai
ttoiouc
mod p),
Tte qoume pwc
tic lseic
h sqsh
kai
gia
mod pq)
tic
(18)
isodunamec
u2 + Bu = C
( mod p),
v 2 + Bv = C
( mod q),
ste
a=0 (
mod q),
x = au + bv
b=0 (
ikanopoie
mod p),
thn isodunama 18.
b=1 (
mod q).
(19)
Apdeixh.
a = 1 + kp a = lq
Knontac arijmhtikc prxeic kai antikajistntac
pou qreizetai.
Suneqzoume thn parousash tou prwtokllou me to akloujo apotlesma.
Lmma 39.
mporon
to
na
log pq
Afo oi
brejon
kai
enai prtoi arijmo, oi akraioi
qrhsimopointac
ton
kai
EXTENDED-EUCLID
pou ikanopoion thn sqsh 19
se
qrno
poluwnumik
wc
proc
Apdeixh.
Ektelome ton algrijmo
airth twn
p kai q .
EXTENDED-EUCLID
kai brskoume ton mgisto koin di-
Afo enai prtoi metax touc, katalgoume se mia sqsh san thn
H apdeixh oloklhrnetai an jsoume
a = fq
kai
1 = ep + f q .
b = ep.
Sunepc, h apokruptogrfhsh mpore na gnei ekola an mporome na lsoume thn isodunama
modulo
nan prto arijm. To parapnw mwc mpore na gnei wc exc.
Lmma 40.
eplush thc
u2 + Bu = C
enai isodnamh me
thn eplush
thc
y 2 = C + (41 )p B 2
pou
to
(41 )p
Apdeixh.
To
dhlnei ton
(41 )p
( mod p)
pollaplasiastik
uprqei efson o
( mod p),
antstrofo
tou
(20)
4 modulo p
enai prtoc arijmc kai h sqsh 20 prokptei an
sumplhrsoume to anptugma tou tetragnou.
Efson o
enai epshc prtoc, to Lmma 40 isqei kai an pou
qoume to
q,
kai sunepc
qoume angei to prblhma thc apokruptogrfhshc sto prblhma thc ereshc tetragwnikn rizn
modulo
kpoion prto arijm.
Sunduzontac ta parapnw apotelsmata, apodeiknoume thn akloujh prtash.
Prisma
diadikasa
41.
thc
An
oi
prtoi
arijmo
kai
afnoun
kai
oi
do
apokruptogrfhshc mpore na gnei se poluwnumik
uploipo
qrno.
3 modulo 4
tte
Apdeixh.
O paralpthc, o opooc gnwrzei touc prtouc pargontec
kai
tou
n,
gnwrzei
epshc pwc to kruptografhmno mnuma prpei na enai tetragwnik uploipo kai mpore na lsei
tic exisseic
lsh
modulo p
kai
modulo q
kai na qrhsimopoisei ta Lmmata 38 kai 40 gia na bre thn
thc exswshc 17.
Sthn pragmatikthta, o
Rabin
p, q
enai pwc akma ki an oi arijmo

kai oi do uploipo
apdeixe kti pio isqur ap to prisma 41.
3 modulo 4),
Aut pou deixe
den ankoun se aut thn kathgora (dhlad den afnoun
tte kai pli oi exisseic
modulo p
kai
modulo q
lujon se poluwnumik qrno, qrhsimopointac nan pijanotik algrijmo.
mporon na
ton opoon den ja
parousisoume ed.
Anakefalainontac, gia opoiousdpote prtouc arijmoc
kai
q,
h diadikasa thc apokrup-
togrfhshc mpore na gnei (ete msw nteterministiko ete msw pijanotiko algorjmou) se
poluwnumik qrno.
Gia pardeigma, upojtoume ti h
Alice
qei wc dhmsio kleid to zegoc
(p, q) = (7, 11)
en to mustik thc kleid enai h paragontopohsh
M = 3,
tou
N.
(B, N ) = (2, 77),
An to mnuma enai to
tte
C = M 2 + 2M = 15 (
Gia na apokruptografsei, h
Alice
mod 77).
ja prpei na lsei tic
u2 + 2u = 15 = 1 (
mod 7)
kai
v 2 + 2v = 15 = 4 (
Autc lnontai, an lsei tic
tic timc
(u + 1)2 = 2 ( mod 7)
u + 1 = 22 = 4 ( mod 7)
u=3
b = 21,
kai
(v + 1)2 = 5 ( mod 11)
kai
v + 1 = 53 = 4 ( mod 11).
2,
Akolojwc, qrhsimopointac ton algrijmo

kai
mod 11).
v=3
x2 + 2x = 15 (
mod 77)
Sunepc,
6.
EXTENDED-EUCLID
kai h lsh sto
gia na prei
parnei tic timc
a = 22
enai h
2 22 3 21
2 22 6 21
x=
3 22 3 21
3 22 6 21
Aut shmanei pwc h

dhlad
Alice
( mod 77).
qei na dialxei anmesa se
pijan mhnmata tou apostola,
M1 = 3, M2 = 17, M3 = 58, M4 = 72.
To parapnw pardeigma parousizei na ap ta meionektmata tou prwtokllou dhmosou

kleidio tou
Rabin,
arqik mhnmata.
dhlad to ti o paralpthc prpei na dialxei anmesa se perisstera pijan
Sunjwc, to prblhma aut lnetai ap thn dia thn fsh tou mhnmatoc
(an dhlad gnwrzoume ti to arqik mnuma tan mia prtash sta ellhnik, tte enai apjano na
uprqoun pnw ap na pijan mhnmata pou na qoun nhma sta ellhnik). Wc na epiplon mtro
asfaleac, mporome na epibloume se louc touc qrstec tou prwtokllou na epanalambnoun
p.q.
ta prta
64 bits
sto tloc tou mhnmatoc.
Tte, o paralpthc ja elgqei kje pijan
mnuma gia to an qei aut thn eidik morf.

Tloc, ja knoume mia sntomh anafor se na ssthma yhfiakn upografn pou qrhsimopoie
to prwtkollo tou
B = 0.
s
Rabin,
gia to opoo ja upojsoume ti gia louc touc qrstec isqei pwc
An o apostolac jlei na apostelei na mnuma
tsi ste
s2 = m ( mod n)
m,
tte upologzei thn tetragwnik rza
kai stlnei ston paralpth to mnuma
O paralpthc me thn seir tou, koitzei to dhmsio kleid
m = s2
( mod n).
An
m = m
(m, s).
tou apostola kai upologzei to
tte apodqetai ti to sugkekrimno mnuma ntwc to steile o
upotijmenoc apostolac.
'Ena pijan prblhma me to parapnw ssthma yhfiakn upografn, enai pwc nac kakbouloc qrsthc mpore na epilxei na
na stelei to
(s, m),
me dhmsio kleid
n.
s Zn ,
na upologzei to
m = s2
( mod n)
kai akolojwc
to opoo fusik o paralpthc ja nomzei ti prorqetai ap ton apostola

