# Factoring. Factoring 1

Save this PDF as:

Size: px
Start display at page:

## Transcription

1 Factoring Factoring 1

2 Factoring Security of RSA algorithm depends on (presumed) difficulty of factoring o Given N = pq, find p or q and RSA is broken o Rabin cipher also based on factoring Factoring like exhaustive search for RSA Lots of interest/research in factoring What are best factoring methods? o How does RSA key size compare to symmetric cipher key size? Factoring 2

3 Trial division Factoring Methods o Obvious method but not practical Dixon s algorithm o Less obvious and much faster Quadratic sieve o Refinement of Dixon s algorithm o Best algorithm up to about 110 decimal digits Number field sieve o Best for numbers greater than 100 digits o We only briefly mention this algorithm Factoring 3

4 Trial Division Given N, try to divide N by each of 2,3,5,7,9,11,, sqrt(n) As soon as a factor found, we are done o So, expected work is about sqrt(n)/2 Improvement: try only prime numbers Work is then on order of π(n) o Where π(n) N/ln(N) is number of primes up to N Factoring 4

5 Congruence of Squares We want to factor N = pq Suppose we find x,y such that N = x 2 y 2 Then N = (x y)(x + y), have factored N More generally, congruence of squares Suppose x 2 = y 2 (mod N) Then x 2 y 2 = kn for some k Which implies (x y)(x + y) = kn Factoring 5

6 Congruence of Squares Suppose x 2 = y 2 (mod N) Then (x y)(x + y) = kn Implies (x y) or (x + y) is factor of N o Or x y = k and x + y = N (or vice versa) With probability at least 1/2, we obtain a factor of N o If so, gcd(n, x y) or gcd(n, x + y) factors N o And the gcd is easy to compute Factoring 6

7 Congruence of Squares For example 10 2 = 3 2 (mod 91) That is, (10 3)(10 + 3) = 91 o Factors of 91 are, in fact, 7 and 13 Also, 34 2 = 8 2 (mod 91) o Then = 0 (mod 91) and we have gcd(26,91) = 13 and gcd(42,91) = 7 In general, gcd is necessary Factoring 7

8 Congruence of Squares Find congruence of squares: x 2 = y 2 (mod N) and we can likely factor N How to find congruence of squares? Consider, for example, 41 2 = 32 (mod 1649) and 43 2 = 200 (mod 1649) Neither 32 nor 200 is a square But = 6400 = 80 2 Therefore, (41 43) 2 = 80 2 (mod 1649) Factoring 8

9 Congruence of Squares Can combine non-squares to obtain a square, for example 32 = and 200 = And = = ( ) 2 We obtain a perfect square provided each exponent in product is even Only concerned with exponents and only need consider even or odd, i.e., mod 2 Factoring 9

10 Congruence of Squares Number has an exponent vector For example, first element of vector is power of 2 and second power of 5 Then And Factoring 10

11 Congruence of Squares Mod 2 exponent vector of product is all zero, so perfect square Also, this vector is sum (mod 2) of vectors for 200 and 32 Any set of exponent vectors that sum to all-zero, mod 2, gives us a square We need to keep vectors small o Only allow numbers with small prime factors Factoring 11

12 Congruence of Squares Choose bound B and primes less than B o This is our factor base o For technical reasons, include 1 in factor base A number that factors completely over the factor base is B-smooth Smooth relations factor over factor base Restrict our attention to B-smooth relations o Good: Exponent vectors are small o Bad: Harder to find relations Factoring 12

13 Example Want to factor N = 1829 Choose bound B = 13 Choose factor base 1,2,3,5,7,11,13 Look at values in N/2 to N/2 To be systematic, we choose sqrt(kn) and sqrt(kn) for k = 1,2,3,4 And test each for B-smoothness Factoring 13

14 Example Compute All are B-smooth except 60 2 and 75 2 Factoring 14

15 Example Obtain exponent vectors Factoring 15

16 Example Find collection of exponent vectors that sum, mod 2, to zero vector Vectors corresponding to 42 2, 43 2, 61 2 and 85 2 work Factoring 16

17 Example Implies that ( ) 2 = ( ) 2 (mod 1829) Simplifies to = (mod 1829) Since = 558, we find factor of 1829 by gcd(558,1829) = 31 Easily verified 1829 = Factoring 17

18 Example A systematic way to find set of vectors that sum to zero vector In this example, want x 0,x 1,,x 5 This is a basic linear algebra problem Factoring 18

