Scribd Logo
Upload

Welcome to Scribd!

  • Tonelli-Shanks Presentation

    Uploaded by

    niko2003
    25 views44 pages
    Presentation for the solution of Tonelli-Shanks algorithm in greek

    Original Title

    Tonelli-Shanks presentation

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Presentation for the solution of Tonelli-Shanks algorithm in greek

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    25 views44 pages

    Tonelli-Shanks Presentation

    Uploaded by

    niko2003
    Presentation for the solution of Tonelli-Shanks algorithm in greek

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 44

    Tonelli - Shanks

    13 2011

    x1 , x2 Zp :
    xi2 a

    (mod p) i 1, 2

    (1)

    a Zp .

    x1 , x2 Zp :
    xi2 a

    (mod p) i 1, 2

    (1)

    a Zp .
    Euler.

    x1 , x2 Zp :
    xi2 a

    (mod p) i 1, 2

    (1)

    a Zp .
    Euler.
    Tonelli - Shanks.

    x1 , x2 Zp :
    xi2 a

    (mod p) i 1, 2

    (1)

    a Zp .
    Euler.
    Tonelli - Shanks.
    , x2 = x1 + p.

    Euler

    p .
    x2 a
    a

    p1
    2

    (mod p)

    (2)

    1 (mod p).

    Fermat

    a Z gcd(a , p) = 1, :
    a p 1 1

    (mod p)

    Zp p 1,
    ord p (a )|(p 1).

    Lemma
    p y 2 1 (mod p), y 1 (mod p).

    Lemma
    p y 2 1 (mod p), y 1 (mod p).
    .
    p|y 2 1 p|(y 1)(y + 1).

    Lemma
    p y 2 1 (mod p), y 1 (mod p).
    .
    p|y 2 1 p|(y 1)(y + 1). p
    p|(y 1) p|(y + 1).

    Lemma
    p y 2 1 (mod p), y 1 (mod p).
    .
    p|y 2 1 p|(y 1)(y + 1). p
    p|(y 1) p|(y + 1). , 1 , 2 R
    (y 1) = 1 p (y + 1) = 2 p.

    Lemma
    p y 2 1 (mod p), y 1 (mod p).
    .
    p|y 2 1 p|(y 1)(y + 1). p
    p|(y 1) p|(y + 1). , 1 , 2 R
    (y 1) = 1 p (y + 1) = 2 p. :
    (1 + 2 )p = y 1 + y + 1 = 2y.

    Lemma
    p y 2 1 (mod p), y 1 (mod p).
    .
    p|y 2 1 p|(y 1)(y + 1). p
    p|(y 1) p|(y + 1). , 1 , 2 R
    (y 1) = 1 p (y + 1) = 2 p. :
    (1 + 2 )p = y 1 + y + 1 = 2y.
    p|2y p|y p|y 2 y 2 0 (mod p).

    Lemma
    p y 2 1 (mod p), y 1 (mod p).
    .
    p|y 2 1 p|(y 1)(y + 1). p
    p|(y 1) p|(y + 1). , 1 , 2 R
    (y 1) = 1 p (y + 1) = 2 p. :
    (1 + 2 )p = y 1 + y + 1 = 2y.
    p|2y p|y p|y 2 y 2 0 (mod p). !

    Gauss

    Gauss
    (2) S
    :
    a S 1 (mod p)
    :
    x=a

    S +1
    2

    mod p

    x2 a

    S +1
    2

    2

    (mod p)

    a S a (mod p)
    a (mod p)

    Gauss

    Gauss

    p :
    p 3 (mod 4)
    p 1 (mod 4)

    50% ,

    (3)
    (4)

    Gauss

    Gauss

    p :
    p 3 (mod 4)

    50% ,

    (3)

    p 1 (mod 4)

    (4)

    1
    S = p
    3 :
    2

    aS a

    p1
    2

    1 (mod p)

    Gauss

    Gauss

    p :
    p 3 (mod 4)

    50% ,

    (3)

    p 1 (mod 4)

    (4)

    1
    S = p
    3 :
    2

    aS a
    x a

    S +1
    2

    p1
    2

    1 (mod p)

    (mod p) a

    p +1
    4

    (mod p), 4|p + 1.


    Tonelli - Shanks

    1. : a , p Z, p
    2. : x1 , x2 Z x12 a (mod p) x22 a
    (mod p).
    p1

    3. : a 2 1 (mod p)
    . a modulo p.
    4. S , e: s , e
    p 1 = S 2e .
    p 1

    5. n: n = 2. n 2 1 (mod p)
    n = n + 1.

