2.4.1 Pollard's Rho-Factoring-Algorithm
Pollard's rho factoring algotrithm is a special-purpose algorithm for
finding small non-trivial factors of an integer. Have a look at following
proposition:
Let f: S→S be a random function, where |S| = n.
Let further be x0 ∈ S, at random. Consider the sequence
x0, x1, x2, ... defined by
xi+1 = f(xi ). Since S is finite, the sequence must
eventually cycle and be composed of a tail.
For finding out the length of the cycle, following algorithm is
suitable (Floyd's cycle-finding algorithm):
In this method one starts with the pair (x1 , x2 )
and iteratively computes (xi , x2i ) from the
previous pair (xi-1 , x2i-2 ) until a duplicate
xm = x2m appears for some m. ⇒ If the tail of the
sequence has length λ and the cycle has length μ,
so the first time when xm = x2m is when
m = μ (1 + ⌊λ / μ ⌋ ).
Now Floyd's algorithm is utilized by Pollard's rho algorithm to find
such a duplicate in the sequence of integers y0, y1,
y2, ..., yi ∈ Z ∀ i. That sequence
is defined by: y0 = 2, yi+1 = f(yi ) =
(yi2 + 1) mod p, i ≥ 0. Now Floyd's algorithm is
used to find ym and y2m with ym
≡ y2m (mod p). Since p devides n, but is unknown, this is
done by computing the terms yi mod n and testing whether is
gcd(ym - y2m , n ) > 1. If such an m is found
and if gcd(ym - y2m , n ) < n, then a non-trivial
factor of n is obtained (=n occurs with low probability).
Example:
Let be n = 221. We start with:
y0 = 2
y1 = f(y0 ) = ((y0 )2 + 1) mod n
= 5, y2 = f( f( y0 )) = 26, d = gcd(y1 -
y2 , n ) = gcd ( 21, 221 ) = 1,
y2 = 26, y4 = 197, d = gcd ( 26 - 197, 221 ) = 1,
y3 = 262 + 1 mod 221 = 14, y6 = 104,
d = gcd ( 90, 221 ) = 1,
y4 = 197, y8 = 145, d = 13,
So 13 is a non-trivial factor of 221 and the other non-trivial factor is
221 / 13 = 17.
If the algorithm terminates with failure, you can try again with a
different function f having another integer coefficient for example
f = x2 + c , c ≠ 0, -2
But consider that this algoithm is meant for composite integers which are not
prime powers.
Applet Rho-Factorization:
Quellcode:
RhoFacSF.java - Applet surface class
RhoFac.java - Algorithm class
|
|
2.4.2 (p-1)-Faktoring |