# Questions & Comments for Math 103, section H1; Fall, 1999

### 9/28/99 Some e-mail and replies about the algorithm assignment

Could you please explain to me in more simpler terms exactly what you want us to do for the math portion of the homework on algorithms?? And what do you mean by "implementations"??

there are two parts:

1. given an integer X, how many multiplications and additions are necessary to compute X-cubed.

your answer MAY depend, as i wrote, on two quantities: the length of X and the number X itself.

so for the number 2,374,458 : its length is seven, and the number is two million three hundred thousand etc.

we analyzed multiplication in class, and we got some idea of the number of single digit multiplications and additions are needed to compute the product of two numbers. so i'd like you to USE that result.

how? let's look at a specific example. suppose you wanted to compute the cube of 2,374,458. first i'd compute the square. how many additions & multiplications will be needed for that? here the important quantity is 7, the length of this number. i've forgotten the precise result we had in class (sorry, don't have things with me) but i think that we saw (please check your notes!)

if one number has length M and one number has length N, then the product can be computed with at most MN single digit multiplications and 3MN single digit additions.

so for 2,374,458 to be squared, we'd need ... errr ... (M=7, N=7) 7*7 multiplications and 3*7*7 additions. then we need to multiply the square by 2,374,458 again to get the cube. but how long will the square be? if you think about it, the length of the square will be at most 14 digits. so here we'll need (M=14, N=7) 14*7 multiplications and 3*14*7 additions at most.

so to compute the cube of poor old 2,374,458 we'll need (if i'm doing this right!)

7*7+ 14*7 multiplications and 3*7*7+3*14*7 additions.

now what should be the answer if we have a number X of length L? will the result depend more on X itself or just on L?

i'd suggest thinking through what would happen for a number like 123,456,789 (don't actually DO the cubing, just see how much work would be involved). see how your formula looks, and compare it to what i got, and see if you can guess the result for a general input. 2. here i ask for to you to tell me how you could check if a number IS a cube. what i'd like is for you to think up a scheme (no matter how outlandish it might be in practice) to see if a number like 234,456,678,991 is the cube of another number and to estimate how many arithmetic operations it would take to actually do your scheme. how would you tell if the number i wrote is a cube? (i don't know if my specific number [which i wrote at random] is a cube, but i doubt it.) i'm NOT asking you to actually DO the work, but to estimate it.

and then in both cases, i'd like you to try to see what would happen to the amount of time necessary to actually do the algorithms you suggest if the number changes from a 100-digit number to a 200-digit number.

another question: what are the specific units of work we are talking about here? is it simply time?

what are the specific units of work we are talking about here?

is a very serious one, and has been very thoroughly debated. the point of view for these problems (and for most other things i'll discuss with you people) is that the "work" is proportional to the number of basic arithmetic operations (more or less most people "in the trade" would agree with this). so asking you to estimate the work using that number is fairly realistic.

let's look at 123,456,789.

i'll try to remember the result we got on friday in class. i think (you may have better notes) that

if one number has length M and one number has length N, then the product can be computed with at most MN single digit multiplications and 3MN single digit additions.

so that means it takes 4MN "operations" (either multiplication or addition).

123,456,789 squared would then take at most 4(9)(9)=324 such operations (to compute X squared, we multiply X by itself, and both M and N would be 9 in this case). the result would have length at most 9+9=18. but we need to multiply the result again by 123,456,789. now we need to use the result above with M=18 (from X squared) and N=9. so i think to compute X cubed by directly multiplying X squared and X takes 4(18)(9)=648 operations. the sum of the two is 972. i think my number is higher than yours because i am being pessimistic -- i refuse to worry about how many digits the square of 123,456,789 ACTUALLY has -- it has at most 18. (also maybe i made an arithmetic error -- i am proudly trying to do this all in my head, darn it!).

whew.

now what i'd like you to do is see how many "operations" it takes if you start with a number X which has L digits. can you get a formula, somehow, for the worst case? think of it in two stages.