19 Linear Algebra Suppose n elements in factor base o Factor base includes 1 o Then matrix on previous slide has n rows o Seek linearly dependent set of columns Theorem: If matrix has n rows and n + 1 or more columns then a linearly dependent set of columns exists Therefore, if we find n + 1 or more smooth relations, we can solve the linear equations Factoring 19

20 Dixon s Algorithm 1. To factor N: select bound B and factor base with n 1 primes less than B and 1 2. Select r, compute y = r 2 (mod N) Number r can be selected at random 3. If y factors completely over factor base, save mod 2 exponent vector 4. Repeat steps 2 and 3 to obtain n+1 vectors 5. Solve linear system and compute gcd Factoring 20

21 Dixon s Algorithm If factor base is large, easier to find B-smooth relations o But linear algebra problem is harder Relation finding phase parallelizable o Linear algebra part is not Next, quadratic sieve o An improved version of Dixon s algorithm Factoring 21

22 Quadratic Sieve Quadratic sieve (QS) algorithm o Dixon s algorithm on steroids Finding B-smooth relations beefed up As in Dixon s algorithm o Choose bound B and factor base of primes less than B o Must find lots of B-smooth relations Factoring 22

23 Quadratic Sieve Define quadratic polynomial Q(x) = ( sqrt(n) + x) 2 N The is the quadratic in QS Use Q(x) to find B-smooth values o For each x [ M,M] compute y = Q(x) o Mod N, we have y = z 2, where z = sqrt(n) + x o Test y for B-smoothness o If y is smooth, save mod 2 exponent vector Factoring 23

24 Quadratic Sieve Advantage of QS over Dixon s is that by using Q(x) we can sieve What is sieving? Glad you asked First, consider sieve of Eratosthenes o Used to sieve for prime numbers Then modify it for B-smooth numbers Factoring 24

25 Sieve of Eratosthenes To find prime numbers less than M List all numbers 2,3,4,,M 1 Cross out all numbers with factor of 2, other than 2 Cross out all numbers with factor of 3, other than 3, and so on Number that fall thru sieve are prime Factoring 25

26 Sieve of Eratosthenes To find prime numbers less than \ \ \ \ \ 30 Find that primes less than 31 are 2,3,5,7,11,13,17,19,23 and 29 Factoring 26

27 Sieve of Eratosthenes This sieve gives us primes But also provides info on non-primes For example, 24 marked with so it is divisible by 2 and 3 and Note: we only find that 24 is divisible by 2, not by 4 or 8 Factoring 27

28 Sieving for Smooth Numbers Instead of crossing out, we divide by the prime (including prime itself) All 1s represent 7-smooth numbers Some non-1s also 7-smooth o Divide out highest powers of primes Factoring 28

29 Quadratic Sieve QS uses similar sieving strategy as on previous slide o And some computational refinements Suppose p in factor base divides Q(x) o Then p divides Q(x + kp) for all k 0 (homework) o That is, p divides Q of,x 2p,x p,x,x+p,x+2p, o No need to test these for divisibility by p This observation allows us to sieve Factoring 29

30 Quadratic Sieve One trick to speed up sieving If Q(x) divisible by p, then Q(x) = 0 (mod p) Defn of Q implies ( sqrt(n) + x) 2 = N (mod p) Square roots of N (mod p), say, s p and p s p o Let x 0 = s p sqrt(n) and x 1 = p s p sqrt(n) o Then Q(x 0 ) and Q(x 1 ) divisible by p o Implies Q(x 0 + kp) and Q(x 1 + kp) divisible by p Efficient algorithm for these square roots Factoring 30

31 Quadratic Sieve How to sieve for B-smooth relations Array: Q(x) for x = M, M+1,, M 1,M For first prime p in factor base o Generate all x [ M,M] for which p divides Q(x) (as described on previous slide) o For each, divide by highest power of p o For each, store power, mod 2, in vector for x Repeat for all primes in factor base Numbers reduced to 1 are B-smooth Factoring 31

32 Quadratic Sieve Linear algebra phase same as Dixon s Sieving is the dominant work Lots of tricks used to speed up sieving o For example, logarithms to avoid division Multiple Polynomial QS (MPQS) o Multiple polynomials of form (ax+b) 2 N o Can then use smaller interval [ M,M] o Yields much faster parallel implementations Factoring 32

33 Sieving Conclusions QS/MPQS attack has two phases Distributed relation finding phase o Could recruit volunteers on Internet Linear equation solving phase o For big problems, requires a supercomputer Number field sieve better than QS o Requires 2 phases, like QS o Number field sieve uses advanced math Factoring 33

