DOCSLIB.ORG

University of Manchester School of Computer Science Project Report 2016

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

University of Manchester School of Computer Science Project Report 2016 Primality Testing Author: Tong Ding Supervisor: Ian Pratt-hartmann Abstract Primality Testing Author: Tong Ding A prime number is a natural number n > 1 with no positive divisors other than 1 and n. This project investigates primality testing – that is, the problem of determining whether a given number is a prime. In recent decades, a number of sophisticated primality testing algorithms have been proposed. These algorithms fall into two categories: non-deterministic algorithms and deterministic al- gorithms. This project focuses on several non-deterministic and deterministic algorithms: our aim is to understand their mathematical foundations, to implement them and to measure their performance. We then investigate the prime generation problem and integer factoring prob- lem, and relate them to the topics which have important applications in cryptography. This report not only explains the algorithms in a comprehensive way, but also analyzes their performance in respect of running time and accuracy, then uses them to gather data on the density of primes. Supervisor: Ian Pratt-hartmann Acknowledgements I owe a debt of gratitude to my supervisor supervisor Dr. Ian Pratt-Hartmann for being a constant assistance and guidance throughout this year. I would also like to thank my family and friends for their support and faith during my study. 1 Contents 1 Introduction 3 1.1 Motivation . .3 1.2 Aims and Objectives . .4 1.3 Report Structure . .4 2 Background 5 2.1 Introduction to the Primality Problem . .5 2.2 Non-deterministic Algorithms for the Primality Problem . .6 2.3 Deterministic Algorithms for the Primality Problem . .7 2.4 Prime Generation Problem . .7 2.5 Integer Factorization Problem . .7 3 Non-deterministic Algorithms in Polynomial Time 8 3.1 Lehmann’s Test . .8 3.2 The Solovay-Strassen Test . 10 3.3 The Miller-Rabin Test . 14 4 Deterministic Algorithms in Polynomial Time 17 4.1 The AKS Test . 17 4.2 The Improved AKS Test . 21 5 Testing and Evaluation 22 5.1 Run Time . 22 5.2 Accuracy . 25 5.3 Density of Prime . 28 6 Prime Generation 30 6.1 The Sieve of Eratosthenes . 30 6.2 The Use of Primality Testing Algorithms . 31 7 Integer Factorization 32 8 Conclusion 33 8.1 Achievements . 33 8.2 Future Work . 33 Bibliography 34 2 Chapter 1 Introduction 1.1 Motivation The primality problem was first defined in classical antiquity. It can be stated as follows: Given a number n, decide whether n is prime. There is a naive procedure which works well for small inputs. Algorithm 1: Simple Method Input : Integer n > 2 Output: prime:0, composite:1 1 i 2; 2 while i × i < n do 3 if i divides n then 4 return 1; 5 else 6 i i + 1; 7 end 8 end 9 return 0; p This algorithm tests all the integers from 2 to n, to see whether they are divisors of n. As soon as a divisor is found, the calculation stops and returns n as a composite number. If no divisor is found, n will be returned as a prime. The method is guaranteed to return a correct answer, and is the best method for small num- bers. But we cannot use this method for large numbers, as it is too time consuming. For ex- ample, if an input number with 60 decimal digits happens to be prime, then the loop will run for more than 1030 rounds. Even if we assume that a very fast computer is used that can carry out one loop in 1 nanosecond, the computing will still take more than 1013 years. The question arises as to whether we can improve the performance of the naive procedure, increasing its efficiency while keeping its accuracy. A number of improved algorithms have been proposed to date. Based on these previous attempts, we decided to implement the im- proved methods and compare their performance for further study. This forms the main idea of the project. 3 1.2 Aims and Objectives The purpose of this project is to implement various primality testing algorithms, explain how these algorithm work, and present their performance. Nearly all the work is based on the book Primality Testing in Polynomial Time: From Randomized Algorithms to ”PRIMES is in P”[Die04]. The aims are: • Understand the mathematical basics in detail. • Fit the relevant knowledge into the algorithms. • Produce functions to test input numbers, based on the pseudo-codes. • Evaluate the performance of different methods by various approaches. • Improve the code according to the testing results and the most recent developments in the area. 1.3 Report Structure Chapter 2 talks about some basic notions and their background. Chapter 3 and Chapter 4 in- vestigate three typical randomized algorithms and one representative deterministic algorithm, respectively, and explaining the ways they work in detail. Chapter 5 considers statistics gath- ered from the running of previous algorithms. In Chapter 6, we focus on prime generation and discuss several methods to achieve that. In Chapter 7, the research goes further into the application in cryptography, which leads to a simple implementation of integer factorization. 