Modular Arithmetic and Hill Ciphers in Matlab

David Arnold

August 31, 1996

Abstract

A short but practical introduction to modular arithmetic is given.

Matrix multiplication is used to encrypt plaintext.

Prerequisite. Matrix multiplication.

1 Modular Arithmetic
The numbers 1, 2, 3, ::: are called the natural numbers 1

N = f1 g
; 2; 3; : : :

The dots (: : :) indicate that the pattern established by the …rst few natural
numbers continues forever. Hence, 617 is a natural number as is 1,213,456.
The whole numbers include all of the natural numbers and the number zero.

W = f0 ; 1; 2; 3; : : : g

The integers include the negative of each natural number.

Z=f :::; ¡3; ¡2; ¡1; 0; 1; 2; 3; : : :g

The integer b divides the integer a if and only if there exists another integer
k such that a = kb.

j
b a if and only if there exists an integer k such that a = kb

The notation j
b a is read “b divides a.”

² 2j12 because 12 = 6 ¢ 2.

² The integer 5 does not divide the integer 12 because it is not the case that
there exists an integer k such that 12 = k ¢ 5.

The point is this: 2 divides 12 because there is no remainder after performing

the division. The number 5 does not divide the number 12 because there is a
non-zero remainder after dividing 12 by 5 (the remainder is 2).
1 The natural numbers are sometim es referred to as the “counting numbers.”

1
1.1 The Congruence Relation

Two whole numbers a and b are said to be congruent modulo n if and only if n

divides their di¤erence.

a ´ b(mod n) if and only if n j( a ¡ b )

The notation a ´ b(mod n) is read “a is congruent to b modulo n.”

² 26 ´ 2(mod 6) because 6j(26 ¡ 2)

² 48 ´ 3(mod 5) because 5j(48 ¡ 3)

² 27 6 ´2(mod 3) because 3 6 j(27 ¡ 2)

1.2 Equivalence Classes

Congruence modulo n is an equivalence relation 2 . The equivalence class of an

integer a is the set of all integers that are congruent to a modulo n.

¹
a = fb : b ´ a(mod n)g
The notation ¹
a is read “the equivalence class of a.”

For example, consider the congruence relation modulo 6. The equivalence

class of the integer 3 is the set of all integers that are congruent to 3 modulo 6.

¹
3 = fx : x ´ 3(mod 6)g
= fx : 6j(x ¡ 3)g
= fx : x ¡ 3 = 6k, for some integer kg
= fx : x = 3 + 6k, for some integer kg

= f: : : ; 3; 9; 15; : : :g
The equivalence class of the integer 4 is the set of all integers that are congruent
to 4 modulo 6.

¹
4 = fx : x ´ 4(mod 6)g
= fx : 6j(x ¡ 4)g
= fx : x ¡ 4 = 6k, for some integer k g
= fx : x = 4 + 6k, for some integer k g
= f: : : ; 4; 10; 16; : : :g
The equivalence class concept is more easily understood in terms of a con-
struct called “clock arithmetic”. Let’s continue to work with congruence relation
modulo 6. Arrange the numbers 0 through 5 at equidistant arcs around a circle,
as shown in Figure 1.
2 A binary relation is called an equivalence relation if it is re‡exive, symmetric, and trasivi-
tive. It is not di¢ cult to show that congruence m odulo n is re‡exive, symm etric, and trasitive,
but we will refrain from doing so here. It is not needed for what we will be doing. See any
numb er theory text for further explanation of equivalence relations.

2
Figure 1 A modulo 6 clock.
2 1

3 0

4 5

Next, start at the number 0 and count as you move in a counterclockwise

direction around the circle. When you get to 6, you return to the position con-
taining the integer 0. When you get to 7, you return to the position containing
the integer 1, and so on, as shown in Figure 2.

Figure 2 The equivalence classes modulo 6.

2, 8, 14, 20, ... 1, 7, 13, 19, ...

3, 9, 15, 21, ... 0, 6, 12, 18, ...

4, 10, 16, 22, ... 5, 11, 17, 23, ...

