An Algorithm For Factoring Integers



Similar documents
Perturbation Theory and Celestial Mechanics

A Novel Lightweight Algorithm for Secure Network Coding

LINES ON BRIESKORN-PHAM SURFACES

AREA COVERAGE SIMULATIONS FOR MILLIMETER POINT-TO-MULTIPOINT SYSTEMS USING STATISTICAL MODEL OF BUILDING BLOCKAGE

On the Efficiency of Equilibria in Generalized Second Price Auctions

Orbit dynamics and kinematics with full quaternions

TRUCK ROUTE PLANNING IN NON- STATIONARY STOCHASTIC NETWORKS WITH TIME-WINDOWS AT CUSTOMER LOCATIONS

Luby s Alg. for Maximal Independent Sets using Pairwise Independence

PCA vs. Varimax rotation

Additional File 1 - A model-based circular binary segmentation algorithm for the analysis of array CGH data

REAL INTERPOLATION OF SOBOLEV SPACES

Joint Virtual Machine and Bandwidth Allocation in Software Defined Network (SDN) and Cloud Computing Environments

Security of Full-State Keyed Sponge and Duplex: Applications to Authenticated Encryption

8.5 UNITARY AND HERMITIAN MATRICES. The conjugate transpose of a complex matrix A, denoted by A*, is given by

Gravitation. Definition of Weight Revisited. Newton s Law of Universal Gravitation. Newton s Law of Universal Gravitation. Gravitational Field

Keywords: Transportation network, Hazardous materials, Risk index, Routing, Network optimization.

Order-Degree Curves for Hypergeometric Creative Telescoping

Drag force acting on a bubble in a cloud of compressible spherical bubbles at large Reynolds numbers

Electric Potential. otherwise to move the object from initial point i to final point f

Efficient Evolutionary Data Mining Algorithms Applied to the Insurance Fraud Prediction

(Semi)Parametric Models vs Nonparametric Models

Statistical modelling of gambling probabilities

Recurrence. 1 Definitions and main statements

A New replenishment Policy in a Two-echelon Inventory System with Stochastic Demand

Bending Stresses for Simple Shapes

n + d + q = 24 and.05n +.1d +.25q = 2 { n + d + q = 24 (3) n + 2d + 5q = 40 (2)

Mixed Task Scheduling and Resource Allocation Problems

Chapter 3 Savings, Present Value and Ricardian Equivalence

Module 2 LOSSLESS IMAGE COMPRESSION SYSTEMS. Version 2 ECE IIT, Kharagpur

1 Example 1: Axis-aligned rectangles

A Coverage Gap Filling Algorithm in Hybrid Sensor Network

REAL TIME MONITORING OF DISTRIBUTION NETWORKS USING INTERNET BASED PMU. Akanksha Eknath Pachpinde

2. TRIGONOMETRIC FUNCTIONS OF GENERAL ANGLES

AN EQUILIBRIUM ANALYSIS OF THE INSURANCE MARKET WITH VERTICAL DIFFERENTIATION

What is Candidate Sampling

AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS

Prejudice and the Economics of Discrimination

The Greedy Method. Introduction. 0/1 Knapsack Problem

Continuous Compounding and Annualization

An Alternative Way to Measure Private Equity Performance

Symmetric polynomials and partitions Eugene Mukhin

Level Annuities with Payments Less Frequent than Each Interest Period

Charging the Internet Without Bandwidth Reservation: An Overview and Bibliography of Mathematical Approaches

AN IMPLEMENTATION OF BINARY AND FLOATING POINT CHROMOSOME REPRESENTATION IN GENETIC ALGORITHM

A New Estimation Model for Small Organic Software Project

The transport performance evaluation system building of logistics enterprises

STUDENT RESPONSE TO ANNUITY FORMULA DERIVATION

The Binomial Distribution

Week 3-4: Permutations and Combinations

A PARTICLE-BASED LAGRANGIAN CFD TOOL FOR FREE-SURFACE SIMULATION

PREVENTIVE AND CORRECTIVE SECURITY MARKET MODEL

MULTIPLE SOLUTIONS OF THE PRESCRIBED MEAN CURVATURE EQUATION

Spirotechnics! September 7, Amanda Zeringue, Michael Spannuth and Amanda Zeringue Dierential Geometry Project

Statistical Discrimination or Prejudice? A Large Sample Field Experiment. Michael Ewens, Bryan Tomlin, and Liang Choon Wang.