4 Chapter 2 Background 2.1 Introduction to the Primality Problem Based on the introduction, we know that this project focuses on various efficiency approaches to solve the primality problem. Before we start talking about the algorithms, as a general background and a basis for analyzing primality test,there are some notions from number the- ory that are essential for the primality problem. Definition 2.1.1 (Prime and Composite). A positive integer n is a prime number if n > 1 and there is no number that divides n except 1 and n. If n is divisible by some a, 1 < a < n, then n is a composite number. A representation n = p · p1··· pr (r > 0; p1;:::; pr stands for prime number which is not necessarily distinct) is called a prime decomposition of n. By using such a representation, we have the following theorem: Theorem 2.1.2 (The Fundamental Theorem of Arithmetic). Every integer n > 1 can be written as a product of prime numbers in exactly one way (The order of the factors is disregarded). The theorem states two terms. For example, 600 = 2 × 2 × 2 × 3 × 5 × 5, 600 can be repre- sented as a product of primes, and 600 can just be written as a product of three 2s, one 3, two 5s, without no other primes in the product. Definition 2.1.3 (Greatest Common Divisor). If n and m are integers, then the largest integer that divides n and divides m is called the great- est common divisor of n and m and denoted by gcd(n;m). If gcd(n;m) = 1, then we say that n and m are relatively prime. There are quite efficient algorithms for finding the greatest common divisor. For example the Extended Euclidean Algorithm (see Algorithm 3.2.4 in [Die04]), which has time complexity O(log(n)log(m)). Theorem 2.1.4 (Integer Division with Remainder). If n is an integer and d is a positive integer, then there are unique integers q and r such that n = d · q + r and 0 6 r < d. d is the divisor, q is the quotient, r is the remainder. 5 The theorem of division with remainder is so important that we introduce a special notation for it. Definition 2.1.5 (Modulo and Congruent). • For an integer n and a positive integer d we let n mod d = r and ndivd = q, where r and q are the uniquely determined numbers that satisfy n = d · q + r and 0 6 r < d. • Let d > 2 be given. For arbitrary integers a and b, if we have a mod b = r and b mod d = r. We say that a is congruent to b modulo d and write a ≡ b (mod d). 2.2 Non-deterministic Algorithms for the Primality Prob- lem A non-deterministic algorithm is an algorithm that, even for the same input, can exhibit dif- ferent behaviors on different runs. Here we give the Fermat Test as a simple example of non- deterministic algorithm for the primality problem. As the basis for the Fermat primality test, we introduce Fermat’s little theorem first: Theorem 2.2.1 (Fermats Little Theorem). If p is a prime number, then for any integer a not divisible by p, ap−1 ≡ 1 (mod p) Algorithm 2: Fermat Test Input : Odd Integer n > 3 Output: prime:0, composite:1 1 Let a be randomly chosen from 2;:::;n − 2; n−1 2 if a 6= 1 (mod n) then 3 return 1; 4 else 5 r 6 end 7 eturn 0; By Fermats Little theorem, if an−1 6= 1 (mod n), then n is not a prime number, in other words, n must be a composite. Otherwise, if ap−1 ≡ 1 (mod b), n might be a prime. In conclusion, if this algorithm returns the answer as prime, there might be a probability that n is actually com- posite. So Fermat Test is a non-deterministic algorithm, because it will not always return the same result giving a particular input. The probability that Fermat Test gives a wrong answer 1 can be proved as up to 2 [Die04], of course this is too high in practical application. More con- vincing algorithms will be described in next chapter. In Algorithm 2 line 2, a method randomization is invoked, which is common in the imple- mentation of non-deterministic algorithms. The purpose of randomization is to generate ran- dom values in hope to verify the algorithm in the average case.
Recommended publications
  • Lesson 19: the Euclidean Algorithm As an Application of the Long Division Algorithm