The equivalence classes of the congruence relation modulo 6 are positioned

like hands on a clock on the circle3 .
There is a simple procedure to …nd the equivalence class (modulo n) to which
3 The equivalence classes also contain negative integers. For exam ple, the equivalence class
of the numb er zero is¹
0 = f: : : ; ¡12; ¡6; 0; 6; 12; : : :g. You can see this by counting backwards
as you proceed in a clockwise direction around the circle. However, in this activity you will
have no need for the negative integers.

3
a particular positive integer belongs. Simply divide the positive integer by n

and note the remainder. For example, when you divide 8 by 6, the remainder
is 2. To perform this operation in Matlab, execute the following instruction.

>> mod(8,6)

ans =

2
Start at 8 on the clock in Figure 2 and make full revolutions in both the
clockwise and counterclockwise directions. This produces the following set of
¹ = : : : ; ¡4; 2; 8; 14; 20; : : :. Of course, these are same integers that
integers: 8
belong to the equivalence class 2. ¹ Therefore, 8 ¹=¹ 2.
If you divide 15 by 6, the remainder is 3.

>> mod(15,6)

ans =

3
Start at 15 on the clock in Figure 2 and take full revolutions in the clockwise
and counterclockwise directions: 15 = : : : ; ¡3; 3; 9; 15; 18; : : :. These are the

same integers that belong to the equivalence class ¹ 3. Therefore, 15 = ¹ 3.

1.2.1 Residue Classes

The congruence relation modulo 6 is said to partition the integers into six dis-
tinct congruence classes: ¹
0, ¹
1, ¹
2, ¹
3, ¹
4, and ¹
5. None of these equivalence classes
have any integer in common and every integer …nds a home in at least one of
these equivalence classes. The equivalence classes ¹
0, ¹
1, ¹
2, ¹
3, ¹
4, and ¹
5 are called
the residue classes modulo 6. In general,

Zn = f¹0 ;¹
1; ¹
2; : : : n ¡ 1g

is the set of residue classes modulo n.

1.2.2 Addition and Multiplication of Residue Classes

Let’s continue with the congruence relation modulo 6 and its six distinct residue
classes ¹
0, ¹
1, ¹
2, ¹
3, ¹
4, and ¹
5. The following de…nition shows how to add and
multiply residue classes.

¹
a +¹
b = a +b
¹¹
a b = ab

For example, ¹
3+¹
5=¹
8=¹ 3£¹
2 and ¹ 5 = 15 = ¹
3.

4
 Let’s drop the bar notation and represent the residue classes ¹
0, ¹
1, ¹
2, ¹
3, ¹
4, and
¹
5 by 0,1,2,3,4, and 5. In other words, the bar over each number is understood.
Next, let’s create the following addition and multiplication tables for the residue
classes modulo 6.

+ 0 1 2 3 4 5 £ 0 1 2 3 4 5
0 0 1 2 3 4 5 0 0 0 0 0 0 0
1 1 2 3 4 5 0 1 0 1 2 3 4 5
2 2 3 4 5 0 1 2 0 2 4 0 2 4
3 3 4 5 0 1 2 3 0 3 0 3 0 3
4 4 5 0 1 2 3 4 0 4 2 0 4 2
5 5 0 1 2 3 4 5 0 5 4 3 2 1

For example, 5 £ 2 = 10, but 10 divided by 6 leaves a remainder of 4.

>> mod(5*2,6)

ans =

4
Therefore, 5 £ 2 = 4.

1.2.3 The Additive Inverse of a Residue Class

Close examination of the table for addition of residue classes modulo 6 reveals
that a +0 = a for all a. Consequently, the residue class 0 is called the additive
identity for the set Z 6 = f0 ; 1; 2; 3; 4; 5 g.
If a + b = 0, then b is called the additive inverse of a. For example, because
1 + 5 = 0, 5 is the additive inverse of 1. Of course, this makes 1 the additive
inverse of 5 as well.

