Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 9 years ago.
Improve this question
I have a general question, and for that I will give an example:
assuming Alice and Bob chose the prime number 593 and a public g= 9 .
Alice choose the number 530.
Bob choose the number 147.
Alice computes: x= g^a mod p = 574
Bob computes: y = g^b mod p = 527
Their shared key is 156
Now Eve is trying to crack the key and find a. She has a cracking function, and she finds c such that: g^c mod p =x
In our exmaple, c = 234, but this is not the original a that Alice chose, so she still didn't succeed. My question is: is there a way she finds out the original a of Alice, using this information- that Eve has c, g, p and x, and she knows that g^c mod p =x
(Maybe by inverse function, I don't know..)
Thanks
Yes. If
g^a mod p = g^x mod p
Then
g^ab mod p = g^xb mod p
In particular
(g^b mod p)^a mod p= (g^b mod p)^x mod p
So you can, for all practical purposes, pretend that Alice's private key is x.
This is why it is important for g to be a generator of the group, so that there
are no such 'sibling' private keys.
She can't know the 'original' a, but she does know that it's in the (usually)
small set of numbers that differ from x by multiples of o(g). Which one it is doesn't
really matter.
In this particular case, what's happening is that g is of order 296 instead of 592. Because of this, the actual secret key Alice chose - 530, has a 'sibling':
c = 530 + 296 mod 592 = 234
Related
This question already has answers here:
Algorithm for solving systems of linear inequalities
(5 answers)
Closed 8 years ago.
Consider the following equations:
X > Y
X + Y > 7
Y <= 10
X >= 0
Y >= 0
I want to find out if there exists a solution that fulfills all of them (natural numbers).
I don't care about the exact solution, I just want to know if there is a solution at all
I have read about Microsoft Solver Foundation or other linear programming libraries, but I'm not sure if they can solve problems like this.
Especially I'm not sure if the can solve equations with variables on each side, like
X > Y, or X + Y > Z
most examples are of the form:
X * 10 + Y * 30 > constant
I need it to be able to solve systems with maximum of 4-8 variables, all in range of 0-100
Another important constraint I have, the library needs to be fast. I need to be able to solve systems of like 7 equations in like 0,00001 seconds
Interesting question. Feels a lot like the integer-knapsack problem.
First of all, whether variables are on each side is irrelevant, since an equation like
X + Y > Z
can be rewritten to
X + Y - Z > 0
So let's assume that all constraints are of the format
(const1 * var1) + ... + (const8 * var8) > const
To support less variables, just use the value 0 for one of the constants.
The way to visualize this is to see the case of 2 variables as determining the convex hull of the 'lines' corresponding to the constraints. So each constraint can be drawn as a 2D line, and only values on one side of the line are allowed.
To visualize this for 3 variables, it's the same as whether the convex hull of 'planes' determined by the constraint have any grid points ('natural numbers') in them.
The trouble in this case is the fact that the solution should have only natural numbers: this makes normal linear algebra impossible, since a grid is imposed. I would not know of any library supporting such restrictions.
But it would not be too difficult to write a solution yourself: the idea is to find a solution by trying every number by pruning aggressively.
So in your example: test all X in the range 0 to 100. Now go to the next variable, and determine the valid range for the free variable based on the constraints. Worked out for x == 8: then the range for y would be:
0 .. 7 because of constraint x > y
0 .. 100 because of constraint x + y > 7 (since x is already 8)
0 .. 9 because of constraint y < 10
...and we repeat this for all constraints. The final constraint for y is then 0 .. 7, because that is the most tight constraint. Now repeat this process for the left-over unbound variables, and you're done if you find at least one solution.
I expect this code to be about 100 lines with dynamic programming; computation time very much depends on the input and vary wildly.
For example, a set of equations which would take a long time:
A + B + C + D + E + F + G + H > 400.5
A + B + C + D + E + F + G + H < 400.6
As a human we can deduce that since we're requiring natural numbers, there is no solution to these equations. However, this solution is not prunable using the method described above, all combinations of A .. G will have to be tested before it will be concluded that there is no fitting H. Therefore it will look at about all possibilities. Not really pleasant, but unavoidable.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 8 years ago.
