Prime Numbers
Share Embed Flag
Download ePaper

Prime Numbers

Prime Numbers Prime Numbers

thales.doa.fmph.uniba.sk
from thales.doa.fmph.uniba.sk More from this publisher
10.12.2012 Views

310 Chapter 6 SUBEXPONENTIAL FACTORING ALGORITHMS square” congruences each require O(ln β N) operations to discover. Give the (heuristic) complexity, then, for factoring via this magic algorithm. 6.7. AGraycodeisasequenceofk-bit binary strings in such an order that when moving from one string to the next, one and only one bit flips to its opposite bit. Show that such a code—whether for the self-initialization QS option or any other application—can be generated with ease, using a function that employs exclusive-or “∧” and shift “>>” operators in the following elegant way: g(n) =n ∧ (n >>1). This very simple generator is easily seen to yield, for example, a 3-bit Gray counter that runs: (g(0),...,g(7)) = (000, 001, 011, 010, 110, 111, 101, 100), this counting chain clearly having exactly one bit flip on each iteration. 6.8. Show that if n ≥ 64 and m = n 1/3 ,thenn1.5(d/ ln 2) d ,andm = n 1/d ,then n |c| ≥ 1, where c is the leading coefficient of g(x), and similarly that |h(m)| > 1. Thus, the factorization n = g(m)h(m) is nontrivial. 6.10. This exercise is to prove the theorem of Exercise 6.9 in the remaining case m = 2. Hint: By a slightly more elaborate inequality as in (1) of Exercise 6.9(usingthatRe(cd−2/z) ≥ 0 for Re(z) > 0), show that every root ρ of f has Re(ρ) < 1.49. Then let G(x) =g(x+1.49) and show that all of the coefficients

6.5 Exercises 311 of the rational polynomial G(x) have the same sign. Deduce from this that 1 ≤|g(1)| = |G(−0.49)| < |G(0.51)| = |g(2)|, and similarly |h(2)| > 1, so that the factorization n = g(2)h(2) is nontrivial. 6.11. Use the method of Exercise 6.9 to factor n = 187 using the base m = 10. Do the same with n = 4189,m= 29. 6.12. Generalize the x(u, v),y(u, v) construction in Section 6.1.7 to arbitrary numbers n satisfying (6.4). 6.13. Give a heuristic argument for the complexity bound exp (c + o(1))(ln n) 1/3 (ln ln n) 2/3 operations, with c = (32/9) 1/3 , for the special number field sieve (SNFS). 6.14. Here we sketch some practical QS examples that can serve as guidance for the creation of truly powerful QS implementations. In particular, the reader who chooses to implement QS can use the following examples for program checking. Incidentally, each one of the examples below—except the last—can be effected on a typical symbolic processor possessed of multiprecision operations. So the exercise shows that numbers in the 30digit region and beyond can be handled even without fast, compiled implementations. (1) In Algorithm 6.1.1 let us take the very small example n = 10807 and, because this n is well below typical ranges of applicability of practical QS, let us force at the start of the algorithm the smoothness limit B = 200. Then you should find k = 21 appropriate primes, You then get a 21 × 21 binary matrix, and can Gaussian-reduce said matrix. Incidentally, packages exist for such matrix algebra, e.g., in the Mathematica language a matrix m can be reduced for such purpose with the single statement r = NullSpace[Transpose[m], Modulus->2]; (although, as pointed out to us by D. Lichtblau one may optimize the overall operation by intervention at a lower level, using bit operations rather than (mod 2) reduction, say). With such a command, there is a row of the reduced matrix r that has just three 1’s, and this leads to the relation: 3 4 · 11 4 · 13 4 ≡ 106 2 · 128 2 · 158 2 (mod n), and thus a factorization of n. (2) Now for a somewhat larger composite, namely n = 7001 · 70001, try using the B assignment of Algorithm 6.1.1 as is, in which case you should have B = 2305, k = 164. The resulting 164 × 164 matrix is not too unwieldy in this day and age, so you should be able to factor n using the same approach as in the previous item. (3) Now try to factor the Mersenne number n =2 67 −1 but using smoothness bound B = 80000, leading to k = 3962. Not only will this example start

310 Chapter 6 SUBEXPONENTIAL FACTORING ALGORITHMS<br />

square” congruences each require O(ln β N) operations to discover. Give the<br />

(heuristic) complexity, then, for factoring via this magic algorithm.<br />

6.7. AGraycodeisasequenceofk-bit binary strings in such an order that<br />

when moving from one string to the next, one and only one bit flips to its<br />

opposite bit. Show that such a code—whether for the self-initialization QS<br />

option or any other application—can be generated with ease, using a function<br />

that employs exclusive-or “∧” and shift “>>” operators in the following<br />

elegant way:<br />

g(n) =n ∧ (n >>1).<br />

This very simple generator is easily seen to yield, for example, a 3-bit Gray<br />

counter that runs:<br />

(g(0),...,g(7)) = (000, 001, 011, 010, 110, 111, 101, 100),<br />

this counting chain clearly having exactly one bit flip on each iteration.<br />

6.8. Show that if n ≥ 64 and m = n 1/3 ,thenn1.5(d/ ln 2) d ,andm = n 1/d ,then<br />

n<br />

|c| ≥ 1, where c is the leading coefficient of g(x), and similarly that<br />

|h(m)| > 1. Thus, the factorization n = g(m)h(m) is nontrivial.<br />

6.10. This exercise is to prove the theorem of Exercise 6.9 in the remaining<br />

case m = 2. Hint: By a slightly more elaborate inequality as in (1) of Exercise<br />

6.9(usingthatRe(cd−2/z) ≥ 0 for Re(z) > 0), show that every root ρ of f has<br />

Re(ρ) < 1.49. Then let G(x) =g(x+1.49) and show that all of the coefficients

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!