Distribution of RSA Number's Divisor on T3 Tree
International Journal of Information and Electronics Engineering, Vol. 9, No. 1, March 2019
Distribution of RSA Number’s Divisor on T3 Tree
Xingbo Wang and Hongqiang Guo
modulus should be in a T3 tree, and thereby provides Abstract —The article investigates the detail distribution of theoretically foundations to the results in paper [13]. RSA modulus’ small divisor in the T3 tree in terms of the divisor-ratio. It proves that, the distribution of the small II. HELPFUL HINTS divisor in T3 tree is completely determined by the divisor-ratio and the parity of the level where the RSA modulus lies, the A. Definitions and Notations small divisor of a RSA modulus lying on an even level lies on Let S be a set of finite positive integers with s and the same level as where the square root of the modulus is 0 clamped, whereas that of a modulus on an odd level possibly sn being the smallest and the biggest terms respectively; an lies on the same level or the higher adjacent level of the square integer x is said to be clamped in S if s x s . Symbol root. Through mathematical induction, it shows that a smaller 0 n divisor-ratio results in a closer position of the small divisor to xS indicates that x is clamped in S . Symbol x is the the square root of a RSA modulus. floor function, an integer function of real number x that Index Terms—Cryptography, RSA modulus, divisor ratio, satisfies inequality x1 x x , or equivalently binary tree. x x x 1 . Let N pq be an odd integer with q 1pq; then k is called the divisor-ratio of N. I. INTRODUCTION p The RSA modulus, which is also called a RSA number, is In this whole paper, symbol T3 is the T3 tree that was a big semiprime composed of two distinct prime divisors, introduced in [3], [7] and symbol N(,)kj is by default the say p and q with 3 pqsuch that 1qp / 2 , node at position j on level k of T3 , where k 0 and according to the American Digital Signature Standard (DSS) 0j 2k 1 . By using the asterisk wildcard *, [1]. As stated in [2], the RSA numbers have been essentially important in cryptography ever since the RSA public symbol N(k ,*) means a node lying on level k . An integer X cryptosystem was established. It is believed that, a is said to be clamped on level k of T if 2kk12X 2 1 systematic theory or method that can factorize the RSA 3 numbers means the failure of the RSA public cryptosystem. and symbol Xk indicates X is clamped on level k . An kk12 Thus factorization of the RSA numbers has been a dream odd integer O satisfying 2 1 O 2 1 is said to be on filled with fantasies of researchers and engineers working on level k of T3 , and use symbol Okto express it. Symbol information security. Nevertheless, the list of unfactroized ()p q k means integers p and q are on the same level RSA numbers gets longer and longer on the bulletin. k or clamped on the same level k . Symbol AB means Recently, a T -tree approach has revealed activities in 3 A holds and simultaneously B holds, symbol AB means studying the integers. The approach originates from