JOURNAL OF ANALYSIS OF APPLIED MATHEMATICS€¦ · techniques, DES, 3DES, AES, Blowfish, Twofish, Threefish are symmetric key cryptographic calculations, while RSA and ECC are uneven

JOURNALOF

ANALYSISOFAPPLIEDMATHEMATICS

Volume10,2017

AnalysisofAppliedMathematics½Volume10

2

JOURNALOFANALYSISOFAPPLIED

MATHEMATICS

AtAAM,wearepassionateaboutmathematicseducationanddevotedtomotivatingstudentstoexpandtheirknowledgeofappliedmaththroughresearch.

©AnalysisofAppliedMathematics,2017ALLRIGHTSRESERVED


3

JOURNALOFANALYSISOFAPPLIEDMATHEMATICS

TheInternationalJournalofAppliedMathematicsfor

SecondarySchoolStudents.

AIMANDSCOPE

AnalysisofAppliedMathematics(AAM)isajournaldevotedtothepublicationoforiginalresearchpapersinappliedmathematicsforhigh(secondary)schoolstudents.Ourmissionistopromoteacademiccuriosityinthefieldofmathematicsbyencouragingstudentstoproducequalityresearch.AAMprovidesauniqueopportunityforhighschoolstudentstopublishamathematics-basedresearcharticleinajournal.Thetopicsconsideredforpublicationcaninvolveanyaspectofappliedmathematicsincludingtopicsfromthemedical,scientific,engineering,financeandbusinessfields.Examplesofappliedmathematicstopicsare:

• Electronics: televisions, computers, video games, smart phones, and modernappliances

• Transportation:Automobiles,airplanes,spaceshuttles• SystemsandProcesses:Trafficlightsystems,socialchoicetheory,inventorysystems,

internetsearchengines,algorithmimprovementThereareanumberofpossibleappliedmathematicspapersthatwouldqualifyfortheAnalysisofAppliedMathematics.Formoreinformation,pleasevisitusatanalysisofappliedmathematics.org.Ifyouhaveanyquestionsaboutwhetheryourtopiciseligibleforsubmission,[email protected].


4

Contents

Contents.................................................................................................................................4

ComparativeAnalysisofAES,Blowfish,TwofishandThreefishEncryptionAlgorithms...........5

GameTheoryGamesandTheirRealWorldApplications.......................................................25

CongruenceinNumberTheory..............................................................................................32

PermutationsandCombinations...........................................................................................36

PrimalityinNumberTheory..................................................................................................40

PracticalImplementationsofECCintheBlockchain...............................................................43


5

Comparative Analysis of AES, Blowfish, Twofish and Threefish Encryption Algorithms

By Shin Woo Jang Cheongshim International School

Abstract

DatasecurityisanextremeissuethattouchesnumerousregionsincludingPCsandcorrespondence.Asoflate,manyassaultswererunondigitalsecuritythathaveinterferedwiththeclassificationofclients.Theseassaultssimplybrokeallthesecuritycalculationsandinfluenced the privacy, verification, uprightness, accessibility and recognizable proof ofclientinformation.Cryptographyisonesuchapproachtoensurethatsecrecy,confirmation,uprightness,accessibilityandrecognizableproofofclientinformationcanbekeptupandadditionallysecurityandprotectionofinformationcanbegiventotheclient.Encryptionisthewaytowardchangingoverordinaryinformationorplaintexttosomethingvastorcyphermessagebyapplyingnumericalchangesorformulae.Thesescientificchangesorformulaeutilized for encryption forms are called encryption calculations. Among data encryptiontechniques,DES,3DES,AES,Blowfish,Twofish,Threefisharesymmetrickeycryptographiccalculations, while RSA and ECC are uneven key cryptographic calculations and will beanalyzedandcomparedinthispaper.

1. Introduction

As the amount of accessible data and computational power has been growingexponentially, securing information is becoming more important than ever. MoxieMarlinspikestates the importanceofencryption isbasedon itsallowingpeople tobreaksmalllawsinahiddenmanner,allowingsmalltestsforsocialprogresstomakenecessarychanges in the imperfect law. Thus, he makes encryption open for everyone to alloweveryonetohidewhattheywanttohide.ThoughIclearlydisagreewiththisanarchist’sbaseofthought,Iagreethatencryptionisanimportantaspectofmodernsocietythatmustbedeveloped on, not only because people should hide their own information but becausesecuritybreachesarebecomingmoresophisticatedbecauseoftheexistenceofanarchistswhowanttobreakthelawfortheirowngood.

Withthepremisethatthere is infinitetimeandcomputingpowergiventobreakaspecificcipher,allcouldbebrokenwithabruteforceattack.Thoughthepremiseisfalse,for


6

there also can’t exist an infinite key space (assuming that the length of the key that acomputer can process is limited), the increase in computing power requires a moresophisticatedcipher,withnoknowneffectivemethodofcryptanalysis.

Cryptographycalculationistheprocedurethatmakesinformationorsystemsecurebyperforming someencryption.Cryptography is the studyof conceiving techniques thatenabledatatobesentinasafeshapesuchthatthemainindividualreadytorecoverthisdataistheexpectedbeneficiary.Theprofoundlyutilizationofsystemsadministrationpromptstheinformationtradeoverthesystemwhileconveyingtooneandanotherframework.Whilecorrespondenceitiscriticaltoencodethemessagewiththegoalthatinterlopercan'treadthe message. System security is exceptionally in view of cryptography [7]. Essentially,cryptographyisaspecialtyofconcealingdatabyscramblingthemessage.Thespecialtyofsecuringdata(encryption)it intoamixeduporganize(scrambledcontent),calledciphercontent.Justtheindividualswhohaveakeycande-cipher(decode)themessageintoplaincontent.Theframeworkinwhichfirstdata(Plaincontent)inencodedatsendersideanddecodedintoplaincontentagainatrecipientendutilizingaremarkablekeyorsomespecificequationisknownasaCryptographicframework.Encodedmessagescannowandagainbebrokenbycryptanalysis,likewisecalledcode-breaking[6].

DatasecurityisanextremeissuethattouchesnumerousregionsincludingPCsandcorrespondence.Asoflate,manyassaultswererunondigitalsecuritythathaveplayedwiththeclassificationoftheclients.Theseassaultssimplybrokeallthesecuritycalculationsandinfluenced the privacy, verification, uprightness, accessibility and recognizable proof ofclientinformation.Cryptographyisonesuchapproachtoensurethatsecrecy,confirmation,uprightness,accessibilityandrecognizableproofofclientinformationcanbekeptupandadditionallysecurityandprotectionofinformationcanbegiventotheclient.Encryptionisthewaytowardchangingoverordinaryinformationorplaintexttosomethingvastorciphermessagebyapplyingnumericalchangesorformulae.Thesescientificchangesorformulaeutilized for encryption forms are called encryption calculations. Among data encryptiontechniques, DES, 3DES, AES, Blowfish, Twofish, and Threefish are symmetric keycryptographiccalculations,whileRSAandECCareunevenkeycryptographiccalculations.

Albeitcurrentcryptographystrategiesarebasicallyunbreakable.AstheInternetanddifferenttypesofelectroniccorrespondenceturnouttobemorepredominant,electronicsecurity iswindingupprogressively imperative.Cryptography isutilized toensureemailmessages, Visa data, and corporate information. A standout amongst the well-knowncryptographyframeworksutilizedontheInternetisverygoodprivacy,sinceitisviableandfree.

Figure 1. Encryption process


7

Many attempts have been made to provide a decisive comparison of existingsymmetric key cryptography algorithms. In [16], a comparison of several of the mostcommonsymmetrickeycryptographyalgorithmsisprovided:Blowfish,Twofish,ThreefishandRC2,RC5.Itwasconcludedthatamongthesealgorithms,Threefishcalculationusesavariablenumberofbitsrangingfrom256to1024bitsandthereatencryptstheinformation72times,makingitvirtuallyimpossibleforahackertodecryptit.

TherearebasicallyonlySymmetricandAsymmetrictechniquesofencryption.In[17],a detailed study of the symmetric encryption techniques over each other is given, withsimilar results to the ones in the paper [16]. Another survey on various most commonencryptiontechniquesisgivenin[18],presentingaviewonthestateoftheartofencryptionalgorithms,particularlyonprivatekeyblockcipherswhicharewidelyusedfordataandlinkencryption.Theworkpresentedin[18]focusesmainlyonthedifferentkindsofencryptiontechniques and comparative study all the methods, as an experimental study ofimplementations of existing encryption algorithms, also mentioning image encryptiontechniques.

On thepremiseof the information,ciphercalculationsarenamedblockciphers, inwhichtheextentoftheblockisofsettledsizeforencryptionandstreamciphersinwhichapersistent stream is passed for encryption and unscrambling. Among the calculationsthought about, some of them are block cipher like RSA, DES, AES, Blowfish, Twofish,Threefishandsoforth.Also,someofthemarestreamcipher,suchasECC,RC5.

2. Fundamental Terminology and Primary Goals of Cryptography

Thereareafewtermswhichweshouldknowforbettercomprehensionofencryptioncalculations.Thisphrasingisvitaltocomprehendinlightofthefactthatineachcalculationdepiction,wewilltalkaboutthesenormalterms:• PlainText

ThefirstcontentormessageutilizedasapartofcorrespondenceincalledasPlaincontent.

• CipherTextTheplaincontentisencodedinun-coherentmessage.ThisgoodfornothingmessageiscalledCipherText

• EncryptionEncryptionisaprocedureofchangingoverPlaincontentintoCiphercontent.Thisnon-decipherablemessagecansafelybeconveyedovertheunsecurearrange.Encryptionprocessisfinishedutilizingencryptioncalculation.

• DecryptionDecodingprocessistheturn-aroundofEncryptionprocess,i.e.Figurecontentischangedoverintoplaincontentutilizingspecificencryptioncalculation.

• KeyAkeyisanumericorAlpha-numericcontent(scientificequation).InencryptionprocessithappensonPlaincontentandinunscramblingprocessithappensonciphercontent.


8

• KeySizeKeysizeisthemeasureoflengthofkeyinbits,utilizedasapartofanycalculation.

• BlockSizeKeyciphertakesashotatsettledlengthseriesofbits.ThisfixlengthofstringinbitsiscalledBlockmeasure.Thisblockmeasurereliesoncalculation.

• RoundRoundofencryptionimpliesthathowmuchtimeencryptionworkisexecutedinentireencryptionprocesstillitgivesciphermessageasyield.Cryptographyframeworkscanbeextensivelygroupedintotwoclassifications:

• SymmetricencryptioncalculationsInvolvetheutilizationofasolitarykeythatboththesenderandbeneficiaryhave.Thiskeyiskeptmysteryamongsenderandrecipientwiththegoalthatnogatecrashercantaketheinformationtobeexchangedbyscramblingit.

• AsymmetricencryptioncalculationsCalculationofopenkeyframeworksthatutilizetwokeys,anopenkeyknowntoeverybodyandaprivatekeythatexclusivethebeneficiaryofmessagesemployments.Peoplewhorehearsethisfieldareknownascryptographers.Awryencryptiongivesgreatersecuritywhencontrastedwithsymmetrickeyencryptionhoweverintheeventofencryptionspeed,symmetricencryptionisonlead.EncryptionorCryptographyhaveafewobjectivesthatshouldbesatisfiedforclient

advantage.Presentdaycryptographyworriesabouttheaccompanyingissues:• Confidentiality

Thedatacan'tbecomprehendedbyanybodyforwhomitwasunintended.• Integrity

Thedatacan'tbemodifiedawayortravelamongstsenderandproposedbeneficiarywithoutthemodificationbeingidentified.

• Non-denialThemaker/senderofthedatacan'tdenyatalaterstagehisorherexpectationsinthecreationortransmissionofthedata.

• AuthenticationThesenderandrecipientcanaffirmeachother'scharacterandtheinception/goalofthedata.

• AccessControlJustapprovedclientscangettotheinformation.Thisisdonetostayawayfromunapprovedclientgetto.Aplain content is encodedutilizinga calculationcalled "encryptioncalculation".A

ciphercontentisunscrambledutilizingacalculationcalled"decodingcalculation".Akeyis


9

utilized at the season of encryption and unscrambling process. The security level ofcryptographyisdictatedbythekeyspaceorkeylength(sizeofkey).

Insymmetricencryptionanddecryption,thecalculationsconsideronlytheprivatekeys.However,asymmetricencryptionanddecryptionrequirebothpublicandprivatekey.Publickeyarerequiredwhenencryptionalgorithmisinitiatedbythesenderandtheprivatekeyisneededincaseswhendecryptionoccurredonthereceiverside,asdemonstratedinthefollowingfigure.

Figure 2. Symmetric encryption and decryption calculations consider only the private keys

3. Evolution of Ciphering Algorithms

In this area, we will examine the evolution of ciphering algorithms and comparedifferent cryptographic calculations for theirexecutionassessment.Thesealgorithmsareusedforacquiringarequiredyieldforanyauthenticcontributiontoalimitedmeasureoftime.

DES(DataEncryptionStandard)wasproducedinthemid1975atIBMlabsbyHorstFiestel.TheDESwasendorsedbytheNBS(NationalBureauofStandards,nowcalledNIST-NationalInstituteofStandardsandTechnology)in1978.TheDESwasinstitutionalizedbytheANSI(AmericanNationalStandardInstitute)underthenameofANSIX3.92,otherwisecalledDEA(DataEncryptionAlgorithm).TheDESwasbeforeadominatingsymmetric-keycalculation for the encryption of electronic information. Be that as it may, now it is anobsolete symmetric key information encryption technique. DES utilizes 56 bits key forencryptionandunscrambling.Itfinishesthe16roundsofencryptiononeach64bitsblock


10

ofinformation.Informationencryptionstandardtakesashotataspecificrule.Informationencryptionstandardisasymmetricencryptionframeworkthatutilizations64-bitblocks,8bits(oneoctet)ofwhichareutilizedforequalitychecks(toconfirmthekey'sintegrity)[5].Eachofthekey'sequalitybits(1each8bits)isutilizedtocheckoneofthekey'soctetsbyoddequality, that is,eachof theequalitybits ischanged inaccordancewithhaveanoddnumberof'1'sintheoctetithasaplacewith.Thekeysubsequentlyhasagenuinevaluablelengthof56bits,whichimpliesthatlone56bitsarereallyutilizedasapartofthecalculation.Soitwouldtake2klendeavorstolocatetherightkey[10].

ThestructureofDEScalculationcontainstheblockofthemessageseparatedintotwoparts.Thecorrecthalf is extended from32 to48bitsutilizinganother settled table.Theoutcome is consolidated with the sub-key for that round utilizing the XOR operation.UtilizingtheS-boxesthe48comingaboutbitsarethenchangedagainto32bits,whicharehence permutated again utilizing yet another settled table. This at this point completelyrearrangedrighthalfispresentlyconsolidatedwiththelefthalfutilizingtheXORoperation.In the following round, this blend is utilized as the new left half. Numerous securityspecialists felt the 56-bit key length was deficient even before DES was received as astandard. All things considered,DES remained a trusted and broadly utilized encryptioncalculation through the mid-1990s [6]. Notwithstanding, in 1998, a PC worked by theElectronic Frontier Foundation (EFF) decoded a DES-encoded message in 56 hours. ByoutfittingtheenergyofthousandsofarrangedPCs,thenextyearEFFslicetheunscramblingtimeto22hours.InformationEncryptionStandardcanlikewisebeutilizedforsingleclientencryptionlikeputtingawayafewinformationinhardcircle.