Improve this question
I want to know how to solve a recurrence relation in 2 variables. I want to solve below relation:
F(n,m) = F(n-1,m) + F(n,m-1) + 1
Initial conditions:
F(m,0) = m
F(0,n) = n
F(0,0) = 0
F(n,m)
{
if (n==0)&&(m==0)
return 0
else if (n==0)
return m
else if (m==0)
return n
else
return F(n-1,m) + F(n,m-1) + 1
}
Only parameters (≦ n, ≦ m) occur, one may exclude n or m being 0, so if you could hold a table of n×m that would be the optimal complexity: O(n . m).
One sees, that F(n - 1, m - 1) are both called, from F(n - 1, m) and F(n, m - 1), so a naive solution has a higher complexity.
Not wanting to spoil the joy of finding an algorithm, only some hints:
F(n, m) = F(m, n) so you may use n ≦ m.
(table, result) = F'(table, n, m) caching of results in recursive function
I personally sometimes like to start with an iterative non-functional procedure to fill a table, starting from 0 upwards. And then turn that into functional notation. For complexity an iterative procedure would already suffice.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 8 years ago.
Improve this question
How to demonstrate that all multiplicative orders divide the order (size) of the multiplicative group F of F13.
.
You show that the cyclic group <x> generated by an element x is a subgroup of IF* and that "u~v iff u^(-1)*v in <x>" is an equivalence relation that divides the multiplicative group into equivalence classes of equal size.
So that you get
[size of IF*]
= [size of <x>] * [number of equivalence classes]
which means that the order of x = [size of <x>] is a divisor of the number of invertible elements, i.e., the size of the multiplicative group of IF
See also the little theorem of Fermat.
Since the group is abelian, the simplest thing is to use that multiplication by any element is a bijection. Let F = {g1, g2, g3, ..., gn} and let h be an arbitrary element. Then also F = {h*g1, h*g2, ..., h*gn}. Hence multiplying all elements together we get g1 * g2 * g3 * ... * gn = h*g1 * h*g2 * ... * h*gn. But the latter equals h^n * g1 * g2 * ... * gn. Now use the cancellation law to conclude that h^n = 1 from which the result follows.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 8 years ago.
Improve this question
I have a question about linear codes.
Let's say we have two (n,k) linear codes C1 and C2 with parity check matrix H1 and H2. Is the intersection of C1 and C2 still a linear code? If so, what is its parity check matrix H3 given H1 and H2? C3 is the intersection of C1 and C2 means H1c3=0 and H2c3=0 for all c3\in C3.
Yes. It is also a linear code.
A linear code of length n and rank k is a linear subspace C with dimension k of the vector space V.
Given subspaces U and W of a vector space V, then their intersection U ∩ W := {v ∈ V : v is an element of both U and W} is also a subspace of V.
To obtain H dimension this statement may be used:
Let (G,+G,∘)K be a K-vector space.
Let M and N be finite-dimensional subspaces of G.
Then M+N and M∩N are finite-dimensional, and:
dim(M+N) + dim(M∩N) = dim(M) + dim(N)
so:
dim(M+N) + dim(M∩N) = k1 + k2
where dim(M∩N) is new k of the intersection.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I am trying to solve a Mathematical equation in one of my geometric modelling problem.
Let's say if I have 2 vectors, A and B, and I have the following equation:
A x B = c (c is a scalar value).
If I know the coordinate of my vector B (7/2, 15/2); and I know the value of c, which is -4.
How can I calculate my vector A, to satisfy that equation (A X B = c) ?
The problem is underdetermined; there isn't a unique such A. I assume that by "multiplication" you mean the cross product.
A = (x,y)
B = (7/2, 15/2)
A×B = x(15/2) - y(7/2)
-4 = (15x-7y)/2
15x - 7y = -8
This gives a line along which points A=(x,y) can lie. Specifically, for any real number t,
x = -1 + 7t
y = -1 + 15t
gives a solution.