Teachers As Scholars (Steven J Miller: sjm1 AT williams.edu)

LQWURGXFWLRQ WR FUBSWRJUDSKB (Introduction to Cryptography)

Wednesday, March 20th and Wednesday, March 27th, 2019

Quick links to sub-pages:    Cryptography        Math Riddles        My Homepage

Cryptography

The ability to encode information so that only certain recipients can read it (or, conversely, to read information you are not supposed to have!) contains some of the most exciting applications of pure and applied mathematics. Since at least the time of Julius Ceasar (the title to this course is encoded with the cipher he made famous), codes and ciphers have been used to protect important information. We'll discuss various cryptosystems used over the centuries, mixing history and theory. In the course of our studies we'll discuss results from number theory, group theory, graph theory and combinatorics. This seminar is most appropriate for middle school and high school math teachers, but anyone who enjoys numbers and problem solving is welcome.

DAY ONE: March 20, 2019:

• Lecture One: Introduction to Cryptography: Alphabet Codes
  • Video: https://youtu.be/3SVX8EpRESU
  • Classical cryptography: This is the core chapter. It begins with one of the oldest ciphers, and continues through subsequent improvements. This is from an earlier version of my book.
  • Civil war message just decoded -- fortunately it wasn't needed! (Another version of the story here.) A nice application of the Vigenere cipher. See also the notes by my colleague here.
  • Enigma and Ultra: The Germans believed their Enigma code was secure; fortunately for us the Allies were able to crack it. In this short chapter we'll discuss some of the mathematics behind Enigma, and see why the Germans reasonably felt that it would be impossible to break.
    • The NSA (more links to them later) has some nice pamphlets on cryptography. Two especially good and accessible ones deal with the German code Enigma, and Ultra, the allied deciphering of it. I strongly urge you to look at the links here and share these with your students and colleagues. Another nice one is on the Battles of Coral Sea and Midway.
  • Article on how to view large numbers: https://io9.gizmodo.com/how-to-comprehend-incomprehensibly-large-numbers-1531604757
  • Wikipedia article on modular arithmetic: https://en.wikipedia.org/wiki/Modular_arithmetic
  • TAKEAWAYS / ITEMS FOR CLASSES:
    • What looks hard could be easy (frequency analysis destroys the general alphabet cipher), how rapidly certain functions grow, the power of generalizing (clock arithmetic: going from a 12 hour clock to a general clock), how easy it is to hide things (thin of the modified Rubik's cubes which if you know how to do the standard one become that if you hold it at the right angle).
• Lecture Two: German Tank Problem
  • Video: https://youtu.be/-zcdmE_fscc
  • Slides: https://web.williams.edu/Mathematics/sjmiller/public_html/math/talks/GermanTankProblem_Talk_UConn2019.pdf
  • Working draft of paper (as it is a work in progress email me at sjm1 AT williams.edu for  it)
  • Video of Europe during WWII, day by day: https://www.youtube.com/watch?v=WOVEy1tC7nk
  • My notes on the Method of Least Squares / Linear regression: https://web.williams.edu/Mathematics/sjmiller/public_html/probabilitylifesaver/MethodLeastSquares.pdf
  • A wrote a book on probability (publisher homepage here: https://press.princeton.edu/titles/11041.html; my hompeage with supplemental material here: https://web.williams.edu/Mathematics/sjmiller/public_html/probabilitylifesaver/index.htm).
    • Chapter one, with an analysis of the birthday problem (and some other items): http://assets.press.princeton.edu/chapters/s11041.pdf
  • Wikipedia article on binomial coefficients: https://en.wikipedia.org/wiki/Binomial_coefficient
  • Old handout on different types of proofs: https://web.williams.edu/Mathematics/sjmiller/public_html/372Fa15/handouts/proofs.html (a better formatted more advanced version is here, though sadly this is NOT the one in my book which has proof by story: https://web.williams.edu/Mathematics/sjmiller/public_html/372Fa15/handouts/AppendixI.pdf).
  • Video on Pascal's triangle mod 2: https://www.youtube.com/watch?v=tt4_4YajqRM
  • Lecture I gave in my probability class on the factorial function, binomial coefficients, and Pascal's triangle mod 2: https://www.youtube.com/watch?v=tt4_4YajqRM   
  • TAKEAWAYS / ITEMS FOR CLASSES:
    • The applicability of math/stats, the power of looking at things the right way (semi-log and log-log plots to transform data, show why we care about logarithms), how structure can be hiding in plain view if you know how to look at it (Pascal's triangle mod 2), how you can guess patterns by looking at the data (especially the second Pascal's triangle identity).