stage I: multiplying X by X: here M and N are both L, so that getting X squared takes 4(L)(L) operations.

stage II: multiplying X squared by X: here M is (at worst) equal to (???) (this is from X squared) and N is still L (this is from X), so that getting X cubed takes 4(???)(L) operations.

a certain OVERestimate of the total number of operations necessary is the sum of those from stage I and stage II.

more whew.

let's look at cube inquiry. i agree with your idea for this algorithm, which is exactly what i would have thought of (that's how to compliment someone -- read their minds!).

how long would it take (in terms of "operations") to test if 123,456,789 is a cube? we've got to do 123,456,789 cubes of numbers which are at most as large as 123,456,789. each one of those cubes takes according to the pessimistic estimate above 972 operations. therefore your "cube inquiry" would take 123,456,789 TIMES 972 operations. i surely can't do that multiplication in my head, but it is one heck of a big number.

now, if X is a number of length L, find an overestimate of the number of cubings and multiply that by the number of operations. the latter you will get from what you did above. the number of cubings is X, so ... i think you can get an answer.

and then try to use this answer to finally finish the homework problem. whew!

### 9/28/99 A comment from Ms. Fefferman about counting the number of molecules of water in the Atlantic Ocean

I don't know about the Atlantic Ocean, but the combined oceans of the world only contain 1.375 * 10^47 ATOMS of water.

Also, 6 * 10^100 molecules of water would weigh 18 * 10^77 grams. For comparison, 6 * 10^23 molecules of water would weigh 18 grams. These are molecules, not atoms (a factor of 3 when it comes to water)

So that may not work well as an example... I'm not sure that any particular example really will work well, as at some point some idiot (ahem) very strange man (a physicist) worked out that he thought there were probably about 10^79 Protons! in the Universe! I don't think this is still widely accepted, but it was for a goodly while.

It was meant more as a metaphor, really. Take a look at page 66 of our much-neglected textbook. It has some more metaphors. What you should recognize is that numbers of the size 10100 are really big, so big that almost nothing in our day-to-day existence can prepare us to appreciate their immensity.

Please note that giving such an assignment would have been nearly impossible 5 to 10 years ago. You will see why as you do it, and we will discuss the results on Friday.

Some of the computations are known to be computationally very intractible (you'll see). Although Eden is a system of several large modern fast computers, it would be impolite to use a significant fraction of its resources. I think that going beyond 30 to 35 digits might be impolite. Also, the computer folks will eventually find out and yell at me (!) if you push things. So please be a bit careful and considerate. Note also that Maple reports its own processing time, and that you will be sharing the resources of Eden with many other people. Therefore Maple may tell you that you've used 5 seconds of processing time but you may need to wait 30 or 40 seconds (or more!) to get the result. Let me know if difficulties occur, please!

### 9/29/99 Some e-mail about the experimentation assignment

I have been trying to do the homework but it seems like the computer just doesn't want to cooperate. No matter how large I made my mod number the computer calculated it. I got up to 40 digits and the computer was still calculating the answer in .09 seconds. Is something wrong here. On average the calculation times are staying the same. Shouldn't they be increasing or something. Please let me know. Maybe I am doing something wrong. HELP!

Probably you are doing NOTHING wrong, really. But I've asked you to do two different series of questions. One involves 2*1=1 mod "something" and the other involves 2^x=1 mod the same "something". Here is part of a session I ran on Eden two days ago:

readlib(showtime): showtime(true);
O1 := msolve(2*x=1,13);
{x = 7}

time = 0.01, bytes = 72750
O2 := msolve(2^x=1,13);
bytes used=1045224, alloc=851812, time=0.14
{x = 12 _NN1~}

time = 0.20, bytes = 1196610


First, 2*x=1 mod 13 does have answer 7, because 2*7 is 14, and 14=13+1. Eden reported that this computation took 0.01 seconds, one-one hundredth of a second, not too much time.

Then I asked for solutions of 2^x=1 mod 13. Eden responded 12. now i'm going to check the answer, first by computing 2^(12):

2,4,8,16,32 (fifth power), 64,128,256,512,1024 (tenth power), 2048, 4096.

