and 611 for small integer factorization sieving
play

and 611 + for small : Integer factorization Sieving 1 612 2 2 - PowerPoint PPT Presentation

Dec 09, 2022 •110 likes •411 views

and 611 + for small : Integer factorization Sieving 1 612 2 2 3 3 D. J. Bernstein 2 2 613 3 3 614 2 4 2 2 615 3 5 Thanks to: 5 5 616 2 2 2 7 6 2 3 617 University of Illinois at Chicago 7 7 618 2 3 8 2 2 2

  1. � and 611 + � for small � : Integer factorization Sieving 1 612 2 2 3 3 D. J. Bernstein 2 2 613 3 3 614 2 4 2 2 615 3 5 Thanks to: 5 5 616 2 2 2 7 6 2 3 617 University of Illinois at Chicago 7 7 618 2 3 8 2 2 2 619 NSF DMS–0140542 9 3 3 620 2 2 5 10 2 5 621 3 3 3 Alfred P. Sloan Foundation 11 622 2 12 2 2 3 623 7 13 624 2 2 2 2 3 14 2 7 625 5 5 5 5 15 3 5 626 2 16 2 2 2 2 627 3 17 628 2 2 18 2 3 3 629 19 630 2 3 3 5 7 20 2 2 5 631 etc.

  2. � ✂ ✁ � � and 611 + � for small � : rization Sieving Have complete facto � (611 + � ) for some 1 612 2 2 3 3 2 2 613 � 625 = 2 1 3 0 5 4 7 3 3 614 2 14 4 2 2 615 3 5 � 675 = 2 6 3 3 5 2 7 5 5 616 2 2 2 7 64 6 2 3 617 Illinois at Chicago � 686 = 2 1 3 1 5 2 7 7 7 618 2 3 75 8 2 2 2 619 DMS–0140542 9 3 3 620 2 2 5 10 2 5 621 3 3 3 Foundation 14 � 64 � 75 � 625 � 675 11 622 2 = 2 8 3 4 5 8 7 4 = (2 4 3 12 2 2 3 623 7 13 624 2 2 2 2 3 14 2 7 625 5 5 5 5 15 3 5 626 2 gcd 14 � 64 � 75 16 2 2 2 2 627 3 17 628 2 2 = 47. 18 2 3 3 629 19 630 2 3 3 5 7 611 = 47 � 13. 20 2 2 5 631 etc.

  3. ✁ � and 611 + � for small � : Sieving Have complete factorization of � (611 + � ) for some � ’s. 1 612 2 2 3 3 2 2 613 � 625 = 2 1 3 0 5 4 7 1 . 3 3 614 2 14 4 2 2 615 3 5 � 675 = 2 6 3 3 5 2 7 0 . 5 5 616 2 2 2 7 64 6 2 3 617 � 686 = 2 1 3 1 5 2 7 3 . 7 7 618 2 3 75 8 2 2 2 619 9 3 3 620 2 2 5 10 2 5 621 3 3 3 14 � 64 � 75 � 625 � 675 � 686 11 622 2 = 2 8 3 4 5 8 7 4 = (2 4 3 2 5 4 7 2 ) 2 . 12 2 2 3 623 7 13 624 2 2 2 2 3 14 2 7 625 5 5 5 5 2 4 3 2 5 4 7 2 ✂ 611 15 3 5 626 2 gcd 14 � 64 � 75 16 2 2 2 2 627 3 17 628 2 2 = 47. 18 2 3 3 629 19 630 2 3 3 5 7 611 = 47 � 13. 20 2 2 5 631 etc.

