Thursday, January 31, 2008
JSH: Weird, but simple math
Sorry I get a bit maudlin and over the top when I realize that there was this simple thing that somehow escaped everyone including myself for so long and part of me reacts very badly.
A lot of today I was wondering to myself how could solutions for factors modulo N actually be of any value and it still seems weird but it's just a weird math answer.
There are two key equations for existence with what I call the factoring congruences:
2ax = k mod N
and
z = x + k
so you can substitute out k and figure out an existence equation for when 'a' exists, dependent on x and z, where, of course:
x^2 = y^2 mod N
and
z^2 = y^2 mod T.
And that just gives a probability if you assume that any particular quadratic residue—as it is about a quadratic residue—is going to happen with equal probability.
With N prime that probability is about 75% that you will get this answer, but it seems so counterintuitive.
But regardless of how weird it may feel if it works then this idea can be used to not only factor but to solve the factoring problem.
Take a series of primes. Get an answer for each singly and then in pairs, and compare. Easy. There is just a probability that it will work. For the math it's just some simple answers. For humanity, who knows?
I'll look it over more carefully tomorrow, but for now it looks like it's it. I'll call it just for caution's sake and maybe later I can say that it's wrong and can just laugh it off as just another mistake.
Such a stupid little answer if it's right. Kind of disappointing.
But with trivial algebra it's hard to find it wrong. I'd say that it's solid at this point.
Kind of sucks though. All the fun is in the chase.
A lot of today I was wondering to myself how could solutions for factors modulo N actually be of any value and it still seems weird but it's just a weird math answer.
There are two key equations for existence with what I call the factoring congruences:
2ax = k mod N
and
z = x + k
so you can substitute out k and figure out an existence equation for when 'a' exists, dependent on x and z, where, of course:
x^2 = y^2 mod N
and
z^2 = y^2 mod T.
And that just gives a probability if you assume that any particular quadratic residue—as it is about a quadratic residue—is going to happen with equal probability.
With N prime that probability is about 75% that you will get this answer, but it seems so counterintuitive.
But regardless of how weird it may feel if it works then this idea can be used to not only factor but to solve the factoring problem.
Take a series of primes. Get an answer for each singly and then in pairs, and compare. Easy. There is just a probability that it will work. For the math it's just some simple answers. For humanity, who knows?
I'll look it over more carefully tomorrow, but for now it looks like it's it. I'll call it just for caution's sake and maybe later I can say that it's wrong and can just laugh it off as just another mistake.
Such a stupid little answer if it's right. Kind of disappointing.
But with trivial algebra it's hard to find it wrong. I'd say that it's solid at this point.
Kind of sucks though. All the fun is in the chase.
JSH: Why don't you quit?
Your society is damaged. I found a solution to the factoring problem using trivial algebra. It's a probabilistic solution but the algebra is TRIVIAL.
Your supposedly brilliant group missed the solution, for weeks.
Even now, they'll just be in shock.
If you solve with TWO congruences:
x^2 = y^2 mod N
and
z^2 = y^2 mod T
where T is the target composite to be factored and N is an odd integer, then you can actually solve for f_1 and f_2 where f_1*f_2 = T, modulo N, with a probability for success when N is prime of 75%.
So you pick p_1 and p_2 in succession for N and get that calculation done, and then you can set N = p_1*p_2 and do it again, and there is 56.25% probability that you will have an intersection of solutions.
Trivial algebra that requires that you actually love mathematics to appreciate it.
The problem I face with current math society is that many of you are hanging on, and I see my job as pushing you out.
I want to convince you that you are not good enough to be a mathematician because most of you are not.
You are part of a group of fakes, who have played at being mathematicians because no one like me was on the planet.
And I want to clear you out.
I have proven Fermat's Last Theorem. I have settled the question of Goldbach's conjecture. I have proven the Twin Primes conjecture.
And I defined mathematical proof.
What is left for you?
Kissing the butts of people who can't make real accomplishments?
How many of you idolize Wiles? Or Ribet? Or Mazur?
Then you don't belong. Get out.
They are fakes.
Mathematics is the hardest discipline on the planet.
And most of you have no possibility of doing anything of value in it.
So leave.
Your supposedly brilliant group missed the solution, for weeks.
Even now, they'll just be in shock.
If you solve with TWO congruences:
x^2 = y^2 mod N
and
z^2 = y^2 mod T
where T is the target composite to be factored and N is an odd integer, then you can actually solve for f_1 and f_2 where f_1*f_2 = T, modulo N, with a probability for success when N is prime of 75%.
So you pick p_1 and p_2 in succession for N and get that calculation done, and then you can set N = p_1*p_2 and do it again, and there is 56.25% probability that you will have an intersection of solutions.
Trivial algebra that requires that you actually love mathematics to appreciate it.
The problem I face with current math society is that many of you are hanging on, and I see my job as pushing you out.
I want to convince you that you are not good enough to be a mathematician because most of you are not.
You are part of a group of fakes, who have played at being mathematicians because no one like me was on the planet.
And I want to clear you out.
I have proven Fermat's Last Theorem. I have settled the question of Goldbach's conjecture. I have proven the Twin Primes conjecture.
And I defined mathematical proof.
What is left for you?
Kissing the butts of people who can't make real accomplishments?
How many of you idolize Wiles? Or Ribet? Or Mazur?
Then you don't belong. Get out.
They are fakes.
Mathematics is the hardest discipline on the planet.
And most of you have no possibility of doing anything of value in it.
So leave.
JSH: When knowledge is hated
So what I did was just add one other congruence relationship to the traditional difference of squares:
x^2 = y^2 mod N
and
z^2 = y^2 mod T
where T is a composite to be factored coprime to N, and N is an odd integer.
The mathematics is trivially easy but many of you have decided that there is one particular answer so you are not open to other solutions.
The factoring congruences in their most general form that I discovered, where you have mod N, allow you to pick N as a prime and then pick it AGAIN as a composite that is the product of two of those primes and then compare.
The probability that you have factors of T captured is just more trivial algebra.
Or I'm wrong.
If I'm right and you roll the dice, then hey, I did my best. I talked about the result, and hey, I figured it out in steps as I'm just realizing myself today that there is this great way to finish it all!
And later if I'm right I can talk about a group of people who like to hurl accusations of insanity, who told the world that it was secure. Who try to convince other people about how smart they are while they bully people online.
I'll talk about people who say they are "pure" as an excuse.
I'll suggest that maybe these people do nothing of value, which is why they hurl insults and accusations of insanity as they try to prevent the world from realizing the theft.
And then I'll suggest that the world ask for its money back.
x^2 = y^2 mod N
and
z^2 = y^2 mod T
where T is a composite to be factored coprime to N, and N is an odd integer.
The mathematics is trivially easy but many of you have decided that there is one particular answer so you are not open to other solutions.
The factoring congruences in their most general form that I discovered, where you have mod N, allow you to pick N as a prime and then pick it AGAIN as a composite that is the product of two of those primes and then compare.
The probability that you have factors of T captured is just more trivial algebra.
Or I'm wrong.
If I'm right and you roll the dice, then hey, I did my best. I talked about the result, and hey, I figured it out in steps as I'm just realizing myself today that there is this great way to finish it all!
And later if I'm right I can talk about a group of people who like to hurl accusations of insanity, who told the world that it was secure. Who try to convince other people about how smart they are while they bully people online.
I'll talk about people who say they are "pure" as an excuse.
I'll suggest that maybe these people do nothing of value, which is why they hurl insults and accusations of insanity as they try to prevent the world from realizing the theft.
And then I'll suggest that the world ask for its money back.
Tuesday, January 29, 2008
New research, factors mod N
With z^2 = y^2 + mT, where T is the target composite to be factored, m is a non-zero integer of your choice, and N is an odd prime or composite of your choice, with a probability calculation shown below you may find the following to be true:
z = (2a)^{-1}(1 + 2a^2)k mod N
where 'a' is coprime to N, and
k^2 = (a^2+1)^{-1}(mT) mod N
(notice that you calculate k, by finding 'a' such that it exists and then you can get z)
and y can be calculated then from y^2 = z^2 - mT modulo N, and resolving the quadratic residue.
But as a special case if N = p^c, where c is a natural number, then y can be solved for directly: y = (2a)^{-1}k mod p
and the factors modulo N can be found directly, where with f_1*f_2=mT:
f_1 = ak mod N
and
f_2 = a^{-1}(a^2 + 1)k mod N
Otherwise your factors f_1 and f_2 where f_1*f_2 = mT, can be found from
f_1 = z-y mod N, and f_2 = z+y mod N.
Notice that allowing composites with N versus primes with p, changes things slightly.
If the total count of quadratic residues of N is c, then the probability is (1-(1-c/(N-1))^2)*(100%).
And there is no general congruence solution of y, unless N has only one prime factor.
Example:
Let m=1, T=119, N=15. I find that no 'a' will work, so that N gives no solutions.
Ok, so I'll try N=9, then a = 1 will work.
k^2 = (a^2+1)^{-1}(nT) mod p = (2)^{-1}(119) mod 9 = 1 mod 9
so k=1 mod 9 is an answer.
z = (2a)^{-1}(1 + 2a^2)k mod N = (2)^{-1}(3)(1) mod 9 = 6 mod 9.
Then y^2 = 36 - 119 mod 9 = 7, and y = 5 mod 9 is a solution.
Then f_1 = z - y mod N = 1 mod 9
and
f_2 = z + y mod N = 2 mod 9.
But I have something interesting here as I need to subtract 9, to get
f_1 = -8 mod 9 and f_2 = -7 mod 9
showing how negative solutions are a solution.
Notice you can also directly solve for f_1 mod 9 and f_2 mod 9, since the only prime factor is 3:
f_1 = ak mod N = 1 mod 9
and
f_2 = a^{-1}(1 + a^2)k mod N = (2)(1) mod 9
and subtracting 9 from each gives f_1 = -8 mod 9, and f_2=-7 mod 9, as before.
And notice that 7 is given directly as a factor, which had to happen
as I picked an N greater than the smallest prime factor of 119.
To derive the factoring congruences for yourself, just use two congruences where mathematicians traditionally (and wrongly) use only one:
x^2 = y^2 mod N
and
z^2 = y^2 mod T.
Then introduce k and 'a' with 2ax = k mod N, and note that you can then multiply through by k itself to get 2axk = k^2 mod N, and add that now to the first congruence to get
x^2 + 2axk = y^2 + k^2 mod N
and now, of course, you simply add a^2 k^2 to both sides and complete the square and simplify slightly to get
(x+ak)^2 = y^2 + (a^2 + 1)k^2 mod N
and set mT = (a^2 + 1)k^2 mod N, and let z = x+ak.
I'll leave it as an exercise to prove the existence of solutions to get the probability for finding instances where 'a' and k exist such that the congruences hold.
Oh yeah, the research is cutting edge, or as I like to say, bleeding edge, as there is nothing else out there in number theory that even comes close to allowing you to get f_1 mod N and f_2 mod N in general in a straightforward way—except of course factoring the target T first.
Nothing in the literature, at all.
The advancement to human knowledge is fairly huge.
Enjoy!!!
z = (2a)^{-1}(1 + 2a^2)k mod N
where 'a' is coprime to N, and
k^2 = (a^2+1)^{-1}(mT) mod N
(notice that you calculate k, by finding 'a' such that it exists and then you can get z)
and y can be calculated then from y^2 = z^2 - mT modulo N, and resolving the quadratic residue.
But as a special case if N = p^c, where c is a natural number, then y can be solved for directly: y = (2a)^{-1}k mod p
and the factors modulo N can be found directly, where with f_1*f_2=mT:
f_1 = ak mod N
and
f_2 = a^{-1}(a^2 + 1)k mod N
Otherwise your factors f_1 and f_2 where f_1*f_2 = mT, can be found from
f_1 = z-y mod N, and f_2 = z+y mod N.
Notice that allowing composites with N versus primes with p, changes things slightly.
If the total count of quadratic residues of N is c, then the probability is (1-(1-c/(N-1))^2)*(100%).
And there is no general congruence solution of y, unless N has only one prime factor.
Example:
Let m=1, T=119, N=15. I find that no 'a' will work, so that N gives no solutions.
Ok, so I'll try N=9, then a = 1 will work.
k^2 = (a^2+1)^{-1}(nT) mod p = (2)^{-1}(119) mod 9 = 1 mod 9
so k=1 mod 9 is an answer.
z = (2a)^{-1}(1 + 2a^2)k mod N = (2)^{-1}(3)(1) mod 9 = 6 mod 9.
Then y^2 = 36 - 119 mod 9 = 7, and y = 5 mod 9 is a solution.
Then f_1 = z - y mod N = 1 mod 9
and
f_2 = z + y mod N = 2 mod 9.
But I have something interesting here as I need to subtract 9, to get
f_1 = -8 mod 9 and f_2 = -7 mod 9
showing how negative solutions are a solution.
Notice you can also directly solve for f_1 mod 9 and f_2 mod 9, since the only prime factor is 3:
f_1 = ak mod N = 1 mod 9
and
f_2 = a^{-1}(1 + a^2)k mod N = (2)(1) mod 9
and subtracting 9 from each gives f_1 = -8 mod 9, and f_2=-7 mod 9, as before.
And notice that 7 is given directly as a factor, which had to happen
as I picked an N greater than the smallest prime factor of 119.
To derive the factoring congruences for yourself, just use two congruences where mathematicians traditionally (and wrongly) use only one:
x^2 = y^2 mod N
and
z^2 = y^2 mod T.
Then introduce k and 'a' with 2ax = k mod N, and note that you can then multiply through by k itself to get 2axk = k^2 mod N, and add that now to the first congruence to get
x^2 + 2axk = y^2 + k^2 mod N
and now, of course, you simply add a^2 k^2 to both sides and complete the square and simplify slightly to get
(x+ak)^2 = y^2 + (a^2 + 1)k^2 mod N
and set mT = (a^2 + 1)k^2 mod N, and let z = x+ak.
I'll leave it as an exercise to prove the existence of solutions to get the probability for finding instances where 'a' and k exist such that the congruences hold.
Oh yeah, the research is cutting edge, or as I like to say, bleeding edge, as there is nothing else out there in number theory that even comes close to allowing you to get f_1 mod N and f_2 mod N in general in a straightforward way—except of course factoring the target T first.
Nothing in the literature, at all.
The advancement to human knowledge is fairly huge.
Enjoy!!!
Monday, January 28, 2008
JSH: What's going on
Over five years ago I DID find a proof of Fermat's Last Theorem. That proof involved the introduction of a new techniques for analysis that I called non-polynomial factorization which showed an error in "core" mathematics, challenging the way that Galois Theory has been used for over a century.
Rather than accept mathematical results that shattered their view of mathematical reality, mathematicians as a group chose to stay with ideas proven to be false, and keep teaching them.
And even when I got a key paper introducing non-polynomial factorization published, the editors caved under pressure, yanked my paper, and the entire math journal later died.
The mathematical establishment had decided to no longer do valid mathematics, so that some people could hold on to their views of themselves and their "accomplishments".
Realizing that the problem was serious, I contemplated the best solutions and realized that if "top" mathematicians no longer cared about what was mathematically true then they could block just about ANY mathematical research simply by ignoring it or just saying it was false, even if they knew it was true.
I needed something that wouldn't depend on their opinion or say-so alone.
And that was the factoring problem.
Now the factoring problem IS solved but to my surprise these people are still playing the same waiting game, as if the tactics that worked before may continue to work now.
So I'm watching them, and talking about the research result and the mathematical proof.
Nations around the world following the lead of the US and Britain need to know these nations are completely at this point out of the realm of sanity.
It is not clear what they will do next, but of course, I do not have to remind that they do have nuclear weapons and powerful militaries.
Some of you may wonder how mathematics can be so important that the fate of civilization now hangs in the balance and we as a species may look back on this time as a golden period before the darkness.
But no technology we have today comes independent of mathematics. Our successes are wrapped up within mathematical truths that have given us the science, the technology, and the civilization.
The corruption of the field was a big enough issue that it has brought the world to the brink.
Sane nations need to go on alert. It is not clear to me what happens next, but I'm looking at people who are not looking at reality, so it's not clear what they will do next.
As near as I can tell RSA encryption is not viable, and there may be widening exploits around the world (consider alternate explanations for the billions recently lost by the "rogue trader" in France).
I am hopeful that intelligence services in Britain and the US will act if necessary, but that is the worst case scenario.
We are running out of time.
Rather than accept mathematical results that shattered their view of mathematical reality, mathematicians as a group chose to stay with ideas proven to be false, and keep teaching them.
And even when I got a key paper introducing non-polynomial factorization published, the editors caved under pressure, yanked my paper, and the entire math journal later died.
The mathematical establishment had decided to no longer do valid mathematics, so that some people could hold on to their views of themselves and their "accomplishments".