Loop Parallelization

Compiling for Parallelism & Locality. Dependence Testing in General. Algorithms for Solving the Dependence Problem. Dependence Testing

Impact on inventory costs with consolidation of distribution centers

High Availability Replication Strategy for Deduplication Storage System

UNIT CIRCLE TRIGONOMETRY

On Some Functions Involving the lcm and gcd of Integer Tuples

SPEE Recommended Evaluation Practice #6 Definition of Decline Curve Parameters Background:

I = Prt. = P(1+i) n. A = Pe rt

4. SHAFT SENSORLESS FORCED DYNAMICS CONTROL OF RELUCTANCE SYNCHRONOUS MOTOR DRIVES

Model Question Paper Mathematics Class XII

Finite Math Chapter 10: Study Guide and Solution to Problems

BERNSTEIN POLYNOMIALS

Competitive Targeted Advertising with Price Discrimination

Fast Variants of RSA

Figure 2. So it is very likely that the Babylonians attributed 60 units to each side of the hexagon. Its resulting perimeter would then be 360!

NPAR TESTS. One-Sample Chi-Square Test. Cell Specification. Observed Frequencies 1O i 6. Expected Frequencies 1EXP i 6

Green's function integral equation methods for plasmonic nanostructures

On Lockett pairs and Lockett conjecture for π-soluble Fitting classes

The Costs of Disposal and Recycling. An Application to Italian Municipal Solid Waste Services

A Performance Analysis of View Maintenance Techniques for Data Warehouses

Degrees of freedom in HLM models

Efficient Redundancy Techniques for Latency Reduction in Cloud Systems

A Markov Chain Grey Forecasting Model: A Case Study of Energy Demand of Industry Sector in Iran

Department of Economics Working Paper Series

Solution: Let i = 10% and d = 5%. By definition, the respective forces of interest on funds A and B are. i 1 + it. S A (t) = d (1 dt) 2 1. = d 1 dt.

An Efficient Group Key Agreement Protocol for Ad hoc Networks

Questions & Answers Chapter 10 Software Reliability Prediction, Allocation and Demonstration Testing

A Secure Password-Authenticated Key Agreement Using Smart Cards

Semipartial (Part) and Partial Correlation

Project Networks With Mixed-Time Constraints

Effect of Contention Window on the Performance of IEEE WLANs

How to Encrypt Properly with RSA

Skills Needed for Success in Calculus 1

Research on Risk Assessment of the Transformer Based on Life Cycle Cost

International Business Cycles and Exchange Rates

Transcription:

An Algothm Fo Factong Integes Yngpu Deng and Yanbn Pan Key Laboatoy of Mathematcs Mechanzaton, Academy of Mathematcs and Systems Scence, Chnese Academy of Scences, Bejng 100190, People s Republc of Chna E-mal addesses: {dengyp, panyanbn}@amssaccn Intege factozaton, Bnomal coeffcent, Combnatoal sum, RSA mod- Abstact seems new Keywods ulus We popose an algothm fo factong a composte numbe The method 1 Intoducton Intege factozaton and pmalty testng ae two well-nown computatonal poblems, and the late had been poven to be an easy poblem by Agawal, Kayal and Saxena [1 n 004 Howeve, ntege factozaton s much moe had, thee ae seveal moden methods such as contnued facton method, class goup method, ellptc cuve method, quadatc seve and numbe feld seve, etc Fo the detals of these methods, see [, 4, 5 and the efeences theen The best nown method on ntege factozaton poblem s the geneal numbe feld seve [5 and ts unnng tme s sub-exponental Snce the nventon of the geneal numbe feld seve n 199, thee s no substantal pogess on ths poblem Thee s no new method to appea fo a long tme In ths pape, we popose an altenate algothm fo factong a composte numbe Ou method seems new to the best of ou nowledge and maybe ths s a new dea on ntege factozaton poblem, although the asymptotc computatonal complexty of ou method s unnown We suspect that the tght asymptotc complexty of ou method s had to obtan, and t may be elated wth some deep unnown mathematcal theoy We mplemented ou method on a PC usng Shoup s NTL lbay veson 541 [7 Unfotunately, we have to say that the pactcal effect of ou method s not good on a sngle PC, t s wose than many nown algothms on ths poblem Howeve, we beleve that ou method yelds nteestng phenomena, and t s woth fo futhe study The pape s oganzed as follows We gve the necessay mathematcal nowledge of ou method and we descbe the basc fom of ou algothm n Secton We gve some possble vaants of ou method n Secton We consde factozaton of RSA modul usng ou method n Secton 4 We gve some patal expemental esults about ou method n Secton 5 Fnally, some open poblems and a shot concluson ae gven 1