    6. Initial Guess:
    S +1

    1
    2
    3
    4

    x = a 2 mod p
    b = a S mod p
    g = nS mod p
    r=e
    m

    7. m: m = 0. b2 1 (mod p)
    m = m + 1.
    8. : m = 0 x (x mod p)
    .
    9. : :
    r m1

    1
    2
    3
    4

    x = x g2
    mod p
    2r m
    b =bg
    mod p
    r m
    g = g2
    mod p
    r=m

    8 Z40961

    :
    1
    2

    a = 5, p = 40961 520480 1 (mod p) .


    p 1 = 40960 = 20480 2 = 10240 22 = . . . = 5 213 ,
    S = 5 e = 13.
    S +1
    2

    mod p = 83 mod 40961 x = 512.

    x=a

    b = a S mod p = 55 mod 40961 b = 32768

    n = 2 n = 3.

    g = nS = 35 = 243

    1
    2
    3
    4
    5
    6
    7

    11
    9
    6
    5
    3
    2
    1

    x = x g2
    512
    3870
    17966
    23589
    23589
    10952
    10952
    10952

    r m1

    r m

    b = b g2
    32768
    8387
    21040
    39178
    31679
    14541
    40960
    1

    g = g2
    243
    20237
    8603
    14529
    19808
    31679
    14541
    40960

    r m

    r
    13
    11
    9
    6
    5
    3
    2
    1

    : b 6 1 (mod p) .
    7


    S :
    p 1 = S 2e


    S :
    p 1 = S 2e
    (Initial Guess) :
    x=a

    S +1
    2

    mod p


    S :
    p 1 = S 2e
    (Initial Guess) :
    x=a

    S +1
    2

    mod p

    x2 a

    S +1
    2

    2

    (mod p)

    a S +1 (mod p) a S a (mod p)

    x =a

    S +1
    2

    mod p :
    aS 1

    (mod p)

    2/3 . :
    1

    1/3 .

    Fudge Factor

    Fudge Factor
    :
    x 2 aS a

    (mod p)

    b = a S Fudge Factor (FF).

    Fudge Factor

    Fudge Factor
    :
    x 2 aS a

    (mod p)

    b = a S Fudge Factor (FF).


    1/3 , :
    a S 6 1

    (mod p)

    Fudge Factor

    Fudge Factor
    :
    x 2 aS a

    (mod p)

    b = a S Fudge Factor (FF).


    1/3 , :
    a S 6 1

    (mod p)

    ord (b) > 1.

    ord (a S ) > 1, / :
    x 2 aS a

    (mod p)


    Fudge Factor 1.

    FF
    7 m :
    aS

    2m

    1 (mod p)

    FF
    7 m :
    aS

    2m

    1 (mod p)

    :
    aS

    2e1

    =a

    S 2e
    2

    =a

    p1
    2

    (mod p)

    FF
    7 m :
    aS

    2m

    1 (mod p)

    :
    aS

    2e1

    =a

    S 2e
    2

    =a

    p1
    2

    (mod p)

    :
    ord (a S )|2e1

    FF
    7 m :
    aS

    2m

    1 (mod p)

    :
    aS

    2e1

    =a

    S 2e
    2

    =a

    p1
    2

    (mod p)

    :
    ord (a S )|2e1
    0 m e 1 :
    ord (b) = 2m

    /
    ( 5 ) n :
    n

    p1
    2

    (mod p)

    /
    ( 5 ) n :
    n

    p1
    2

    (mod p)

    /
    nS

    2em

    /
    ( 5 ) n :
    n

    p1
    2

    (mod p)

    /
    nS

    2em

    :
    x 2 aS a

    (mod p)

    /
    ( 5 ) n :
    n

    p1
    2

    (mod p)

    /
    nS

    2em

    :
    x 2 aS a

    (mod p)

    :
    x 2 nS

    2em

    a S nS

    2em

    (mod p)

    : x 0 = x nS

    2em1 2

    FF: b0 = a S nS

    2em

    mod p

    mod p

    : x 0 = x nS

    2em1 2

    FF: b0 = a S nS

    2em

    mod p

    mod p


    FF .

    : x 0 = x nS

    2em1 2

    FF: b0 = a S nS

    2em

    mod p

    mod p


    FF .
    ord (b) = 2m . .. :
    m1

    ord (b0 ) 2m1 (b0 )2

    (mod p)

    1
    :
    a S 2

    m1

    (mod p)

    :
    y = a S 2

    m1

    = aS

    2m1

    y 2 = a S 2

    = aS

    m1

    2m

    2

     m
    = a S 2

    =1

    : y = 1 (mod p).

    b 02

    m1

    m1

    a S 2

    m1

    a S 2

    m1

    a S 2

    m1

    a S 2

    n S 2

    em+m1

    n S 2

    e1

    n S 2

    e1

    p1
    2

    (mod p)

    (mod p)
    (mod p)

    (mod p)

    1 1 (mod p)
    1 (mod p)
    

    , . .
    , 2007.
    Turner, S.M. Square roots mod p, American Mathematical Monthly
    101, 1994, 443-449.
    Wikipedia contributors, Tonelli -- Shanks algorithm, Wikipedia, The
    Free Encyclopedia (accessed February 6, 2010).

    You might also like