    Lesson 19: the Euclidean Algorithm As an Application of the Long Division Algorithm

    NYS COMMON CORE MATHEMATICS CURRICULUM Lesson 19 6•2 Lesson 19: The Euclidean Algorithm as an Application of the Long Division Algorithm Student Outcomes . Students explore and discover that Euclid’s Algorithm is a more efficient means to finding the greatest common factor of larger numbers and determine that Euclid’s Algorithm is based on long division. Lesson Notes MP.7 Students look for and make use of structure, connecting long division to Euclid’s Algorithm. Students look for and express regularity in repeated calculations leading to finding the greatest common factor of a pair of numbers. These steps are contained in the Student Materials and should be reproduced, so they can be displayed throughout the lesson: Euclid’s Algorithm is used to find the greatest common factor (GCF) of two whole numbers. MP.8 1. Divide the larger of the two numbers by the smaller one. 2. If there is a remainder, divide it into the divisor. 3. Continue dividing the last divisor by the last remainder until the remainder is zero. 4. The final divisor is the GCF of the original pair of numbers. In application, the algorithm can be used to find the side length of the largest square that can be used to completely fill a rectangle so that there is no overlap or gaps. Classwork Opening (5 minutes) Lesson 18 Problem Set can be discussed before going on to this lesson. Lesson 19: The Euclidean Algorithm as an Application of the Long Division Algorithm 178 Date: 4/1/14 This work is licensed under a © 2013 Common Core, Inc.
  • Lecture 9: Arithmetics II 1 Greatest Common Divisor

    Lecture 9: Arithmetics II 1 Greatest Common Divisor

    DD2458, Problem Solving and Programming Under Pressure Lecture 9: Arithmetics II Date: 2008-11-10 Scribe(s): Marcus Forsell Stahre and David Schlyter Lecturer: Douglas Wikström This lecture is a continuation of the previous one, and covers modular arithmetic and topics from a branch of number theory known as elementary number theory. Also, some abstract algebra will be discussed. 1 Greatest Common Divisor Definition 1.1 If an integer d divides another integer n with no remainder, d is said to be a divisor of n. That is, there exists an integer a such that a · d = n. The notation for this is d | n. Definition 1.2 A common divisor of two non-zero integers m and n is a positive integer d, such that d | m and d | n. Definition 1.3 The Greatest Common Divisor (GCD) of two positive integers m and n is a common divisor d such that every other common divisor d0 | d. The notation for this is GCD(m, n) = d. That is, the GCD of two numbers is the greatest number that is a divisor of both of them. To get an intuition of what GCD is, let’s have a look at this example. Example Calculate GCD(9, 6). Say we have 9 black and 6 white blocks. We want to put the blocks in boxes, but every box has to be the same size, and can only hold blocks of the same color. Also, all the boxes must be full and as large as possible . Let’s for example say we choose a box of size 2: As we can see, the last box of black bricks is not full.
  • Primality Testing and Integer Factorisation

    Primality Testing and Integer Factorisation

    Primality Testing and Integer Factorisation Richard P. Brent, FAA Computer Sciences Laboratory Australian National University Canberra, ACT 2601 Abstract The problem of finding the prime factors of large composite numbers has always been of mathematical interest. With the advent of public key cryptosystems it is also of practical importance, because the security of some of these cryptosystems, such as the Rivest-Shamir-Adelman (RSA) system, depends on the difficulty of factoring the public keys. In recent years the best known integer factorisation algorithms have improved greatly, to the point where it is now easy to factor a 60-decimal digit number, and possible to factor numbers larger than 120 decimal digits, given the availability of enough computing power. We describe several recent algorithms for primality testing and factorisation, give examples of their use and outline some applications. 1. Introduction It has been known since Euclid’s time (though first clearly stated and proved by Gauss in 1801) that any natural number N has a unique prime power decomposition α1 α2 αk N = p1 p2 ··· pk (1.1) αj (p1 < p2 < ··· < pk rational primes, αj > 0). The prime powers pj are called αj components of N, and we write pj kN. To compute the prime power decomposition we need – 1. An algorithm to test if an integer N is prime. 2. An algorithm to find a nontrivial factor f of a composite integer N. Given these there is a simple recursive algorithm to compute (1.1): if N is prime then stop, otherwise 1. find a nontrivial factor f of N; 2.
  • Computing Prime Divisors in an Interval

