Foundations of Cryptography
CSCI66201, Fall 2022, Semester 2221
In all cases show the details of your work, and give brief reasons
for your answers. The homeworks are due in pdf format on myCourses.
Convert to single pdf before submission, submit just one pdf file
for each assignment.
Assignment 1, due Wednesday, August 31
Warmup assignment:
Solve problems 1.2, 1.3, 1.4 from chapter 1, pages 2425.
Assignment 2, due Wednesday, September 14

Easy mod. Solve problems 5, 6, 7, 8
from chapter 1 (i.e. 1.5, 1.6, 1.7, 1.8), pages 2526.

More warm up. Solve problems 11, 13 from chapter 1, pages 2627.

Some work. Solve problems 4, 5, 6 from chapter 2, pages 5253.

Some more work. Solve problems 8, 10 from chapter 2, pages 5354.
Assignment 3, due Monday, September 26

Solve problems 1, 3, 4, 7, 9 from chapter 3, pages 8386.

Solve problems 10, 12 from chapter 3, pages 8386.

Solve problems 4, 5, 9 from chapter 5, pages 145146.

Solve problem 16 from chapter 5, page 148.
Assignment 4, due Friday, October 7
In all solutions show the details of your work.

Solve exercises 4, 5 and 6 from chapter 4, page 118.

Solve problems 13.1, 14, 16 from chapter 4, pages 120121
(this is the complete page 121 from the textbook,
some places on the web show only one of the problems 16 and 17).

Find all irreducible polynomials in Z_{2}[x] of degree 4.

Which of the following polynomials are reducible in Z_{2}[x]:
x^{5} + x^{4} + 1,
x^{5} + x^{3} + 1,
x^{5} + x^{4} + x^{2} + 1?
If reducible, then show factors.

Find all irreducible monic polynomials
(with the leading coefficient at x^{3} equal to 1)
in Z_{3}[x] of degree 3.

Compute 01101001*01010001 in GF(256),
using the AES irreducible polynomial.
Midterm Exam, Wednesday, October 12, class place/time
Assignment 5, due Monday, October 31
Show the details of your work.

Solve problems 2, 3, 4.1, 4.2, 4.3 (skip 4.4) from chapter 6, page 170.

Solve problems 5, 6, 10 from chapter 6, pages 170171.

Trace the execution of the Extended Euclid Algorithm,
as in example 6.6 page 163, for gcd(665,773). Find the mutual
multiplicative inverses of 665 and 773 in their respective
canonical intervals.

Find the value of the Euler totient function φ(n),
for n = 827, 829, 831, 833, 834, 835 and 839.
Show the details of computations.

Find all primitive elements (generators) modulo 139.
Attach the program which you used to generate them.
Assignment 6, due Saturday, November 19
Part I, RSA and CRT

Solve problems 1, 2, 6, 7 from chapter 7, pages 200/201.

Read, understand and think about problems 10, 12, 14, 16
pages 201204.
Do not submit answers to them. Many answers can be found on
the web. A question similar to one of these problems may
be included in the final exam.
Part II, MillerRabin Probabilistic Primality Test
The error probability of
the MillerRabin primality test is at most 1/4,
when only one base a is chosen (security parameter s=1).
You will now test this claim experimentally.

Find the largest error probability of MillerRabin primality
testing algorithm for odd integers between 95,000 and 110,000.
It is ok to bruteforce on all values of a. For modular
exponentiation, some version of the squareandmultiply
algorithm has to be used. In your answer, you should give
this largest error probability (with at least three decimals
of precision) and 10 odd integers between 95,000 and 110,000
for which the highest error probability occurs.

Submit a commented hardcopy of your code,
and a clear description of what you did (make it a part of
one pdf being submitted for this assignment).
You are encouraged to compare your error probabilities
with your classmates.
Hints on MillerRabin Primality Test
The formatting of the MillerRabin test in our textbook
is somewhat confusing.
Nicely formatted pseudocode
can be found at wiki, or in the
Stinson's textbook.
Suppose that we test for primality 25.
We have 25  1 = 24 = 2^3 * 3. Note that there are exactly two
MillerRabin liars (different from 1 and n1), namely a=7 and a=18,
since in these cases a^3 != +1 but a^6 = 1, all mod 25. Thus,
the error probability for 25 is 1/11. See also the
overall flow as in the class.
Assignment 7, due Saturday, December 3
Show the details of your work.

Solve problems 1, 2, 4 (parts 1, 2, 3), 10 from chapter 8, pages 234235.

Solve problems 3 (parts 1, 4, 7) and 5 from chapter 11, pages 315316.

Suppose that you can compute, store, and check for collisions 1000000
instances of SHA1(x) in one second (this would require lots of resources).
How long do you have to run such computations to have a probability at
least 1/100 of finding a collision?

Compute the probabilities that there is no birthday collision among t
people (as in the middle of page 300), for 12 <= t <= 37. Compute
approximations of these probabilities discussed in the middle
of page 301. How close are they?
(This approximation leads to the sample size estimate for
the birthday paradox in the formula (11.1))
Final Exam, Monday, December 12, 701455, 7pm9:30pm
Back to the course page