34 Factoring Algorithms Work to factor N = 2 x Last column measures bits of work Symmetric cipher exhaustive key search: x bit key is x 1 bits of work Factoring 34

35 Factoring Algorithms Comparison of work factors QS best to 390 bit N o 117 digits 390-bit N is as secure as 60-bit key Factoring 35

36 Factoring Conclusions Work for factoring is subexponential o Better than exponential time but worse than polynomial time o Exhaustive key search is exponential Factoring is active area of research o Expect to see incremental improvement Next, discrete log algorithms Factoring 36

### Factoring Algorithms

Factoring Algorithms The p 1 Method and Quadratic Sieve November 17, 2008 () Factoring Algorithms November 17, 2008 1 / 12 Fermat s factoring method Fermat made the observation that if n has two factors

### Factoring Algorithms

Institutionen för Informationsteknologi Lunds Tekniska Högskola Department of Information Technology Lund University Cryptology - Project 1 Factoring Algorithms The purpose of this project is to understand

### Arithmetic algorithms for cryptology 5 October 2015, Paris. Sieves. Razvan Barbulescu CNRS and IMJ-PRG. R. Barbulescu Sieves 0 / 28

Arithmetic algorithms for cryptology 5 October 2015, Paris Sieves Razvan Barbulescu CNRS and IMJ-PRG R. Barbulescu Sieves 0 / 28 Starting point Notations q prime g a generator of (F q ) X a (secret) integer

### Integer Factorization using the Quadratic Sieve

Integer Factorization using the Quadratic Sieve Chad Seibert* Division of Science and Mathematics University of Minnesota, Morris Morris, MN 56567 seib0060@morris.umn.edu March 16, 2011 Abstract We give

### Notes on Factoring. MA 206 Kurt Bryan

The General Approach Notes on Factoring MA 26 Kurt Bryan Suppose I hand you n, a 2 digit integer and tell you that n is composite, with smallest prime factor around 5 digits. Finding a nontrivial factor

### Primality - Factorization

Primality - Factorization Christophe Ritzenthaler November 9, 2009 1 Prime and factorization Definition 1.1. An integer p > 1 is called a prime number (nombre premier) if it has only 1 and p as divisors.

### The Quadratic Sieve Factoring Algorithm

The Quadratic Sieve Factoring Algorithm Eric Landquist MATH 488: Cryptographic Algorithms December 14, 2001 1 Introduction Mathematicians have been attempting to find better and faster ways to factor composite

### U.C. Berkeley CS276: Cryptography Handout 0.1 Luca Trevisan January, 2009. Notes on Algebra

U.C. Berkeley CS276: Cryptography Handout 0.1 Luca Trevisan January, 2009 Notes on Algebra These notes contain as little theory as possible, and most results are stated without proof. Any introductory

### Primality Testing and Factorization Methods

Primality Testing and Factorization Methods Eli Howey May 27, 2014 Abstract Since the days of Euclid and Eratosthenes, mathematicians have taken a keen interest in finding the nontrivial factors of integers,

### RSA Question 2. Bob thinks that p and q are primes but p isn t. Then, Bob thinks Φ Bob :=(p-1)(q-1) = φ(n). Is this true?

RSA Question 2 Bob thinks that p and q are primes but p isn t. Then, Bob thinks Φ Bob :=(p-1)(q-1) = φ(n). Is this true? Bob chooses a random e (1 < e < Φ Bob ) such that gcd(e,φ Bob )=1. Then, d = e -1

### MATH 168: FINAL PROJECT Troels Eriksen. 1 Introduction

MATH 168: FINAL PROJECT Troels Eriksen 1 Introduction In the later years cryptosystems using elliptic curves have shown up and are claimed to be just as secure as a system like RSA with much smaller key

### Factorization Methods: Very Quick Overview

Factorization Methods: Very Quick Overview Yuval Filmus October 17, 2012 1 Introduction In this lecture we introduce modern factorization methods. We will assume several facts from analytic number theory.