Realizing that the problem was serious, I contemplated the best solutions and realized that if "top" mathematicians no longer cared about what was mathematically true then they could block just about ANY mathematical research simply by ignoring it or just saying it was false, even if they knew it was true.
I needed something that wouldn't depend on their opinion or say-so alone.
And that was the factoring problem.
Now the factoring problem IS solved but to my surprise these people are still playing the same waiting game, as if the tactics that worked before may continue to work now.
So I'm watching them, and talking about the research result and the mathematical proof.
Nations around the world following the lead of the US and Britain need to know these nations are completely at this point out of the realm of sanity.
It is not clear what they will do next, but of course, I do not have to remind that they do have nuclear weapons and powerful militaries.
Some of you may wonder how mathematics can be so important that the fate of civilization now hangs in the balance and we as a species may look back on this time as a golden period before the darkness.
But no technology we have today comes independent of mathematics. Our successes are wrapped up within mathematical truths that have given us the science, the technology, and the civilization.
The corruption of the field was a big enough issue that it has brought the world to the brink.
Sane nations need to go on alert. It is not clear to me what happens next, but I'm looking at people who are not looking at reality, so it's not clear what they will do next.
As near as I can tell RSA encryption is not viable, and there may be widening exploits around the world (consider alternate explanations for the billions recently lost by the "rogue trader" in France).
I am hopeful that intelligence services in Britain and the US will act if necessary, but that is the worst case scenario.
We are running out of time.
Saturday, January 26, 2008
JSH: Generalizing to factors mod N
The recent research I've discussed with much frequency recently can be further generalized, so that you can calculate factors modulo N, where N can be a prime number or a composite. I will make one variable change from previous expositions going from 'n' to 'm' since I'm now using capital 'N' instead of 'p':
With z^2 = y^2 + mT, where T is the target composite to be factored, m is a non-zero integer of your choice, and N is a prime or composite of your choice, you may find the following to be true:
z = (2a)^{-1}(1 + 2a^2)k mod N
where
k^2 = (a^2+1)^{-1}(mT) mod N
and y can be calculated then from y^2 = z^2 - mT modulo N, and resolving the quadratic residue.
Then your factors f_1 and f_2 where f_1*f_2 = mT, can be found from
f_1 = z-y mod N, and f_2 = z+y mod N.
Notice that allowing composites with N versus primes with p, changes things slightly, in that you don't get a probability for success (at least not an easy one to calculate so I've left that for further research), and no congruence solution of y.
To get the more generalized relations you just loop through the derivation for the factors mod p, and substitute out 'N' for 'p' in all cases where N being prime is not part of the derivation.
It is my hope that moving from primes will help some of you to see the value of this research! Oddly enough my use of primes may have been very problematic as many of you are clearly very thoroughly trained that mod p is a trivial area, while conversely you should be just as well trained to think that mod N is a big deal.
When the irony is that with a proper approach to the factoring problem—relying on its two legs versus using just one—they are hardly different at all.
With z^2 = y^2 + mT, where T is the target composite to be factored, m is a non-zero integer of your choice, and N is a prime or composite of your choice, you may find the following to be true:
z = (2a)^{-1}(1 + 2a^2)k mod N
where
k^2 = (a^2+1)^{-1}(mT) mod N
and y can be calculated then from y^2 = z^2 - mT modulo N, and resolving the quadratic residue.
Then your factors f_1 and f_2 where f_1*f_2 = mT, can be found from
f_1 = z-y mod N, and f_2 = z+y mod N.
Notice that allowing composites with N versus primes with p, changes things slightly, in that you don't get a probability for success (at least not an easy one to calculate so I've left that for further research), and no congruence solution of y.
To get the more generalized relations you just loop through the derivation for the factors mod p, and substitute out 'N' for 'p' in all cases where N being prime is not part of the derivation.
It is my hope that moving from primes will help some of you to see the value of this research! Oddly enough my use of primes may have been very problematic as many of you are clearly very thoroughly trained that mod p is a trivial area, while conversely you should be just as well trained to think that mod N is a big deal.
When the irony is that with a proper approach to the factoring problem—relying on its two legs versus using just one—they are hardly different at all.
JSH: A solution to the factoring problem
I've discovered some remarkably simple congruences that give f_1 mod p and f_2 mod p, 75% of the time, when f_1*f_2 = nT, where T is a composite you wish to factor, p is a prime of your choice and n is a non-zero integer of your choice:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p
I've been challenged to come up with a practical factoring algorithm, based on them as there is no doubt about correctness and show that it is an advance on current factoring methods.
While I think there are multiple ways to use those congruences practically for factoring, I've settled on a simple approach relying on what is called the Chinese Remainder theorem, where if you get solutions for a succession of primes, p_1, p_2, p_2,..., p_m, where m has as an upper bound m such that T/m! < 0, you can use it to get exact values for f_1 and f_2.
There are two steps in an algorithm that relies on the Chinese Remainder theorem where the first step is making certain you have f_1 mod p and f_2 mod p, for your target composite, which involves first solving for them with n=1, and then solving for them again with n=2, and checking to see if you get the same values by using
g_1 = 2^{-1} f_1 mod p, or g_2 = 2^{-1} f_2 mod p
as of course 2 being a prime can attach itself to only one factor, or you can do that with any other prime you might choose. If two tries doesn't get you the answer then you can try 3 or 4 different n's, or even 5, just to be sure where you get a lot of leeway as you will need so few primes for even a very large number.
(My understanding at this time is that under 200 primes would be enough for even the largest currently available RSA public key.)
The final step then is figuring out which factor you have as you MUST have f_1 and f_2 be the same down the line with each prime.
To accomplish that task there is a simple procedure to follow:
If f_1 = r_1 mod p_first, and f_2 = r_2 mod p_first, while
f_1 = r_1' mod p_second, and f_2 = r_2' mod p_second
then you can just multiply
f_1 - r_1 = 0 mod p_first times f_2 - r_2' = 0 mod p_second
to get
T - f_2*r_1 - f_1*r_2' = 0 mod p_first*p_second
where you assume you have them in the right order, and you can now solve for
f_1, to get
f_1 = (T - f_2*r_1)r_2'^{-1} mod p_first*p_second.
f_1 = (T - f_2*r_1)r_2'^{-1} mod p_first*p_second
which is
f_1 = (T - f_2*r_1)r_2'^{-1} mod p_second
And now, since f_1*f_2 = T, you can just substitute out f_1, and get
(T - f_2*r_1)r_2'^{-1} f_2 = T mod p_second
so
r_1*r_2'^{-1} f_2^2 - T*f_2 - T = 0 mod p_second
which is
f_2^2 - T*r_1^{-1}*r_2*f_2 - r_1^{-1}*r_2*T = 0 mod p_second
where you now complete the square, which will allow you to solve for f_2 mod p_second when you resolve a quadratic residue.
If that residue is NOT resolvable then you know that f_1 with p_first is actually f_2 with p_second, but if it is resolvable and you solve for f_2 and get the same answer as you had before, then you know your ordering is correct.
And you just do that down the line, so that you have f_1 as the same number and f_2 as the same number and then you use the Chinese Remainder theorem, and you will have f_1 and f_2, exactly.
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p
I've been challenged to come up with a practical factoring algorithm, based on them as there is no doubt about correctness and show that it is an advance on current factoring methods.
While I think there are multiple ways to use those congruences practically for factoring, I've settled on a simple approach relying on what is called the Chinese Remainder theorem, where if you get solutions for a succession of primes, p_1, p_2, p_2,..., p_m, where m has as an upper bound m such that T/m! < 0, you can use it to get exact values for f_1 and f_2.
There are two steps in an algorithm that relies on the Chinese Remainder theorem where the first step is making certain you have f_1 mod p and f_2 mod p, for your target composite, which involves first solving for them with n=1, and then solving for them again with n=2, and checking to see if you get the same values by using
g_1 = 2^{-1} f_1 mod p, or g_2 = 2^{-1} f_2 mod p
as of course 2 being a prime can attach itself to only one factor, or you can do that with any other prime you might choose. If two tries doesn't get you the answer then you can try 3 or 4 different n's, or even 5, just to be sure where you get a lot of leeway as you will need so few primes for even a very large number.
(My understanding at this time is that under 200 primes would be enough for even the largest currently available RSA public key.)
The final step then is figuring out which factor you have as you MUST have f_1 and f_2 be the same down the line with each prime.
To accomplish that task there is a simple procedure to follow:
If f_1 = r_1 mod p_first, and f_2 = r_2 mod p_first, while
f_1 = r_1' mod p_second, and f_2 = r_2' mod p_second
then you can just multiply
f_1 - r_1 = 0 mod p_first times f_2 - r_2' = 0 mod p_second
to get
T - f_2*r_1 - f_1*r_2' = 0 mod p_first*p_second
where you assume you have them in the right order, and you can now solve for
f_1, to get
f_1 = (T - f_2*r_1)r_2'^{-1} mod p_first*p_second.
f_1 = (T - f_2*r_1)r_2'^{-1} mod p_first*p_second
which is
f_1 = (T - f_2*r_1)r_2'^{-1} mod p_second
And now, since f_1*f_2 = T, you can just substitute out f_1, and get
(T - f_2*r_1)r_2'^{-1} f_2 = T mod p_second
so
r_1*r_2'^{-1} f_2^2 - T*f_2 - T = 0 mod p_second
which is
f_2^2 - T*r_1^{-1}*r_2*f_2 - r_1^{-1}*r_2*T = 0 mod p_second
where you now complete the square, which will allow you to solve for f_2 mod p_second when you resolve a quadratic residue.
If that residue is NOT resolvable then you know that f_1 with p_first is actually f_2 with p_second, but if it is resolvable and you solve for f_2 and get the same answer as you had before, then you know your ordering is correct.
And you just do that down the line, so that you have f_1 as the same number and f_2 as the same number and then you use the Chinese Remainder theorem, and you will have f_1 and f_2, exactly.
Friday, January 25, 2008
More explanation on factoring congruences
I realized that maybe I might help things by explaining more in detail what the factoring congruences mean and what some of my statements in presenting them means, so this post is for that and it shouldn't be too long.
For reference, for a composite T that you want to factor, so you want f_1 and f_2 where f_1*f_2 = T, 75% of the time (and I'll explain that below) for a prime p of your choice you can find f_1 mod p and f_2 mod p with the following relations:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(T) mod p.
So you have relations for f_1 mod p and f_2 mod p, but you have these two other variables which are 'a' and k, where you want ANY integer that will work such that
(a^2+1)^{-1}(T) is a residue modulo p.
For instance, with p=17, and T = 15 mod 17, you'd have
k^2 = (a^2+1)^{-1}(15) mod 17
and an 'a' that fits is a=1. As, then k^2 = 2^{-1} (15) mod 17 = 9(15) mod 17, which is a quadratic residue as it's 16 mod 17, so k=4 mod 17 will work!
It turns out that only 3 a's will work: 1, 5 and 7
So the a's are ANY integers that will fit so that you get a k, as, for instance, if you try an 'a' that gives you k^2 = 3 mod 17, you know that isn't a valid one as 3 is not a quadratic residue modulo 17, so there is no integer answer for k.
Now if you try to factor 15 with these congruences I think are so great, you get a surprise! None of them will factor it non-trivially.
That goes back to that 75% of the time they will work.
To get a bigger picture consider 15 + 17(5), which is 100. It has 5 combinations of factors:
2(50), 4(25), 5(20), 10(10), and 100(1)
where notice the trivial factorization gets one count.
But you have only three values for the a's, and they will give you residues modulo 17 for the following factors for 100:
2(50), 4(25), and 100(1)
Notice though that with 2(50), f_1 = 2, means that f_1 = -15 mod 17, and f_2 = 50, gives you f_2 = -1 mod 17.
So those are the answers for (-15)(-1), and if you go to 100, f_1 = 100, you have
100 = 15 mod 17, so f_2 = 1, so it's 1 mod 17.
So those are duplicates, and one of the a's is not represented.
There are 5 possible combinations that you can have for 15 + 17c modulo 17, but the factoring congruences will give you only 3.
So they will give you 3 out of the 5 which is 60%, under the maximum of 75%, but that's a probability for you, not all cases will give it exactly.
If you're curious, try out that result!
For 15 + 17c, for ANY integer c, you will find that when factored there are only 5 combinations of factors modulo 17 that you can get along with their negations.
They are: {4,8}, {6,11}, {4,2} given by the factoring congruences and {5,3} and {10,10} not given by them.
The negations then are: {-13, -9}, {-11, -6}. {-13. -15}. and {-12. -14} and {-7, -7}.
So to rec-cap the factoring congruences will give you residues modulo T for the factors of a composite T, but they can miss some combinations as they work on average 75% of the time, where for my example with composites of the form 15 + 17c, modulo 17, I found they only work for 60% of the cases, as the probability means you can find cases above or below that 75%.
But notice they do work.
Factoring with them practically is another subject, which I've addressed in other posts.
For reference, for a composite T that you want to factor, so you want f_1 and f_2 where f_1*f_2 = T, 75% of the time (and I'll explain that below) for a prime p of your choice you can find f_1 mod p and f_2 mod p with the following relations:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(T) mod p.
So you have relations for f_1 mod p and f_2 mod p, but you have these two other variables which are 'a' and k, where you want ANY integer that will work such that
(a^2+1)^{-1}(T) is a residue modulo p.
For instance, with p=17, and T = 15 mod 17, you'd have
k^2 = (a^2+1)^{-1}(15) mod 17
and an 'a' that fits is a=1. As, then k^2 = 2^{-1} (15) mod 17 = 9(15) mod 17, which is a quadratic residue as it's 16 mod 17, so k=4 mod 17 will work!
It turns out that only 3 a's will work: 1, 5 and 7
So the a's are ANY integers that will fit so that you get a k, as, for instance, if you try an 'a' that gives you k^2 = 3 mod 17, you know that isn't a valid one as 3 is not a quadratic residue modulo 17, so there is no integer answer for k.
Now if you try to factor 15 with these congruences I think are so great, you get a surprise! None of them will factor it non-trivially.
That goes back to that 75% of the time they will work.
To get a bigger picture consider 15 + 17(5), which is 100. It has 5 combinations of factors:
2(50), 4(25), 5(20), 10(10), and 100(1)
where notice the trivial factorization gets one count.
But you have only three values for the a's, and they will give you residues modulo 17 for the following factors for 100:
2(50), 4(25), and 100(1)
Notice though that with 2(50), f_1 = 2, means that f_1 = -15 mod 17, and f_2 = 50, gives you f_2 = -1 mod 17.
So those are the answers for (-15)(-1), and if you go to 100, f_1 = 100, you have
100 = 15 mod 17, so f_2 = 1, so it's 1 mod 17.
So those are duplicates, and one of the a's is not represented.
There are 5 possible combinations that you can have for 15 + 17c modulo 17, but the factoring congruences will give you only 3.
So they will give you 3 out of the 5 which is 60%, under the maximum of 75%, but that's a probability for you, not all cases will give it exactly.
If you're curious, try out that result!
For 15 + 17c, for ANY integer c, you will find that when factored there are only 5 combinations of factors modulo 17 that you can get along with their negations.
They are: {4,8}, {6,11}, {4,2} given by the factoring congruences and {5,3} and {10,10} not given by them.
The negations then are: {-13, -9}, {-11, -6}. {-13. -15}. and {-12. -14} and {-7, -7}.
So to rec-cap the factoring congruences will give you residues modulo T for the factors of a composite T, but they can miss some combinations as they work on average 75% of the time, where for my example with composites of the form 15 + 17c, modulo 17, I found they only work for 60% of the cases, as the probability means you can find cases above or below that 75%.
But notice they do work.
Factoring with them practically is another subject, which I've addressed in other posts.
JSH: Simplest explanation
One thing I keep coming back to is the reaction, or lack of appropriate reaction, from the bulk of the mathematical community to my discoveries, and the great but unfortunate thing about the factoring problem is that you can see just how bad it is, as well as how stupid.
Like, how could these people think they could get away with just ignoring powerful new factoring relations?
How?
The simplest explanation is that they got away with so much before, like having a flawed argument cheered as a proof of Fermat's Last Theorem (and a fairly obviously flawed one at that) and with blocking acceptance of an actual proof of Fermat's Last Theorem that they are just going for broke with the same strategy.
The difference now though is that any of you who can re-derive those simple factoring congruences know that those people must be fakes and frauds.
And it's not really all that amazing.
We had Enron, and we have the war in Iraq.
Over and over again you get situations where one group of people get played for fools by another group, which can still maintain itself even AFTER it has been outed, like how the Bush administration now does.
But being willfully wrong does not give you real mathematical knowledge, and it does not give you a basis for real satisfaction with the effort you put into learning various mathematical topics where frauds have given a lot of false information.
And why do they do it?
