1 / 18

Integer Factorization

Integer Factorization. By: Josh Tuggle & Kyle Johnson. What Is It?. Integer Factorization - T he decomposition of a composite number into its primes. Not much of an actual problem until the number becomes very large. No efficient algorithm exists yet. Goal: Factor in polynomial time.

nieve
Download Presentation

Integer Factorization

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Integer Factorization By: Josh Tuggle& Kyle Johnson

  2. What Is It? • Integer Factorization - The decomposition of a composite number into its primes. • Not much of an actual problem until the number becomes very large. • No efficient algorithm exists yet. • Goal: Factor in polynomial time.

  3. What Is It? • Hardest instance for I.F.: semiprimes. • Product of two prime numbers. • An algorithm that can efficiently factor any integer would compromise RSA Cryptography.

  4. Statistics • Sept. 1993 – April 1994: RSA-129 becomes first large distributed factorization. • Jan – Aug. 1999: RSA-155 is factored using GNFS. • April 2003: RSA-160 factored using 100 CPUs. • Dec. 2003 – May 2005: RSA-200 factored using 80 Opteron processors in Germany. • Dec. 2009: RSA-768 becomes largest semiprime factored (232 digits) after two years and the equivalent of 2000 years of processing.

  5. Running Time • There are many bounds on this problem based on what is known about the integer to be factored. • The algorithm with the best running time is the General Number Field Sieve: • However, there is an algorithm out there that has a better factoring time, with a major difference.

  6. Running Time • Shor’s Algorithm currently has the best runtime for this problem: O((log N)3). • N is the input’s size. • Only works with a quantum computer.

  7. Algorithms • There exists multiple algorithms for this particular problem. • Which one to use depends on what is known about the input. • These algorithms can be grouped into two classes: Special-Purpose and General-Purpose.

  8. Special-Purpose (Category 1) • These algorithms’ runtimes depend on the size of the smallest prime factor. • General procedure is to use these algorithms on an integer first to remove the more manageable factors. • Examples: Trial Division, Wheel Factorization, Euler’s factorization method.

  9. Trial Division • Requires most work, but easiest to understand. • Given an integer n: • Start at 2 • Move up number line towards n. • Divide n by each number • Check if the number went into n with no remainders • Repeat until all factors are prime.

  10. General-Purpose (Category 2) • The runtime for these algorithms depends only on the size of the integer being factored. • RSA numbers are factored using algorithms in this class. • Examples: Dixon’s Algorithm, Shank’s Square Forms Factorization, General Number Field Sieve.

  11. General Number Field Sieve (GNFS) • Arbitrarily select two polynomials f(x) and g(x) that must fit several conditions. • Small degrees d and e. • Integer coefficients • Irreducible over rationals • Must yield same integer root when modded by the initial number n.

  12. General Number Field Sieve (GNFS) • Subject the two polynomials to number field rings to find values of two integers a and b that satisfy: • r = bdf(a/b) and s = beg(a/b) • r and s must be numbers that factor into primes only. • Homomorphisms are then used to find two values x and y such that x2 – y2 is divisible by n. • These values are used to find a factor of n by taking the gcd of n and x – y.

  13. Shor’s Algorithm • Algorithm developed by Peter Shor in 1994. • Can factor in polynomial time, but requires a quantum computer. • Placed in complexity class BQP • Bounded-Error Quantum Polynomial Time

  14. Shor’s Process • The algorithm consists of two key parts: • A change of the problem from factoring to order-finding. • Solving the order-finding problem. • The problem change portion can be done on a traditional computer, but the order-finding portion requires a quantum computer.

  15. Traditional Half • Pick a random integer a that is less than N, the integer being factored. • Find the gcd of the two integers. • If this value isn’t 1, then there is a factor of N, and the algorithm is finished. • If the value is 1, we must go to the quantum half of the algorithm.

  16. Quantum Half • Known as the period-finding subroutine. • Used to find an r value that represents the period of the function: f(x) = ax mod N. • Quantum circuits used are custom made for each (a, N) pair. • r cannot be odd and ar/2 and -1 cannot be congruent modulo N. • If these conditions are both met, then gcd(ar/2 ± 1, N) is a nontrivial factor of N and the algorithm finishes.

  17. Quantum Half • Heavily depends on a quantum computer’s superposition property. • Evaluates the function at all points simultaneously. • The algorithm’s runtime (O(log N)3) stems from Shor solving three quantum problems in O(log N) time each. • Superposition, function as a quantum transform, and quantum Fourier transform.

  18. Questions?

More Related