Basc Pncple 1 Usng geneal a wth gcd(n, a 1 Let n Z, n > 1 be a composte We want to fnd a non-tval dvso of n, e a dvso d n wth 1 < d < n The followng s a ey obsevaton Poposton 1 Thee exsts an ntege j such that 1 < j < n 1 and 1 < gcd(n, ( n j < n Poof We dstngush two cases: Case (: n has a squae dvso Then n has a pme dvso p such that p n wth > 1 Snce ( n n(n 1(n (n p + 1 p p! and p (n fo 1 p 1, we have p 1 ( n p Hence 1 < gcd(n, ( n p < n Case (: n s squae-fee Then n has two pme dvsos p and q wth p < q Obvously q ( n p Hence 1 < gcd(n, ( n p < n By Poposton 1, to obtan a non-tval dvso of n, a natual way s to expandng the polynomal (X + 1 n, then computng the gcd s of the coeffcents wth n Howeve, ths wll tae exponental tme We can do smlaly as n Agawal, Kayal and Saxena [1, and ths leads to the followng defnton Defnton Let a Z be an ntege wth gcd(n, a 1 Let be a postve ntege Suppose 1 (X + a n a X mod(x 1, n 0 wth a Z and 0 a n 1 fo 0 1 Hee X s an ndetemnate ove Z If thee s an such that 0 1 and gcd(n, a s a non-tval dvso of n, then we call that s a factozaton-fendly numbe of n wth espect to a n 1 s a factozaton-fendly numbe of n wth espect to ab- Poposton tay a wth gcd(n, a 1 Poof Snce so (X + a n n 0 ( n a n X, n ( n (X + a n (na + a n + (1 + na n 1 X + a n X mod(x n 1 1, n Now the esult follows fom Poposton 1 Defnton 4 The least factozaton-fendly numbe of n wth espect to a s called the factozaton numbe of n wth espect to a and s denoted by FAC(n, a So by Poposton, we have FAC(n, a n 1

We have done numeous expements, these expements show a emaable fact that the FAC(n, a, even FAC(n, 1, ae supsngly small elatve to n They gow vey slowly wth n Queston: How small FAC(n, a can be fo some fxed a (eg fo a 1 o a 1? How small Mn a FAC(n, a can be, whee a s taen fom some specfc set? Defnton 5 Let m and be two postve nteges Let and a be two nteges We defne [ m a So, n Defnton, we have a [ m [ m 0 m ( mod a 1 ( m a m ( mod n fo 0 1 We denote 0 m ( mod ( m Lemma Let ζ C be a pmtve th oot of unty Then, fo 0 1, we have [ a m 1 1 (ζ j + a m (ζ j j0 Poof Snce (X + a m m 0 ( m a m X, we have [ 1 1 m ( m (ζ j + a m (ζ j ζ js a m s (ζ j s j0 j0 s0 m ( m 1 a m s ζ (s j s s0 j0 0 s m s ( mod ( m a m s s Usng a 1 In ths sub-secton, we suppose a 1 Let whee a 1 (X + 1 n a X 0 ( mod n fo 0 1 mod(x 1, n,

