Просмотр исходного кода

Giving structure to the book: creating chapters, and filling the one about Fermat.

* Trying to import latex packages in alphabetical order
* Creating new wrappers for natural numbers, big-O notation
* Playing with the algorithmic packages, and writing pseudocode for euler's GCD
  and Fermat's factorization algorithm
* Creating a bunch of file that I am going to write in the next couple of days
* Stating to write fermat's chapter, and proceeding with the following schema:
   - introduction, peculiarities of the method and purpose
   - mathematicla basis
   - pseudocode, eventually describing what's optimizable from the calculator's
     pov
   - thoughts about parallelization: is it parallelizable? if so, what's the
     best approach i've found?
Michele Orrù лет назад: 11
Родитель
Сommit
228697d728
9 измененных файлов с 259 добавлено и 31 удалено
  1. 1 0
      book/dixon.tex
  2. 78 0
      book/fermat.tex
  3. 26 0
      book/library.bib
  4. 99 0
      book/math_prequisites.tex
  5. 12 0
      book/preface.tex
  6. 34 19
      book/question_authority.tex
  7. 6 0
      book/ssl_prequisites.tex
  8. 2 11
      book/wiener.tex
  9. 1 1
      src/questions/fermat.c

+ 1 - 0
book/dixon.tex

@@ -0,0 +1 @@
+\chapter{Dixon}

+ 78 - 0
book/fermat.tex

@@ -0,0 +1,78 @@
+\chapter{Fermat's Factorization Algorithm \label{chap:fermat}}
+
+Excluding the trial division, Fermat's method is the oldest known systematic
+method for factorizing integers. Even if its algorithmic complexity is not
+really among the most efficient, it holds still a practical interest whenever
+the two primes are sufficiently close.
+Indeed, \cite{DSS2009} \S B.3.6 explicitly reccomends that $|p-q| \geq \sqrt{N}2^{-100}$,
+in order to address this kind of threat, for any key of bitlength $1024,\ 2048,\ 3072$.\\
+The basic idea is to attempt to write $N$ as a difference of squares,
+\begin{align}
+\label{eq:fermat_problem}
+x^2 - N = y^2
+\end{align}
+
+So, we start by $x = \ceil{\sqrt{N}}$ and check that $x^2-N$ is a perfect
+square. If it isn't, we iterativelly increment $x$ and check again, until we
+find a pair $\angular{x, y}$ satisfying equation \ref{eq:fermat_problem}.
+Once found, we claim that $N = pq = (x+y)(x-y)$; it is indeed true that:
+\begin{proof}
+  \label{proof:fermat}
+  \begin{align*}
+    x^2 - N = y^2 \\
+    x^2 - y^2 = N \\
+    (x+y)(x-y) = N \\
+    x+y \mid N \ \land \  x-y \mid N
+  \end{align*}
+\end{proof}
+
+As it is straightforward to see, the order of magnitude of this algorithm is
+$\bigO{\sqrt{N}}$.
+
+\section{An Implementative Perspective}
+
+At each iteration, the $i-$th state is hold by the pair $\angular{x, x^2}$.\\
+The later step, described by $\angular{x+1, (x+1)^2}$ can be computed efficently
+considering the square of a binomial: $\angular{x+1, (x^2) + (x \ll 1) + 1}$.
+The upperbound, instead, is reached when
+$ \Delta = p - q  = x + y - x + y = 2y > 2^{-100}\sqrt{N}$.
+
+Algorithm ~\ref{alg:fermat} presents a simple implementation of this
+factorization method, taking into account the small aptimizations
+aforementioned.
+
+\begin{algorithm}
+  \caption{Fermat Factorization \label{alg:fermat}}
+  \begin{algorithmic}[1]
+    \State $x \gets \floor{\sqrt{N}}$
+    \State $x^2 \gets xx$
+
+    \Repeat
+    \State $x \gets x+1$
+    \State $x^2 \gets x^2 + x \ll 1 + 1$
+    \State $y, rest \gets sqrt(x^2 - N)$
+    \Until{ $rest \neq 0 \land y < \frac{\sqrt{N}}{2^{101}}$ }
+
+    \If{ $rest = 0$ }
+    \State $p \gets x+y$
+    \State $q \gets x-y$
+    \State \Return $p, q$
+    \Else
+    \State \Return \textbf{nil}
+    \EndIf
+    \end{algorithmic}
+\end{algorithm}
+
+
+\section{Thoughts about parallelization}
+
+During each single iteration, the computational complexity is dominated by the
+quare root's $sqrt()$ function, which belongs to the class
+\bigO{lg^2 N}, as we saw in section ~\ref{sec:preq:sqrt}.
+
+Even if at first sight might seem plausible to split
+
+As we saw in Chapter ~\ref{chap:preq}, th
+%%% Local Variables:
+%%% TeX-master: "question_authority.tex"
+%%% End:

