Computer Security (CE-365)

Dr. Mohamed Abdelwahab Saleh

Pharos University
Fall 2018

1 Mathematical Background
We present here some mathematical material needed to understand cryptographic systems that will be
presented later.

1.1 Euler’s Totient Function

For any natural number n, Euler’s totient function φ(n) is defined as the count of natural numbers smaller
than n that are relatively prime to n. If p is a prime, then φ(p) = p − 1, this is because p, as a prime, does
not share any common factor with any number smaller than it.
Another situation is when we have a number n that is the product of two primes p and q; n = pq. In
this case, the numbers smaller than n that are not relatively prime to n are exactly the ones that are either:
(1) 0 or (2) contain p in their factorization or (3) contain q in their factorization. The numbers that contain
p in their factorization are not those that contain q in their factorization since p and q are two different
primes. All other numbers not satisfying any of these conditions will be relatively prime to n. The numbers
smaller than pq that contain p in their factorization are {p, 2p, . . . , (q − 1)p}, their count is q − 1. Similarly,
the numbers smaller than pq that contain q in their factorization are {q, 2q, . . . (p − 1)q}, their count is
p − 1. So, now we can count the numbers smaller than pq that are not relatively prime to pq, the count
is 1 + (q − 1) + (p − 1). Finally, the count of numbers smaller than pq that are relatively prime to pq is
φ(pq) = pq − [1 + (q − 1) + (p − 1)] = (p − 1)(q − 1). So, we have:

If p and q are primes, and n = pq: φ(n) = (p − 1)(q − 1) (1)

1.2 Groups
A group is a tuple hG, f i, where G is a set and f : G × G → G is a function (operation) defined over the set.
The function f , as shown by its definition, maps a pair of elements in G into an element that is also in G.
For two elements g1 ∈ G and g2 ∈ G, f (g1 , g2 ) may be written as g1 · g2 , in which case, the group is called
multiplicative, or it may be written as g1 + g2 , in which case, the group is called additive. A group has the
following properties:

i. Associativity of f : For any three elements g1 , g2 , and g3 in G, f (g1 , f (g2 , g3 )) = f (f (g1 , g2 ), g3 ), this
means that the order of the operation does not matter. In a multiplicative group, this property is
expressed as: g1 · (g2 · g3 ) = (g1 · g2 ) · g3 . Similarly, in an additive group, we write: g1 + (g2 + g3 ) =
(g1 + g2 ) + g3 .
ii. Identity element: There exists an identity element e, such that, for any g ∈ G, f (e, g) = f (g, e) = g. In
a multiplicative group, the identity element is denoted by 1, and this property is expressed as: 1 · g =
g · 1 = g. In an additive group, the identity element is denoted by 0, and we write: 0 + g = g + 0 = g.

1
 iii. Existense of inverses: For each element g ∈ G, there exists an inverse g −1 , such that f (g, g −1 ) =
f (g −1 , g) = e. In a multiplicative group, this is written as: g · g −1 = g −1 · g = 1. In an additive group,
the inverse is written −g, and this property is expressed as g + (−g) = (−g) + g = 0
It is important to note that 1 and 0 are just notations for the identity element, they are NOT NECES-
SARILY the numbers 1 and 0. In addition to the previous properties, a group can also have the following
property:
iv. Commutativity of f : for any two elements g1 and g2 in G, f (g1 , g2 ) = f (g2 , g1 ), this means that the
order of the two elements in the pair is not important for f . In a multiplicative group, this property is
expressed as g1 · g2 = g2 · g1 , and in an additive group, this property is expressed as: g1 + g2 = g2 + g1 .
A group that satitifies the commutativity propoerty is called a commutative group or an abelian group.
In the following, unless otherwise noted, we will deal with abelian groups.
Example 1.1. : Zn The group of integers modulo-n.
This is the group of integers modulo a positive integer n, in this case G = {0, 1, . . . , n − 1}. Any integer is
congruent to a single element a ∈ G. The group operation f is addition modulo-n, and e = 0. This group
is also called a complete residue system, since the elements of G are ALL the remainders (residues) when
dividing by n. The additive inverse of any g ∈ G is computed as −g = n − g. For instance consider Z8 , so,
G = {0, 1, 2, 3, 4, 5, 6, 7} and −(1) = 7, i.e., the additive inverse of 1 is 7, since 1 + 7 = 8 = 0 mod 8.
Example 1.2. : Z∗n The group of integers less than n that are relatively prime to n.
For a particular positive integer n, this group contains the numbers that are less than n and relatively prime
to n. This group is also called a reduced residue system. It is a residue systems since it contains residues
(remainders of division by n). It is reduced since NOT ALL residues of division by n are included, but only
those that are relatively prime to n. By definition of Euler’s totient function, the count of elements in this
group is φ(n). We can therefore write the set of elements as G = {g1 , g2 , . . . , gφ(n) }. Also, since each element
gi is relatively prime to n, each element will have a multiplicative inverse gi−1 mod n. The group operation
can therefore be multiplication modulo-n, since the multiplication of two elements gi , gj that are relatively
prime to n will produce an element gk that is also relatively prime to n, i.e., if gi ∈ G, gj ∈ G, and gk = gi · gj
mod n, the gk ∈ G. The identity element e = 1, and the multiplicative inverse can be computed using the
multiplication table or the extended Euclid’s alogorithm.
Please note that for any prime p, Zp contains the numbers {0, 1, . . . , p − 1}, whereas Z∗p contains the
numbers {1, 2, . . . , p − 1} since 0 is not relatively prime to p.