Initsencryptionprocedure,DESutilizes56bitskeyforencryptionanddecoding.Itfinishes the16 roundsof encryptionon each64bits blockof information. In all rounds,encryption is finished utilizing capacity F. DES have three methods of operation: ECB(Electronic Code Book), CBC (Cipher Block Chaining), CFB (Cipher Feedback) and OFB(OutputFeedback)[10].Encryptionqualityisspecificallyfixingtokeysize,and56-bitkeylengthshaveturnedouttobetoolittle inrespecttothepreparingenergyofcurrentPCs.Along these lines, NIST felt the need of new and more secure information encryptioncalculationinthefield.TheDataEncryptionStandardwasformallypulledbackinMay2005.

Thereisnosolidconstraintdiscoveredinsteadofitslittlekeysizewhichofferslesssecurity.ThemaineffectiveassaultonDESisBrutecompelassault.It'sanotherfeeblepointisitsencryptionspeedwhichismoderate.

In cryptography procedures, Triple Data Encryption Standard (3DES) is the basicname for the Triple Data Encryption Algorithm (TDEA) symmetric-key block cipheringalgorithm,whichappliestheDataEncryptionStandard(DES)encryptioncalculationthreetimestoeveryinformationblock.Triple-DESisadditionallyproposedbyIBMin1978asasubstitute to DES. Thus, 3DES is essentially the DES symmetric encryption calculation,utilizedthreetimesonsimilarinformation.ThreeDESislikewisecalledasT-DES.Itutilizesthe straightforward DES encryption calculation three times to upgrade the security ofencodedtext[4].

In this, same information is encoded two times all the more utilizing DES.Subsequently,thismakestheencryptionmoregroundedandhardertobreak.TripleDESisessentiallyaBlockcipherwhichutilizes48rounds(ThreetimestheDES)initscalculation,


11

and has a key length of 168 bits. 3-DES likewise utilizes the Block size of 64 bits forencryption(see[4]and[9]).

Triple DES may have an issue to reuse DES encryption calculation with threeunmistakablekeys.TripleDES isaccepted tobesecureup tono less than2112security,howeveritismoderate,particularlyinprogrammingcalculations[8,12].TripleDESlikewisegivessatisfactorysecurity.ThatisthereasonclientsrequiredthesuccessorofTripleDES.

TheadvantageofTripleDESisthatitisthreetimessecure(asitismixorthreeDEScalculationswithvariouskeysateachlevel)thanDESthatisthereasonitisfavoredoverbasicDESencryptioncalculation.ItgivessufficientsecuritytotheinformationhoweveritisnotthebestsinceitdevourspartoftimeanditsencryptionspeedlikewisenotasmuchasDESencryptioncalculation.

The RSA (Rivest-Shamir-Adleman) calculation is the most critical open keycryptosystem.Itisbestknownandgenerallyutilizedopenkeyplan.Itutilizessubstantialwholenumberslike1,024bitsinestimate.Ithasjustasingleroundofencryption.Itishilterkilterblockcipher.RSAisacalculationutilizedbypresentdayPCstoencodeandunscramblemessages. RSA is an awry cryptographic calculation. Awry implies that there are twodistinctivekeysthatareutilizedasapartofencryptionanddecodingprocess[1,13].

Thisisadditionallycalledopenkeycryptography,sinceoneofthemcanbeimpartedtoeverybodyandanotherkeymustbekeptprivate.Itdependsonthecalculatingissue.RSAremainsforRonRivest,AdiShamirandLeonardAdleman,whocreatedandfreelyportrayeditin1978[8].AclientofRSAmakesandafterthatdistributestheresultoftwoexpansiveprime numbers (P*Q), alongside a helper esteem (I), as their open key. The primecomponents (P*Q) must be kept mystery. Anybody can utilize people in general key toencodeamessage,yetwithasofnowdistributedtechniques,ifthegeneralpopulationkeyissufficientlyhuge,justsomebodywithlearningoftheprimevariablescanplausiblyinterpretthe message. The RSA calculation can be utilized for both open key encryption andcomputerized marks. Its security depends on the trouble of considering huge wholenumbers.

InRSAcryptographiccalculationthefundamentaldrawbackisitsencryptionspeed.It devours parcel of time to encode information. As amatter of fact this isweakness ofunbalancedkeycalculationsinlightofthefactthattheutilizationoftwolopsidedkeys.Itgivesgreatlevelofsecurityyetitismoderateforencodingdocuments.Anotherdangerinthiscalculationis fakekeyadditionatunscramblinglevelsothemysterykeyoughttobeprivateandrighttoaccomplishtheencryptionineffectiveway.

Theonlyvaluethatwillbeletknowntothepublicwillbethevaluenande.Hence,thesetwovaluesbecomepublickeys.ThesecurityoftheRSAisnotcompromisedbecauseofhowextremelydifficulttoderivepandqfromn,andalsothecyclicalnatureofmodular.Ifpandqbecomeknownpublicly, itwouldbeeasy to findout the totientφ(n),and theprivatekeyd.Theprivatekeyisthevalued,becausethatisthevalueneededtodecryptamessage.Thebeautyofthisencryptionsystemisthatwhilstanybodycansendanencryptedmessage,onlythosewiththeaccesstotheprivatekeycandecryptit.

Worthtomention,EllipticCurveCryptography(ECC)wasfoundedin1985byVictorMiller from IBMandNeilKoblitz fromUniversityofWashingtonasanoption system forexecuting open key cryptography. This ECC (Elliptic Curve Cryptography) is Based onarithmeticalstructuresofellipticbendsoverlimitedfieldsi.e.theellipticbendhypothesis.


12

ECCcreatesfaster,smallerandmoreproductivekeyswhencontrastedwithotherencryptioncalculation.Inthis,encryptionisdoneinellipticbendcondition(utilizedasapartofscience)shape.ECCisthatmuchproficientthatitcanyieldalevelofsecuritywith164blockkeythatotherframeworkrequirea1,024-blockkeytoaccomplishthatsecurityleveli.e.itoffersthegreatest securitywith littlerblock sizes that is the reason it expends lesspower [5] andsubsequently,Ellipticbendcryptographyisusefulforbatteryreinforcementmoreover.Theutilization of elliptic bends in cryptographywas proposed autonomously by Koblitz andMillerin1985.

Ellipticbendcryptographycalculationsenteredwideusein2004to2005.Essentially,anellipticbendisaplanebendoveralimitedfield(asopposedtothegenuinenumbers),thepoint values satisfying the equation, y2= x3+Ax+B. In the encryptionprocess of Ellipticcurve cryptography,wehavemanyoptions touseECC cryptographybutwewill discusssimplestway.

ConsideringanellipticcurvePm,privatekeynA<n,apublickeyPA=nAGiscalculated.Theformulaforencryptionencryptis

Pm:Cm={kG,Pm+kPb},wherekisarandomnumberFormulafordecryptiondecryptisgivenasfollows:Pm+kPb–nB(kG)=Pm+k(nBG)–nB(kG)=PmInrecentyears, it is chieflyutilizedasapartof theassetcompelledsituations, for

example, specially appointed remote systems and versatile systems. The fundamentalpreferredstandpointofECCutilizesshortkeylengthwhichpromptsquickencryptionspeedand less power utilization. For instance, a 160 block ECC encryption key size give anindistinguishablelevelofsecurityfrom1024-blockRSAencryptionkeyanditperform15timesquicker relyingon the stageonwhich it is actualized.TheburdenofECC is that itexpandsthemeasureofscrambledcontentandseconddisserviceisthatECCissubjecttoextremely complex conditions which prompt increment the intricacy of encryptioncalculation.

4. Comparison of AES, Blowfish, Twofish and Threefish Algorithms

In 1997, the National Institute of Standards and Technology (NIST) declared anactivitytopickasuccessortoDES;in2001,itchosetheAdvancedEncryptionStandardasasubstitutiontoDESand3DES.AES(AdvancedEncryptionstandard)isproducedbyVincentRijmen, JoanDaeman in 2001. TheAdvancedEncryption Standard (AES) is a symmetricblockcipherutilizedbytheU.S.governmenttosecurecharacterizeddataandisactualizedinprogrammingandequipmentallthroughtheworldfordelicateinformationencryption.AES isreally, threeblockciphers,AES-128,AES-192andAES-256.Eachcipherscramblesandunscramblesinformationinblocksof128bitsutilizingcryptographickeysof128bits,192bitsand256bits,individually.InAdvancedencryptionstandardthereare10roundsfor128-blockkeys,12roundsfor192-blockkeys,and14roundsfor256-blockkeys[11].

Foreachsituation,everysingleotherroundareindistinguishable,withtheexceptionofthelastround.


13

Eachroundinencryptionprocessadditionallytakesafterafewstagestofinisheachroundtilln.Eachroundhavefourroundsi.e.Substitutebyte,Shiftlines,MixColumnandAddroundkey.

Substitutionround:Inthisprogression,Sub-Bytesarebyte-by-bytesubstitutedamidtheforwardencryptionprocess.

MoveRows:Inthis,movingthecolumnsofthestateclusteramidtheforwardprocess(S-Boxprocess).

Blend Column: Mix Columns for stirring up of the bytes in every segmentindependentlyamidtheforwardprocedure.

IncludeRoundKey:Inthisprogression,roundkeyisaddedtotheyieldofthepaststrideamidtheforwardprocedure.Thisprogressioncontrastsfromothersduetokeysizedistinction.

InAESencryptionprocess,itutilizesdiverseroundkeys.Thesekeysareconnectedalongside other scientific operations on a variety of information. This information isavailable in blocks of specific size. This exhibit is called state cluster. This encryptionprocedureincorporatesfollowingprocedure:1. Firstinferthediverseroundkeysfromcipherkey.2. Initializethestateclusterwithblockinformationorplaintext.3. Startwithstartingstateclusterbyincludingroundkey.4. Performtheprocedureofstatecontrolinninerounds.5. Afterthetenthroundofcontrol,wewillgetthelastyieldasciphercontent.By

followingaboveprocesswegetthelastscrambledcontentorciphercontent.The built-in Wolfram Mathematica function GenerateSymmetricKey[] randomly

generates a SymmetricKey object suitable for use with cryptographic functions.GenerateSymmetricKey[opts] randomly generates a symmetric key using the specifiedoptions.

Thefollowinginputisusedtoderiveasymmetrickeyfromapassword:In[1]:= GenerateSymmetricKey["my password"]

TheoutputisgivenusingAESmethodbydefaultwithakeyof256bits.Out[1]= SymmetricKey[

Association[

"Cipher" -> "AES256", "BlockMode" -> "CBC",

"Key" -> ByteArray[{29, 206, 3, 213, 214, 242, 83, 230, 157, 224, 158,

188, 239, 43, 30, 27, 159, 247, 6, 226, 19, 121, 191, 157, 248, 169,

169, 77, 224, 38, 134, 198}], "InitializationVector" -> None]]

4.1. Blowfish Algorithm

Blowfishwas created byBruce Schneier in 1993. It is fundamentally a symmetricblockcipherhavingvariablelengthkeyfrom32bitsto448bits.Itworksonblockestimate64bits. It isa16-roundFeistelcipherandusesextensivekeywardS-Boxes.EveryS-boxcontains32bitsof information. Inhis talk"Theblowfishencryptionalgorithmretrieved"


14

(see[20]),SchneierdemonstratedtheadvantagesanddrawbacksofBlowfishtechniqueonpracticalexamples.

Figure 3. Blowfish Encryption Procedure

AboveDiagramdemonstrates theBlowfish'sF-work.The capacityparts the32bitcontributionto four8-bitquarters,anduses thequartersascontributiontoS-boxes.Theyields are includedmodulo 232 and XOR-ed to deliver the last 32-bit yield i.e. encodedinformation.ForDecryptionatanotherendasimilarprocedurehappens,yetinswitchorder[11].

Until now, no assault has been discovered fruitful against Blowfish encryptioncalculation. Blowfish is a variable key length calculation and it is having 64-bit blockcipheringalgorithm.Thecalculationcompriseoftwosubparts,oneiskeydevelopmentpartandsecondinformationencryptionpart.Informationencryptionisfinishedbyfinishing16rounds.EachroundcompriseofkeywardchangeinP-Boxandkey/informationsubordinatesubstitutioninS-Box[2].

ThecalculationcomprisesofS-BoxandP-Box.TheP-clustercomprisesof18sub-keysof32-bit.Therearefour32-bitS-boxeswith256entrieseach:

𝑆1[0], 𝑆1[1], . . . , 𝑆1[255];

𝑆2[0], 𝑆2[1], . . , , 𝑆2[255];


15

𝑆3[0], 𝑆3[1], . . . , 𝑆3[255];

𝑆4[0], 𝑆4[1], . . , , 𝑆4[255].

Forencryption,dividex into two32-bithalves,denotedbyxLandxR.Here is thepseudocodethatisused:

fori=1to16do

xL=xLXORPi

xR=F(xL)XORxR

SwapxLandxR

endfor

xR=xRXORP17

xL=xLXORP18

RecombinexLandxR.

DividexLintofoureight-bitparts:a,b,c,andd

f(xL)=((S1,a+S2,bmod232)XORS3,c)+S4,dmod232

Decodingispreciselythesameasencryptionyetturnaroundprocessistakenafter.Blowfishgivesadecentencryptionrateinprogramming.ItisconsiderablyquickerthanDES.Innumerousencryptionexperiments, theBlowfishencryptioncalculationprovedbestonaccountofsecuritylevelandthespeedofencryptionthatitprovides,whichissuperiortothevastmajorityoftheencryptionalgorithmsthatareaccessible.

LetusnowgenerateasymmetrickeyappropriateforencryptionusingBlowfish:In[1]:= GenerateSymmetricKey[Method -> <|"Cipher" -> "Blowfish"|>]

Thefollowingsymmetrickeyisgenerated:

Out[1]= SymmetricKey[

Association[

"Cipher" -> "Blowfish", "BlockMode" -> "CBC",

"Key" -> ByteArray[{173, 8, 212, 11, 10, 53, 82, 13, 116, 95, 211,

224, 72,55, 167, 21, 33, 76, 217, 247, 15, 88, 232, 22, 248, 86, 89,

193, 113, 188, 161, 6}], "InitializationVector" -> None]]

Inordertogenerateasymmetrickeywithakeysizeof512bits:In[1]:= GenerateSymmetricKey[Method -> <|"Cipher" -> "Blowfish",

"KeySize" -> 512|>]

Out[1]= SymmetricKey[

Association[

"Cipher" -> "Blowfish", "BlockMode" -> "CBC",


16

"Key" -> ByteArray[{135, 81, 237, 166, 176, 23, 180, 24, 233, 7, 97,

77, 21, 175, 112, 5, 6, 54, 66, 37, 170, 88, 53, 153, 225, 105, 198,

89, 214, 202, 112, 76, 21, 156, 240, 132, 125, 75, 113, 37, 117, 102,

59, 35, 62, 150, 62, 157, 133, 119, 14, 245, 223, 139, 31, 131, 136,

207, 0, 202, 120,223, 25, 219}], InitializationVector" -> None]]

Thekeysizemustbeamultipleof8.Whennoinitializationvectorisgiven,anewonewillbegeneratedeverytimeEncryptiscalled.WiththeinitializationvectorsettoAutomatic,arandominitializationvectorisgeneratedonce.

4.2. Twofish Algorithm

Twofish is additionally a symmetric block ciphering technique having a similarstructure. It is as well created and clarified by Schneier in 1998. Twofish utilizes blockfiguringlikeBlowfishaswell.Itisproficientforprogrammingthatkeepsrunninginlittlerprocessor (keen cards) and inserting in equipment. It enables implementers to tweakencryptionspeed,keysetuptime,andcodesizetoadjustexecution.Twofishisunlicensedandopenlyaccessiblealgorithm,utilizingkeysizesof128,192and256bits.Itconsiderstheblocksizeof128bitsandthereare16roundsofencryptioninthiscalculation.Inhistalkabout Twofish cryptanalysis rumors [19], Schneider explained the advantages anddrawbacksofTwofishtechnique.


