Casio fx-83GB PLUS, how to perform x mod y? - encryption

How can I perform
x mod y (e.g. 89^3 mod 3127)
on this calculator?
I got Cryptography exam tomorrow and I can't figure out how to do the mod part on the calc that I have..
This is the encrypting part of RSA algorithm.
Any ideas?

I doubt your calculator has a modulus function. Here's a decent algorithm that works:
Compute 89^3 = 704 969. Write this down or store the result somewhere.
Now reduce modulo n. To do this, compute result / modulus and ignore the decimal, e.g. 704 969 / 3127 ≈ 225.
Multiply that number by the modulus and subtract it from the original result, e.g. 704 969 - 225*3127 = 1394.
If the original exponentiation is so large that it overflows your calculator, you can compute a smaller exponent and do the above reduction modulo n multiple times. For example, if you're asking to compute 89^10, you can instead compute 89^5, reduce that modulo n, square that result to get 89^10, and reduce the squared value modulo n as well.
A key point is that at pretty much any point in the computation process, you can reduce the value modulo n and still arrive at the same figure. Your professor may throw a curveball at you like this - or they may not. Still, better to be prepared.

Related

gcd of two numbers one of them is too large

I was going through a question which ask to calculate gcd(a-b,a^n+b^n)%(10^9+7) where a,b,n can be as large as 10^12.
I am able to solve this for a,b and n for very small numbers and fermat's theorem also didn't seem to work, and i reached a conclusion that if a,b are coprime then this will always give me gcd as 2 but for the rest i am not able to get it?
i need just a little hint that what i am doing wrong to get gcd for large numbers? I also tried x^y to find gcd by taking modulo at each step but that also didn't work.
Need just direction and i will make my way.
Thanks in advance.
You are correct that a^n + b^n is too large to compute and that working mod 10^9 + 7 at each step doesn't provide a way to compute the answer. But, you can still use modular exponentiation by squaring with a different modulus, namely a-b
Key observations:
1) gcd(a-b,a^n + b^n) = gcd(d,a^n + b^n) where d = abs(a-b)
2) gcd(d,a^n + b^n) = gcd(d,r) where r = (a^n + b^n) % d
3) r can be feasibly computed with modular exponentiation by squaring
The point of 1) is that different programming languages have different conventions for handling negative numbers in the mod operator. Taking the absolute value avoids such complications, though mathematically it doesn't make a difference. The key idea is that it is perfectly feasible to do the first step of the Euclidean algorithm for computing gcds. All you need is the remainder upon division of the larger by the smaller of the two numbers. After the first step is done, all of the numbers are in the feasible range.

RSA Encryption message Length

So i know that to encrypt a message in RSA we use cipher = m^e % n where m is the plain text transformed to an integer of size {0,..,n -1} and n is the modulus.
Let's say that the size of n is 8192bit and e = 65537 and m (as an integer) = n - 4.
So the question is wouldn't be (2^(8192-4))^65537 impossible to calculate ?
Not impossible at all - the exponentiation is performed modulo n, which means that the result will always be less than n. This not only limits the output size, but makes the calculation easier as intermediate stages can be reduced modulo n to keep the numbers involved "small". The Wikipedia page on modular exponentiation provides more detail on how the calculation can be performed.

MASH-2 hash function

We have taken the MASH-2 hash function in a college course, and in the exam we are confronted
with questions to calculate something like this ((62500)^257)) mod (238194151) using only a scientific calculator. now i know some theories with a^b (mod n) but the problem i present above is even hard to calculate manually. i think it would take about 15 minutes to solve this. i would like to know if there is a faster way to do this. or even if there is some way to do it in binary (convert the number to binary and then do some manipulations). i need to able to do this by hand with a scientific calculator.
In this special case the prime factor decomposition of a = 62500 = 2² ⋅ 5⁶ is very simple.
You can use this to calculate (2²)²⁵⁷ and (5⁶)²⁵⁷ first and calculate then the product.
But the problem I see, is that for n = 238194151 my scientific calculator can not calculate n² correctly. If your calculator can do this, it should be no problem.
Since gcd(a, b) = 1 you also could use CRT, but I'm not sure if you can find the prime factors n = 13 ⋅ 59 ⋅ 310553 with only a scientific calculator. If so, this will make it much easier. You just calculate a²⁵⁷ mod (13⋅59) and a²⁵⁷ mod 310553 and put the results together with CRT.
You can also use only Exponentiation by squaring so you only have to calculate 8 squares.