Fo 1, we have a 0 n ( mod n Fo, we have a 0 a 1 n 1 ( mod n Theefoe, f n s even and n s not a powe of, we have FAC(n, 1 1; f n s odd o n s a powe of, we have FAC(n, 1 Poposton 7 We have 0 1 [ n 1 1 [ n 1 ( ( nπ n + cos ( n + cos ( n + cos, ( (n π ( (n + π, Poof Set 1 By Lemma, let, and so ζ e π 1 +, ζ 1, 1+ζ 1 + e π, 1+ζ 1 e π, (1+ζ n e nπ, (1+ζ n e thus we have 0 1 1 (1 + ζ j n 1 j0 1 1 ( n + e nπ + e nπ 1 ( ( nπ n + cos (1 + ζ j n ζ j 1 j0 (1 + ζ j n ζ j 1 j0 ( n + cos ( n + cos ( (n π ( (n + π,, nπ, Poposton 8 If n s even and n s not a powe of, then FAC(n, 1 1; f n s a powe of, then FAC(n, 1 Poof Suppose n s a powe of, e n m, m > 1 If m s even, then n 1(mod, [ and n+ n s even, so a 1 (n + (mod n, thus gcd(n, a If m s odd, smlaly, we have gcd(n, a 1 Of couse, we do not need to factoze an even composte numbe, Poposton 8 just llustates a fact that the FAC(n, 1 ae vey small Poposton 9 Let m, be two postve nteges, and let be an ntege Then we have Poof We have [ m m [ m [ m m 0 m m ( mod 4 ( m

0 m m m ( mod ( [ m m m Usng a 1 In ths sub-secton, we suppose a 1 We have 1 (X 1 n a X 0 mod(x 1, n, whee a 1 0 n ( mod ( n ( 1 n (mod n fo 0 1 Obvously, fo 1, we have a 0 0, so FAC(n, 1 fo all n Fo, we have a 0 ( 1 n n 1 (mod n and a 1 ( 1 n+1 n 1 (mod n Hence, f n s even and n s not a powe of, we have FAC(n, 1 ; f n s a powe of o n s odd, we have FAC(n, 1 Poposton 10 We have 1 0 1 1 1 ( n 5nπ 1 cos, ( n (5n 4π 1 cos, ( n (5n 8π 1 cos Poof Set 1 By Lemma, let, and so ζ e π 1 +, ζ 1, ζ 1 + e 5π, ζ 1 e 5π, (ζ 1 n n e 5nπ, (ζ 1 n n 5nπ e, thus we have 1 0 1 1 1 ( ((ζ 1n + (ζ 1 n n 5nπ 1 cos, 1 ( ((ζ 1n ζ 1 + (ζ 1 n ζ n (5n 4π 1 cos, 5

1 1 ( ((ζ 1n ζ + (ζ 1 n ζ 4 n (5n 8π 1 cos Poposton 11 If n s even and n s not a powe of, then FAC(n, 1 ; f n s a powe of, then FAC(n, 1 Poof Suppose n s a powe of, e n m, m > 1 Then 5n 4 [ 1 n o 1 5n 8 5 m 1 4, so 5n 4 o 5n 8 must be even, thus 5 m 1 1 and s m 1 1 Hence we have gcd(n, a 1 o gcd(n, a Poposton 1 Let m, be two postve nteges, and let be an ntege Then we have [ 1 [ 1 m ( 1 m m m Poof We have [ m m 1 0 m m ( mod ( m ( 1 m 0 m m m ( mod ( [ m ( 1 ( 1 m ( 1 m m m 1 4 An algothm fo factong nteges Now suppose n s an odd composte numbe The followng algothm wll fnd a non-tval dvso of n Set log n log n Algothm A: Input: An odd composte n Output: A non-tval dvso of n 1 Fo to n 1 do Compute 1 0 a X (X + 1 n mod (X 1, n Fo 0 to 1 do 4 Compute d : gcd(n, a 5 If 1 < d < n, then output t and halt The coectness of the algothm s obvous Now we analyze computatonal complexty of Algothm A Fst, Algothm A wll temnate when attans to FAC(n, 1 Fo a fxed, Step wll tae O ( log n tme ([9 Coollay 87, p In Step 4, one gcd computaton wll tae O (log n tme, so computng gcd s wll tae O ( log n tme