+ 26 - 0
book/library.bib

@@ -10,10 +10,36 @@
 }
 
 
+%% reccomended limits of p-q
+@misc{DSS2009,
+  title={FIPS PUB 186-3: Digital Signature Standard},
+  author={NIST},
+  year={2009}
+}
+
 %% here there's the descriptions for an efficient computation of fₚ(x) = y . y² ≡ x (mod p)
 %% [openssl implements it]
 @misc{ieee2001ieee,
   title={IEEE P1363a D10 (Draft Version 10): Standard Specifications for Public Key Cryptography: Additional Techniques, IEEE P1363 Working Group, Working draft},
   author={IEEE P1363 Working Group and others},
   year={2001}
+}
+
+
+@book{AOCPv2,
+ author = {Knuth, Donald E.},
+ title = {The Art of Computer Programming, Volume 2 (3rd Ed.): Seminumerical Algorithms},
+ year = {1997},
+ isbn = {0-201-89684-2},
+ publisher = {Addison-Wesley Longman Publishing Co., Inc.},
+ address = {Boston, MA, USA},
+}
+
+@book{MITalg,
+  author = "T.~H. Cormen and C.~E. Leiserson and R.~L. Rivest and C.~Stein",
+  edition = "3rd",
+  publisher = "The MIT Press",
+  title = "Introduction to Algorithms",
+  year = 2009,
+  isbn = "978-0-262-03384-8"
 }

+ 99 - 0
book/math_prequisites.tex

@@ -0,0 +1,99 @@
+\chapter{Mathematical prequisites \label{chap:preq}}
+
+\section{Euclid's Greatest Common Divisor}
+
+Being the gratest common divisor a foundamental algebraic operation in the ssl
+protocol, \openssl implemented it with the following signature:
+
+\begin{minted}[fontsize=\small]{c}
+  int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+\end{minted}
+
+The computation proceeds under the well-known Euclidean algorithm, specifically
+the binary variant developed by Josef Stein in 1961 \cite{AOCPv2}. This variant
+exploits some interesting properties of $gcd(u, v)$:
+
+\begin{itemize}
+  \setlength{\itemsep}{1pt}
+  \setlength{\parskip}{0pt}
+  \setlength{\parsep}{0pt}
+\item if $u,\ v$ are even, then $gcd(u, v) = 2gcd(u/2, v/2)$
+\item if $u$ is even and $v$ is odd, then $gcd(u, v) = gcd(u/2, v)$
+\item  $gcd(u, v) = gcd(u-v, v)$, as in the standard Euclid's algorithm
+\item the sum of two odd numbers is always even
+\end{itemize}
+
+% Donald Knuth, TAOCP, "a binary method", p. 388 VOL 2
+Both \cite{AOCPv2} and \cite{MITalg} analyze the running time for the algorithm,
+even if \cite{clrs}'s demonstration is fairly simpler and proceeds %elegantly
+by induction.
+Anyway, both show that algorithm ~\ref{alg:gcd} belongs to the class
+\bigO{\log b}.
+
+\begin{algorithm}
+  \caption{\openssl's GCD \label{alg:gcd}}
+  \begin{algorithmic}[1]
+    \State $k \gets 0$
+    \While{$v \neq 0$}
+      \If{$u$ is odd}
+        \If{$v$ is odd}
+          \State $a \gets (a-b) \ll 1$
+        \Else
+          \State $b = b \ll 1$
+        \EndIf
+        \If{$a < b$} $a, b \gets b, a$ \EndIf
+
+      \Else
+        \If{$v$ is odd}
+          \State $a = a \ll 1$
+          \If{$a < b$} $a, b = b, a$ \EndIf
+        \Else
+          \State $k = k+1$
+          \State $a, b = a \ll 1, b \ll 1$
+        \EndIf
+      \EndIf
+    \EndWhile
+    \State \Return $a \ll k$
+
+  \end{algorithmic}
+\end{algorithm}
+
+
+\section{RSA Cipher}
+
+XXX.
+define RSA, provide the simple keypair generation algorithm.
+
+From now on, except otherwise specified, the variable $N=pq$ will refer to the
+public modulis of a generis RSA keypair, with $p, q\ .\ p > q$ being the two primes
+factorizing it. Again, $e, d$ will respectively refer to the public exponent and
+the private exponent.
+
+
+\section{Algorithmic Complexity Notation}
+The notation used to describe asymptotic complexity follows the $O$-notation,
+abused under the conventions and limits of MIT's Introduction to Algorithms.
+
+Let \bigO{g} be the asymptotic upper bound of g:
+$$
+O(g(n)) = \{ f(n) : \exists n_0, c \in \naturalN \mid 0 \leq f(n) \leq cg(n)
+             \ \forall n > n_0 \}
+$$
+
+With the writing $f(n) = O(g(n))$ we will actually interpret
+$f(n) \in O(g(n))$.
+
+\section{Square Root \label{sec:preq:sqrt}}
+
+Computing the square root has been another foundamental requirement of the
+project, though not satisfied by \openssl. Apprently,
+% \openssl is a great pile of crap, as phk states
+\openssl does not provide
+XXX.
+define square root in the algebraic notation
+discuss method of computation for square root
+
+%%% Local Variables:
+%%% mode: latex
+%%% TeX-master: "question_authority"
+%%% End:

+ 12 - 0
book/preface.tex

@@ -0,0 +1,12 @@
+\chapter{Preface}
+
+Even if RSA's keypair generation algorithms is simple and fairly
+straightforward, it turns out that any software willing to provide such a
+feature does have to test the pair candidate against a substantious number of
+tests before claiming its security.
+
+The purpose of this project is to
+%%% Local Variables:
+%%% mode: latex
+%%% TeX-master: "question_authority"
+%%% End:

+ 34 - 19
book/question_authority.tex

@@ -1,27 +1,29 @@
-%% Using thesis custom template.
-\documentclass[9pt,a4paper,twoside]{thesis}
+\documentclass[11pt,a4paper,twoside]{thesis}
 
 %% PACKAGES
 \usepackage[utf8]{inputenc}
 \usepackage[T1]{fontenc}
+\usepackage{algorithm}
+\usepackage[noend]{algpseudocode}
 \usepackage{amsmath}
+\usepackage{amsthm}
 \usepackage{amsfonts}
 \usepackage{amssymb}
-\usepackage{hyperref}
-%% Colors packages.
+\usepackage{amsthm}
+\usepackage{cite}
 \usepackage[dvips]{color}
-% or alternatively [usenames,dvips] if using ordinary LaTeX rather than pdfLaTeX
-%% Images packages.
+\usepackage{epigraph}
+\usepackage{fancyhdr}
 \usepackage{graphicx}
+\usepackage{indentfirst}
+\usepackage{mathtools}
+\usepackage{minted}
 \usepackage{makeidx,shortvrb,latexsym}
-\usepackage{fancyhdr}
-%\usepackage[boxed]{algorithm}
+\usepackage{supertabular}
 %\usepackage{algorithmic}
-\usepackage{amsthm}
-\usepackage{indentfirst}
 %\usepackage{xypic}
 %% setting epigraphs
-\usepackage{epigraph}
+
 \renewcommand{\epigraphsize}{\small}
 \setlength{\epigraphwidth}{0.8\textwidth}
 \let\origepigraph\epigraph
@@ -29,10 +31,17 @@
 
 \input xy
 \xyoption{all}
-%% Table packages.
-\usepackage{supertabular}
+
 
 %% COMMANDS
+\DeclarePairedDelimiter{\floor}{\lfloor}{\rfloor}
+\DeclarePairedDelimiter{\ceil}{\lceil}{\rceil}
+\DeclarePairedDelimiter{\angular}{\langle}{\rangle}
+
+\newcommand{\naturalN}{\mathbb{N}}
+\newcommand{\bigO}[1]{\ensuremath{\operatorname{O}\left(#1\right)}}
+\newcommand{\openssl}{\textsc{OpenSSL}\ }
+
 %\newcommand{\pe}{\psi}
 \def\d{\delta}
 \def\ds{\displaystyle}
@@ -190,10 +199,14 @@ $\square$
   \centering
   \includegraphics[width=80pt]{kopimi.png}
 \end{figure}
-%\part{}
-%\include{chap1}
-%\include{chap2}
-%\part{}
+\include{preface}
+\part{Prequisites}
+\include{ssl_prequisites}
+\include{math_prequisites}
+\part{Factorization Methods}
+\include{fermat}
+\include{wiener}
+
 %\include{chap3}
 %\include{chap5}
 %\part{}
@@ -206,6 +219,8 @@ $\square$
 %\part{Appendice }
 %\include{appendice}
 \backmatter
-\bibliography{refs_CGC}
-\addcontentsline{toc}{chapter}{Bibliografia}
+\bibliography{library.bib}
+\bibliographystyle{plain}
+\clearpage
+\addcontentsline{toc}{chapter}{Bibliography}
 \end{document}

+ 6 - 0
book/ssl_prequisites.tex

@@ -0,0 +1,6 @@
+\chapter{The Secure Socket Layer \label{chap:ssl}}
+
+
+cos'e
+differenze tra le varie versioni
+la certification autority

+ 2 - 11
book/wiener.tex

@@ -1,14 +1,7 @@
-\documentclass[10pt, a4paper]{report}
-\usepackage[a4paper,
-  inner=1.5cm, outer=3cm,
-  top=3cm, bottom=3cm,
-  bindingoffset=1cm]{geometry}
-\usepackage{minted}
-\usepackage{hyperref}
-
-\begin{document}
+\chapter{Wiener's Attack}
 
 \section{Bombelli's Algoritm}
+
 %% cuz python is pseudocode.
 \begin{minted}[fontsize=\small]{python}
   def intsqrt(a):
@@ -32,5 +25,3 @@
     return (x, r)
 \end{minted}
 Has complexity $O(\log ^2 n)$.
-
-\end{document}

+ 1 - 1
src/questions/fermat.c

@@ -1,7 +1,7 @@
 /**
  * \file Fermat's factorization
  *
- * According to the Digital Signature Standard,  |p - q| = Δ < √N 2⁻¹⁰⁰
+ * According to the Digital Signature Standard,  |p - q| = Δ > √N 2⁻¹⁰⁰
  * Otherwise, it is possible to factorize N using Fermat's Factorization.
  * Specifically, we try to solve
  *  a² - N = b²