Sum of the powers

I have to code to evaluate the value of following sequence :
( pow(1,k) + pow(2,k) + ... + pow(n,k) ) % MOD
for given value of n,k and MOD.
I have tried searching it on internet. I got an equation . It contains zeta functions and it seems difficult in implementation. I want any simple approach for implementing the same. Note that the value of n is large, so that we cannot simply use brute force to pass the time limit.
Newton's identities might be of help. Calculate the coefficients of the polynomial with 1..n as roots. That pretty trivial. Then use the identities.
It's just the first thing that comes to mind when I see sums of powers.
I think it is nicely compatible with modular arithmetics - there are only multiplications and additions.
I must admit, that Newton's identities are only the rearrangement of the terms, so not much speed gain here.
JUST USE PYTHON
k=input("Enter value for K: ")
n=input("Enter value for N: ")
mod=input("Enter value for MOD: ")
sum=0
for i in range(1,n+1):
sum+=pow(i,k)
result=sum % mod
print mod
May be this code is gonna help.
I agree that math.stackexchange.com is a better bet.
But here are random facts that, depending on parameters, may make the problem more manageable.
First, factor MOD, solve for each prime power factor, then use the Chinese Remainder Theorem to find the answer for MOD. Thus without loss of generality, you may assume that MOD is a prime power.
Next, note that 1^k + ... + MOD^k is always divisible by MOD. Therefore you can replace n by n mod MOD.
Next, if MOD = p^i and j is not divisible by p, then j^((p-1) * p^(i-1)) is 1 mod MOD, so we can reduce the size of k.
Of course if (k, n) < MOD and MOD is prime, this will not help you at all. (Which, depending on how this problem arises, may well be the case.)
(If k is small enough, there are explicit formulas that you can produce for the sum. But it seems that for you k can be large enough to make that approach intractable.)

Fast Fourier Transform Pseudocode?

The purpose of the following code is to convert a polynomial from coefficient representation into value representation by dividing it into its odd and even powers and then recursing on the smaller polynomials.
function FFT(A, w)
Input: Coefficient representation of a polynomials A(x) of degree ≤ n-1, where n
is a power of 2w, an nth root of unity.
Output: Value representation A(w^0),...,A(w^(n-1))
if w = 1; return A(1)
express A(x) in the form A_e(x^2) and xA_o(x^2) /*where A_e are the even powers and A_o
the odd.*/
call FFT(A_e,w^2) to evaluate A_e at even of powers of w
call FFT(A_o,w^2) to evaluate A_o at even powers of w
for j = 0 to n-1;
compute A(w^j) = A_e(w^(2j))+w^j(A_o(w^(2j)))
return A(w^0),...,A(w^(n-1))
What is the for loop being used for?
Why is the pseudocode only adding the smaller polynomials, doesn't it need to subtract them too? (to calculate A(-x)). Isn't that what the algorithm completely based on? Adding and subtracting the smaller polynomials to reduce the points in half?*
Why are powers of "w" being evaluated as opposed to "x"?
I am not a too sure if this belongs here, since the question is quite mathematical. If you feel this question is off-topic, I would appreciate it if you moved it to a site where you felt this question would be more appropriate, rather that just closing it.
*Psuedocode was gotten from Algorithms by S. Dasgupta. Page 71.
The loop is for recursion.
No need to add for negative x; the FFT transforms from time to frequency space.

Resources