PROPERTIES OF ELLIPTIC CURVES AND THEIR USE IN FACTORING LARGE NUMBERS



Similar documents
Core Maths C2. Revision Notes

Higher. Polynomials and Quadratics 64

Polynomials. Jackie Nicholas Jacquie Hargreaves Janet Hunter

Exponential and Logarithmic Functions

Solving Quadratic Equations by Graphing. Consider an equation of the form. y ax 2 bx c a 0. In an equation of the form

To Be or Not To Be a Linear Equation: That Is the Question

8 Primes and Modular Arithmetic

1 Determine whether an. 2 Solve systems of linear. 3 Solve systems of linear. 4 Solve systems of linear. 5 Select the most efficient

U.C. Berkeley CS276: Cryptography Handout 0.1 Luca Trevisan January, Notes on Algebra

5.3 Graphing Cubic Functions

SYSTEMS OF LINEAR EQUATIONS

INVESTIGATIONS AND FUNCTIONS Example 1

Implicit Differentiation

7.7 Solving Rational Equations

Core Maths C3. Revision Notes

Slope-Intercept Form and Point-Slope Form

SUNY ECC. ACCUPLACER Preparation Workshop. Algebra Skills

Core Maths C1. Revision Notes

Rotated Ellipses. And Their Intersections With Lines. Mark C. Hendricks, Ph.D. Copyright March 8, 2012

POLYNOMIAL FUNCTIONS

5.2 Inverse Functions

Polynomial and Synthetic Division. Long Division of Polynomials. Example 1. 6x 2 7x 2 x 2) 19x 2 16x 4 6x3 12x 2 7x 2 16x 7x 2 14x. 2x 4.

SAMPLE. Polynomial functions

15.1. Exact Differential Equations. Exact First-Order Equations. Exact Differential Equations Integrating Factors

STRAND: ALGEBRA Unit 3 Solving Equations

ELLIPTIC CURVES AND LENSTRA S FACTORIZATION ALGORITHM

SOLUTIONS FOR PROBLEM SET 2

Math Review. for the Quantitative Reasoning Measure of the GRE revised General Test

The Big Picture. Correlation. Scatter Plots. Data

Graphing Quadratic Equations

Today s Topics. Primes & Greatest Common Divisors

Polynomial Degree and Finite Differences

GREATEST COMMON DIVISOR

Zero and Negative Exponents and Scientific Notation. a a n a m n. Now, suppose that we allow m to equal n. We then have. a am m a 0 (1) a m

PYTHAGOREAN TRIPLES KEITH CONRAD

Algebra I Vocabulary Cards

LESSON EIII.E EXPONENTS AND LOGARITHMS

DISTANCE, CIRCLES, AND QUADRATIC EQUATIONS

CHAPTER 7: FACTORING POLYNOMIALS

z 0 and y even had the form

10.1. Solving Quadratic Equations. Investigation: Rocket Science CONDENSED

Review of Intermediate Algebra Content

When I was 3.1 POLYNOMIAL FUNCTIONS

1. a. standard form of a parabola with. 2 b 1 2 horizontal axis of symmetry 2. x 2 y 2 r 2 o. standard form of an ellipse centered

Vocabulary Words and Definitions for Algebra

CHAPTER 5. Number Theory. 1. Integers and Division. Discussion

Mathematics 31 Pre-calculus and Limits

y intercept Gradient Facts Lines that have the same gradient are PARALLEL

Section 4.2: The Division Algorithm and Greatest Common Divisors

2.5 Library of Functions; Piecewise-defined Functions

Zeros of Polynomial Functions. The Fundamental Theorem of Algebra. The Fundamental Theorem of Algebra. zero in the complex number system.

In this this review we turn our attention to the square root function, the function defined by the equation. f(x) = x. (5.1)

Zero: If P is a polynomial and if c is a number such that P (c) = 0 then c is a zero of P.

3.1. RATIONAL EXPRESSIONS

RSA Question 2. Bob thinks that p and q are primes but p isn t. Then, Bob thinks Φ Bob :=(p-1)(q-1) = φ(n). Is this true?