Now 13 into 4096 (I'm refusing to use a calculator and just being silly): 13 into 40 is 3 remainder 1, 13 into 19 is 1 remainder 6, 13 into 66 is 5 remainder 1. Yippee!

So Eden was correct, and an answer is 12. It also reported that it took 0.20, a fifth of a second, to do this problem. This is more time (twenty times more time!) -- well, we'll discuss why and how and stuff like that on Friday.

Please try again, and be sure to try both questions (* and ^) on each "level" of difficulty. See what happens. Please let me know if things change. Unless you are almost unbelievably lucky, they will, and they will change a lot.

### 9/30/99 Some e-mail about the experimentation assignment

hello!! i just tried to do the homework on Eden and i got some weird results...

for the 2*x=1 equation, basically, the computer took between 0.00 sec and 0.02 seconds. this is probably because the equation is simply multiplication.

for the 2^x=1 equation, i obtained larger numbers, but in an erratic pattern. For instance, my 4 digit number too 0.39 sec while my 8 digit number took only 0.11 sec. Furthermore, my 24 digit number took 2.25 sec whereas my 28 digit number only took 0.4 sec... Am i doing something wrong or is the computer going on the fritz or something??....

Heh heh heh ... I hope I/we (Ms. Fefferman) can give some explanations tomorrow. What you got certainly seems consistent with other results. You were REALLY lucky with your 28 digit number (I'd be curious what number you actually used). Try pushing it "up" in length a bit. It would be really weird (and rather unlikely) if the exponentiation times didn't begin to soar.

But things will be erratic. Really.

OK- I went on Maple and did the assignment. Umm...for 2x=1 mod whatever, the higher my numbers got, I still had time=0.00??? but not for the first one though. and i went up to mod 32, but I didnt get why you would get embarassed when that happened--oh, I didnt do it on eden, but on a prgram--so i guess that takes care of that.

Umm...so when we do the graphs, it's 2 graphs (one for each equation), and the axes are time vs. answer???

and where you ask us to explain what happened in the first instruction, do we have to write that out and give it to you as part of the homework, or was that just for us to do for enrichment??

thanks for your e-mail. note that i didn't want you to go up to mod 32 -- such numbers are much too small for maple or any modern computer to even vaguely notice. i wanted you to go up to numbers whose length is in the 30's -- those numbers are large enough so that computers will notice and interesting things will happen.

distinguishing between the number and how it is represented is important. 32 has length 2. the number

12345 12345 12345 12345 12345 12345 11

has length 32. i just tried the following on one of the math department's computers (your time would almost certainly differ):

> number:=12345123451234512345123451234511;

number := 12345123451234512345123451234511

> msolve(2*x=1,number);

{x = 6172561725617256172561725617256}

time = 0.05, bytes = 96230
> msolve(2^x=1,number);

{x = 583997287204605899052517980 _NN1~}

time = 2.37, bytes = 1615130


notice that the exponential equation took 46 times as long to solve as the equation with a multiplication in it!

so please try again, and see what happens.

i certainly would not mind getting the result of the first couple of equations. i don't know if i'd say it was "for enrichment", really: it was an attempt to make sure you understood the syntax (is that the correct word?) of the command and the likely responses.

### 10/5/99 Some e-mail about the Diffie-Hellman assignment

XXX and I are trying to do the homework assignment and we can't seem to get anywhere. We figured that if we gave the 4 know values variable names and put them into this formula : msolve(n*x=alice1,p); {x is the unknown} we would get the secret and would then be able to multiply that by either Alice or Bob's number and we'ld get the key.

The problem is that we do not get an answer from this equation. We also don't know what the irem thing is all about, or how to use it.