17

Figure 4. Twofish Encryption Procedure

Abovecipheringalgorithmdemonstratesthe“roundcapacity”subroutineofTwofish.Thisroundcapacityscramblestheinformation.Thisroundcapacitymorethanonceencodestheinformation16timesandafterthatgiveslastciphermessageaftersixteenthround[6].

Intheabovecipher,X0andX1ontheleftthecontributionstothefunctioncapacitiesafter the revolution by 8 bits of one of them. The function comprises of 4 byte key-subordinateS-boxestookafterbyadirectblendingventure(MDSnetwork).Theaftereffectsof the two function capacities are joinedutilizing a PHT (Pseudo-HadamardTransform).Afterthattwocatchphrasesareincluded.Oneappropriateamongthemispivotedby1bitandafterthatbothofthesewatchwordsareXOR-edintotheoutcomeontheleft.

Forthenextround,rightandleftpartsswapped.After16roundsofencryptionthelastswapisturnedaroundandfourcatchphrasesareXOR-edwithanotherfourwatchwordstocreatethelastscrambledcontentorciphercontent.


18

Above cipher speaks to the general working procedure of Blowfish encryptioncalculation.Twofishcontainsaddupto16roundsofinformationencryptionandwegetthelast128blockciphermessageinthewakeoffinishing16roundsofencryption[2].Twofishencryptioncalculationlikewisegivesgreatlevelofsecurity.However,theencryptionspeedislowerwhenopposedtoblowfishalgorithm.

InMathematica,supportedmethods,togetherwithdefaultkeysizeandinitializationvectorsize,include:

"Blowfish" 256 64

"CAST5" 256 64

"DES" 64 64

"RC4" 256

"IDEA" 128 64

"AES128" 128 128

"AES192" 192 128

"AES256" 256 128

Therefore,Blowfishmethodshouldbeusedmultipletimes.Fortestingpurposes,wecanwritesimplecryptographicsigningandverificationfunctions:

sign[key_PrivateKey, expr_] := Encrypt[ key, Hash[expr, "SHA256"] ]

verify[key_PublicKey, expr_, signature_EncryptedObject] := Decrypt[key, signature] === Hash[expr, "SHA256"]

4.3. Threefish Algorithm

ThreefishisasymmetrickeyblockcipheringalgorithmplannedbySchneier,etal.Itwasfirstdistributedinyear2008.Threefishblockcipheringalgorithmisstraightforwardlyidentifiedwith Blowfish and Twofish. Threefish calculation is tweakable block cipheringalgorithm. Tweakable block ciphering algorithm take three information sources, a key, achangeandblockofbackrub.Aremarkablechangeesteemisutilizedtoencodeeachblockofbackrub.Thechangeesteemis128bitsforallblocksizes.Threefishencryptionutilizesthreekindofkeys:256bits,512bitsor1024bits.InThreefish,thekeysizeisequivalenttotheblocksize.Itimpliesthatitutilizesthreeblocksizesi.e.256,512or1024bits.Itappliesencryptionin72adjustsforthemostpart,yetifthereshouldbeanoccurrenceof1024blockblock size its encryption rounds are 72. Threefish uses no S-BOX or other table querieskeepinginmindtheendgoaltoabstainfromtimingattacks[11].


19

Threefishencryptioncalculationutilizesfollowingroundcapacity.Inthisencryptionprocedurefollowingstridesaretakenafter.• ThreefishusesNr/4+1differentroundkeys.• Inordertocomputethesekeystheoriginalkeywords,K0,K1….,KNw-1areadded.

Thewordst0,t1areaddedaccordingtothefollowing:t2=t0⊕t1

kNw=C240⊕k0⊕k1,……⊕kNw-1

• Thekeywords𝐾𝑠, 𝐼aredefinedas

𝐾𝑠, 𝐼 =

k s + i mod Nw + 1 , i = 0,… . , Nw − 4k s + i mod Nw + 1 + tsmod3, i = Nw − 3k s + 1 mod Nw + 1 + tsmod3, i = Nw − 2

k s + 1 mod Nw + 1 + s, i = Nw − 1

• Mixfunctiontakesa(X0,X1)andreturnsthefollowingtuple:(Y0,Y1)• Thefunction,Y0=X0+X1mod264iscomputedas

Y1=(Y1<<<R(dmod8),J)⊕Y0

• Rd,jisarotationconstantsset.• Ifdmod4==0thentheroundkeyKd/4isbeingappended.• Then,themixfunctionisapplied.

Figure 5. Threefish-512 with four rounds of encryption


20

Figure5isrepresentingThreefish-512withfourroundsofencryptionhavingplaintextblockandsub-keywithtweakvalue.Itisusingfourblocksof256bitseach.Forthiscasethe72roundsofencryptionaredone.

RegardingtheimplementationofThreefishcalculationinMathematica,asymmetrickeyobjectshouldbeconsidered.InWolframlanguage,SymmetricKey[assoc]representsallthe information needed for encryption, decryption, and other operations in a symmetriccryptographicsystem.SymmetricKeyobjectscanbeusedwithfunctionssuchasEncryptandDecrypt. When used in Encrypt, the setting "InitializationVector"->None specifies thatEncrypt should generate a new initialization vector whenever it is called.SymmetricKey[assoc]["prop"]givesthespecifiedelementofassoc.

Comparative Discussion and Results

Blowfishisnotsuggestedanylongerduetothelittleblocksizeof64bits,amongotherdrawbacks.Indeed,evenitscreatorisnotprescribingitanylonger-it'sanoldbutratherunbroken algorithm. There are some hypothetical shortcomings that can occurwith 232blocksofinformationwithCBCmodeandan8byteblockcipher.InCBCmode,randomizedinformation is successfully sent through theblockcipheringalgorithm. Inanycase,quitepossiblyithappenstoencodepreciselythesametwicewithasimilarkey;thisoutcomesinpreciselythesameblockshowingupinthescrambledyieldtwice.Ontheoffchancethatanassailantdiscoversthis,atthatpointhecanreasontherestrictiveoroftherelatingplaintextblocks.

Presently, block ciphering algorithmswith 16 byte blocks, (for example, AES andTwofish)donothavetheseworries(thissameshortcomingcanberequiredtooccurafter268bytesofencoded information;wewillneverneedtoscramble thatmuch informationwithasolitarykey).Thisisonereasonweencourageindividualstoutilizemorepresentdayciphers;thisperceptionwouldnotbeaworryforaspecificclient,butratherwithacurrentcipher,weknowitisnotaworryforanybody.

Twofishisageneral128-blockblockcipheringalgorithmwhichisadropinforAES-for the straightforward reason that it was intended to be AES. Niels Ferguson in [15]distributedanoutlandishdifferentialassaultthatbreakssixbalancesof16ofthe256-blockkeyrenditionutilizing2256stages.Startingat2000,thebestdistributedcryptanalysisontheTwofishblock cipheringalgorithm is a truncateddifferential cryptanalysisof the full16-roundadaptation.Thepaperassertsthatthelikelihoodoftruncateddifferentialsis2−57.3foreveryblockandthatitwilltakeapproximately251pickedplaintexts(32petabytesworthofinformation)tolocateanadequatecombinationoftruncateddifferentials.BruceSchneierreacted that thispaperdoesnotpresenta fullcryptanalyticassault,butrather justsometheorizeddifferentialqualities.

ThreefishisforthemostutilizedastweakableblockcipherdevelopmentinsidetheSkeinhashwork;ithasasubstantialblocksizeandhighnumberof(generallybasic)rounds;Threefishisexcessivelyparticularandnotexpresslycharacterizedforblockciphermethodsofoperation.Besides,ThreefishhasablockestimatenotquitethesameasAESapplicants(256oreven512bitsratherthan128).Thismakesitmoreimprobablethatonewilldiscover


21

itinnumerouscryptographiclibrariesandmakesithardertochangeto/fromdifferentAESapplicantsorAESitself.

InOctober2010,anassaultthatconsolidatesrotationalcryptanalysiswiththebouncebackassaultwasdistributed.Theassaultmountedaknown-keydistinguisheragainst53of72adjustsinThreefish-256,and57of72adjustsinThreefish-512.ItlikewiseinfluencestheSkein hashwork. This is a follow-up to the prior assault distributed in February,whichbreaks39and42adjustsseparately.Becauseofthisassault,theSkeingroupchangedtheturnconstantsutilizedasapartofThreefishandinthiswaythekeytimetableconstantsforcycle3oftheNISThashworkrivalry.In2009,arelatedkeyboomerangassaultagainstadiminishedcycleThreefishrenditionwasdistributed.Forthe32-roundadaptation,thetimemultifacetednatureis2226andthememorymany-sidedqualityis212forthe33-roundform,the time intricacy is 2352.17 with an insignificant memory use. The assaults were alsoworkablewiththechangedrenditionofThreefish:forthe32-roundvariant,thetimemany-sidedqualityis2222andthememorymultifacetednatureis212.

Several different encryption calculations were investigated here and we havediscoveredthateverycalculationhasitsownparticularadvantagesasindicatedbyvariousparameters.Itisobservedthatthequalityoftheeveryencryptioncalculationreliesonthekeyadministration,kindofcryptography,numberofkeys,numberofbitsutilizedasapartofakey.Longerthekeylengthandinformationlengthmorewillbethepowerutilizationthatwillpromptmorewarmthdispersal.Thus,itisnotfittingtoutilizeshortinformationgroupingandkeylengths.Allthekeysdependonthescientificpropertiesandtheirqualityreductionsasfortime.Thekeyshavingmorenumberofbitsrequiresmorecalculationtimewhichbasicallyshowsthattheframeworksetsasidegreateropportunitytoscrambletheinformation.ComparativeresultsofvariousalgorithmsonthebasisofdifferentparametersisgiveninTable1.


22

ALGORITHM 3DES AES RSA BLOWFISH TWOFISH THREEFISH

DEVELOPMENT IBMin

1978.

Vincent

Rijmen,Joan

Daemanin

2001

Rivest,

Shamir&

Adlemanin

1978

Bruce

Schneierin

1993

Bruce

Schneier in

1998

Bruce

schneier, Niels

Ferguson,

StefanLucks

KEYLENGTH 128 128 Variable Variable 16 72

ROUNDS 48 10,12,14 1 16 16 80

BLOCKSIZEbits 64 18 Variable

blocksize

64 128 256, 512 and

1024

ATTACKS

FOUND

RelatedKey

Attack

Key

recovery

attack,Side

channel

attack

Bruteforce

attack,timing

attack

Noattack

foundtobe

successful

Related key

attack

Related-Key

Boomerang

Attack

Table 1. Comparison of various algorithms on the basis of different parameters

Along these lines, each algorithm has its own strengths and weaknesses anddeterminingthebestalgorithmmaybesubjective.Anothercomparisonofparametersfordifferentencryptionalgorithmsisprovidedintablesfrom[3,14].

6. Conclusions

Fromtheaboveinvestigation,wehavediscoveredthatECCandBlowfishencryptioncalculations areperformingwith satisfying security levels and encryption speeds. ECC ishavingafewassaultsonit,yetonBlowfish,noassaultiseffectiveyet.However,Blowfishisnotpreferableduetothesmallblocksize,makingTwofishandThreefishalgorithmsmoredesirableinmajorityofpracticaluses,whentheblocksizeisoflargesignificance.

Threefishcalculationusesavariablenumberofbitsspanningfrom256to1024bitsandthereatencryptstheinformation72times,makingitalmostimpossibleforsomeonetodecrypt theencrypteddata.Theway that it is tweakableandhasanextensiveblocksizemakesThreefishoneofthemostwidelyusedcipheringalgorithms.


23

However,eachalgorithmhasitsownstrengthsandweaknessesandthealgorithmtobechosendependsonthepreferencesoftheuserandthetypeofacipheringthatshouldbeconducted.

Thebasisofthisstudyisonpre-quantumcryptography.Asthecomputationalpowerof deviceswill increase exponentiallywith the development of quantum computing, theencryptionalgorithmsthatwerelookeduponinthispaperwillbeeffectivelybrokenevenwithbrute force. It iscrucial thataquantum-resistantencryptionalgorithmisdevelopedbefore quantum computing becomes widely accessible. Research on cryptographicalgorithmssuchastheOpenQuantumSafeProjectmayprovideavaluableinsightonhowcryptographyshoulddevelopinthenearfuture.

References

A.KakkarandM.LSingh,“ComparisonofVariousEncryptionAlgorithmsandTechniquesforSecured Data Communication in Multinode Network”, Published in InternationalJournalofengineeringandtechnology(IJET),2(1),(2012).

J. W. Cornwell, “Blowfish Survey”, Department of Computer Science, Columbus StateUniversity,Columbus.

L.SinghandR.K.Bharti, "Comparativeperfomanceanalysisof cyptographicalgorithms",International journal of advanced research in computer science and softwareengineering(IJARCSSE),vol.3,no.11,(2013).

W. Stallings, "Cryptography and Network Security: Principles and Practice", (1999),Prentice-Hall,NewJersey.

Y.F.Huang,“AlgorithmforellipticcurveDiffie-HellmankeyexchangebasedonDNAtitleself-assembly”,Proceedingsof46thIEEETheoriesandapplications,(2008).

N. Islam,M.H.Mia,M. F. I. Chowdhury andM.A.Matin, “Effect of Security Increment toSymmetric Data Encryption through AES Methodology”, Ninth ACIS InternationalConferenceonSoftware Engineering, Artificial Intelligence, Networking, andParallel/DistributedComputing,(2008).

W.DiffieeandM.Hellman,“NewDirectionsinCryptography”,IEEETransactionInformationTheoryIT-22,(1976),pp.644-654.

WilliamStallings,DataandComputerCommunications,William6e,(2005).R. L. Rivest, “The RC5 Encryption Algorithm”, Proceedings of the Second International

WorkshoponFastSoftwareEncryption(FSE),(1994).D.Coppersmith,"Thedataencryptionstandard(DES)anditsstrengthagainstattacks",IBM

JournalResearchDevelop.,vol.38,no.3,(1994),pp.243-250.J.V. Shanta, “Evaluating theperformanceof SymmetricKeyAlgorithms:AES (Advanced

EncryptionStandard)andDES(DataEncryptionStandard)inIJCEMInternationalJournalofComputationalEngineering&Management”,vol.15,no.4,(2012),pp.43-49.

A.Nadeem,“Aperformancecomparisonofdataencryptionalgorithms”,IEEEinformationandCommunicationTechnologies,(2006),pp.84-89.

R.L.Rivest,“RC5EncryptionAlgorithm”,DrDobbsJournal,vol.226,(1995),pp.146-148.


24

R.Davis,“Thedataencryptionstandardinperspective”,CommunicationsSocietyMagazine,IEEE,(2003),pp.5–9.

N.Ferguson,"ImpossibledifferentialsinTwofish."CounterpaneSystems,October19(1999).Muthukumar, G., andE.DharmaPrakashRaj. "A comparative analysis on symmetric key

encryption algorithms." International Journal of Advanced Research in ComputerEngineering&Technology(IJARCET)Volume3(2014).

Surya,E.,andC.Diviya."ASurveyonSymmetricKeyEncryptionAlgorithms."InternationalJournalofComputerScience&CommunicationNetworks2.4(2012):475-477.

Thambiraja,E.,G.Ramesh,andR.Umarani."Asurveyonvariousmostcommonencryptiontechniques." International journal of advanced research in computer science andsoftwareengineering2.7(2012).

Schneier,Bruce."TwofishCryptanalysisRumors."SchneieronSecurity(2005).Schneier,Bruce."Theblowfishencryptionalgorithmretrieved."(2008).


25

Game Theory Games and Their Real World Applications

By Sunghee Kim and Sung Yoon Kim North London Collegiate School Jeju

Abstract

Thisstudyofgametheoryanditsapplicationtotherealworldlooksatonlythree

example, though there areof coursemanymore.Theexamples lookedat—andanalyzedalbeitbriefly—arethe“DollarAuction”,“Rock,Paper,Scissors(RPS)”and“Chicken”,inthatorder.Thegoalistodeterminethebestpossiblescenarioforsuccess.Thethreesuperficialstudies are supported by figures and where possible scientific analysis. No definitiveconclusions could be reached, rather it is up to the reader tomake a judgment onwhatstrategytouse.