paper [3], followed by a series of papers, as list in the references A or B holds. Symbol ()a b c means a takes the value from [4]-[13]. of b and ac . Symbol AB means conclusion B can be In the paper [13], a theorem, which was marked with derived from condition A. Proposition 1 in the paper, was proved to show the scopes of B. Lemmas the divisors p and q in accordance with the variation of the divisor-ratio by 1qp / 2 , 1qp / 1.5 and Lemma 1 (See in [3] & [7]). T3 Tree has the following fundamental properties. 1qp / 2 . The paper also proposed three interval- (P1). Every node is an odd integer and every odd integer subdivisions that could indicate which subinterval the two bigger than 1 must be on the T3 tree. Odd integer N with divisors lie in. However, that paper was lack of N>1 lies on level log2 N 1 . mathematical analysis to show why the proposed (P2). N is calculated by subdivision should be those ones. It seemed that the (,)kj proposed subdivisions were coming suddenly from the kk1 heaven and accordingly a question whether there is better N(,)kj 2 1 2 j , j 0,1,...,2 1 one is naturally asked by readers. To make it clear, this paper proves in detail where the small divisor of a RSA and thus
kk12 Manuscript received December 5, 2018; revised March 14, 2019. 2 1 N(,)kj 2 1 The authors are with Department of Mechatronic Engineering, Foshan University, Foshan, PRC and Guangdong Engineering Center of Information Security for Intelligent Manufacturing System, Foshan, China (P3) The biggest node on level k of the left branch (e-mail: [email protected]; [email protected]). doi: 10.18178/ijiee.2019.9.1.699 23 International Journal of Information and Electronics Engineering, Vol. 9, No. 1, March 2019 is 2kk1 2 1whose position is j 21k 1 , and the smallest yields kk1 node on level k of the right branch is 2 2 1 whose n x nx n( x 1) 1 position is j 2k 1 . On the same level, there is not a node that is a multiple of another one. III. MAIN RESULTS AND PROOFS
(P4) Multiplication of arbitrary two nodes of T3, Proposition 1. Let N 3 be an odd integer and say N(,)m and N(,)n , is a third node of T3. Let kNlog2 1 ; then J 2(1mn 2) 2(1 2) 2 ; the
NN k1 k 1 k 1 multiplication (,)(,)mnis given by 1 N 22 2 2 2 2 (1) 2 mn2 NNJ(,)(,)mn 2 1 2 when k is even, whereas mn1 If J 2 , then NNN(m , ) ( n , ) ( m n 1, J ) lies on level k1 k 1 k 1 k 1 12 mn1 2 2 N 2 2 mn1 of T3; whereas, if J 2 , 2 2 2 2 (2) mn1 2 NNN(m , ) ( n , ) ( m n 2, ) with J 2 lies on level mn2of T3. when k is odd. Lemma 2(See in [10 ]). Let N 3 be an odd integer and k 1 Proof. Direct calculation yields kNlog2 1 ; then N 1 . Particularly, 2 kk12 k 1 kk12 k 1 2NN 2 222 2 (N 22 2 ) 1 when k is odd, whereas kk12 2 11N 2222 k 1 2 k 1 ( 22 2N ) 1 when k is even. 2 By Lemma 4 (P13) it holds
Lemma 3(See in [13 ]). Let N pq be an odd integer kk12 11 N 2222 q with 1pqand 1 ; then 2 p k 1 k 2 1 1 Let 2 2 B ; then 222 B and thus 31 N p N N q N 22 N BB2 (3) where x 0 if x 0 . 2 Particularly, when 2 , it yields kk11 Let ; then 0 when k is odd and N 3 22 p N N q N 22 0.5 when k is even. By Lemma 4 (P14), it holds 3 when , it yields k1 k 1 k 1 2 2 2 1 2 BB2 2 2 (2 1) (4) 35 N p N N q N 44 and and when 2 it holds k1 k 1 k 1 1 BB2 22 2 2 2 2 2 (22 1) (5) 2 1 2 1 (1 ) N p N N q N 22
