Hugh C. Williams. A p + 1 method of factoring. Mathematics of Computation, 39(159):225-234, July 1982.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....a randomized version of the method. Pollard s p 1 method in [136] nds certain primes p quickly: in particular, it seems to nd at least one out of every z primes in time z 1 o(1) if n has z o(1) bits, where 2(log z) 2 = log y log log y, The same comment applies to Williams s p 1 method in [177] and Lenstra s elliptic curve method in [108] A uniform random choice of z 1 o(1) elliptic curves seems to nd every prime y in total time z 2 o(1) exp p (2 o(1) log y log log y with negligible error probability. For further discussion see [32] 119] 88] 33] 120] 10] 167] ....

Hugh C. Williams, A p + 1 method of factoring, Mathematics of Computation 39 (1982), 225-234. MR 83h:10016.

....factors appear in the update to [ 6.5. P 1 The P Gamma 1 method finds a factor p of N if p Gamma 1 is sufficiently smooth. The method has found many factors, but fails miserably if p Gamma 1 has a very large factor, such as if p Gamma 1 = 2q for some prime q. In 1982, Hugh Williams [19] published a method which works when p 1 (rather than p Gamma 1) is smooth. Williams s method, called the P 1 method, operates in the finite field GF(p 2 ) having p 2 elements and characteristic p. Let P be an integer and assume that P 2 Gamma 4 is is a quadratic non residue (i.e. ....

....One way to do the arithmetic observes that ff and 1 is a basis for GF(p 2 ) over GF(p) and uses arithmetic modulo N in place of arithmetic modulo the (unknown) prime p. This can be improved considerably by using Lucas functions to manipulate values of ff e ff Gammae rather than ff e [19]. There is no known way to check beforehand whether P 2 Gamma 4 is a non residue without knowing p. If one runs the method three times using three values for P , then there is an 87.5 chance that at least one of the values for P 2 Gamma 4 will be a quadratic non residue. When P 2 Gamma ....

H.C. Williams. A p + 1 method of factoring. Mathematics of Computation, 39(159):225--234, July 1982.

....factoring algorithms. Lenstra s elliptic curve algorithm [54] is successful in finding small factors having (at present) up to 40 decimal digits [29] Pollard s algorithm [71] finds factors p for which p Gamma 1 has only relatively small prime factors. This algorithm was generalized by Williams [87] to primes for which p 1 has no large prime factor and by Bach and Shallit [7] to primes for which any cyclotomic polynomial evaluated at p has no large prime factor, i.e. for which either p Gamma 1; p 1; p 2 Sigma p 1, p 4 p 3 p 2 p 1, etc. has no large prime factor. It ....

H.C. Williams, A p + 1 method of factoring, Mathematics of Computation, Vol. 39, No. 159, pp. 225-234, 1982.

....this requirement to the RSA key generation. For randomly chosen large primes, the probability that (p Gamma 1) 2, p 1) 2, q Gamma 1) 2, and (q 1) 2 have a large prime factor is overwhelming. This is sufficient protection against the Pollard p Gamma 1 and Williams p 1 factoring methods [32, 38]. Moreover, an efficient proof that an arbitrarily generated RSA modulus is not weak without revealing its factors seems to be hard to obtain as various conditions have to be checked (e.g. see [1] J. Camenisch and M. Michels showing that a committed number consists of two large factors, and, ....

H. C. Williams. A p + 1 method of factoring. Mathematics of Computation, 39(159):225--234, 1982.

....of 130 digits, the NFS will overtake the MPQS in terms of factoring speed. The situation regarding special purpose algorithms is interesting. Pollard s algorithm[25] finds factors p for which (p Gamma 1) has only relatively small prime factors. This algorithm has been generalised by Williams[32] to primes for which (p 1) has only relatively small prime factors. These algorithms have led to the notion of strong primes that is primes whose properties avoid these fast, special purpose algorithms. The most common restriction is that both (p Gamma 1) and (p 1) have at least one large ....

H. C. Williams. A (p + 1) method of factoring. Mathematics of Computation, 39(159):225--234, 1982.

....that Lucas sequences are widely applied in cryptography. Examples are the ElGamal type cryptosystem LUCELG PK and digital signature algorithm LUCELG CS, SS94] simple and secure LUC pseudo random bit generator, HM98] and Williams p 1 factorisation algorithm which is based on Lucas sequences, [W82] as well as many others. We now give a brief introduction to Lucas sequences. Further details can be found in [R89] R85] and [V89] Let P 3, V 0 = 2, V 1 = P and for n 2, Vn = PVn Gamma1 Gamma QVn Gamma2 . This sequence is called a Lucas sequence. Often instead of only writing Vn we write Vn ....

H.C. Williams, A p + 1 method of factoring, Mathematics of Computation, 39, 225--234, 1982.

No context found.

Hugh C. Williams. A p + 1 method of factoring. Mathematics of Computation, 39(159):225-234, July 1982.

No context found.

A polyhedral method for solving sparse polynomial systems, (with B. Huber), Mathematics of Computation 64 (1995) 1541--1555.

No context found.

Hugh C. Williams. A p + 1 method of factoring. Mathematics of Computation, 39(159):225--234, July 1982.

No context found.

H. C. Williams. A p+1 method of factoring. Mathematics of Computation, 39(159):225--234, July 1982.

No context found.

Hugh C. Williams. A p + 1 method of factoring. Mathematics of Computation, 39(159):225-234, July 1982.

No context found.

H.C. Williams. A p+1 method of factoring. Mathematics of Computation, 39(159):225-- 234, 1982. 11

No context found.

H. C. Williams, A p+1 Method of Factoring, Mathematics of Computation, v. 39, n. 159, July 1982, p. 225-234. 22

No context found.

H. Williams, A p +1 method of factoring, Mathematics of Computation, 39, 159, 225--234, 1982.

No context found.

H.Williams, (1982), A p + 1 method of factoring, Mathematics on Computation, Vol. 39, pp. 225--34.

No context found.

H.C. Williams, A p + 1 method of Factoring, Mathematics of Computation, 39, 225--234, 1982.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC