implementations in a functional language

Slides:



Advertisements
Similar presentations
Problem: Give as many proofs as you can for the Pythagorean Theorem. i.e., a 2 + b 2 = c 2 holds for any right triangle with sides a & b and hypotenuse.
Advertisements

Prime recognition and factorization
WS Algorithmentheorie 03 – Randomized Algorithms (Primality Testing) Prof. Dr. Th. Ottmann.
PrasadPrimes1 VEDIC MATHEMATICS : Primes T. K. Prasad
Cryptography and Network Security
Chapter 8 – Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other.
Computability and Complexity
Chapter 8 Introduction To Number Theory. Prime Numbers Prime numbers only have divisors of 1 and Prime numbers only have divisors of 1 and self. self.
Agrawal-Kayal-Saxena Presented by: Xiaosi Zhou
Primality Testing Patrick Lee 12 July 2003 (updated on 13 July 2003)
Lecture 8: Primality Testing and Factoring Piotr Faliszewski
Introduction to Modern Cryptography Lecture 6 1. Testing Primitive elements in Z p 2. Primality Testing. 3. Integer Multiplication & Factoring as a One.
COM 5336 Cryptography Lecture 7a Primality Testing
מבוא מורחב 1 Lecture 4 Material in the textbook on Pages 44-46, of 2nd Edition Sections and Hanoy towers.
Notation Intro. Number Theory Online Cryptography Course Dan Boneh
Announcements: 1. Pass in Homework 5 now. 2. Term project groups and topics due by Friday 1.Can use discussion forum to find teammates 3. HW6 posted, due.
CSC2110 Discrete Mathematics Tutorial 5 GCD and Modular Arithmetic
1 Chapter 7– Introduction to Number Theory Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Implementation of Pollard’s Rho Heuristic Mid-term Exam CSE670 Manoj Patil March 03, 2004.
The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.
1 Cryptosystems Based on Discrete Logarithms. 2 Outline [1] Discrete Logarithm Problem [2] Algorithms for Discrete Logarithm –A trivial algorithm –Shanks’
Elementary Number Theory and Methods of Proof. Basic Definitions An integer n is an even number if there exists an integer k such that n = 2k. An integer.
K. -C. Yang and J. -L. Lin National Tsing Hua University
and Factoring Integers
Announcements: 1. Pass in worksheet on using RSA now. 2. DES graded soon 3. Short “pop” quiz on Ch 3 (Thursday at earliest) 4. Term project groups and.
Chapter 8 – Introduction to Number Theory Prime Numbers  prime numbers only have divisors of 1 and self they cannot be written as a product of other numbers.
Theory I Algorithm Design and Analysis (9 – Randomized algorithms) Prof. Dr. Th. Ottmann.
Factoring Algorithms Ref: D. Stinson, Cryptography - Theory and Practice, 2001.
Chapter 8 – Introduction to Number Theory Prime Numbers
Chapter 8 – Introduction to Number Theory Prime Numbers  prime numbers only have divisors of 1 and self they cannot be written as a product of other numbers.
RSA Question 2 Bob thinks that p and q are primes but p isn’t. Then, Bob thinks ©Bob:=(p-1)(q-1) = Á(n). Is this true ? Bob chooses a random e (1 < e
The RSA Algorithm Based on the idea that factorization of integers into their prime factors is hard. ★ n=p . q, where p and q are distinct primes Proposed.
Topic 18: RSA Implementation and Security
The Integers and Division
Introduction Dr. Ying Lu RAIK 283: Data Structures & Algorithms.
Divisibility October 8, Divisibility If a and b are integers and a  0, then the statement that a divides b means that there is an integer c such.
Chapter 9 Mathematics of Cryptography Part III: Primes and Related Congruence Equations Copyright © The McGraw-Hill Companies, Inc. Permission required.
Software Security Seminar - 1 Chapter 11. Mathematical Background 발표자 : 안병희 Applied Cryptography.

1 AN EFFICIENT METHOD FOR FACTORING RABIN SCHEME SATTAR J ABOUD 1, 2 MAMOUN S. AL RABABAA and MOHAMMAD A AL-FAYOUMI 1 1 Middle East University for Graduate.
Copyright, Yogesh Malhotra, PhD, 2013www.yogeshmalhotra.com SPECIAL PURPOSE FACTORING ALGORITHMS Special Purpose Factoring Algorithms For special class.
Numerical Methods Applications of Loops: The power of MATLAB Mathematics + Coding 1.
RSA Parameter Generation Bob needs to: - find 2 large primes p,q - find e s.t. gcd(e, Á (pq))=1 Good news: - primes are fairly common: there are about.
The Complexity of Primality Testing. What is Primality Testing? Testing whether an integer is prime or not. – An integer p is prime if the only integers.
Introduction Algorithms and Conventions The design and analysis of algorithms is the core subject matter of Computer Science. Given a problem, we want.
Additional Problems.
PRIMES is in P Manindra Agrawal NUS Singapore / IIT Kanpur.
6.4 Factoring.
Scott CH Huang COM 5336 Cryptography Lecture 6 Public Key Cryptography & RSA Scott CH Huang COM 5336 Cryptography Lecture 6.
UNIT-I INTRODUCTION ANALYSIS AND DESIGN OF ALGORITHMS CHAPTER 1:
9/22/15UB Fall 2015 CSE565: S. Upadhyaya Lec 7.1 CSE565: Computer Security Lecture 7 Number Theory Concepts Shambhu Upadhyaya Computer Science & Eng. University.
6.3 Primality Testing. p2. (1) Prime numbers 1. How to generate large prime numbers? (1) Generate as candidate a random odd number n of appropriate size.
מבוא מורחב 1 Lecture 4 Material in the textbook on Pages 44-46, of 2nd Edition Sections and Hanoy towers.
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
Lecture #5 מבוא מורחב.
Public Key Encryption Major topics The RSA scheme was devised in 1978
CSE565: Computer Security Lecture 7 Number Theory Concepts
Cryptography and Network Security
Introduction to Number Theory
Material in the textbook on pages
A low cost quantum factoring algorithm
Cryptography and Network Security
Parallel Quadratic Sieve
Lecture #5 מבוא מורחב.
Introduction to Cryptography
Material in the textbook on
6.001 SICP Streams – the lazy way
Mathematical Background for Cryptography
Patrick Lee 12 July 2003 (updated on 13 July 2003)
Introduction to Algorithms
Presentation transcript:

implementations in a functional language Prime factorization implementations in a functional language

Introduction Introduction Fermat’s algorithm Pollard’s rho algorithm Goal: Get a better understanding of the implementation and application of different factorization algorithms (Fermat’s, Pollard’s rho, Quadratic sieve, Elliptic curve) Elliptic curve factorization Summary

Fermat’s algorithm Observation: Introduction Fermat’s algorithm Observation: All composite numbers can be written as the difference between two squared numbers, i.e. Pollard’s rho algorithm Elliptic curve factorization Summary

Fermat’s algorithm Algorithm: Introduction Algorithm: Assume n is an odd number (otherwise, factor out 2 until is odd). Define , Iteratively find . If is a square , then and are factors of . If then stop and report as a prime. Fermat’s algorithm Pollard’s rho algorithm Elliptic curve factorization Summary

Fermat’s algorithm Is the algorithm correct? Does it terminate? Introduction Fermat’s algorithm Pollard’s rho algorithm Elliptic curve factorization Is the algorithm correct? Does it terminate? Summary

Fermat’s algorithm Correctness: The algorithm is correct iff Introduction Correctness: The algorithm is correct iff Assume . Then Fermat’s algorithm Pollard’s rho algorithm Elliptic curve factorization Summary Now assume . Then Leading to the factor

Fermat’s algorithm Termination: Introduction Fermat’s algorithm Pollard’s rho algorithm Termination: Termination follows trivially from the fact that we iterate over a finite range. Elliptic curve factorization Summary

Fermat’s algorithm Code: Introduction Fermat’s algorithm Pollard’s rho (define (fermat-single n) (let* ((s (get-sqrt n)) (r (cdr s)) (m (- (expt r 2) n)) (r-stop (/ (+ n 1) 2))) (letrec ((iterator (lambda () (if (>= r r-stop) (cons n '()) (begin (set! s (get-sqrt m)) (if (car s) (cons (+ r (cdr s)) (- r (cdr s))) (set! m (+ m (* 2 r) 1)) (set! r (+ r 1)) (iterator)))))))) (cons r r) (iterator))))) Pollard’s rho algorithm Elliptic curve factorization Summary

Fermat’s algorithm Running times: Introduction Fermat’s algorithm Pollard’s rho algorithm Elliptic curve factorization Summary

Pollard’s rho algorithm Introduction Fermat’s algorithm Observation: If and are in different residue class modulo , but in the same class modulo a proper divisor of , then will result in a proper divisor of . Pollard’s rho algorithm Elliptic curve factorization Summary

Pollard’s rho algorithm Introduction Algorithm: Choose a “random” function Define , , , and Iteratively find If then is a factor If then go to step 1 or report as “maybe prime” Fermat’s algorithm Pollard’s rho algorithm Elliptic curve factorization Summary

Pollard’s rho algorithm Introduction Fermat’s algorithm Pollard’s rho algorithm Elliptic curve factorization Is the algorithm correct? Does it terminate? Summary

Pollard’s rho algorithm Introduction Correctness: Since the range of is finite, the and values must cycle. It should be clear that cycles twice as fast as , so if we go through a cycle with then , so . If, however, , then is a non-trivial factor of . Fermat’s algorithm Pollard’s rho algorithm Elliptic curve factorization Summary

Pollard’s rho algorithm Introduction Fermat’s algorithm Pollard’s rho algorithm Termination: Termination follows from the cycling of the values and guaranteed termination when cycling has happened. Elliptic curve factorization Summary

Pollard’s rho algorithm Introduction Code: Fermat’s algorithm (define (pollard-rho-single n) (let ((a 2) (b 2) (c 1)) (letrec ((iterator (lambda () (begin (set! a (modulo (+ (expt a 2) c) n)) (set! b (modulo (+ (expt b 2) c) n)) (let ((d (gcd (- a b) n))) (cond ((and (> d 1) (< d n)) (cons d (quotient n d))) ((= d n) (if (= c 2) (cons n '()) (begin (set! a 2) (set! b 2) (set! c (+ c 1)) (iterator)))) (else (iterator)))))))) Pollard’s rho algorithm Elliptic curve factorization Summary

Pollard’s rho algorithm Introduction Running times: Fermat’s algorithm ? The algorithm is too fast even without optimizations when the number has any “small” factors (smaller than 10 digits). I have had problems finding enough values to analyse on that give non-eligible running times, but are still feasible to factorize. (It factors 47189479742142798147947497147589257979528526917505641 into 3012764903 x 15663180255171340247104404464575395373798447 in 2,5s) Pollard’s rho algorithm Elliptic curve factorization Summary

Pollard’s rho algorithm Introduction Running times: Fermat’s algorithm Pollard’s rho algorithm Elliptic curve factorization Summary

Elliptic curve factorization Introduction Fermat’s algorithm Observation: Iteratively applying a group function to a series of points starting on a random point in a group defined by an elliptic curve modulo the number we are factorizing we will eventually find a generator for the subgroup we iterate over. Using the order of this subgroup, we can determine a factor of n. Pollard’s rho algorithm Elliptic curve factorization Summary

Elliptic curve factorization Introduction Code: Fermat’s algorithm (define (elliptic-curve-single n) (let ((a 1) (p (cons 0 5)) (e 2)) (letrec ((iterator (lambda () (begin (set! p (point-expt p e a)) (set! e (+ e 1)) (if (not (pair? p)) (if (symbol? p) (cons n '()) (cons p (quotient n p))) (iterator)))))) (iterator))))) Pollard’s rho algorithm Elliptic curve factorization Summary

Elliptic curve factorization Introduction Running times: Fermat’s algorithm Pollard’s rho algorithm Elliptic curve factorization Summary

Summary The following insight was gained through the project Introduction Fermat’s algorithm Pollard’s rho algorithm The following insight was gained through the project The elliptic curve algorithm is not fast in it’s ”natural form”, but becomes fast as elliptic curve knowledge is applied as optimizations. The implementation of the sieving process in quadratic sieve is complex and confusing A better understanding of the implemented algorithms Elliptic curve factorization Summary

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.