First, all that the irem instruction does is compute numbers mod stuff. "irem" is an abbreviation for "integer remainder". Try typing irem(14,6); and you should get 2 as maple's answer. Try typing the two instructions frog:=10; and irem(frog^2+17,30); and you should get 27, I hope, because the square of frog is 100, add 17 to get 117, and then the remainder of that after division by 30 is 27 (since 117 is 90+27=3*30+27). YOU try a few experiments now:

What are irem(13,6) and irem(40,20) and irem(11,3) and irem(3*frog+2,8)? The answers should be (in some order, not necessarily the order I presented the problems): 0 and 1 and 2 (one of the answers will be used twice).

Here is a record of a Maple session I just did to "solve" (as Eve) a multiplicative Diffie-Hellman problem. It is authentically exactly what I did, except that I have added comments at each stage.

I hope this all helps. Let me know, please.


> P:=411011;

P := 411011

COMMENT: Alice & Bob selected a "large" prime to use. I'll ask Maple to store
this number using the letter P. By the way, I used Maple to help me find this
prime.

> N:=3456;

N := 3456
COMMENT: They chose a number "at random". Here I'll ask Maple to store the
number using the letter N>

> Alice:=333;

Alice := 333
COMMENT: Here's Alice's private secret which she will use together with
information from Bob to build a key which (hopefully but not too
authentically in this case) Eve will not know.

> Bob:=9999;

Bob := 9999
COMMENT: And here's Bob's choice of private secret.

> Alice_sends:=irem(N*Alice,P);

Alice_sends := 328826

COMMENT: Alice computes N multiplied by her private secret (what "irem" does
is compute the remainder after division by P). Notice that I'm not reluctant
to use long names for things. It keeps me from getting confused.

> Bob_sends:=irem(N*Bob,P);

Bob_sends := 31620

COMMENT: Bob now does his part of the job.

> Alice_Key:=irem(Alice*Bob_sends,P);

Alice_Key := 254185

COMMENT: Here is Alice's computation of the Key.

> Bob_Key:=irem(Bob*Alice_sends,P);

Bob_Key := 254185

COMMENT: And here Bob computes the Key using the information he
has. Notice that the two Key values coincide, so they indeed have
communicated.

> msolve(N*x=Alice_sends,P);

{x = 333}

COMMENT: Eve uses msolve to compute Alice's secret: note the all Eve needs
is the values of N and P and Alice_sends and that these numbers are all
publically known. Then Eve can compute the secret Key as well.



### 10/6/99 Some more e-mail about the Diffie-Hellman assignment

i tried the exponential part of the math assignment and kept getting words that don't make sense. which numbers are we supposed to add together? are we supposed to add bob's secret number to the key?? i'm not really sure about which numbers we're supposed to add together before we decode the message. thank you

well, first "eve" (which is you in this case) should try to deduce the secret Key value held by both bob and alice. make sure that you know that value. you can check this by first pretending to be alice and then bob, and following their procedures -- you should end up with the same number for both. then if you know the secret Key value, then you also have a message. this message (as alice explains) contains information. how? well it is Key+Information (mod P, the prime). IF you know the correct value of Key, then how can you recover the information?

example:

suppose P=37, and Key=12, and the Message=30. So that means Key+Information=30 (mod 37). what (in this case) is Information, please, and how do you get it?

let me know if this helps or if you need more hints. you can also try working with other people in the class.

in the case of the homework problem, the numbers are bigger, and i would definitely use Maple to answer the questions. i would not trust myself to do multidigit arithmetic with "multi" bigger than 4 or 5.

### 10/7/99 And even more e-mail about the Diffie-Hellman assignment

I really do not understand what the homework contest is about. I understood what we did in class but the way the homework is worded confuses me. When you say convert the letters in your message to an integer what message are you talking about? I don't see anything that can be or needs to be converted into numbers. Everthing is already in numbers. Please let me know. Thanks.

Sorry for the delay in responding to your message. I have been busy. We discussed a hypothetical situation in class on tuesday, where "Eve" can overhear all communication between "Alice" and "Bob" (I think I'll omit the quotes from now on -- they are too silly).

What I've written has several parts. I review the exchange protocols first, and then at the end discuss how to use the secret key to pass a message.

