DOCSLIB.ORG

A Tale of Two Sieves Carl Pomerance

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

pomerance.qxp 5/7/98 9:16 AM Page 1473 A Tale of Two Sieves Carl Pomerance (This paper is dedicated to the memory of my friend and teacher, Paul Erdos) t is the best of times for the game of fac- was largely ignored, since it was considered triv- toring large numbers into their prime fac- ial. After all, it was doable in principle, so what tors. In 1970 it was barely possible to fac- else was there to discuss? A few researchers ig- tor “hard” 20-digit numbers. In 1980, in nored the fashions of the time and continued to the heyday of the Brillhart-Morrison con- try to find fast ways to factor. To these few it Itinued fraction factoring algorithm, factoring of was a basic and fundamental problem, one that 50-digit numbers was becoming commonplace. should not be shunted to the side. In 1990 my own quadratic sieve factoring algo- But times change. In the last few decades we rithm had doubled the length of the numbers have seen the advent of accessible and fast com- that could be factored, the record having 116 dig- puting power, and we have seen the rise of cryp- its. tographic systems that base their security on our By 1994 the quadratic sieve had factored the supposed inability to factor quickly (and on famous 129-digit RSA challenge number that other number theoretic problems). Today there had been estimated in Martin Gardner’s 1976 Sci- are many people interested in factoring, recog- entific American column to be safe for 40 nizing it not only as a benchmark for the secu- quadrillion years (though other estimates around rity of cryptographic systems, but for comput- then were more modest). But the quadratic sieve ing itself. In 1984 the Association for Computing is no longer the champion. It was replaced by Machinery presented a plaque to the Institute for Pollard’s number field sieve in the spring of Electrical and Electronics Engineers (IEEE) on 1996, when that method successfully split a the occasion of the IEEE centennial. It was in- 130-digit RSA challenge number in about 15% of scribed with the prime factorization of the num- the time the quadratic sieve would have taken. ber 2251 1 that was completed that year with − In this article we shall briefly meet these fac- the quadratic sieve. The president of the ACM torization algorithms—these two sieves—and made the following remarks: some of the many people who helped to de- velop them. About 300 years ago the French In the middle part of this century, computa- mathematician Mersenne speculated tional issues seemed to be out of fashion. In most that 2251 1 was a composite, that − books the problem of factoring big numbers is, a factorable number. About 100 years ago it was proved to be fac- torable, but even 20 years ago the Carl Pomerance is research professor of mathematics computational load to factor the at the University of Georgia, Athens, GA. His e-mail ad- number was considered insur- dress is [email protected]. mountable. Indeed, using conven- Supported in part by National Science Foundation grant tional machines and traditional number DMS-9206784. search algorithms, the search time DECEMBER 1996 NOTICES OF THE AMS 1473 pomerance.qxp 5/7/98 9:16 AM Page 1474 was estimated to be about 1020 years. I had wasted too much time, and I missed the The number was factored in Febru- problem. ary of this year at Sandia on a Cray So can you find the clever way? If you wish computer in 32 hours, a world to think about this for a moment, delay reading record. We’ve come a long way in the next paragraph. computing, and to commemorate IEEE’s contribution to computing we Fermat and Kraitchik The trick is to write 8051 as 8100 49, which have inscribed the five factors of the − is 902 72, so we may use algebra, namely, fac- Mersenne composite on a plaque. − Happy Birthday, IEEE. toring a difference of squares, to factor 8051. It is 83 97. Factoring big numbers is a strange kind of Does× this always work? In fact, every odd mathematics that closely resembles the experi- composite can be factored as a difference of 2 mental sciences, where nature has the last and squares: just use the identity ab = 1 (a + b) 1 2 2 definitive word. If some method to factor n runs (a b) . Trying to find a pair of squares − 2 − for awhile and ends with the statement “d is a which work is, in fact, a factorization method of factor of n”, then this assertion may be easily Fermat. Just like trial division, which has some checked; that is, the integers have the last and very easy cases (such as when there is a small definitive word. One can thus get by quite nicely prime factor), so too does the difference-of- without proving a theorem that a method works squares method have easy cases. For example, in general. But, as with the experimental sci- if n = ab where a and b are very close to √n, ences, both rigorous and heuristic analyses can as in the case of n = 8051, it is easy to find the be valuable in understanding the subject and two squares. But in its worst cases, the differ- moving it forward. And, as with the experimen- ence-of-squares method can be far worse than tal sciences, there is sometimes a tension be- trial division. It is worse in another way too. tween pure and applied practitioners. It is held With trial division, most numbers fall into the by some that the theoretical study of factoring easy case; namely, most numbers have a small is a freeloader at the table (or as Hendrik Lenstra factor. But with the difference-of-squares once colorfully put it, paraphrasing Siegel, “a pig method, only a small fraction of numbers have in the rose garden”), enjoying undeserved at- a divisor near their square root, so the method tention by vapidly giving various algorithms la- works well on only a small fraction of possible bels, be they “polynomial”, “exponential”, “ran- inputs. (Though trial division allows one to begin dom”, etc., and offering little or nothing in return a factorization for most inputs, finishing with a to those hard workers who would seriously com- complete factorization is usually far more dif- pute. There is an element of truth to this view. ficult. Most numbers resist this, even when a But as we shall see, theory played a significant combination of trial division and difference-of- role in the development of the title’s two sieves. squares is used.) In the 1920s Maurice Kraitchik came up with A Contest Problem an interesting enhancement of Fermat’s differ- But let us begin at the beginning, at least my be- ence-of-squares technique, and it is this en- ginning. When I give talks on factoring, I often hancement that is at the basis of most modern repeat an incident that happened to me long factoring algorithms. (The idea had roots in the ago in high school. I was involved in a math con- work of Gauss and Seelhoff, but it was Kraitchik test, and one of the problems was to factor the who brought it out of the shadows, introducing number 8051. A time limit of five minutes was it to a new generation in a new century. For given. It is not that we were not allowed to use more on the early history of factoring, see [23].) pocket calculators; they did not exist in 1960, Instead of trying to find integers u and v with around when this event occurred! Well, I was u2 v2 equal to n, Kraitchik reasoned that it − fairly good at arithmetic, and I was sure I could might suffice to find u and v with u2 v2 equal − trial divide up to the square root of 8051 (about to a multiple of n, that is, u2 v2 mod n. Such ≡ 90) in the time allowed. But on any test, espe- a congruence can have uninteresting solutions, cially a contest, many students try to get into the those where u v mod n, and interesting so- ≡± mind of the person who made it up. Surely they lutions, where u v mod n. In fact, if n is odd 6≡ ± would not give a problem where the only rea- and divisible by at least two different primes, sonable approach was to try possible divisors then at least half of the solutions to frantically until one was found. There must be u2 v2 mod n, with uv coprime to n, are of the ≡ a clever alternate route to the answer. So I spent interesting variety. And for an interesting solu- a couple of minutes looking for the clever way, tion u, v, the greatest common factor of u v − but grew worried that I was wasting too much and n, denoted (u v,n), must be a nontrivial − time. I then belatedly started trial division, but factor of n. Indeed, n divides u2 v2 = − 1474 NOTICES OF THE AMS VOLUME 43, NUMBER 12 pomerance.qxp 5/7/98 9:16 AM Page 1475 (u v)(u + v) but divides neither factor. So n Lehmer and R. E. Powers suggested replacing − must be somehow split between u v and u + v. Kraitchik’s function Q(x)=x2 n with another − − As an aside, it should be remarked that find- that is derived from the continued-fraction ex- ing the greatest common divisor (a, b) of two pansion of √n.
Recommended publications
  • Fast Tabulation of Challenge Pseudoprimes Andrew Shallue and Jonathan Webster

