Financial Mathematics and Fintech Zhiyong Zheng Modern Cryptography Volume 1 A Classical Introduction to Informational and Mathematical Principle Financial Mathematics and Fintech SeriesEditors ZhiyongZheng,RenminUniversityofChina,Beijing,Beijing,China AlanPeng,UniversityofToronto,Toronto,ON,Canada Thisseriesaddressestheemergingadvancesinmathematicaltheoryrelatedtofinance and application research from all the fintech perspectives. It is a series of mono- graphs and contributed volumes focusing on the in-depth exploration of financial mathematics such as applied mathematics, statistics, optimization, and scientific computation, and fintech applications such as artificial intelligence, block chain, cloudcomputing,andbigdata.Thisseriesisfeaturedbythecomprehensiveunder- standing and practical application of financial mathematics and fintech. This book series involves cutting-edge applications of financial mathematics and fintech in practicalprogramsandcompanies. The Financial Mathematics and Fintech book series promotes the exchange of emerging theory and technology of financial mathematics and fintech between academiaandfinancialpractitioner.Itaimstoprovideatimelyreflectionofthestate of art in mathematics and computer science facing to the application of finance. As a collection, this book series provides valuable resources to a wide audience inacademia,thefinancecommunity,governmentemployeesrelatedtofinanceand anyoneelselookingtoexpandtheirknowledgeinfinancialmathematicsandfintech. Thekeywordsinthisseriesincludebutarenotlimitedto: a)Financialmathematics b)Fintech c)Computerscience d)Artificialintelligence e)Bigdata Moreinformationaboutthisseriesathttps://link.springer.com/bookseries/16497 Zhiyong Zheng Modern Cryptography Volume 1 A Classical Introduction to Informational and Mathematical Principle ZhiyongZheng SchoolofMathematics RenminUniversityofChina Beijing,China ISSN 2662-7167 ISSN 2662-7175 (electronic) FinancialMathematicsandFintech ISBN 978-981-19-0919-1 ISBN 978-981-19-0920-7 (eBook) https://doi.org/10.1007/978-981-19-0920-7 ©TheEditor(s)(ifapplicable)andTheAuthor(s)2022.Thisbookisanopenaccesspublication. OpenAccessThisbookislicensedunderthetermsoftheCreativeCommonsAttribution4.0International License(http://creativecommons.org/licenses/by/4.0/),whichpermitsuse,sharing,adaptation,distribu- tionandreproductioninanymediumorformat,aslongasyougiveappropriatecredittotheoriginal author(s)andthesource,providealinktotheCreativeCommonslicenseandindicateifchangeswere made. Theimagesorotherthirdpartymaterialinthisbookareincludedinthebook’sCreativeCommonslicense, unlessindicatedotherwiseinacreditlinetothematerial.Ifmaterialisnotincludedinthebook’sCreative Commonslicenseandyourintendeduseisnotpermittedbystatutoryregulationorexceedsthepermitted use,youwillneedtoobtainpermissiondirectlyfromthecopyrightholder. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. Thepublisher,theauthorsandtheeditorsaresafetoassumethattheadviceandinformationinthisbook arebelievedtobetrueandaccurateatthedateofpublication.Neitherthepublishernortheauthorsor theeditorsgiveawarranty,expressedorimplied,withrespecttothematerialcontainedhereinorforany errorsoromissionsthatmayhavebeenmade.Thepublisherremainsneutralwithregardtojurisdictional claimsinpublishedmapsandinstitutionalaffiliations. ThisSpringerimprintispublishedbytheregisteredcompanySpringerNatureSingaporePteLtd. The registered company address is: 152 Beach Road, #21-01/04 Gateway East, Singapore 189721, Singapore Preface I organized several seminars on cryptography, the students generally reflected that cryptographydoesn’tneedmuchmathematics,andcomputerlanguageandcomputer workingenvironmentaremoreimportant.Later,Ireviewedseveralcommoncryp- tography textbooks at home and abroad. If so, these textbooks are for engineering students, and the purpose is to cultivate cryptographic engineers. It is my original intentiontowriteatextbookoftheoreticalcryptographyforstudentsofmathematics department and science postgraduates, which systematically teaches the statistical characteristics of cryptographic system, the computational complexity theory of cryptographicalgorithmandthemathematicalprinciplesbehindvariousencryption anddecryptionalgorithms. With the rapid development of the new generation of digital technology, China has entered the era of information, network and intelligence. Cryptography is not only the cornerstone of national security in the information age, but also a sharp sword to protect people’s property security, personal privacy and personal dignity. Aftertheestablishmentofthefirst-classdisciplineofCyberspaceSecurity,Chinahas