Why would Bush lead a nation to war when objective reporting today says he and his people made over 900 false statements in the lead up?
Didn't they expect to get caught? Didn't they care?
I turned to the factoring problem because with my previous mathematical research math people could just ignore it without fear.
Those factoring congruences are all about creating a situation where they cannot just ignore a major mathematical result.
And the wonder of the situation now is that they are trying to ignore it anyway.
Which shows at the end that they really knew nothing really about mathematics at all.
I guess people like that think it's all just a show, all just junk to be used for selfish ends as if the math would never come and get them, as if there were nothing noble enough about it to stop them, as if the truth were too weak to ultimately win.
They act as if there is no value in this life: no real truth, and no real beauty.
Like, how could these people think they could get away with just ignoring powerful new factoring relations?
How?
The simplest explanation is that they got away with so much before, like having a flawed argument cheered as a proof of Fermat's Last Theorem (and a fairly obviously flawed one at that) and with blocking acceptance of an actual proof of Fermat's Last Theorem that they are just going for broke with the same strategy.
The difference now though is that any of you who can re-derive those simple factoring congruences know that those people must be fakes and frauds.
And it's not really all that amazing.
We had Enron, and we have the war in Iraq.
Over and over again you get situations where one group of people get played for fools by another group, which can still maintain itself even AFTER it has been outed, like how the Bush administration now does.
But being willfully wrong does not give you real mathematical knowledge, and it does not give you a basis for real satisfaction with the effort you put into learning various mathematical topics where frauds have given a lot of false information.
And why do they do it?
Why would Bush lead a nation to war when objective reporting today says he and his people made over 900 false statements in the lead up?
Didn't they expect to get caught? Didn't they care?
I turned to the factoring problem because with my previous mathematical research math people could just ignore it without fear.
Those factoring congruences are all about creating a situation where they cannot just ignore a major mathematical result.
And the wonder of the situation now is that they are trying to ignore it anyway.
Which shows at the end that they really knew nothing really about mathematics at all.
I guess people like that think it's all just a show, all just junk to be used for selfish ends as if the math would never come and get them, as if there were nothing noble enough about it to stop them, as if the truth were too weak to ultimately win.
They act as if there is no value in this life: no real truth, and no real beauty.
Solving the factoring problem
Previously I've noted the easy derivation of some remarkably simple congruences that give f_1 mod p and f_2 mod p, 75% of the time, when f_1*f_2 = nT, where T is a composite you wish to factor, p is a prime of your choice and n is a non-zero integer of your choice:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p
I've been challenged to come up with a practical factoring algorithm, based on them as there is no doubt about correctness and show that it is an advance on current factoring methods.
While I think there are multiple ways to use those congruences practically for factoring, I've settled on a simple approach relying on what is called the Chinese Remainder theorem, where if you get solutions for a succession of primes, p_1, p_2, p_2,…, p_m, where m has as an upper bound m such that T/m! < 0, you can use it to get exact values for f_1 and f_2.
There are two steps in an algorithm that relies on the Chinese Remainder theorem where the first step is making certain you have f_1 mod p and f_2 mod p, for your target composite, which involves first solving for them with n=1, and then solving for them again with n=2, and checking to see if you get the same values by using
g_1 = 2^{-1} f_1 mod p, or g_2 = 2^{-1} f_2 mod p
as of course 2 being a prime can attach itself to only one factor, or you can do that with any other prime you might choose. If two tries doesn't get you the answer then you can try 3 or 4 different n's, or even 5, just to be sure where you get a lot of leeway as you will need so few primes for even a very large number.
(My understanding at this time is that under 200 primes would be enough for even the largest currently available RSA public key.)
The final step then is figuring out which factor you have as you MUST have f_1 and f_2 be the same down the line with each prime.
To accomplish that task there is a simple procedure to follow:
If f_1 = r_1 mod p_first, and f_2 = r_2 mod p_first, while
f_1 = r_1' mod p_second, and f_2 = r_2' mod p_second
then you can just multiply
f_1 - r_1 = 0 mod p_first times f_2 - r_2' = 0 mod p_second
to get
T - f_2*r_1 - f_1*r_2' = 0 mod p_first*p_second
where you assume you have them in the right order, and you can now solve for
f_1, to get
f_1 = (T - f_2*r_1)r_2'^{-1} mod p_first*p_second.
f_1 = (T - f_2*r_1)r_2'^{-1} mod p_first*p_second
which is
f_1 = (T - f_2*r_1)r_2'^{-1} mod p_second
And now, since f_1*f_2 = T, you can just substitute out f_1, and get
(T - f_2*r_1)r_2'^{-1} f_2 = T mod p_second
so
r_1*r_2'^{-1} f_2^2 - T*f_2 - T = 0 mod p_second
which is
f_2^2 - T*r_1^{-1}*r_2*f_2 - r_1^{-1}*r_2*T = 0 mod p_second
where you now complete the square, which will allow you to solve for f_2 mod p_second when you resolve a quadratic residue.
If that residue is NOT resolvable then you know that f_1 with p_first is actually f_2 with p_second, but if it is resolvable and you solve for f_2 and get the same answer as you had before, then you know your ordering is correct.
And you just do that down the line, so that you have f_1 as the same number and f_2 as the same number and then you use the Chinese Remainder theorem, and you will have f_1 and f_2, exactly.
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p
I've been challenged to come up with a practical factoring algorithm, based on them as there is no doubt about correctness and show that it is an advance on current factoring methods.
While I think there are multiple ways to use those congruences practically for factoring, I've settled on a simple approach relying on what is called the Chinese Remainder theorem, where if you get solutions for a succession of primes, p_1, p_2, p_2,…, p_m, where m has as an upper bound m such that T/m! < 0, you can use it to get exact values for f_1 and f_2.
There are two steps in an algorithm that relies on the Chinese Remainder theorem where the first step is making certain you have f_1 mod p and f_2 mod p, for your target composite, which involves first solving for them with n=1, and then solving for them again with n=2, and checking to see if you get the same values by using
g_1 = 2^{-1} f_1 mod p, or g_2 = 2^{-1} f_2 mod p
as of course 2 being a prime can attach itself to only one factor, or you can do that with any other prime you might choose. If two tries doesn't get you the answer then you can try 3 or 4 different n's, or even 5, just to be sure where you get a lot of leeway as you will need so few primes for even a very large number.
(My understanding at this time is that under 200 primes would be enough for even the largest currently available RSA public key.)
The final step then is figuring out which factor you have as you MUST have f_1 and f_2 be the same down the line with each prime.
To accomplish that task there is a simple procedure to follow:
If f_1 = r_1 mod p_first, and f_2 = r_2 mod p_first, while
f_1 = r_1' mod p_second, and f_2 = r_2' mod p_second
then you can just multiply
f_1 - r_1 = 0 mod p_first times f_2 - r_2' = 0 mod p_second
to get
T - f_2*r_1 - f_1*r_2' = 0 mod p_first*p_second
where you assume you have them in the right order, and you can now solve for
f_1, to get
f_1 = (T - f_2*r_1)r_2'^{-1} mod p_first*p_second.
f_1 = (T - f_2*r_1)r_2'^{-1} mod p_first*p_second
which is
f_1 = (T - f_2*r_1)r_2'^{-1} mod p_second
And now, since f_1*f_2 = T, you can just substitute out f_1, and get
(T - f_2*r_1)r_2'^{-1} f_2 = T mod p_second
so
r_1*r_2'^{-1} f_2^2 - T*f_2 - T = 0 mod p_second
which is
f_2^2 - T*r_1^{-1}*r_2*f_2 - r_1^{-1}*r_2*T = 0 mod p_second
where you now complete the square, which will allow you to solve for f_2 mod p_second when you resolve a quadratic residue.
If that residue is NOT resolvable then you know that f_1 with p_first is actually f_2 with p_second, but if it is resolvable and you solve for f_2 and get the same answer as you had before, then you know your ordering is correct.
And you just do that down the line, so that you have f_1 as the same number and f_2 as the same number and then you use the Chinese Remainder theorem, and you will have f_1 and f_2, exactly.
Wednesday, January 23, 2008
JSH: Brilliant little approach
I'm waiting to see if I'm validated by others recognizing value in this research approach, like by acceptance by the math journal which has the paper, or for de-validation, by someone being able to find something actually wrong with it, which is why I keep checking math newsgroups.
But there is no doubt about it being a brilliant little approach.
What I did was to just add one more congruence to the traditional difference of squares so that instead of just having x^2 = y^2 mod T, where T is the target composite (mathematicians often use "N"), I use two congruences:
x^2 = y^2 mod p
and
z^2 = y^2 mod T.
And I find I get these nifty little relations that give f_1 mod p and f_2 mod p, where f_1*f_2 = nT.
If modern mathematicians were an ounce of what they present themselves as then such a simple but remarkably powerful approach would get an objective consideration, or if it's not new, someone could cite a source where that approach has been done:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p
and T is the target composite with integer factors f_1 and f_2, such that
f_1*f_2 = nT, and with any prime p, those relations will be true 75% of the
time.
That's just mathematics. Those equations don't have opinions. They don't have feelings. And they don't give a damn what you think.
They have always existed and will always exist long after you are quite dead, and forgotten.
Whether they have value or not in this small space on some little planet full of people who can say one thing and be another is a different issue all about how small many of you actually are, despite your desire to be THOUGHT of as great.
While I would rather be great.
But there is no doubt about it being a brilliant little approach.
What I did was to just add one more congruence to the traditional difference of squares so that instead of just having x^2 = y^2 mod T, where T is the target composite (mathematicians often use "N"), I use two congruences:
x^2 = y^2 mod p
and
z^2 = y^2 mod T.
And I find I get these nifty little relations that give f_1 mod p and f_2 mod p, where f_1*f_2 = nT.
If modern mathematicians were an ounce of what they present themselves as then such a simple but remarkably powerful approach would get an objective consideration, or if it's not new, someone could cite a source where that approach has been done:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p
and T is the target composite with integer factors f_1 and f_2, such that
f_1*f_2 = nT, and with any prime p, those relations will be true 75% of the
time.
That's just mathematics. Those equations don't have opinions. They don't have feelings. And they don't give a damn what you think.
They have always existed and will always exist long after you are quite dead, and forgotten.
Whether they have value or not in this small space on some little planet full of people who can say one thing and be another is a different issue all about how small many of you actually are, despite your desire to be THOUGHT of as great.
While I would rather be great.
JSH: Same old drill
The way it works with the mathematical community on Usenet is I come up with a mathematical argument and I stress mathematical proof and getting to the real issues and figuring out what's happening.
Some people come back in reply and call me names.
Others assert that I'm stupid, or an idiot, or crazy and that I don't know anything but trivial math.
Some others reply claiming to care about what is true, but always muddying the waters versus actually clearing things up.
And some actually directly lie about details and I can even at times show exactly where they lie but the group as a whole just ignores them.
THAT is the modern mathematical community on Usenet.
Some people come back in reply and call me names.
Others assert that I'm stupid, or an idiot, or crazy and that I don't know anything but trivial math.
Some others reply claiming to care about what is true, but always muddying the waters versus actually clearing things up.
And some actually directly lie about details and I can even at times show exactly where they lie but the group as a whole just ignores them.
THAT is the modern mathematical community on Usenet.
Tuesday, January 22, 2008
JSH: Factoring problem solution, simple explanation
The problem with having a math field that doesn't do its job is that things that should be easy are harder because people in that field, well, seem kind of out of it, especially when you consider the importance of the factoring problem, and as reality does a nice gut check for some of you as you see stock markets around the world swoon to give you some sense of what is at stake.
What I found is a very easy algebraic solution to what is called the factoring problem:
Given a target composite T and integer factors f_1 and f_2, such that f_1*f_2 = nT, and any prime p, the following will be true 75% of the time:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p.
That last equation defines the key variable k, used above, by another variable 'a', where ANY VALUE for it is correct as long as k exists.
That may sound tricky but k^2 means you must have what is called a quadratic residue modulo p on the right side i.e. (a^2+1)^{-1}(nT).
For instance, 4 is a quadratic residue modulo 7 because 2*2 = 4 modulo 7. But so is 2, because
3*3 = 2 mod 7
That is 3*3 = 9 - 7 = 2, so 2 is a quadratic residue modulo 7, but 3 is not because no two residues of 7 can multiply to give 3, and you have an easy finite set as the residues of 7, are just 1, 2, 3, 4, 5, and 6, while 0 is not typically considered a residue. Think of it as there being nothing left with 0, so no residue.
Now the equations I've given count the number of factorizations for nT to give the count of a's that will work to give you a k, where you get either the total number of combinations or twice that number, and of that count 75% of them will give you a factorization of nT, while that may be a trivial factorization.
A trivial factorization is like 15 = 15(1). While the non-trivial factorization is 15 = 3(5).
Of the count of a's you will have either one or two cases for EACH unique factorization.
Those equations solve the factoring problem by giving you multiple ways to factor a given target T, where you can, for instance, let n=1, and then use a lot of small primes p_1, p_2, p_2,..., p_j and something called the Chinese Remainder theorem to solve for the factors, where the size of j is less than m where T/m! < 1.
Or you can change n, to give a lot of combinations of factors, and choose a prime p>sqrt(T).
Either of those approaches could be optimized to be very fast.
If this research is correct, it could mean that an RSA public key could be factored using algorithms based on these equations FASTER than it can be generated and implemented, regardless of its size.
The algebraic derivation of the relations is very, very, very easy, so there is no doubt about their correctness and no doubt about the value of the research. However, there is now serious doubt about the vitality of the mathematical discipline itself as mathematicians seem content for now to not let the world in on the massive discovery.
Though maybe the financial markets figured it out…
What I found is a very easy algebraic solution to what is called the factoring problem:
Given a target composite T and integer factors f_1 and f_2, such that f_1*f_2 = nT, and any prime p, the following will be true 75% of the time:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p.
That last equation defines the key variable k, used above, by another variable 'a', where ANY VALUE for it is correct as long as k exists.
That may sound tricky but k^2 means you must have what is called a quadratic residue modulo p on the right side i.e. (a^2+1)^{-1}(nT).
For instance, 4 is a quadratic residue modulo 7 because 2*2 = 4 modulo 7. But so is 2, because
3*3 = 2 mod 7
That is 3*3 = 9 - 7 = 2, so 2 is a quadratic residue modulo 7, but 3 is not because no two residues of 7 can multiply to give 3, and you have an easy finite set as the residues of 7, are just 1, 2, 3, 4, 5, and 6, while 0 is not typically considered a residue. Think of it as there being nothing left with 0, so no residue.
Now the equations I've given count the number of factorizations for nT to give the count of a's that will work to give you a k, where you get either the total number of combinations or twice that number, and of that count 75% of them will give you a factorization of nT, while that may be a trivial factorization.
A trivial factorization is like 15 = 15(1). While the non-trivial factorization is 15 = 3(5).
Of the count of a's you will have either one or two cases for EACH unique factorization.
Those equations solve the factoring problem by giving you multiple ways to factor a given target T, where you can, for instance, let n=1, and then use a lot of small primes p_1, p_2, p_2,..., p_j and something called the Chinese Remainder theorem to solve for the factors, where the size of j is less than m where T/m! < 1.
Or you can change n, to give a lot of combinations of factors, and choose a prime p>sqrt(T).
Either of those approaches could be optimized to be very fast.
If this research is correct, it could mean that an RSA public key could be factored using algorithms based on these equations FASTER than it can be generated and implemented, regardless of its size.
The algebraic derivation of the relations is very, very, very easy, so there is no doubt about their correctness and no doubt about the value of the research. However, there is now serious doubt about the vitality of the mathematical discipline itself as mathematicians seem content for now to not let the world in on the massive discovery.
Though maybe the financial markets figured it out…
JSH: The real story
I AM a major mathematical discoverer. And it is not hard at all for me to prove that fact.
The problem now is that proving it requires that maybe there's going to be some serious financial pain for some innocent people.
For too long "top" mathematicians in the field have possibly relied on my reticence in letting innocents hurt to feel secure that I would not act to end their charade.
But they failed to consider that instead there might be a shift of the financial system to push the brunt of the hit upon only one or two countries so that the world economy itself could survive the hit.
That shift is now complete.
We are in the final countdown. Financial players around the world are given their final warning here.
This time it's not a drill. My hope is that government leaders in the most affected countries will turn to reason instead of madness, but if they do not, there is no turning back.
I have released the ball. It's now out of my hands, so I can't stop what comes next, even if I wanted.
The problem now is that proving it requires that maybe there's going to be some serious financial pain for some innocent people.
For too long "top" mathematicians in the field have possibly relied on my reticence in letting innocents hurt to feel secure that I would not act to end their charade.
But they failed to consider that instead there might be a shift of the financial system to push the brunt of the hit upon only one or two countries so that the world economy itself could survive the hit.