Introduction

The dynamics of economy on the surface seem an erratic sequence of decisions,arbitrarilymadebycorporations.Howeverthereisalogicinthis“madness”:gametheory.TheinitialgametheorydefinedbyJohnVonNeumannandOskarMorgenstern,remainedinanarrowcategoryofinteractionsknownasthezero-sumgame,whereoneperson’sgainisanotherperson’sloss.1Theredefinitelyisanequilibrium,whereeachpartiescanmaximizethebenefitandminimizetheirloss.

However inpracticethedistinctionbetweenmy lossasopposedtomyopponent’sgainbecomesmoreblurred.Theeconomist,JohnNashproved,byapplyingastrategyofthebestsolutionofeachmoveandamathematicaltheorydevelopedbyDutchmathematicianJBrouwer,thatinanygamewithafinitenumberofplayersandmoves,gametheorycanbeapplied.2

Inthispaperthepracticalaspectsofthegametheoryarediscussed.Thefirststartswithatypicalzero-sumgame,andtwopossiblechoiceswhicharemutuallyexclusive.These

1 John von Neumann & Oskar Morgenstern. “Theory of Games and Economic Behaviour”. 1944. 2 John Wooders. “John Nash and his contribution to Game Theory and Economics”. (The Conversation. 2015).


26

conditionsfitperfectlywiththeinitialdefinitionofgametheory.3Thenweexplainamorecomplexscenariowhentherearethreesolutions.Thelastexamplecomplicatesfurtherthequestionbyusingthreeplayers,althoughtheymaybenon-communicative,thegameescapesthetypicalsettingofaplainzero-sumgame.

The Dollar Auction

TheDollarAuctiongameisasimple,seeminglyrationalgamethatstartsbyarranginganauctionforadollar.Thesetupinvolvesthefollowingrules:thewinnertakesthedollarbill;however,thesecond-highestbidderalsohastopaytheamounttheybid.Forexample,apersonmaybuyadollarforjust5cents,undertheassumptionthatno-oneelseentersthebidding.Anothercrucialruletolookoveristhatthesecond-highestbidderisthebiggestloser.4

Thefirstwaythisgamecouldturnoutisifalloftheparticipantsofthegamecooperatetoletonepersonbuythedollaratthecheapestpossiblecost.Inthiscase,theonlyloseristheauctioneer.Thisistheonlycasewheretheauctioneerloses.

Another possible outcome of this game is if the participants are playing a non-cooperativegame.5Supposingthebidgoesupinlotsoffivecents,aprimarycriticalpointismetwhenaplayerbids55centsafterabetof50cents.Thisdecisionseems logical sincebuyingadollarfor55centsgivesaleftoveramountof45cents.However,bothplayerswillthink the same and will continue to bid higher. Therefore, after a bet of 55cents theauctioneeristheonemakingtheprofitsincethesumofthetwoplayerstopsthedollar.Thenextcriticalpointwillbemetwhenoneofthebidsisadollar.SupposeplayerBbetsadollar.Hewillnotbelosinganymoneybutwillnotbeabletomakeanyprofitalso.However,thesecond-highestbidder,whoforexamplebet90cents,willbidalargerbettominimizetheloss.Beyondthispointbothbidderswillbelosing,butwillproceedtobettominimizethedamage.

MartinShubikoftheDepartmentofAdministrativeServices,YaleUniversity,gavethefollowingscenariowhenconsideringanauctionwithanauctioneer.(Player1)and2bidders(Player2,andPlayer3),thecharacteristicfunctionisV(1)=-95cents,V(2)=V(3)=0cents,V(1,2)=0cents,V(1,3)=0cents,V(2,3)=95cents,V(1,2,3)=0cents.6

Besides the2possibleoutcomesmentionedbefore,anon-cooperativeequilibriumpointwhere the firstbidderbidsonedollarandnooneelsebidsmayoccur.However, asecondbiddercanbid105centstoinflictdamagetothefirstbidder.Inthiscase,theoutcomemaybethesamewiththesecondscenariomentioned.

Acrucialpointtonoticeisthatthegameisusuallyanindependentgameinwhichcommunicational conditionsmay be lacking. It is generally accepted that is not easy forpeopletocooperatewhentheyareinanon-cooperativegamecondition.Thereforethebesttacticforabiddertotakewouldbetofirstbid5centsandthenimmediatelyannouncethat

3 “Definition of Game Theory”. (Merriam-Webster. 2017). 4 Douglas Noll. “The Dollar Auction Game: A Lesson in Conflict Escalation”. 2000. 5 Wonbin Kang. “Non-Cooperative Game Theory”. (n.d.). 6 Martin Shubik. “The Dollar Auction Game: A paradox in non-cooperative and escalation”. (n.d.).


27

heorshewillbidonedollarifanyotherpersonbidslessthanonedollar,and,thatheorshewillbet5morecentsifanyonebidsmorethanonedollar.

Rock Paper Scissor (RPS)

RockPaperScissors(RPS)issimplyastrategicgamethatuseshistorymatchingandfrequency analysis to randomly guess.7 Of course some people randomly use differentchoiceswithoutthinking,butinarationalperson’spointofview,thereisahighpossibilitythattheywillfollowaparticularpatternofstrategy.

Theplayerwhowins,islikelytorepeathiswinningchoice,whiletheplayerwhohaslostisverylikelytochangehisorheroption.However,ifthishappens,theloserwillbeabletopredictwhatthewinnerwillchooseforthenextround,whichmakesthewinnerchangehisorheroption,toavoidlosing.

Iftheloseragainlosesthenextroundandcontinuestodoso,heorsheisverylikelytochangethechoicetotheonethatwillwintheoptionthathasjustbeenwonbythepreviouschoice.Forexample,ifplayerAlosesafterusingpapertoplayerB’sscissor,playerAismostlikelytochangehisorherchoicetorock,whichcanbeatplayerB’sscissor.AsplayerBisthewinner, he or she is likely to remain with the previous choice—the strategy seemsreasonable.

Therefore the strategy for Rock Paper Scissor is, if you have lost the first round,changeyourchoicetothatwhichpreviouslybeatyourchoice.Ifyouhavewon,donotstaywithyourchoicesincethelosercaneasilypredictthatchoice.Instead,switchtowhateverwouldbeatthechoiceofwhatwouldhavebeatenyourpreviousoption.Moresimply,choosewhattheloserhaspreviouslyused.Asimpleexamplehereisifyouwinaroundwithrock,the opponent is likely to switch to paper. Then you should now change your choice toscissors.

There are also some fun events around theworld that relates to this kind of RPSstrategy.TheWorldRPSSocietyholdsaRockPaperScissorcompetitionperiodicallythatiseagerly attended.8 The representative of this society isMr. Smallsoa,whoworked as thechairman from1987to2010,andpublishedabookcalledTrioofHands—(exceptionallyhardtocomeby)—inordertoexplainthestrategiesofRockPaperScissor,andreceivedtheLifetimeAchievementAwardfromtheRPSSocietyforover30times.participation.Hetoldtheworldthat“tothebeginnerthechoicesarefew;totheexpertthechoicesaremany”.9

Thereisanexampleofanauctionhousematchaswell.In2005,TakashiHashiyama,theCEOofJapanesetelevisionequipmentmanufacturerMasproDenkoh,decidedtoauctionoffthecollectionofImpressionistpaintingsownedbyhiscorporation,includingworksbyworldwide famouspainters.Hehad contacted twoauction companies, asking them for aproposalforwhattheyplantodotosellthepaintings.Bothfirmswroteoutelaborateplans,but Hashiyama did not get satisfied. So he asked the two firms to decide it amongst

7 “The Official Rules of Rock Paper Scissors. The Official Rules of RPS Play”. (World RPS Society. (n.d.)). 8 “World Championships”. (World RPS Society. (n.d.)). 9 Douglas Walker. “The Quest for the Trio of hands”. 2006.


28

themselves,andaddedthathealsowantedtoselltheCézanne's1877painting“LargeTreesUndertheJasdeBouffan”,worthanestimated$12–16millionU.S.Dollars.10

Thefirmscouldnotcomeupwithadecision.HashiyamaaskedthemtodecidethenbyRockPaperScissor,andadded,"itprobablylooksstrangetoothers,butIbelievethisisthebestwaytodecidebetweentwothingswhichareequallygood".11

Theauctionfirmsonlyhadaweekendtomakeachoice,andfirmCgotasuggestionfrom11-year-oldtwindaughterstochoose“Scissors”,because"Everybodyexpectsyoutochoose'Rock'."FirmBhadnoparticularstrategyandthoughtthegameasagameofchance,andsochose“paper”.FirmCwonthegameandsoldthepaintingsandtreeby$20million,bringinghugebenefitstothefirm.ThisshowedthathavingastrategyforRPShasahigherpossibilityofwinningthegame.12

Finally,thefigurebelowmaygivethereadersomeinsightintoRPS“state-of-play”.13Tobetterunderstandtheabovethe“NashEquilibrium”mustcomeintothe“equation”.Itissimplyapairofstrategiesinwhicheachplayer’sstrategyisthebestresponsetotheotherplayer’sstrategy.14

Chicken Game

The Chicken Game is a game which is used to determine who is more cowardlybetweentwopeople.15Twodriversapproacheachotherwiththefullspeedoftheircarsfromoppositedirectionshavingachoicetoeitherturnthehandle,orcontinuestraight.Thefirstpersontochangedirectionsiscalledthe“chicken”.Ifyoucontinuemovingforward,youwill 10 Paul Cezanne famous works. (n.d.). 11 Stacey Conradt. “The Time Sotheby’s and Christie’s Played Scissors’ for a Cezanne”. 2015. 12 Tom Hale. “Here's How To Always Win At Rock, Paper, Scissors”. 2016. 13 “Gains of Player 1, Gain of Player 2. (n.d.) (n.a.) 14 “Applying Nash Equilibrium to Rock, Paper, Scissors”. Cornell University. (n.d.) (n.a.). 15 “Game of Chicken”. (Game Teory.net.). (n.d.) (n.a).


29

notbeachickenbutyoumightendupinahugecarcrash.Thefineoutcomeiswhenbothswitchdirectionswithoutmakinganywinners.Ifonlyonepersonswerves,therewillbeaclearwinner.16Thisconnectstothedilemmathat“forthebestoutcome,youhavetorisktheworstoutcome.”

ThepossibleoutcomesoftheChickenGameismadeintoatableliketheonebelow.Two versions of the matrix for this game are presented, figure 1 explaining the actualoutcome,andfigure2usingsettingnumericalvaluestotheresultsinfigure1.Yougain1whenyouwin,lose1whenyouswerve,butneedstopayacostof-10whenyoucrash.Whatisthebestchoicethen?

Sinceyoulose10whenyouswerve,andasthisresultissoharmfulcomparedtowhatyougainwhenyouwin,itisbettertoswervethantocrash.Therefore,itseemsreasonableforyoutoswervebecauseitneverwillresultinacrash.Inthiscase,thereismorethanoneNashequilibrium,whichis“apairofstrategiesforwhichneitherplayergainsbychanginghisownstrategy.”Inthechickengame,thetwosituationsarewhenbothplayerschoosetoeitherswerveorcontinue.17

TheChickenGamecansometimesbeshowninconflictsbetweentwocountrieswhentheyaretryingtopredictwhattheothercountriesaretryingtodo.Forexample,whenbothcountries decide to stay quiet, they will gain nothing and lose nothing. However, if onecountries decide to attack another country, the country who was not prepared will getdefeated.Whenbothcountriesgetpreparedforawarandattackeachother,theywillbothlosealotofsoldiersandcitizens.

Conclusion

This reporthasdealtwith threemainexamplesof appliedgame theorywhicharechickengame,rock-paper-scissoranddollarauction.Theultimategoalofthispaperwasto figure out an absolute rule for a winning strategy. For each of the games, possibleoutcomeswereconsideredtofindoutthebeststrategy.Thiswassupportedbyfiguresandexperiments conducted by various international organizations. However, since it is 16 “Chicken”, Stanford University. (n.d.) (n.a.) 17 “Economic Chicken vs. Mutually Assured Destruction”. 2007. (n.a.)


30

impossibletohaveapossibilityof1foronescenarioinagameplayedby2ormorepeople,thereisonlythe‘bestpossiblechoice’thatcanbemade.

Ifgivenmoretime,wewouldhavelikedtoresearchmoreaboutthechickengame,prisoner’sdilemma,battleofthesexes,warofattrition,andtraveler’sdilemma.

Bibliography

“ApplyingNashEquilibriumtoRock,Paper,Scissors”.CornellUniversity.(n.d.)(n.a.).https://blogs.cornell.edu/info2040/2014/09/12/applying-nash-equilibrium-to-rock-paper-and-scissors/

“Chicken”, Stanford University. (n.d.) (n.a.). https://cs.stanford.edu/people/eroberts/courses/soco/projects/1998-99/game-theory/chicken.html

Conradt, Stacey. “The Time Sotheby’s and Christie’s Played Scissors’ for a Cezanne”. 2015. http://mentalfloss.com/article/64401/time-sotherbys-and-christies-played-rock-paper-scissors-cezanne

“DefinitionofGameTheory”.(Merriam-Webster.2017).https://www.merriam-webster.com/dictionary/game%20theory

“Economic Chicken vs. Mutually Assured Destruction”. 2007. (n.a.) https://archive.mishtalk.com/2007/10/22/economic-chicken-vs-mutually-assured-destruction/

“Gains of Player 1, Gain of Player 2. (n.d.) (n.a.). https://www.google.com/search?tbm=isch&source=hp&biw=1366&bih=662&ei=0ysfWtfwGoOK8gWTxozYCA&q=rock+paper+scissors+&oq=rock+paper+scissors+&gs_l=img.12..0l10.796.9387.0.14095.20.18.0.2.2.0.1021.3184.6-3j1.4.0....0...1ac.1.64.img..14.6.3201....0.uMlaaaYzpLo#imgrc=KOAGbhrXTTV4bM:

“Game of Chicken”. (Game Teory.net.). (n.d.) (n.a). http://www.gametheory.net/dictionary/games/GameofChicken.html

Hale, Tom. “Here's How To Always Win At Rock, Paper, Scissors”. 2016. http://www.iflscience.com/editors-blog/how-to-win-at-rock-paper-scissors/

Kang, Wonbin. “Non-Cooperative Game Theory”. (n.d.). https://scholar.harvard.edu/wonbinkang/files/tedy_game_theory.pdf

Noll, Douglass. “The Dollar Auction Game: A Lesson in Conflict Escalation”. 2000. https://www.mediate.com/articles/noll1.cfm

Paul Cezanne famous works. (n.d.). “Large Trees at Jas de Bouffan”. https://www.wikiart.org/en/paul-cezanne/large-trees-at-jas-de-bouffan-1887

Shubik, Martin. “The Dollar Auction Game: A paradox in non-cooperative and escalation”. (n.d.). http://perso.ens-lyon.fr/pierre.lescanne/ENSEIGNEMENT/GAMES_AND_LOGIC/Shubik_1971.pdf

“The Official Rules of Rock Paper Scissors. The Official Rules of RPS Play”. (World RPS Society. (n.d.). http://worldrps.com/2010/09/

Von Neumann, John & Morgenstern, Oskar. “Theory of Games and Economic Behaviour”. Princeton University Press. New Jersey, U.S.A. 1944.

