DOCSLIB.ORG

A Study of Factoring Algorithms Related to the RSA Cryptosystems

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Study of Factoring Algorithms Related to the RSA Cryptosystems A study of Factoring Algorithms related to the RSA Cryptosystems by NORLIZA BINTI MOHAMED Dissertation submitted in partial fulfillment of the requirements for the degree of Master of Science (Mathematics) May 2008 ACKNOWLEDGEMENT All praise to Allah, for his blessing and his grace to me gain enough strength to complete this dissertation. All difficulty can be overcomes with calm. Also prayer and regards for our prophet Muhammad S.A.W. with great reverence. My appreciation and high regard aimed specifically to Dr. Hailiza Binti Kamarul Haili who has supervised me to complete this dissertation. All sacrifice and her noble effort, only God is able to return it. My appreciation also goes to all School of Mathematical Sciences lecturers, Universiti Sains Malaysia, who had taught me during this course. Much affection to my beloved husband (Mohd Khir bin Ahmad) and mother (Merak Mas Binti Zakaria) who have given their sincere love, attention, support and understanding that have helped me get through good and rough times to me. I would like to express my deepest love and appreciation to my beloved children (Muhammad Nasrullah, Nur Karmila, Nur Dalila, Nur Qistina and Ahmad Zubair) for their endless love. Finally, to all involved, your sacrifice and assistance shall be remembered forever. What is good come from Allah S.W.T. and weaknesses are all mine. Wallahua'alarn. Thank you very much. 11 CONTENTS Acknowledgement. .............................................................................. .ii Contents ........................................................................................... .iii List of tables ....................................................................................... v Abstrak ............................................................................................. vi Abstract .............................................................................................vii CONTENTS CHAPTER 1 : INTRODUCTION 1.1 Introduction .................................................................. 1 1.2 Objectives .................................................................... 3 1.3 Dissertation outline ......................................................... 3 CHAPTER 2 : LITERATURE REVIEW ON RSA CRYPTOSYSTEMS 2.1 Introduction .................................................................. 5 2.2 History ........................................................................ 6 2.3 RSA Cryptosystem ......................................................... 8 2.4 Implementation ofRSA ................................................... 10 2.5 The RSA Algorithm ........................................................ 12 CHAPTER 3 : PRIMALITY TEST 3.1 Naive methods .............................................................. 20 3.2 Probabilistic tests.......................................................... 21 111 3.3 Miller-Robin methods ..................................................... 22 3.3.1 Mathematica Function for the Primality Test. ................... 25 3.4 Fermat Test .................................................................. 26 CHAPTER 4: FACTORING ALGORITHMS 4.1 Integer Factorization ....................................................... 29 4.2 The Pollard p- 1 Factoring Algorithm .................................. 30 4.2.1 Pseudocode: Pollard p-1 Factorization ......................... 32 4.3 The Pollard Rho Algorithm ............................................... 32 4.3.1 Pseudocode: Pollard Rho Factorization .......................... 35 4.4 The Pollard p -1 and Pollard's Rho Findings ........................... 36 4.5 Number Field Sieve ........................................................ 40 4.5.1 General Number Field Sieve .................................... 43 4.5.2 Special Number Field Sieve.................................... 47 CHAPTER 5 : GENERAL NUMBER FIELD SIEVE IN RSA 5.1 Factorization Record using GNFS ....................................... 50 5.2 RSA Number (Factoring Challenge) .................................... 51 5.3 Attacks on RSA............................................................ 53 5.3.1 Cracking the RSA encryption system ........................... 54 CHAPTER 6 : CONCLUSION AND SUGGESTIONS FOR FURTHER WORKS 6.1 Conclusion . 55 6.2 Suggestions for further work............................................ 56 References Attachment lV List of Tables Page Table 4.4.1 : The Pollard p- 1 Methods 38 Table 4.4.2 : The Pollard's Rho Methods 39 Table 4.5.2.1 :Factoring Using the Special Number Field Sieve 41 Table 4.5.1.2 :Factoring Using the General Number Field Sieve 42 Table 4.5.1.1 : Shows the summarizes the possibilities divisibility Scenarios 45 Table 5.2.1 :The table shows the recorded RSA Numbers factored with the 52 algorithm used. v Abstrak SATU KAJIAN TENTANG ALGORITMA PEMFAKTORAN DAN PERKAITANNYA DALAM RSA KRIPTOSISTEM Kriptografi adalah merujuk kepada satu kajian mengenai cara menghantar mesej/ maklumat secara rahsia di mana hanya penerima maklumat tersebut sahaja yang dapat membaca maklumat yang disampaikan. Dalam tahun 1977, Ronal Rivest, Adi Shamir dan Leonard Adleman dengan menggunakan nama keluarga masing-masing RSA telah mencipta satu teknologi baru dalam dunia Kriptografi yang dipanggil RSA Kriptosistem. Sistem ini adalah kriptosistem 'public-key' yang mana telah memperkenalkan kedua-dua kunci 'encrypt' dan 'decrypt'. Keberkesanan RSA Kriptosistem bergantung