That shift is now complete.
We are in the final countdown. Financial players around the world are given their final warning here.
This time it's not a drill. My hope is that government leaders in the most affected countries will turn to reason instead of madness, but if they do not, there is no turning back.
I have released the ball. It's now out of my hands, so I can't stop what comes next, even if I wanted.
Monday, January 21, 2008
JSH: What are you people?
Can someone explain to me how nothing matters at all with you people?
One of the simplest algebraic proofs in mathematical history solves the factoring problem, and you have independent validation from someone other than me, but still some of you misinterpret the results and insult me, while the rest of you are quiet, as always.
I wondered for a while if some alien species had taken over the planet and sought to end the future of the human race by keeping it from getting its math right, but I've recently concluded that many of you just have no clue what mathematics is.
To you it's a style, and agreement, and lots of results from the "smart people" as determined by some vague rules who tell you what to think.
And God help anyone you don't like, as you'll reject anything they discover, which is like diamond merchants looking the prospector up and down and rejecting a HUGE major diamond because they don't like the guy.
The only conclusion available is that most of you do not do any real mathematics.
You're playing pretend. And I've come to that conclusion repeatedly as I've confronted you through the years and considered your stranglehold on the current mathematical field.
The mathematical field has been taken over by actors pretending to be mathematicians.
That is the only conclusion available at this point. I am sure there are some people out there doing real mathematics, and I feel sorry for them, because the field is clearly dominated by the bulk of you who are not. And you are some vicious, nasty people who think that telling a person they're insane is just a normal way to do business.
You are quite capable of being very vicious to get what you want. So you dominate the poor people who actually do real mathematics who are the sad minority among you.
Insults are what you do because that is who you are. There is nothing more to you.
You have nothing without belief against mathematical proof.
It's like if arsonists took over the fire station pretending to be firefighters.
[A reply to someone who wrote that James likes to be insulted.]
Nope. I have multiple major mathematical proof discoveries.
I even had publication until people like you showed how broken the modern system of journal peer review is.
Now I have an easy algebraic solution to the factoring problem and the ability to let this drag out for a little while, as I wait for others to demonstrate the value of the research.
That's how it's done. Valuable research gets picked up by others.
It is so weird though. Here I am arguing with some mental midget, when I've had a simple algebraic proof of the factoring problem out there for days.
Anyone else suppose that the human race is devolving? Rapidly?
[A reply to someone who asked James why can't he validate his proof.]
I did validate it.
Mathematical proof.
And it's an easy proof so all this arguing shows that a lot of you really don't get what a mathematical proof is.
I guess you think it's some delicate or wishy-washy thing.
You really can't comprehend that a person can prove something mathematically and just sit back with certainty?
Or you think I have to demonstrate it with some big factorization to know what mathematical proof already told me?
Ok, here's an important question: do you think if I really knew that mathematical proof meant that I'd solved the factoring problem that I'd quickly demonstrate it, wait on others to show it, or just write a paper and send it to a journal?
One of the simplest algebraic proofs in mathematical history solves the factoring problem, and you have independent validation from someone other than me, but still some of you misinterpret the results and insult me, while the rest of you are quiet, as always.
I wondered for a while if some alien species had taken over the planet and sought to end the future of the human race by keeping it from getting its math right, but I've recently concluded that many of you just have no clue what mathematics is.
To you it's a style, and agreement, and lots of results from the "smart people" as determined by some vague rules who tell you what to think.
And God help anyone you don't like, as you'll reject anything they discover, which is like diamond merchants looking the prospector up and down and rejecting a HUGE major diamond because they don't like the guy.
The only conclusion available is that most of you do not do any real mathematics.
You're playing pretend. And I've come to that conclusion repeatedly as I've confronted you through the years and considered your stranglehold on the current mathematical field.
The mathematical field has been taken over by actors pretending to be mathematicians.
That is the only conclusion available at this point. I am sure there are some people out there doing real mathematics, and I feel sorry for them, because the field is clearly dominated by the bulk of you who are not. And you are some vicious, nasty people who think that telling a person they're insane is just a normal way to do business.
You are quite capable of being very vicious to get what you want. So you dominate the poor people who actually do real mathematics who are the sad minority among you.
Insults are what you do because that is who you are. There is nothing more to you.
You have nothing without belief against mathematical proof.
It's like if arsonists took over the fire station pretending to be firefighters.
[A reply to someone who wrote that James likes to be insulted.]
Nope. I have multiple major mathematical proof discoveries.
I even had publication until people like you showed how broken the modern system of journal peer review is.
Now I have an easy algebraic solution to the factoring problem and the ability to let this drag out for a little while, as I wait for others to demonstrate the value of the research.
That's how it's done. Valuable research gets picked up by others.
It is so weird though. Here I am arguing with some mental midget, when I've had a simple algebraic proof of the factoring problem out there for days.
Anyone else suppose that the human race is devolving? Rapidly?
[A reply to someone who asked James why can't he validate his proof.]
I did validate it.
Mathematical proof.
And it's an easy proof so all this arguing shows that a lot of you really don't get what a mathematical proof is.
I guess you think it's some delicate or wishy-washy thing.
You really can't comprehend that a person can prove something mathematically and just sit back with certainty?
Or you think I have to demonstrate it with some big factorization to know what mathematical proof already told me?
Ok, here's an important question: do you think if I really knew that mathematical proof meant that I'd solved the factoring problem that I'd quickly demonstrate it, wait on others to show it, or just write a paper and send it to a journal?
JSH: Looking at feedback
So I have a rather easy mathematical proof that I solved the factoring problem, and I've presented all the mathematics to the world in multiple ways.
But the fascinating thing is how useless that is with the modern mathematical community and I see that as being a measure of its ill health.
Like how certain posters interpreted spectacular results validating the easy algebra presented as exactly the opposite.
Kind of reminding me when sci.math posters took publication of a paper of mine as a negative, and then rationalized how publication didn't matter as they excoriated the mathematical journal for publication. And THEN some of them ripped on the math journal when the editors caved after some sci.math'ers sent emails claiming errors in the paper and the editors withdrew my paper after publication.
They want their cake and to eat it too.
Now my perspective on what the guys at the top of the heap in the mathematical field do, is, I think, they look to see if the cows are still herding well, and yes, you are the cows.
As long as you can be herded, they can sit back, and hope that the truth doesn't matter, as their product is your belief: your belief so that you learn bogus math and love it, your belief so that you can be presented with brilliant math and hate it, and your belief so that nothing matters to you but following the crowd.
I call it democracy at work: the modern math field.
Your leaders are picked democratically. Math prizes are decided democratically. And your beliefs are decided democratically.
You live in a world where nothing is real, except you all telling yourselves what you want to hear, so nothing matters to you, not mathematical proof, and not experimental validation.
You are completely lost to true knowledge.
[A reply to someone who wrtoe that, instead of a proof, James has just some squiggly equations that don't work.]
But they do work, and that's the point.
It's the problem with "pure math", as math society says, "trust me" about those results, yet I can show practical results with easy algebra, and the same society says they don't, or sits quietly.
The key point here is that society has to police mathematicians as well as all other academics.
Now you all will lose this battle. Clearly I like dragging it out as I make a point, which is that your society is totally screwed up.
But at the end of it all, it just takes factoring some RSA public keys and you are shut down, for good.
But the fascinating thing is how useless that is with the modern mathematical community and I see that as being a measure of its ill health.
Like how certain posters interpreted spectacular results validating the easy algebra presented as exactly the opposite.
Kind of reminding me when sci.math posters took publication of a paper of mine as a negative, and then rationalized how publication didn't matter as they excoriated the mathematical journal for publication. And THEN some of them ripped on the math journal when the editors caved after some sci.math'ers sent emails claiming errors in the paper and the editors withdrew my paper after publication.
They want their cake and to eat it too.
Now my perspective on what the guys at the top of the heap in the mathematical field do, is, I think, they look to see if the cows are still herding well, and yes, you are the cows.
As long as you can be herded, they can sit back, and hope that the truth doesn't matter, as their product is your belief: your belief so that you learn bogus math and love it, your belief so that you can be presented with brilliant math and hate it, and your belief so that nothing matters to you but following the crowd.
I call it democracy at work: the modern math field.
Your leaders are picked democratically. Math prizes are decided democratically. And your beliefs are decided democratically.
You live in a world where nothing is real, except you all telling yourselves what you want to hear, so nothing matters to you, not mathematical proof, and not experimental validation.
You are completely lost to true knowledge.
[A reply to someone who wrtoe that, instead of a proof, James has just some squiggly equations that don't work.]
But they do work, and that's the point.
It's the problem with "pure math", as math society says, "trust me" about those results, yet I can show practical results with easy algebra, and the same society says they don't, or sits quietly.
The key point here is that society has to police mathematicians as well as all other academics.
Now you all will lose this battle. Clearly I like dragging it out as I make a point, which is that your society is totally screwed up.
But at the end of it all, it just takes factoring some RSA public keys and you are shut down, for good.
Sunday, January 20, 2008
JSH: Counting a's
All the discussion has helped me to understand the factoring congruences as well as areas where people may be having difficulty understanding them, despite the simplicity of the algebra used to derive them.
Here are the factoring congruences:
Given a target composite T and integer factors f_1 and f_2, such that f_1*f_2 = nT, and any prime p, the following will be true 75% of the time:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p.
One of the major issues that keeps coming up, and it's bugged me as well is, how many a's will exist?
The correct answer is there is one unique 'a' for each unique factorization of nT.
But it's freaking weird how it works, as that 75% number is for cases when 'a' does not exist such that integers f_1 and f_2 can satisfy the key relations, so the math does something very weird: it makes them non-rational.
So if it can use integers, it uses integers, but if for some factorization of nT it can't fulfill all the requirements of the equations with integers, it'll just go to non-rationals, automatically, and a fascinating way to begin to grasp what is happening is to think of the count of the a's, as in, if the math can use non-rationals, how does it decide how many?
After all, there are an INFINITY of non-rational solutions!
So what is the algebra thinking?
It's counting the total number of integer factorizations and using those if it can, but if it can't it just tosses in a non-rational so the count of unique a's is the count of unique factorizations.
Posters who wish to challenge that need to play with the equations first, so like you're get nT = 30, and count the a's, with p=7 or p=37, as I don't care, and see what happens.
Total count of unique a's, (absolute value the same) should be the count of unique factorizations, which I think is 6 for 2(3)(5) = 30. Now they may not all give you solutions though for f_1 and f_2, as in some cases the math may toss back non-rational solutions if it can't fit in rational ones.
Yes there is more to the story here, but before I delve into far more complex number theory to explain exactly what the math is doing, we need to get past this whole factoring problem thing, as the factoring problem is SOLVED!
Oh, and yes, I remind that the solution to the factoring problem, which these equations represent, is something that the mathematical community has a DUTY to inform the world.
Here are the factoring congruences:
Given a target composite T and integer factors f_1 and f_2, such that f_1*f_2 = nT, and any prime p, the following will be true 75% of the time:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p.
One of the major issues that keeps coming up, and it's bugged me as well is, how many a's will exist?
The correct answer is there is one unique 'a' for each unique factorization of nT.
But it's freaking weird how it works, as that 75% number is for cases when 'a' does not exist such that integers f_1 and f_2 can satisfy the key relations, so the math does something very weird: it makes them non-rational.
So if it can use integers, it uses integers, but if for some factorization of nT it can't fulfill all the requirements of the equations with integers, it'll just go to non-rationals, automatically, and a fascinating way to begin to grasp what is happening is to think of the count of the a's, as in, if the math can use non-rationals, how does it decide how many?
After all, there are an INFINITY of non-rational solutions!
So what is the algebra thinking?
It's counting the total number of integer factorizations and using those if it can, but if it can't it just tosses in a non-rational so the count of unique a's is the count of unique factorizations.
Posters who wish to challenge that need to play with the equations first, so like you're get nT = 30, and count the a's, with p=7 or p=37, as I don't care, and see what happens.
Total count of unique a's, (absolute value the same) should be the count of unique factorizations, which I think is 6 for 2(3)(5) = 30. Now they may not all give you solutions though for f_1 and f_2, as in some cases the math may toss back non-rational solutions if it can't fit in rational ones.
Yes there is more to the story here, but before I delve into far more complex number theory to explain exactly what the math is doing, we need to get past this whole factoring problem thing, as the factoring problem is SOLVED!
Oh, and yes, I remind that the solution to the factoring problem, which these equations represent, is something that the mathematical community has a DUTY to inform the world.
Saturday, January 19, 2008
JSH: Now we're golden!
Wow! The poster Enrico noticed cases where my factoring congruences weren't working, and I was able to work out yet another fascinating feature, as well as explain something that might have been missed up until now which is that you get one 'a' and k pair for each unique factorization.
So, yes, now it's mathematically proven that I found a solution to the factoring problem, and I want to definitely thank Enrico and would like to give him mention in the paper.
I will say now that an early draft of the paper is at the Annals of Mathematics, but I ended up sending two revisions after I rushed them my early research and have thankfully sat for a while as I worked out the issues.
There is no doubt I'd think that a paper solving the factoring problem deserves publication in the Annals.
Some of you may have tested out the congruences and found they did not always work, which gave you doubts, but now the answer is that there is a quirk of prime numbers, as there are two basic types: those for which the negative of the quadratic residue is a quadratic residue and those for which it is not.
So, for instance, with p=17, Enrico noticed that the congruence relations would not work to non-trivially factor 15. I dove into the underlying equations and found that they would not work, and figured out the answer as to why.
It helped that I had the existence equation for 'a' handy.
Rather wild though. All integer factorizations are controlled by the factoring congruences, but some primes exclude themselves but only if they are the primes for which the negative of their quadratic residue is a quadratic residue.
My celebration should be somewhat muted though as it is now definite that the factoring problem is SOLVED.
Governments around the world and institutions affected should behave accordingly.
I am directing EMC2 to give a press release as soon as possible on the situation through its RSA division.
So, yes, now it's mathematically proven that I found a solution to the factoring problem, and I want to definitely thank Enrico and would like to give him mention in the paper.
I will say now that an early draft of the paper is at the Annals of Mathematics, but I ended up sending two revisions after I rushed them my early research and have thankfully sat for a while as I worked out the issues.
There is no doubt I'd think that a paper solving the factoring problem deserves publication in the Annals.
Some of you may have tested out the congruences and found they did not always work, which gave you doubts, but now the answer is that there is a quirk of prime numbers, as there are two basic types: those for which the negative of the quadratic residue is a quadratic residue and those for which it is not.
So, for instance, with p=17, Enrico noticed that the congruence relations would not work to non-trivially factor 15. I dove into the underlying equations and found that they would not work, and figured out the answer as to why.
It helped that I had the existence equation for 'a' handy.
Rather wild though. All integer factorizations are controlled by the factoring congruences, but some primes exclude themselves but only if they are the primes for which the negative of their quadratic residue is a quadratic residue.
My celebration should be somewhat muted though as it is now definite that the factoring problem is SOLVED.
Governments around the world and institutions affected should behave accordingly.
I am directing EMC2 to give a press release as soon as possible on the situation through its RSA division.
JSH: Result is for real, so is corruption
So the scenario that would occur if I factored an RSA number is most likely I'd be killed, and then the information would just kind of disappear as people worked to clean up the situation and most of you would just go on about your lives.
And soon enough it'd all be forgotten.
That is why Usenet is important in this scenario to spread the information widely enough that by the time certain unethical people who don't give a damn about laws figure out what it is, just killing me and cleaning up by suppression is not an option.
Given George W. Bush's current history of lack of love of the law, I don't think I can really be challenged on my fear that this government in the US is quite capable of breaking any law which could mean me getting murdered for my great achievement of discovery.
So there will be no absolute demonstration by factoring of an RSA public key though I dare any of you to do it, as then at least I wouldn't die alone:
Given a nonzero target composite T and integer factors f_1 and f_2, such that f_1*f_2 = nT, and any prime p, the following relations must be true:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p.
Those represent the fundamental factoring relations that underpin ALL composite factorizations.
Example: n=1, T=119, p=11, and a=2 gives
k^2 = (5)^{-1}(119) mod 11 = 9(9) mod 11 = 4 mod 11.
And k = 2 mod 11 is a solution, so f_1 = 4 mod 11, and
f_2 = 2^{-1}(1+4)(2) mod 11 = 5 mod 11.
In this case, subtracting 11 gives one prime factor as f_1 = -7 mod 11, and f_2 = -6 mod 11. Subtracting 11 again from f_2 gives -17.
And soon enough it'd all be forgotten.
That is why Usenet is important in this scenario to spread the information widely enough that by the time certain unethical people who don't give a damn about laws figure out what it is, just killing me and cleaning up by suppression is not an option.