Now suppose k is even; then (4) becomes Lemma 4 (See in [14]). For real numbers x and y, it holds (P13) x y x y kk11 22 0.5 1 (P14) n x n x B 2 2 (2 1) Lemma 5 (See in [15]). Let and x be a positive real k1 k 1 k 1 21 1 numbers; then it holds 22 ( 1) 2 2 ( 1) 2 2 22 x 1 x ( x 1)
Particularly, if is a positive integer, say n , then it and (5) becomes
24 International Journal of Information and Electronics Engineering, Vol. 9, No. 1, March 2019
kk11 11 By Lemma 4 (P13) it holds 22 22 B 2 2 2 (2 1) 0 k1 k 1 k 2 k 2 1 2 1 2 2 23 2 2 2 2 N 2 2 which says an even k yields 4
k1 k 1 k 1 1 kk11 kk22 2 2 N 2 12 12 2 2 2 (6) Let 2222 ; then 222 2 2 and thus 2 3 If k is odd; then (4) becomes N 2 (12) 4 k1 k 1 k 1 1 2 2 01 2 B 2 2 (2 1) 2 (7) Note that, by Lemma 4 (P14), it holds
k1 k 1 k 1 and (5) becomes 2 2 2 12 2 2 2 (2 2 1) (13) kk11 1 0 22 2 B 2 2 2 (2 1) and (8) k1 k 1 k 1 k1 k 1 k 1 13 2 23 2 2 2 22 ( 1) 2 2 ( 1) 2 2 2 2 2 2 2 (222 2 1) (14) 24 That is, an odd k leads to 3 2 1 By 1 , it can see by Lemma 5 that, when k 0 k1 k 1 k 1 k 1 4 32 12N 22 2 2 2 2 2 2 (9) is even 2 kk11 22 0.5 1 0.5 2 Corollary 1. Let (N pq ) 3 be an odd integer with 2 2 (2 2 1) q 12and kNlog 1 ; then it holds k1 k 1 k 1 2 1 1 3 2 5 p 22 ( 1) 2 2 ( 1) 2 2 2 2 2 4 kk11 pp 21 22 and
kk11 1 1 1 3 2 222 2 (22 2 2 2 2 1) k 1 Proof. By Lemma 2, it always holds N 1 . 2 kk11 1 1 N q 222 (1 1) 2 By Lemma 3, pNwhen 12 . By 2 2 p Nk1 Thereby an even k yields Proposition 1, 2 . Consequently, 22 k1 k 1 k 1 k 1 kk11 51 2 2 3 2 2 pp 21 . 2 2 N 2 2 (15) 22 4 Proposition 2. Let N 3 be an odd integer and
kNlog2 1 ; then On the other hand, when k 2 is odd
kk11 k1 k 1 k 1 k 1 22 0 1 0 2 51 2 2 (2 2 1) 2 2 3 2 2 2 2 N 2 2 (10) 4 kk11 1 1 3 222 ( 1) 2 ( 1) when k is even, whereas 2 4 4 k1 k 1 k 1 k 1 k 1 24 2 2 2 3 2 2 2 2 2 N 2 2 (11) 2 4 and when k is odd. kk11 13 Proof. Direct calculation yields 00 22 22 2 2 2 (2 2 1) kk12 kk1222 2NN 2 2 2 k 1 11 kk12 2 223 2 ( 1) 222 (2 1) N 2 (2 1) 2 2 2 4 k1 k 1 k 2 k 2 k 1 1 23 1 2 2 32 22 2 2 N 2 2 2 2 2 ( 1) 4 4
25 International Journal of Information and Electronics Engineering, Vol. 9, No. 1, March 2019
1 3 2 1 kk11 22 Since 1 , it holds 22 32 4 16 (20) kk11 k 1 4 22 22 (21 2 2 2 3 1) 2 2 2 Accordingly an odd k yields and
k1 k 1 k 1 k 1 24 2 2 3 2 2 kk11 2 2 N 2 2 (16) 22 4 2 2 2 2 (21) Corollary 2. Let (N pq ) 3 be an odd integer with k 1 1 3 5 2 222 q 3 2 (2 2 2 1) 1 and kNlog 1; then p 2 2 1 7 2 1 By 1 , it can see by Lemma 4 (P13) that, k 1 p 1 8 8 4 2 when k 0 is even
when k is even, whereas kk11 222 2 (20.5 1 2 0.5 2 2 0.5 3 1) kk11 pp 21 22 k 1 1 1 1 22 ( 1) k 2 when is odd. 2 2 2 2 2 k 1 kk11 Proof. By Lemma 2, it always holds N 1 . 3 22 72 2 2 ( 1) 2 8 3 q 3 By Lemma 3, N p N when 1 . By 4 p 2 and
31 k kk11 1 1 1 3 1 5 Proposition 2, N 1 when k is even whereas 22 2 2 2 2 2 2 42 2 2 2 (2 2 2 1) 3 kk 1 3 1 NN21 when k is odd. k1 k 1 k 1 12 4 2 4 2 2 11 2 2 2 ( ) 2 2 Proposition 3 Let N 3 be an odd integer and 24 kNlog 1; then 2 which says,