kepada nombor perdana yang di gunakan dan juga kepada algoritma pemfaktoran integer yang efektif. Di dalam tesis ini kita membincangkan beberapa algoritma pemfaktoran dan juga pengujian nombor perdana yang berkaitan dengan kriptosistem RSA. Beberapa contoh juga ada di tunjukkan untlik menampilkan konsep matematik yang di gunakan. Kita juga telah menggunakan programming MATHEMA TICA untuk membantu memahami pengujian nombor perdana dan juga pemfaktoran nombor komposit kepada nombor­ nombor perdana. Beberapa penemuan oleh para penyelidik didalam pemfaktoran integer ada di tunjukkan dan dibincangkan. Kemungkinan di masa yang akan datang, kita akan menjumpai satu algoritma yang lebih efisien dalam pemfaktoran integer yang besar. InsyaAllah. Vl Abstract Cryptography is referred to the study of methods for sending messages in secret so that the intended recipient can remove the disguise and read the message. Now, this cryptography is extremely useful. In 1977, Ronald Rivest, Adi Shamir and Leonard Adleman with the initial of their surnames RSA were publicly a RSA Cryptosystem. This RSA Cryptosystem is a public-key cryptosystem that offers both encryption and digital signatures which is more secure. RSA cryptosystem relies very much on the length of the prime numbers used as well as the effectiveness of the available integer factoring algorithms. In this thesis several factoring algorithms and primality tests related to the RSA cryptosystem are discussed. Some examples are given as to indicate the underlying mathematical concepts used m the process. A mild programmmg usmg MATHEMATICA were also carried out for primality test and factoring composite numbers into primes. Some challenges and results on the latest development in integer factorization are shown and discussed. It is possible that new factoring algorithms may be developed in the future which once again targeted primes with certain properties. Vll CHAPTERl INTRODUCTION 1.1 Introduction A study of cryptography is a study of the science of writing in secret code which is an ancient art. In 1977, Ron Rivest, Adi Shamir and Leonard Adleman proposed a public­ key cryptosystem that uses only elementary ideas from number theory (Johannes, 2000). Shortly after that they developed a cryptosystem that was the first real public-key cryptosystem capable of encryption and digital signatures. Their enciphering system is called RSA, after the initials of the algorithm's inventors. Its security depends on the assumption that in the current state of computer technology, the factorization of composite with large prime factors is prohibitively time-consuming. The RSA algorithm has become the foundation of an entire generation of public key cryptography security products because it provides secure communications over distances between parties that have not previously met. Indeed, RSA has provided the ideal mechanism required for private communications over electronic networks. It forms the basis of almost all of the security products currently in use on the Internet for financial and other private communications, including most organizational level Public Key Infrastructure systems. RSA uses a variable size encryption block and a variable size key. The key-pair is derived from a very large number, n, that is the product of two prime numbers chosen according to special rules. These primes may be 100 or more digits in length each, yielding an n with roughly twice as many digits as the prime factors. The public key information 1 includes n and a derivative of one of the factors of n; an attacker cannot determine the prime factors of n (and, therefore, the private key) from this information alone and that is what makes the RSA algorithm so secure. The ability for computers to factor large numbers, and therefore attack schemes such as RSA, is rapidly improving. The systems today can even find the prime factors of numbers with more than 200 digits. Nevertheless, if a large number is created from two prime factors that are roughly of the same size, there is no known factorization algorithm that will solve the problem in a reasonable amount
Load more

Recommended publications
  • Lecture 9: Arithmetics II 1 Greatest Common Divisor
    DD2458, Problem Solving and Programming Under Pressure Lecture 9: Arithmetics II Date: 2008-11-10 Scribe(s): Marcus Forsell Stahre and David Schlyter Lecturer: Douglas Wikström This lecture is a continuation of the previous one, and covers modular arithmetic and topics from a branch of number theory known as elementary number theory. Also, some abstract algebra will be discussed. 1 Greatest Common Divisor Definition 1.1 If an integer d divides another integer n with no remainder, d is said to be a divisor of n. That is, there exists an integer a such that a · d = n. The notation for this is d | n. Definition 1.2 A common divisor of two non-zero integers m and n is a positive integer d, such that d | m and d | n. Definition 1.3 The Greatest Common Divisor (GCD) of two positive integers m and n is a common divisor d such that every other common divisor d0 | d. The notation for this is GCD(m, n) = d. That is, the GCD of two numbers is the greatest number that is a divisor of both of them. To get an intuition of what GCD is, let’s have a look at this example. Example Calculate GCD(9, 6). Say we have 9 black and 6 white blocks. We want to put the blocks in boxes, but every box has to be the same size, and can only hold blocks of the same color. Also, all the boxes must be full and as large as possible . Let’s for example say we choose a box of size 2: As we can see, the last box of black bricks is not full.