7.3 Solving Systems by Elimination

2-5 Rational Functions

Systems of Linear Equations: Solving by Substitution

Elementary Number Theory and Methods of Proof. CSE 215, Foundations of Computer Science Stony Brook University

More Equations and Inequalities

CHAPTER SIX IRREDUCIBILITY AND FACTORIZATION 1. BASIC DIVISIBILITY THEORY

Click here for answers.

FACTORING QUADRATICS through 8.1.4

Kevin James. MTHSC 412 Section 2.4 Prime Factors and Greatest Comm

Chapter 8. Lines and Planes. By the end of this chapter, you will

Chapter 4. Polynomial and Rational Functions. 4.1 Polynomial Functions and Their Graphs

Shake, Rattle and Roll

So, using the new notation, P X,Y (0,1) =.08 This is the value which the joint probability function for X and Y takes when X=0 and Y=1.

Number Theory. Proof. Suppose otherwise. Then there would be a finite number n of primes, which we may

The Euclidean Algorithm

SAT Math Hard Practice Quiz. 5. How many integers between 10 and 500 begin and end in 3?

JUST THE MATHS UNIT NUMBER 1.8. ALGEBRA 8 (Polynomials) A.J.Hobson

Unit 6: Polynomials. 1 Polynomial Functions and End Behavior. 2 Polynomials and Linear Factors. 3 Dividing Polynomials

Indiana State Core Curriculum Standards updated 2009 Algebra I

Continued Fractions and the Euclidean Algorithm

Copyrighted Material. Chapter 1 DEGREE OF A CURVE

A Quick Algebra Review

Copy in your notebook: Add an example of each term with the symbols used in algebra 2 if there are any.

Factoring Algorithms

THE POWER RULES. Raising an Exponential Expression to a Power

Lecture 13 - Basic Number Theory.

9.3 OPERATIONS WITH RADICALS

Factoring Polynomials

CS 103X: Discrete Structures Homework Assignment 3 Solutions

SECTION 5-1 Exponential Functions

Section 11.4: Equations of Lines and Planes

Graphing Linear Equations

C3: Functions. Learning objectives

EQUATIONS OF LINES IN SLOPE- INTERCEPT AND STANDARD FORM

PowerScore Test Preparation (800)

Homework until Test #2

MBA Jump Start Program

Sect. 1.3: Factoring

Chapter 4, Arithmetic in F [x] Polynomial arithmetic and the division algorithm.

North Carolina Community College System Diagnostic and Placement Test Sample Questions

Some Tools for Teaching Mathematical Literacy

11 Ideals Revisiting Z

Mathematics Placement Packet Colorado College Department of Mathematics and Computer Science

Discrete Mathematics, Chapter 4: Number Theory and Cryptography

Transcription:

PROPERTIES OF ELLIPTIC CURVES AND THEIR USE IN FACTORING LARGE NUMBERS A ver important set of curves which has received considerabl attention in recent ears in connection with the factoring of large numbers are the elliptic curves- + a+ b where a and b are integers. We will discuss here some of their properties and then show how the can be used to factor large numbers. Our starting point will be to look at several specific eamples. We show ou the cases of ( a-b and ( a-9, b below- Note that the graphs are smmetric about the ais and that the derivative becomes infinite at one or three distinct values of. Also the curves go to ± as +. The first and second derivatives of these curves are given b- d ( + a d [ ( + and For a>0, there are no points where the derivative is zero and inflection points are encountered when the numerator of the second derivative vanishes. The curves become singular when d/0/0 and thus when -a and 0 simultaneousl. Net consider two neighboring points P(, and Q(, ling along the upper branch of the curve for >0. If we draw a straight line through these points the will generall intersect the curve at a third point R(,. The equation for this straight line will be- 4 a

