Document

```Algorithms Design and its
Applications
Algorithms with numbers
Back Ground
• Number theory was once viewed as a beautiful but
largely useless subject in pure mathematics.
• Today number- theoretic algorithms are used widely ,
due in part to the invention of cryptographic schemes
based on large prime numbers.
• The feasibility of these schemes rests on our ability to
find large primes easily, while their security rests on
our inability to factor the product of large primes .
Size of Cost
• In this lecture, a "large input" typically means an
input containing "large integers" rather than an input
containing "many integers".
• We measure the size of an input in terms of the
number of bits required to represent that input.
• An algorithm with integer inputs a1, a2, ..., ak is a
polynomial - time algorithm if it runs in time
polynomial in lg a1, lg a2, ..., lg ak, that is, polynomial
in the lengths of its binary- encoded inputs.
Basic arithmetic
Bases and logs
• How many digits are needed to represent the number
N>=0 in base b?
• How much does the size of a number change when
we change the base?
• The sum of any three single-digit numbers (with base
b>=2) is at most two digits long.
• Given two binary number x and y, how long does our
O(n), n is the number of bits of x and y.
Multiplication
• 13 * 11
Multiplication
• 乘法的时间复杂度是多少呢？
• 对于长度为n的乘数来说，将产生n个中间结果，

Multiplication
• another way to multiply
Multiplication
Multiplication
• Al Khwarizmi乘法算法的时间复杂度？
• 由于乘数每次都被取半，对于二进制来说，取半

。
Division
• To divide an integer x by another integer y≠0 means
to find a quotient q and a remainder r, where x = yq+r
and r <y.
Modular arithmetic
Modular Arithmetic Basic
Modular Arithmetic Basic
• x+y mod N
• Since x and y are in the range 0 to N-1, their sum is
between 0 and 2(N-1). If the sum exceeds N-1,
subtract off N.
• The overall computation consists of an addition, and
possibly a subtraction, of numbers that never exceed
2N. the running time is O(n), where n = log N.
Modular multiplication
• xy mod N
answer modulo N. The product can be as large as (N1)2, at most 2n bits long since log(n-1)2 = 2log(N1)≤2n.
• The running time is O(n2).
Modular exponentiation
• 在密码学中，常需计算xy mod N. 这个的x,y和N均

• 直接算xy，运算结果很大！即便x和y只有20位长
， xy也要大概1千万位长。
• 为保证中间运算结果不要太大，每步运算都模N.
Modular exponentiation
• Simple idea: repeatedly multiplying by x modulo N.
problem: if y is 500 bits long, we need to perform
y -1 ≈ 2500 multiplications!
Modular exponentiation
• better idea: starting with x and squaring repeatedly
modulo N, we get
we need to perform log y multiplications, ach takes
O(log2N) to compute.
• To determine xy mod N, we simply multiply together
and appropriate subset of these powers, those
corresponding to 1’s in the binary representation of y.
• A polynomial-time algorithm is within reach!
Modular exponentiation
sicily 1294. 高级机密
• 信息加密。
• 目前比较流行的编码规则称为RSA，是由美国麻

• 题目要求：计算 ab mod c
sicily 1294. 高级机密

• 不好的算法：
– 先求出a的b次方，再模c。但题目给出的a,b,c的

• 较好的算法：
– 利用同余的性质，
xy mod c = x * (y mod c) mod c
sicily 1294. 高级机密

d = 1;
for (i = 1; i <= b; ++i) {
d = d * a % c;
}
cout << d;
Euclid’s algorithm for
greatest common divisor
• Euclid’s rule
If x and y are positive integer with x≥y, then gcd(x,y)=
gcd(x mod y, y)
• Proof.

Euclid’s algorithm for
greatest common divisor
Euclid’s algorithm for
greatest common divisor
• This means that after any two consecutive round,
both a and b, are at the very least halved in value –
the length of each decreases by at least one bit. If they
are initially n-bits integers, then the base case will be
reached within 2n recursive calls. And since each call
involves a quadratic-time division, the total time is
O(n3)
An extension of Euclid algorithm

An extension of Euclid algorithm
An extension of Euclid algorithm
• Lemma
For any positive integers a and b, the extended Euclid
algorithm returns integers x, y, and d such that gcd(a,b) = d =
ax+by
• Proof.

Modular division

= f（12, 6）= f（6, 6）= f（6, 0）= 6

BigInt gcd(BigInt x, BigInt y)
{
if(x < y) return gcd(y, x);
if(y == 0) return x;
else return gcd(x - y, y);
}

（x>>1, y>>1）

y）

y>>1）

f（42, 30）= f（1010102, 111102）
= 2 * f（101012, 11112）
= 2 * f（11112, 1102）
= 2 * f（11112, 112）
= 2 * f（11002, 112）
= 2 * f（112, 112）
= 2 * f（02, 112）
= 2 * 112
=6

BigInt gcd(BigInt x, BigInt y)
{
if(x < y) return gcd(y, x);
if(y == 0) return x;
else {
if(IsEven(x)){
if(IsEven(y)) return (gcd(x >> 1, y >> 1) << 1);
else return gcd(x >> 1, y);
}
else {
if(IsEven(y)) return gcd(x, y >> 1);
else return gcd(y, x - y);
}
}
}

• 同余
– 设m是正整数，a,b是整数，如果m|(a-b)，则称a和b关于模m同余，

• 同余的性质
–
–
–
–
a≡a(mod m)

ac≡bd(mod m)

• 同余的性质(cont.)
–
–
–
–
–

a≡b(mod l)
– 如果p为素数，则ap ≡ a(mod p)；如果gcd(a,p)=1，则ap-1 ≡
1(mod p)
Primality Testing

2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

const int MAX = 10000;
bool prime[MAX + 1];
void searchprime() {
memset(prime, true, sizeof(prime));
prime[1] = false;
for (int i = 2; i*i<= MAX; ++i)
{
if (prime[i]) {
int j = i * 2;
while (j <= MAX) {
prime[j] = false;
j += i;
}
}
}
}

for (int i = 2; i <= (int) floor(sqrt(MAX)); ++i) {
if (prime[i]) {
int j = i * 2;
while (j <= MAX) {
prime[j] = false;
j += i;
}
}
}
}
Fermat’s little theorem
Fermat’s little theorem
• Proof.
Algorithm for testing primality
Algorithm for testing primality
Algorithm for testing primality
An algorithm for testing primality,
with low error probability
Carmichael numbers
• 561 = 3*11*17, not a prime.
• fool the Fermat test, because a560 ≡1 (mod 561) for all
values of a relatively prime to 561.
• Rabin and Miller algorithm.
Generating random primes
Generating random primes
• Q: what is the probability that the output of the
algorithm is really prime?
• A: suppose we perform the test with base a=2 for all
numbers N≤25∙109.
RSA
• RSA基本原理
• 选定一个数N，再选择一个N到N的双射函数f作为

RSA
RSA
```