1.3 Euler’s Theorem

Euler’s theorem states that, for two relatively prime integers g and n, where g < n:
Theorem 1.1. Euler’s theorem.
g 1+kφ(n) = g mod n
In other words, g 1 mod φ(n)
= g 1 mod n. This also means that g kφ(n) = 1 mod n.
Proof 1.1. Proof of Euler’s theorem.
Since g < n and gcd(g, n) = 1, then g ∈ Z∗n . Let all elements in Z∗n be written as g1 , g2 , . . . , gφ(n) . For all
elements gi that are in Z∗n , we have: g · gi mod n ∈ Z∗n , this is because the multiplication of two numbers
relatively prime to n will produce a number relatively prime to n. If we perform modulo-n multiplications,
we will have:
(g · g1 ) · (g · g2 ) . . . · (g · gφ(n) ) = g1 · g2 . . . · gφ(n)
φ(n)
g · g1 · g2 . . . · gφ(n) = g1 · g2 . . . · gφ(n)
multiply both sides by g1−1 · g2−1 ... · −1
gφ(n) ,
g φ(n) = 1(mod n)

2
1.4 Finite Fields
When presenting arithmetic modulo-n, we saw that an integer 0 < i < n has a multiplicative inverse modulo-
n if and only if i and n are relatively prime. So, if n is a prime, all integers 0 < i < n will have multiplicative
inverses. Moreover, addition modulo-n and multiplication modulo-n are defined over these elements as usual.
In this case, we call the set {0, 1, . . . , n − 1} a finite field. It is finite, since the number of elements is finite.
It is a field since a field F is defined as a set S together with two operations · : S × S → S and + : S × S → S,
with the following properties:
• Associativity of · and +: For all a, b, and c in S, we have (a + b) + c = a + (b + c) and (a · b) · c = a · (b · c)
• Identity elements: There exists two elements 0 and 1 such that for any element a in S, we have a+0 = a
and a · 1 = a
• Inverse elements: For any element a in S we have an additive inverse −a such that a + (−a) = 0 and
6 0, we have a multiplicative inverse a−1 , such that a · a−1 = 1
for any element a =
• Commutativity: For all elements a and b in S, we have a · b = b · a and a + b = b + a

• Distributive law: For all elements a, b, and c in S, we have a · (b + c) = a · b + a · c

• No zero divisors: If a and b are elements in S such that a 6= 0, b 6= 0, and a · b = 0, we call a and b zero
divisors. A field does not have zero divisors, therefore for all elements a and b in S, if a · b = 0, then
either a = 0, or b = 0.

A field F is written as F = hS, ·, +i. The set {0, 1, . . . , p − 1}, where p is a prime, together with multipli-
cation modulo-p and addition modulo-p, constitutes a finite field. It is written as GF(p). The notation is
an acronym from Galois Field, in honor of the French mathematician Évariste Galois.