k1 k 1 k 1 k 1 k 1 k1 k 1 k 1 k 1 k 1 3 1 2 3 1 2 2 2 7 2 2 2 7 2 2 N 2 2 2 (17) 2 2 2 2 2 2 2 N 2 2 2 (22) 8 8
when k is even, whereas When k 2 is odd
k1 k 1 k 1 k 1 k 1 3 2 4 kk11 2 2 7 2 2 2 2 2 N 2 2 2 (18) 22 0 1 0 2 0 3 8 2 2 (2 2 2 1) kk11 when k is odd. 1 1 1 3 222 ( 1) 2 Proof. Direct calculation yields 2 4 8 kk12 2kk12NN 2 222 2 and kk12 33 227 222 (221) N 2 (221) kk11 1 3 5 000 8 2 222 2 (2222 2 2 1) k1 k 1 k 1 k 2 k 2 k 2 1 2 37 1 2 3 22 2 2 2 2 N 2 2 2 2 2 2 8 kk11 k1 k 1 k 1 k 2 k 2 k 2 1 1 1 7 2 1 2 3 1 2 3 22 2 2 27 2 2 2 2 ( 1) 2 ( 1) 2 2 2 N 2 2 2 2 2 2 22 2 8 8
k1 k 1 k 1 1 2 3 1 7 2 1 Let 22 2 2 2 2 ; then By 1 , it knows 8 8 4 k2 k 2 k 2 1 2 3 2 2 2 2 2 2 2 and thus kk11 2 22 2 2 2 7 N 2 (19) 8 Accordingly an odd k yields
kk11 k1 k 1 k 1 k 1 32 Letting yields 2 2 7 2 2 22 2 2 N 2 2 (23) 8
26 International Journal of Information and Electronics Engineering, Vol. 9, No. 1, March 2019
Corollary 3. Let (N pq ) 3 be an odd integer with when k is even, whereas q 5 1 and kNlog 1; then p 4 2 kk11 pp 21 22 k 1 p 1 2 when k is odd. k 1 when k is even, whereas Proof. By Lemma 2, it always holds N 1 . 2 kk11 21 q By Lemma 3, (1 ) N pNwhen1 2 . pp 21 22 2 p 21 k 1 when k is odd. By Proposition 2, (1 ) N 1 when k is 2 2 k 1 Proof. By Lemma 2, it always holds N 1 . 2 21 k 1 even whereas (1 ) N 2 2 2 7 q 5 By Lemma 3, N p N when 1 . By 8 p 4 21 k 1 1 (1 ) N when k is odd. 71 k 2 2 Proposition 3, N 1 when k is even whereas 82 Theorem 1. For a RSA modulus N pq with 1 pq,
7 kk 1 7 1 the distribution of divisor p in T3 tree is completely NN21 when k is odd. q 8 2 8 2 determined by the divisor-ratio 12 and integer p Proposition 4. Let N 3 be an odd integer and kNlog2 1 . When k is even, there is an 0 with be an odd integer; then kNlog2 1 3 k 1 q 0 2 such that p 1 when 1 0 whereas 2 2 p k1 k 1 k 1 k 1 k 1 5 1 2 2 2 21 2 2 2 k 1 q 2 2 (1 )N 2 2 2 (24) p 2 when 0 2 . When k is odd, 2 2 p kk11 pp 21 and the smaller is the when k is even, whereas 22
k1 k 1 k 1 k 1 closer p is to N . 22 2 2 21 2 2 2 2 (1 )N 2 2 (25) Proof. A simple summarization of the cases proved in 2 Proposition 1, Proposition 2 and Proposition 3 immediately conclusions of the theorem. when k is odd. 3 2 1 7 Proof. The inequality 1 immediately yields 4 2 8 IV. NUMERICAL EXPERIMENT IN MATHEMATICA
3 2 1 7 To test the proved conclusions, numerical experiment was NNN (1 ) (26) made with Mathematica. The experiment first chose 4 2 8 randomly semiprime N from the semiprime table, e.g., from The On-Line Encyclopedia of Integer Sequences (OEIS), When k is even, referring to (15) and (18), it leads to then located N’s level by kNN log2 1 , calculated
k1 k 1 k 1 k 1 k 1 521 1 2 N and its level kNlog 1 , checked N’s 22 2 2 (1 )N 2 2 2 2 2 2 (27) sn 2 2 smaller divisor p and its level by kpp log2 1 , checked
and when k is odd, referring to (16) and (22), it leads to the divisor-ratio and judge the consistency to Theorem 1. Mathematica programs are list as follows.