Walker, Douglas. “The Quest for the Trio of hands”. 2006.http://worldrps.com/the-quest-for-the-trio-of-hands/


31

Wooders, John. “John Nash and his Contribution to Game Theory and Economics”. (The Conversation. 2015). https://theconversation.com/john-nash-and-his-contribution-to-game-theory-and-economics-42355

“World Championships”. (World RPS Society. (n.d.)). http://worldrps.com/world-championships/


32

Congruence in Number Theory

Andrew C. Candish Troy High School

Introduction

Congruence isoneof theconcepts that formthecoreofnumber theory.Thereareseveralobservationsthatsurroundtheconceptofcongruence.Oneofthemisthatwhentwooddnumbersaremultipliedtheresultisalwaysanalwaysanoddnumber.Forinstance4747×83 = 3901and2395×9751 = 23353645.Also,theproductofanytwoevennumbersisalwaysanevennumber.Forinstance6×10 = 60and44×92 = 4048.Additionally,theresultofmultiplyinganoddnumberwithanevenoneisalwayseven.Forexample31×4 =124. When two odd numbers are added together, the result is an even number. Forinstance11 + 33 = 44.Thisissimilartoaddinganevennumbertoanotherevennumber,astheresultisanevennumber.Forinstance560 + 40 = 600.Anadditionofanoddnumberand an even one gives an odd number as the result. For instance23 + 30 = 43. Thisinformationcanbesummarizedbelowthus:Multiplicationtable

o e

e e e

o o e

AdditionTable

o e

e o e

o e o

These observations are so primary that it is easy to wonder what beneficialconclusionscanbedrawnfromthem. In fact, theseobservation formthecore innumbertheory.A lotofproblems thatarepresented innumber theory take the form thus: if the


33

function𝑓isapolynomialthathasanumberofvariablesthathaveintegercoefficients,ifweequate the function to 0, will it have integer solutions? These questions were asked byDiophantus,aGreekmathematicianandweresubsequentlynamedDiophantineproblemsinhishonor.AnexampleofusingDiophantineequationsincongruenceisshownattheendofthediscussion.

Focusing question

Congruentrelationsexhibituniquecharacteristicswhichenablethemtobeappliedinadvanced areas such as cryptography. Towhat extend to those relations exhibit similarcharacteristics as those of ordinary relations. Can operations such as addition andmultiplicationsbeappliedtothem?

Basic Properties

ThereisabranchofnumbertheoryknownasthetheoryofcongruenceswhichwasintroducedbyGausswhichisimperativeinsolvingmanyissuesthatsurrounddivisibilityofintegers.

Definition1:Givenintegers𝑞, 𝑝and𝑚,and𝑚 > 0,itissaidthatqiscongruentto𝑝modulom,written as𝑝 ≡ 𝑞(𝑚𝑜𝑑𝑚). If thenumberobtainedbydividing thedifferencebetweenpandq(p-q),isdividedbym,mistermedasthemodulusofthatcongruence.Inmathematical representation or notation the congruence is equivalent to the followingdivisibilityrelation:

𝑚|(𝑝 − 𝑞).Particularly,𝑝 ≡ 0(modm)onlywhen𝑚|𝑝.Therefore,𝑝 ≡ 𝑞(modm)onlywhen𝑝 − 𝑞 ≡ 0(𝑚𝑜𝑑𝑚).Ininstanceswhere𝑚 ∤ (𝑝 − 𝑞)thenotation𝑝 ≠ 𝑞isused,anditissaidthatpandqareincongruentmodm.

To clearly exemplify this, here are few examples:19 ≡ 7(𝑚𝑜𝑑12), 3� ≡−1(𝑚𝑜𝑑5).Alsoif𝑘isoddofonlyif𝑛 ≡ 1(𝑚𝑜𝑑2)and𝑘isevenonlyif𝑛 ≡ 0(𝑚𝑜𝑑2).If𝑝 ≡ 𝑞(𝑚𝑜𝑑𝑑)then𝑝 ≡ 𝑞(𝑚𝑜𝑑𝑚)whenever𝑚|𝑑,𝑚 > 0.

The≡symbol isknownas thecongruencesymbolandwaschosenbyGauss inanattempttosuggestananalogywiththeequals(=)symbol.Congruentrelationspossessmanypropertiesthatareordinarilyassociatedwithformalequations.

Proofs

Theorem1:Acongruentrelationisanequivalenceone.Thisisbecauseitpossessesproperties such as reflexivity such that 𝑝 ≡ 𝑞(𝑚𝑜𝑑𝑚) and symmetry 𝑝 ≡ 𝑞(𝑚𝑜𝑑𝑚)implying𝑞 ≡ 𝑝(𝑚𝑜𝑑𝑚).Additionally, thetransitivityproperty isexhibitedbycongruentrelationssuchthat𝑝 ≡ 𝑞(𝑚𝑜𝑑𝑚)and𝑞 ≡ 𝑟 𝑚𝑜𝑑𝑚 implythat𝑝 ≡ 𝑟(𝑚𝑜𝑑𝑚).

Proof:Fortheproofoftheseproperties,theycanbedirectlyderivedfromdivisibilityproperties.Forreflexivity,𝑚|𝑛whileforsymmetrywhen𝑚| 𝑝 − 𝑞 then𝑚|(𝑞 − 𝑝).Fortransitivity,when𝑚|(𝑝 − 𝑞)and𝑚|(𝑞 − 𝑟)then𝑚| 𝑝 − 𝑞 + 𝑞 − 𝑟 = 𝑝 − 𝑟.Theorem 2: 𝑖𝑓𝑝 ≡ 𝑞(𝑚𝑜𝑑𝑚) and 𝛼 ≡ 𝛽(𝑚𝑜𝑑𝑚) then it follows that


34

i) 𝑝 ∝≡ 𝑞𝛽 ≡ (𝑚𝑜𝑑𝑚)

ii) 𝑝𝑥 + 𝛼𝑦 ≡ 𝑞𝑥 + 𝛽𝑦(𝑚𝑜𝑑𝑚)forallintegers𝑥aswellas𝑦

iii) 𝑝� ≡ 𝑞�(𝑚𝑜𝑑𝑚)forallpositiveintegersn

iv) 𝑓 𝑝 = 𝑓 𝑞 (𝑚𝑜𝑑𝑚)forallpolynomials𝑓,thathaveintegercoefficients.

Proof:i) Since𝑚|(𝑝 − 𝑞)andthat𝑚|(𝛼 − 𝛽)thenitfollowsthat𝑚|𝑥 𝑝 − 𝑞 +

𝑦 𝛼 − 𝛽 = 𝑝𝑥 + 𝛼𝑦 − (𝑞𝑥 + 𝛽𝑦)

ii) Thisproofcanbederivedfromtheproofaboveinpart(i)byobservingthat𝑝𝛼 −

𝑞𝛽 =∝ 𝑝 − 𝑞 + 𝑏 ∝ −𝛽 ≡ 0(𝑚𝑜𝑑𝑚)

iii) Taking𝛼 = 𝑝and𝛽 = 𝑞frompartiiabove,andapplyinginductiononn.

iv) Usingpartiiiaboveandthedegreeof𝑓todoinduction.

Thereareseverallessonsthatcanbedrawnfromtheorem2above.Oneisthattwocongruencesthathavethesamemoduluscanbemultiplied,added,orevensubtractedasiftheywereordinaryequations.Thisisalsotrueforanygivennumberofcongruencesthathavethesamemodulus.

Having proven a number of properties around congruences, it is imperative toexamine an example and show the usefulness of congruences. An example is testing fordivisibilityby,say9.Agivenintegerk<0isdivisibleby9onlywhenthesumofthedecimalsobtainedbyexpandingitisdivisibleby9.Usingcongruences,itiseasytoprovethisproperty.Assumingthatthedigitsofkare𝑐�, 𝑐 , 𝑐�, … . 𝑐�,then𝑘 = 𝑐� + 10𝑐 + 10�𝑐� + ⋯+ 10�𝑐�.By applying theorem 2 above, and usingmodulo 9, 10 ≡ 1, 10� ≡ 1,10� ≡ 1 (mod 9).Therefore, 𝑘 ≡ 𝑐� +𝑐 + ⋯+𝑐�. It is all-important to note that all the congruencesadditionallyholdmodulo3too,henceanumberisalwaysdivisibleby3onlyininstanceswhenthesummationofitsdigitsalsodivisibleby3.

Theorem3:If𝑑 > 0then,𝑝 ≡ 𝑞(𝑚𝑜𝑑𝑚)onlywhen𝑝𝑑 ≡ 𝑞𝑑(𝑚𝑜𝑑𝑚𝑑).Proof: Since we have 𝑚|(𝑞 − 𝑝) only when𝑑𝑚|𝑑(𝑞 − 𝑝).

Theorem4:Thistheoremisusedtodescribethecancellationlawwhichisappliedincaseswhere themodulus is indivisibleby the common factor. It states thus:when𝑝𝑘 ≡𝑞𝑘(𝑚𝑜𝑑𝑚)and𝑑 = (𝑚, 𝑘) then𝑝 ≡ 𝑞 𝑚𝑜𝑑 ¢

£.Thiscanbeexplained insimpler terms

thus a common factor k is cancellable given that themodulus is divided by𝑑 = (𝑚, 𝑘).Particularly,afactorthatiscommonbetweenthetwothatisrelativelyprimeforthemodulusispossibletobealwayscancelled.


35

Proof:Because𝑝𝑐 ≡ 𝑞𝑐 𝑚𝑜𝑑𝑚 thenwehave 𝑚 𝑐(𝑝 − 𝑞)then¢£| ¤£(𝑝 − 𝑞).But

then(𝑚/𝑘, 𝑐/𝑘) = 1therefore𝑚/𝑘|(𝑝 − 𝑞).Theorem5:Assuming𝑝 ≡ 𝑞𝑚𝑜𝑑 𝑚 ,𝑤ℎ𝑒𝑛𝑑/𝑚and𝑑/𝑝then𝑑/𝑞.Proof:Itsufficestomaketheassumptionthatd>0.Ifd|mthenitfollowsthat𝑝 ≡

𝑞(𝑚𝑜𝑑𝑚)hastheimplication𝑝 ≡ 𝑞(𝑚𝑜𝑑𝑑).However,ifd|pthen𝑝 ≡ 0(𝑚𝑜𝑑𝑚)whichimplies𝑝 ≡ 𝑞(𝑚𝑜𝑑𝑑).Butwhend|pthenitmeans𝑝 ≡ 0(𝑚𝑜𝑑𝑑)so𝑞 ≡ 0𝑚𝑜𝑑𝑑.

Applications

1. Findthesolutionfor6𝑦 = 7(𝑚𝑜𝑑8)Because(6,2)=2∤ 7thenthereexistnosolutions.

2. Findthesolutionfor3𝑦 = 7(𝑚𝑜𝑑4)Because(3,4) = 1|7thereexistonesolutionformod4.Thereareanumberofwaysoffindingthesolution.OneofthewaysistheapplicationoflinearDiophantineequations.3𝑦 = 7(𝑚𝑜𝑑4)Impliesthat3𝑦 + 4𝑥 = 7forsomex.Inspectingclosely,𝑦� = 1𝑎𝑛𝑑𝑥� = 1isoneofthesolutions.TheGCDof3and4,denoted(3,4)is1,hencethegeneralsolutionis𝑦 = 1 + 4𝑘, 𝑥 = 1 − 3𝑘.Thexequationisirrelevant.Theyequationisusefulandsays𝑦 = 1(𝑚𝑜𝑑4).The above example shows that there is a wide application of the concept of

congruenceinotherareassuchasdeterminingexistenceofsolutionsinsuchproblems. Conclusion

The concept of congruence and the proofs around the operations of congruentrelationshipsisimperativeinthenumbertheory.Theoperationsofcongruentrelationsareproventobeinlinewiththoseofordinaryequationsorproperties,especiallymultiplication,subtraction as well as divisibility, which makes their operations applicable in manysituations.


36

Permutations and Combinations

James Clintfield Cleveland High School

Abstract

Mathematicsfrompasttimeshasprovedtobeoneofthedifficultsubjectprobablybecauseitrequirestoomuchofreasoningandgreaterthinkingcapacities.Asifthatisnotenough,thepoormethodsofpresentationandunfriendlyattitudeofsometeachersmakesthesituationtoappeardifficultsuchthatmathematicscontinuestoattracttheinterestofveryfewpeopleandthepercentageoffemalesamongthemisveryinsignificant.Mostofthestudentsstudyingmathematicsresultedtoitbecausetheyhadnootherwisebynotbeingadmittedtothecourseoftheirchoice.PermutationandcombinationisoneofthetopicsinMathematicsthatposeproblemstostudents.Inthispaper,weexplainhowpermutationandcombinationcouldbetaughtusingplaywayapproachamongothermethodsthatcouldbeused.Atthesametimeinthispaperanewmethodofgeneratingpermutationsinamoreorderlymannerisdeveloped

Focusing Questions

Inagivenquestion,howdowerecognizethatitaskswhetherforpermutationorforcombination?Andwheredoesordermatterbetweenpermutationandcombination?

Introduction

Combinatoricsisthebranchofmathematicswhichdealswithcollectionsofobjectsthatsatisfyspecifiedcriterialikecountingarrangements,permutations,andcombinations.Forexample,combinatoricswouldanswerthequestion"howmanydifferentwayscanyouarrangea20-songplaylistifyouhave60songstochoosefrom?"

Combinationsisthebranchofcombinatoricswherechangingtheorderoftheobjectsdoesnothaveagreatermeaning.Forexample,thequestion"howmanyteamsof10baseballplayerscanamanagerassemblefromarosterof18players?"isacombinationsquestionsincechangingtheorderinwhichtheplayerischosendoesnotcreateanewarrangement.Permutationsisthebranchofcombinatoricswherechangingtheorderoftheobjectscreatesa greatermeaning. For example, the question "howmany different ways can a baseball


37

pitcherwhothrows6uniquepitchesthrowthenext3pitches?"isapermutationsquestionbecause changing the throwing order creates a new arrangement like, throwing fastball,sinker,changeupisdifferentthanthrowingsinker,changeup,fastball.

Body

Permutationsinvolveproblemsinwherethearrangementofitemsistakeninto.Someexamplesofcommonproblemsarearrangingbooksonashelf,creatingaseatingchartormakingascheduleandtimetable.Inallofthesesituations,movingthingsaroundcreatesadifferentarrangement,chart,orschedule.Suggesting,ifchangingtheorderoftheitemsinquestioncreatesauniquelydifferentarrangement,thenoneisdealingwithapermutation.

There are two general ways to solve these problems. The first method involvesdrawingtheproblem.Thesecondinvolvestheuseofaformula.Forsimplerproblemsitisoftenpossibletodrawthearrangement.However,astheproblemsbecomemoredifficult,drawingtheproblemcanbecomemorepronetoerrorsandusingtheformulamaybebest.Inpermutation we have basically two types of permutation, which are permutation withrepetitionandpermutationwithoutrepetition

Permutation with repetition

Whenwehavea totalnumberof items toben, this simplymeans thatwehavenchoiceseachandeverytime.Onchoosingrofthem,wehavethepermutationtoben×n×...(rtimes).thiscanbetranslatedthatforthefirstchoicewehavenpossibilities,thenforthesecondchoicetherearenpossibilitiesandwithregardtothatitkeepsonmultiplyingeachtime.Itnowbecomescheapertowritedownasanexponentofr.n×n×...(rtimes)=nr,wherenisthenumberofitemstochoosefromandrarechosenfromthem.

Permutation without repetition

Herewearerequiredtomakeareductionof thenumberofavailablechoiceseachtime.Itshouldalsobenotedthatwithoutrepetitionourchoicesgetreducedeachtimeandit ismathematicallywritten as a factorial function (!) thatmeans tomultiply a series of

descendingnaturalnumbers.Theformulaiswrittenas wherenisthenumberofthingstochoosefromandwechooserofthemwithoutrepetitionandordermatters.