    [Show full text]
  • An Analysis of Primality Testing and Its Use in Cryptographic Applications
    An Analysis of Primality Testing and Its Use in Cryptographic Applications Jake Massimo Thesis submitted to the University of London for the degree of Doctor of Philosophy Information Security Group Department of Information Security Royal Holloway, University of London 2020 Declaration These doctoral studies were conducted under the supervision of Prof. Kenneth G. Paterson. The work presented in this thesis is the result of original research carried out by myself, in collaboration with others, whilst enrolled in the Department of Mathe- matics as a candidate for the degree of Doctor of Philosophy. This work has not been submitted for any other degree or award in any other university or educational establishment. Jake Massimo April, 2020 2 Abstract Due to their fundamental utility within cryptography, prime numbers must be easy to both recognise and generate. For this, we depend upon primality testing. Both used as a tool to validate prime parameters, or as part of the algorithm used to generate random prime numbers, primality tests are found near universally within a cryptographer's tool-kit. In this thesis, we study in depth primality tests and their use in cryptographic applications. We first provide a systematic analysis of the implementation landscape of primality testing within cryptographic libraries and mathematical software. We then demon- strate how these tests perform under adversarial conditions, where the numbers being tested are not generated randomly, but instead by a possibly malicious party. We show that many of the libraries studied provide primality tests that are not pre- pared for testing on adversarial input, and therefore can declare composite numbers as being prime with a high probability.
    [Show full text]
  • Enclave Security and Address-Based Side Channels
    Graz University of Technology Faculty of Computer Science Institute of Applied Information Processing and Communications IAIK Enclave Security and Address-based Side Channels Assessors: A PhD Thesis Presented to the Prof. Stefan Mangard Faculty of Computer Science in Prof. Thomas Eisenbarth Fulfillment of the Requirements for the PhD Degree by June 2020 Samuel Weiser Samuel Weiser Enclave Security and Address-based Side Channels DOCTORAL THESIS to achieve the university degree of Doctor of Technical Sciences; Dr. techn. submitted to Graz University of Technology Assessors Prof. Stefan Mangard Institute of Applied Information Processing and Communications Graz University of Technology Prof. Thomas Eisenbarth Institute for IT Security Universit¨atzu L¨ubeck Graz, June 2020 SSS AFFIDAVIT I declare that I have authored this thesis independently, that I have not used other than the declared sources/resources, and that I have explicitly indicated all material which has been quoted either literally or by content from the sources used. The text document uploaded to TUGRAZonline is identical to the present doctoral thesis. Date, Signature SSS Prologue Everyone has the right to life, liberty and security of person. Universal Declaration of Human Rights, Article 3 Our life turned digital, and so did we. Not long ago, the globalized commu- nication that we enjoy today on an everyday basis was the privilege of a few. Nowadays, artificial intelligence in the cloud, smartified handhelds, low-power Internet-of-Things gadgets, and self-maneuvering objects in the physical world are promising us unthinkable freedom in shaping our personal lives as well as society as a whole. Sadly, our collective excitement about the \new", the \better", the \more", the \instant", has overruled our sense of security and privacy.