    Fast Tabulation of Challenge Pseudoprimes Andrew Shallue and Jonathan Webster

    THE OPEN BOOK SERIES 2 ANTS XIII Proceedings of the Thirteenth Algorithmic Number Theory Symposium Fast tabulation of challenge pseudoprimes Andrew Shallue and Jonathan Webster msp THE OPEN BOOK SERIES 2 (2019) Thirteenth Algorithmic Number Theory Symposium msp dx.doi.org/10.2140/obs.2019.2.411 Fast tabulation of challenge pseudoprimes Andrew Shallue and Jonathan Webster We provide a new algorithm for tabulating composite numbers which are pseudoprimes to both a Fermat test and a Lucas test. Our algorithm is optimized for parameter choices that minimize the occurrence of pseudoprimes, and for pseudoprimes with a fixed number of prime factors. Using this, we have confirmed that there are no PSW-challenge pseudoprimes with two or three prime factors up to 280. In the case where one is tabulating challenge pseudoprimes with a fixed number of prime factors, we prove our algorithm gives an unconditional asymptotic improvement over previous methods. 1. Introduction Pomerance, Selfridge, and Wagstaff famously offered $620 for a composite n that satisfies (1) 2n 1 1 .mod n/ so n is a base-2 Fermat pseudoprime, Á (2) .5 n/ 1 so n is not a square modulo 5, and j D (3) Fn 1 0 .mod n/ so n is a Fibonacci pseudoprime, C Á or to prove that no such n exists. We call composites that satisfy these conditions PSW-challenge pseudo- primes. In[PSW80] they credit R. Baillie with the discovery that combining a Fermat test with a Lucas test (with a certain specific parameter choice) makes for an especially effective primality test[BW80].
  • The Quadratic Sieve - Introduction to Theory with Regard to Implementation Issues