Given George W. Bush's current history of lack of love of the law, I don't think I can really be challenged on my fear that this government in the US is quite capable of breaking any law which could mean me getting murdered for my great achievement of discovery.
So there will be no absolute demonstration by factoring of an RSA public key though I dare any of you to do it, as then at least I wouldn't die alone:
Given a nonzero target composite T and integer factors f_1 and f_2, such that f_1*f_2 = nT, and any prime p, the following relations must be true:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p.
Those represent the fundamental factoring relations that underpin ALL composite factorizations.
Example: n=1, T=119, p=11, and a=2 gives
k^2 = (5)^{-1}(119) mod 11 = 9(9) mod 11 = 4 mod 11.
And k = 2 mod 11 is a solution, so f_1 = 4 mod 11, and
f_2 = 2^{-1}(1+4)(2) mod 11 = 5 mod 11.
In this case, subtracting 11 gives one prime factor as f_1 = -7 mod 11, and f_2 = -6 mod 11. Subtracting 11 again from f_2 gives -17.
Friday, January 18, 2008
Factors mod p
Possibly the form I've given has made this result difficult for many of you to understand, so I'm shifting to directly considering composite factors modulo p.
Given a target composite T and integer factors f_1 and f_2, such that f_1*f_2 = nT, and any prime p, the following relations must be true:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p.
Those represent the fundamental factoring relations that underpin ALL composite factorizations.
Example: n=1, T=119, p=11, and a=2 gives
k^2 = (5)^{-1}(119) mod 11 = 9(9) mod 11 = 4 mod 11.
And k = 2 mod 11 is a solution, so f_1 = 4 mod 11, and
f_2 = 2^{-1}(1+4)(2) mod 11 = 5 mod 11.
In this case, subtracting 11 gives one prime factor as f_1 = -7 mod 11, and f_2 = -6 mod 11. Subtracting 11 again from f_2 gives -17.
I think many of you fail to understand why this result is so important because you don't realize that the congruences relations are not just sometimes true, but ALWAYS TRUE and they determine what is possible for integer factorizations.
There is no composite factorization that escapes those rules. None. There has never been any either. It's just mathematicians did not know the rules existed.
It is trivial to prove with them that powerful factoring algorithms can be developed.
And their derivation is backed by easy mathematical proof.
So easy mathematical proof shows my case. If you doubt that I challenge any of you to focus on the specifics here in a mathematical discussion asking me to expand on any particular point, from the derivation of the relations to how they can be used to factor efficiently.
Replies simply requesting that I factor a large number are just heckling when I say my position is firmly established by mathematical proof and I am willing to elaborate on any and every detail that proves my case.
Given a target composite T and integer factors f_1 and f_2, such that f_1*f_2 = nT, and any prime p, the following relations must be true:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(nT) mod p.
Those represent the fundamental factoring relations that underpin ALL composite factorizations.
Example: n=1, T=119, p=11, and a=2 gives
k^2 = (5)^{-1}(119) mod 11 = 9(9) mod 11 = 4 mod 11.
And k = 2 mod 11 is a solution, so f_1 = 4 mod 11, and
f_2 = 2^{-1}(1+4)(2) mod 11 = 5 mod 11.
In this case, subtracting 11 gives one prime factor as f_1 = -7 mod 11, and f_2 = -6 mod 11. Subtracting 11 again from f_2 gives -17.
I think many of you fail to understand why this result is so important because you don't realize that the congruences relations are not just sometimes true, but ALWAYS TRUE and they determine what is possible for integer factorizations.
There is no composite factorization that escapes those rules. None. There has never been any either. It's just mathematicians did not know the rules existed.
It is trivial to prove with them that powerful factoring algorithms can be developed.
And their derivation is backed by easy mathematical proof.
So easy mathematical proof shows my case. If you doubt that I challenge any of you to focus on the specifics here in a mathematical discussion asking me to expand on any particular point, from the derivation of the relations to how they can be used to factor efficiently.
Replies simply requesting that I factor a large number are just heckling when I say my position is firmly established by mathematical proof and I am willing to elaborate on any and every detail that proves my case.
Fundamental factoring result
Given a target composite T and integer factors f_1 and f_2, such that f_1*f_2 = T, and any prime p, the following relations must be true:
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(T) mod p.
Example: T=119, p=11, and a=2 gives k^2 = (5)^{-1}(119) mod 11 = 9(9) mod 11 = 4 mod 11.
And k = 2 mod 11 is a solution, so f_1 = 4 mod 11, and f_2 = 2^{-1} (1+4)(2) mod 11 = 5 mod 11.
In this case, subtracting 11 gives one prime factor as f_1 = -7 mod 11, and f_2 = -6 mod 11. Subtracting 11 again from f_2 gives -17.
If you want positive solutions, look for other a's that work and see what happens.
You can test those congruences with any factorization you like. They are derived and follow from mathematical proof.
I had been giving z mod p and y mod p and saying you should look at z-y mod p and z+y mod p.
The difference here is I just give them for you.
f_1 = ak mod p
and
f_2 = a^{-1}(1 + a^2)k mod p
where
k^2 = (a^2+1)^{-1}(T) mod p.
Example: T=119, p=11, and a=2 gives k^2 = (5)^{-1}(119) mod 11 = 9(9) mod 11 = 4 mod 11.
And k = 2 mod 11 is a solution, so f_1 = 4 mod 11, and f_2 = 2^{-1} (1+4)(2) mod 11 = 5 mod 11.
In this case, subtracting 11 gives one prime factor as f_1 = -7 mod 11, and f_2 = -6 mod 11. Subtracting 11 again from f_2 gives -17.
If you want positive solutions, look for other a's that work and see what happens.
You can test those congruences with any factorization you like. They are derived and follow from mathematical proof.
I had been giving z mod p and y mod p and saying you should look at z-y mod p and z+y mod p.
The difference here is I just give them for you.
JSH: Chasing solutions
The system of factoring congruences I found give two basic paths to getting a factorization with them, where I've debated which one is easier. Now at least I can describe them better:
Reiterating what the result is, with
z^2 = y^2 + nT
where T is the target to factor and n is some nonzero integer you pick, with p a prime you pick:
z = (2a)^{-1} (1 + 2a^2)k mod p,
k^2 = (a^2+1)^{-1}(nT) mod p
and
y = (1+2a^2)^{-1} z mod p
as I realized that the second solution I usually give is redundant.
The best case is with n=1, as then if p>sqrt(T), you only have the trivial factorization or the non-trivial one to switch between but that necessitates a search solving for k, where
k^2 = (a^2+1)^{-1}(T) mod p
and I intuitively feel that with increasing T, it will be harder and harder to find values for 'a' that will give quadratic residues modulo p. That just makes sense though classical thinking in this area would tell you that 50% of the a's would work. If so, then it's not an issue, and that would be the approach: set n=1 and check a's until you get a k.
One problem I have is determining if there is a quadratic residue found or not, as while I know there are well established tests, with my own algorithms I use only my own research. Luckily I have a fairly large body of number theory results—including a way to resolve quadratic residues—but I'm looking at efficiency here, and I don't have research that tells me when a number is a quadratic residue.
The other route then that I focused on, so that I didn't have to worry about any of that was to just pick some 'a' and then solve for n, which necessitated picking a k, but I intuitively feel that k must be very large, but I get to pick the quadratic residue I'll call q, where k^2 = q mod p, so
q = (a^2+1)^{-1}(nT) mod p
and I can solve for n in this case with n = q(a^2 + 1)T^{-1} mod p, but now I realize that n must be a minimum value as z-y mod p and z+y mod p are giving residues of factors modulo p of nT, so like, if I pick something very easy like q=4, then there is no real connection to T in the remaining equations for z and y.
But I don't have to figure out if something is a quadratic residue or not, as now I can just loop through quadratic residues and use the one with the smallest n, hoping I got it small enough.
So now finally I'm ready to write a program.
The problem I was facing was not really wanting to resolve quadratic residues, or having to determine if I had one, and this way gives me a way to not have to worry about that, but maybe that approach will usually give very large n's unless there is an exhaustive search.
Ok.
Oh, so do I have a solution to the factoring problem? I'd say, probably, yes. As there is still the other direct approach of using the Chinese Remainder theorem, where you can pick primes small enough that it's trivial to find a's that will work. I don't like that approach as, remember, I use my own research and I didn't discover the Chinese Remainder theorem, or I'd use it.
What I don't do, others can. Others might also just choose to loop through 'a' and resolve the quadratic residues.
Given that there are only two possibilities: the trivial or the non-trivial factorization, with n=1, there is no reasonable doubt that the equations solve the factoring problem.
The only objection left for the mathematical community, since I have mathematical proof, is that my lack of delivering a working algorithm is proof against mathematical proof.
And you people rest on that one for as long as you can, and I know what will happen: other people will do the other implementations and when they do, I'll point out that the mathematical community left the world unprotected and unwarned when a mathematical proof was right there, and it's so easy.
So I'll argue, waiting for me to deliver was just a dumb dodge in the hope that I couldn't figure out a way to implement something that plenty of other people around the world could, from desperate people who were so far gone that they would do ANYTHING to hold off facing the music for one more day.
Ok, so now I can program. And you people can wait.
Reiterating what the result is, with
z^2 = y^2 + nT
where T is the target to factor and n is some nonzero integer you pick, with p a prime you pick:
z = (2a)^{-1} (1 + 2a^2)k mod p,
k^2 = (a^2+1)^{-1}(nT) mod p
and
y = (1+2a^2)^{-1} z mod p
as I realized that the second solution I usually give is redundant.
The best case is with n=1, as then if p>sqrt(T), you only have the trivial factorization or the non-trivial one to switch between but that necessitates a search solving for k, where
k^2 = (a^2+1)^{-1}(T) mod p
and I intuitively feel that with increasing T, it will be harder and harder to find values for 'a' that will give quadratic residues modulo p. That just makes sense though classical thinking in this area would tell you that 50% of the a's would work. If so, then it's not an issue, and that would be the approach: set n=1 and check a's until you get a k.
One problem I have is determining if there is a quadratic residue found or not, as while I know there are well established tests, with my own algorithms I use only my own research. Luckily I have a fairly large body of number theory results—including a way to resolve quadratic residues—but I'm looking at efficiency here, and I don't have research that tells me when a number is a quadratic residue.
The other route then that I focused on, so that I didn't have to worry about any of that was to just pick some 'a' and then solve for n, which necessitated picking a k, but I intuitively feel that k must be very large, but I get to pick the quadratic residue I'll call q, where k^2 = q mod p, so
q = (a^2+1)^{-1}(nT) mod p
and I can solve for n in this case with n = q(a^2 + 1)T^{-1} mod p, but now I realize that n must be a minimum value as z-y mod p and z+y mod p are giving residues of factors modulo p of nT, so like, if I pick something very easy like q=4, then there is no real connection to T in the remaining equations for z and y.
But I don't have to figure out if something is a quadratic residue or not, as now I can just loop through quadratic residues and use the one with the smallest n, hoping I got it small enough.
So now finally I'm ready to write a program.
The problem I was facing was not really wanting to resolve quadratic residues, or having to determine if I had one, and this way gives me a way to not have to worry about that, but maybe that approach will usually give very large n's unless there is an exhaustive search.
Ok.
Oh, so do I have a solution to the factoring problem? I'd say, probably, yes. As there is still the other direct approach of using the Chinese Remainder theorem, where you can pick primes small enough that it's trivial to find a's that will work. I don't like that approach as, remember, I use my own research and I didn't discover the Chinese Remainder theorem, or I'd use it.
What I don't do, others can. Others might also just choose to loop through 'a' and resolve the quadratic residues.
Given that there are only two possibilities: the trivial or the non-trivial factorization, with n=1, there is no reasonable doubt that the equations solve the factoring problem.
The only objection left for the mathematical community, since I have mathematical proof, is that my lack of delivering a working algorithm is proof against mathematical proof.
And you people rest on that one for as long as you can, and I know what will happen: other people will do the other implementations and when they do, I'll point out that the mathematical community left the world unprotected and unwarned when a mathematical proof was right there, and it's so easy.
So I'll argue, waiting for me to deliver was just a dumb dodge in the hope that I couldn't figure out a way to implement something that plenty of other people around the world could, from desperate people who were so far gone that they would do ANYTHING to hold off facing the music for one more day.
Ok, so now I can program. And you people can wait.
Thursday, January 17, 2008
JSH: A little direct talk
First off, I did find a proof of Fermat's Last Theorem, but did so with methods that did show an error in "core" mathematics. The journal that published my introductory paper did the right thing, and the mathematics within it clearly shows there is something big there. But the massive failures began when they collapsed under pressure, and withdrew my paper, possibly puzzled themselves to finally learn that their field was corrupt, and that's when I also learned just how corrupt the math field had become.
As I looked for various ways to get my research accepted I tried multiple avenues, so I have my Class Viewer open source project, and lately I even came up with a business plan for YouTube as it was bugging me that Google wasn't doing anything with it that made serious money.
Nothing worked though to break the impasse.
Years back I concluded that one option was to solve the factoring problem, as it was a non "pure math" area where denial was impossible.
Seemed brilliant to me, but as I've come closer to the solution I realized there were problems with the idea.
Biggest problem was that with success, unless I could get some rational behavior from big players I might inadvertently crash the global economy and end civilization as we know it.
So I kept pointing out that I might just really go after the factoring problem and there was no way to keep up the lying—oh yeah by now I realized that a lot of players in the math field had to be lying as, for instance, math journals don't just keel over and die without a lot of people noticing—because with the solution to the factoring problem I could just factor big numbers.
And the hinting was in the hope that they'd cave in, and just start telling the truth about my other research because I was worried, as I mentioned about crashing the global economy.
But it didn't work, and here we are. I solved the factoring problem and the solution is easier than I ever thought it would be, and they are daring me in the final game of chicken to actually fully implement it and factor something to end the "math wars" once and for all.
Good news is that I have determined that doing so would NOT end the global economy, which is a relief. So civilization as we know it is safe or the solution would not be posted. I'd just be looking at it and wondering to myself.
Trouble is, I'm not so sure about the US economy and as I've gotten closer to decision point, you can, um, see what it has been doing.
If Bush were out of the White House some serious damage control could be started immediately, but with him there the timing is not so great and notice that the US government is dilly-dallying as we speak, with Bush mouthing stupidity about making his dumb tax cuts permanent.
So the point of this post is that at this point I have an easy proof of a solution to the factoring problem, which I have determined will not collapse the global economy, but the weakened US economy is in danger, so I'm hesitant, and part of this message is to congressional leaders that action has to be taken NOW.
[A reply to someone who asked James why doesn't he just factor a number in the privacy of his home.]
It's an easy proof.
It's some of my easiest research to understand.
What I am curious about is how people like you have rationalized your way all the way through no matter what.
And now all I have to do is implement some trivially easy equations and end all debate, but you all keep acting like you don't care, as if you are still certain.
Can you not understand the proof? Or is there some other reason you want me personally to implement it?
Ok, here's a question for you, if I have proven mathematically that the factoring congruences I found solve the factoring problem, why would you want me to demonstrate with an actual factorization?
What do you hope to gain with the request?
Time? Distract other people and hope they believe you and ignore the solution?
Why not figure that I'd just program it and end the debate?
Or, do you really not understand what a mathematical proof represents? How it is about certainty?
Why did proof never work with people like you?
I chased the factoring problem because proof didn't work, so I could have something that when you ignored proof I could just put a factorization in your face and say HERE.
But why is that necessary?
The proof is so easy it could be taught in high school, or secondary school as they say in Europe.
How can any of you keep going in the face of that? What is going on in your brains that allows you to do so?
What would happen to you if I factored an RSA number? Would you just snap? Or just say, sorry? Or what?
As I looked for various ways to get my research accepted I tried multiple avenues, so I have my Class Viewer open source project, and lately I even came up with a business plan for YouTube as it was bugging me that Google wasn't doing anything with it that made serious money.
Nothing worked though to break the impasse.
Years back I concluded that one option was to solve the factoring problem, as it was a non "pure math" area where denial was impossible.
Seemed brilliant to me, but as I've come closer to the solution I realized there were problems with the idea.
Biggest problem was that with success, unless I could get some rational behavior from big players I might inadvertently crash the global economy and end civilization as we know it.
So I kept pointing out that I might just really go after the factoring problem and there was no way to keep up the lying—oh yeah by now I realized that a lot of players in the math field had to be lying as, for instance, math journals don't just keel over and die without a lot of people noticing—because with the solution to the factoring problem I could just factor big numbers.
And the hinting was in the hope that they'd cave in, and just start telling the truth about my other research because I was worried, as I mentioned about crashing the global economy.
But it didn't work, and here we are. I solved the factoring problem and the solution is easier than I ever thought it would be, and they are daring me in the final game of chicken to actually fully implement it and factor something to end the "math wars" once and for all.
