Public-Key Cryptosystems and RSA

Questions and Answers

Explain the nuanced difference in usage between the adverbs 还 (hái) and 也 (yě) when both translate to 'also'. Give an example sentence using 还 (hái) in a way that 也 (yě) would not be appropriate, and explain why.

还 (hái) often implies 'still' or 'in addition to what was before,' suggesting a continuation of a state or action or an unexpected addition. 也 (yě) simply means 'also' without that implication. Example: 他病了，还得工作 (Tā bìng le, hái děi gōngzuò - He is sick, but he still has to work). 也 would not fit here because it loses the sense of obligation despite the illness.

The text provides the word 房间 (fáng jiān) which translates to room; however, it does not specify which room. If you were going to sleep in a room, which room would that be? Provide that room's name in Chinese, with pinyin and English translation.

卧室 (wò shì), which means bedroom.

Construct a sentence in Chinese, using pinyin, that includes the phrase '在我的右边 (zài wǒ de yòu biān)' and describes the location of a specific piece of furniture (from the 'Furniture and Equipment' section) in relation to yourself.

我的电脑在我的右边。(Wǒ de diànnǎo zài wǒ de yòu biān.) My computer is on my right.

Explain the difference between the usage of 上 (shàng) and 下 (xià) as directional words and when they are used to describe 'upstairs' and 'downstairs'.

上 (shàng) means 'on, above, or up,' and 下 (xià) means 'bottom, under, or down' as directional words. To describe 'upstairs' one can say 上楼 (shàng lóu) and to describe 'downstairs' one can say 下楼 (xià lóu).

Synthesize information from sections A and B to create a Chinese sentence, with pinyin, describing someone's location in relation to a room in a house. For instance, 'He is outside the kitchen.'

他在厨房外面。(Tā zài chúfáng wàimiàn.) He is outside the kitchen.

The word '还 (hái)' can function as both an adverb and a verb. Provide two distinct sentences, one illustrating its use as an adverb and the other as a verb, with pinyin and English translations.

Adverb: 他还好。(Tā hái hǎo.) - He is still well/okay. Verb: 还要还书。(Hái yào huán shū.) - Still need to return the book.

The page references the use of the word '在', which is used to indicate location. Using the formatting 'Person + 在 + Place + 做什么', translate 'I am at home watching TV.' to Chinese, including correct pinyin.

我在家看电视。(Wǒ zài jiā kàn diànshì.)

Compare furniture which is likely to be made of wood.

桌子 (zhuō zi), 椅子 (yǐ zi)

Analyze the components of the phrase '在哪里 (zài nǎ lǐ)' and explain how each contributes to the overall meaning of 'where'.

在 (zài) indicates location, 哪 (nǎ) means which, and 里 (lǐ) means inside. Together, they form a question asking 'in which location' or simply 'where'.

Formulate a question in Chinese, with pinyin, asking someone what they are doing outside, using the phrase '你在外面做什么？(Nǐ zài wàimiàn zuò shénme?)', and then provide a possible answer indicating they are playing tennis.

Question: 你在外面做什么？(Nǐ zài wàimiàn zuò shénme?) Answer: 我在外面打网球。(Wǒ zài wàimiàn dǎ wǎngqiú.)

Flashcards

Zài (在)

In, on, at (location)

Shàng (上)

Top, above, up

Xià (下)

Bottom, under, down

Zuǒ (左)

Left

Yòu (右)

Right

Qián (前)

Front, before

Hòu (后)

Back, after

Wài (外)

Outside

Huā yuán (花园)

Garden

Shā fā (沙发)

Sofa

Study Notes

Public-key Cryptosystems

• Private-key cryptosystems require secure key exchange between parties.
• Public-key cryptosystems utilize a public key, distributed to anyone, and a private key, kept secret.
• Alice sends a message to Bob by using Bob's public key to encrypt the message.
• Bob then decrypts this message using his private key.
• Eve cannot decrypt the message, even if intercepted, without Bob's private key.
• Encryption algorithms need to easily allow Alice to encrypt using Bob's public key and to easily allow Bob to decrypt using his private key.
• Further, they must make it impossible for Eve to decrypt the message, even with Bob's public key.

RSA Cryptosystem: Basic Idea

• Invented in 1977 by Rivest, Shamir, and Adleman, RSA is based on number theory.
• It is easy to find two large prime numbers $p$ and $q$.
• Multiplying $p$ and $q$ to get $n$ is simple
• Factoring $n$ to retrieve $p$ and $q$ is very hard

How RSA Works

• Choose two large prime numbers, $p$ and $q$.
• Compute $n = pq$.
• Select an integer $e$ such that $1 < e < (p-1)(q-1)$ and $\gcd(e, (p-1)(q-1)) = 1$
• Determine $d$ as the inverse of $e$ modulo $(p-1)(q-1)$, meaning $de \equiv 1 \pmod{(p-1)(q-1)}$.
• The public key is $(n, e)$, and the private key is $d$.
• Encryption: $c = m^e \pmod{n}$, where $m$ is the message.
• Decryption: $m = c^d \pmod{n}$, where $c$ is the ciphertext.