  4. � ✂ � � � � ✁ � � ✂ ✁ � ✂ ✁ � ✁ ✁ � � � � � for small � : 611 + Have complete factorization of Given and parameter � (611 + � ) for some � ’s. 2 2 3 3 1. Use powers of p � and � fo � 625 = 2 1 3 0 5 4 7 1 . 2 14 sieve + 3 5 � 675 = 2 6 3 3 5 2 7 0 . 2 2 2 7 64 2. Look for nonempt � 686 = 2 1 3 1 5 2 7 3 . 2 3 75 � ( � ) completely with + 2 2 5 � ( 3 3 3 14 � 64 � 75 � 625 � 675 � 686 and with + 2 = 2 8 3 4 5 8 7 4 = (2 4 3 2 5 4 7 2 ) 2 . 7 2 2 2 2 3 3. Compute gcd 5 5 5 5 2 4 3 2 5 4 7 2 ✂ 611 2 gcd 14 � 64 � 75 where = 3 2 2 = 47. 2 3 3 5 7 611 = 47 � 13.

  5. � � ✁ � � � ✁ � ✂ ✂ ✂ ✁ � ✁ ✁ � Have complete factorization of Given and parameter : � (611 + � ) for some � ’s. 1. Use powers of primes to � and � for 1 � 625 = 2 1 3 0 5 4 7 1 . 2 . 14 sieve + � 675 = 2 6 3 3 5 2 7 0 . 64 � ’s 2. Look for nonempty set of � 686 = 2 1 3 1 5 2 7 3 . 75 � ( � ) completely factored with + � ( � ) square. 14 � 64 � 75 � 625 � 675 � 686 and with + = 2 8 3 4 5 8 7 4 = (2 4 3 2 5 4 7 2 ) 2 . 3. Compute gcd 2 4 3 2 5 4 7 2 ✂ 611 gcd 14 � 64 � 75 � ( � ). where = + = 47. 611 = 47 � 13.

  6. ✂ ✁ ✁ � � � ✁ � ✁ � � � � � � � � � � ✂ � � � ✂ ✁ � � factorization of Given and parameter : This is the Q sieve � ’s. some 1. Use powers of primes to Same principles: � and � for 1 4 7 1 . 2 . sieve + Continued-fraction 2 7 0 . (Lehmer, Powers, � ’s 2. Look for nonempty set of 2 7 3 . Brillhart, Morrison). � ( � ) completely factored with + Linear sieve (Schro � ( � ) square. � 675 � 686 and with + Quadratic sieve (P 4 3 2 5 4 7 2 ) 2 . Number-field sieve 3. Compute gcd 2 4 3 2 5 4 7 2 ✂ 611 � ( � ). (Pollard, Buhler, Lenstra, where = + Pomerance, Adleman).

  7. � � ✁ � � ✂ ✂ � ✂ � � ✁ � ✁ ✁ Given and parameter : This is the Q sieve . 1. Use powers of primes to Same principles: � and � for 1 2 . sieve + Continued-fraction method (Lehmer, Powers, � ’s 2. Look for nonempty set of Brillhart, Morrison). � ( � ) completely factored with + Linear sieve (Schroeppel). � ( � ) square. and with + Quadratic sieve (Pomerance). Number-field sieve 3. Compute gcd � ( � ). (Pollard, Buhler, Lenstra, where = + Pomerance, Adleman).

  8. � ✂ ✂ � � � ✂ � � � � � � ✂ � � � � � � ✂ � � � � ✂ � � � ✂ ✂ � � � � ✂ � � � ✂ ✂ ✂ � � � ✁ ✁ � ✁ ✂ ✂ � � ✂ � � � ✁ � � � rameter : This is the Q sieve . Sieving speed of primes to Same principles: Handle sieving in � for 1 2 . sieve + 1 Continued-fraction method (Lehmer, Powers, sieve + + 1 � ’s nonempty set of Brillhart, Morrison). sieve + 2 + 1 completely factored Linear sieve (Schroeppel). etc. � ) square. + Quadratic sieve (Pomerance). Sieving + 1 + Number-field sieve using primes � ( � ). (Pollard, Buhler, Lenstra, + means finding, for Pomerance, Adleman). + 1 + 2 which ’s divide