Good news is that I have determined that doing so would NOT end the global economy, which is a relief. So civilization as we know it is safe or the solution would not be posted. I'd just be looking at it and wondering to myself.
Trouble is, I'm not so sure about the US economy and as I've gotten closer to decision point, you can, um, see what it has been doing.
If Bush were out of the White House some serious damage control could be started immediately, but with him there the timing is not so great and notice that the US government is dilly-dallying as we speak, with Bush mouthing stupidity about making his dumb tax cuts permanent.
So the point of this post is that at this point I have an easy proof of a solution to the factoring problem, which I have determined will not collapse the global economy, but the weakened US economy is in danger, so I'm hesitant, and part of this message is to congressional leaders that action has to be taken NOW.
[A reply to someone who asked James why doesn't he just factor a number in the privacy of his home.]
It's an easy proof.
It's some of my easiest research to understand.
What I am curious about is how people like you have rationalized your way all the way through no matter what.
And now all I have to do is implement some trivially easy equations and end all debate, but you all keep acting like you don't care, as if you are still certain.
Can you not understand the proof? Or is there some other reason you want me personally to implement it?
Ok, here's a question for you, if I have proven mathematically that the factoring congruences I found solve the factoring problem, why would you want me to demonstrate with an actual factorization?
What do you hope to gain with the request?
Time? Distract other people and hope they believe you and ignore the solution?
Why not figure that I'd just program it and end the debate?
Or, do you really not understand what a mathematical proof represents? How it is about certainty?
Why did proof never work with people like you?
I chased the factoring problem because proof didn't work, so I could have something that when you ignored proof I could just put a factorization in your face and say HERE.
But why is that necessary?
The proof is so easy it could be taught in high school, or secondary school as they say in Europe.
How can any of you keep going in the face of that? What is going on in your brains that allows you to do so?
What would happen to you if I factored an RSA number? Would you just snap? Or just say, sorry? Or what?
Wednesday, January 16, 2008
JSH: Synopsis post
Kind of a quicker post to cover the big picture while the previous one was a long one:
Short of it is that I found that you could approach factoring through a two equation system:
x^2 = y^2 + pr_1
z^2 = y^2 + nT
while mathematicians have traditionally used a single equation system:
x^2 = y^2 + nT or often given as x^2 = y^2 mod T.
where in both cases T is the target to factor.
With the two equation system I found mathematical laws represented by a set of congruence relations:
z = (2a)^{-1} (1 + 2a^2)k mod p, k^2 = (a^2+1)^{-1}(nT) mod p
and
y = (1+2a^2)^{-1} z mod p, or y = -(1+2a^2)^{-1} z mod p.
I pointed out in my prior long posting that you can verify for yourself quite a few things by considering a simple example with n=1, T=21, as y = 2 is a solution, as, of course 5^2 = 2^2 + 21, and possible values for pr_1 go out to infinity with the start of the sequence being useful for understanding important facts:
pr_1 = (5)(1) = 5, pr_1 = (6)(2) = 12, pr_1 = (7)(3) = 21,
pr_1 = (8)(4) = 32, pr_1 = (9)(5) = 45,
pr_1 = (10)(6) = 60, and pr_1 = (11)(7) = 77.
You can add 4 to any of those to see you get another square and see why you will have results for any prime p.
The congruence relations are trivially derived. The idea that a two equation system will give you more information than just one is not a complicated one. And the proof of the existence of solutions is easy.
Mathematicians just used one equation to study a problem that is best handled by using two.
In a way it is a profoundly cool thing that there were these underlying mathematical laws all along controlling things that people just didn't know anything about, but the sense of satisfaction is muted by the potential impact of the result.
However, it is the reality now that the information is known.
I HAVE been notifying mathematicians directly by email, by posting on math newsgroups, and I have submitted a paper to a major mathematical journal. But so far to no avail.
Short of it is that I found that you could approach factoring through a two equation system:
x^2 = y^2 + pr_1
z^2 = y^2 + nT
while mathematicians have traditionally used a single equation system:
x^2 = y^2 + nT or often given as x^2 = y^2 mod T.
where in both cases T is the target to factor.
With the two equation system I found mathematical laws represented by a set of congruence relations:
z = (2a)^{-1} (1 + 2a^2)k mod p, k^2 = (a^2+1)^{-1}(nT) mod p
and
y = (1+2a^2)^{-1} z mod p, or y = -(1+2a^2)^{-1} z mod p.
I pointed out in my prior long posting that you can verify for yourself quite a few things by considering a simple example with n=1, T=21, as y = 2 is a solution, as, of course 5^2 = 2^2 + 21, and possible values for pr_1 go out to infinity with the start of the sequence being useful for understanding important facts:
pr_1 = (5)(1) = 5, pr_1 = (6)(2) = 12, pr_1 = (7)(3) = 21,
pr_1 = (8)(4) = 32, pr_1 = (9)(5) = 45,
pr_1 = (10)(6) = 60, and pr_1 = (11)(7) = 77.
You can add 4 to any of those to see you get another square and see why you will have results for any prime p.
The congruence relations are trivially derived. The idea that a two equation system will give you more information than just one is not a complicated one. And the proof of the existence of solutions is easy.
Mathematicians just used one equation to study a problem that is best handled by using two.
In a way it is a profoundly cool thing that there were these underlying mathematical laws all along controlling things that people just didn't know anything about, but the sense of satisfaction is muted by the potential impact of the result.
However, it is the reality now that the information is known.
I HAVE been notifying mathematicians directly by email, by posting on math newsgroups, and I have submitted a paper to a major mathematical journal. But so far to no avail.
JSH: Update, factoring problem solved
There is a significant development to report which means I need to come back and give additional information to this group as I'm still concerned that mathematicians may fail in their duty to report these findings. That development is an easy proof that what I call the factoring congruences must work, and work well.
So now I can quickly and easily explain what the result is, and how and why it works.
What I did was study a system of two rather simple equations:
x^2 = y^2 + pr_1
and
z^2 = y^2 + nT
where T is the target to be factored, and all the variables must be integers. What I did to probe the equations was connect x and z together with
z = x + ak
where I used two variables for that when it might seem like you could use one (which I did at first).
Now I'll give you the information to help you understand how obvious it must be that the solution I found is correct, as there are an infinity of solutions with integers for the top equation given the bottom one.
For example with z^2 = y^2 + 21, I have that y=2 is a solution, which gives z = 5. Now with that y, there are an infinite number of integer solutions for pr_1, where I'll give a few with their factors to help readers understand several crucial points:
pr_1 = (5)(1) = 5, pr_1 = (6)(2) = 12, pr_1 = (7)(3) = 21,
pr_1 = (8)(4) = 32, pr_1 = (9)(5) = 45,
pr_1 = (10)(6) = 60, and pr_1 = (11)(7) = 77.
Remember, y = 2, so in each case adding 4 must give a square and it does. Notice importantly I just advance the factors by 1, and, of course, since you just step up by 1, every prime is a potential p, so there is an answer for every prime.
I did this stepping out yesterday and realized that several requirements I had put on nT were wrong, as it doesn't have to be odd and can have 3 as a factor. For each of those values above, it's trivial to find an x, as y is set, and, of course, for any integer x, and integer z, there must exist an integer z-x, so since z-x= ak, ak must exist.
So there are always solutions, for every prime p. Now I had to use ak, instead of just one variable because I also have as a key equation: k = 2ax mod p
Now that may seem to come out of the blue, but it's a deliberate introduction to force
z = x + ak
as consider that of course then 2ax = k mod p, and to make that explicit I'll let 2ax = k + pr_2
x^2 = y^2 + pr_1 and 2ax = k + pr_2
it makes sense to multiply the latter by k, so that you have
x^2 = y^2 + pr_1
and
2axk = k^2 + kpr_2
and then add them to get
x^2 + 2axk = y^2 + k^2 + p(r_1 + kr_2)
which just begs for completing the square by adding a^2 k^2 to both sides and simplifying a bit I get
(x+ak)^2 = y^2 + (1 + a^2) k^2 + p(r_1 + kr_2)
and compare with
z^2 = y^2 + nT
and you have that z=x+ak, when
nT = (1 + a^2) k^2 + p(r_1 + kr_2).
The skeptical among you can simply solve for k, using the quadratic formula and look to see when it is rational—remember that r_1 and r_2 are completely free integers.
Now it's trivial to get the main factoring congruences:
z = (2a)^{-1} (1 + 2a^2)k mod p
k^2 = (a^2+1)^{-1}(nT) mod p
and it's possible to also solve for y:
y = (1+2a^2)^{-1} z mod p, or y = -(1+2a^2)^{-1} z mod p.
Those results follow from that result that is so much about just completing the square so it's easy algebra, and that stepping out with values for pr_1 shows how you can get any prime.
But now you can easily show that the results solve the factoring problem, as given a T that is the product of two primes, it must be true that if p>sqrt(T), then p must be greater than the lesser prime unless T=p^2. And with z mod p and y mod p, you can get z-y mod p and z+y mod p, so you get residues modulo p of the factors since with
z^2 = y^2 + nT, you have trivially that (z-y)(z+y) = nT.
So, if you loop through all values for 'a' with n=1, then you have it with mathematical certainty that you will get cases where z-y mod p or z+y mod p just gives you one of the prime factors of T, directly.
Example: Let T=119, p=11. I find that a=2 will work and give me k=2 mod 11 as an answer.
Then z = 2(1+8)/4 mod 11 = 7/4 mod 11 = 10 mod 11.
And I can find y, from y^2 = 100 - 119 mod 11 = 3 mod 11 (or use the formulas above), so
y=5 mod 11 will work, and then z-y = 5 mod 11 and z+y = 4 mod 11, but I have something interesting here as I need to subtract 11, to get
z-y = -6 mod 11 and z+y = -7 mod 11.
The congruences will do the same thing without regard to the size of the number if n=1, and you loop through the a's that work, where the only other answers have to be for the trivial case where 119 is the factor, so it can only bounce between two sets of values, where one WILL factor your target.
But that is with n=1. You can also just set 'a' to some value and then pick an n that will give you a k, as remember:
k^2 = (a^2+1)^{-1}(nT) mod p
so (a^2+1)^{-1}(nT) must be a quadratic residue modulo p. But if you pick 'a' then you can ALWAYS find an n such that it is, but now you'd need a prime about the size of sqrt(nT), and then z-y mod p and z+y mod p would have to give residues of the factors of nT modulo p, where you'd just look for a case where the target got split.
That would be REALLY FAST as unlike the approach with n=1, where you have to resolve a quadratic residue and search through values for 'a', here you are picking the quadratic residue yourself, by setting 'a' and solving for n.
So that means the congruence relations solve the factoring problem, and proof that they must is fairly trivial to step through.
Remember, most of the mathematical work is just completing the square, and the two equations work together as a system. But mathematicians have traditionally studied just equations like z^2 = y^2 + nT as their full system and found various approaches to factoring in that way.
I added another equation to the system and found the mathematical laws governing its behavior, and can easily prove then how you factor with those laws. These laws were previously unknown to mathematicians.
So I used more information with a more robust system than mathematicians traditionally used, which is what people call thinking out of the box.
But rather than acknowledge this result, so far mathematicians have for the most part sat quietly, but if it is true—and you can check the easy algebra for yourself—then factoring is solved as a problem, but my understanding is that presuming it is a hard problem is the basis for RSA encryption and factoring the public key used in that system can allow you to decrypt messages encrypted with it.
If so, then I fear that as of now the RSA system is defunct, but so far no one is telling the world, but me.
So now I can quickly and easily explain what the result is, and how and why it works.
What I did was study a system of two rather simple equations:
x^2 = y^2 + pr_1
and
z^2 = y^2 + nT
where T is the target to be factored, and all the variables must be integers. What I did to probe the equations was connect x and z together with
z = x + ak
where I used two variables for that when it might seem like you could use one (which I did at first).
Now I'll give you the information to help you understand how obvious it must be that the solution I found is correct, as there are an infinity of solutions with integers for the top equation given the bottom one.
For example with z^2 = y^2 + 21, I have that y=2 is a solution, which gives z = 5. Now with that y, there are an infinite number of integer solutions for pr_1, where I'll give a few with their factors to help readers understand several crucial points:
pr_1 = (5)(1) = 5, pr_1 = (6)(2) = 12, pr_1 = (7)(3) = 21,
pr_1 = (8)(4) = 32, pr_1 = (9)(5) = 45,
pr_1 = (10)(6) = 60, and pr_1 = (11)(7) = 77.
Remember, y = 2, so in each case adding 4 must give a square and it does. Notice importantly I just advance the factors by 1, and, of course, since you just step up by 1, every prime is a potential p, so there is an answer for every prime.
I did this stepping out yesterday and realized that several requirements I had put on nT were wrong, as it doesn't have to be odd and can have 3 as a factor. For each of those values above, it's trivial to find an x, as y is set, and, of course, for any integer x, and integer z, there must exist an integer z-x, so since z-x= ak, ak must exist.
So there are always solutions, for every prime p. Now I had to use ak, instead of just one variable because I also have as a key equation: k = 2ax mod p
Now that may seem to come out of the blue, but it's a deliberate introduction to force
z = x + ak
as consider that of course then 2ax = k mod p, and to make that explicit I'll let 2ax = k + pr_2
x^2 = y^2 + pr_1 and 2ax = k + pr_2
it makes sense to multiply the latter by k, so that you have
x^2 = y^2 + pr_1
and
2axk = k^2 + kpr_2
and then add them to get
x^2 + 2axk = y^2 + k^2 + p(r_1 + kr_2)
which just begs for completing the square by adding a^2 k^2 to both sides and simplifying a bit I get
(x+ak)^2 = y^2 + (1 + a^2) k^2 + p(r_1 + kr_2)
and compare with
z^2 = y^2 + nT
and you have that z=x+ak, when
nT = (1 + a^2) k^2 + p(r_1 + kr_2).
The skeptical among you can simply solve for k, using the quadratic formula and look to see when it is rational—remember that r_1 and r_2 are completely free integers.
Now it's trivial to get the main factoring congruences:
z = (2a)^{-1} (1 + 2a^2)k mod p
k^2 = (a^2+1)^{-1}(nT) mod p
and it's possible to also solve for y:
y = (1+2a^2)^{-1} z mod p, or y = -(1+2a^2)^{-1} z mod p.
Those results follow from that result that is so much about just completing the square so it's easy algebra, and that stepping out with values for pr_1 shows how you can get any prime.
But now you can easily show that the results solve the factoring problem, as given a T that is the product of two primes, it must be true that if p>sqrt(T), then p must be greater than the lesser prime unless T=p^2. And with z mod p and y mod p, you can get z-y mod p and z+y mod p, so you get residues modulo p of the factors since with
z^2 = y^2 + nT, you have trivially that (z-y)(z+y) = nT.
So, if you loop through all values for 'a' with n=1, then you have it with mathematical certainty that you will get cases where z-y mod p or z+y mod p just gives you one of the prime factors of T, directly.
Example: Let T=119, p=11. I find that a=2 will work and give me k=2 mod 11 as an answer.
Then z = 2(1+8)/4 mod 11 = 7/4 mod 11 = 10 mod 11.
And I can find y, from y^2 = 100 - 119 mod 11 = 3 mod 11 (or use the formulas above), so
y=5 mod 11 will work, and then z-y = 5 mod 11 and z+y = 4 mod 11, but I have something interesting here as I need to subtract 11, to get
z-y = -6 mod 11 and z+y = -7 mod 11.
The congruences will do the same thing without regard to the size of the number if n=1, and you loop through the a's that work, where the only other answers have to be for the trivial case where 119 is the factor, so it can only bounce between two sets of values, where one WILL factor your target.
But that is with n=1. You can also just set 'a' to some value and then pick an n that will give you a k, as remember:
k^2 = (a^2+1)^{-1}(nT) mod p
so (a^2+1)^{-1}(nT) must be a quadratic residue modulo p. But if you pick 'a' then you can ALWAYS find an n such that it is, but now you'd need a prime about the size of sqrt(nT), and then z-y mod p and z+y mod p would have to give residues of the factors of nT modulo p, where you'd just look for a case where the target got split.
That would be REALLY FAST as unlike the approach with n=1, where you have to resolve a quadratic residue and search through values for 'a', here you are picking the quadratic residue yourself, by setting 'a' and solving for n.
So that means the congruence relations solve the factoring problem, and proof that they must is fairly trivial to step through.
Remember, most of the mathematical work is just completing the square, and the two equations work together as a system. But mathematicians have traditionally studied just equations like z^2 = y^2 + nT as their full system and found various approaches to factoring in that way.
I added another equation to the system and found the mathematical laws governing its behavior, and can easily prove then how you factor with those laws. These laws were previously unknown to mathematicians.
So I used more information with a more robust system than mathematicians traditionally used, which is what people call thinking out of the box.