    [Show full text]
  • Bound Estimation for Divisors of RSA Modulus with Small Divisor-Ratio
    International Journal of Network Security, Vol.23, No.3, PP.412-425, May 2021 (DOI: 10.6633/IJNS.202105 23(3).06) 412 Bound Estimation for Divisors of RSA Modulus with Small Divisor-ratio Xingbo Wang (Corresponding author: Xingbo Wang) Department of Mechatronic Engineering, Foshan University Guangdong Engineering Center of Information Security for Intelligent Manufacturing System, China Email: [email protected]; [email protected] (Received Nov. 16, 2019; Revised and Accepted Mar. 8, 2020; First Online Apr. 17, 2021) Abstract make it easier to find the small divisor; articles [2, 10] found out the distribution of an odd integer's square-root Through subtle analysis on relationships among ances- in the T3 tree; articles [11, 15, 17] investigated divisors' tors, symmetric brothers, and the square root of a node distribution of an RSA number, presenting in detail how on the T3 tree, the article puts a method forwards to cal- two divisors distribute on the levels of the T3 tree in terms culate an interval that contains a divisor of a semiprime of their divisor-ratio. whose divisor-ratio is less than 3/2. Concrete mathemat- This paper, following the studies in [11, 15, 17], and ical reasonings to derive the method and programming based on the inequalities proved in [12] as well as the procedure from realizing the calculations are shown in theorems proved in [13, 16], gives in detail a bound esti- detail. Numerical experiments are made by applying the mation to the divisors of an RSA number. The results in method on both ordinary small semiprimes and the RSA this paper are helpful to design algorithm to search the numbers.
    [Show full text]
  • Enhancing the Securing RSA Algorithm from Attack
    Journal of Basic and Applied Engineering Research Print ISSN: 2350-0077; Online ISSN: 2350-0255; Volume 1, Number 10; October, 2014 pp. 48-63 © Krishi Sanskriti Publications http://www.krishisanskriti.org/jbaer.html Enhancing the Securing RSA Algorithm from Attack Swati Srivastava 1, Meenu 2 1M.Tech Student, Department of CSE, Madan Mohan Malaviya University of Technology, Gorakhpur, U.P. 2Department of CSE, Madan MohanMalaviya University of Technology, Gorakhpur, U.P. Abstract: The RSA public key and signature scheme is often used authenticity, integrity, and limited access to data. In in modern communications technologies; it is one of the firstly Cryptography we differentiate between private key defined public key cryptosystem that enable secure cryptographic systems (also known as conventional communicating over public unsecure communication channels. cryptography systems) and public key cryptographic systems. In praxis many protocols and security standards use the RSA, Private Key Cryptography, also known as secret-key or thus the security of the RSA is critical because any weaknesses in the RSA crypto system may lead the whole system to become symmetric-key encryption, has an old history, and is based on vulnerable against attacks. This paper introduce a security using one shared secret key for encryption and decryption. enhancement on the RSA cryptosystem, it suggests the use of The development of fast computers and communication randomized parameters in the encryption process to make RSA technologies did allow us to define many
    [Show full text]
  • Factorization of RSA-180
    Factorization of RSA-180 S. A. Danilov, I. A. Popovyan Moscow State University, Russia May 9, 2010∗ Abstract We present a brief report on the factorization of RSA-180, currently smallest unfactored RSA number. We show that the numbers of similar size could be factored in a reasonable time at home using open source factoring software running on a few Intel Core i7 PCs. 1 Introduction In 1991 RSA Labs published a list of semiprime numbers of different size and announced a reward for their factorization. The numbers from that list called RSA numbers became a measure of the quality of the factorization tools. We began working on our factorization project on November 2009. We started with the smallest unfactored RSA number for that moment, RSA-170, written in 170 decimal digits. The factorization was finished on 31 December 2009, then we found out that Dominik Bonenberger and Martin Krone [1] were ahead of us for two days and had already presented the RSA-170 prime de- compostion. Meanwhile the new world record in factorization was set [2] – the international team of scientists managed to factor the RSA-768, a 232 decimal digits long RSA number. On January 2010 after a short break we decided to continue the project and took the number RSA-180 = 191147927718986609689229466631454649812986246 276667354864188503638807260703436799058776201 365135161278134258296128109200046702912984568 752800330221777752773957404540495707851421041, the next smallest RSA number with unknown factorization. ∗Revised at 13.04.2010 1 2 Factorization of RSA-180 Our tools for factorization are essentially based on two open source implemen- tations of General Numebr Field Sieve (GNFS) algorithm – the community maintained GGNFS suite [3] and Jason Papadopoulos’s msieve [4].