We discussed three protocols, roughly, one for addition, one for multiplication, and one for exponentiation. Let me review them. In fact, let me use A for Alice, B for Bob and E for Eve.

START FOR ALL THREE PROTOCOLS:
A & B agree on a prime number P and another number N.
E will know P and N.

FIRST STAGE
A selects a secret number known only to her, X.
B selects a secret number known only to him, Y.

SECOND STAGE
A sends B N+X mod P.
B sends A N+Y mod P.

Now who knows what?

A knows X, N, P, and N+Y (mod P).
B knows Y, N, P, and N+X (mod P).
E knows N, P, N+X, and N+Y (mod P).

THIRD STAGE
A adds her secret to the number she got from B: X+(N+Y) mod P.
B adds his secret to the number he got from A: Y+(N+X) mod P.

We note that X+(N+Y) and Y+(N+X) are the same, so that A and B share this new number, which we'll call a Key. This (nominally!) E does NOT know.

CRITICISM

Is this secure? Not very, because remember that since E knows all the communication between A and B, E knows exactly what they are doing. Since E knows, for example, N+X and E knows N, E could compute (N+X)-N (mod P) and learn X (A's secret number!) quite easily. She could also compute (N+Y)-N (mod P) and learn Y (B's secret number). Therefore she easily knows N+(X+Y) (mod P), so the "secret" Key is not too secure in this protocol.

All of this computation could, I think, be easily done "by hand" for even quite large numbers.

Now let's move on. Remember,

START FOR ALL THREE PROTOCOLS:
A & B agree on a prime number P and another number N.
E will know P and N.

2. multiplication.

FIRST STAGE
A selects a secret number known only to her, X.
B selects a secret number known only to him, Y.

SECOND STAGE (* is multiplication)
A sends B N*X mod P.
B sends A N*Y mod P.

Now who knows what?

A knows X, N, P, and N*Y (mod P).
B knows Y, N, P, and N*X (mod P).
E knows N, P, N*X, and N*Y (mod P).

THIRD STAGE
A multiplies her secret to the number she got from B: X*(N*Y) mod P.
B multiplies his secret to the number he got from A: Y*(N*X) mod P.

We note that X*(N*Y) and Y*(N*X) are the same, so that A and B share this new number, which we'll call a Key. This (nominally!) E does NOT know.

CRITICISM

Is this secure? Well, multiplication is more complicated than addition, to me, anyway (indeed, in terms of work done, it is more complicated but let's go on). But we've seen that Maple can undo multiplication (using the msolve command) quite quickly, even for very long numbers. So now: since E knows all the communication between A and B, E knows exactly what they are doing. Since E knows, for example, N*X and E knows N, E use Maple to solve for X. She could just type in Maple the command msolve(N*x={what Alice sent}, P) and learn X (A's secret number!) quite easily. She could also type in msolve(N*x={what Bob sent},P) and learn Y easily, in very little time, even for large numbers. So E would learn X and Y, and then E could compute N*X*Y (mod P) and learn the "secret" Key.

This computation is actually possible by hand, but I didn't talk about it, and I would expect you to use Maple to solve the equations. B's supposedly secret message is encoded in this way: B will send Key+Message (mod P), so that if the message were ZZ (say) the numerical equivalent using A's suggestion would be 2626. If the Key were 10101 then B would send 10101+2626=12727, and (knowing the Key and the message-encoding scheme) E could easily recover the message and get the letters from it.

Now on to the protocol which IS actually used in the real world (Diffie-Hellman key exchange -- and this IS discussed in the text for the course as I mentioned in the homework assignment).

START FOR ALL THREE PROTOCOLS:
A & B agree on a prime number P and another number N.
E will know P and N.

3. exponentiation

FIRST STAGE
A selects a secret number known only to her, X.
B selects a secret number known only to him, Y.

SECOND STAGE (^ is multiplication)
A sends B N^X mod P.
B sends A N^Y mod P.

Now who knows what?