• Lecture Three: Introduction to RSA
  • Video: https://youtu.be/D_0fKq4LjFE
  • Public key encryption: In this chapter we discuss some modern cryptosystems. These are believed to provide a high level of security through the use of difficult math problems. The danger, of course, is just because no one has found a simple way to do a problem doesn't mean that there isn't a simple way. We discuss two systems, one based on graph theory (which we won't cover due to time constraints) and the other (RSA) based on primes.
  • Babylonian multiplication: http://math.widulski.net/worksheets/BabylonianMultiplication.html (this leads to the great concept of a look-up table); more generally see https://en.wikipedia.org/wiki/Babylonian_mathematics
  • Lecture I gave in my number theory class on the Euclidean algorithm: https://www.youtube.com/watch?v=BZwacoCYU4Y&feature=youtu.be
  • Two great papers on calculus and dogs (sometimes what is locally best is not globally best):
    • Do dogs know calculus: http://www.indiana.edu/~jkkteach/Q550/Pennings2003.pdf
    • Do dogs know bifurcations: https://www.maa.org/sites/default/files/pdf/upload_library/22/Polya/minton356.pdf
  • Some great algorithms that run faster than you might expect:
    • Horner's algorithm: https://en.wikipedia.org/wiki/Horner%27s_method
    • Strassen algorithm for matrix multiplication: https://en.wikipedia.org/wiki/Strassen_algorithm
    • Repeated squaring: https://en.wikipedia.org/wiki/Exponentiation_by_squaring
    • Euclidean algorithm: https://en.wikipedia.org/wiki/Euclidean_algorithm
  • TAKEAWAYS / ITEMS FOR CLASSES:
    • Just because you've always done something one way doesn't mean there isn't a better (think of Horner's algorithm), that special cases can often be done far better than the general case (think of fast multiplication / repeated squaring), the power of look-up tables and recording things you know and will need often (think of Babylonian multiplication), the most abstract mathematics can turn out to be useful (look what RSA is built on!), estimating the size of quantities.
• Riddles to think about for Day II
  • General code: http://mathriddles.williams.edu/?p=107 : Consider an army with 10 generals. One wants a security system such that any three of them can determine the code to launch nuclear missiles, but no two of them can. It is possible to devise such a system by using a quadratic polynomial, such as a x^2 + bx + c; to launch the missiles, one must input (a,b,c). One cannot just tell each general one of a, b, or c (as then it is possible that some subset of three generals won't know a, b and c); however, if a general knows two of (a,b,c), then a set of two generals can launch the missiles! What information should be given to the generals so that any three can find (a,b,c) but no two can? What about the general situation with N generals and any M can launch (but no set of M-1) can?
  • Three hats and a strange probability: http://mathriddles.williams.edu/?p=113 : Three players enter a room and a red or blue hat is placed on each person's head. The color of each hat is determined by a coin toss, with the outcome of one coin toss having no effect on the others. Each person can see the other players' hats but not his own. No communication of any sort is allowed, except for an initial strategy session before the game begins. Once they have had a chance to look at the other hats, the players must simultaneously guess the color of their own hats or pass. The group shares a hypothetical $3 million prize if at least one player guesses correctly and no players guess incorrectly.The same game can be played with any number of players. The general problem is to find a strategy for the group that maximizes its chances of winning the prize.
  • Pirates of the cryptobean: Imagine Alice and Bob are stranded on two different desert islands. Neither can travel to the other's island, but the pirate ship Revenge constantly sails between the two. Her captain isn't a bad guy and he's happy to carry any cargo between Alice and Bob. Unfortunately his sailors are easily tempted, and will steal anything from an unlocked box. Bob wants to send a ring to Alice and ask her to marry him. Bob and Alice each have their own lock and a key that opens only their lock. There's a box on the pirate ship that can be locked by either (or both) of their locks. How can Bob get the ring to Alice without the pirates taking it? Remember, so long as either Alice or Bob have their lock on the box, the pirates cannot open it and they'll transfer the item. The ring represents the information we want to send, and the pirates are the insecure channel.

