word looked up : home / archive

 Lenstra Elliptic Curve Factorization 

The Lenstra Elliptic Curve Factorization is a fast probabilistic algorithm for integer factorization which employs elliptic curves.

This method was the best algorithm for integer factorization until the General Number Field Sieve was developed. It is still best for factoring out divisors of size not exceeding 20 digits (64 bits), as its running time depends on the size of a factor p rather than on the size of the number n to be factored.

It is an improvement of the older Pollard p-1 factorization method. In that method, it was assumed that the given number n has a prime factor p such that p-1 had only "small" prime factors (numbers whose prime factors are all "small" are informally called smooth). Then, by Fermat's little theorem, ae=1 mod p whenever p-1 divides e and p doesn't divide a. Taking e to be a product of small primes raised to small powers, and a to be a random residue mod n, we can hopefully factor n by computing the greatest common divisor of n and ae-1, as other divisors q of n are unlikely to have the property that q-1 divides e - smooth values are rare. However, we will not be able to factor n if n doesn't have a prime factor p with p-1 smooth.

The Lenstra Elliptic Curve Factorization gets around this obstacle by considering the group of a random elliptic curve over the finite field Zp, rather than considering the multiplicative group of Zp which always has order p-1. The order of the group of a random elliptic curve over Zp varies between p and 2p randomly, and is likely to be smooth for some Elliptic curves.

The Lenstra Elliptic Curve Factorization method to find a factor of the given number n works as follows:

  • Pick a random Elliptic curve over Z with a point A on it. Then, we consider the group law on this curve mod n - this is possible since almost all residues mod n have inverses, which can be found using the Euclidean algorithm and finding a noninvertible residue tantamounts to factoring n

  • Compute eA in this group, where e is product of small primes raised to small powers, as in the Pollard p-1 factorization. It can be done one prime at a time, thus efficiently.

  • Hopefully, eA is a zero element of the Elliptic curve group in Z p, but not in Z q for another prime divisor q of n (as in the Pollard p-1 method, it is unlikely that both groups will have an order which is a divisor of e). Then we can find a factor of n by finding the greatest common divisor of the first coordinate of A and n, since this coordinate will be zero in Z p.

  • If it doesn't work, we try with some other curve and starting point

Average and worst case runtime? When was the method developed?

the people.html">people.html">people.html">people of Ammon did not fear their words; therefore they did Zoramites that came over unto them; and they did nourish them, inheritance.html">inheritance; and they did administer unto them according to their 10 Now this did stir up the Zoramites to anger.html">anger against the stir them up also to anger against them. Alma 35:11 preparations for war.html">war against the people of Ammon, and also 12 And thus ended the seventeenth year of the reign of the 13 And the people of Ammon departed out of the land.html">land.html">land.html">land of Jershon, of Jershon for the armies of the Nephites, that they might Zoramites; and thus commenced a war betwixt the Lamanites and the an account shall be given of their wars hereafter. Alma 35:14 sons of Alma returned to the land of Zarahemla, after having been to repentance.html">repentance; and as many as were brought to repentance were inheritance in the land of Jershon, and they have taken up arms lands. Alma 35:15 for the wars, and the bloodsheds, and the contentions which were declare the word.html">word, among all the people in every city; and seeing began to be offended because of the strictness of the word, his 16 Therefore, he caused that his sons should be gathered separately, concerning the things pertaining unto righteousness. them according to his own record. Alma 36/36.html">36 1 My son, give ear to my words; for I swear unto you, that prosper in the land. Alma 36:2 captivity of our fathers; for they were in bondage, and none of Isaac, and the God of Jacob; and he surely did deliver them in 3 And now, O my son Helaman, behold, thou art in thy youth, and .

 On wordlookup.net  

All is still licensed under the GNU FDL.
It uses material from the wikipedia.



logo

navig stuff

home
archive