Eutuqc, gia thn asfleia tou prwtokllou, h pijanthta to (tuqao)
na
qei kpoio nhma enai pol mikr.
2.4

baszetai sto prwtkollo twn
Die
El Gamal
kai
El Gamal
protjhke ap ton
Hellman
Taher El Gamal
to 1984 kai
pou perigryame nwrtera.
Oi qrstec pou prkeitai na summetsqoun sto prwtkollo qreizetai na akoloujsoun ta
aklouja bmata gia kje fsh tou prwtokllou.
Dhmiourga
stoiqeo
to
g Zp
g a mod p.
Kje qrsthc epilgei nan meglo prto arijm
kleidio
kajc kai na tuqao akraio
An o qrsthc
prpei na brei to dhmsio kleid
PA
tou
jlei na epikoinwnsei me ton qrsth
A ki stw PA = (p, g, g a mod p).
metatrpei to mnuma pou jlei na stelei se nan arijm
epilgei nan tuqao akraio
ttoion ste
qreizetai na upologsei tic posthtec
to mnuma
ologzei to
mnuma
2 k p 2.
= g k mod p
p1a mod p,
upologzontac to
A,
afo qei lbei to
gia to opoo isqei ti
( a ) mod p,
dhmiourg stoiqeo
tte prin ap la
Akolojwc, o qrsthc
sto disthma
{0, . . . , p 1}
kai
Gia na kruptografsei to mnuma
= m(g a )k mod p,
g = 2 Z2357
c,
kai tloc stlnei
qrhsimopoie to mustik kleid
p1a = a = g ak .
kajc isqei ti
Upojtoume ti o qrsthc
Pardeigma
kai
c = (, ).
Apokruptogrfhsh
to
(p, g, g a mod p), en to mustik kleid
a.
Kruptogrfhsh
ston qrsth
na dhmiourg
a ttoion ste 2 a p 2 kai katpin upologzei
To dhmsio kleid tou qrsth enai h trida
enai o akraioc
p,
kai up-
Tloc, anakt to
a g ak mg ak m ( mod p).
qei dialxei ton prto arijm
kai ton akraio
a = 1751.
p = 2357,
to
Mpore sunepc na upologsei
g a mod p = 21751 mod 2357 = 1185 kai to dhmsio kleid tou enai PA = (p = 2357, g = 2, g a
mod p = 1185).
An o qrsthc
upologzei ta
Epomnwc, o
jlei na stelei to mnuma
= g k = 21520 mod 2357 = 1430
stlnei to mnuma
O teleutaoc upologzei ta
2035,
m = 2035, epilgei na k = 1520 kai sthn sunqeia
c = (1430, 697)
kai
ston
(p, g, g a )
El Gamal
gia ton qrsth
na stelei na mnuma
A.
p1a = 1430605 mod 2357 = 872 kai m = 872697 mod 2357 =
epomnwc qei katafrei na anaktsei to mnuma
Upografc
= 2035 11851520 mod 2357 = 697.
m.
Kat' arqc, to stdio thc dhmiourgac tou dhmsiou kleidio

enai dio pwc kai sto prwtkollo kruptogrfhshc. 'Otan o
m ston B , arqik dialgei nan tuqao akraio k
ttoion ste
PA =
jlei
2 k p2
kai
gcd(k, p 1) = 1
mod p 1.
kai upologzei ta
H yhfiak upograf tou
'Otan o paralpthc
gia to mnuma
kai
enai to zegoc
s = k 1 {h(m) ar}
(r, s).
prei to mnuma kai thn upograf, arqik brskei to dhmsio kleid
tou apostola kai epibebainei ti

upologzei ta
r = g k mod p, k 1 mod p 1
1 r p1
allic aporrptei to mnuma.
v1 = g ar rs mod p, h(m) kai v2 = g h(m) mod p.
An isqei ti
Sthn sunqeia,
v1 = v2
tte dqetai
to mnuma kai thn upograf, allic ta aporrptei.

Gia na apodexoume ti to sugkekrimno prwtkollo yhfiakc upografc enai swst, arke
na jewrsoume thn sqsh
me
tte prokptei
ks = {h(m) ar} mod p 1
to dhmiourg stoiqeo
kai sunepc
s = k 1 {h(m) ar} mod p 1.
kai
sta do mlh, prokptei ti
An pollaplasisoume kai ta
h(m) = ar + ks mod p 1.
g h(m) = g ar+ks mod p
g h(m) = (g a )r (g k )s = (g a )r (r)s mod p
mlh
An uysoume
(ap to Jerhma 33)
kai sunepc isqei ti
v1 = v2 .
3 Elegqoc prtwn arijmn

Se aut thn enthta, ja asqolhjome me to prblhma thc ereshc meglwn prtwn arijmn.
Arqik ja exetsoume to zthma thc puknthtac twn prtwn arijmn, akolojwc ja exetsoume
mia elogh prosggish sto prblhma tou elgqou gia to an nac megloc arijmc enai prtoc
kai ja parousisoume nan apodotik pijanotik algrijmo elgqou pou anptuxan o
Rabin.
Agrawal, Kayal
Tloc, ja parousisoume ton algrijmo twn
kai
Saxena
Miller kai o
pou to 2002 se
mia pol shmantik ergasa gia thn jewra arijmn parousasan nan nteterministik algrijmo
pou epilei to prblhma tou elgqou se poluwnumik qrno.
Ja dsoume megalterh mfash
sthn parousash pijanotikn algorjmwn, kajc enai grhgorteroi kai parousizoun idiatero
endiafron gia didaktikoc lgouc.
Se pollc efarmogc (pwc h kruptografa), qreizetai
Puknthta twn prtwn arijmn
na brome meglouc tuqaouc prtouc arijmoc.
Eutuqc, oi megloi prtoi den enai pol
spnioi, opte se elogo qronik disthma mporome na elgxoume tuqaouc meglouc arijmoc
mqri na breje kpoioc prtoc. H sunrthsh katanomc
arijmn pou enai mikrteroi soi me to
arijmo mikrteroi soi me to
12,
n.
Gia pardeigma,
oi opooi enai oi
arijmn parqei mia qrsimh prosggish gia to
Jerhma 42.
(Jerhma prtwn
(n)
limn n/
ln n
(n) prosdiorzei ton arijm twn prtwn

(12) = 4
2, 3, 5, 7
kai
11.
afo uprqoun
prtoi
To jerhma twn prtwn
(n).
arijmn)
= 1.
Mporome na qrhsimopoisoume to jerhma twn prtwn arijmn gia na ektimsoume thn pijanthta ti nac tuqaa epilegmnoc akraioc
na exetsoume perpou
ln n
na enai prtoc wc
1/ ln n.
tuqaa epilegmnouc akeraouc kont sto
nan prto me dio mgejoc pwc to
n.
n,
Sunepc, ja prpei
tsi ste na brome -
Gia pardeigma, gia na brome nan prto me
mpore na qreiaste na exetsoume perpou
ln 2512 355
tuqaouc arijmoc twn
512 bits,
512 bits.
Sthn
pragmatikthta, ja prpei na exetsoume touc misoc, an perioristome se perittoc akeraouc.