Hence, fo a fxed, Algothm A taes O ( log n tme The total tme complexty of Algothm A s O (FAC(n, 1 log n Of couse, usng Poposton 9, one needs only to compute gcd s n Step 4 of Algothm A Some Vaants 1 Randomzed algothms We can use some andomzed numbes to modfy Algothm A Fo example, we can fst select andomly a numbe a wth gcd(n, a 1, then we pefom the computaton 1 0 a X (X + a n mod (X 1, n fo all n some ange and then we compute gcd s just as n Algothm A The fomal descpton s as follows Algothm B: Input: An odd composte n Output: A non-tval dvso of n 1 Selectly a andomly wth 1 a n 1 If 1 < gcd(n, a < n, then output t and halt Fo 1 to n 1 do 4 Compute 1 0 a X (X + a n mod (X 1, n 5 Fo 0 to 1 do Compute d : gcd(n, a 7 If 1 < d < n, then output t and halt Algothm B wll temnate when attans to FAC(n, a, so the tme complexty of Algothm B wll depend on the sze of FAC(n, a Ou expements show that FAC(n, a s much less than FAC(n, 1 fo some a We can also select some andomly wth not too bg when we expand the polynomal (X + a n mod (X 1, n If we fal to fnd a non-tval dvso of n, we can ty anothe Futhemoe, we can select a polynomal f(x andomly n Z[X, then we pefom the computaton f(x n mod (X 1, n Ou expements show that ths wos well also Detemnstc bounded algothm We use two bounds A and R, whee A Z, 0 < A n 1 and R Z, 0 < R n 1 Algothm C: Input: An odd composte n Output: A non-tval dvso of n 1 Fo a 1 to A do If 1 < gcd(n, a < n, then output t and halt Fo 1 to R do 4 Compute 1 0 a X (X + a n 5 Fo 0 to 1 do mod (X 1, n Compute d : gcd(n, a 7 If 1 < d < n, then output t and halt 8 Compute 1 0 a X (X a n mod (X 1, n 7

9 Fo 0 to 1 do 10 Compute d : gcd(n, a 11 If 1 < d < n, then output t and halt Of couse, f the algothm fals to fnd a non-tval dvso of n, we can ncease the bound A o R We can also un Algothm C fo a A and R, whee A {1,, n 1}, R {1,, n 1} ae two specfc subsets Usng polynomals of seveal vaables We can also use polynomals of seveal vaables f(x, Y,, Z Z[X, Y,, Z, then we pefom the computaton f(x, Y,, Z n mod (X x 1, Y y 1,, Z z 1, n, whee x, y,, z ae postve nteges, not necessaly the same, and then we compute the gcd s of the coeffcents and n to fnd a non-tval dvso of n Ou expements show that ths wos well also 4 Factong RSA modulus Now we suppose n pq be a RSA modulus, whee p < q ae two dstnct odd pmes In ths secton we povde some uppe bounds fo FAC(n, 1 wth RSA modulus n We have to say that these bounds ae athe ough, see the followng Secton 5 Lemma 41 Let m > 1 be a postve ntege and let be an ntege wth 0 < < m and gcd(m, 1 Then we have m ( m Poof Snce ( m m!!(m! m (m 1! ( 1!(m! m ( m 1 1 s an ntege and ( ( m 1 1 s also an ntege, we have m m 1 1 As gcd(m, 1, hence ( ( m 1 1, and so m m Now fo 0 n, f gcd(n, 1, e p and q, by Lemma 41, we have n ( n So we need only to consde 0 o n o p(0 < < q o qj(0 < j < p Lucas Theoem (See [ p8 Let p be a pme, and let a a 0 + a 1 p + + a p, b b 0 + b 1 p + + b p, whee 0 a, b < p fo 0, 1,, Then ( a b 0 ( a b (mod p Snce q p fo 0 < < q, by Lucas Theoem, we have q ( n p Smlaly, we have p ( n qj fo 0 < j < p By Lucas Theoem, we have ( n qj ( p j (mod q fo 0 < j < p Snce p < q, then q ( ( p j, so q n qj fo 0 < j < p Poposton 4 p s a factozaton-fendly numbe of a RSA modulus n pq wth espect to 1, so FAC(n, 1 p < n 8

Poof Wte q ap + wth a > 0 and 0 < < p Set I { + ps s 0} Obvously, 0, n and p(0 < < q ae all not n I and q s n I If qj s n I fo some j wth 0 < j < p, e qj + ps fo some s 0 Then qj j (mod p, thus j 1 (mod p, so j 1 Hence p 0 t n t ( mod p ( n t By above analyss, we have p ( n q and q ( n q, hence gcd ( n, p ( n q p (mod n Theefoe p s a factozaton-fendly numbe of a RSA modulus n pq wth espect to 1 The uppe bound fo FAC(n, 1 n Poposton 4 s athe ough, n fact, ou expements show that FAC(n, 1 s much less than p, see the followng Secton 5 We have FAC(q, 1 fo an odd pme q > fom Poposton 4 Poposton 4 Let n pq be a RSA modulus wth p < q < p Wte q p + wth 0 < < p Let c be a postve ntege Suppose p c 1 Then p c s a factozaton-fendly numbe of n wth espect to 1, so FAC(n, 1 p c Poof Snce s even, we have p c +, so c + 1 < p c and + c < p c Snce (p c + c p s a pme, we have gcd(p c, c 1 Smlaly, gcd(p c, + c 1 So the sets { c( mod (p c 1,,, c + 1} and {( + cj( mod (p c j 1,,, c} have c + 1 elements and c elements, espectvely So we can choose an element a fom the fst set such that a s not n the second set Let a c 1 ( mod (p c wth 1 1 c+1 and 0 < a < p c Set I {a + (p cs s 0} Obvously, 0 / I Snce n pq c( + c( mod (p c and by the choce of a, we have n / I Fo p(0 < < q, f p I, e p a( mod (p c, e c c 1 ( mod (p c, we have 1 ( mod (p c Hence p c 1 + (p cs, s 0 Snce p c 1 + p c p c 1 p c 1 p + q, we have p c 1 : 0 Fo qj(0 < j < p, f qj I, e qj a( mod (p c, e ( + cj a( mod (p c, ths equaton has a unque soluton j 0 wth 0 j 0 < p c and j j 0 ( mod (p c By the choce of a, we have j 0 c + 1 Because j 0 + p c > p, so j j 0 Thus, we have a p c ( n p 0 ( n + ( mod n qj 0 Obvously, q a p c 9

Snce q 0 + 1 p, we have p ( n p 0, thus Hence gcd ( p n, a a p c Theefoe p c s a factozaton-fendly numbe of n wth espect to 1 Coollay 44 Let n pq be a RSA modulus wth p < q < p Wte q p+ wth 0 < < p Suppose < εp, 0 < ε < 1 Suppose p 1 ε 1 ε Then FAC(n, 1 p p +ε p Poof Put c 1 ε p The esult then follows fom Poposton 4 Poposton 45 Let n pq be a RSA modulus wth p < q < p Wte q p + wth 0 < < p Suppose n 1( mod 4 Suppose < < p Then : p + 4 s a factozaton-fendly numbe of n wth espect to 1, so FAC(n, 1 p + 4 Poof Snce n 1( mod 4, then p and q must be the case: the one s 1( mod 4 and the othe s 1( mod 4 So ( mod 4, thus s a postve ntege and < p Let a Z wth 0 a < and a ( 1p( mod Snce > 1, we have a > 0 Set I {a + s s 0} A smla analyss as the poof of Poposton 4, we have 0, n / I and only p( 1 and q( ae n I Thus Smlaly, we have a ( n p( 1 + ( gcd n, a p c p ( n ( mod n q( p Theefoe s a factozaton-fendly numbe of n wth espect to 1 Coollay 4 Keepng the notatons n Poposton 45, futhe suppose < εp, 0 < ε, then FAC(n, 1 ( 1 + 4 εp Rema Compang Coollaes 44 and 4, t s easy to see that, when ε 5, then +ε 1 + 4 ε; when ε > +ε 5, then < 1 + 4 ε; when ε < +ε 5, then > 1 + 4 ε Obvously, all the above bounds fo FAC(n, 1 hold also fo FAC(n, a wth abtay a such that gcd(n, a 1 We conclude ths secton by gvng the followng nteestng esult Ths seems mean that an easly factozed numbe s also easly factozed by ou method Poposton 47 Let n pq be a RSA modulus Suppose q p +, e p and q ae twn pmes Then FAC(n, 1 Poof Snce FAC(15, 1, we may assume p 5 It s easy to see that, thee s a postve ntege such that p 1 and q + 1 An easy analyss shows that [ n ( n ( n + ( mod n p qj 0 < < q 4( mod 10 0 < j < p j ( mod