    [Show full text]
  • Independence of the Miller-Rabin and Lucas Probable Prime Tests
    Independence of the Miller-Rabin and Lucas Probable Prime Tests Alec Leng Mentor: David Corwin March 30, 2017 1 Abstract In the modern age, public-key cryptography has become a vital component for se- cure online communication. To implement these cryptosystems, rapid primality test- ing is necessary in order to generate keys. In particular, probabilistic tests are used for their speed, despite the potential for pseudoprimes. So, we examine the commonly used Miller-Rabin and Lucas tests, showing that numbers with many nonwitnesses are usually Carmichael or Lucas-Carmichael numbers in a specific form. We then use these categorizations, through a generalization of Korselt’s criterion, to prove that there are no numbers with many nonwitnesses for both tests, affirming the two tests’ relative independence. As Carmichael and Lucas-Carmichael numbers are in general more difficult for the two tests to deal with, we next search for numbers which are both Carmichael and Lucas-Carmichael numbers, experimentally finding none less than 1016. We thus conjecture that there are no such composites and, using multi- variate calculus with symmetric polynomials, begin developing techniques to prove this. 2 1 Introduction In the current information age, cryptographic systems to protect data have become a funda- mental necessity. With the quantity of data distributed over the internet, the importance of encryption for protecting individual privacy has greatly risen. Indeed, according to [EMC16], cryptography is allows for authentication and protection in online commerce, even when working with vital financial information (e.g. in online banking and shopping). Now that more and more transactions are done through the internet, rather than in person, the importance of secure encryption schemes is only growing.
    [Show full text]
  • Introducing Quaternions to Integer Factorisation
    Journal of Physical Science and Application 5 (2) (2015) 101-107 doi: 10.17265/2159-5348/2015.02.003 D DAVID PUBLISHING Introducing Quaternions to Integer Factorisation HuiKang Tong 4500 Ang Mo Kio Avenue 6, 569843, Singapore Abstract: The key purpose of this paper is to open up the concepts of the sum of four squares and the algebra of quaternions into the attempts of factoring semiprimes, the product of two prime numbers. However, the application of these concepts here has been clumsy, and would be better explored by those with a more rigorous mathematical background. There may be real immediate implications on some RSA numbers that are slightly larger than a perfect square. Key words: Integer factorisation, RSA, quaternions, sum of four squares, euler factorisation method. Nomenclature In Section 3, we extend the Euler factoring method to one using the sum of four squares and the algebra p, q: prime factors n: semiprime pq, the product of two primes of quaternions. We comment on the development of P: quaternion with norm p the mathematics in Section 3.1, and introduce the a, b, c, d: components of a quaternion integral quaternions in Section 3.2, and its relationship 1. Introduction with the sum of four squares in Section 3.3. In Section 3.4, we mention an algorithm to generate the sum of We assume that the reader know the RSA four squares. cryptosystem [1]. Notably, the ability to factorise a In Section 4, we propose the usage of concepts of random and large semiprime n (the product of two the algebra of quaternions into the factorisation of prime numbers p and q) efficiently can completely semiprimes.
    [Show full text]
  • Question 1.1. What Is the RSA Laboratories' Frequently Asked
    Copyright © 1996, 1998 RSA Data Security, Inc. All rights reserved. RSA BSAFE Crypto-C, RSA BSAFE Crypto-J, PKCS, S/WAN, RC2, RC4, RC5, MD2, MD4, and MD5 are trade- marks or registered trademarks of RSA Data Security, Inc. Other products and names are trademarks or regis- tered trademarks of their respective owners. For permission to reprint or redistribute in part or in whole, send e-mail to [email protected] or contact your RSA representative. RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0 2 Table of Contents Table of Contents............................................................................................ 3 Foreword......................................................................................................... 8 Section 1: Introduction .................................................................................... 9 Question 1.1. What is the RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography? ................................................................................................................ 9 Question 1.2. What is cryptography? ............................................................................................10 Question 1.3. What are some of the more popular techniques in cryptography? ................... 11 Question 1.4. How is cryptography applied? ............................................................................... 12 Question 1.5. What are cryptography standards? ......................................................................