But rather than acknowledge this result, so far mathematicians have for the most part sat quietly, but if it is true—and you can check the easy algebra for yourself—then factoring is solved as a problem, but my understanding is that presuming it is a hard problem is the basis for RSA encryption and factoring the public key used in that system can allow you to decrypt messages encrypted with it.
If so, then I fear that as of now the RSA system is defunct, but so far no one is telling the world, but me.
JSH: Mathematical proof of factoring problem solution
Intriguingly it's easy to prove certain things about the relations I call factoring congruences and in doing so prove mathematically that they solve the factoring problem, without actually demonstrating with a factorization.
The Diophantine system of equations that I use is
x^2 = y^2 + pr_1
and
z^2 = y^2 + nT
where T is the target to be factored. What I did to probe the equations was connect x and z together with
z = x + ak
where I used two variables for that when it might seem like you could use one (which I did at first).
First off, there are an infinity of solutions with integers for the top equation given the bottom one.
For example with z^2 = y^2 + 21, I have that y=2 is a solution, which gives z = 5. Now with that y, there are an infinite number of integer solutions for pr_1, where I'll give a few with their factors to help readers understand several crucial points:
pr_1 = (5)(1) = 5, pr_1 = (6)(2) = 12, pr_1 = (7)(3) = 21, pr_1 = (8) (4) = 32, pr_1 = (9)(5) = 45,
pr_1 = (10)(6) = 60, and pr_1 = (11)(7) = 77.
Notice I just advance the factors by 1, and, of course, since you just step up by 1, every prime is a potential p, so there is an answer for every prime.
I did this stepping out yesterday and realized that several requirements I had put on nT were wrong, as it doesn't have to be odd and can have 3 as a factor. For each of those values above, it's trivial to find an x, as y is set, and, of course, for any integer x, and integer z, there must exist an integer z-x, so since z-x= ak, ak must exist.
So there are always solutions, for every prime p. Now I had to use ak, instead of just one variable because I also have as a key equation: k = 2ax mod p
Now that may seem to come out of the blue, but it's a deliberate introduction to force z = x + ak, as consider that of course then 2ax = k mod p, and to make that explicit I'll let 2ax = k + pr_2
x^2 = y^2 + pr_1 and 2ax = k + pr_2
it makes sense to multiply the latter by k, so that you have
x^2 = y^2 + pr_1
and
2axk = k^2 + kpr_2
and then add them to get
x^2 + 2axk = y^2 + k^2 + p(r_1 + kr_2)
which just begs for completing the square by adding a^2 k^2 to both sides and simplifying a bit I get
(x+ak)^2 = y^2 + (1 + a^2) k^2 + p(r_1 + kr_2)
and compare with
z^2 = y^2 + nT
and you have that z=x+ak, as long as nT = (1 + a^2) k^2 + p(r_1 + kr_2), and in the derivation (which I posted a while back) I cover how you know that you can do that, though the skeptical among you can simply solve for k, using the quadratic formula and look to see when it is rational—remember that r_1 and r_2 are completely free integers.
So I've covered how I further connect the system of two Diophantine equations, covered why a solution must always exist and shown why you have 'a' and 'k'. All that effort is about finding rules governing the system, which I call the factoring congruences.
In the previously posted derivation I show how you get the factoring congruences so I'll just give them here versus deriving them in detail again:
z = (2a)^{-1} (1 + 2a^2)k mod p
k^2 = (a^2+1)^{-1}(nT) mod p
and
y = (1+2a^2)^{-1} z mod p, or y = -(1+2a^2)^{-1} z mod p.
So remarkably there are these rules governing the system, which were previously unknown, and they cover things that can happen versus those that cannot.
For instance, I have been using p=11 in my examples in past posts demonstrating the factoring congruences with T=119 and n=1, but let n=1 again, and let T=21, so I can connect with what I have above and look again at the list of some possible values for pr_1:
pr_1 = (5)(1) = 5, pr_1 = (6)(2) = 12, pr_1 = (7)(3) = 21, pr_1 = (8) (4) = 32, pr_1 = (9)(5) = 45,
pr_1 = (10)(6) = 60, and pr_1 = (11)(7) = 77
In that list you can just see when 11 is the prime as that last case given where pr_1 = 77. And notice that 7 is there when it's a factor of 21, which can help you see how all those limitations I had in place, like I thought nT had to be coprime to pr_1, were just wrong, and of course nT can have 3 as a factor as 21 does.
Now since I found the factoring congruence relations by derivation, solving out with z^2 = y^2 + nT, but the equations end up just using nT mod p, you get the odd result that the answers given will apply to every nT that has the same residue modulo p. Which is just so weird that it bugged me for a while, but the math says it must be true.
But then, you can always factor T, if it is the product of two primes, by just using z-y mod p and z+y mod p, if p is chosen such that p>sqrt(T), and you get the non-trivial factorization.
So, if you find all a's that will work such that k exists, and remember
k^2 = (a^2+1)^{-1}(nT) mod p
then you WILL non-trivially factor T, as the answers you get for z and y mod p will simply bounce between giving you the residues of T mod p and 1, or giving you the residues of the prime factors modulo p, and one of them must be less than p, unless T=p^2, so it must have itself as its residue.
The factor will just pop out directly as an answer, which you know by mathematical proof.
Now, based on classical thinking in this area, it seems likely that k will exist about 50% of the time, but the mathematics is kind of weird here, so it may make it harder to find k than that if you loop through values for 'a' that you check to see if they work. I know, for instance, with p=11, and nT mod 11 = 9, there are only four possible values for the a's: 2, -2, 5 and -5. That's it, over infinity, so you have this odd thing that with 9 + 11c, where c is an integer, you can work out ALL the residues modulo 11 that can occur as residues of the factors modulo 11.
So I'm not sure that you can rely on just letting n=1 and finding an 'a' that will work. But you CAN set 'a' and definitely find an 'n' that will work, and then you use p>sqrt(nT), if you can though you might have to do some juggling to get a p that is large enough while setting 'n', but I'm not sure, but now you will have a chance of factoring nT, and might get a prime of your target in that way, again from z-y mod p and z+y mod p, but now rather than just seeing the prime itself, you'd pull it out with a gcd with nT.
And that is a solution to the factoring problem, which represents the approach I think would make the best for algorithms, as you don't search for 'a', and you don't have to resolve a quadratic residue modulo p.
Now I had given most of the algorithm before in a prior post replying to a poster who claimed to be working on an implementation, but I had all kinds of extra rules which I now know are unnecessary, so nT does not have to be coprime to 3, and small prime factors are not an issue for 'n'.
But even with those extras, a real implementation should have worked remarkably well, so I know that the poster who claimed to have implemented, could not have, and since he gave supposed results showing failure, I know those had to be fabrications.
Mathematical proof makes it easy and the proof behind these remarkable congruences is so easy as the hardest thing is completing the square!
A very trivial proof in terms of mathematical difficulty with a very easy explanation means it's trivial to know when people are wrong about this result.
It solves the factoring problem as easily shown by mathematical proof and the denial about that by the mathematical community up to this point is just unfathomable.
[A reply to someone who asked James how rapidly does the number of a's or n's to be checked increase for large values of T and whether or not did he have a way of keeping that number down to a reasonable size even when T becomes very large.]
The conclusion I have is that you will get an answer for a factorization, no matter what. That is, every 'a' that works to give you a k, will give you a z mod p and a y mod p such that z-y mod p or z +y mod p will give you the residues modulo p for SOME factorization of nT.
Now that is the weird result that bothers me so much as it seems so strange, and there is a reflex kind of thinking where I figure that maybe some z mod p and y mod p just are junk and don't connect to anything, but that's not what the math says.
There is no way trivial factorizations can be preferred as the trivial factorization just gives you two cases for the factors: T mod p and 1, or -T mod p and 1
So they can only account for TWO CASES though I think that multiple a's may give you those cases, but they have to also evenly cover all the others.
So the short answer is that without regard to the size of nT, these methods should factor nT very quickly with a limited search, unless there is something else I missed.
It is a weird result given everything we used to know about factoring. But all that went out the window with the two equation system.
Mathematicians were studying one equation when two were controlling.
With only half the decision equations in hand, factoring is a hard problem. With both, it's not.
The Diophantine system of equations that I use is
x^2 = y^2 + pr_1
and
z^2 = y^2 + nT
where T is the target to be factored. What I did to probe the equations was connect x and z together with
z = x + ak
where I used two variables for that when it might seem like you could use one (which I did at first).
First off, there are an infinity of solutions with integers for the top equation given the bottom one.
For example with z^2 = y^2 + 21, I have that y=2 is a solution, which gives z = 5. Now with that y, there are an infinite number of integer solutions for pr_1, where I'll give a few with their factors to help readers understand several crucial points:
pr_1 = (5)(1) = 5, pr_1 = (6)(2) = 12, pr_1 = (7)(3) = 21, pr_1 = (8) (4) = 32, pr_1 = (9)(5) = 45,
pr_1 = (10)(6) = 60, and pr_1 = (11)(7) = 77.
Notice I just advance the factors by 1, and, of course, since you just step up by 1, every prime is a potential p, so there is an answer for every prime.
I did this stepping out yesterday and realized that several requirements I had put on nT were wrong, as it doesn't have to be odd and can have 3 as a factor. For each of those values above, it's trivial to find an x, as y is set, and, of course, for any integer x, and integer z, there must exist an integer z-x, so since z-x= ak, ak must exist.
So there are always solutions, for every prime p. Now I had to use ak, instead of just one variable because I also have as a key equation: k = 2ax mod p
Now that may seem to come out of the blue, but it's a deliberate introduction to force z = x + ak, as consider that of course then 2ax = k mod p, and to make that explicit I'll let 2ax = k + pr_2
x^2 = y^2 + pr_1 and 2ax = k + pr_2
it makes sense to multiply the latter by k, so that you have
x^2 = y^2 + pr_1
and
2axk = k^2 + kpr_2
and then add them to get
x^2 + 2axk = y^2 + k^2 + p(r_1 + kr_2)
which just begs for completing the square by adding a^2 k^2 to both sides and simplifying a bit I get
(x+ak)^2 = y^2 + (1 + a^2) k^2 + p(r_1 + kr_2)
and compare with
z^2 = y^2 + nT
and you have that z=x+ak, as long as nT = (1 + a^2) k^2 + p(r_1 + kr_2), and in the derivation (which I posted a while back) I cover how you know that you can do that, though the skeptical among you can simply solve for k, using the quadratic formula and look to see when it is rational—remember that r_1 and r_2 are completely free integers.
So I've covered how I further connect the system of two Diophantine equations, covered why a solution must always exist and shown why you have 'a' and 'k'. All that effort is about finding rules governing the system, which I call the factoring congruences.
In the previously posted derivation I show how you get the factoring congruences so I'll just give them here versus deriving them in detail again:
z = (2a)^{-1} (1 + 2a^2)k mod p
k^2 = (a^2+1)^{-1}(nT) mod p
and
y = (1+2a^2)^{-1} z mod p, or y = -(1+2a^2)^{-1} z mod p.
So remarkably there are these rules governing the system, which were previously unknown, and they cover things that can happen versus those that cannot.
For instance, I have been using p=11 in my examples in past posts demonstrating the factoring congruences with T=119 and n=1, but let n=1 again, and let T=21, so I can connect with what I have above and look again at the list of some possible values for pr_1:
pr_1 = (5)(1) = 5, pr_1 = (6)(2) = 12, pr_1 = (7)(3) = 21, pr_1 = (8) (4) = 32, pr_1 = (9)(5) = 45,
pr_1 = (10)(6) = 60, and pr_1 = (11)(7) = 77
In that list you can just see when 11 is the prime as that last case given where pr_1 = 77. And notice that 7 is there when it's a factor of 21, which can help you see how all those limitations I had in place, like I thought nT had to be coprime to pr_1, were just wrong, and of course nT can have 3 as a factor as 21 does.
Now since I found the factoring congruence relations by derivation, solving out with z^2 = y^2 + nT, but the equations end up just using nT mod p, you get the odd result that the answers given will apply to every nT that has the same residue modulo p. Which is just so weird that it bugged me for a while, but the math says it must be true.
But then, you can always factor T, if it is the product of two primes, by just using z-y mod p and z+y mod p, if p is chosen such that p>sqrt(T), and you get the non-trivial factorization.
So, if you find all a's that will work such that k exists, and remember
k^2 = (a^2+1)^{-1}(nT) mod p
then you WILL non-trivially factor T, as the answers you get for z and y mod p will simply bounce between giving you the residues of T mod p and 1, or giving you the residues of the prime factors modulo p, and one of them must be less than p, unless T=p^2, so it must have itself as its residue.
The factor will just pop out directly as an answer, which you know by mathematical proof.
Now, based on classical thinking in this area, it seems likely that k will exist about 50% of the time, but the mathematics is kind of weird here, so it may make it harder to find k than that if you loop through values for 'a' that you check to see if they work. I know, for instance, with p=11, and nT mod 11 = 9, there are only four possible values for the a's: 2, -2, 5 and -5. That's it, over infinity, so you have this odd thing that with 9 + 11c, where c is an integer, you can work out ALL the residues modulo 11 that can occur as residues of the factors modulo 11.
So I'm not sure that you can rely on just letting n=1 and finding an 'a' that will work. But you CAN set 'a' and definitely find an 'n' that will work, and then you use p>sqrt(nT), if you can though you might have to do some juggling to get a p that is large enough while setting 'n', but I'm not sure, but now you will have a chance of factoring nT, and might get a prime of your target in that way, again from z-y mod p and z+y mod p, but now rather than just seeing the prime itself, you'd pull it out with a gcd with nT.
And that is a solution to the factoring problem, which represents the approach I think would make the best for algorithms, as you don't search for 'a', and you don't have to resolve a quadratic residue modulo p.
Now I had given most of the algorithm before in a prior post replying to a poster who claimed to be working on an implementation, but I had all kinds of extra rules which I now know are unnecessary, so nT does not have to be coprime to 3, and small prime factors are not an issue for 'n'.
But even with those extras, a real implementation should have worked remarkably well, so I know that the poster who claimed to have implemented, could not have, and since he gave supposed results showing failure, I know those had to be fabrications.
Mathematical proof makes it easy and the proof behind these remarkable congruences is so easy as the hardest thing is completing the square!
A very trivial proof in terms of mathematical difficulty with a very easy explanation means it's trivial to know when people are wrong about this result.
It solves the factoring problem as easily shown by mathematical proof and the denial about that by the mathematical community up to this point is just unfathomable.
[A reply to someone who asked James how rapidly does the number of a's or n's to be checked increase for large values of T and whether or not did he have a way of keeping that number down to a reasonable size even when T becomes very large.]
The conclusion I have is that you will get an answer for a factorization, no matter what. That is, every 'a' that works to give you a k, will give you a z mod p and a y mod p such that z-y mod p or z +y mod p will give you the residues modulo p for SOME factorization of nT.
Now that is the weird result that bothers me so much as it seems so strange, and there is a reflex kind of thinking where I figure that maybe some z mod p and y mod p just are junk and don't connect to anything, but that's not what the math says.
There is no way trivial factorizations can be preferred as the trivial factorization just gives you two cases for the factors: T mod p and 1, or -T mod p and 1
So they can only account for TWO CASES though I think that multiple a's may give you those cases, but they have to also evenly cover all the others.
So the short answer is that without regard to the size of nT, these methods should factor nT very quickly with a limited search, unless there is something else I missed.
It is a weird result given everything we used to know about factoring. But all that went out the window with the two equation system.
Mathematicians were studying one equation when two were controlling.
With only half the decision equations in hand, factoring is a hard problem. With both, it's not.
JSH: I did it.
And yeah, I solved the factoring problem. Sure, I had my doubts at times, but that was just being human.
Oh my God. Oh my God. Oh my wonderful God.
Some person convinced me for a while so that I could just settle I guess on the knowledge that seemed possible—so much less than what I found.
But I solved the factoring problem.
Here I stand. Eternity my stool beneath me. And She I love.
Do better than me.
Oh my God. Oh my God. Oh my wonderful God.
Some person convinced me for a while so that I could just settle I guess on the knowledge that seemed possible—so much less than what I found.
But I solved the factoring problem.
Here I stand. Eternity my stool beneath me. And She I love.
Do better than me.
Tuesday, January 15, 2008
JSH: Questioning certainty, again
I have to apologize as I came forward with a perfect mathematical argument and let myself be convinced that there were flaws and put forward "fixes" that were wrong.
The story is that a poster claimed that with my congruence relations T=21 did not work, and I'd had problems myself with a reversal of the method to resolve quadratic residues, with, yup, 21, so I was wondering if for some reason 3 was a problem for the relations.
So when he claimed that the congruence relations didn't work for 21, I kind of leapt to a conclusion, and started adding on additional conditions i.e. that nT be coprime to 3, and odd.