Sto uploipo autc thc enthtac, ja asqolhjome me to prblhma tou elgqou an nac
megloc perittc akraioc enai prtoc qi.
Ja qrhsimopoiome thn bolik upjesh ti o
paragontopoietai se prtouc pargontec wc
n = pe11 pe22 . . . perr ,
pou
O
r 1, p1 , p2 , . . . , pr
enai oi prtoi pargontec tou
enai prtoc an kai mno an
r=1
kai
n kai oi e1 , e2 , . . . , er
enai jetiko akraioi.
e1 = 1.
Mia apl prosggish sto prblhma tou elgqou enai h exonuqistik diaresh. Dokimzoume
na diairsoume to
me kje akraio
akeraouc. Enai profanc ti o

akeraouc den diaire to
n.
kai epomnwc
exetzontac mno to
kai touc perittoc
n enai prtoc an kai mno an kannac ap touc proanafermenouc
Upojtontac ti kje diaresh apaite stajer qrno, o qrnoc ekt-
leshc thc qeirterhc perptwshc enai

Upenjumzoume ti an to
2, 3, . . . , n,
( n),
o opooc enai ekjetikc wc proc to mkoc tou
anaparstatai sto duadik alfbhto me
n = (2/2 ).
bits,
tte
n.
= log(n + 1)
'Ara, h dokimastik diaresh douleei kal mno an to
enai mikr
tuqanei na qei kpoion mikr prto pargonta. 'Eqei to pleonkthma pwc den apofanetai mno
gia to an o
enai prtoc, all epistrfei kai nan prto pargonta sthn antjeth perptwsh.
Sthn enthta aut endiafermaste mno na mjoume an nac arijmc
enai prtoc; an o
enai snjetoc den mac endiafrei na brome thn paragontopohs tou se prtouc pargontec.
Enai mllon endiafron to ti enai eukoltero na apanthje an nac arijmc enai prtoc ap to
na breje h paragontopohs tou an enai snjetoc.
3.1
Pijanotiko algrijmoi
'Elegqoc
yeudoprtwn
Ja exetsoume tra mia mjodo gia legqo prtwn arijmn pou
sqedn douleei kai enai arket kal stic perissterec periptseic. Argtera, ja ekleptnoume
thn mjodo ste na mhn qei kpoio meionkthma. 'Estw
tou
Zn+
to snolo twn mh-mhdenikn stoiqewn
Zn :
Zn+ = {1, 2, . . . , n 1}.
An o
enai prtoc, tte
Lme ti o
enai
Zn+ = Zn .
yeudoprtoc me
bsh
an o
an1 1 (
Ap to jerhma tou
enai snjetoc kai
mod n).
(21)
Fermat (Jerhma 31) sunepgetai ti an o n enai prtoc, tte to n ikanopoie
thn exswsh (21) gia kje
a.
Sunepc, an mporsoume na brome kpoio
gia to opoo to
ikanopoie thn exswsh, tte mporome na apofanjome me bebaithta ti to

akraioc. To antjeto isqei
sqedn
nac arijmc enai prtoc qi.
den
enai snjetoc
pnta, epomnwc qoume na arket kal kritrio gia to an
Dokimzoume na dome an to
ikanopoie thn exswsh (21) gia
a = 2.
An qi, tte lme ti to
enai snjetoc. Allic, upojtoume ti to
sthn pragmatikthta to mno pou xroume enai pwc to

bsh
enai prtoc (tan
enai ete prtoc ete yeudoprtoc me
a).
O akloujoc algrijmoc genikeei thn parapnw diadikasa gia na elgxei to

ton algrijmo
n.
ap thn enthta 1.2. H esodoc
ti enai kpoioc perittc akraioc megalteroc tou
Qrhsimopoie
upojtoume
2.
PSEUDOPRIME(n)
1 an
MODULAR-EXPONENTIATION(2, n 1, n) = 1 ( mod n)
tte epstreye SUNJETOS
allic epstreye PRWTOS
\\sgoura
\\
elpzoume
Autc o algrijmoc mpore na knei ljh, all mno enc edouc.

snjetoc, tte enai opwsdpote snjetoc.
knei ljoc an o
An mwc pei pwc o
enai yeudoprtoc me bsh to
oi
22
341, 561, 645
timc tou
1105.
kai
mikrterec ap
enai prtoc, tte mpore na
10, 000
Eutuqc, kti ttoio sumbanei spnia.
Up-
enai
gia tic opoec knei ljoc; oi prtec
bits
tenei sto
kajc
akribsterouc upologismoc, mporome na dexoume ti nac arijmc twn

o algrijmoc apofaszei ti enai prtoc, qei pijanthta mikrterh ap
enai
Mpore na apodeiqje ti h pijanthta ti o algrijmoc knei ljoc
gia nan tuqaa epilegmno arijm twn
doprtoc bshc
a.
Pso suqn mpore na gnei na ttoio ljoc?

rqoun mno
An dhlad pei pwc o
kai nac tuqaa epilegmnoc arijmc me
lei ti enai prtoc, qei pijanthta mikrterh ap
1024 bits,
stic
1041
Qrhsimopointac
512 bits,
stic
gia ton opoo
1020
na enai yeu-
gia ton opoo o algrijmoc
na enai yeudoprtoc bshc
2.
Epomnwc, an mia efarmog aplc qreizetai nan meglo prto arijm, enai protimtero na
akoloujsoume ton parapnw algrijmo o opooc sthn prxh douleei.
An mwc o arijmc pou
exetzoume den enai tuqaa epilegmnoc, tte enai anagkaa mia kalterh prosggish.
Dustuqc, den mporome na glutsoume ap ta ljh, allzontac aplc thn bsh
exswsh 21, gia pardeigma stw pwc
thn 21 gia la ta
arijmo
mno
a.
Carmichael
a = 3,
giat uprqoun snjetoi akraioi
Auto oi akraioi enai gnwsto wc
enai to
561, 1105
255 mikrteroi tou 100, 000, 000.
algrijmo, tsi ste oi arijmo
kai
1729.
arijmo
Carmichael.
gia thn
pou ikanopoion
Oi prtoi treic
Enai arket spnioi; gia pardeigma uprqoun
Akolojwc, ja dexoume pc mporome na beltisoume ton
Carmichael
na mhn apotelon prblhma.
'Elegqoc
Miller-Rabin
gia prtouc
O legqoc
Miller-Rabin gia to an nac arijmc enai
prtoc qi apofegei ta meionektmata thc prohgomenhc mejdouc me tic akloujec allagc
Dokimzei diforec tuqaa epilegmnec timc gia thn bsh
Kajc upologzei tic uyseic se dnamh, exetzei an breje mia mh-tetrimmnh tetragwnik
rza tou
1 modulo n.
ant gia mno ma.
An nai, tte stamatei kai apofanetai pwc o arijmc enai snjetoc.
To prisma 36 exhge giat sumbanei aut.
Sthn sunqeia, parousizoume ton algrijmo pou exetzei an ma sugkekrimnh tim tou
mrturac gia to ti o
a enai
enai snjetoc arijmc, kajc kai kpoia sqlia gia thn leitourga tou.
WITNESS(a, n)
1
n 1 = 2t u
x0 MODULAR-EXPONENTIATION(a, u, n)
3 gia
i1
xi x2i1 mod n
an
mqri
xi = 1
kai
xi1 = 1
tte epstreye ALHJES
xi = 1
7 an
8
tte epstreye ALHJES
9 epstreye YEUDES
O algrijmoc
WITNESS
upologzei to
an1 mod n
upologzontac prta thn tim
x0 = au
mod n sthn gramm 2, uynontac met to apotlesma sto tetrgwno t forc sthn seir (grammc
3-6).
Me anagwg sto
sqsh
2i u
xi a
gia
i,
h akolouja
i = 0, 1, . . . , t,
x0 , x1 , . . . , xt
opte
twn timn pou upologzontai ikanopoie thn
xt an1 mod n.
'Opote ekteletai h gramm 4, o br-
qoc mpore na termatiste prwra an stic grammc 5-6 anakalufje mia mh-tetrimmnh tetragwnik
rza tou
1.
An aut sumbe, o algrijmoc termatzei kai epistrfei ALHJES. Oi grammc 7-8
epistrfoun ALHJES an h tim pou upologsthke gia to
1,
xt an1 mod n
gia ton dio lgo pou epistrfei ALHJES kai o algrijmoc
diafrei ap to
PSEUDOPRIME.
Tloc, sthn
gramm 9 epistrfetai h tim YEUDES, an o algrijmoc den qei termatsei nwrtera.