### Faster deterministic integer factorisation

David Harvey (joint work with Edgar Costa, NYU) University of New South Wales 25th October 2011 The obvious mathematical breakthrough would be the development of an easy way to factor large prime numbers

### Study of algorithms for factoring integers and computing discrete logarithms

Study of algorithms for factoring integers and computing discrete logarithms First Indo-French Workshop on Cryptography and Related Topics (IFW 2007) June 11 13, 2007 Paris, France Dr. Abhijit Das Department

### Homework until Test #2

MATH31: Number Theory Homework until Test # Philipp BRAUN Section 3.1 page 43, 1. It has been conjectured that there are infinitely many primes of the form n. Exhibit five such primes. Solution. Five such

### Homework 5 Solutions

Homework 5 Solutions 4.2: 2: a. 321 = 256 + 64 + 1 = (01000001) 2 b. 1023 = 512 + 256 + 128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 = (1111111111) 2. Note that this is 1 less than the next power of 2, 1024, which

### FACTORING. n = 2 25 + 1. fall in the arithmetic sequence

FACTORING The claim that factorization is harder than primality testing (or primality certification) is not currently substantiated rigorously. As some sort of backward evidence that factoring is hard,

### Welcome to Math 19500 Video Lessons. Stanley Ocken. Department of Mathematics The City College of New York Fall 2013

Welcome to Math 19500 Video Lessons Prof. Department of Mathematics The City College of New York Fall 2013 An important feature of the following Beamer slide presentations is that you, the reader, move

### An Overview of Integer Factoring Algorithms. The Problem

An Overview of Integer Factoring Algorithms Manindra Agrawal IITK / NUS The Problem Given an integer n, find all its prime divisors as efficiently as possible. 1 A Difficult Problem No efficient algorithm

### Elements of Applied Cryptography Public key encryption

Network Security Elements of Applied Cryptography Public key encryption Public key cryptosystem RSA and the factorization problem RSA in practice Other asymmetric ciphers Asymmetric Encryption Scheme Let

### 6 EXTENDING ALGEBRA. 6.0 Introduction. 6.1 The cubic equation. Objectives

6 EXTENDING ALGEBRA Chapter 6 Extending Algebra Objectives After studying this chapter you should understand techniques whereby equations of cubic degree and higher can be solved; be able to factorise

### Smooth numbers and the quadratic sieve

Algorithmic Number Theory MSRI Publications Volume 44, 2008 Smooth numbers and the quadratic sieve CARL POMERANCE ABSTRACT. This article gives a gentle introduction to factoring large integers via the

### FINAL EXAM SECTIONS AND OBJECTIVES FOR COLLEGE ALGEBRA

FINAL EXAM SECTIONS AND OBJECTIVES FOR COLLEGE ALGEBRA 1.1 Solve linear equations and equations that lead to linear equations. a) Solve the equation: 1 (x + 5) 4 = 1 (2x 1) 2 3 b) Solve the equation: 3x

### Recall that two vectors in are perpendicular or orthogonal provided that their dot

Orthogonal Complements and Projections Recall that two vectors in are perpendicular or orthogonal provided that their dot product vanishes That is, if and only if Example 1 The vectors in are orthogonal

### The last three chapters introduced three major proof techniques: direct,

CHAPTER 7 Proving Non-Conditional Statements The last three chapters introduced three major proof techniques: direct, contrapositive and contradiction. These three techniques are used to prove statements

### Factoring pq 2 with Quadratic Forms: Nice Cryptanalyses

Factoring pq 2 with Quadratic Forms: Nice Cryptanalyses Phong Nguyễn http://www.di.ens.fr/~pnguyen & ASIACRYPT 2009 Joint work with G. Castagnos, A. Joux and F. Laguillaumie Summary Factoring A New Factoring

### Cryptography: RSA and the discrete logarithm problem

Cryptography: and the discrete logarithm problem R. Hayden Advanced Maths Lectures Department of Computing Imperial College London February 2010 Public key cryptography Assymmetric cryptography two keys:

### JUST THE MATHS UNIT NUMBER 1.8. ALGEBRA 8 (Polynomials) A.J.Hobson

JUST THE MATHS UNIT NUMBER 1.8 ALGEBRA 8 (Polynomials) by A.J.Hobson 1.8.1 The factor theorem 1.8.2 Application to quadratic and cubic expressions 1.8.3 Cubic equations 1.8.4 Long division of polynomials

### RSA Attacks. By Abdulaziz Alrasheed and Fatima

RSA Attacks By Abdulaziz Alrasheed and Fatima 1 Introduction Invented by Ron Rivest, Adi Shamir, and Len Adleman [1], the RSA cryptosystem was first revealed in the August 1977 issue of Scientific American.