    Computing Prime Divisors in an Interval

    MATHEMATICS OF COMPUTATION Volume 84, Number 291, January 2015, Pages 339–354 S 0025-5718(2014)02840-8 Article electronically published on May 28, 2014 COMPUTING PRIME DIVISORS IN AN INTERVAL MINKYU KIM AND JUNG HEE CHEON Abstract. We address the problem of finding a nontrivial divisor of a com- posite integer when it has a prime divisor in an interval. We show that this problem can be solved in time of the square root of the interval length with a similar amount of storage, by presenting two algorithms; one is probabilistic and the other is its derandomized version. 1. Introduction Integer factorization is one of the most challenging problems in computational number theory. It has been studied for centuries, and it has been intensively in- vestigated after introducing the RSA cryptosystem [18]. The difficulty of integer factorization has been examined not only in pure factoring situations but also in various modified situations. One such approach is to find a nontrivial divisor of a composite integer when it has prime divisors of special form. These include Pol- lard’s p − 1 algorithm [15], Williams’ p + 1 algorithm [20], and others. On the other hand, owing to the importance and the usage of integer factorization in cryptog- raphy, one needs to examine this problem when some partial information about divisors is revealed. This side information might be exposed through the proce- dures of generating prime numbers or through some attacks against crypto devices or protocols. This paper deals with integer factorization given the approximation of divisors, and it is motivated by the above mentioned research.
  • An Analysis of Primality Testing and Its Use in Cryptographic Applications

    An Analysis of Primality Testing and Its Use in Cryptographic Applications

    An Analysis of Primality Testing and Its Use in Cryptographic Applications Jake Massimo Thesis submitted to the University of London for the degree of Doctor of Philosophy Information Security Group Department of Information Security Royal Holloway, University of London 2020 Declaration These doctoral studies were conducted under the supervision of Prof. Kenneth G. Paterson. The work presented in this thesis is the result of original research carried out by myself, in collaboration with others, whilst enrolled in the Department of Mathe- matics as a candidate for the degree of Doctor of Philosophy. This work has not been submitted for any other degree or award in any other university or educational establishment. Jake Massimo April, 2020 2 Abstract Due to their fundamental utility within cryptography, prime numbers must be easy to both recognise and generate. For this, we depend upon primality testing. Both used as a tool to validate prime parameters, or as part of the algorithm used to generate random prime numbers, primality tests are found near universally within a cryptographer's tool-kit. In this thesis, we study in depth primality tests and their use in cryptographic applications. We first provide a systematic analysis of the implementation landscape of primality testing within cryptographic libraries and mathematical software. We then demon- strate how these tests perform under adversarial conditions, where the numbers being tested are not generated randomly, but instead by a possibly malicious party. We show that many of the libraries studied provide primality tests that are not pre- pared for testing on adversarial input, and therefore can declare composite numbers as being prime with a high probability.
  • Chapter 9 Quadratic Residues

    Chapter 9 Quadratic Residues

    Chapter 9 Quadratic Residues 9.1 Introduction Definition 9.1. We say that a 2 Z is a quadratic residue mod n if there exists b 2 Z such that a ≡ b2 mod n: If there is no such b we say that a is a quadratic non-residue mod n. Example: Suppose n = 10. We can determine the quadratic residues mod n by computing b2 mod n for 0 ≤ b < n. In fact, since (−b)2 ≡ b2 mod n; we need only consider 0 ≤ b ≤ [n=2]. Thus the quadratic residues mod 10 are 0; 1; 4; 9; 6; 5; while 3; 7; 8 are quadratic non-residues mod 10. Proposition 9.1. If a; b are quadratic residues mod n then so is ab. Proof. Suppose a ≡ r2; b ≡ s2 mod p: Then ab ≡ (rs)2 mod p: 9.2 Prime moduli Proposition 9.2. Suppose p is an odd prime. Then the quadratic residues coprime to p form a subgroup of (Z=p)× of index 2. Proof. Let Q denote the set of quadratic residues in (Z=p)×. If θ :(Z=p)× ! (Z=p)× denotes the homomorphism under which r 7! r2 mod p 9–1 then ker θ = {±1g; im θ = Q: By the first isomorphism theorem of group theory, × jkerθj · j im θj = j(Z=p) j: Thus Q is a subgroup of index 2: p − 1 jQj = : 2 Corollary 9.1. Suppose p is an odd prime; and suppose a; b are coprime to p. Then 1. 1=a is a quadratic residue if and only if a is a quadratic residue.
  • By Sieving, Primality Testing, Legendre's Formula and Meissel's