    The Quadratic Sieve - Introduction to Theory with Regard to Implementation Issues

    The Quadratic Sieve - introduction to theory with regard to implementation issues RNDr. Marian Kechlibar, Ph.D. April 15, 2005 Contents I The Quadratic Sieve 3 1 Introduction 4 1.1 The Quadratic Sieve - short description . 5 1.1.1 Polynomials and relations . 5 1.1.2 Smooth and partial relations . 7 1.1.3 The Double Large Prime Variation . 8 1.1.4 Problems to solve . 10 2 Quadratic Sieve Implementation 12 2.1 The Factor Base . 12 2.2 The sieving process . 15 2.2.1 Interval sieving and solution of polynomials . 16 2.2.2 Practical implementation . 16 2.3 Generation of polynomials . 17 2.3.1 Desirable properties of polynomials . 17 2.3.2 Assessment of magnitude of coecients . 18 2.3.3 MPQS - The Silverman Method . 20 2.3.4 SIQS principle . 21 2.3.5 Desirable properties of b . 22 2.3.6 SIQS - Generation of the Bi's . 23 2.3.7 Generation of b with Gray code formulas . 24 2.3.8 SIQS - General remarks on a determination . 26 2.3.9 SIQS - The bit method for a coecient . 27 2.3.10 SIQS - The Carrier-Wagsta method for a coecient . 28 2.4 Combination of the relations, partial relations and linear algebra 30 2.5 Linear algebra step . 31 2.6 The Singleton Gap . 32 1 3 Experimental Results 36 3.1 Sieving speed - dependence on FB size . 36 3.2 Sieving speed - dependence on usage of 1-partials . 38 3.3 Singletons - dependence on log(N) and FB size . 39 3.4 Properties of the sieving matrices .
  • By Sieving, Primality Testing, Legendre's Formula and Meissel's

    By Sieving, Primality Testing, Legendre's Formula and Meissel's

    Computation of π(n) by Sieving, Primality Testing, Legendre’s Formula and Meissel’s Formula Jason Eisner, Spring 1993 This was one of several optional small computational projects assigned to undergraduate mathematics students at Cambridge University in 1993. I’m releasing my code and writeup in 2002 in case they are helpful to anyone—someone doing research in this area wrote to me asking for them. My linear-time version of the Sieve of Eratosthenes may be original; I have not seen that algorithm anywhere else. But the rest of this work is straightforward implementation and exposition of well-known methods. A good reference is H. Riesel, Prime Numbers and Computer Methods for Factorization. My Common Lisp implementation is in the file primes.lisp. The standard language reference (now available online for free) is Guy L. Steele, Jr., Common Lisp: The Language, 2nd ed., Digital Press, 1990. Note: In my discussion of running time, I have adopted the usual ideal- ization of a machine that can perform addition and multiplication operations in constant time. Real computers obviously fall short of this ideal; for exam- ple, when n and m are represented in base 2 by arbitrary length bitstrings, it takes time O(log n log m) to compute nm. Introduction: In this project we’ll look at several approaches for find- ing π(n), the numberof primes less than n. Each approach has its advan- tages. • Sieving produces a complete list of primes that can be further analyzed. For instance, after sieving, we may easily identify the 8169 pairs of twin primes below 106.
  • Epiglass ® and Other International Paint Products

