Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [modular-arithmetic]

Modular arithmetic is a system of arithmetic for integers, where numbers "wrap around" upon reaching a certain value… the modulus.

Modular arithmetic is a system of arithmetic for integers, where numbers "wrap around" upon reaching a certain value… the modulus.

Related to modular arithmetic, it is important to know how hard it is to solve a system of congruences. A linear system of congruences can be solved in polynomial time with a form of Gaussian elimination (linear congruence theorem). Algorithms (like the Montgomery reduction) also exist to allow simple arithmetic operations, such as multiplication and exponentiation modulo $n$ (also known as "modular exponentiation"), to be performed efficiently on large numbers. Solving a system of non-linear modular arithmetic equations is NP-complete (see "Computers and Intractability: A Guide to the Theory of NP-completeness" by Michael R. Garey and David S. Johnson, April 1979, W.H.Freeman & Co Ltd).

480 questions
12
votes
1 answer

How to determine the multiplicative inverse modulo 64 (or other power of two)?

I am trying to determine the multiplicative inverse of $47$ modulo $64$. So I have looked for an algorithm or scheme in order to perform this. I found this wiki explaining how to find a multiplicative inverse. I tried to perform all the…
user3834282
  • 139
  • 1
  • 3
7
votes
1 answer

Why does this square root algorithm work?

I've been doing some elliptic curve cryptography, and a library I'm using has this slightly bizarre algorithm for computing modular square roots: Let $x$ be some quadratic residue modulo $p$ for some large prime $p$. Let $h$ be some element of…
ymbirtt
  • 678
  • 6
  • 12
4
votes
1 answer

If A and B are co-primes, does Ax mod B (where x, any positive int) gives {0,1,2,....,B-1}?

If $A$ and $B$ are co-primes (i.e. $\gcd(A,B)=1$), does $A\cdot x \bmod B$ (where $x\in \mathbb N$) give as result an element of $\{0,1,2,....,B-1\}$ ?
ut42
  • 59
  • 2
4
votes
2 answers

Speed up modular exponentation with fixed base and modulus

Can someone explain, how $a^x \mod N$ can be speeded up, when $a$ and $N$ are known constants? How big is the gain and what resources are needed? https://www.imperialviolet.org/2013/05/10/fastercurve25519.html Just to mention: it can speed up SRP…
Smit Johnth
  • 1,681
  • 4
  • 17
  • 27
3
votes
0 answers

Computing $a$ and $b$ from $a+b$ and $ab \bmod N$, where factorization of $N$ is unknown

I have $$\{a+b, a^2+b^2 \bmod N, a^3+b^3 \bmod N,\ldots\}$$ and $$\{ab \bmod N, a^p b^q \bmod N, a^{p^2}b^{q^2} \bmod N, a^{p^3} b^{q^3} \bmod N,\ldots\}$$ The factorization of $N=(2p+1)(2q+1)$ is unknown. $p$ and $q$ are unknown too. $i \in…
user87339
  • 31
  • 2
3
votes
1 answer

Novice Question: Rivest Shamir Wagner 96 Time Lock Puzzles

I'm using the Rivest Shamir Wagner Time Lock Puzzle setup in an application, leveraging Pietrzak's algorithm for generating the proof. My question has to do with selecting a proper starting point. In this paper the authors talk about verifying…
jdbertron
  • 131
  • 3
3
votes
1 answer

Security of modular exponentiation for non-uniform inputs

Suppose we have a function $F = f_{s}(x)$ with a key $s \gets \mathbb{Z}_q$ that on input $x$ outputs modular exponentiation $x^s$, where $\mathbb{G}$ is a cyclic group of order $q$ where DDH is hard. If $x$ is selected uniformly at random from…
pintor
  • 558
  • 3
  • 14
2
votes
1 answer

Modular Reduction in the Ring $\mathbb{Z}_{q}[x]/(x^n + 1)$

May someone please explain how the reduction is done? I am familiar with other algebraic structures but wondering if I am doing reduction correctly for this. It is understood that a Polynomial Ring of this form, $\mathbb{Z}_{q}[x]/(x^n + 1)$,…
user15651
  • 89
  • 5
2
votes
1 answer

Barret reduction to get 64-bit remainder of a 128-bit number

On github there's this code part of Microsoft's SEAL: SEAL_ITERATE(iter(operand1, operand2, result), coeff_count, [&](auto I) { // Reduces z using base 2^64 Barrett reduction unsigned long long z[2], tmp1, tmp2[2], tmp3, carry; …
Guerlando OCs
  • 35
  • 7
2
votes
1 answer

How to solve polynomial modular equation to create a correct decryption algorithm

I recently had a variant of the following problem in my cryptography course and I had trouble solving it and was looking to get some help. Given the symmetric key cryptosystem: $\text{KG, Enc, Dec}$ where $\text{KG}$ is a key generator that…
Ignatius_Gim
  • 121
  • 2
2
votes
1 answer

Question about modular arithmetic (division)

I have a question about division operation. There are two entities, Alice and Bob. Bob randomly selects a finite set of numbers (set K). (about 10K or 100K) Alice randomly generates one big number $x_1$ and chooses one element $y_1$ (from Bob's set…
takita
  • 509
  • 2
  • 8
2
votes
0 answers

what is the fastest and efficient method to perform modular multiplication?

I'm working on a code that needs to perform modular multiplication of big numbers several times. Since the operation takes place several times, using division to find the remainder is very expensive. Repeated subtraction with the mod value also…
abejoe
  • 605
  • 2
  • 6
  • 14
2
votes
1 answer

Implementation of modular arithmetic?

In FIPS 186-3 appendix D.2 "implementation of Modular Arithmetic", they show shortcuts for solving $$B = A \mod m$$ for select Curves. How would you go about determining a valid short cuts for the various curves? If I wanted to practice on using a…
g. garcia
  • 41
  • 1
2
votes
0 answers

Speedups for non-constant time modular arithmetic?

I am interested in modular arithmetic with respect to the prime $p = 2^{64}-2^{32}+1$. Thomas Pornin has some work on constant time implementation of arithmetic in $\mathsf{GF}(p)$ for this prime (the paper does other things as well --- this is the…
Mark Schultz-Wu
  • 12,944
  • 19
  • 41
1
vote
0 answers

Examples with Polynomial Multiplication in $\mathbb{Z}_{}[x]/(x^{n} \pm 1)$

Given the following definitions for $\mathbb{Z}[x] /\left(x^{n}-1\right)$: $$ a \cdot b \equiv \sum_{i=0}^{n-1} \sum_{j=i+1}^{n-1} a_{i} \cdot b_{j} \cdot x^{i+j}+\sum_{j=1}^{n-1} \sum_{i=n-j}^{n-1} a_{i} \cdot b_{j} \cdot x^{i+j-n}\left(\bmod…
user15651
  • 89
  • 5
1
2 3 4