Ja dexoume tra pwc an o
WITNESS(a, n)
epistryei ALHJES, tte o
enai snjetoc.
An o
WITNESS
mod n = 1.
An o
xt = an1
epistryei ALHJES sthn gramm 8, tte qei anakalyei ti

tan prtoc, tte ap to jerhma tou
mod n gia la ta a Zn+ .
Sunepc, o
Fermat
ja prpei na isqei
an1 1
n den mpore na enai prtoc kai h sqsh an1 mod n = 1
enai h apdeixh gi' aut.

An o
WITNESS
epistryei ALHJES sthn gramm 6, tte qei anakalyei ti to
mh-tetrimmnh tetragwnik rza tou
mod n).
1 modulo n,
To prisma 36 dhlnei pwc mno an o
tetragwnik rza tou
1 modulo n,
afo
xi1 = 1( mod n)
dedomna
kai
epomnwc katalgoume sto ti o
xi x2i1 1(
enai snjetoc.
WITNESS. An h klsh WITNESS(a, n)
enai sgoura snjetoc, ki aut mpore na apodeiqje gia ta
n.
Proqwrme tra sthn parousash tou algorjmou
NESS.
enai
enai snjetoc mpore na uprqei mh-tetrimmnh
'Etsi, oloklhrnetai h apdeixh gia thn orjthta tou

epistryei ALHJES, tte o
en
xi1
Upojtoume kai pli ti to
MILLER-RABIN
pou baszetai sto
enai perittc akraioc megalteroc ap
WIT-
2.
MILLER-RABIN(n, s)
1 gia
j1
a RANDOM(1, n 1)
mqri
an
WITNESS(a, n)
tte epstreye SUNJETOS
5 epstreye PRWTOS
O algrijmoc
snjetoc.
\\
elpzoume
sgoura
MILLER-RABIN
enai mia pijanotik anazthsh gia mia apdeixh ti o
O krioc brqoc dialgei
enai mrturac, tte o
\\
tuqaec timc tou
MILLER-RABIN
ap to
dokimc, tte o
sumbanei giat den uprqei kannac mrturac kai sunepc o

ti aut h apfash enai pijantata swst an to
pijanthta na maste tuqoi kat thn epilog twn
Gia pardeigma, stw
ti epilgoume
a = 7,
s
a
WITNESS
MILLER-RABIN
n enai prtoc.
upologzei thn akolouja
WITNESS
Mia ttoia
enai swstc.
An
upojtei pwc aut
Ja dexoume paraktw
enai arket meglo, all uprqei mia mikr

kai na uprqei kpoioc mrturac.
n o arijmc Carmichael 561, tsi ste n1 = 560 = 24 35.
xroume ti o
enai
An kpoio ap ta
apofanetai SUNJETOS sthn gramm 4.
apfash enai pntote swst, ap to gegonc ti o algrijmoc

den breje kannac mrturac se autc tic
Zn+ .
upologzei to
X =< 241, 298, 166, 67, 1 >.
Upojtontac
x0 a35 241 ( mod 561)
kai
'Ara, anakalyame mia mh-tetrimmnh
tetragwnik rza tou
1,
afo
enai mrturac gia to ti o
RABIN
O(s)
a280 67 ( mod n)
enai snjetoc, o
epistrfei SUNJETOS. An o
O(s 3 )
arijmhtikc prxeic kai
qreizetai gia
Anlush
RABIN
kai
a560 1 ( mod n).
WITNESS
epistrfei ALHJES kai o
apoteletai ap
prxeic me
bits,
Epomnwc, to
bits,
a=7
MILLER-
MILLER-RABIN
apaite
kajc asumptwtik apaitei sh doulei
uyseic se dnamh.
thc
pijanthtac
apofanje ti o
Se antjesh me ton
ljouc
tou
elgqou
Miller-Rabin
An o
MILLER-
enai prtoc, tte uprqei mia mikr pijanthta ti qei knei ljoc.
PSEUDOPRIME,
aut h pijanthta ljouc enai anexrthth ap to
uprqoun sqhmec esodoi gia ton algrijmo aut. Exarttai mwc ap to mgejoc tou
tuqaec epilogc gia ta difora
a.
n;
den
kai tic
Epiplon, epeid kje legqoc enai austhrteroc ap nan
apl legqo gia an isqei h sqsh (21), mporome na elpzoume ti h pijanthta ljouc enai mikr
gia nan tuqao akraio
Jerhma 43.
to gegonc enai
Jerhma
algrijmoc
44.
An to
n.
n
To aklouja jewrmata parqoun thn apnthsh.
enai perittc snjetoc akraioc, tte o arijmc twn martrwn gia aut
toulqiston
Gia
kje
3(n 1)/4
peritt
Miller-Rabin(n, s)
n > 2
akraio
knei ljoc
enai to
kai
kje
pol
4s
jetik
akraio
pijanthta
ti
s = 50
tte qoume na pol ikanopoihtik eppedo asfleiac gia tic
perissterec pijanc efarmogc.
An aut pou jloume enai na brome kpoion meglo prto
Sunepc, an jsoume
arijm kai efarmzoume ton algrijmo

tte akma kai mia mikr tim tou
Miller-Rabin
(stw
s = 3)
se
tuqaa
epilegmnouc meglouc akeraouc,
stic perissterec periptseic ja dsei kal
apotelsmata. Aut shmanei pwc gia nan tuqaa epilegmno peritt akraio
arijmc twn mh-martrwn enai arket mikrteroc tou
3.2
n,
o anamenmenoc
(n 1)/4.
O nteterministikc algrijmoc
Tloc, parousizoume ton prto nteterministik algrijmo pou apofanetai gia to an nac
dedomnoc arijmc enai prtoc qi qwrc na sthrzetai se kpoia anapdeikth upjesh (pwc
p.q. h Upjesh tou
Riemann).
O algrijmoc baszetai sto akloujo Lmma.
Lmma 45.
kai
'Estw
aZ nN
,
me
n2
kai
gcd(a, n) = 1
Tte
enai
prtoc
arijmc
an
mno an
(X + a)n X n + a ( mod n).