  9. � � � � � ✂ � ✂ � � � ✂ � ✂ � � � ✂ ✂ � ✂ � � � � ✂ � � � ✂ ✂ � � � � � ✂ ✂ � � � This is the Q sieve . Sieving speed Same principles: Handle sieving in pieces: sieve + 1 + ; Continued-fraction method (Lehmer, Powers, sieve + + 1 + 2 ; Brillhart, Morrison). sieve + 2 + 1 + 3 ; Linear sieve (Schroeppel). etc. Quadratic sieve (Pomerance). Sieving + 1 + 2 + Number-field sieve using primes (Pollard, Buhler, Lenstra, means finding, for each Pomerance, Adleman). + 1 + 2 + , � . which ’s divide +

  10. ✂ � � ✂ � � � ✂ � � ✂ � � ✂ � � ✂ � � � � ✂ ✂ � � ✂ � ✂ � � ✂ ✂ ✂ ✂ ✂ ✂ ✂ ✂ ✂ � ✂ � � ✂ � � � ✂ � � � � � ✂ � sieve . Sieving speed Consider all pairs ( � is a multiple where + Handle sieving in pieces: sieve + 1 + ; Easy to generate pairs Continued-fraction method ers, sieve + + 1 + 2 ; sorted by second comp ✂ 2), (614 ✂ 2), (616 rrison). sieve + 2 + 1 + 3 ; (612 ✂ 2), (612 ✂ 3), (615 (Schroeppel). etc. (620 ✂ 5), (620 ✂ 5), (616 (Pomerance). (615 Sieving + 1 + 2 + sieve using primes Sieving means listing Buhler, Lenstra, means finding, for each sorted by first comp Adleman). ✂ 2), (612 ✂ 3), (614 + 1 + 2 + , (612 � . ✂ 3), (615 ✂ 5), (616 which ’s divide + (615 ✂ 2), (618 ✂ 3), (620 (618

  11. � ✂ � ✂ � ✂ ✂ � � � � � � � � ✂ � � ✂ � � � ✂ � ✂ � ✂ � � ✂ � � � � � � � � � ✂ � ✂ � � ✂ Sieving speed Consider all pairs ( + ) � is a multiple of where + . Handle sieving in pieces: sieve + 1 + ; Easy to generate pairs sieve + + 1 + 2 ; sorted by second component: ✂ 2), (614 ✂ 2), (616 ✂ 2), (618 ✂ 2), sieve + 2 + 1 + 3 ; (612 ✂ 2), (612 ✂ 3), (615 ✂ 3), (618 ✂ 3), etc. (620 ✂ 5), (620 ✂ 5), (616 ✂ 7). (615 Sieving + 1 + 2 + using primes Sieving means listing pairs means finding, for each sorted by first component: ✂ 2), (612 ✂ 3), (614 ✂ 2), + 1 + 2 + , (612 � . ✂ 3), (615 ✂ 5), (616 ✂ 2), (616 ✂ 7), which ’s divide + (615 ✂ 2), (618 ✂ 3), (620 ✂ 2), (620 ✂ 5). (618

  12. � � � ✁ � � � ✂ � ✂ ✂ � � � ✂ � � � � � � ✂ � � ✂ ✂ � � � � ✂ ✂ � ✂ � � ✂ ✂ � � � ✂ � � � ✂ � � � ✂ � � � � ✂ � � ✂ � � � � ✂ � � � ✂ � � � (1) 1+ Consider all pairs ( + ) There are � is a multiple of where + . involving + 1 pieces: + ; Easy to generate pairs Sieving + 1 + � (1) seconds 1+ + 2 ; sorted by second component: takes ✂ 2), (614 ✂ 2), (616 ✂ 2), (618 ✂ 2), 1 + 3 ; (612 on RAM costing ✂ 2), (612 ✂ 3), (615 ✂ 3), (618 ✂ 3), (620 2-dimensional mesh ✂ 5), (620 ✂ 5), (616 ✂ 7). (615 0 + 2 + is much faster: Sieving means listing pairs on machine costing for each sorted by first component: Can do even better: ✂ 2), (612 ✂ 3), (614 ✂ 2), 2 + , (612 on machine costing � . ✂ 3), (615 ✂ 5), (616 ✂ 2), (616 ✂ 7), + (615 using “elliptic-curve ✂ 2), (618 ✂ 3), (620 ✂ 2), (620 ✂ 5). (618