DAY TWO: March 27, 2019:

• Lecture One: Why RSA Works
  • Video: https://youtu.be/lOjJumsfPts
  • Fermat's little Theorem: https://en.wikipedia.org/wiki/Fermat%27s_little_theorem
  • Euler Totient Function: https://en.wikipedia.org/wiki/Euler%27s_totient_function
  • Prime producing polynomial: http://mathworld.wolfram.com/Prime-GeneratingPolynomial.html and https://en.wikipedia.org/wiki/Formula_for_primes#Prime_formulas_and_polynomial_functions
  • Carmichael Numbers: https://en.wikipedia.org/wiki/Carmichael_number
  • Primality test: https://en.wikipedia.org/wiki/Primality_test
  • Summary: We developed just enough of abstract algebra to do RSA. We saw how we could use the Euclidean Algorithm to find d such that ed is 1 modulo (p-1)(q-1). We noticed that (p-1)(q-1) is the number of numbers from 1 to pq that are relatively prime to pq (with p, q two distinct primes). Many of the results we proved are special cases of more general ones (you are encouraged to explore some of the reading above or try on your own to see if you can push these forward). The goal is to derive just enough for the applications we need. We ended up giving two proofs on why RSA works. The first used Fermat's little Theorem with n = pq, the second used two applications of FlT with n=p and n=q, and then noting that the only numbers congruent to 1 mod p and 1 mod q are 1 mod pq; this is a nice trick of switching between two primes. For one example of results you can prove, look at (n-1)! modulo n. It's a very interesting result if n is prime.... Can you prove the pattern you see continues? Can it ever equal this value if n is composite? The result is Wilson's theorem (https://en.wikipedia.org/wiki/Wilson%27s_theorem) and can be used to create a (very slow!) primality test.
• Lecture Two: Error Detecting and Correcting
  • Video: https://youtu.be/g6OEHreS2vo
  • Divisibility Rules: https://en.wikipedia.org/wiki/Divisibility_rule
  • Bar codes and UPC: https://en.wikipedia.org/wiki/Bar_codes and https://en.wikipedia.org/wiki/Universal_Product_Code
  • Check Digits: https://en.wikipedia.org/wiki/Check_digit and in particular the Verhoeff algorithm: https://en.wikipedia.org/wiki/Verhoeff_algorithm
  • Three hat riddle: https://en.wikipedia.org/wiki/Hat_puzzle#Three-Hat_Variant
  • Summary: We saw some very simple ways to check for mistakes. We can detect errors easily, and with a bit more work correct them. There is, unfortunately as is common in life, a trade-off in correcting errors: the method we discussed (tell me three times / majority rule) has much of our message being check bits and only a small part actually the data we wish to send. Can we do better? Yes, as we see in the next lecture.
    • Seinfeld scenes from The Opposite, where George realizes he should do the opposite of his instincts: https://www.youtube.com/watch?v=RerJWv5vwxc and https://www.youtube.com/watch?v=vWCGs27_xPI
• Lecture Three: Error Correcting Codes (cont)
  • Video: https://youtu.be/DZeKfI_4M0g
  • Hamming Codes: https://en.wikipedia.org/wiki/Hamming_code
  • Summary: We saw how basic geometry and algebra can work together. Similar to many problems, if you look at things the right way the problem can be easy, the wrong way and it's a hair puller. If we start with the tell me three times the natural generation (writing the bits on a line) is tell me four times, tell me five times, .... This leads to a terrible percentage of data being transmitted. If, however, we write it as one bit in the upper left and then a check digit in the first row and another in the first column, then we can start playing with different geometry arrangements. For example, we saw triangles with 3 data bits, squares with 4 data bits, and then different patterns did differently for 6 points. We then extended to three dimensions -- what would we gain by going to 4?
• Lecture Four: Pythagorean Won-Loss Theorem
  • Video: https://www.youtube.com/watch?v=gFDly_6qOn4
  • Slides: http://web.williams.edu/Mathematics/sjmiller/public_html/150/talks/PythagWLTalk_Math105.pdf
  • Papers: https://web.williams.edu/Mathematics/sjmiller/public_html/math/papers/PythagWonLoss_Paper.pdf and https://web.williams.edu/Mathematics/sjmiller/public_html/math/papers/MillerEtAl_Pythagoras.pdf