Apdeixh.
Gia
0 < i < n, o suntelestc tou xi
'Estw ti o
enai ntwc prtoc arijmc.
loi oi suntelestc enai soi me

'Estw ti o
kai stw ti
sthn kfrash
Tte, isqei
( )
((X + a)n (X n + a)) enai nk ani .
(n)
ti
k = 0 ( mod n) kai sunepc
0.
enai snjetoc kai ac jewrsoume nan prto
q k |n.
Tte, o
epomnwc o suntelestc tou
((X + a)n (X n + a))
Xq
qk
den diaire to
(n)
k
pou na enai pargontac tou
kai enai sqetik prtoc me to
modulo n).
den enai isodnamoc me mhdn (
modulo Zn )
den enai pntote isodnamh me mhdn (
enai ti qreizetai qrnoc
(n)
kai
Epomnwc, h kfrash
sto
Zn .
To parapnw Lmma enai sthn ousa nac aplc legqoc gia to an nac arijmc
Arke na dialxoume nan akraio
anq
kai na elgxoume an isqei h isodunama.
n enai prtoc.
To meionkthma
giat sthn qeirterh perptwsh qreizetai na upologsoume
suntelestc sto arister mloc thc isodunamac. Ma apl mjodoc gia na meisoume ton arijm
twn suntelestn enai na brome thn tim kai twn do meln thc isodunamac tan douleoume
modulo
na polunumo thc morfc
Xr 1
gia mia katllhla epilegmnh mikr tim tou
r.
Me
lla lgia, arke na elgxoume an isqei h akloujh isodunama
(X + a)n X n + a (
mod X r 1, n).
(22)
Ap to Lmma 45 prokptei ti loi oi prtoi arijmo ikanopoion thn isodunama 22 gia lec tic
timc twn
a, r.
Ap thn llh pleur, parousizetai to prblhma ti uprqoun plon kai snjetoi
arijmo pou ikanopoion thn isodunama 22 gia kpoiec timc twn

ti an epilxoume na katllhlo
Mporome mwc na dexoume
tte an ikanopoietai h 22 gia arket
enai dnamh kpoiou prtou arijmo. O arijmc twn

ap pnw ap na polunumo tou
a, r.
log n,
a,
tte o
kai h h katllhlh tim tou
prpei na
frssontai
opte katalgoume se nan nteterministik algrijmo
poluwnumiko qrnou pou apokrnetai gia to an nac dedomnoc arijmc enai prtoc.
Akolojwc parousizoume ton algrijmo.
'Estw ti sthn esodo qoume nan akraio
gia
ton opoo jloume na apofanjome an enai prtoc qi.
1. Arqik, o algrijmoc elgqei an isqei
n = ab
gia kpoion akraio
opte kai epistrfei thn apnthsh 'SUNJETOS'.
aN
kai gia
b > 1,
2. Sthn sunqeia brskei ton mikrtero akraio

pou jumzoume ti me
stoiqeo
3. Elgqei an
ordr (n)
tan douleoume
gia thn opoo isqei ti
ordr (n) > log2 n,
sumbolzoume thn txh thc upoomdac pou orzetai ap to
modulo r.
1 gcd(a, n) < n
gia kpoio
a r,
opte ki epistrfei thn apnthsh 'SUNJE-
TOS'.
4. Elgqei an isqei
5. Gia tic timc tou
mod X r 1, n)
nr
ap
opte ki epistrfei 'PRWTOS'.
wc
(r) log n
o algrijmoc elgqei an
(X + a)n = X n + a (
opte ki epistrfei 'SUNJETOS'.
6. O algrijmoc epistrfei thn apnthsh 'PRWTOS'.
Jerhma 46.
parapnw algrijoc
epistrfei 'PRWTOS' an kai
mno
an
enai prtoc.
Gia thn apdeixh tou parapnw jewrmatoc, ja qreiaste na apodexoume ti an isqei to na

skloc thc prtashc, tte isqei opwsdpote kai to llo.
Lmma 47.
Apdeixh.
An o
An o
enai prtoc, tte
algrijmoc
enai prtoc, tte ta bmata
epistrfei 'PRWTOS'.
kai
den ja epistryoun se kama perptwsh
thn apnthsh 'SUNJETOS'. Ap to Lmma 45 o brqoc epshc den ja epistryei 'SUNJETOS'.

Epomnwc, o algrijmoc ja epistryei 'PRWTOS' ete sthn gramm
ete sthn gramm
6.
Gia thn oloklrwsh thc apdeixhc tou Jewrmatoc 46 arke na isqei to akloujo Lmma, to
opoo paratjetai qwrc apdeixh.
Lmma 48.
An o
algrijoc epistryei 'PRWTOS', tte o
enai
prtoc.
4 Efarmogc thc kruptografac

Sthn enthta aut ja exetsoume kpoiec perisstero praktikc efarmogc thc kruptografac
kai twn prwtokllwn pou parousisame sta prohgomena keflaia.
Ja parousisoume kpoia
prwtkolla pou epitrpoun thn diamorash kpoiou mustiko stouc qrstec me trpo pou den
ja blptei thn idiwtikthta tou mustiko, pwc kai prwtkolla pou epitrpoun thn dsmeush
twn qrhstn se sugkekrimnec apofseic kai ja apotrpoun thn usterboulh allag touc. Tloc, ja perigryoume kpoiec efarmogc touc se eklogc, dhmoprasec kai mikrosunallagc sto
Diadktuo.
4.1
Sqmata diamorashc mustiko kai prwtkolla dsmeushc
Diamorash
mustiko
'Estw ti kpoioc kentrikc qrsthc qei sthn dijes tou mia
mustik plhrofora, thc opoac thn duadik anaparstash thn sumbolzoume me
S.
c ja jele na moirsei thn mustik plhrofora se kpoiouc llouc qrstec (stw