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Integer Factorization Methods Modular Arithmetic Trial division, Pollards p 1 , Division

Integer Factorization Methods Modular Arithmetic Trial division, Pollards p 1 , Division

Integer Factorization Methods Integer 2014-04-11 Integer Factorization Methods Factorization Trial division, Pollards p 1 , Pollards , and Fermats method Methods Christopher Koch 1 C. Koch 1 Department of Computer Science and

681 views • 33 slides
Public-key cryptography Q sieve Daniel J. Bernstein Sieving small integers i > 0 Tanja Lange

Public-key cryptography Q sieve Daniel J. Bernstein Sieving small integers i > 0 Tanja Lange

1 2 Public-key cryptography Q sieve Daniel J. Bernstein Sieving small integers i > 0 Tanja Lange using primes 2 ; 3 ; 5 ; 7: 1 Part II: 2 2 3 3 Factorization 4 2 2 5 5 6 2 3 15 August 2017 7 7 8 2 2 2 9 3 3 10 2 5 Sage

1.93k views • 161 slides
Random problems at the core of integer factorization algorithms Pierrick Gaudry Caramba

Random problems at the core of integer factorization algorithms Pierrick Gaudry Caramba

Random problems at the core of integer factorization algorithms Pierrick Gaudry Caramba LORIA, Nancy CNRS, Universit de Lorraine, Inria Journes ALEA, March 2016 1/31 Plan Introduction: crypto context Integer factorization 101 How

462 views • 33 slides
Factorization myths D. J. Bernstein Thanks to: University of Illinois at Chicago NSF

Factorization myths D. J. Bernstein Thanks to: University of Illinois at Chicago NSF

Factorization myths D. J. Bernstein Thanks to: University of Illinois at Chicago NSF DMS0140542 Alfred P. Sloan Foundation and 611 + for small : Sieving 1 612 2 2 3 3 2 2 613 3 3 614 2 4 2 2 615 3 5 5 5 616 2 2 2

676 views • 32 slides
Factorization myths D. J. Bernstein Thanks to: University of Illinois at Chicago NSF

Factorization myths D. J. Bernstein Thanks to: University of Illinois at Chicago NSF

Factorization myths D. J. Bernstein Thanks to: University of Illinois at Chicago NSF DMS0140542 Alfred P. Sloan Foundation and 611 + for small : Sieving 1 612 2 2 3 3 2 2 613 3 3 614 2 4 2 2 615 3 5 5 5 616 2 2 2

488 views • 36 slides
Integer Factorization Methods Modular Trial division, Pollards p 1 , Arithmetic Division

Integer Factorization Methods Modular Trial division, Pollards p 1 , Arithmetic Division

Integer Factorization Methods C. Koch Overview Integer Factorization Methods Modular Trial division, Pollards p 1 , Arithmetic Division Algorithm and Congruence Pollards , and Fermats method Residue classes mod n Integers

505 views • 33 slides
Dihedral Sieving Phenomena Sujit Rao, Joe Suk 31 July 2017 1/14 Outline Cyclic sieving

Dihedral Sieving Phenomena Sujit Rao, Joe Suk 31 July 2017 1/14 Outline Cyclic sieving

Dihedral Sieving Phenomena Sujit Rao, Joe Suk 31 July 2017 1/14 Outline Cyclic sieving Sieving for general groups Sieving for dihedral groups Examples of dihedral sieving Future work 2/14 Cyclic Sieving Phenomenon (CSP) Definition X be a

