1.1

• Prove that there are N! distinct ways to arrange a sequence of N distinct symbols.
  ans: $a_n=n*a_{n-1}$
• How many nontrivial recreational cipher keys on an alphabet of size 26 are there?
  ans: N!-1
• How many recreational cipher keys are there satisfying the requirement that no letter is represented by itself?
  思路：
  ans:
  $N!-(C_{N}^{1}(N-1)!-C_{N}^{2}(N-2)!+C_{N}^{3}(N-3)!-...+...) \\ = \frac{N!}{2!}-\frac{N!}{3!}+\frac{N!}{4!}-\frac{N!}{5!}+...-...$
  当N足够大时，根据泰勒展开得到：
  $上式\approx \frac{N!}{e}$

1.2

• Estimate the value of $log_2(256!)$. How many bits does it take to express this
  number?
  ans: 1684，需要11位
• Estimate the value of $log_2(26^2!)$. How many bits does it take to express
  this number?
  ans: 5386，需要13位

1.3

• Prove that a (mod n) = b (mod n) if, and only if, a − b = 0 (mod n).

1.4

• If 10-digit phone numbers, by themselves, are encrypted by a certain asymmetric encryption device that requires 1 microsecond per encryption, how long would it take, on average, to simply encrypt every 10-digit number until a given ciphertext is obtained. How long would it take if it requires 1 millisecond per encryption?
  ans: 明文空间的大小 x 单位时间

1.5

• a) How many integers in the set $Z_{26} = \{0, . . . , 25\}$ have inverses under multiplication modulo 26?
  ans: 与26互质的数，即 $Z_{26}^*=\{x| x<26, gcd(x, 26)=1\}=\{1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, 25\}$

• b) How many two-by-two matrices over $Z_{23}$ have inverses modulo 23?
  ans: $\{M | M的元素<23, gcd(det M, 23)=1\}$

• c) How many two-by-two matrices over $Z_{26}$ have inverses modulo 26?

• ans: $\{M | M的元素<23, gcd(det M, 23)=1\}$

• d) In $Z_{26}$, does the matrix
  $M=\left[ \begin{matrix} 4 & 5 \\ 5 & 19 \end{matrix} \right]$
  have an inverse modulo 26? If so, find it.
  ans: $det M=25 (mod 26)$，因此逆元存在
  $M^{-1}=(detM)^{-1}\left[ \begin{matrix} 19 & -5 \\ -5 & 4 \end{matrix} \right]= \left[ \begin{matrix} 19*25 & -5*25 \\ -5*25 & 4*25 \end{matrix} \right] (mod 26)=\left[ \begin{matrix} 7 & 5 \\ 5 & 22 \end{matrix} \right]$

1.6

• a) Determine the number of keys in the affine cipher y = ax + b (mod 28).
  ans: 12*28=336
• b) Determine the number of keys in the affine cipher y = ax + b (mod 29).
  ans: 28*28=784

1.7

• By squaring all elements of $Z_{15}$, find all square roots of 1 modulo 15. How many zeros does the polynomial $x^2 − 1$ have in $Z_{15}$? Repeat this analysis for $Z_{17}$. In what way are the results different? Is there an explanation?
  ans: 15=3*5: {14,11,4,1}; 17: {16, 1}，区别在于15是合数，17是素数

1.8

• a) Prove that
  
  ans: 数学归纳法容易得到

• b) Is there any value of n for which this sum is a square?
  ans: 要求和结果的因子个数为奇数

• c) Express the condition that $\sum_{i=1}^{n}i^2$ is a square in terms of the (rational) zeros of a bivariate polynomial p(x, y) of degree three.

• d) Ponder but don’t answer the following question: Are there an infinite number of n for which $\sum_{i=1}^{n}i^2$ is a square? Pose this query in terms of a diophantine equation.

1.9

• Prove that there are an infinite number of primes.

1.10

• List the first ten primes of the form 4k + 1 with k an integer. List the first ten
  primes of the form 4k + 3 with k an integer. Are there any primes that are not of either of these forms? Comment on whether or not there are an infinite number of primes of each of these forms?

  ans: 素数为奇数而奇数有4k+1及4k+3两种表现形式，根据（狄利克雷关于等差数列中素数的定理）可以知道，等差数列{4k+1}及{4k+3}中均包含了无穷多个素数。

1.11

• Prove that if n is an integer and the sum of the digits of the decimal representation of n is divisible by 3, then n is divisible by 3. This problem is a curiosity in that the mathematical notation becomes part of the mathematics.
  ans:

  N % 3 = ( a + 10b + 100c ) % 3
  = ( a % 3 + 10b % 3 + 100c % 3 ) % 3
  = ( a % 3 + (10 % 3 * b) % 3 + ( 100 % 3 ) * c % 3 ) % 3
  = ( a % 3 + b % 3 + c % 3 ) % 3
  = ( a + b + c ) % 3
  

1.12

ans: detM=-2=1>0

1.13

• a) What is the period of the binary keystream sequence produced by the linear recursion $x_i = x_{i−3} + x_{i−4}$, where the plus sign denotes modulo-two addition (exclusive-or)?
  ans: 周期为15， $x_{i+15}=x_{i+12}+x_{i+11}=x_{i+9}+x_{i+8}+x_{i+8}+x_{i+7}=x_{i+9}+x_{i+7}=x_i$。
• b) What is the largest possible value of the period of a binary linear recursion
  of length L?
  ans: 因为按照抽屉原理，每次生成L长度的二进制值，只有 $2^L$中可能，显然不能出现0，因此为 $2^L-1$。

1.14

• Read brief biographies of Carl Frederick Gauss, Bernard Riemann, Alan Turing, Whitfield Diffie, and Claude Shannon and write a paragraph stating whom you most admire and why. Comment on their contributions to cryptography.

1.15

• The B´ezout theorem (贝祖定理) says that the two bivariate polynomials, p(x, y) and q(x, y) of degree m and n, respectively, over the complex number system have exactly mn common zeros in the plane C2 provided multiple zeros are counted as such and so-called points at infinity are counted whenever appropriate. Restate the B´ezout theorem in a simpler form for the special case in which q(x, y) = y.
  ans: 贝祖定理说的是是阶为m的曲线和阶为n的曲线在复数域是相交的点的个数为mn。特殊情况下，q(x, y) = y，相当于p(x, y)-y=0，显然有m个解。

1.16

• (Three-pass protocols) Paul and Paula use the following protocol for transmitting a binary message m of blocklength n. Paul privately chooses a random bit pattern r of blocklength n and adds it componentwise (bit by bit exclusive-or) to m to obtain the encrypted message e = m + r, which he sends to Paula. Paula privately chooses another random bit pattern s and adds it to e to obtain another encrypted message e‘ = e + s, which she sends to Paul. Paul subtracts r and returns e’‘ = m + s to Paula, who then subtracts s to recover m. Comment on the security of this procedure.
  ans: 假设m为两个分组（长度为n）组成，m=[m1, m2]，则e=[m1+r, m2+r]。因此攻击者可以得到m1-m2的值。同时，攻击者可以监听到e, e’和e’’，则m=e+e’+e’’。

1.17

• The warden of a small prison with 100 prisoners has devised a game as a
  diversion for the prisoners. One hundred otherwise identical cards have been
  prepared with the name of one prisoner on one side of each card. Every Monday morning the cards are shuffled and randomly placed face down in a row on a long table. The prisoners enter the room one at a time wherein each prisoner, acting alone, is allowed to turn over any 50 cards of the 100 cards. If the name of that prisoner is not exposed, the game ends and all prisoners are returned to their cells. If that prisoner’s name is exposed, that prisoner is sent through a side door to a waiting room. Then each card is turned face down in the same place, and the next prisoner enters the room to repeat the process, turning over any 50 cards. If all 100 prisoners expose their own names during their individual turns, all 100 prisoners are freed from prison. The game ends, however, as soon as one prisoner fails to expose that prisoner’s own name among the 50 cards exposed, and all prisoners are returned to their cells. The warden reasons that each prisoner has a probability 1/2 of success and that the trials are independent. Therefore the probability that all 100 prisoners will succeed is $2^{−100}$, which is far, far smaller than the probability that the prison door will be accidently left unlocked. The warden concludes that this game is a harmless diversion that will amuse the prisoners.

  Is the warden right? What is the prisoners’ best strategy? What is the corresponding probability that the prisoners will be freed in a given week? The prisoners are allowed to freely discuss their weekly game between games and to prepare a joint strategy, but cannot communicate while the game is in process. (The moral of this problem is that a “secure” cryptography system might not be what it appears to be.)
  ans: 其实概率不是 $2^{-100}$，因为在游戏的过程中游戏是否结束，给参与者提供了信息。假如，第一个罪犯选择了最前的50张，游戏并未结束，那么第二个罪犯会选择后50张，因为他在后五十张的概率大些。
  $p=(\frac{50}{100}*\frac{50}{99})*(\frac{49}{98}*\frac{49}{97})*(\frac{48}{96}*\frac{48}{95})*...*(\frac{1}{2}*\frac{1}{1})$