Tuesday, June 12, 2007
Generalizing integer factorization
Stepping just slightly away from equation familiar from a congruence of squares gives a generalized factoring method which shows a means to balance the difficulty of factoring a number against computational resources.
Beginning with
x^2 = y^2 + aT and k^2 = 2xk + bT
where T is the target composite to be factored, you can easily solve to find
(x+k)^2 = y^2 + 2k^2 + (a-b)T
so that it is clear that 'a' and 'b' need not be determined as you need a-b, which is chosen to be some non-zero integer as is k.
Trivially, if you introduce integer factors f_1 and f_2, you can have
4f_1*f_2 = 2k^2 + (a-b)T
then y = f_1 - f_2 and
x = f_1 + f_2 - k
so by factoring 2k^2 + (a-b)T you can potentially non-trivially factor your target composite T.
Experiments with this method show that the larger 2k^2 + (a-b)T is, the more likely you are to factor the target T by factoring it, but that means it can be roughly as hard to factor as your original composite!
But there are a couple of saving graces, the most important being that the method focuses on the smaller primes first—pulling them out of the composite preferentially.
And, for composites 2k^2 + (a-b)T very close in factoring difficulty to your target composite T, the method works approximately 67% of the time.
So it is a method that allows you to adjust depending on what factoring probability you can handle with your computational power.
Beginning with
x^2 = y^2 + aT and k^2 = 2xk + bT
where T is the target composite to be factored, you can easily solve to find
(x+k)^2 = y^2 + 2k^2 + (a-b)T
so that it is clear that 'a' and 'b' need not be determined as you need a-b, which is chosen to be some non-zero integer as is k.
Trivially, if you introduce integer factors f_1 and f_2, you can have
4f_1*f_2 = 2k^2 + (a-b)T
then y = f_1 - f_2 and
x = f_1 + f_2 - k
so by factoring 2k^2 + (a-b)T you can potentially non-trivially factor your target composite T.
Experiments with this method show that the larger 2k^2 + (a-b)T is, the more likely you are to factor the target T by factoring it, but that means it can be roughly as hard to factor as your original composite!
But there are a couple of saving graces, the most important being that the method focuses on the smaller primes first—pulling them out of the composite preferentially.
And, for composites 2k^2 + (a-b)T very close in factoring difficulty to your target composite T, the method works approximately 67% of the time.
So it is a method that allows you to adjust depending on what factoring probability you can handle with your computational power.
# posted by James Harris @ 21:35 