156 views • 15 slides
Challenges in quantum algorithms for integer factorization D. J. Bernstein University of

Challenges in quantum algorithms for integer factorization D. J. Bernstein University of

1 Challenges in quantum algorithms for integer factorization D. J. Bernstein University of Illinois at Chicago Prelude: What is the fastest algorithm to sort an array? def blindsort(x): while not issorted(x): permuterandomly(x) 2 def

713 views • 50 slides
Building circuits for integer factorization D. J. Bernstein Thanks to: University of Illinois

Building circuits for integer factorization D. J. Bernstein Thanks to: University of Illinois

Building circuits for integer factorization D. J. Bernstein Thanks to: University of Illinois at Chicago NSF DMS0140542 Alfred P. Sloan Foundation I want to work for NSA as an independent

706 views • 49 slides
Algorithms for integer factorization and discrete logarithms computation Algorithmes pour la

Algorithms for integer factorization and discrete logarithms computation Algorithmes pour la

Algorithms for integer factorization and discrete logarithms computation Algorithmes pour la factorisation dentiers et le calcul de logarithme discret Cyril Bouvier CARAMEL project-team, LORIA Universit de Lorraine / CNRS / Inria

470 views • 42 slides
Isolating critical cases for reciprocals using integer factorization John Harrison Intel

Isolating critical cases for reciprocals using integer factorization John Harrison Intel

Isolating critical cases for reciprocals using integer factorization John Harrison Intel Corporation ARITH-16 Santiago de Compostela 17th June 2003 0 Background result before the final rounding Suppose we are interested in a floating-point

343 views • 19 slides
Integer factorization: Exercise for the reader: a progress report Find a nontrivial factor of

Integer factorization: Exercise for the reader: a progress report Find a nontrivial factor of

Integer factorization: Exercise for the reader: a progress report Find a nontrivial factor of 6366223796340423057152171586. D. J. Bernstein Thanks to: University of Illinois at Chicago NSF DMS0140542 Alfred P. Sloan Foundation rization:

593 views • 55 slides
Integer factorization and discrete logarithm problems Pierrick Gaudry Caramel LORIA CNRS,

Integer factorization and discrete logarithm problems Pierrick Gaudry Caramel LORIA CNRS,

Integer factorization and discrete logarithm problems Pierrick Gaudry Caramel LORIA CNRS, Universit de Lorraine, Inria JNCF CIRM November 2014 1/81 Plan Presentation of the problems Cryptographic background Primality,

919 views • 88 slides
The NSA sieving circuit D. J. Bernstein University of Illinois at Chicago NSF DMS9970409

The NSA sieving circuit D. J. Bernstein University of Illinois at Chicago NSF DMS9970409

The NSA sieving circuit D. J. Bernstein University of Illinois at Chicago NSF DMS9970409 Sieving c and 611 + c for small c : 1 612 2 2 3 3 2 2 613 3 3 614 2 4 2 2 615 3 5 5 5 616 2 2 2 7 6 2 3 617 7 7 618 2 3 8 2 2 2

630 views • 15 slides
Nonunique Factorization in the Ring of Integer-Valued Polynomials Paul Baginski Fairfield

Nonunique Factorization in the Ring of Integer-Valued Polynomials Paul Baginski Fairfield

Nonunique Factorization in the Ring of Integer-Valued Polynomials Paul Baginski Fairfield University March 22, 2019 Paul Baginski Fairfield University Nonunique Factorization in the Ring of Integer-Valued Polynomials 2016 Fairfield

334 views • 30 slides
LU Factorization Marco Chiarandini Department of Mathematics & Computer Science University

LU Factorization Marco Chiarandini Department of Mathematics & Computer Science University

DM559 Linear and Integer Programming LU Factorization Marco Chiarandini Department of Mathematics & Computer Science University of Southern Denmark [ Based on slides by Lieven Vandenberghe, UCLA ] Operation Count LU Factorization Outline