### In this lesson you will learn to find zeros of polynomial functions that are not factorable.

2.6. Rational zeros of polynomial functions. In this lesson you will learn to find zeros of polynomial functions that are not factorable. REVIEW OF PREREQUISITE CONCEPTS: A polynomial of n th degree has

### Computing exponents modulo a number: Repeated squaring

Computing exponents modulo a number: Repeated squaring How do you compute (1415) 13 mod 2537 = 2182 using just a calculator? Or how do you check that 2 340 mod 341 = 1? You can do this using the method

### Algebra 1 Course Title

Algebra 1 Course Title Course- wide 1. What patterns and methods are being used? Course- wide 1. Students will be adept at solving and graphing linear and quadratic equations 2. Students will be adept

### Public-Key Cryptanalysis 1: Introduction and Factoring

Public-Key Cryptanalysis 1: Introduction and Factoring Nadia Heninger University of Pennsylvania July 21, 2013 Adventures in Cryptanalysis Part 1: Introduction and Factoring. What is public-key crypto

### RSA and Primality Testing

and Primality Testing Joan Boyar, IMADA, University of Southern Denmark Studieretningsprojekter 2010 1 / 81 Correctness of cryptography cryptography Introduction to number theory Correctness of with 2

### Determining the Optimal Combination of Trial Division and Fermat s Factorization Method

Determining the Optimal Combination of Trial Division and Fermat s Factorization Method Joseph C. Woodson Home School P. O. Box 55005 Tulsa, OK 74155 Abstract The process of finding the prime factorization

### CIS 5371 Cryptography. 8. Encryption --

CIS 5371 Cryptography p y 8. Encryption -- Asymmetric Techniques Textbook encryption algorithms In this chapter, security (confidentiality) is considered in the following sense: All-or-nothing secrecy.

### The Sieve Re-Imagined: Integer Factorization Methods

The Sieve Re-Imagined: Integer Factorization Methods by Jennifer Smith A research paper presented to the University of Waterloo in partial fulfillment of the requirement for the degree of Master of Mathematics

### Quantum Computing Lecture 7. Quantum Factoring. Anuj Dawar

Quantum Computing Lecture 7 Quantum Factoring Anuj Dawar Quantum Factoring A polynomial time quantum algorithm for factoring numbers was published by Peter Shor in 1994. polynomial time here means that

### Linear Dependence Tests

Linear Dependence Tests The book omits a few key tests for checking the linear dependence of vectors. These short notes discuss these tests, as well as the reasoning behind them. Our first test checks

### The application of prime numbers to RSA encryption

The application of prime numbers to RSA encryption Prime number definition: Let us begin with the definition of a prime number p The number p, which is a member of the set of natural numbers N, is considered

### Factoring integers and Producing primes

Factoring integers,..., RSA Erbil, Kurdistan 0 Lecture in Number Theory College of Sciences Department of Mathematics University of Salahaddin Debember 4, 2014 Factoring integers and Producing primes Francesco

### PUTNAM TRAINING POLYNOMIALS. Exercises 1. Find a polynomial with integral coefficients whose zeros include 2 + 5.

PUTNAM TRAINING POLYNOMIALS (Last updated: November 17, 2015) Remark. This is a list of exercises on polynomials. Miguel A. Lerma Exercises 1. Find a polynomial with integral coefficients whose zeros include

### This is a square root. The number under the radical is 9. (An asterisk * means multiply.)

Page of Review of Radical Expressions and Equations Skills involving radicals can be divided into the following groups: Evaluate square roots or higher order roots. Simplify radical expressions. Rationalize

### By reversing the rules for multiplication of binomials from Section 4.6, we get rules for factoring polynomials in certain forms.

SECTION 5.4 Special Factoring Techniques 317 5.4 Special Factoring Techniques OBJECTIVES 1 Factor a difference of squares. 2 Factor a perfect square trinomial. 3 Factor a difference of cubes. 4 Factor

### REVIEW EXERCISES DAVID J LOWRY

REVIEW EXERCISES DAVID J LOWRY Contents 1. Introduction 1 2. Elementary Functions 1 2.1. Factoring and Solving Quadratics 1 2.2. Polynomial Inequalities 3 2.3. Rational Functions 4 2.4. Exponentials and

### Lecture 13 - Basic Number Theory.

Lecture 13 - Basic Number Theory. Boaz Barak March 22, 2010 Divisibility and primes Unless mentioned otherwise throughout this lecture all numbers are non-negative integers. We say that A divides B, denoted

### March 29, 2011. 171S4.4 Theorems about Zeros of Polynomial Functions

MAT 171 Precalculus Algebra Dr. Claude Moore Cape Fear Community College CHAPTER 4: Polynomial and Rational Functions 4.1 Polynomial Functions and Models 4.2 Graphing Polynomial Functions 4.3 Polynomial

### I. Introduction. MPRI Cours 2-12-2. Lecture IV: Integer factorization. What is the factorization of a random number? II. Smoothness testing. F.