RSA Functionality

• We have $de = 1 + k(p-1)(q-1)$ because $de \equiv 1 \pmod{(p-1)(q-1)}$ for some integer $k$.
• $c^d \equiv (m^e)^d \equiv m^{ed} \equiv m^{1 + k(p-1)(q-1)} \equiv m \cdot (m^{p-1})^{k(q-1)} \pmod{p}$
• $m^{p-1} \equiv 1 \pmod{p}$, according to Fermat's Little Theorem, if $p \nmid m$.
• $c^d \equiv m \cdot (m^{p-1})^{k(q-1)} \equiv m \cdot 1^{k(q-1)} \equiv m \pmod{p}$
• $m \equiv 0 \pmod{p}$ if $p \mid m$, therefore $c^d \equiv 0 \equiv m \pmod{p}$.
• $c^d \equiv m \pmod{p}$
• Similarly, $c^d \equiv m \pmod{q}$.
• $c^d \equiv m \pmod{n}$ because $c^d \equiv m \pmod{p}$ and $c^d \equiv m \pmod{q}$

RSA Example

• Assume $p = 7$ and $q = 11$.
• Thus, $n = pq = 77$ and $(p-1)(q-1) = 6 \cdot 10 = 60$.
• Let $e = 17$, where $\gcd(17, 60) = 1$.
• Find $d$ where $17d \equiv 1 \pmod{60}$, or $17d = 1 + 60k$ for some integer $k$.
• $d = 53$, since $17 \cdot 53 = 901 = 1 + 15 \cdot 60$.
• The public key is $(77, 17).
• The private key is $53$.
• For message $m = 2$, the encrypted message is $c = m^e \pmod{n} = 2^{17} \pmod{77} = 131072 \pmod{77} = 26$.
• Decryption: $m = c^d \pmod{n} = 26^{53} \pmod{77} = 2$.

RSA Security

• RSA's security stems from the difficulty of factoring $n$.
• If $n$ can be factored, $p$ and $q$ can be found, enabling the computation of $(p-1)(q-1)$ and then $d$ from $e$.
• Factoring algorithms have exponential time complexity relative to the number of digits in $n$.
• Large $p$ and $q$ values are required to secure RSA; in practice, primes with several hundred digits are used.

Mechanism Design without Money

Social Choice Function

• A social choice function (SCF) $f: \Theta \rightarrow X$ maps each profile of agent preference types $\theta \in \Theta$ to an outcome $x \in X$.
• Type space and possible outcomes are represented by $\Theta = \Theta_1 \times \ldots \times \Theta_n$ and $X$, respectively.

Mechanism

• A mechanism is a mapping $M: A \rightarrow X$ that goes from agent actions $a \in A = A_1 \times \ldots \times A_n$ to outcomes $x \in X$.
• Agents make actions $a_i \in A_i$ using their type $\theta_i \in \Theta_i$

Dominant Strategy Implementation

• A mechanism $M$ implements the SCF $f$ in dominant strategies if there exists a strategy profile $s^* = (s_1^, \ldots, s_n^)$ such that:
• For all agents $i$, types $\theta_i \in \Theta_i$, and actions of others $a_{-i} \in A_{-i}$, $M(s_i^*(\theta_i), a_{-i}) \succeq_i M(a_i, a_{-i}) \quad \forall a_i \in A_i$
  • Truthful reporting is a dominant strategy
• For all $\theta \in \Theta$, $M(s^*(\theta)) = f(\theta)$
  • The outcome of the mechanism with truthful reporting is the desired outcome

Strategy-Proofness

• A mechanism $M$ is strategy-proof if for all agents $i$, all types $\theta_i \in \Theta_i$, and all possible actions of the other agents $a_{-i} \in A_{-i}$:
  • $M(\theta_i, a_{-i}) \succeq_i M(a_i, a_{-i}) \quad \forall a_i \in A_i$

Gibbard-Satterthwaite Theorem

• This characterizes all SCFs adaptable in dominant strategies.
• This applies to any setting with agents and outcomes.
• Agents have complete preferences over outcomes
• Preferences are independent of each other
• The SCF is onto

Dictatorial SCF

• A SCF $f$ is dictatorial if there exists an agent $i$ such that for all $\theta \in \Theta$, $f(\theta) \succeq_i x \quad \forall x \in X$

Gibbard-Satterthwaite Theorem

• Suppose that:
  • There are at least three possible outcomes ($|X| \geq 3$).
  • The SCF $f$ is onto.
  • Agents have complete preferences over outcomes.
• $f$ is implementable in dominant strategies if and only if it is dictatorial.