    By Sieving, Primality Testing, Legendre's Formula and Meissel's

    Computation of π(n) by Sieving, Primality Testing, Legendre’s Formula and Meissel’s Formula Jason Eisner, Spring 1993 This was one of several optional small computational projects assigned to undergraduate mathematics students at Cambridge University in 1993. I’m releasing my code and writeup in 2002 in case they are helpful to anyone—someone doing research in this area wrote to me asking for them. My linear-time version of the Sieve of Eratosthenes may be original; I have not seen that algorithm anywhere else. But the rest of this work is straightforward implementation and exposition of well-known methods. A good reference is H. Riesel, Prime Numbers and Computer Methods for Factorization. My Common Lisp implementation is in the file primes.lisp. The standard language reference (now available online for free) is Guy L. Steele, Jr., Common Lisp: The Language, 2nd ed., Digital Press, 1990. Note: In my discussion of running time, I have adopted the usual ideal- ization of a machine that can perform addition and multiplication operations in constant time. Real computers obviously fall short of this ideal; for exam- ple, when n and m are represented in base 2 by arbitrary length bitstrings, it takes time O(log n log m) to compute nm. Introduction: In this project we’ll look at several approaches for find- ing π(n), the numberof primes less than n. Each approach has its advan- tages. • Sieving produces a complete list of primes that can be further analyzed. For instance, after sieving, we may easily identify the 8169 pairs of twin primes below 106.
  • Primes and Primality Testing

    Primes and Primality Testing

    Primes and Primality Testing A Technological/Historical Perspective Jennifer Ellis Department of Mathematics and Computer Science What is a prime number? A number p greater than one is prime if and only if the only divisors of p are 1 and p. Examples: 2, 3, 5, and 7 A few larger examples: 71887 524287 65537 2127 1 Primality Testing: Origins Eratosthenes: Developed “sieve” method 276-194 B.C. Nicknamed Beta – “second place” in many different academic disciplines Also made contributions to www-history.mcs.st- geometry, approximation of andrews.ac.uk/PictDisplay/Eratosthenes.html the Earth’s circumference Sieve of Eratosthenes 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 Sieve of Eratosthenes We only need to “sieve” the multiples of numbers less than 10. Why? (10)(10)=100 (p)(q)<=100 Consider pq where p>10. Then for pq <=100, q must be less than 10. By sieving all the multiples of numbers less than 10 (here, multiples of q), we have removed all composite numbers less than 100.
  • A FEW FACTS REGARDING NUMBER THEORY Contents 1

    A FEW FACTS REGARDING NUMBER THEORY Contents 1

    A FEW FACTS REGARDING NUMBER THEORY LARRY SUSANKA Contents 1. Notation 2 2. Well Ordering and Induction 3 3. Intervals of Integers 4 4. Greatest Common Divisor and Least Common Multiple 5 5. A Theorem of Lam´e 8 6. Linear Diophantine Equations 9 7. Prime Factorization 10 8. Intn, mod n Arithmetic and Fermat's Little Theorem 11 9. The Chinese Remainder Theorem 13 10. RelP rimen, Euler's Theorem and Gauss' Theorem 14 11. Lagrange's Theorem and Primitive Roots 17 12. Wilson's Theorem 19 13. Polynomial Congruencies: Reduction to Simpler Form 20 14. Polynomial Congruencies: Solutions 23 15. The Quadratic Formula 27 16. Square Roots for Prime Power Moduli 28 17. Euler's Criterion and the Legendre Symbol 31 18. A Lemma of Gauss 33 −1 2 19. p and p 36 20. The Law of Quadratic Reciprocity 37 21. The Jacobi Symbol and its Reciprocity Law 39 22. The Tonelli-Shanks Algorithm for Producing Square Roots 42 23. Public Key Encryption 44 24. An Example of Encryption 47 References 50 Index 51 Date: October 13, 2018. 1 2 LARRY SUSANKA 1. Notation. To get started, we assume given the set of integers Z, sometimes denoted f :::; −2; −1; 0; 1; 2;::: g: We assume that the reader knows about the operations of addition and multiplication on integers and their basic properties, and also the usual order relation on these integers. In particular, the operations of addition and multiplication are commuta- tive and associative, there is the distributive property of multiplication over addition, and mn = 0 implies one (at least) of m or n is 0.
  • Number Theory Summary