    Epiglass ® and Other International Paint Products

    Epiglass® Multipurpose Epoxy Resin ABOUT THE AUTHORS ROGER MARSHALL For eight years award winning author Roger Marshall has been the technical editor for Soundings magazine where his articles are read by about 250,000 people each month. Marshall’s experience as a writer spans for many years. His work has appeared worldwide as well as the New York Times, Daily Telegraph (UK), Sports illustrated, Sail, Cruising World, Motor Boating and sailing, Yachting and many other newspapers and magazines. Marshall is also the author of twelve marine related books, two of which were translated into Italian and Spanish. His last book All about Powerboats was published by International Marine in the spring of 2002. He has another book Rough Weather Seamanship due in the fall of 2003 and is currently working on a new book, Elements of Powerboat Design for International Marine. But writing is only a small part of Marshall’s talents. He is also a designer of boats, both power and sail. After completing a program in small craft design at Southampton College in England, Marshall, who still holds a British passport, moved to the United States in 1973 to take a position at Sparkman & Stephens, Inc. in New York. He worked there as a designer for nearly 5 years and then left to establish his own yacht design studio in Jamestown, Rhode Island. As an independent designer he has designed a wide range of boats and was project engineer for the Courageous Challenge for the 1987 America’s Cup campaign in Australia. In 1999 one of his cruising yacht designs was selected for inclusion in Ocean Cruising magazine’s American Yacht Review.
  • Fast Generation of RSA Keys Using Smooth Integers

    Fast Generation of RSA Keys Using Smooth Integers

    1 Fast Generation of RSA Keys using Smooth Integers Vassil Dimitrov, Luigi Vigneri and Vidal Attias Abstract—Primality generation is the cornerstone of several essential cryptographic systems. The problem has been a subject of deep investigations, but there is still a substantial room for improvements. Typically, the algorithms used have two parts – trial divisions aimed at eliminating numbers with small prime factors and primality tests based on an easy-to-compute statement that is valid for primes and invalid for composites. In this paper, we will showcase a technique that will eliminate the first phase of the primality testing algorithms. The computational simulations show a reduction of the primality generation time by about 30% in the case of 1024-bit RSA key pairs. This can be particularly beneficial in the case of decentralized environments for shared RSA keys as the initial trial division part of the key generation algorithms can be avoided at no cost. This also significantly reduces the communication complexity. Another essential contribution of the paper is the introduction of a new one-way function that is computationally simpler than the existing ones used in public-key cryptography. This function can be used to create new random number generators, and it also could be potentially used for designing entirely new public-key encryption systems. Index Terms—Multiple-base Representations, Public-Key Cryptography, Primality Testing, Computational Number Theory, RSA ✦ 1 INTRODUCTION 1.1 Fast generation of prime numbers DDITIVE number theory is a fascinating area of The generation of prime numbers is a cornerstone of A mathematics. In it one can find problems with cryptographic systems such as the RSA cryptosystem.
  • Primes and Primality Testing

    Primes and Primality Testing

    Primes and Primality Testing A Technological/Historical Perspective Jennifer Ellis Department of Mathematics and Computer Science What is a prime number? A number p greater than one is prime if and only if the only divisors of p are 1 and p. Examples: 2, 3, 5, and 7 A few larger examples: 71887 524287 65537 2127 1 Primality Testing: Origins Eratosthenes: Developed “sieve” method 276-194 B.C. Nicknamed Beta – “second place” in many different academic disciplines Also made contributions to www-history.mcs.st- geometry, approximation of andrews.ac.uk/PictDisplay/Eratosthenes.html the Earth’s circumference Sieve of Eratosthenes 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 Sieve of Eratosthenes We only need to “sieve” the multiples of numbers less than 10. Why? (10)(10)=100 (p)(q)<=100 Consider pq where p>10. Then for pq <=100, q must be less than 10. By sieving all the multiples of numbers less than 10 (here, multiples of q), we have removed all composite numbers less than 100.
  • 21 Pintura.Pdf

    21 Pintura.Pdf

    Paint 1247 Marpro Super-B Gold™ with SCX™-Slime Control Xtra Marpro Superkote Gold™ with SCX™ - Slime Control Xtra Black Blue Red Green Black Blue Red • SUPER-B GOLD is the highest performance ablative copolymer on the market today. • The highest copper content (67%) in our line. • SUPERKOTE GOLD is the highest performance • Performance booster SCX (Slime Control Xtra) modified hard epoxy performance products on the provides outstanding protection against slime, market today. grass and weed. • The highest copper content (67%) in our line. Paint & Paint Acc. & Paint Paint • Continual release of biocide makes this self-polishing copolymer most • Performance booster SCX (Slime Control Xtra) provides outstanding effective for anti-fouling protection, with only minimal paint buildup. protection against slime, grass and weed. • Tough, multi-season paint for superior protection against hard and soft • Continual release of biocide makes this modified hard epoxy most effective growth in extreme fouling conditions. for antifouling protection. • Can re-launch after extended haul-out and retain original antifouling • Superior protection against hard and soft growth in extreme fouling Fun & properties. conditions. Flotation • Perfect for powerboats and sailboats. • Perfect for powerboats and sailboats. Anchor • Can be applied directly over properly prepared ablatives, epoxies and vinyl’s, • Can be applied directly over properly prepared epoxies and vinyls, and most & Dock and most any other hard or ablative bottom paints. any other hard bottom paints.
  • 1914 Martin Gardner