F. Morain École polytechnique MPRI cours 2-12-2 2013-2014 3/22 F. Morain École polytechnique MPRI cours 2-12-2 2013-2014 4/22 MPRI Cours 2-12-2 I. Introduction Input: an integer N; logox F. Morain logocnrs

### Lecture 3: One-Way Encryption, RSA Example

ICS 180: Introduction to Cryptography April 13, 2004 Lecturer: Stanislaw Jarecki Lecture 3: One-Way Encryption, RSA Example 1 LECTURE SUMMARY We look at a different security property one might require

### The Quadratic Sieve - introduction to theory with regard to implementation issues. RNDr. Marian Kechlibar, Ph.D.

The Quadratic Sieve - introduction to theory with regard to implementation issues RNDr. Marian Kechlibar, Ph.D. April 15, 2005 Contents I The Quadratic Sieve 3 1 Introduction 4 1.1 The Quadratic Sieve

### (x + a) n = x n + a Z n [x]. Proof. If n is prime then the map

22. A quick primality test Prime numbers are one of the most basic objects in mathematics and one of the most basic questions is to decide which numbers are prime (a clearly related problem is to find

### Discrete Mathematics Lecture 3 Elementary Number Theory and Methods of Proof. Harper Langston New York University

Discrete Mathematics Lecture 3 Elementary Number Theory and Methods of Proof Harper Langston New York University Proof and Counterexample Discovery and proof Even and odd numbers number n from Z is called

### Review for Calculus Rational Functions, Logarithms & Exponentials

Definition and Domain of Rational Functions A rational function is defined as the quotient of two polynomial functions. F(x) = P(x) / Q(x) The domain of F is the set of all real numbers except those for

### CONTINUED FRACTIONS AND FACTORING. Niels Lauritzen

CONTINUED FRACTIONS AND FACTORING Niels Lauritzen ii NIELS LAURITZEN DEPARTMENT OF MATHEMATICAL SCIENCES UNIVERSITY OF AARHUS, DENMARK EMAIL: niels@imf.au.dk URL: http://home.imf.au.dk/niels/ Contents

### Alum Rock Elementary Union School District Algebra I Study Guide for Benchmark III

Alum Rock Elementary Union School District Algebra I Study Guide for Benchmark III Name Date Adding and Subtracting Polynomials Algebra Standard 10.0 A polynomial is a sum of one ore more monomials. Polynomial

### Factoring Special Polynomials

6.6 Factoring Special Polynomials 6.6 OBJECTIVES 1. Factor the difference of two squares 2. Factor the sum or difference of two cubes In this section, we will look at several special polynomials. These

### Copy in your notebook: Add an example of each term with the symbols used in algebra 2 if there are any.

Algebra 2 - Chapter Prerequisites Vocabulary Copy in your notebook: Add an example of each term with the symbols used in algebra 2 if there are any. P1 p. 1 1. counting(natural) numbers - {1,2,3,4,...}

### The van Hoeij Algorithm for Factoring Polynomials

The van Hoeij Algorithm for Factoring Polynomials Jürgen Klüners Abstract In this survey we report about a new algorithm for factoring polynomials due to Mark van Hoeij. The main idea is that the combinatorial

### a 1 x + a 0 =0. (3) ax 2 + bx + c =0. (4)

ROOTS OF POLYNOMIAL EQUATIONS In this unit we discuss polynomial equations. A polynomial in x of degree n, where n 0 is an integer, is an expression of the form P n (x) =a n x n + a n 1 x n 1 + + a 1 x

### Chapter 11 Number Theory

Chapter 11 Number Theory Number theory is one of the oldest branches of mathematics. For many years people who studied number theory delighted in its pure nature because there were few practical applications

### The Dirichlet Unit Theorem

Chapter 6 The Dirichlet Unit Theorem As usual, we will be working in the ring B of algebraic integers of a number field L. Two factorizations of an element of B are regarded as essentially the same if

### Linearly Independent Sets and Linearly Dependent Sets

These notes closely follow the presentation of the material given in David C. Lay s textbook Linear Algebra and its Applications (3rd edition). These notes are intended primarily for in-class presentation

### x n = 1 x n In other words, taking a negative expoenent is the same is taking the reciprocal of the positive expoenent.

Rules of Exponents: If n > 0, m > 0 are positive integers and x, y are any real numbers, then: x m x n = x m+n x m x n = xm n, if m n (x m ) n = x mn (xy) n = x n y n ( x y ) n = xn y n 1 Can we make sense

### Modern Factoring Algorithms

Modern Factoring Algorithms Kostas Bimpikis and Ragesh Jaiswal University of California, San Diego... both Gauss and lesser mathematicians may be justified in rejoicing that there is one science [number

### 6.1 Add & Subtract Polynomial Expression & Functions

6.1 Add & Subtract Polynomial Expression & Functions Objectives 1. Know the meaning of the words term, monomial, binomial, trinomial, polynomial, degree, coefficient, like terms, polynomial funciton, quardrtic

### Developmental Math Course Outcomes and Objectives

Developmental Math Course Outcomes and Objectives I. Math 0910 Basic Arithmetic/Pre-Algebra Upon satisfactory completion of this course, the student should be able to perform the following outcomes and

### Algebra Unpacked Content For the new Common Core standards that will be effective in all North Carolina schools in the 2012-13 school year.

This document is designed to help North Carolina educators teach the Common Core (Standard Course of Study). NCDPI staff are continually updating and improving these tools to better serve teachers. Algebra

### Optimization of the MPQS-factoring algorithm on the Cyber 205 and the NEC SX-2

Optimization of the MPQS-factoring algorithm on the Cyber 205 and the NEC SX-2 Walter Lioen, Herman te Riele, Dik Winter CWI P.O. Box 94079, 1090 GB Amsterdam, The Netherlands ABSTRACT This paper describes

### APPLICATIONS OF THE ORDER FUNCTION

APPLICATIONS OF THE ORDER FUNCTION LECTURE NOTES: MATH 432, CSUSM, SPRING 2009. PROF. WAYNE AITKEN In this lecture we will explore several applications of order functions including formulas for GCDs and

### Integer roots of quadratic and cubic polynomials with integer coefficients

Integer roots of quadratic and cubic polynomials with integer coefficients Konstantine Zelator Mathematics, Computer Science and Statistics 212 Ben Franklin Hall Bloomsburg University 400 East Second Street

### z = i ± 9 2 2 so z = 2i or z = i are the solutions. (c) z 4 + 2z 2 + 4 = 0. By the quadratic formula,

91 Homework 8 solutions Exercises.: 18. Show that Z[i] is an integral domain, describe its field of fractions and find the units. There are two ways to show it is an integral domain. The first is to observe:

### Runtime and Implementation of Factoring Algorithms: A Comparison

Runtime and Implementation of Factoring Algorithms: A Comparison Justin Moore CSC290 Cryptology December 20, 2003 Abstract Factoring composite numbers is not an easy task. It is classified as a hard algorithm,

### Math 1050 Khan Academy Extra Credit Algebra Assignment

Math 1050 Khan Academy Extra Credit Algebra Assignment KhanAcademy.org offers over 2,700 instructional videos, including hundreds of videos teaching algebra concepts, and corresponding problem sets. In

Family Name:... First Name:... Section:... Advanced Cryptography Final Exam July 18 th, 2006 Start at 9:15, End at 12:00 This document consists of 12 pages. Instructions Electronic devices are not allowed.

### Week 7: Divide and Conquer

Agenda: Divide and Conquer technique Multiplication of large integers Exponentiation Matrix multiplication 1 2- Divide and Conquer : To solve a problem we can break it into smaller subproblems, solve each

### College Algebra. Barnett, Raymond A., Michael R. Ziegler, and Karl E. Byleen. College Algebra, 8th edition, McGraw-Hill, 2008, ISBN: 978-0-07-286738-1

College Algebra Course Text Barnett, Raymond A., Michael R. Ziegler, and Karl E. Byleen. College Algebra, 8th edition, McGraw-Hill, 2008, ISBN: 978-0-07-286738-1 Course Description This course provides

### Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike

### Algebra and Geometry Review (61 topics, no due date)

Course Name: Math 112 Credit Exam LA Tech University Course Code: ALEKS Course: Trigonometry Instructor: Course Dates: Course Content: 159 topics Algebra and Geometry Review (61 topics, no due date) Properties

### Administrative - Master Syllabus COVER SHEET

Administrative - Master Syllabus COVER SHEET Purpose: It is the intention of this to provide a general description of the course, outline the required elements of the course and to lay the foundation for

### Cryptography and Network Security

Cryptography and Network Security Fifth Edition by William Stallings Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared

### MSLC Workshop Series Math 1148 1150 Workshop: Polynomial & Rational Functions

MSLC Workshop Series Math 1148 1150 Workshop: Polynomial & Rational Functions The goal of this workshop is to familiarize you with similarities and differences in both the graphing and expression of polynomial

### Revised Version of Chapter 23. We learned long ago how to solve linear congruences. ax c (mod m)

Chapter 23 Squares Modulo p Revised Version of Chapter 23 We learned long ago how to solve linear congruences ax c (mod m) (see Chapter 8). It s now time to take the plunge and move on to quadratic equations.