1.2.4 Multiplicative Inverse of a Residue Class

It is clear from the table for multiplication of residue classes modulo 6 that a £
1= a for all a. Consequently, the equivalence class 1 is called the multiplicative
identityfor the set Z6 = f0; 1; 2; 3; 4; 5g.
If £ b = 1, then b is called the multiplicative inverse of a.
a For example,
because 5 £ 5 = 1, the multiplicative inverse of 5 is 5. Note that not all of the
residue classes modulo 6 have multiplicative inverses. 1 and 5 have multiplicative
inverses, but the remaining residue classes do not. It is no coincidence that only
the residue classes 1 and 5 are relatively prime to 64 .
In general, when working with a congruence relation modulo n, the residue
class a will have a multiplicative inverse if and only if a and n are relatively
prime.
4 Two numb ers a and b are relatively prime if and only if their greatest com mon factor
(divisor) is 1. For exam ple, 4 and 6 are not relatively prim e b ecause their greatest com mon
factor is 2.

5
2 Hill Ciphers
In the world of secret codes an uncoded message is called plaintext. The coded
message is called ciphertext 5 . One way to encode plaintext is with a simple
substitution cipher.

Table 1 A simple substitution cipher.

Plain A B C D E F G H I J K L M
Cipher H I J K L M N O P Q R S T

Plain N O P Q R S T U V W X Y Z
Cipher U V W X Y Z A B C D E F G

Using the substitutions from Table 1, the message

LINEARALGEBRA

becomes

SPULHYHSNLIYH

A more complicated cipher can be achieved by assigning each letter of the

alphabet to a numerical value.

Table 2 Replacing letters with equivalence classes (modulo 26)

A B C D E F G H I J K L M
0 1 2 3 4 5 6 7 8 9 10 11 12

N O P Q R S T U V W X Y Z
13 14 15 16 17 18 19 20 21 22 23 24 25

Note that the numbers 0 through 25 are actually the residue classes of the
congruence relation modulo 26. Next, break the plaintext into pairs of letters,
so that

LINEARALGEBRA

becomes
5 For a b eautiful treatm ent of cryptanalysis, read the m onograph Elementary
Cryptanalysis—A Mathematical Approach, by Abraham Sinkov. Also, Howard Anton and
Chris Rorres give a superb explanation of Hill Ciphers in Elementary Linear Algebra—
Applications Version, Wiley.

6
 LI NE AR AL GE BR AZ

I have placed a dummy letter Z just to …ll out the last pair. Replace each
letter of each pair of plaintext with the corresponding number from Table 2. If
you place each numerical pair in a 2 £ 1 vector, then the following set of vectors
represents the paired plaintext message.
½· ¸ · ¸ · ¸ · ¸ · ¸ · ¸ · ¸¾
11 13 0 0 6 1 0
P = ; ; ; ; ; ;
8 4 17 11 4 17 25

Because the plaintext is now represented by numbers you can use numeri-
cal operations to encode the message. We’ve chosen to pair the letters of the
plaintext message because we intend to use the following 2 £ 2 matrix to do the
encoding. · ¸
2 3
E =
3 4

Encode the message by multiplying each vector in P by the matrix E. Keep

in mind that you are doing modular arithmetic (mod 26). For example, if you
multiply the …rst vector in P by the encoding matrix E, the result is
· ¸· ¸ · ¸
2 3 11 46
=
3 4 8 65

If you divide 46 and 65 by 26, the remainders are 20 and 13, respectively.
Therefore, · ¸· ¸ · ¸
2 3 11 20
=
3 4 8 13

Matlab is very adept at modular arithmetic.

>> E=[2 3;3 4];

>> p=[11;8];
>> E*p

ans =

46
65

>> mod(E*p,26)

ans =

20
13

7
 Code the entire message by multiplying each vector in P by the encoding
matrix E. This results in the following set of cipher vectors.
½· ¸ · ¸ · ¸ · ¸ · ¸ · ¸ · ¸¾
20 12 25 7 24 1 23
C = ; ; ; ; ; ;
13 3 16 18 8 19 22

Translate these numerical results back to letters using Table 2.

UN MD ZQ HS YI BT XW

The plaintext message LINEARALGEBRA is now enciphered as UNMDZQH-

SYIBTXW.