establishedthefirst-classdisciplineofsecurity.Inparticular,onDecember19,2019, Chinaofficiallypromulgatedthecodelawtoformulatealawforadiscipline.Thisis rareallovertheworld.Lately,thecentralgovernmentexplicitlyrequeststocultivate ourowncryptographyprofessionals.Itcanbeseenthatthedisciplineconstruction andpersonneltrainingofcryptographyhavebeenpromotedtotheheightofnational security,whichhasbecomeamajornationalstrategicdemand.Writingatextbookon cryptographytheoryaimstocultivateourowncryptographers,whichistheultimate reasonforwritingthisbook. Cryptosystemisanancientart.Sincethebirthofhumanbeings,therehasbeen cryptosystem.Forexample,themeansofcommunicationusedbyhumanbeingsin war, the marks and conventions used by special groups can be classified into the categoryofcryptosystemart.Amongthem,thefamousCaesarcryptosystemcanbe regardedastherepresentativeworkofancientcryptosystem.Forthousandsofyears, cryptosystem,asatechnology,reliesonpersonalintelligenceandingenuity.Occa- sionally,somemathematicalideasandmethodswereusedfragmentarily.Thiseraof v vi Preface cryptographerschangedfundamentallyonlyafterthegreatAmericanmathematician M.Shannoncameout. In1948and1949,Shannonsuccessivelypublishedtwoepoch-makingpapersin thetechnicalbulletinofBelllaboratory.Inthefirstpaper,Shannonestablishedthe mathematicaltheoryofcommunicationandestablishedtherandommeasurementof information by using the method of probability theory, thus laid the foundation of moderninformationtheory.Inthesecondpaper,Shannonestablishedtheinformatics principleofcryptography,introducedtheprobabilityandstatisticsprinciplesystem ofmathematicsintocryptographystructureandcryptanalysis,andtransformedthe ancient cryptography technology from art to science. Therefore, people not only callShannonthefatherofmoderninformationtheory,butalsothefatherofmodern cryptography. AfterShannon’sgreatchangesfromtheeraofcryptographertotheeraofcryp- toscience,theancientcryptologytechnologyusheredinthesecondhistoricleapin 1976,thatis,theeraofsymmetriccryptographychangedintotheeraofpublickey cryptography.In1976,twoStanfordUniversityscholarsW.DiffieandM.Hellman published a pioneering paper on asymmetric cryptography in IEEE Transactions onInformationTheoryandthenenteredtheeraofpublickeycryptography.Public keycryptographyandmathematicsaremoredeeplycrossedandintegrated,making cryptographyaninseparablebranchofmathematics.Theeracharacteristicofpublic keycryptographyistochangethecryptographyfromafewuserstomassconsumer products,whichgreatlyimprovestheefficiencyandsocialvalueofthecryptography. Nowadays,asymmetriccryptosystemiswidelyusedinmessageauthentication,iden- tity authentication, digital signature, digital currency and blockchain architecture, whichcannotbereplacedbyclassicalcryptosystem. BasedonShannon’sinformationtheory,thisbooksystematicallyintroducesthe information theory, statistical characteristics and computational complexity theory ofpublickeycryptography,focusingonthethreemainalgorithmsofpublickeycryp- tography,RSA,discretelogarithmandellipticcurvecryptosystem,strivestoknow whatitisandwhyitis,andlaysasolidtheoreticalfoundationfornewcryptosystem design,cryptoanalysisandattack. Latticetheory-basedcryptographyisarepresentativetechnologyofpostquantum cryptography, which is recognized by the academic community as being able to resistquantum computing attacks.Atpresent,thetheoryandtechnology oflattice cryptographyhavenotentereduniversitytextbooks,andvariousachievementsand introductionshavebeenscatteredinresearchpapersathomeandabroadinthepast two decades. The greatest feature of this book is that it systematically simplifies andcombsthetheoryandtechnologyoflatticecryptography,makingitaclassroom textbookforseniorcollegestudentsandpostgraduatesofcryptography,whichwill playanimportantroleinacceleratingthetrainingofmoderncryptographytalentsin China. Thisbookrequiresthereadertohaveagoodfoundationinalgebra,numbertheory andprobabilitystatistics.Itissuitableforseniorstudentsmajoringinmathematics, compulsoryforcryptographyandscienceandengineeringpostgraduates.Itcanalso Preface vii beusedasthemainreferencebookforscientificresearchersengagedincryptography researchandcryptographicengineering. The main contents of this book have been taught in the seminar. My doctoral studentsHongZiwei,ChenMan,XuJie,ZhangMingpei,AssociateProfessorHuang WenlinandDr.TianKunhaveallputforwardmanyusefulsuggestionsandhelpfor thecontentsofthisbook.Inparticular,ChenManhasdevotedalotoftimeandenergy totextprintingandproofreading.Here,Iwouldliketoexpressmydeepgratitudeto them! Beijing,China ZhiyongZheng November2021 Contents 1 PreparatoryKnowledge ......................................... 