### Lecture Note 5 PUBLIC-KEY CRYPTOGRAPHY. Sourav Mukhopadhyay

Lecture Note 5 PUBLIC-KEY CRYPTOGRAPHY Sourav Mukhopadhyay Cryptography and Network Security - MA61027 Modern/Public-key cryptography started in 1976 with the publication of the following paper. W. Diffie

### Probability and Statistics Prof. Dr. Somesh Kumar Department of Mathematics Indian Institute of Technology, Kharagpur

Probability and Statistics Prof. Dr. Somesh Kumar Department of Mathematics Indian Institute of Technology, Kharagpur Module No. #01 Lecture No. #15 Special Distributions-VI Today, I am going to introduce

### Cryptography and Network Security Chapter 8

Cryptography and Network Security Chapter 8 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 8 Introduction to Number Theory The Devil said to Daniel Webster:

### December 4, 2013 MATH 171 BASIC LINEAR ALGEBRA B. KITCHENS

December 4, 2013 MATH 171 BASIC LINEAR ALGEBRA B KITCHENS The equation 1 Lines in two-dimensional space (1) 2x y = 3 describes a line in two-dimensional space The coefficients of x and y in the equation

### 1.3 Polynomials and Factoring

1.3 Polynomials and Factoring Polynomials Constant: a number, such as 5 or 27 Variable: a letter or symbol that represents a value. Term: a constant, variable, or the product or a constant and variable.

### Elementary factoring algorithms

Math 5330 Spring 013 Elementary factoring algorithms The RSA cryptosystem is founded on the idea that, in general, factoring is hard. Where as with Fermat s Little Theorem and some related ideas, one can

### SECTION A-3 Polynomials: Factoring

A-3 Polynomials: Factoring A-23 thick, write an algebraic epression in terms of that represents the volume of the plastic used to construct the container. Simplify the epression. [Recall: The volume 4

### Precalculus REVERSE CORRELATION. Content Expectations for. Precalculus. Michigan CONTENT EXPECTATIONS FOR PRECALCULUS CHAPTER/LESSON TITLES

Content Expectations for Precalculus Michigan Precalculus 2011 REVERSE CORRELATION CHAPTER/LESSON TITLES Chapter 0 Preparing for Precalculus 0-1 Sets There are no state-mandated Precalculus 0-2 Operations

### SOLVING POLYNOMIAL EQUATIONS

C SOLVING POLYNOMIAL EQUATIONS We will assume in this appendix that you know how to divide polynomials using long division and synthetic division. If you need to review those techniques, refer to an algebra

### SECTION 0.6: POLYNOMIAL, RATIONAL, AND ALGEBRAIC EXPRESSIONS

(Section 0.6: Polynomial, Rational, and Algebraic Expressions) 0.6.1 SECTION 0.6: POLYNOMIAL, RATIONAL, AND ALGEBRAIC EXPRESSIONS LEARNING OBJECTIVES Be able to identify polynomial, rational, and algebraic

### Principles of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms

Principles of Public Key Cryptography Chapter : Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter : Security on Network and Transport

### 1.3 Algebraic Expressions

1.3 Algebraic Expressions A polynomial is an expression of the form: a n x n + a n 1 x n 1 +... + a 2 x 2 + a 1 x + a 0 The numbers a 1, a 2,..., a n are called coefficients. Each of the separate parts,

### Mathematics of Cryptography Part I

CHAPTER 2 Mathematics of Cryptography Part I (Solution to Odd-Numbered Problems) Review Questions 1. The set of integers is Z. It contains all integral numbers from negative infinity to positive infinity.

### FactHacks: RSA factorization in the real world

FactHacks: RSA factorization in the real world Daniel J. Bernstein University of Illinois at Chicago Technische Universiteit Eindhoven Nadia Heninger Microsoft Research New England Tanja Lange Technische

### Let s just do some examples to get the feel of congruence arithmetic.

Basic Congruence Arithmetic Let s just do some examples to get the feel of congruence arithmetic. Arithmetic Mod 7 Just write the multiplication table. 0 1 2 3 4 5 6 0 0 0 0 0 0 0 0 1 0 1 2 3 4 5 6 2 0

### MBA Jump Start Program

MBA Jump Start Program Module 2: Mathematics Thomas Gilbert Mathematics Module Online Appendix: Basic Mathematical Concepts 2 1 The Number Spectrum Generally we depict numbers increasing from left to right