Reading list: the following files are from an earlier version of a book I wrote, `The Mathematics of Encryption', with  Midge Cozzens, for a general audience. Feel free to download these files, but please do not distribute further. If you want to use variants of these in your schools, just let me know. Comments on choice of topics and exposition are especially welcome; email me at sjm1 AT williams.edu. I've also posted some links to related material for those who want to read more.

• Classical cryptography: This is the core chapter. It begins with one of the oldest ciphers, and continues through subsequent improvements. You should download and read all of this before class.
• Enigma and Ultra: The Germans believed their Enigma code was secure; fortunately for us the Allies were able to crack it. In this short chapter we'll discuss some of the mathematics behind Enigma, and see why the Germans reasonably felt that it would be impossible to break.
  • The NSA (more links to them later) has some nice pamphlets on cryptography. Two especially good and accessible ones deal with the German code Enigma, and Ultra, the allied deciphering of it. I strongly urge you to look at the links here and share these with your students and colleagues. Another nice one is on the Battles of Coral Sea and Midway.
• Public key encryption: In this chapter we discuss some modern cryptosystems. These are believed to provide a high level of security through the use of difficult math problems. The danger, of course, is just because no one has found a simple way to do a problem doesn't mean that there isn't a simple way. We discuss two systems, one based on graph theory (which we won't cover due to time constraints) and the other (RSA) based on primes. You should download and read this chapter before class.
  • Mod p arithmetic, group theory and cryptography: The public key encryption notes need some knowledge of primes and group theory. This chapter (from my book `An invitation to modern number theory', joint with Ramin Takloo-Bighash), goes through much of the number theory, though at a very high level. We probably won't discuss much of this, but I've included this for completeness. This is mostly for reference -- don't worry about reading this before class.
• Errror detecting and correcting: This chapter here deals with transmitting information in such a way that, not only can we detect when we've made certain errors, but we can also correct them! The mathematics is motivated through some riddles. These riddles can be used to excite and interest students, and naturally lead to the more advanced material. You should skim, but only skim, the part on error detection and correction before class.
  • You've seen these ideas all your life with UPC codes.
• Here are some notes I have written with Jim Kupetz, which are being used to develop computational modules for high school courses.
  • Crytography Unit
• Some cryptography links (no need to read these before the class):
  • Diffie-Helman-Merkle key exchange.
  • Articles from the NSA on cryptography (this is a link to many subpages).
  • Civil war message just decoded -- fortunately it wasn't needed! (Another version of the story here.) A nice application of the Vigenere cipher. See also the notes by my colleague here.
  • An encrypted message to Thomas Jefferson.
  • Here are some books recommended by the class last year:
    • The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography: By Simon Singh
    • In Code: A Mathematical Journey: By David Flannery and Sarah Flannery
    • Applied Cryptography: Protocols, Algorithms, and Source Code in C: By Bruce Schneier
  • For more resources on cryptography, see my webpage from the Winter Study course I taught at Williams in January, 2010. See also the riddles list.
  • Here are some programs I wrote (in Mathematica):
    • Caesar Cipher
    • Vigenere Cipher
    • Random alphabet permutation
    • Miller cipher: Caesar cipher with a twist
    • Another Miller cipher: adding and adding
    • Schrock polynomial cipher: how secure is this?

Math Riddles
I also maintain a math riddles page. Please feel free to share these riddles with your colleagues and your students, and let me know if there is anything I can do to make the site more useful for you and your classes. The goal is to add a student / teacher's corner sometime in the spring to facilitate using these in classrooms. If you're interested in helping, or want updates on the progress, let me know.

Notes from 2012: lecture notes taken by David Strasburger,   RSA implementation by Tom Chiari