1

In a cryptography lecture, I have run into a equation such that

$$y_i=e(x_i)=x_i+s_i(mod2)$$ $$x_i=d(y_i)=y_i+s_i(mod2)$$ where $e()$ means encryption and $d()$means decryption in Stream ciphers.

After that, it is said that if $y_i=x_i+s_i(mod2)$, then $d(y_i)=x_i+s_i+s_i(mod2)$,so $d(y_i)=x_i (mod2)$

What I could not understand how $y_i=x_i+s_i$ instead of $y_i=x_i+s_i(mod2)$. If there were somethingelse modulo operation such as $mod5$, then it would be $$d(y_i)=[x_i+s_i(mod5)]+s_i (mod2)$$

Can you explain why we discrarded $(mod2)$ above ?

In the first glance, it seems like $$d(y_i)=y_i(mod2)+s_i(mod2)$$ $$d(y_i)=[x_i+s_i(mod2)](mod2)+s_i(mod2)$$ but we have two mod operation consecutively

  • It seems you are making the common mistake of confusing the mod relation (congruences) with the mod operation (remainder). In your example surely congruences are intended, not remainder operations. See the linked dupe for elaboration on such matters. – Bill Dubuque Oct 23 '23 at 17:40

1 Answers1

1

I see two possible interpretations for your first equation. Here are the two interpretations, converted to standard notation.

$$y_i=e(x_i)=x_i+(s_i \bmod2) \tag1$$ $$y_i \equiv e(x_i) \equiv x_i + s_i \pmod2 \tag2$$

In Equation $(1)$, we use the binary operator $\bmod$. The result of $s_i \bmod2$ is $0$ if $s_i$ is even, $1$ if $s_i$ is odd.

In Equation $(2)$, the notation $\bmod 2$ in parentheses, with extra space to the left of the parentheses (according to standard practice), does not operate just on $s_i$, or even on $x_i + s_i$. It actually applies to the entire set of "equations", and tells us that whenever the symbol $\equiv$ occurs in those "equations", it means "equivalence modulo $2$". That is, it tells us that $a \equiv b$ means that $a$ and $b$ have the same remainder when divided by $2$. (Or more precisely, $a - b$ is divisible by $2$.)

I have never seen anyone write the binary operator $a \bmod b$ with a parenthesis between $a$ and $\bmod$. I have seen people write things like Equation $(2)$ using the $=$ symbol instead of $\equiv$. (I'm assuming that the original equations were written that way and that you didn't simply fail to observe the extra horizontal line in $\equiv$.)

In addition, it is extremely silly to write something like Equation $(1)$ when in context you could just specify that $s_i$ must either be $0$ or $1$.

So I'm fairly sure that we're looking at equations like Equation $(2)$ here, that is, we're using mathematical modular arithmetic rather than computer-language-like binary $\bmod$ operators. You should study up on modular arithmetic, because cryptography is going to be very hard to understand if you're not familiar with that mechanism.

In modular arithmetic, what you saw in the lecture makes perfect sense. In modular arithmetic, if you know that $$ y_i \equiv e(x_i) \equiv x_i + s_i \pmod2 $$ is true, you can add $s_i$ to both sides of the "equation" (ignoring the $\pmod2$ notation for a moment) and get another true "equation", $$ y_i + s_i \equiv e(x_i) \equiv x_i + s_i + s_i \pmod2 $$

This isn't saying that $y_i = x_i + s_i$ in the ordinary integer arithmetic sense; it's saying that $y_i \equiv x_i + s_i$ when $\equiv$ means equivalence modulo $2$.

David K
  • 98,388