    1914 Martin Gardner

    ΠME Journal, Vol. 13, No. 10, pp 577–609, 2014. 577 THE PI MU EPSILON 100TH ANNIVERSARY PROBLEMS: PART II STEVEN J. MILLER∗, JAMES M. ANDREWS†, AND AVERY T. CARR‡ As 2014 marks the 100th anniversary of Pi Mu Epsilon, we thought it would be fun to celebrate with 100 problems related to important mathematics milestones of the past century. The problems and notes below are meant to provide a brief tour through some of the most exciting and influential moments in recent mathematics. No list can be complete, and of course there are far too many items to celebrate. This list must painfully miss many people’s favorites. As the goal is to introduce students to some of the history of mathematics, ac- cessibility counted far more than importance in breaking ties, and thus the list below is populated with many problems that are more recreational. Many others are well known and extensively studied in the literature; however, as our goal is to introduce people to what can be done in and with mathematics, we’ve decided to include many of these as exercises since attacking them is a great way to learn. We have tried to include some background text before each problem framing it, and references for further reading. This has led to a very long document, so for space issues we split it into four parts (based on the congruence of the year modulo 4). That said: Enjoy! 1914 Martin Gardner Few twentieth-century mathematical authors have written on such diverse sub- jects as Martin Gardner (1914–2010), whose books, numbering over seventy, cover not only numerous fields of mathematics but also literature, philosophy, pseudoscience, religion, and magic.
  • Elementary Number Theory

    Elementary Number Theory

    Elementary Number Theory Peter Hackman HHH Productions November 5, 2007 ii c P Hackman, 2007. Contents Preface ix A Divisibility, Unique Factorization 1 A.I The gcd and B´ezout . 1 A.II Two Divisibility Theorems . 6 A.III Unique Factorization . 8 A.IV Residue Classes, Congruences . 11 A.V Order, Little Fermat, Euler . 20 A.VI A Brief Account of RSA . 32 B Congruences. The CRT. 35 B.I The Chinese Remainder Theorem . 35 B.II Euler’s Phi Function Revisited . 42 * B.III General CRT . 46 B.IV Application to Algebraic Congruences . 51 B.V Linear Congruences . 52 B.VI Congruences Modulo a Prime . 54 B.VII Modulo a Prime Power . 58 C Primitive Roots 67 iii iv CONTENTS C.I False Cases Excluded . 67 C.II Primitive Roots Modulo a Prime . 70 C.III Binomial Congruences . 73 C.IV Prime Powers . 78 C.V The Carmichael Exponent . 85 * C.VI Pseudorandom Sequences . 89 C.VII Discrete Logarithms . 91 * C.VIII Computing Discrete Logarithms . 92 D Quadratic Reciprocity 103 D.I The Legendre Symbol . 103 D.II The Jacobi Symbol . 114 D.III A Cryptographic Application . 119 D.IV Gauß’ Lemma . 119 D.V The “Rectangle Proof” . 123 D.VI Gerstenhaber’s Proof . 125 * D.VII Zolotareff’s Proof . 127 E Some Diophantine Problems 139 E.I Primes as Sums of Squares . 139 E.II Composite Numbers . 146 E.III Another Diophantine Problem . 152 E.IV Modular Square Roots . 156 E.V Applications . 161 F Multiplicative Functions 163 F.I Definitions and Examples . 163 CONTENTS v F.II The Dirichlet Product .
  • Simple High-Level Code for Cryptographic Arithmetic - with Proofs, Without Compromises

    Simple High-Level Code for Cryptographic Arithmetic - with Proofs, Without Compromises