k1 k 1 k 1 k 1 2221 22 2 2 (1 )N 2 2 2 2 (28) flsqrt[ N _]: Floor [ Sqrt [ N ]]; 2 Log[] N kn[ N _]: Floor [ ] 1;(* levelofN *) Log[2] Corollary 3. Let (N pq ) 3 be an odd integer with Log[ Floor [ Sqrt [ N ]] 0.01] ksn[ N _]: Floor [ ] 1;(* levelofSqrt [ N ]*) q Log[2] 12 and kNlog2 1; then Log[] p p kp[ p _]: Floor [ ] 1;(* levelofp *) Log[2] N k 1 ratio[ N _, p _]: 2 ; p 1 p 2
27 International Journal of Information and Electronics Engineering, Vol. 9, No. 1, March 2019
inDataN {72593,386757,489779,753041,2350553,4538873,8772041}; the theorem. Take 489779 as another example. inDataP {229,441,647,739,1259,2029,2659}; 489779 17 ( 1.17002) 1.5 (p 647) 8 . For the r1 Table [ inDataN [[ i ]],{ i ,7}];(* N *) numbers 753041 and 2350553, their small divisors lie on the r2 Table [ kn [ inDataN [[ i ]]],{ i ,7}];(* N ' slevel *) levels as expected. r3 Table [ flsqrt [ inDataN[[ i ]]],{ i ,7}];(* Sqrt ( N )*) r4 Table [ ksn [ inDataN [[ i ]]],{ i ,7}];(* sqrtN ' slevel *) r5 Table [ inDataP [[ i ]],{ i ,7}];(* p *) V. CONCLUSION r6 Table [ kp [ inDataP [[ i ]]],{ i ,7}];(* p ' slevel *) r7 Table [ ratio [ inDataN [[ i ]], inDataP [[ i ]]] / /Ni ,{ ,7}]; It is undoubtedly meaningful to know the divisors’ range t { r 1, r 2, r 3, r 4, r 5, r 6, r 7}/ / MatrixForm of a RSA modulus. The investigation in this paper discloses the deep relationship between the divisor-ratio and the TABLE I. NUMERICAL EXPERIMENT IN MATHEMATICA distribution of the small divisor. The propositions and theorem proved in this paper indicate that, factorization of Nk& sn Nk& N pk& p the RSA numbers may be achieved via a small search on specific level of T3 tree, and the smaller the divisor-ratio is 72593 15 269 7 229 6 1.38428 the easier the search will be done. This discovers an opposite direction to the classics thoughts that the smaller 386757 17 621 8 441 7 1.98866 the divisor-ratio is the harder is the factorization. Hope 647 8 489779 17 699 8 1.17002 future work would be successful in the related researches. 753041 18 867 8 739 8 1.37889 2350553 20 1259 9 ACKNOWLEDGEMENTS 1533 9 1.48292 The research work is supported by the State Key 4538873 21 2029 9 2130 10 1.10251 Laboratory of Mathematical Engineering and Advanced Computing under Open Project Program No.2017A01, the 8772041 22 2659 10 2961 10 1.24069 Youth Innovative Talents Project (Natural Science) of Education Department of Guangdong Province under grant 2016KQNCX192, 2017KQNCX230. The authors sincerely present thanks to them all.