s+ c s( + where s is its slope s ( ( Of particular interest for number factoring is the limiting case where P and Q coincide. Under that condition s can be replaced b the derivative at P(, and one finds on equating the straight line to the cubic we have at that- [ s ( + + a+ b This result ma be rewritten as the cubic- s + ( a s( s + ( b ( s ( ( Looking at just the coefficient of the term and setting it to zero ( since an elliptic curve has no quadratic term, we find that- ( + a ( since when PQ. It also follows that- ( + a ( + to ield a unique point R(,. For the case ( above where a and b-, we find R(, if one takes P(,Q(,. For the case ( where a-9 and b, we find R(69/, 57sqrt(/4 when P(,sqrt(Q(,sqrt(. We test this result b plugging into the cubic curve to find- (57sqrt(/4 (69/ - 9(69/+40755.499.. which checks. In standard mathematical notation one calls R(, P(,. Another particularl interesting elliptic curve is-

( ( + It is rich in integer solutions starting with [, [,4 followed b [6,4, [,6,[8,76,etc. These points along the upper branch of the solution curve are easiest to determine b substituting subsequent values of into the equation and then seeing which sum equals the square of an integer. We find that n+ n +(n+ for the integer solution pair[ n+, n+. A little manipulation then predicts the ver simple result- n + n, n( n +, n,,,4,... n Thus the integer point [980, 970596 is guaranteed to lie on the solution curve. Net we demonstrate how one can use elliptic integrals to factor a number N. The idea behind this approach is due to H. Lenstra (An.of Math6,649-67,987 and works as follows. Take the first elliptic curve mentioned above and choose the simple composite number N. We write- + (modn withn This elliptic curve has the simple integer point P(, ling along it and we have alread shown that another point is R(,. To get a point further out on the upper branch of the curve we must first do a bit of manipulation involving modular arithmetic. We note that the derivative of the curve at (, is /6 and that this will not produce a larger value for a new. To get an further out along the upper branch of the curve we must first manipulate the /6 derivative term b carring out a Euclidian Algorithm on the numbers N and 6. Calculating first the greatest common divisor (gcd, we have- 55 6+ ; 6 + 0; Looking at the remainder in the first equation, we have the gcd(,6. So we see at once that 6 and are both factored b and hence- Furthermore we can break down the b appling Euclid s Algorithm to and 6. This produces the gcd(,6 so that both 6 and are factored b. Thus we have the final result- 7 9 7 Which factors our number N. In most cases the factoring is not quite as simple as this and one must work rather hard to actuall find the inverse of a number M appearing in the

denominator of the derivative of ( to obtain larger values for. Also one is free to change the a and bs in the elliptic equation. The work can become easier b an appropriate choice of a and b usuall not known beforehand. Net, consider factoring the number N6 7 using the equation +8-8 which also has an integer point P(,. Here the derivative at P(, is d( //. One finds on appling the Euclid Algorithm between and 6 that- 6 + ; So that gcd(6, and on inverting- 6 mod(6 The inverse of then becomes -+[integer (6. One possibilit for - is. Thus we can write- [( ( 90 [((90 + 465 Notice that these two new large values are integers which contradicts the fact that the cubic +8-8 has onl a limited number of integer points including (,, (,4, (6,6, (7,7 and (,04 along the upper branch. This means that and must be approimations, but probabl prett good ones. Let s check. We find- ( + 9007460409 9007087806 So we indeed see close agreement but not an eact match. Continuing on, we net look at the derivative at the new (. It ields- d( 0755840 465 meaning that we have to be able to invert the denominator in the last epression to get the net. It is s clear that 465 and 6 have as its greatest common denominator since the first number is prime. So the process must be continued until a point is reached where the denominator of the derivative factors N6. The factor will turn out to be, 7,or in this case. Computer automation makes this elliptic curve method of factoring large numbers N one of the best presentl available. However, the challenge still remains

to find additional and superior methods for quickl factoring ver large numbers of 00 digits or larger as required in crptograph. Finall let us generate the differential equation which has +a+b as a solution. We alread have given the form of the first and second derivatives above. Differentiating the first derivative again one has- d [ + a ( + a d d ( So the governing second order non-linear equation for elliptic curves is- d d Just to show that things work, take the simple solution (/. Here- 9 ( 4 4 / August 00

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information