    Simple High-Level Code for Cryptographic Arithmetic - With Proofs, Without Compromises The MIT Faculty has made this article openly available. Please share how this access benefits you. Your story matters. Citation Erbsen, Andres et al. “Simple High-Level Code for Cryptographic Arithmetic - With Proofs, Without Compromises.” Proceedings - IEEE Symposium on Security and Privacy, May-2019 (May 2019) © 2019 The Author(s) As Published 10.1109/SP.2019.00005 Publisher Institute of Electrical and Electronics Engineers (IEEE) Version Author's final manuscript Citable link https://hdl.handle.net/1721.1/130000 Terms of Use Creative Commons Attribution-Noncommercial-Share Alike Detailed Terms http://creativecommons.org/licenses/by-nc-sa/4.0/ Simple High-Level Code For Cryptographic Arithmetic – With Proofs, Without Compromises Andres Erbsen Jade Philipoom Jason Gross Robert Sloan Adam Chlipala MIT CSAIL, Cambridge, MA, USA fandreser, jadep, [email protected], [email protected], [email protected] Abstract—We introduce a new approach for implementing where X25519 was the only arithmetic-based crypto primitive cryptographic arithmetic in short high-level code with machine- we need, now would be the time to declare victory and go checked proofs of functional correctness. We further demonstrate home. Yet most of the Internet still uses P-256, and the that simple partial evaluation is sufficient to transform such initial code into the fastest-known C code, breaking the decades- current proposals for post-quantum cryptosystems are far from old pattern that the only fast implementations are those whose Curve25519’s combination of performance and simplicity. instruction-level steps were written out by hand.
  • The Quadratic Sieve Factoring Algorithm

    The Quadratic Sieve Factoring Algorithm

    The Quadratic Sieve Factoring Algorithm Eric Landquist MATH 488: Cryptographic Algorithms December 14, 2001 1 1 Introduction Mathematicians have been attempting to find better and faster ways to fac- tor composite numbers since the beginning of time. Initially this involved dividing a number by larger and larger primes until you had the factoriza- tion. This trial division was not improved upon until Fermat applied the factorization of the difference of two squares: a2 b2 = (a b)(a + b). In his method, we begin with the number to be factored:− n. We− find the smallest square larger than n, and test to see if the difference is square. If so, then we can apply the trick of factoring the difference of two squares to find the factors of n. If the difference is not a perfect square, then we find the next largest square, and repeat the process. While Fermat's method is much faster than trial division, when it comes to the real world of factoring, for example factoring an RSA modulus several hundred digits long, the purely iterative method of Fermat is too slow. Sev- eral other methods have been presented, such as the Elliptic Curve Method discovered by H. Lenstra in 1987 and a pair of probabilistic methods by Pollard in the mid 70's, the p 1 method and the ρ method. The fastest algorithms, however, utilize the− same trick as Fermat, examples of which are the Continued Fraction Method, the Quadratic Sieve (and it variants), and the Number Field Sieve (and its variants). The exception to this is the El- liptic Curve Method, which runs almost as fast as the Quadratic Sieve.
  • Program of the Sessions San Diego, California, January 9–12, 2013

    Program of the Sessions San Diego, California, January 9–12, 2013

    Program of the Sessions San Diego, California, January 9–12, 2013 AMS Short Course on Random Matrices, Part Monday, January 7 I MAA Short Course on Conceptual Climate Models, Part I 9:00 AM –3:45PM Room 4, Upper Level, San Diego Convention Center 8:30 AM –5:30PM Room 5B, Upper Level, San Diego Convention Center Organizer: Van Vu,YaleUniversity Organizers: Esther Widiasih,University of Arizona 8:00AM Registration outside Room 5A, SDCC Mary Lou Zeeman,Bowdoin upper level. College 9:00AM Random Matrices: The Universality James Walsh, Oberlin (5) phenomenon for Wigner ensemble. College Preliminary report. 7:30AM Registration outside Room 5A, SDCC Terence Tao, University of California Los upper level. Angles 8:30AM Zero-dimensional energy balance models. 10:45AM Universality of random matrices and (1) Hans Kaper, Georgetown University (6) Dyson Brownian Motion. Preliminary 10:30AM Hands-on Session: Dynamics of energy report. (2) balance models, I. Laszlo Erdos, LMU, Munich Anna Barry*, Institute for Math and Its Applications, and Samantha 2:30PM Free probability and Random matrices. Oestreicher*, University of Minnesota (7) Preliminary report. Alice Guionnet, Massachusetts Institute 2:00PM One-dimensional energy balance models. of Technology (3) Hans Kaper, Georgetown University 4:00PM Hands-on Session: Dynamics of energy NSF-EHR Grant Proposal Writing Workshop (4) balance models, II. Anna Barry*, Institute for Math and Its Applications, and Samantha 3:00 PM –6:00PM Marina Ballroom Oestreicher*, University of Minnesota F, 3rd Floor, Marriott The time limit for each AMS contributed paper in the sessions meeting will be found in Volume 34, Issue 1 of Abstracts is ten minutes.