It s easy to see that By a esult of Sun [8, we have [ p [ p p 1 (1 + p p+1, fo even, 1 (1 + p + p+1, fo odd ( Snce p+1 q 1 q ( mod q, n both cases, we have [ p 1 p ( mod q Hence Theefoe q ( gcd n, p 5 Expemental Results 51 Some values of FAC(n, 1 and FAC(n, a fo RSA modul n We have done numeous expements, these expements show a emaable fact that the FAC(n, a, even FAC(n, 1, ae supsngly small elatve to n They gow vey slowly wth n We lst the patal values of FAC(n, 1 fo RSA modul n pq such that p and q have thee dgts and some patal values of FAC(n pq, a wth 5 o dgts of p and q (see Tables 1 and 5 Compason of FAC(n, 1 and FAC(n, a fo RSA modul n Fo a fxed n, dffeent choce of a wll n geneal gve dstnct FAC(n, a Usually, fo some a s, FAC(n, a wll emaably be less than FAC(n, 1 Ths ndcates, when we choose such a, we can educe the tme complexty of Algothm B We lst some such examples, see Table 11

5 Some expements fo polynomals of seveal vaables o of hgh degees We can use some polynomal of degee two o thee nstead of lnea polynomal Fo example, we use polynomals f(x X + X + 1 and f(x X + X + X + 1, then compute f(x n mod (X 1, n, and compute the gcd s of the coeffcents and n to fnd a non-tval dvso of n We also denote the smallest by FAC S (n and FAC C (n espectvely and lst some such examples, see Table 4 We can also use polynomals of seveal vaables nstead of polynomals of one vaable The algothms wo well also Fo example, we use polynomal f(x, Y X + Y + 1, compute f(x, Y n mod (X 1, Y 1, n, and compute the gcd s of the coeffcents and n to fnd a non-tval dvso of n We denote the smallest by FAC B (n We also compute f(x, Y n mod (X 1 1, Y 1, n and denote the fst sequence ( 1, we get by FAC B (n, 1, In addton, we use polynomal f(x, Y, Z X + Y + Z + 1, compute f(x, Y, Z n mod (X 1, Y 1, Z 1, n, and denote the smallest by FAC T (n Smlaly, we compute f(x, Y, Z n mod (X 1 1, Y 1, Z 1, n and denote the fst sequence ( 1,, by FAC T (n, 1,, We lst some such examples, see Table 5 54 The pactcal effect of ou method The pactcal effect of Algothm A s not good on a sngle PC Fo example, t taes about sx hous to factoze a numbe wth 15 dgts, howeve, t taes about one hou and 0 mnutes to factoze the same numbe when usng Algothm B Howeve, ou method has two advantages, one s ts smplcty, and the othe s ts paallelsm It s easly adapted to un smultaneously on many computes, eg on Intenet We do not pefom such expements Open Poblems and Concluson Of couse, one open poblem s to obtan bette theoetc estmate fo FAC(n, 1, even fo RSA modulus n, than the estmate gven n Poposton 4 Anothe open poblem s to gve explct bounds fo A and R n Algothm C whch guaantees Algothm C always fnd a non-tval dvso of n Snce the computatonal complexty of ou method depends dectly on the sze of FAC(n, 1 o of FAC(n, a fo some specfc a s, so the most nteestng thng s to obtan asymptotc tght uppe bounds fo these numbes Intege factozaton s a vey mpotant computatonal poblem, and t s the foundaton stone of the famous RSA cyptosystem [ Snce the nventon of the geneal numbe feld seve n 199, thee s no substantal pogess on ths poblem Thee s no new method to appea fo a long tme Ou method seems new to the best of ou nowledge and maybe ths s a new dea on ntege factozaton poblem Refeences [1 M Agawal, N Kayal, N Saxena: Pmes s n P Ann of Math ( 10 (004, no, 781 79 1