    [Show full text]
  • Parallel Strategy to Factorize Fermat Numbers with Implementation in Maple Software
    Journal of Software Parallel Strategy to Factorize Fermat Numbers with Implementation in Maple Software Jianhui Li*, Manlan Liu Foshan Polytechnic, Foshan City, PRC, 528000, China. * Corresponding author. Tel.: +86075787263015; email: [email protected] Manuscript submitted October 08, 2020; accepted December 11, 2020. doi: 10.17706/jsw.16.4.167-173 Abstract: In accordance with the traits of parallel computing, the paper proposes a parallel algorithm to factorize the Fermat numbers through parallelization of a sequential algorithm. The kernel work to parallelize a sequential algorithm is presented by subdividing the computing interval into subintervals that are assigned to the parallel processes to perform the parallel computing. Maple experiments show that the parallelization increases the computational efficiency of factoring the Fermat numbers, especially to the Fermat number with big divisors. Key words: Integer factorization, fermat number, parallel computing, algorithm. 1. Introduction Factorization of big integer has been a hard problem and has been paid attention to in mathematics and cryptography. Any factoring algorithm is both scientifically valuable and practically applicable, as stated in [1]. Historically, factorization of big integer always took huge computing resources and involved in parallel computing. For example, it took half a year and 80 4-cored CPUs of AMD Opteron @ 2.2GHz to factorize RSA768 [2]. Actually, Brent R P began to study the possibility of parallel computing early in 1990 since Pollard Rho algorithm came into being [3]. And then parallel approaches for the elliptic curve method (ECM), continued fraction, quadric sieve (QS) and number field sieve (NFS) were developed respectively [4]-[7]. Now the NFS has been regarded to be the most efficient method.
    [Show full text]
  • Improving the Speed and Accuracy of the Miller-Rabin Primality Test
    Improving the Speed and Accuracy of the Miller-Rabin Primality Test Shyam Narayanan Mentor: David Corwin MIT PRIMES-USA Abstract Currently, even the fastest deterministic primality tests run slowly, with the Agrawal- Kayal-Saxena (AKS) Primality Test runtime O~(log6(n)), and probabilistic primality tests such as the Fermat and Miller-Rabin Primality Tests are still prone to false re- sults. In this paper, we discuss the accuracy of the Miller-Rabin Primality Test and the number of nonwitnesses for a composite odd integer n. We also extend the Miller- '(n) Rabin Theorem by determining when the number of nonwitnesses N(n) equals 4 5 and by proving that for all n, if N(n) > · '(n) then n must be of one of these 3 32 forms: n = (2x + 1)(4x + 1), where x is an integer, n = (2x + 1)(6x + 1), where x is an integer, n is a Carmichael number of the form pqr, where p, q, r are distinct primes congruent to 3 (mod 4). We then find witnesses to certain forms of composite numbers with high rates of nonwitnesses and find that Jacobi nonresidues and 2 are both valuable bases for the Miller-Rabin test. Finally, we investigate the frequency of strong pseudoprimes further and analyze common patterns using MATLAB. This work is expected to result in a faster and better primality test for large integers. 1 1 Introduction Data is growing at an astoundingly rapid rate, and better information security is re- quired to protect increasing quantities of data. Improved data protection requires more sophisticated cryptographic methods.
    [Show full text]
  • Factoring & Primality
    Factoring & Primality Lecturer: Dimitris Papadopoulos In this lecture we will discuss the problem of integer factorization and primality testing, two problems that have been the focus of a great amount of research over the years. These prob- lems started receiving attention in the mathematics community far before the appearance of computer science, however the emergence of the latter has given them additional importance. Gauss himself wrote in 1801 \The problem of distinguishing prime numbers from composite numbers, and of resolving the latter into their prime factors, is known to be one of the most important and useful in arithmetic. The dignity of the science itself seems to require that every possible means be explored for the solution of a problem so elegant and so celebrated." 1 Factorization Problems The following result is known as the Fundamental Theorem of Arithmetic: Theorem 1 Every n 2 Z with n 6= 0 can be written as: r Y ei n = ± pi i=1 where pi are distinct prime numbers and ei are positive integers. Moreover, this representa- tion is unique (except for term re-ordering). This celebrated result (already known at Euclid's time) unfortunately does not tell us any- thing about computing the primes pi or the powers ei except for their existence. This naturally leads to the following problem statement known as the integer factorization problem: Problem 1 Given n 2 Z with n 6= 0, compute primes pi and positive integers ei for i = Qr ei 1; :::; r s.t. i=1 pi = n. Clearly, if n is a prime number then the factorization described above is trivial.
    [Show full text]