A knows X, N, P, and N^Y (mod P).
B knows Y, N, P, and N*X (mod P).
E knows N, P, N^X, and N^Y (mod P).

THIRD STAGE
A exponentiates the number she got from B to her secret's power: she computes (N^Y)^X (mod P).
B exponentiates the number he got from A to his secret's power: he computes (N^X)^Y (mod P).

We note that (N^Y)^X and (N^X)^Y are the same (by usual rules for exponents which certainly hold since everything involved is a positive integer). Both of these numbers are N^(X*Y). A and B share this new number, which we'll call a Key. This (nominally!) E does NOT know.

CRITICISM

Is this secure? Well, exponentiation is even more complicated than multiplication, but what is really important is that SOLVING EXPONENTIAL EQUATIONS, EVEN WITH HEAVY DUTY COMPUTER HELP, IS MUCH "HARDER" (TAKES MUCH MUCH LONGER) THAN SOLVING LINEAR EQUATIONS. I tried to justify this statement to you with the experimental math assignment. How could E get the secrets? She could write msolve(N^x={what Alice sent},P). In the case of the homework assignment, this is actually doable in not much time on Maple. In the "real world" with several hundred digit numbers, even with very powerful and fast computers this is "infeasible" (lovely word, that!). E can get B's secret by using msolve(N^y={what Bob sent},P). Once she has done that, she would know both X and Y, and then could compute N^(X*Y) and would know the supposedly "secret" Key. She could then unwrap B's communication to A by subtraction (as in the previous section), and decode the message.

***

Alice's encoding of the message for the multiplicative scheme (#2 above) reads exactly:

Convert the letters in your message to an integer using A --> 01, B --> 02, ..., Y to 25, and Z to 26, and then add the result, mod {\bf 1211211211211}, to our common key.

I thought this would be familiar to you from before, since we had previously used this to encode a word when we were "sharing secrets" (not trying to keep information private). The word WEB would become (I'm thinking, I'm thinking) 230502, for example. Sigh. I'm sorry for any misunderstanding.

I hope all this helps.

I really fouled up. I just sent this message to everyone:

bob's last message in the multiplicative dialog should have been

794453124413

and this will then translate very very well.

the exponential dialog is all correct.

the fact that i (not bob, ME!) made a mistake is not good. it is, however, realistic. historically many crypto schemes have been compromised by errors.

i regret this error very much, though.

sincerely,

p.s.: you see, the dodo is NOT extinct at all. it is merely in hiding, quite ready to leap out and surprise us all.

### 10/29/99 E-mail about the binary homework

I have been trying to figure out number two on the sheet you gave us and I can't come up with an answer. Any hints?

well, binary numbers may be strange to you. maybe i could try to ask you a similar question but phrase it in terms of numbers in decimal notation.

consider the "pattern" 471, and think about the numbers that can be written by repeating this pattern any number of times:

471471471 ... 471
could such a number be prime? more specifically, why couldn't 471471 be prime? can you think of some number that MUST divide it? i remarked that almost no "work" should be involved in this realization. will 471 divide this number (why? what will the quotient be?).

I hope this remark helps.

### 11/1/99 E-mail about the more binary homework (the alien messages)

Hello. I am unsuccessfully attempting my homework. I was able to do the first section with no problem but number 2 i am finding impossible. So far i have decoded BBA for the first one and got stuck and I had only BC for the second message. Ahhhh!!! Just figured i'd let you know since you said you like feedback. :)

well, this is indeed a difficult assignment. it is actually the most realistic of any i have given you in the course.

i think "getting stuck" is a signal that somewhere you have done something wrong. by the way, if it helps, i do the homework, and the process that allows me to create problems like this also allows me to NOT see the answers before i try them. in this case, i got "stuck" exactly where you did. at the very beginning you made an assumptioin about the relationship between the first and second messages. there IS an alternative assumption, based upon the alien language. look at the language and think about it, please.

i hope this helps, but really i have given you folks a serious game to play here. if you try the initial segment again (slightly differently) you may be much more successful.