touc) me ttoio trpo ste an sunergaston toulqiston
O qrsthto pljoc
ap autoc na mporon na epanasun-
jsoun thn plhrofora. Sthn antjeth perptwsh, o qrsthc ja jele qi mno na mhn mporon na
broun to
S,
all kai na mhn qoun mjei kti perisstero gia to
ap ti xeran prin kan gnei h
password'
diamoras tou. Gia pardeigma, stw ti o kentrikc qrsthc qei wc mustik thn lxh '
kai thn moirzei se
oi
4 qrstec dnontac do grmmata ston kajna touc.
Tte, an sunergaston kai
4 mporon na anaktsoun to S , an mwc enai ligteroi tte nai men den mporon na anaktsoun
kateujean thn plhrofora, qoun mwc perissterh plhrofora gi' aut kai epomnwc touc enai
eukoltero na to broun dokimzontac lec tic pijanc lseic (upojtoume ti gnwrzoun to mkoc
thc lxhc).
Exetzoume arqik thn perptwsh pou prpei na sunergaston loi oi qrstec prokeimnou na
epanasunjsoun to mustik, me lla lgia tan
k = n.
O kentrikc qrsthc ektele ta aklouja
bmata.
1. Arqik, dialgei nan meglo prto arijm
p,
ttoion ste
S <p
ki epomnwc isqei ti
S Zp .
2. Dialgei tuqaa
3. Upologzei to
ai Zp
an = S
gia
i = 1, . . . , n 1
n1
i=1
ai ( mod n)
kai dnei to
ai
ston
kai to dnei ston
i-ost
n-ost
qrsth.
qrsth.
An ntwc sunergaston kai oi

na epanasunjsoun to
stw ti den dqetai o
na broun to
ja prokyei.
S,
qrstec, tte arke na ajrosoun ta
afo isqei
n-ostc
S =
i=1 ai .
qrsthc na dsei to
ai
pou katqoun gia
'Estw ti sunergzontai
an .
n1
qrstec ki
Tte, oi uploipoi qrstec prokeimnou
an Zp
mporon na dokimsoun na mantyoun to
kai na exetsoun to
pou
Aut mwc enai isodnamo me to na mantyei kpoioc qrsthc ap mnoc tou na
S Zp , epomnwc oi sunergazmenoi qrstec den qoun apoktsei kpoia epiprsjeth plhrofora

ap thn sunergasa.
'Estw tra h perptwsh pou arke na sunergaston
qrstec, me
k < n.
Enai profanc ti
to prohgomeno sqma den douleei kai qreizetai na skeftome kti perisstero ekleptusmno.
O kentrikc qrsthc ektele ta aklouja bmata.
1. Arqik, dialgei nan meglo prto arijm
p,
ttoion ste
S <p
ki epomnwc isqei ti
S Zp .
2. Dialgei tuqaa
ai Zp
3. Orzei thn sunrthsh
4. Tloc, dnei to
f (i)
gia
i = 1, . . . , k 1.
f (x) = S + a1 x + a2 x2 + . . . + ak1 xk1 ( mod p).
ston
i-ost
qrsth.
Parathrome ti sthn ousa qoume

An sunergaston toulqiston
exisseic me
agnstouc, touc
qrstec, tte arke na lsoun na ssthma
agnstouc kai na upologsoun to

exissewn me
S.
S, a1 , a2 , . . . , ak1 .
k
exissewn me
Sthn antjeth perptwsh, prokptei na ssthma
k1
agnstouc, opte oi sunergazmenoi qrstec den mporon na upologsoun to
S,
ote qoun apokomsei kpoia epiprsjeth plhrofora pou touc dieukolnei ston upologism tou.
Prwtkolla
dsmeushc
Sthn sunqeia ja asqolhjome me prwtkolla dsmeushc kai
exetzoume to akloujo pardeigma. Ac upojsoume ti h
Alice
kai o
Bob
qoun prei diazgio,
mnoun plon se diaforetikc pleic kai yqnoun nan trpo na apofassoun poioc ja prei to
autoknhto.
Sumfwnon sto na stryoun na krma, all o
ja rjei 'korna' kai na akosei thn
Alice
Alice
den ja jele na dialxei ti
na tou anakoinnei ap to thlfwno ti telik to
apotlesma enai 'grmmata'. Ja jlame loipn na mpore o

na to anakoinsei sthn
Bob
kai aut na rxei to krma.
Bob
na dialxei na apotlesma qwrc
To epijumht enai to apotlesma pou
dilexe o
Bob
Alice
kai to apotlesma pou tou anakonwse h
na mhn mporon na allxoun kat
thn dirkeia ektleshc tou prwtokllou.

Uprqoun arket prwtkolla pou mpore na qrhsimopoisei kanec se ttoiec periptseic, emec
ja arkestome sthn perigraf kpoiwn apln mejdwn. H ma ap autc baszetai sto prblhma
tou diakrito logarjmou kai h llh sto prblhma thc paragontopohshc.
kai o
Bob
sunqeia, h
wc exc: o
Alice
Bob
epilgei tuqaa nan akraio
kaletai na mantyei an o
miso akraioi sto
Zp
b = g a ( mod p)
kai to metaddei ston
Tte, h
Alice
a Zp .
Alice
g Zp .
Sthn
kai na dhmiourg stoiqeo
Mpore plon na dei kanec to prblhma
enai perittc rtioc arijmc.
enai peritto kai oi lloi miso enai rtioi. Epomnwc, h
Bob,
kaletai na apokalyei to
ymata gia thn tim tou

Epiplon, o
Alice upologzei to
a
kai an enai perittc tte kerdzei o
Alice.
Parathrome ti h
pou qei epilxei, kajc mno na
Bob
Shmeinoume ti oi
o opooc stw ti apofaszei ti o
antjeth perptwsh to autoknhto to parnei h
( mod p).
sumfwnon se nan meglo prto arijm
Sthn prth, h
a Zp
Bob,
en sthn
den mpore na pei
qei thn idithta ti
den mpore na qrhsimopoisei thn gnsh tou
na logik (poluwnumik) qronik disthma an o
Alice
enai perittc.
b = ga
gia na apofassei se
a enai perittc qi, kajc aut ja smaine ti
qei kpoion poluwnumik algrijmo gia to prblhma tou diakrito logarjmou.