38

Combinations

Permutationsarenot similar to combinations since combinationsdonot considerorder.Thenumberofpossibleeuchrehandsorthenumberofteamsthatcanbecreatedinagym class are just a few examples. In both cases, the order does not matter. Unlikepermutations,combinationscannotbeeasilysolvedbydiagrammingtheproblem.Theyarealso of two types consisting of combinations with repetition and combinations withoutrepetition.Majorlyundercombinationswithoutrepetition,thenumbersaredrawnoneatatime.Thismeansthattheorderdoesmatterandthenitalterssothatorderdoesnotmatter.Henceweadjustthepermutationformulatoreduceitbythenumberofwaysthattheobjectscouldbeordered.Thisisduetothereasonthatwearenottotallyinterestedintheirorder.

Hence wherenisthenumberofitemstoselectfromandrarechosenfromthem.

Discussion Permutation without Repetition sample question

Howmanydifferentarrangementsisthereforthelettersa,b,c,d,e?Thisisapermutationwithoutrepetitionbecauseanarrangementofa,b,c,d,emust

includeallthelettersa,b,c,d,ande.For,example,a,a,b,b,bisnotanarrangementofa,b,c,d,e.Therefore,thisisapermutationwithoutrepetition.If you choose r objects out of a group of n distinct objects,

Yougetnpr=n!/(n-r)!Forthisquestion,wearechoosing5objects(a,b,c,dande)outof5objects(a,b,c,d,

e),soweget:5P5=5!/0!=5*4*3*2*1/1=120(Remember:0!=1)

Permutation with repetition sample question

IfyoulookatthewordTOOTH,thereare2O’sintheword.BothO’sareidentical,anditdoesnotmatter inwhichorderwewrite these2O’s,since theyare thesame. Inotherwords,ifweexchange'O'for'O',westillspellTOOTH.ThesameistruefortheT’s,sincethereare2T’sinthewordTOOTHaswell.InhowmanywayscanwearrangethelettersinthewordTOOTH?

Wemust account for the fact that these 2O’s are identical and that the 2 T’s areidentical.Wedothisusingtheformula:

nPrx1!X2!Wherexisthenumberoftimesaletterisrepeated.nPrx1!x2!5P52!2!5P52!2!5P52!2!=5P52!2!=5×4×3×2×12×1×2×1=1204=30


39

WecanarrangethelettersinthewordTOOTHin30differentorders

Combination

Inhowmanywayscanagroupoffiveplayersonthevarsityboysbasketballteambechosenfromateamof14players?Thisrepresentsacombinationof14objectstaken5atatimeandisequalto2,002.14C5=14/(9!5!)=(14*13*12*11*10)9!=2002

Inconclusioncanclearlyseefromtheexamplesabovethatifnbecomebigger,thetaskofexhaustivelylistingandcountingallthepossibleoutcomesofthearrangementsbecomes a difficult task. Hence we cannot effectively carry out this without the use ofcomputer.Todeterminethenumberofpossibleoutcomesweneedanelegantmathematicalformulaliketheresultswehaveobtainedabove.

References

Gaveth,Williams,PracticalFiniteMathematics.Toronto.AllynandBaconInc,pg.208210,(1976).

KennethH.Rosen,Discr.Math.&itsApplications,Singapore.McGraw–Hill,232-296,(1991).C.MooreM.LaisinandO.C.Okoli,Generalizedr-permutationandr-combinationtechniques

fork-separableinclusiontoappearinInternationalJournalofAppliedMathematicsandStatistics(IJAMAS),2010

Acknowledgement

I am grateful to the article of C. Moore M. Laisin and O.C. Okoli, Generalized r-permutationandr-combinationtechniquesthathelpedmethroughoutmyreferencing.


40

Primality in Number Theory

Janet Flume Friedley Senior High School

Introduction

Theconceptofprimalityiscentraltothenumbertheoryconcepts.Primenumbersarethenatural integerswithnopositivedivisorsapart fromoneand itself.Naturalnumbersgreater than one,which are not prime numbers are commonly referred to as compositenumbers. For instance, five is a prime number solely because five and one are its lonepositive,numericalfactors.Ontheotherhand,sixisnotaprimenumberbecausetwoandthreeareitsdivisorsinadditiontooneanditself.Thefundamentaltheoremestablishestheprincipleroleofprimalityinthenumbertheory.Itstatesthatintegersgreaterthanonemaybeexpressedasproductsofprimesuniquelyintermsofordering.Thedistinctivenessoftheconceptionrequires theexclusionofoneasaprimenumberbecauseof thepossibilityofincluding one in factorization. For instance, 3, 1·3, 1· 1 c3 and so on, are legitimatefactorizationofthree.Thetrialdivisionisaslowbutsimpleapproachfortheverificationoftheprimalityofanygiveninteger.Theprocessentailsascertainingwhetheranintegerisamultipleofanynumberbetweentwoandtherootoftheinteger.However,algorithmsareconsideredtobemuchmoreeffectiveinthetestingofprimalityofrelativelylargerintegers.Evennumbersgreaterthantwoarenotconsideredasprimenumbersbecause,bydefinition,suchnumbershaveatminimumthreediscretedivisors,namelyone,two,anditself.

Fundamental Theorem of Arithmetic

Thecriticalimportanceofprimalitytomathematicsandnumbertheoryinparticularstemsfromthearithmeticfundamentaltheorem.Theconceptionassertsthatintegerslargerthanonemaybeexpressedasprimeproductsinwaysthatareuniquewithregardstotheorderofthefactorsofprimality.Forinstance,23244isequivalentsto149·13·3·22.Intheexample, it is evident that similar prime factorsmay transpiremultiple times. Itmaybedecomposed as follows: n = p1 • p2 • p3• p4• p5• p6... • pt. The concept implies thatfactorizationofprimenumbersisidenticalexceptintheorderingoftheconstituentfactors.Therefore,despitethenumerousalgorithmsasfarasprimefactorizationisconcerned,theresultsareidentical.TheearlyGreeksdidnotconsideroneasanumber,aswellasprime.However,bytheRenaissanceandMiddleAge,mostmathematiciansbegantoregardoneasa prime number. DerrickNorman included one in his list of prime numbers. During the


41

twentiethcentury,however,thathaschangedbecauseonehasassumedaspecialcategoryreferredtoasaunit.

Prime Factorization Proof

The prime factors, in the number theory, are prime numbers that divide integerspreciselywithoutaremainder.Theprimefactorizationofintegersisalistofprimefactornumbersandtheirresultingmultiplicities,whichareofteninpowers.Forinstance,420isequivalentto2*2*3*5*7,alsoexpressedas22*3*5*7,whereby5,3and2havemultiplicitiesofone,twoandthree,respectively.Theconceptofgcdoftwointegerswillusedinprovingthatwhenpisaprimeandp|mb,thenp|morp|n.Thekeystepinthetheoremisprovingtheabovestatement.

Letgcd(r,n)=max{d|randd|n},unlessbothrandnarezerowherebygcd(0,0)isequivalenttozero.Forinstance,gcd(1,2)isequivalenttoone,gcd(6,27)isequivalenttothreeandgcd(0,m)isequivalenttom.Whenmisnotequivalenttozero,thegcdisexistentprimarilybecausewhend|mthendislessthanorequivalentto|m|,and|m|istheonlyexistingpositiveintegerlessthanorequivalentto|r|.Additionally,gcdwillexistwhennisnotequivalenttozero.Foranynumbersrandn,thegcd(r,n)willbeequivalenttogcd(n,r),gcd(±r,±n),gcd(r,n–r),andgcd(r,n+r).Itprovesthatgcd(r,n)isequivalenttogcd(r,n–r)becauseothercasesarealreadyprovedusingasimilarapproach.

Euclid’s Proof

ThetenetsofEuclid’stheoremisthatthetwo,there, five,seven,eleven,thirteen…seriesofprimenumbersuccessionorsequenceneverends.Thestatement is inhonorofEuclid,amathematicianoftheancientGreek.TheproofconsidersanypredeterminedsetofSprimenumbers.Theideaistotakeintoconsiderationtheproductofnumbersconcernedplusone.N ≡1+ П pєS p•

Justasotherintegers,thetermNiscertainlydivisibleby,atminimum,oneprimeanditself.Of theprimedivisorsofN,none isamemberof thepredeterminedset,S,ofprimenumbersbecauseoftheremainderleftbehind.Consequently,thefixedsetsofprimeextendtolargerpredeterminedsetofprimenumbers.MostoftenitiserroneouslysuggestedthatEuclid’sproofisgroundedonthesuppositionthattheinitialsetcomprisessolelyofprimenumbers, resulting to contradictions, or that it consists of smaller primes as opposed toarbitrary fixedsetsofprimenumbers. Today,nthEuclidnumber isconsideredtobethemultipleoftheleastnprimenumbersplusone.

Euler's Proof

TheEuler’sproofmakesuseofthesumofthereciprocalsofprimenumbers:S=½+1/3+ 1/5+ 1/7…1/p.The sumbecomesbigger thanarbitrary realnumbersas longasp is


42

significantly big. The scenario demonstrates that primes are infinitely many, becauseotherwisethesumwouldonlygrowuptothepointwheretheultimateprimeisachieved.TheS(p)growthisquantifiedinthesecondtheoremofMertens.Forcomparisonpurposes,thesumS=½2+1/(32)+1/(52)+1/(72…1/(n2)doesnotleadtoinfinityasnapproachesinfinity.Inthatcase,thefrequencyofoccurrenceofprimesishighercomparedtothesquaresof ordinary numbers. The Brun’s theorem asserts that the sum of the twin primes’reciprocals,(1/3+1/5)+(1/5+1/7)+(1/7+1/11)+(1/11+1/13)isfinite.

Applications

For years, the number theory and the concept of primality are considered as thecanonicalillustrationsofpuremathematics.Theseconceptscanbeusedinthedevelopmentofcryptographyalgorithms,andmostnotablyinthegenerationofpseudorandomnumbersandhashtables.Moduloarithmeticaltersarithmeticusingnumbers{0,1,2,3……n-1},withmodulus being a fixed natural integer. Calculating products, sums, and differences isexecutedasusual.However,whenhandlinganegativeintegerornumbersgreaterthann-1,themodulusissubstitutedbytheremainderafterbeingdividedbyn.Forexample,whennisequivalenttoseven,thesumoffiveandthreeisoneratherthaneightbecauseeightdividedbysevenhasoneasitsremainder.Therefore,itcanbesaidthatthesumoffiveandseveniscongruenttoonemoduloeleven.Thestatementisdenotedas5+7=1(mod11).Atthesametimethesumofsixandoneis0(mod7).Thestandardpropertiesofmultiplicationandadditionarestillapplicableinmodulararithmetic.

Arangeofmathematicaldomainsapplyprimenumbers,withSylowtheoremsbeingsomeoftheareasofapplication.Accordingtotheconception,whenGisapredeterminedsetandpnisthegreatestpowerofp,aprimethatsubdividestheorderingofG,thenthefinitegrouphasasubsetoforderpn.Inaddition,groupconsistingofprimeorderareconsideredascyclic.Severalalgorithmsofpublic-keycryptography,includingtheRSA,arefoundedonbigprimenumbers.Thisisbasedontheassumptionthatitisrelativelyeasierandefficienttomultiplytwolargeintegers(mandan)thantocalculatemandnwhenonlytheproduct(mn)ispredetermined.Theevolutionarystrategyappliedbythecicadasusestheconceptofprimality.

Conclusion

As it has been demonstrated, the concept of primality is profound in the numbertheory.

Primenumbersfindmanyusesindifferentscientificareasincludingcryptography.Oneofthemostinterestingassertionsaroundprimenumbersisthateverypositiveintegercan be uniquely expressed as a product of prime numbers, although the assertion isextremelydifficulttoprove.Primenumbersexhibituniquecharacteristics,astheyseemtogrow,justlikeweedgrows,amongnaturalnumbers,obeyingnootherlawotherthanthatofchance.


43

Practical Implementations of ECC in the Blockchain

By Yeonji Seo Deerfield High School

Abstract

Elliptic curve cryptography is a useful tool in the implementation of variousblockchain applications, including cryptocurrency like BitCoin, Secure Shell (SSH), andTransportLayerSecurity(TLS).AstechnologieslikeBitCoincryptocurrencybecomemoremainstream in their acceptance, the security of these encryption protocols have becomeparamounttothepublic’strustintheirvalueandtheevolutionoftheirencryptionprotocolswillultimatelydeterminetheirsuccess.Thisprojectattemptstodelineateandexplainthebasicmathsof howelliptic curve cryptographyworks, implement a simpleECCprotocolusing Mathematica, and then compare and contrast the usefulness of ECC not only incryptocurrencylikeBitCoin,butalsowithinothercurrentapplicationsofthetechnology.

1. Introduction

Elliptic curve cryptography (ECC) [1] is progressively utilized as a practicalapplication in developing open key cryptography conventions, for instance actualizingcomputerizedmarksandkeyunderstanding.Encryptionhasbeenadvancedtoapointwheredigital security is becoming a high concern. Over 25 years after first experience withcryptography,thereareobviousadvantagestousingEllipticcurves:theyprovidelittlerkeysizes[2]andmoreproductiveusage[3]atasimilarsecuritylevelasotherbroadlyconveyedmethods, such as the RSA algorithm. This system allows for digital information to bedistributed but not copied, lessening the risks of individual identities and other privateinformationbeingpublicized.

In this document, several contributions are given. First, we examine the presentconditionofexistingEllipticcurveinstallmentsinafewextraordinaryapplications.Certicomdischarged themain recordgivingprinciples toElliptic curve cryptography in2000, andNIST institutionalized ECDSA in 2006. Therefore, cryptographic information is gatheredfromvariousdiversecertifiableinstallmentsofEllipticcurvecryptography:Bitcoin,secureshell [4], transport layer security [5]. Several remarks on the information is provided,specificallyontheopenkeys,keytradeinformation,andcomputerizedmarks,keepingin


44

mindtheendgoaltorecognizeexecutionissuesthatmayflagtheexistenceofcryptographicvulnerabilities.

A decentralized digital currency is a complicated network that uses public-keycryptographytoprocessandverifypayments.Simultaneously,itrequiresaprivate-keytoactuallyaccessthefundontheotherside.Thesecurityofappliedcryptographicmethodsdepends on the trusted hardness of several theoretic issues, such as whole numberfactorizationandthecalculationofdiscretelogarithmsinlimitedfieldsoringatheringsofpointsonellipticcurve.Inspiteofthat,mostreal-worldcryptographicvulnerabilitiesdonotoriginate fromashortcominginthebasichardnesssuspicion,but insteadfromexecutionissueslikeside-channelassaults,programmingbugsorconfigurationblemishes.Onesuchillustrationissupposedreserveassaults(see[6]foranapplicationtotheunevensetting)thatendeavor thememory togetadesignwithcryptographicplansutilizing informationsubordinatetablequeries.Anotherclassofissuesisidentifiedwithusage,whichdoesn’tgiveadequatearbitrarinessandconsequentlycreateuncertaincryptographickeys.LatecasesofECCappliancesexperiencinganabsenceofarbitrarinessaretheDebianOpenSSL,thefindingoffarreachingpowerlessRSAandDSAkeysutilizedforTLS,SSH,andPGPasexplainedin[7]and later in [4] thatdemonstrate theway tobreakRSAkeysacquired fromTaiwan'snationalResidentDigitalCertificatedatabase.

Keeping in mind the end goal to study the application range for Elliptic curvecryptography,thereareafewvastcryptographicdatasets:• TheinitialdatasetisacquiredfromBitcoinblock-chain.Bitcoinisadigitalcurrency,

andEllipticcurvecryptographyisfundamentaltoitsoperation:Bitcoinaddressesaredirectlyfromelliptic-bendopenkeys,andexchangesareverifiedutilizingadvancedmarks.Peopleingeneralkeysandmarksaredistributedassomeportionofthefreelyaccessibleandauditablepieceaffixtocounteracttwofoldspending.