2.1 A Comparison of Technique

When we used the straight substitution cipher from Table 1, the plaintext

LINEARALGEBRA

became

SPULHYHSNLIYH

Note that each occurrence of A in LINEARALGEBRA is replaced by the letter

H in SPULHYHSNLIYH. The spy can break this sort of code by statistical
analysis on the frequency of individual letters.
However, when the Hill cipher was applied to the plaintext

LINEARALGEBRA

the result was

UNMDZQHSYIBTX

The …rst occurrence of the letter A in the plaintext is replaced by the letter
Z in the ciphertext, the second occurrence of A by the letter H, and the third
occurrence of the letter A by the letter X. This strategy defeats the frequency
analysis of the straight substitution from Table 1.

2.2 Better Matlab Strategies

Method 1. If you use the vectors in P to create a 2 £ 7 matrix, you can speed
up the encoding.

8
>> plaintext=[11 13 0 0 6 1 0;8 4 17 11 4 17 25]

plaintext =

11 13 0 0 6 1 0
8 4 17 11 4 17 25

>> E=[2 3;3 4]

E =

2 3
3 4

>> ciphertext=mod(E*plaintext,26)

ciphertext =

20 12 25 7 24 1 23
13 3 16 18 8 19 22
It is interesting to note that the …rst column of ciphertext is obtained
by multiplying the …rst column of plaintext by the encoding matrix E. The
second column of ciphertext is obtained by multiplying the second column of
plaintext by E, and so on.
Method 2. You can also use Table 2 to create a single row vector so that
the plaintext

LINEARALGEBRAZ

is represented by the row vector

P = [11; 8; 13; 4; 0; 17; 0; 11; 6; 4; 1; 17; 0; 25]

Note the dummy letter at the end ensures that the length of the vector is
divisible by 2. Use Matlab’s reshape command to change the 1 £ 14 row vector
into the previously seen 2 £ 7 matrix6 .

>> plaintext=[11 8 13 4 0 17 0 11 6 4 1 17 0 25];

>> plaintext=reshape(plaintext,2,7)

plaintext =

11 13 0 0 6 1 0
8 4 17 11 4 17 25
6 reshape(X,m,n) returns the m-by-n matrix whose elem ents are taken columnwise from X.
An error results if X does not have m*n elem ents.

9
 Now you can encode the plaintext as before.

>> ciphertext=mod(E*plaintext,26)

ciphertext =

20 12 25 7 24 1 23
13 3 16 18 8 19 22

3 Potential Project
If you have read your syllabus, then you know that each of you must create a
project that demonstrates the usefulness of linear algebra. This project takes
the place of a …nal exam in this course. During the last week of school you will
make a presentation of your project to the class. This presentation should make
innovative use of technology.
This paper on Hill ciphers has the potential to be expanded into such a
project. If you and your partner could develop a Matlab program that can read
a text …le and encrypt it, then the …le could be sent by email over the internet.
Of course, your project should also design a Matlab program to decipher the
…le when it arrives.

4 Homework
1. Consider the congruence relation a ´ b(mod 12). The residue classes mod-
ulo 12 are Z12 = f0 ; 1; 2; 3; 4; 5; 6; 7; 8; 9; 10; 11 g.

(a) Construct addition and multiplication tables for the residue classes
modulo 12.

(b) Clearly state the additive inverse of each residue class.

(c) Clearly state the multiplicative inverse of each residue class.

2. Consider the congruence relation a ´ b(mod 8). The residue classes mod-
ulo 8 are Z 8 = f0 ; 1; 2; 3; 4; 5; 6; 7 g.

(a) The greatest common divisor of 3 and 8 is 1. What is the multiplica-

tive inverse of the residue class 3?

(b) The greatest common divisor of 6 and 8 is 2. What is the multiplica-

tive inverse of the residue class 6?

(c) Under what conditions will a residue class modulo 8 have a multiplica-
tive inverse? Check that your conjecture is true for the remaining
residue classes of Z8 .
3. Use the numerical associations in Table 2 to encrypt the message ITHINKMAT-
LABISGREAT with each of the following encoding matrices.

10
 · ¸
8 9
(a) E =
7 8
2 3
1 0 2
(b) F =4 0 3 1 5
0 0 1

4. Add the space character to Table 2 and use the resulting table to code the
message I THINK MATLAB IS GREAT with the following encoding ma-
trix. Hint: Your table no longer has 26 characters. It has 27 characters.
· ¸
4 5
E =
5 2

11