935 views • 34 slides
Chapter 8. Support Vector Machines Wei Pan Division of Biostatistics, School of Public Health,

Chapter 8. Support Vector Machines Wei Pan Division of Biostatistics, School of Public Health,

Chapter 8. Support Vector Machines Wei Pan Division of Biostatistics, School of Public Health, University of Minnesota, Minneapolis, MN 55455 Email: weip@biostat.umn.edu PubH 7475/8475 Wei Pan c Introduction SVM: 4.5.2, 12.1-12.3;

508 views • 18 slides
I n t r o d u c t i o n t o H i g h - l e v e l S y n t h e s i s

I n t r o d u c t i o n t o H i g h - l e v e l S y n t h e s i s

J o i n t I C T P - I A E A S c h o o l o n Z y n q - 7 0 0 0 S o C a n d i t s A p p l i c a t i o n s f o r N u c l e a r a n d R e l a t e d I n s t r u me n t a t

1.1k views • 36 slides
Classification Problems From Regression to Classification x } Suppose we have two classes of

Classification Problems From Regression to Classification x } Suppose we have two classes of

Review: The General Learning Problem } We want to learn functions from inputs to outputs, where each input has n features: Inputs h x 1 , x 2 , . . . , x n i , with each feature x i from domain X i . Outputs y from domain Y . Function to learn: f :

689 views • 7 slides
PREVENTING THE THREATS OF TOMORROW AND BEYOND Jonathan Kaftzan VP Product marketing &

PREVENTING THE THREATS OF TOMORROW AND BEYOND Jonathan Kaftzan VP Product marketing &

PREVENTING THE THREATS OF TOMORROW AND BEYOND Jonathan Kaftzan VP Product marketing & innovation Is Prevention Possible? 2 Private and confidential FROM PREVENTION TO DETECTIONAND BACK Prevention An Antivir virus us: Polymor

735 views • 29 slides
Summary 1 Things you should know now: Basic ideas about databases and DBMSs What is a data

Summary 1 Things you should know now: Basic ideas about databases and DBMSs What is a data

Summary 1 Things you should know now: Basic ideas about databases and DBMSs What is a data model? Idea and Details of the relational model SQL as a data definition language Things given as background: History of database

1.63k views • 80 slides
Database Design and Programming Peter Schneider-Kamp DM 505, Spring 2009, 3 rd Quarter 1 Course

Database Design and Programming Peter Schneider-Kamp DM 505, Spring 2009, 3 rd Quarter 1 Course

Database Design and Programming Peter Schneider-Kamp DM 505, Spring 2009, 3 rd Quarter 1 Course Organisation Literature Database Systems: The Complete Book Evaluation Project and 1-day take-home exam, 7 scale Project

978 views • 64 slides
All your GPS Trackers belong to Us 1 Who we are Pierre Barre, Lead Security Researcher,

All your GPS Trackers belong to Us 1 Who we are Pierre Barre, Lead Security Researcher,

All your GPS Trackers belong to Us 1 Who we are Pierre Barre, Lead Security Researcher, Mobile and Telecom Lab Chaouki Kasmi, Lab Director, Mobile and Telecom Lab Eiman Al Shehhi, Security Researcher, Mobile and Telecom Lab The

469 views • 25 slides
TOW ARD ZERO-EMI SSI ON FREI GHT AT SOUTHERN CALI FORNI A'S PORTS PROSPECTS, PITFALLS &

TOW ARD ZERO-EMI SSI ON FREI GHT AT SOUTHERN CALI FORNI A'S PORTS PROSPECTS, PITFALLS &

TOW ARD ZERO-EMI SSI ON FREI GHT AT SOUTHERN CALI FORNI A'S PORTS PROSPECTS, PITFALLS & POLICY NEEDS A UCLA LAW / BERKELEY LAW CONFERENCE SPONSORED BY BANK OF AMERICA June 8, 2018 UCLA Covel Commons Photo credit: National Renewable

1.2k views • 73 slides

More recommend