\documentclass[11pt]{article}
\usepackage{amsfonts,amsthm,amsmath,amssymb}
\usepackage{array}
\usepackage{epsfig}
\usepackage{fullpage}
\usepackage{color}


%%%%%%%%%%%%%%% MACROS specific to this PSET %%%%%%%%%%%%%%%%%%%%%%


\newcommand{\lat}{\mathcal{L}}
\newcommand{\basis}{\mathbf{B}}

\newcommand{\vol}{\mathsf{vol}}
\newcommand{\sh}{\lambda_1}
%\newcommand{\det}{\mathsf{det}}

\newcommand{\Z}{\mathbb{Z}}
\newcommand{\R}{\mathbb{R}}
\newcommand{\Q}{\mathbb{Q}}
\newcommand{\N}{\mathbb{N}}

%%%%%%%%% Vectors and Matrices

\newcommand{\vecv}{\mathbf{v}}
\newcommand{\vecb}{\mathbf{b}}
\newcommand{\vecbt}{\widetilde{\vecb}}
\newcommand{\vecs}{\mathbf{s}}
\newcommand{\vect}{\mathbf{t}}
\newcommand{\vecy}{\mathbf{y}}

\newcommand{\matB}{\mathbf{B}}

\newcommand{\poly}{\mathsf{poly}}
\newcommand{\Span}{\mathsf{Span}}
\newcommand{\dist}{\mathsf{dist}}


\def\rot{\mathsf{Rot}}
\def\bydef{\stackrel{\Delta}{=}}


\def\matA{\mathbf{A}}
\def\vecy{\mathbf{y}}
\def\vece{\mathbf{e}}
\def\vecz{\mathbf{z}}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%



\title{MAT 301 Problem Set 4\\{\large [Posted: February 19, 2012. Due: March 12, 2012. Worth: 100 points]}}
\author{}
\date{}

\begin{document}
\maketitle
%\input{pset-preamble.tex}

%\lecture{1}{Vinod Vaikuntanathan}{September 13, 2011}{October 3, 2011}


\def\sslwe{\mathsf{ssLWE}}
\def\lwe{\mathsf{LWE}}

% Macros for vectors
\def\veca{\mathbf{a}}
\def\vecs{\mathbf{s}}
\def\vecc{\mathbf{c}}

\vspace*{-0.7in}

\medskip\noindent
{\bf Note:} I value {\em succinct} and {\em clearly written} solutions {\em without unnecessary verbiage}. Such solutions will be rewarded with bonus points.

\medskip \noindent
\begin{enumerate}

\item \textbf{RSA Weakness (20 points)}
\begin{itemize}
\item (3 points) Prove the identity
\[ xy = \bigg( \frac{x+y}{2} \bigg)^2 - \bigg( \frac{x-y}{2} \bigg)^2 \]
\item (17 points) 
The RSA encryption system turns out to be insecure if
you choose the RSA primes $P$ and $Q$ to be very close to each other. In particular,
show that if the difference between $P$ and $Q$ is at most $100$ (namely, $|P-Q| \leq 100$),
you can quickly find $P$ and $Q$, given only $N=PQ$ in about $100$ operations.
\end{itemize}

\item \textbf{Carmichael Numbers (30 points)}
Let $N=PQ$ be a product of two distinct primes $P$ and $Q$.
\begin{enumerate}

\item (10 points) Prove that if $N$ is a Carmichael number, then
$P-1$ divides $N-1$, and $Q-1$ divides $N-1$.\\
\texttt{[Use the fact that $\mathbb{Z}_P^*$ has a generator since $P$ is prime. So does $Z_Q^*$.]}

\item (18 points) Let $P$ be the larger of the two prime factors of $N$.
Can it be the case that $P-1$ divides $N-1$? If yes, give an
example of such a $P$, $Q$ and $N$. If not, why not?

\item (2 points) Use the parts above to show 
that no Carmichael number can be a product of two
distinct prime numbers.

\end{enumerate}


\item \textbf{Discrete Logarithms (20 points)}
Compute the discrete logarithms below, whenever they exist.

\begin{enumerate}
\item Solve for an $x$ such that $2^{x} = 7 \pmod{19}$.

\item Solve for an $x$ and $y$ such that $2^{x}3^y = 5 \pmod{17}$.
\end{enumerate}

\item \textbf{Chinese Remaindering (30 points)}
What is $18! \pmod{437}$?\\
\texttt{[Hint: $437=19\cdot 23$. Use Wilson's Theorem and the Chinese Remainder Theorem.]}
\end{enumerate}

\end{document}