• Thesecondbiggestdatasetisextractedfromanall-inclusiveoutputofHTTPSservers.Elliptic-bendfiguresuitesthatofferforwardmysterybybuildingupasessionkeyutilizingelliptic-bendDiffie-Hellmankeytrade[8]werepresentedin2006andaredevelopinginnotorietyforTLS.ThisdatasetincorporatestheDiffie-Hellmanserverkeytrademessages,andinadditionopenkeysandmarksfromserversutilizingECDSA.

• Elliptic-bendfiguresuitesforSSHwerepresentedin2009,andarelikewisedevelopingmoretypicalasprogrammingsupportincrements.ThisdatasetincorporatesEllipticcurveDiffie-Hellmanserverkeytrademessages,elliptic-bendopenhostkeys,andECDSAmarks.Elliptic curve cryptography is a long way from being supported as a standard

alternative inmostcryptographicappliances.Regardlessof threeNISTbendswhichhavebeeninstitutionalized,atthe128-piecesecuritylevelorhigher,thelittlestbendmeasure,secp256r1,isbyawidemarginthemostcommonlyused.Numerousserversappeartofavorthebendscharacterizedoverlittlerfields.

Criticalquantitiesofnon-relatedclientssharingopen(andthusprivate)entersintheTLS and SSH, are observed. Some of these cases were because of virtual machinearrangementsthatevidentlycopiedkeyscrosswiseoverunmistakableexamples;otherswe


45

couldcredittodefaultorlow-entropykeyscreatedbyinstalledgadgets,suchasasystemfirewallitem.

ECDSA,suchasDSA,hasthepropertythatpoorirregularityutilizedamidsignatureeracanbargainthelonghaulmarkingkey.WefoundafewcasesofpoormarkarbitrarinessutilizedasapartofBitcoin,whichcanpermit(andhaspermitted)aggressorstotakecashfrom these customers. There seems, by all accounts, to be various reasons for the poorirregularity,countingtestesteemsforextraordinarilyutilizedusage,andmostnoticeablyanAndroidJavabugthatwasfoundrecently.

2. Explanation of ECC

ThissectiontalksaboutthestandardEllipticcurves,whichareessentialinpracticalapplicationsofECC. Italsoprovidesdocumentation forElliptic curvepublickeysetsandpresentssomeessentialideasforkeyfoundationandcomputerizedsignaturesintheEllipticcurveinitialization.

To start with, we quickly recap standard Elliptic curves that are utilized mostnormallyingenuineapplications.EachoneofthesecurvesaregivenusingtheWeierstrassshape.

𝐸 ∶ 𝑦� = 𝑥° + 𝑎𝑥 + 𝑏

Theyarecharacterizedoveralimitedfield𝐹𝑝,wherep>3isprimeand𝑎, 𝑏 ∈ 𝐹𝑝.Given such a bend 𝐸, the cryptographic gathering that is utilized in conventions is asubstantialprime-arrangesubgroupoftheaggregate𝐸(𝐹𝑝)of𝐹𝑝-reasonablefocusesonE.The gathering of sane focuses comprises of all arrangements (𝑥, 𝑦) ∈ 𝐹³� to the bendcondition togetherwithapointatendlessness.Thenumberof𝐹𝑝-levelheaded focuses ismeantby#𝐸(𝐹𝑝)andtheprimerequestof thesubgroupbyn.Asettledgeneratorof thecyclicsubgroupisnormallycalledthebasepointandmeantbyG∈𝐸(𝐹𝑝).

RegardingtheFIPS186-4standard,NISTsuggestsfiveEllipticcurvesforusageintheElliptic curve advanced calculation focusing on five diverse security levels. Each bend ischaracterized over a prime field characterized by a summed up Mersenne prime. Suchprimes permit quick diminishment in light of the paper [9]. All bends have a similarcoefficient𝑎 = −3,probablydecidedforproficiencyreasons,andtheirgatheringordersarelargelyprime,implyingthat𝑛 = #𝐸(𝐹𝑝).Thefiveprescribedprimesare2192−264−1,2224−296+1,2256−2224+2192+296−1,2384−2128−296+232–1and2521−1.

These alongside some different curves are likewise suggested by Certicom in themeasuresforproductivecryptographySEC2[10],inwhichthebendsarenamedsecp192r1,secp224r1, secp256r1, secp384r1, secp521r1.For256-pieceprimes,notwithstanding theNISTcurve,SEC2likewiseproposesabendnamedsecp256k1over𝐹𝑝wherep=2256−232−977.ThiscurveisutilizedasapartofBitcoin.Ithasa256-pieceprimerequest.Curiously,thisdecisiongoesastrayfromthosemadeinFIPS186-4inthatthebendcoefficientsarea=0andb=7.Thisimpliessecp256k1hasj-invariant0andinthismannerhasanexceptionallyuniquestructure.

Sinceforsecp256k1p≡1(mod6),thereexistsaprimitivesixthbaseofζ∈Fpandarelatingcurveauto-morphism.


46

𝜓 ∶ 𝐸 → 𝐸, (𝑥, 𝑦) → (𝜁𝑥, −𝑦).

Thisguidepermitsthequickcalculationofspecificproductsofanypoint𝑃 ∈ 𝐸(𝐹𝑝),inparticular𝜓(𝑃) = 𝜆𝑃foranumberλwithλ6≡1(modn).Inanycase,proficientendo-morphisms not just accelerate scalar duplication, they likewise accelerate Pollard's rhocalculation for registering discrete logarithms. The auto-morphism gathering of E hasarrange 6 and is produced by the guide ψ above. Interestingly, an Elliptic curvewith j-invariantnotthesameas0and1728justhasanauto-morphismgatheringofrequest2,tosuchanextentthataccelerateinPollard'srhocalculationisaconsistentfactor.

Anotheroutcomeofthebiggerauto-morphismaggregateisthepresenceofsixturns(counting the bend itself and the standard quadratic contort). An execution utilizing x-coordinate just number juggling, (for example, the equations in [11])must focus on thecontortsecurity(see[2,3]).Thisimpliesitsquadraticwindneedsasufficientlyhugeprimedivisorforthediscretelogarithmissueonthebendtobesufficientlyhard.Thisanticipatesaninvalid-bendassaultinwhichanaggressorgetsproductswithmysteryscalarsofapointon the quadratic contort, e.g. by means of fault infusion [13]. The quadratic spot ofsecp256k1hasa220-pieceprimefactorandinthiswaycanbeconsideredbendsecure(e.g.asin[5]).Anon-ladderingusage(utilizingbothx-andy-facilitates)canbetradedoffbyaninvalid-bendassault if theusagedoesnot checkwhether thepoint fulfills the rightbendcondition[7].Thiscouldpromptamoregenuineassaultonsecp256k14sinceanassailantmaygetscalarproductswithmysteryscalarsofapointonanybendover𝐹𝑝withcoefficienta=0,i.e.onanyofsecp256k1'sturns.Thebiggestprimedivisorsofthestayingfourturns'gatheringordersareofsize133,188,135,and161bits,separately,howeverthereareafewotherlittlerprimefactorsthatoffermoredecisionsforaninvalid-bendassault.

Elliptic curve public-key pair comprises of a private key d,which is an arbitrarilychosennon-zeronumbermodulothegatheringrequestn,andanopenkey𝑄 = 𝑑𝐺,the𝑑-numerousofthebasepointG.InthiswaythepointQisanarbitrarilychosenpointinthegatheringproducedbyG,wherepisabasefieldprime,𝐸/𝐹𝑝isanellipticcurve,andGisabasepointG.

Therearea fewdiversestandardkeytradeconventions(see[14])broadeningthefundamentalEllipticcurveDiffie-Hellmanconvention,whichactsastakesafter.Toconcuronamutualkey,letussupposethattwoindividualsseparatelyproducekeysets(𝑑𝑎, 𝑄𝑎)and(𝑑𝑏, 𝑄𝑏).Atthatpoint,theytradetheopenkeys𝑄𝑎and𝑄𝑏,withtheendgoalthateachcanregisterthepoint𝑃 = 𝑑𝑎𝑄𝑏 = 𝑑𝑏𝑄𝑎utilizingtheirparticularprivatekeys.Themutualmysterykeyisgottenfrom𝑃byakeyinferencework,forthemostpartbeingconnectedtoitsx-organize.

ThealgorithmforEllipticcurvedigitalsignaturewasinstitutionalizedinFIPS186-4.Theunderwritercreatesakeymatch(d,Q)comprisingofaprivatemarkingkeydandanopenconfirmationkey𝑄 = 𝑑𝐺.Tosignamessagem,theunderwriterinitiallypicksaforeverymessageirregularnumberkwiththeendgoalthat1 ≤ 𝑘 ≤ 𝑛 − 1,figuresthepoint(𝑥1, 𝑦1) = 𝑘𝐺,changesx1toanumberandfigures𝑟 = 𝑥1𝑚𝑜𝑑𝑛.Themessagemishashedtoabitstringoflengthnomorethanthebitlengthofn,whichisthenchangedtoawholenumbere.Themarkofmisthecombine(r,s)ofnumbersmodulon,wheres=k−1(e+dr)modn.Notethatrandsrequiretobenotthesameas0,andkmustnotbeuncoveredandshouldbeaforeverymessagemystery,whichimpliesthatitmustnotbeutilizedformore


47

thanonemessage. It is essential that theper-messagemysteryk isnotuncovered, sincegenerallythemysterymarkingkeydcanbefiguredby

𝑑 ≡ 𝑟À (𝑘𝑠 − 𝑒)(𝑚𝑜𝑑𝑛)

sincerandsaregiveninthemarkandecanbefiguredfromthemarkedmessage.Regardlessofthepossibilitythatloneafewcontinuousbitsoftheper-messagemysteriesforaspecificnumberofmarksareknown,itisconceivabletoregistertheprivatekey(see[15]).

2.1 Encoding Sanity Check

Thereislonghistoryofcommonsenseissuesincryptographyidentifiedwithlackinghaphazardness.ThemostinfamouscaseinlatehistoryistheOpenSSLvulnerability,a2006changeinthecodekeptanyentropyfrombeingfusedintotheOpenSSLentropypool,withthegoalthattheconditionofthepoolwasreliantjustontheprocedureIDandengineeringofthehostmachine.Asettlednumberofcryptographickeysorotherirregularestimationsofagivensizewouldeverbeproducedbytheseusage.Theissuewasfoundin2008.

In2012twodistinctgroupsofscientistsindicatedfreelythatacriticalnumberofRSAkeys(notconsidering thekeys influenceddueto theDebianOpenSSLbug)areuncertainbecauseofdeficientirregularity[7].Thelastpaperlikewiseinspectedprime-arrangeDSASSHhavekeysandmarks,andfoundcountlesshostkeyscouldbetradedoffbecauseofpoorirregularityamidsignatureera.Thegreaterpartofthepowerlesskeyswerecreditedtopoorentropy accessible at first boot on asset constrained installed and headless gadgets, forexample,switches.

In2013,anotherpaperdemonstrated thatvariousRSAkeysgotten fromTaiwan'snationalCitizenDigitalCertificatedatabasecouldbeconsidered[4]duetoabreakingdownequipment irregular number generator on cryptographic keen cards. So as to check ifcomparative vulnerabilities happen in the setting of elliptic bend cryptography, weassembledasmuchellipticbendinformationaswecoulddiscoverandplayedoutvariouscryptographiconce-overstoverifyeverythingiscorrect.

Anellipticcurveopenkeyisapoint𝑄 = 𝑑𝐺whichisanumerousofthegeneratorGfor 1 ≤ d < n. Numbers that are pseudo-random may show themselves as rehashedestimationsofd, andaccordingly rehashedopenkeys saw innature.Asopposed toRSA,where poor irregular number generators and bugs have brought about particular RSAmoduli that can be considered utilizing themost noteworthy normal divisor calculationwhentheysharepreciselyoneprimefactorinlikemanner,anellipticbendopenkeyseemstohavenopracticallyequivalenttoproperty.Weareignorantofanycomparativenumericalpropertiesof thegeneralpopulationkeysalonethatmaybringabouttotalbargainof theprivate keys, and they are probably not going to exist in light of the fact that discretelogarithmshavesolidno-nonsenseproperties[10,16].

Theseissuesareusuallycheckedbysearchingforcrashesofellipticbendfocusesgaveoutintheopenkeys.Itisnormaltoexperienceasimilaropenkeynumerouscircumstances:peoplecanutilizeasimilarkeyfordifferentexchangesinBitcoinorthesamekeymatchcanbeutilizedtoensuredistinctiveserverspossessedbyasimilarelement.


48

2.2. Mathematica Implementation of ECC

FromthegivendefinitionofECC,theMathematicaimplementationofellipticadditioncanbegivenas

ECAddition[p_,a_,b_,c_,P_List,Q_List]:=Module[ {var,x3,y3,P3},

Which[

P=={O},Q,

Q=={O} ,P,

P[[1]]!=Q[[1]],

var=Mod[(Q[[2]]−P[[2]]) PowerMod[Q[[1]]−P[[1]],p−2,p],p];

x3=Mod[var^2−a−P[[1]]−Q[[1]],p];

y3=Mod[−(var(x3−P[[1]])+P[[2]]),p];

{x3,y3}

,

(P==Q)&& (P!={O}),

var=Mod[(3* P[[1]]^2+2 a* P[[1]]+b) PowerMod[2

P[[2]],p−2,p],p];

x3=Mod[var^2−a−P[[1]]−Q[[1]],p];

y3=Mod[−(var (x3−P[[1]])+P[[2]]),p];

{x3,y3}

]]

There are several cases for elliptic curve scalar multiplication, which can beimplementedasfollows:

ECMul[p_, a_, b_, c_, n_, P_List] :=

Which[

n == 0, {O},

n == 1, Mod[P, p],

EvenQ[n], ECAdd[p, a, b, c, pn = ECMul[p, a, b, c, n/2, P],

pn],

OddQ[n], ECAdd[p, a, b, c, pn = ECMul[p, a, b, c, n - 1, P], P]

]


49

Now,observetheellipticcurveEoverZ863definedbyy^2=x^3+100x^2+10x+1.ThepointP={121,517}liesonitascanbeprovedwiththeMathematicafunctionMod:

p = 863; x = 121; y = 517;

Mod[y^2 – (x^3 + 100 ∗ x^2 + 10 ∗ x + 1) , p] == 0

TheorderofPis432,asitcanbecheckedfromthefactorizationof432andusetheECMulfunction:

FactorInteger@432

P = {121, 517};

R = ECMul[p, 100, 10, 1, 432, P]

SupposethatonehaschosenmA=130andtheotherpersonhaschosenmB=258.ThenQA={162,663}andQB={307,674},ascanbecheckedwiththeECMulfunction.

QA = ECMul[p, 100, 10, 1, 130, P]

QB = ECMul[p, 100, 10, 1, 258, P]

ThepersonAcancomputethecommonkeyKA,BwiththecalculationKA,B=mAQB,wheremA=130isthefirstsecretkey.Itfinds

ECMul[p, 100, 10, 1, 130, QB]

Similarly,thesecondpersoncancalculatethemutualkeyKA,BusingtheevaluationKA,B=mBQA,wheremB=258ishissecretkey.Healsofinds

ECMul[p, 100, 10, 1, 258, QA]

Now that theDiffie-Hellman key interchange systemover elliptic curves has beendesignated,theprocedureandtheotherschemescanberewritteninthelanguageofellipticcurves.

3.Applications of ECC

Inthischapter,severalarrangementsofEllipticcurvecryptographyinpracticearereviewedandmeasurementsaregivenontheirutilization.