1 1.1 Injective .................................................. 1 1.2 ComputationalComplexity .................................. 3 1.3 JensenInequality ........................................... 9 1.4 StirlingFormula ............................................ 12 1.5 n-foldBernoulliExperiment ................................. 15 1.6 ChebyshevInequality ....................................... 17 1.7 StochasticProcess .......................................... 26 References ..................................................... 32 2 TheBasisofCodeTheory ....................................... 35 2.1 HammingDistance ......................................... 36 2.2 LinearCode ............................................... 44 2.3 LeeDistance ............................................... 51 2.4 SomeTypicalCodes ........................................ 55 2.4.1 HadamardCodes ..................................... 55 2.4.2 BinaryGolayCodes .................................. 57 2.4.3 3-AryGolayCode ................................... 61 2.4.4 Reed–MullerCodes .................................. 64 2.5 ShannonTheorem .......................................... 74 References ..................................................... 87 3 ShannonTheory ............................................... 91 3.1 InformationSpace .......................................... 91 3.2 JointEntropy,ConditionalEntropy,MutualInformation .......... 96 3.3 Redundancy ............................................... 103 3.4 MarkovChain ............................................. 110 3.5 SourceCodingTheorem ..................................... 114 3.6 OptimalCodeTheory ....................................... 121 3.7 SeveralExamplesofCompressionCoding ..................... 130 3.7.1 MorseCodes ........................................ 130 3.7.2 HuffmanCodes ...................................... 132 ix x Contents 3.7.3 Shannon–FanoCodes ................................. 133 3.8 ChannelCodingTheorem ................................... 135 References ..................................................... 150 4 CryptosystemandAuthenticationSystem ........................ 153 4.1 DefinitionandStatisticalCharacteristicsofCryptosystem ........ 153 4.2 FullyConfidentialSystem ................................... 158 4.3 IdealSecuritySystem ....................................... 160 4.4 MessageAuthentication ..................................... 163 4.5 ForgeryAttack ............................................. 165 4.6 SubstituteAttack ........................................... 168 4.7 BasicAlgorithm ............................................ 171 4.7.1 AffineTransformation ................................ 171 4.7.2 RSA ............................................... 174 4.7.3 DiscreteLogarithm ................................... 180 4.7.4 KnapsackProblem ................................... 187 References ..................................................... 195 5 PrimeTest ..................................................... 197 5.1 FermatTest ................................................ 197 5.2 EulerTest ................................................. 202 5.3 MonteCarloMethod ........................................ 213 5.4 FermatDecompositionandFactorBasisMethod ................ 217 5.5 ContinuedFractionMethod .................................. 222 References ..................................................... 227 6 EllipticCurve .................................................. 229 6.1 BasicTheory .............................................. 229 6.2 EllipticCurvePublicKeyCryptosystem ....................... 236 6.3 EllipticCurveFactorization .................................. 244 References ..................................................... 250 7 Lattice-BasedCryptography .................................... 253 7.1 GeometryofNumbers ...................................... 253 7.2 BasicPropertiesofLattice ................................... 264 7.3 IntegerLatticeandq-AryLattice ............................. 280 7.4 ReducedBasis ............................................. 286 7.5 ApproximationofSVPandCVP ............................. 296 7.6 GGH/HNFCryptosystem .................................... 308 7.7 NTRUCryptosystem ........................................ 319 7.8 McEliece/NiederreiterCryptosystem .......................... 334 7.9 Ajtai/DworkCryptosystem .................................. 343 References ..................................................... 350 References ........................................................ 353