H deterh mjodoc baszetai, pwc proanaframe, sto prblhma thc paragontopohshc kai
enai h akloujh. Arqik, h
Alice
epilgei do meglouc prtouc arijmoc
kai oi do na enai isodnamoi ete me

to anakoinnei ston
( mod 4).
kai
Bob
Bob.
3 modulo 4
ete me
kai
ttoiouc ste
Upologzei to
Shmeinoume ti pwc kai na epilqjhkan oi
kai
q,
n = pq
isqei ti
kai
n=1
kaletai plon na apofassei (msa se na sntomo qronik disthma) an oi
enai isodnamoi me
me
kai sthn sunqeia h
qei epilxei swst tte kerdzei, allic kerdzei h
Alice
den mpore na ekmetalleute thn gnsh tou
tou anakoinnei ta
Alice.
na pei ymata, kajc h mnh dunat paragontopohsh tou
Bob
1 modulo 4.
Shmeinoume pwc h
kai
Alice
enai oi prtoi arijmo
gia na brei ta
kai
q,
q.
An o
Bob
den mpore
kai
q,
en o
kajc aut ja smaine
ti uprqei poluwnumikc algrijmoc paragontopohshc.
4.2
Eklogc, dhmoprasec kai oikonomikc sunallagc
Se aut thn enthta parousizoume merikc efarmogc thc kruptografac pou mac epitrpoun orismnec drasthrithtec thc kajhmerinc,
pragmatopoisoume kai sto Diadktuo.
ektc Diadiktou,
zwc na mporome na tic
Ja parousisoume tic basikc idithtec pou prpei na
ikanopoion ta difora prwtkolla, qwrc mwc na upeisljoume se analutik parousash prwtokllwn.
Eklogc - hlektronikc yhfoforec
Me ton ro hlektronik yhfofora ennoome thn
skhsh tou eklogiko dikaimatoc me th qrsh hlektronikn mejdwn.
Ta jemelidh stoiqea
pou sunjtoun thn idiaterh fsh thc hlektronikc yfou kai th diaforopoion se meglo bajm
ap ta uprqonta sustmata thc eklogikc diadikasac enai h dunatthta skhshc tou eklogiko
dikaimatoc ap apstash, qwrc thn autoprswph parousa tou yhfofrou sto eklogik tmma
kai h qrsh upologistiko sustmatoc kai kat sunpeia automatopoihmnwn mejdwn, gia thn
orgnwsh kai diexagwg thc lhc eklogikc diadikasac.
H ryh mac hlektronikc yfou msw
tou Diadiktou prpei na sunodeetai ap eparkec egguseic asfleiac ti h tautthta tou

yhfofrou den ja apokalufje kat th dirkeia thc metaforc kai thc epexergasac thc yfou,
pwc epshc kai ti to perieqmen thc den ja metablhje, lgw mh apotelesmatikc leitourgac
tou sustmatoc exaitac eklogikc lajroqeirac. Me bsh ta parapnw, hlektronik eklogik
ssthma orzetai to ssthma ekeno pou enai proorismno na exuphretsei tic angkec diexagwgc
miac hlektronikc yhfoforac.
Prokeimnou na sqediaste na ssthma hlektronikc yhfoforac to opoo ja qrhsimopoihje
gia eklogc eureac klmakac enai aparathto na plhrontai merikc basikc propojseic:
Dhmokratik:
Mno oi yhfofroi pou qoun dikawma yfou mporon na yhfsoun, en
kannac yhfofroc den qei to dikawma na yhfsei pnw apo ma forc
Mustik:
lec yfoi paramnoun mustikc kat th dirkeia upobolc yfwn kai kannac
den enai se jsh na sundsei thn tautthta enc yhfofrou me thn ekstote yfo tou
Akribc:
kama yfoc den mpore na alloiwje na katametrhje perissterec apo ma
forc. Epshc, kama yfoc den mpore na diagrafe ap tic eklogikc arqc all ote kai
ap opoiousdpote llouc pargontec
Prostateumeno apo katanagkasm: o yhfofroc den katqei ote mpore na dhmiourgsei

mia apdeixh pou na deqnei to perieqmeno thc yfou
Anjektik: kje kakboulh sumperifor apo opoiondpote pargonta mpore na antimetwpiste
Amerlhpto:
kannac den enai se jsh na mjei to apotlesma thc eklogikc diadikasac
prin thn telik katamtrhsh twn yfwn. Sunepc, diasfalzetai ti den ja ephreaston oi
teleutaoi qronik yhfofroi msw thc anakonwshc miac ektmhshc tou apotelsmatoc kai
ti den parqetai na pleonkthma se na sugkekrimno snolo ontottwn
Eukola summetoqc twn yhfofrwn
Oikoumenik epalhjesimo: kje exwterikc parathrhtc mpore na peiste gia thn orjthta
twn eklogikn apotelesmtwn
Enai dskolo na kajorsei kanec pte akribc gine h prth dhmoprasa
Dhmoprasec
sto Diadktuo, enai gnwst mwc pwc autc eqan arqsei na diexgontai msw hlektroniko
newsgroups
taqudromeou kai
thn dekaeta tou
pou diexgontan
90,
dh ap to
1988.
Me thn ragdaa anptuxh tou Diadiktou kat
tan anapfeukto na qrhsimopoihje aut h na teqnologa stic dhmoprasec
online,
opte kai prokuye h angkh gia kruptografik asfal prwtkolla
dhmoprasac.
Gia na enai asfal ta prwtkolla pou qrhsimopoiontai gia dhmoprasec sto Diadktuo,
qreizetai na ikanopoiontai orismnec idithtec pou merikc forc enai allhlosugkroumenec,
me apotlesma na mhn uprqei kpoio prwtkollo pou na tic ikanopoie lec tautqrona.
Sth
sunqeia anafrontai orismnec ap autc tic idithtec.
Orjthta:
An soi summetqoun sth dhmoprasa ferjon dkaia tte h swst nikhtria
tim kai o swstc nikhtc ja anagnwriston kai ja anadeiqjon smfwna pnta me touc
kannec thc dhmoprasac
Dikaiosnh:
H dikaiosnh perilambnei ti kannac pleiodthc den qei kami plhrofora
gia tic llec prosforc prin upobllei thn dik tou. H idithta aut perilambnetai epshc
kai sthn empisteutikthta. Epiplon, h dikaiosnh sunepgetai ti afo kpoioc pleiodthc
upobllei thn prosfor tou, tte h prosfor aut den mpore na metablhje kai pwc kannac
pleiodthc den mpore na arnhje thn prosfor tou afo thn qei upobllei.
To gegonc
aut kaletai pollc forc kai mh-aprnhsh thc prosforc
Eurwsta: H kakboulh sumperifor opoioudpote summetqei sth dhmoprasa den ja prpei