3.1 Application in Bitcoin

ThecryptographiccurrencyBitcoinisaconveyedsharedadvancedcurrencywhichpermits"onthewebinstallmentstobesentspecificallystartingwithonegatheringthenontothenextwithoutexperiencingamonetaryorganization"[17].Bitcoinblock-chainisadiaryoftheconsiderablenumberofexchangeseverexecuted.EachpieceinthisdiarycontainstheSHA-256hashofthepastsquare,thuslytyingthepiecestogetherbeginningfromtheallegedbeginning square. InBitcoin, anECDSAprivatekeyordinarily fills in as a client's record.Exchanging responsibility from client A to client B is acknowledged by appending anadvancedmark(utilizingclientA'sprivatekey)ofthehashofthepastexchangeanddata


50

aboutgeneralsocietykeyofclientBattheendofanotherexchange.Themarkcanbecheckedwiththeassistanceofclient'sopenkeyfromthepastexchange.Differentissues,forexample,maintainingastrategicdistancefromtwofoldspending,aretalkedaboutinthefirstreport[17].ThecryptographicmarksutilizedasapartofBitcoinareECDSAmarksandutilizethebend secp256k1. Given an ECDSA (packed) open key K, a Bitcoin address is producedutilizingthecryptographichashcapacitiesSHA-256andRIPEMD-160.

Public key is being hashed twice: HASH160= RIPEMD-160 and SHA-256(K). TheBitcoin address is figured specifically from thisHASH160 estimate. Since it is difficult todiscernwhetheraddressreuseisbecauseofasimilarclientreusingtheirkeyinBitcoin(withrespecttoprotectionandnamelessnessinBitcoin),thereisnostraightforwardapproachtocheckifthesecopyopenkeysbelongtothesameordistinctiveproprietors.Rightnow,thereareapproximately12millionBitcoinsavailableforusewithanexpectedestimationofmorethan2billionUSD.Bitcoinhasbeenexaminedbeforeinvarioussettings(e.g.[1]),yettheprincipalcryptographic"rationalsoundness"checkisperformed.

SomeresearcherswereabletodistinguishthreekeysbelongingtoBitcoincard[8],anembedded gadget that goes about as an independent Bitcoin customer. We likewisedistinguishedafewBlockchain.infoairconditioningchecksthatcopiednoncesbecauseofabug in a JavaScript-customer's irregular number generator not being seeded effectively.Theseassetsweretheninthismannerexchangedtothesameaddress.NotethatthereexistsatimestampingschemeforBitcointhatpurposelyreleasestheprivatekeyofanexchangebydeliberatelyutilizingasimilararbitrarynonce[18].

Intheeventthatthisplanisexecutedandtried,atthatpointthismayclarifymarkedexchangeswithcopiednoncescontainingalittlesum.

Regarding the non-spendable Bitcoins, it is conceivable to exchange Bitcoins to arecord for which (most likely) no comparing cryptographic key-combine exists. TheseBitcoins stay stuck at these accounts everlastingly and are basically expelled fromdissemination. This may bring about flattening: expanding the estimation of the other(spendable)Bitcoins.ThiscircumstanceisnotBitcoinparticular;physicalcashcanlikewisebeharmedordamaged.TheU.S.BureauoftheTreasuryreclaimsdisfiguredmoneyesteemedatmorethan30millionUSDeveryyear[14].Wewerenotablediscoverdatawithrespecttothemeasureofcashthatiswithdrawnforeverfromcoursebecauseofharm,inspiteofthefactthatthereareknownsituationswhereindividualshavecopiedsignificantmeasuresofcash.

There are also some intriguing ECDSApublic keys. Following an indistinguishablethinkingfromintheHASH160setting,onecouldutilize"fascinating"qualitiesforgeneralsocietykeyitself.Beforeweplotourlookforsuchesteems,letusreviewtheorganizationofECDSAopenkeysasdetermined in[14]whereweaccept thekeysarespokento in theirhexadecimalesteem(thisisthesettingutilizedinBitcoin).Apoint𝑃 = (𝑥, 𝑦)canbespokentoastakesafterwherep=2256−232−977istheprimeutilizedasapartofBitcoin.• IfPisthepointatendlessness,atthatpointitisspokentobythesinglebyte00.• Anuncompressedpointbeginswiththebyte04tookafterbythe256-piecex-and

256-piecey-arrangeofthepoint.Henceforth65bytesareutilizedtospeaktoapoint.


51

• Apointispackedbyfirstfiguringanequalitybitbofthey-facilitateas𝑏 =(𝑦𝑚𝑜𝑑2) + 2andchangingoverthistoabyteesteem(b∈{02,03}).The33-bytepackedpointiscomposedas𝑏||𝑥.Like the HASH160 seek, searching for focuses that encode a little whole number

esteem is the starting point. All the Bitcoin delivers are created relating to the generalpopulationkeyswithvaluestheinitial256numbersI(0 ≤ 𝐼 < 256)anddifferentesteemsfortheequalitybit.Weutilizedasolitarybytecontaining𝐼,a33-byteesteemanda65-byteesteemforb∈{00,04}.Threelocationswerediscoveredwithanon-zeroadjust:thesinglebyte00,andthe65-bytebk0...1240kIforI=00andb∈{00,04}.Thisinitiallypointisthepointatboundlessness,whichisanaccuratelyencodedandsubstantialpointonthebend.Note,notwithstanding,thatthisesteemisunequivocallyprecludedasanopenkey[14]sinceitcanhappenfortheprivatekeyd=0,whichisnotpermitted.

The65-byteesteemsbothappeartoattemptandencodethepointatinterminability:for thesituationwhereb=00 theencoding is invalidwhile for thesituationb=04 theencodingissubstantialinanycase,thepoint(𝑥, 𝑦) = (0, 0)isnotonthecurve.

Whensearchingfordifferentesteems,welikewiseattemptedthevoidopenkey(∅).This address contains a lot of bitcoins (more than 68 BTC).We presume cash has beenexchangedtothisrecordbecauseofprogrammingbugs.Inalloutwefoundthatnolessthan75BTChasbeenexchanged toaccountswhichhave(most likely)nosubstantial relatingECDSA private key. Note this is entirely a lower bound on the quantity of unspendablebitcoins,aswedon'tguaranteethatthisrundownisfinished.

3.2 Application in Secure Shell (SSH)

Ellipticcurvecryptographywouldbeabletobeutilizedasapartofthreepositionsinthe SSH proto col. In SSH-2, session keys are arranged utilizing a Diffie-Hellman keyexchange.RFC5656[4]specifiesthefleetingEllipticCurveDiffie-Hellmankeytrademethodused in SSH, followingSEC1 [14].Every serverhas ahost key that enables the server tovalidateitselftothecustomer.Theserversendsitshostkeytothecustomeramidthekeytrade,andtheclientconfirmsthatthekeyuniquefingerimpressioncoordinatestheirsparedesteem.Theserverthenverifiesitselfbymarkingatranscriptofthekeytrade.Thishostkeymaybe anECDSAopenkey [4]. At long last, customers canutilizeECDSAopenkeys forcustomerconfirmation.

In2013,aSSHcheckgathered1353151legitimateellipticcurveopenkeys,ofwhich63%areinteresting.Thereweremorethanamillionsubstantialellipticcurveopenenterssweepinformation,ofwhich68%areoneofakind.

Huge numbers of the most ordinarily repeated keys are from cloud facilitatingsuppliers.Forthesetypesofhosts,repeatedkeyscouldbeduetosharedSSHframeworkthroughdifferentIPaddresses,inwhichcasetherepeatedkeyswouldnotbeahelplessness,or they could be because of oversights amid virtual machine arrangement that instatenumerousVMs forvariousclients fromadepiction thatalreadycontainsaSSHhavekeymatch.Itapplicationearsthatbothcasesarespokentoinourdataset.Asecurityadmonitory


52

in July 2013 suggesting that clients should recover SSH keys because of repeated keysdeployedonVMdepictions;therewere5614discoveredhoststhathadservedpeopleingeneralkeywhoseuniquemarkapplicationearsinDigitalOcean'ssetupmanage.

A few types of system gadgets were distinguished that application eared to beresponsibleforrepeatedkeys,eitherbecauseofdefaultkeysshowintheequipmentorpoorentropyonboot.However,aclarificationforthegreaterpartoftherepeatedkeyswasnotgiven,ashugenumbersof thebunchesofrepeatedkeysapplicationearedtohavenearlynothingin likemanner:diverseSSHvariantsandoperatingframeworks,distinctiveportsoperation, distinctive outcomes utilizing nmap have recognizable proof, distinctivesubstanceservedoverHTTPandHTTPS,furthermore,IPblocksbelongingtoawiderangeof facilitating suppliersorhome/littlebusiness Internet suppliers.Wecan speculate thatsomeofthesemaybeVMpictures,yetasarulewehavenoclarificationwhatsoever.WecanprecludeDebian frail keys as a clarification for thesehosts, because theDebianbugwasreportedandsettled in2008,whileOpenSSH(which isuniversallygiven inthecustomerrendition strings for the elliptic bend comes about) introduced support for elliptic bendcryptographyin2011.

Several checks for repeated signature nonces ended up with not discovering anyrepeat. Cryptographic sanity checks on several datasets affirmed that elliptic curvecryptographyisnotimmunetodeficiententropyandprogrammingbugs.

3.3 Application in Transport Layer Security (TLS)

InTLS, Elliptic curves can emerge in a few areas in the convention.RFC4492 [5]determinesEllipticcurvefiguresuitesforTLS.ThemajorityofthefiguresuitesdeterminedinthisRFCutilizetheEllipticcurveDiffie-Hellman(ECDH)keytrade.TheECDHkeysmayeitherbelonghaul(inwhichcasetheyarereusedforvariouskeytrades)orfleeting(inwhichcasetheyarerecoveredforeachkeytrade).TLSdeclarationslikewisecontainanopenkeythattheserverusestoconfirmitself;withECDHkeytrades,thisopenkeymaybeeitherECDSAorRSA.ECCsupportwasaddedtoTLS[5]throughanextraarrangementoffiguresuitesandthreeaugmentationsinthecustomerandserverhimessages.Thefiguresuitesdemonstratesupportforaspecificchoiceofkeytrade,personalitycheck,encryption,andmessageauthenticitycalculations.Forinstance,thefiguresuiteTLSECDHERSAWITHAES128 CBC SHA employments fleeting ECDH for a key trade, marked with a RSA key forpersonalityconfirmation,andutilizesAES-128[19]inCBCmodeforencryptionandtheSHA-1hashworkinaHMACformessageverification.What'smore,ifafiguresuitethatincludesECCiswanted,thecustomermustincorporateanarrangementofupheldEllipticcurvesinaTLSexpansioninitscustomerhimessage.

Theserverused forTransport layersecuritydoesnot submit its full inclinationoffiguresuitesorcurvesthatitunderpins,unlikeinSSH.Perhaps,thecustomermaysenditsrundownofbolsteredEllipticcurves,also,theservereitheranswerswithasolitaryfiguresuite from that rundownor shuts theassociation in theevent that itdoesn'tbolster anyfiguresuitesinthesamemannerasthecustomer.OntheoffchancethatthesuiterequiresECC, theservercomparatively incorporates justasolitarybendsortalongside thekeyor


53

mark.Thismakesrealizingwhichbendsaserverunderpinsmoretroublesome;acustomermustutilizenumerousTLSassociationswithoffera fluctuatingarrangementofcurvestotakeinaserver'shelpandrequestedinclination.

4. Conclusion

Thus,ellipticcurvecryptographyhasbeenexploredthroughitsutilizationinBitcoin,SSHandTransportLayerSecurity.Over10yearsaftertheinitialstandardizingofECC,thisapplicationofopenkeycryptographyispickingupinacceptance.InspiteofthefactthatECCis still a long way from the predominant choice for cryptography, the elliptic curvecryptographic protocol demonstrates impressive organization. The entire asymmetricencodingwithinBitcoindependsonECC.

Cryptographic sanity checks on several datasets affirmed that elliptic curvecryptography is not insusceptible to deficient entropy and programming bugs. ManyoccurrencesofrepeatedopenSSHandTLSkeyswerediscovered,correspondingtovariousapplications.For theBitcoindatacollection, therearenumerousmarkssharing transientnonces,enablingattackstoprocessthecorrespondingprivatekeysandtakecoins.

Furtherresearchanddevelopmentisrequiredtotrackdowntheseexecutionissues,eventually benefiting the security of the cryptographic algorithms used in practicalapplications.Ifgivenmoretime,otherareasofinterestforresearchwouldbepost-quantumencryption schemes and the possible application of these schemes to a new blockchainmodel.

5. References

N. Koblitz. Elliptic curve cryptosystems.Mathematics of Computation, 48(177):203–209,1987.

A. K. Lenstra and E. R. Verheul. Selecting cryptographic key sizes. Journal of Cryptology,14(4):255–293,2001.

D. J. Bernstein and T. Lange (editors). eBACS: ECRYPT Benchmarking of CryptographicSystems.http://bench.cr.yp.to,2013.

D.StebilaandJ.Green.Ellipticcurvealgorithmintegrationinthesecureshelltransportlayer.RFC5656,2009.

S.Blake-Wilson,N.Bolyard,V.Gupta,C.Hawk,andB.Moeller.Ellipticcurvecryptography(ECC)ciphersuitesfortransportlayersecurity(TLS).RFC4492,2006.

B. B. Brumley and R. M. Hakala. Cache-timing template attacks. In M. Matsui, editor,ASIACRYPT,vol.5912ofLNCS,p.667–684.Springer,2009.

N. Heninger, Z. Durumeric, E. Wustrow, and J. A. Halderman. Mining your Ps and Qs:Detectionofwidespreadweakkeys innetworkdevices. InProceedingsof the21stUSENIXSecuritySymposium,2012.

W. Diffie and M. E. Hellman. New directions in cryptography. IEEE Transactions onInformationTheory,22(6):644–654,1976.


54

J. A. Solinas. Generalized Mersenne numbers. Technical Report CORR 99–39, Centre forAppliedCryptographicResearch,UniversityofWaterloo,1999.

Certicom Research. Standards for efficient cryptography 2: Recommended elliptic curvedomainparameters.StandardSEC2,Certicom,2000.

E.Brier,M.Joye,andT.E.D.Win.Weierstraellipticcurvesandside-channelattacks.InPublicKeyCryptographyPKC2002,volume2274ofLNCS,pages335–345.Springer,2002.

B.B.Brumley,M.Barbosa,D.Page,andF.Vercauteren.PracticalrealisationandeliminationofanECCrelatedsoftwarebugattack.InO.Dunkelman,editor,CT-RSA,volume7178ofLNCS,pages171–186.Springer,2012.

P.Fouque,R.Lercier,D.Real,andF.Valette.FaultattackonellipticcurveMontgomeryladderimplementation.InFDTC,pages92–98,2008

Certicom Research. Standards for efficient cryptography 1: Elliptic curve cryptography.StandardSEC1,Certicom,2009.

N. Howgrave-Graham and N. P. Smart. Lattice attacks on digital signature schemes. Des.CodesCryptography,23(3):283–290,2001.

D.JetchevandR.Venkatesan.BitssecurityoftheellipticcurveDiffie-Hellmansecretkeys.InD.Wagner,CRYPTO,volume5157ofLNCS,pages75–92.Springer,2008.

S.Nakamoto.Bitcoin:Apeer-to-peerelectroniccashsystem.http://bitcoin.org/bitcoin.pdf,2009

J.ClarkandA.Essex.CommitCoin:Carbondatingcommitmentswithbitcoin-(shortpaper).InA.D.Keromytis,editor,FinancialCryptography,volume7397ofLNCS,pages390–398.Springer,2012.

J.DaemenandV.Rijmen.TheDesignofRijndael:AES-TheAdvancedEncryptionStandard.Springer,2002.

Documents

JOURNAL OF ANALYSIS OF APPLIED MATHEMATICS€¦ · techniques, DES, 3DES, AES, Blowfish, Twofish, Threefish are symmetric key cryptographic calculations, while RSA and ECC are uneven