    Number Theory Summary

    YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467: Cryptography and Computer Security Handout #11 Professor M. J. Fischer November 13, 2017 Number Theory Summary Integers Let Z denote the integers and Z+ the positive integers. Division For a 2 Z and n 2 Z+, there exist unique integers q; r such that a = nq + r and 0 ≤ r < n. We denote the quotient q by ba=nc and the remainder r by a mod n. We say n divides a (written nja) if a mod n = 0. If nja, n is called a divisor of a. If also 1 < n < jaj, n is said to be a proper divisor of a. Greatest common divisor The greatest common divisor (gcd) of integers a; b (written gcd(a; b) or simply (a; b)) is the greatest integer d such that d j a and d j b. If gcd(a; b) = 1, then a and b are said to be relatively prime. Euclidean algorithm Computes gcd(a; b). Based on two facts: gcd(0; b) = b; gcd(a; b) = gcd(b; a − qb) for any q 2 Z. For rapid convergence, take q = ba=bc, in which case a − qb = a mod b. Congruence For a; b 2 Z and n 2 Z+, we write a ≡ b (mod n) iff n j (b − a). Note a ≡ b (mod n) iff (a mod n) = (b mod n). + ∗ Modular arithmetic Fix n 2 Z . Let Zn = f0; 1; : : : ; n − 1g and let Zn = fa 2 Zn j gcd(a; n) = 1g. For integers a; b, define a⊕b = (a+b) mod n and a⊗b = ab mod n.
  • Arxiv:1503.02592V1

    Arxiv:1503.02592V1

    MATHEMATICS OF COMPUTATION Volume 00, Number 0, Pages 000–000 S 0025-5718(XX)0000-0 TWO COMPACT INCREMENTAL PRIME SIEVES JONATHAN P. SORENSON Abstract. A prime sieve is an algorithm that finds the primes up to a bound n. We say that a prime sieve is incremental, if it can quickly determine if n+1 is prime after having found all primes up to n. We say a sieve is compact if it uses roughly √n space or less. In this paper we present two new results: We describe the rolling sieve, a practical, incremental prime sieve that • takes O(n log log n) time and O(√n log n) bits of space, and We show how to modify the sieve of Atkin and Bernstein [1] to obtain a • sieve that is simultaneously sublinear, compact, and incremental. The second result solves an open problem given by Paul Pritchard in 1994 [19]. 1. Introduction and Definitions A prime sieve is an algorithm that finds all prime numbers up to a given bound n. The fastest known algorithms, including Pritchard’s wheel sieve [16] and the Atkin- Bernstein sieve [1], can do this using at most O(n/ log log n) arithmetic operations. The easy-to-code sieve of Eratosthenes requires O(n log log n) time, and there are a number of sieves in the literature that require linear time [17, 18]. Normally, running time is the main concern in algorithm design, but in this paper we are also interested in two other properties: incrementality and compactness. We say that a sieve is compact if it uses at most n1/2+o(1) space.
  • Sieve Algorithms for the Discrete Logarithm in Medium Characteristic Finite Fields Laurent Grémy

    Sieve Algorithms for the Discrete Logarithm in Medium Characteristic Finite Fields Laurent Grémy

    Sieve algorithms for the discrete logarithm in medium characteristic finite fields Laurent Grémy To cite this version: Laurent Grémy. Sieve algorithms for the discrete logarithm in medium characteristic finite fields. Cryptography and Security [cs.CR]. Université de Lorraine, 2017. English. NNT : 2017LORR0141. tel-01647623 HAL Id: tel-01647623 https://tel.archives-ouvertes.fr/tel-01647623 Submitted on 24 Nov 2017 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. AVERTISSEMENT Ce document est le fruit d'un long travail approuvé par le jury de soutenance et mis à disposition de l'ensemble de la communauté universitaire élargie. Il est soumis à la propriété intellectuelle de l'auteur. Ceci implique une obligation de citation et de référencement lors de l’utilisation de ce document. D'autre part, toute contrefaçon, plagiat, reproduction illicite encourt une poursuite pénale. Contact : [email protected] LIENS Code de la Propriété Intellectuelle. articles L 122. 4 Code de la Propriété Intellectuelle. articles L 335.2- L 335.10 http://www.cfcopies.com/V2/leg/leg_droi.php