REFERENCES [1] National Institute of Standards and Technology (NIST), Digital signature standard (DSS), FIPS Publication 186-3, June 2009. [2] X. B. Wang, “Strategy for algorithm design in factoring RSA numbers,” IOSR Journal of Computer Engineering, vol. 19, no. 3 (ver. II), pp. 1-7, 2017. [3] X. B. Wang, “Valuated binary tree: A new approach in study of integers,” International Journal of Scientific and Innovative
Mathematical Research, vol. 4, no. 3, pp. 63-67, 2016. [4] X. B. Wang, “Amusing properties of odd numbers derived from valuated Binary tree,” IOSR Journal of Mathematics, vol. 12, no. 6, pp. 53-57, 2016. [5] X. B. Wang, “Genetic traits of odd numbers with applications in factorization of integers,” Global Journal of Pure and Applied Mathematics, vol. 13, no. 2, pp. 493-517, 2017.
[6] X. B. Wang, “Two more symmetric properties of odd numbers,” IOSR Journal of Mathematics, vol. 13, no. 3 (ver. II), pp. 37-40, 2017. [7] X. B. Wang, “T3 tree and its traits in understanding integers,” Advances in Pure Mathematics, vol. 8, no. 5, pp. 494-507, 2018. [8] G. H. Chen and J. H. Li, “Brief investigation on square root of a node
of T3 tree,” Advances in Pure Mathematics, vol. 8, no. 7, pp. 666-671, 2018. [9] X. B. Wang, “Some inequalities on T3 tree,” Advances in Pure
Mathematics, vol. 8, no. 8, pp. 711-719, 2018. [10] X. B. Wang, “More on square and square root of a node on T3 tree,”
International Journal of Mathematics and Statistics Study, vol. 6, no. Fig. 1. Screenshot of the programs and output. 3, pp. 1-7, 2018. [11] X. B. Wang, “Influence of divisor-ratio to distribution of semiprime's The computations of running the programs are shown in divisor,” Journal of Mathematics Research , vol. 10, no. 4, pp. 54-61, Table. The screenshot of the programs and output is shown 2018. [12] J. H. Li, “A parallel probabilistic approach to factorize a semiprime,” in Fig. 1. Analyzing the data in Table I, one can see that American Journal of Computational Mathematics, vol. 8, no. 2, pp. each one matches to Theorem 1. Take 386757 as an example. 153-162, 2018.
It can see that, 386757 17 thus k 17 is odd. By Theorem 1, [13] X. B. Wang, “Traits of a RSA modulus on T3 tree,” Journal of Mathematics Research, vol. 10, no. 6, pp. 10-20, 2018. the smaller divisor of 386757 possibly lies on level [14] X. B. Wang, “Brief summary of frequently-used properties of the
17 1 17 1 floor function,” IOSR Journal of Mathematics, vol. 13, no. 5, pp. 46- 27 or 18 . Actually, 48, 2017. 2 2 [15] X. B. Wang, “Some new inequalities with proofs and comments on p 441 7 because 1.98866 1.5 . The fact matches to applications,” Journal of Mathematics Research, vol. 11, no. 3, pp. 15-19, 2018.
28 International Journal of Information and Electronics Engineering, Vol. 9, No. 1, March 2019
Xingbo Wang was born in Hubei, China. He got his Guo Hongqiang was born in Hebei. He received a master and doctor’s degree at National University of bachelor's degree at HeFei University of Technology Defense Technology of China and had been a staff in and became a graduate student of Foshan University charge of researching and developing in 2017. He is now a member of Guangdong CAD/CAM/NC technologies in the university. Since engineering center of information security for 2010, he has been a professor in Foshan University intelligent manufacturing system. with research interests in computer application and information security. He is now the chief of Guangdong engineering center of information security for intelligent manufacturing system. Prof. Wang was in charge of more than 40 projects including projects from the National Science Foundation Committee, published 8 books and over 90 papers related with mathematics, computer science and mechatronic engineering, and invented 30 more patents in the related fields.
29