na jtei se knduno to ssthma na odhge se ljoc apotelsmata.
H eurwsta enai
sumplhrwmatik idithta thc orjthtac kai eggutai ti an uprqei kpoio telik apotlesma, tte to apotlesma aut enai to swst opoiadpote apotuqa epjesh kai na qei
sumbe sto ssthma
Empisteutikthta: Oi dhmoprtec den ja prpei na gnwrzoun thn axa twn prosforn mqri
th fsh tou anogmatc touc.
Gia to lgo ti an den sumbanei aut mporon na gnoun
kpoiec sunergasec me stqo ta proswpik sumfronta kpoiwn (anloga kai me to edoc kai touc kannec thc dhmoprasac pou diexgetai) kai thn telik exapthsh twn tmiwn
summeteqntwn
Anwnuma:
Oi tautthtec twn pleiodotn pou qoun qsei paramnoun empisteutikc met
thn apokluyh tou teliko nikht, tsi ste na mhn mporon na ekmetalleuton kpoioi thn
mh anwnuma me touc trpouc pou exhgontai sthn epmenh idithta
Mustikthta twn prosforn pou qasan: Oi prosforc pou den krdisan telik th dhmoprasa paramnoun mustikc, akmh kai ap ton dio to dhmoprth, met thn apokluyh tou
teliko nikht.
Ki aut giat oi pleiodtec pou qasan enai logik na mhn epijumon na
sullgoun lloi tic ektimseic touc gia ta pronta, kti pou mpore na jewrhje parabash
twn dikaiwmtwn touc, kai mpore na touc frnei se meionektikterh jsh se kpoia llh
dhmoprasa. Epiplon kpoioc pwlhtc mpore na apoktsei kpoia pleonektmata tan se
kpoia mellontik dhmoprasa jelsei na poulsei na dio parmoio antikemeno
Dhmsia epaljeush: Prpei loi oi summetqontec sth diadikasa thc dhmoprasac, kajc
epshc kai nac oudteroc parathrhtc, na enai ikano na epibebaisoun thn egkurthta twn
krsimwn diadikasin.
Krsimec diadikasec jewrontai autc pou enai ikanc na allxoun
to apotlesma thc dhmoprasac
Eukola - apotelesmatikthta :
H dhmoprasa gnetai me allhlepdrash anjrpwn.
Oi
kannec tou prwtokllou pou qrhsimopoietai gia th diekperaws thc ja prpei na enai
arket aplo tsi ste soi lambnoun mroc na mporon na touc katanosoun kai na touc
akoloujsoun se logik qrno
Oikonomikc sunallagc
Me parmoio trpo pwc kai stic prohgomenec do efarmogc,
ta kruptografik prwtkolla brkan meglh efarmog gia thn ulopohsh mejdwn pou epitrpoun
thn asfal diexagwg oikonomikn sunallagn msw tou Diadiktou.

Sthn sunqeia anafroume orismnec ap tic idithtec pou prpei na plhro na prwtkollo
oikonomikn sunallagn.
Qamhl kstoc sunallagc: to kstoc dienrgeiac miac sunallagc ja prpei na enai so

qamhl gnetai. Eidiktera, se periptseic pou diakinontai mikr pos (mikrosunallagc),
autc o pargontac enai o shmantikteroc, kajc den enai epijumht p.q. gia mia sunallag
tou
eur na uprqei prsjeth epibrunsh
0, 5
eur
Asfleia: ta prwtkolla prpei na enai anjektik se epijseic me stqo tso to na diasfalzetai ti h pistopohsh tou qrsth - apostola so kai h akeraithta tou mhnmatoc.
Epiplon, to prwtkollo prpei na exasfalzei ti na mnuma (pou antistoiqe se hlektronik nmisma) den mpore na qrhsimopoihje pnw ap ma for
Idiwtikthta: prpei na diasfalzetai ti mno oi exousiodothmnoi qrstec qoun prsbash

se plhrofora sqetik me thn tautthta tou agorast.
Shmeinoume ti sta perisstera
prwtkolla, oi agorastc summetqoun me yeudnuma.
Epiplon, ap thn stigm pou ja
oloklhrwje h sunallag, den prpei na uprqei h dunatthta na sundeje kpoia amoib me

ton agorast (pwc p.q. den jloume na mpore kpoioc qontac na qartonmisma na xrei
poioi lloi to qrhsimopohsan kat to pareljn)
Dunatthta meshc epibebawshc
Anaforc
[1] T.H. Cormen, C.E. Leiserson, R.L. Rivest and C. Stein. Introduction to Algorithms, Second
Edition. MIT Press, 2001
[2] D. Welsh. Codes and Cryptography. Carlendon Press, Oxford. 1995
[3] A.J. Menezes, P.C. van Oorschot and S.A. Vanstone. Handbook of Applied Cryptography.
CRC Press, 2001.

Kruptografða Sumplhrwmatikèc Shmei Seic

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Kruptografða Sumplhrwmatikèc Shmei Seic

Uploaded by

Copyright:

Available Formats

Panepisthmio Patrwn - Poluteqnikh Sqolh

Tmma Mhqanikn Hlektronikn Upologistn

Ptra, Mrtioc 2010

Eisagwg sthn jewra arijmn

Arijmhtikc prxeic me uploipa . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Prwtkolla dhmosou kleidio

Dhmiourga kai antallag kleidin

To prwtkollo dhmosou kleidio

To prwtkollo dhmosou kleidio tou

To prwtkollo dhmosou kleidio tou

Elegqoc prtwn arijmn

Efarmogc thc kruptografac

Sqmata diamorashc mustiko kai prwtkolla dsmeushc . . . . . . . . . . . . . .

Eklogc, dhmoprasec kai oikonomikc sunallagc

1 Eisagwg sthn jewra arijmn

twn akerawn kai to snolo

twn fusikn arijmn. Epiplon, ja perigryoume orismnouc algorjmouc pou

Diairetthta kai diairtec

Ja xekinsoume parousizontac kpoiouc orismoc sqetik me thn diaresh. To gegonc ti nac

gia kpoion akraio

enai pollaplsio tou

en profanc isqei pwc kje akraioc diaire to

tte isqei epshc ti

den diaire ton

tte aut to sumbolzoume

tte isqei kai ti

enai diairthc enc akeraou

mporome qwrc blbh thc genikthtac na jewrsoume

Sthn sunqeia tou keimnou epomnwc, ja asqolhjome

Isqei loipn pwc nac diairthc tou

gia pardeigma, oi diairtec tou

diairetai ap touc tetrimmnouc diairtec

enai toulqiston soc me

Gia pardeigma, oi pargontec tou

Jerhma thc diareshc, uploipa kai

An jewrsoume nan akraio

tte mporome na qwrsoume to snolo twn akerawn se

kai to detero ap autoc pou den enai pollaplsia tou

Mporome na epektenoume aut

Gia kje akraio

kai kje jetik akraio

, uprqoun monadiko akraioi

Mporome epomnwc na qwrsoume touc akraiouc arijmoc se omdec me bsh to uploipo

omda mpore na sumboliste kai wc

pou orzetai me bsh ton akraio

[3]7 = {. . . , 11, 4, 3, 10, 17, . . .},

Mporome epshc na sumbolsoume to gegonc

To snolo lwn autn twn klsewn isodunamac enai to

en enallaktik mpore na sumboliste wc

klp. Geniktera, protimme

enai sthn pragmatikthta mia anafor sthn

Koino diairtec kai mgistoi koino diairtec

enai diairthc tou

koino diairtec tou

kai epshc diaire kai ton

Gia pardeigma, oi diairtec tou

Isqei geniktera pwc o arijmc

diairthc opoioudpote zegouc akerawn.

d|a kai d|b, tte isqei epshc d|(a + b)

Geniktera, isqei h pol shmantik idithta ti an

d diaire opoiondpote grammik sunduasm

enai o megalteroc ap touc koinoc diairtec twn

pou den isontai kai oi do me to mhdn,