[ P J Cameon: Combnatocs: topcs, technques, algothms Cambdge Unvesty Pess, Cambdge, 1994 [ H Cohen: A couse n computatonal algebac numbe theoy Gaduate Texts n Mathematcs, vol 18 Spnge-Velag, Beln, 199 [4 A K Lensta: Intege factong Towads a quate-centuy of publc ey cyptogaphy Des Codes Cyptog 19 (000, no -, 101 18 [5 A K Lensta, H W Lensta, J(Eds: The development of the numbe feld seve Lectue Notes n Mathematcs, vol 1554 Spnge-Velag, Beln, 199 [ R L Rvest, A Sham, L Adleman: A method fo obtanng dgtal sgnatues and publc-ey cyptosystems Communcatons of the Assocaton fo Computng Machney, 1(1978, no, 10 1 [7 V Shoup, NTL: A lbay fo dong numbe theoy Avalable at http://wwwshoupnet/ntl/ [8 Zh Hong Sun: The combnatoal sum n 0, (mod m ( n and ts applcatons n numbe theoy (I (In Chnese Nanjng Daxue Xuebao Shuxue Bannan Kan 9 (199, no, 7 40 [9 J von zu Gathen, J Gehad: Moden compute algeba Cambdge Unvesty Pess, Cambdge, 1999 1

A Some tables Table 1 The patal values of FAC(n pq, 1 wth dgts of p and q n pq FAC(n, 1 n pq FAC(n, 1 n pq FAC(n, 1 1040101*10 5 10807101*107 8 11009101*109 1 1141101*11 17 187101*17 1 11101*11 8 187101*17 1409101*19 1 15049101*149 1 1551101*151 17 15857101*157 18 14101*1 9 187101*17 15 1747101*17 1 18079101*179 1 1881101*181 1991101*191 0 1949101*19 9 19897101*197 1 0099101*199 1 111101*11 9 515959*701 8 545159*709 17 581159*719 5 5477*41 0 59817*4 9 74497*47 1 550779*7 55879*77 51 5885779*8 409759*91 5 415959*701 7 404759*709 15 59007*99 4 57118707*941 4 589907*97 0 1787701*887 5 571709*757 59 750187757*991 7 8190985*95 17 7571857*88 78549859*911 1 9155195*97 17 979995*98 4 98807991*997 9 Table The patal values of FAC(n pq, a wth 5 o dgts of p and q n pq a FAC(n, a 91011145*1987 40094 5 401111487*49 54580 5545110*77 501040105 15941077799*41 1 80 1957151507*4841 7807557 0 517994451*577 19704108 9 7081975075*559 5550478 91 1954071475*14719 8549588 1 471581145577*1547 47187015 07 77079711701*07797 971449 80 45749818059*7997 57781149 40 4544481885717987*5911 491485047 9 14

Table The patal values of FAC(n, 1 and FAC(n, a n pq FAC(n, 1 a FAC(n, a 91011145*1987 40094 5 401111487*49 54580 4811181191871*189 0 4475040 1 5545110*77 9 501040105 580895001*875 09 49498594 17 71415757*89 11 9557894 47 894419747789*08 71 4959985790 8 9145775570071*0417 584 41804495 1 1547099719*4487 111 107089 1 4081879948951911*7799 105 149449 7 70584579700*95819 47 41854194 45 109480007101751*1057 1771 175050044 198 Table 4 The patal values when usng polynomals of hgh degee n pq FAC(n, 1 FAC S (n FAC C (n 9994779118049*159 4 150 40 4809071*119 4 15 4 490551417*8409 1 1 104 54051740918089*9881 1 100 89 7047719057*047 118 00 109 8509148901*944 148 197 47 47141090489*75597 77 99 198 58877011954701*1041919 17 45 111 17840474918571*998819 188 509 57 90957497*975071 07 98 159 74777957978071*8499 151 144 118 7547471585757*85789 507 9 41 Table 5 The patal values when usng polynomals of seveal vaables n pq FAC(n, 1 FAC B (n FAC B (n, 1, FAC FAC T (n T (n, 1,, 1 1 079557*47 45 1 11 58189759*88 15 5 11 5 5 59919701*997 17 17 8 7 5 4 4 185091171*149 45 19 1 5 1 4 991911*1949 14 8 10 8 4 58190148*1741 5 1 9 8 17 5 5 4 0781171*181 70 17 7 10 7 88151909*4051 79 11 10 10 1000771795*89 41 8 5 5 4 11978959*71 17 15 10 7 0 5 5 174501079*4019 7 1 11 7 15 7 5 5 14515947*4019 71 1 17 5 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information