But they are not necessary.
It is an odd thing in this position with a dramatic argument in a well-worked area where I had a simple idea and saw it through to some relatively simple mathematics which reduces to a couple of easy Diophantine equations.
And yes, they ARE easy, which is how I realized that I'd added on unnecessary conditions by just solving out integer solutions with both equations with nT=21.
Now then, there is still one major issue where I must admit to being fascinated by human nature.
The derivation of my factoring congruence relations is all about figuring out z mod p, and y mod p, and I don't tell the algebra to mostly worry about nT mod p. It does that on its own.
But in doing so, it's saying that as far as the math is concerned that is all the information that is needed!!!
That was the other area where I questioned certainty—and here certainty is about mathematical proof.
What that means is that if you have an alpha, and you have a k, then you have a corresponding integer solution to z^2 = y^2 + nT, where y and z have the given residue modulo p.
That is just so freaking weird. It still kind of bugs me, as it's just so freaking weird.
So the congruence relations do solve the factoring problem if you resolve them with p>sqrt(T), and n=1, and get z-y mod p and z+y mod p as one of them will give you the smaller prime, directly.
It kind of bugs me though.
So I'll digress: George W. Bush invaded Iraq on false pretenses when the the now dead, but previously then alive Iraqi government actually offered to let CIA agents come into the country and go to areas where supposedly "weapons of mass destruction" existed. During the "shock and awe" part of the US campaign one of the news stories that distinguished itself in my mind was the accidental bombing of a ward of pregnant women in Iraq.
Oddly enough, at about the same time in the US, a dog fell through the ice on a partially frozen pond, and the country erupted with an outpouring of concern and relief when the dog was saved by brave rescuers.
And I realized that most human beings are not only not logical, they aren't really in the real world, but live in a world of their own perceptions.
Mathematics is for logical people.
And that is why I have problems getting my results acknowledged.
Most of you, are not logical people. You are people who when told will cheer the saving of a dog, and ignore the killing of pregnant women and babies, if that is what you are told to do, even if you are not in the United States. You are the same people. I know this because I see how you react to the truth, whether it's mathematical or in the "real world".
To most of you, your perception is reality, and you do not care—unless it's your wife and kid in that pregnancy ward.
The story is that a poster claimed that with my congruence relations T=21 did not work, and I'd had problems myself with a reversal of the method to resolve quadratic residues, with, yup, 21, so I was wondering if for some reason 3 was a problem for the relations.
So when he claimed that the congruence relations didn't work for 21, I kind of leapt to a conclusion, and started adding on additional conditions i.e. that nT be coprime to 3, and odd.
But they are not necessary.
It is an odd thing in this position with a dramatic argument in a well-worked area where I had a simple idea and saw it through to some relatively simple mathematics which reduces to a couple of easy Diophantine equations.
And yes, they ARE easy, which is how I realized that I'd added on unnecessary conditions by just solving out integer solutions with both equations with nT=21.
Now then, there is still one major issue where I must admit to being fascinated by human nature.
The derivation of my factoring congruence relations is all about figuring out z mod p, and y mod p, and I don't tell the algebra to mostly worry about nT mod p. It does that on its own.
But in doing so, it's saying that as far as the math is concerned that is all the information that is needed!!!
That was the other area where I questioned certainty—and here certainty is about mathematical proof.
What that means is that if you have an alpha, and you have a k, then you have a corresponding integer solution to z^2 = y^2 + nT, where y and z have the given residue modulo p.
That is just so freaking weird. It still kind of bugs me, as it's just so freaking weird.
So the congruence relations do solve the factoring problem if you resolve them with p>sqrt(T), and n=1, and get z-y mod p and z+y mod p as one of them will give you the smaller prime, directly.
It kind of bugs me though.
So I'll digress: George W. Bush invaded Iraq on false pretenses when the the now dead, but previously then alive Iraqi government actually offered to let CIA agents come into the country and go to areas where supposedly "weapons of mass destruction" existed. During the "shock and awe" part of the US campaign one of the news stories that distinguished itself in my mind was the accidental bombing of a ward of pregnant women in Iraq.
Oddly enough, at about the same time in the US, a dog fell through the ice on a partially frozen pond, and the country erupted with an outpouring of concern and relief when the dog was saved by brave rescuers.
And I realized that most human beings are not only not logical, they aren't really in the real world, but live in a world of their own perceptions.
Mathematics is for logical people.
And that is why I have problems getting my results acknowledged.
Most of you, are not logical people. You are people who when told will cheer the saving of a dog, and ignore the killing of pregnant women and babies, if that is what you are told to do, even if you are not in the United States. You are the same people. I know this because I see how you react to the truth, whether it's mathematical or in the "real world".
To most of you, your perception is reality, and you do not care—unless it's your wife and kid in that pregnancy ward.
JSH: Diophantine equations underlying
I thought it worth mentioning that what I call surrogate factoring is just using two Diophantine equations:
x^2 =3D y^2 + pr_1
and
z^2 =3D y^2 + nT
where I connect the classical difference of squares with a target composite to factor T, with another difference of squares. My initial approaches actually had nT on top, and I'd derive the second difference of squares usually as
(x+k)^2 =3D y^2 + 2k^2 + nT
and factor 2k^2 + nT, in order to try and get y directly, and go back to the earlier equation and factor, which is why x and y are there, but my latest approach was to flip things a bit, and I found I could introduce a prime p—chosen—and that rather than focus on getting y exactly, I could get z mod p and y mod p, where z =3D x + ak, so the latest burst of postings occurred after a couple of changes in direction as I was having trouble explaining with theory how the equations behaved as a Diophantine system, going the other way.
Crucial in understanding the value in this approach is realizing that the second set of difference of squares has ALWAYS BEEN THERE but mathematicians have either not been aware of it, or they didn't know that it constrained the classical difference of squares, whether you acknowledge it or not.
That's the way mathematics works—the existence of the other factorizations can apply rules to the one that people concentrate on, whether they care if they are there or not.
Now that is the "pure math" aspect of what I do, as years ago I speculated about whether or not you could factor one number through factoring another which is the concept of surrogate factoring, and back then I had no idea that I was looking for a Diophantine system of two difference of squares. And I had no clue that I could find z mod p and y mod p of the classical system through this approach.
If you think it's a trivial thing to get answers for both equations with all integers, then try it.
If you do so, you will find that they follow rules:
z =3D (2=E1)^{-1}(1 + 2=E1^2)k mod p
k^2 =3D (=E1^2+1)^{-1}(nT) mod p
where =E1 is non-zero and found such that k exists, and k is coprime to nT.
And y =3D (1+2=E1^2)^{-1} z mod p, or y =3D -(1+2=E1^2)^{-1} z mod p.
So at the heart of all the discussion, where the issue has always been effectiveness of factoring there is this "pure math" result which is set of congruence relations controlling the Diophantine system of two differences of squares.
x^2 =3D y^2 + pr_1
and
z^2 =3D y^2 + nT
where I connect the classical difference of squares with a target composite to factor T, with another difference of squares. My initial approaches actually had nT on top, and I'd derive the second difference of squares usually as
(x+k)^2 =3D y^2 + 2k^2 + nT
and factor 2k^2 + nT, in order to try and get y directly, and go back to the earlier equation and factor, which is why x and y are there, but my latest approach was to flip things a bit, and I found I could introduce a prime p—chosen—and that rather than focus on getting y exactly, I could get z mod p and y mod p, where z =3D x + ak, so the latest burst of postings occurred after a couple of changes in direction as I was having trouble explaining with theory how the equations behaved as a Diophantine system, going the other way.
Crucial in understanding the value in this approach is realizing that the second set of difference of squares has ALWAYS BEEN THERE but mathematicians have either not been aware of it, or they didn't know that it constrained the classical difference of squares, whether you acknowledge it or not.
That's the way mathematics works—the existence of the other factorizations can apply rules to the one that people concentrate on, whether they care if they are there or not.
Now that is the "pure math" aspect of what I do, as years ago I speculated about whether or not you could factor one number through factoring another which is the concept of surrogate factoring, and back then I had no idea that I was looking for a Diophantine system of two difference of squares. And I had no clue that I could find z mod p and y mod p of the classical system through this approach.
If you think it's a trivial thing to get answers for both equations with all integers, then try it.
If you do so, you will find that they follow rules:
z =3D (2=E1)^{-1}(1 + 2=E1^2)k mod p
k^2 =3D (=E1^2+1)^{-1}(nT) mod p
where =E1 is non-zero and found such that k exists, and k is coprime to nT.
And y =3D (1+2=E1^2)^{-1} z mod p, or y =3D -(1+2=E1^2)^{-1} z mod p.
So at the heart of all the discussion, where the issue has always been effectiveness of factoring there is this "pure math" result which is set of congruence relations controlling the Diophantine system of two differences of squares.
Monday, January 14, 2008
JSH: Was a simple math test
So I was kind of tricky in terms of not explaining in very simple terms what I was doing though it was obvious if you bothered to look.
All I did mathematically was constrain the standard difference of squares:
z^2 = y^2 + nT
with one more equation:
x^2 = y^2 + pr_1
where p is an odd prime, and you have all integers.
That's it. I discovered it was easy to do that and limit some possibilities so that you are working through a smaller set than you are with the classical unconstrained equation.
The only loss in terms of prime factors you can use for T is 3. And that's no loss for any practical factoring.
With the constraints came rules on which integers could work for z and y, and specifically came equations for z mod p, and y mod p.
Now that's the mathematics. It's not complicated and that is the absolute.
The practical question though is, can that be used to factor?
Well, you get more information than you do without knowing there exists the additional constraint.
If more information is useless for factoring then you have a logical dilemma.
The equations do not remove any information that was there before, so they just give you more information in addition to what was known before.
The logical issue then is, how can more information be useless in mathematics?
Now from a philosophical perspective, it's kind of a fun thing to consider that maybe in mathematics more information IS crap, even when you constrain a system in such a way that you pull more information out of it than you had before, except that's nonsensical.
The system was ALWAYS constrained, but mathematicians only knew one piece!
They worked with just z^2 = y^2 + nT because they didn't know any better, but behind the scenes the other constraining equation was still impacting behavior.
All I did was remove the curtain.
All I did mathematically was constrain the standard difference of squares:
z^2 = y^2 + nT
with one more equation:
x^2 = y^2 + pr_1
where p is an odd prime, and you have all integers.
That's it. I discovered it was easy to do that and limit some possibilities so that you are working through a smaller set than you are with the classical unconstrained equation.
The only loss in terms of prime factors you can use for T is 3. And that's no loss for any practical factoring.
With the constraints came rules on which integers could work for z and y, and specifically came equations for z mod p, and y mod p.
Now that's the mathematics. It's not complicated and that is the absolute.
The practical question though is, can that be used to factor?
Well, you get more information than you do without knowing there exists the additional constraint.
If more information is useless for factoring then you have a logical dilemma.
The equations do not remove any information that was there before, so they just give you more information in addition to what was known before.
The logical issue then is, how can more information be useless in mathematics?
Now from a philosophical perspective, it's kind of a fun thing to consider that maybe in mathematics more information IS crap, even when you constrain a system in such a way that you pull more information out of it than you had before, except that's nonsensical.
The system was ALWAYS constrained, but mathematicians only knew one piece!
They worked with just z^2 = y^2 + nT because they didn't know any better, but behind the scenes the other constraining equation was still impacting behavior.
All I did was remove the curtain.
JSH: Underlying math
The research I've been doing is actually about a Diophantine result, where I've been exploring two sets of equations:
x^2 = y^2 + pr_1
and
z^2 = y^2 + nT
where T is the target composite to be factored, and p is an odd prime, coprime to 3—also I've specified that nT must be odd, coprime to 3, and p.
I discovered you can introduce additional variables, where importantly I let z = x+k. Then I find constraints on what values k can have to give integer solutions, which are congruence results.
Correction: z = x + ak.
Those results are determined by mathematical proof, so they are absolutes.
They represent the conditions under which integer solutions will fit. Challenging the results is not an option as they are proven. The only option is to say that they don't matter and constraints on those solutions are of no use to researchers. But is that the truth?
I repeat, what my latest research is doing is finding the rules whereby there are solutions with all integers for those two equations. That's it. The conclusions I have are supported by an absolute argument.
That is, the support is a mathematical proof.
We shall call them The Rules:
z = (2a)^{-1}(1 + 2a^2)k mod p
where k is key, and k^2 = (a^2+1)^{-1}(nT) mod p.
And now you have the last important helper variable: a. It actually represents a set of solutions such that k exists i.e. (a^2+1)^{-1}(nT).
And, finally, you have
y = (1+2a^2)^{-1} z mod p, or y = -(1+2a^2)^{-1} z mod p.
Those are not just nifty looking equations but are absolutes that determine what integer can fit into
x^2 = y^2 + pr_1
and
z^2 = y^2 + nT
where, you should recall, z = x + ak.
So that's what those equations are: absolute mathematical rules that work over infinity to constrain the set of integer solutions available,
Which means that if you find integers that will fit into those equations they MUST obey ALL THE RULES.
There are a finite number of a's for any given nT and p, which gives a finite number of values for z mod p, y mod p, and therefore, for z-y mod p, and z+y mod p.
If p>sqrt(nT), then one of those values must factor nT. That is a mathematical absolute.
The one issue is, how many of those solutions are there?
The proof says that for every integer solution, there is this equation that defines when the a's exist:
a^2 = 2^{-1}(x^{-1} z - 1) mod p
so you get another quadratic residue. So there are two a's for every possible x mod p and z mod p that can fit. If none do, then there are NO solutions possible for that prime p.
So the a's tell you of the existence of integer solutions, over infinity for every possible (nT) mod p, that can fit with the two underlying equations, and it tells you how many possible residues there are modulo p.
With n=1, T=119, and p=11, note that only a=2 mod 11, and a=5 mod 11 will fit, over infinity.
x^2 = y^2 + pr_1
and
z^2 = y^2 + nT
where T is the target composite to be factored, and p is an odd prime, coprime to 3—also I've specified that nT must be odd, coprime to 3, and p.
I discovered you can introduce additional variables, where importantly I let z = x+k. Then I find constraints on what values k can have to give integer solutions, which are congruence results.
Correction: z = x + ak.
Those results are determined by mathematical proof, so they are absolutes.
They represent the conditions under which integer solutions will fit. Challenging the results is not an option as they are proven. The only option is to say that they don't matter and constraints on those solutions are of no use to researchers. But is that the truth?
I repeat, what my latest research is doing is finding the rules whereby there are solutions with all integers for those two equations. That's it. The conclusions I have are supported by an absolute argument.
That is, the support is a mathematical proof.
We shall call them The Rules:
z = (2a)^{-1}(1 + 2a^2)k mod p
where k is key, and k^2 = (a^2+1)^{-1}(nT) mod p.
And now you have the last important helper variable: a. It actually represents a set of solutions such that k exists i.e. (a^2+1)^{-1}(nT).
And, finally, you have
y = (1+2a^2)^{-1} z mod p, or y = -(1+2a^2)^{-1} z mod p.
Those are not just nifty looking equations but are absolutes that determine what integer can fit into
x^2 = y^2 + pr_1
and
z^2 = y^2 + nT
where, you should recall, z = x + ak.
So that's what those equations are: absolute mathematical rules that work over infinity to constrain the set of integer solutions available,
Which means that if you find integers that will fit into those equations they MUST obey ALL THE RULES.
There are a finite number of a's for any given nT and p, which gives a finite number of values for z mod p, y mod p, and therefore, for z-y mod p, and z+y mod p.
If p>sqrt(nT), then one of those values must factor nT. That is a mathematical absolute.
The one issue is, how many of those solutions are there?
The proof says that for every integer solution, there is this equation that defines when the a's exist:
a^2 = 2^{-1}(x^{-1} z - 1) mod p
so you get another quadratic residue. So there are two a's for every possible x mod p and z mod p that can fit. If none do, then there are NO solutions possible for that prime p.
So the a's tell you of the existence of integer solutions, over infinity for every possible (nT) mod p, that can fit with the two underlying equations, and it tells you how many possible residues there are modulo p.
With n=1, T=119, and p=11, note that only a=2 mod 11, and a=5 mod 11 will fit, over infinity.
Saturday, January 12, 2008
JSH: Understanding the double bind
There is overwhelming evidence that the research I have now should be taken seriously, where the best evidence is the mathematical proof itself that the factoring congruences I have do work.
But what I've been challenged with is providing a demonstration.
That may seem reasonable to you unless you understand that my claim is that I found relatively simple mathematics that ends the viability of RSA encryption, which is a statement now mostly backed by mathematical proof.
So the request is to show that I did find mathematical proof, where that proof is fairly trivial algebra, and DEMONSTRATE the failure of the encryption system currently being used to move trillions of dollars U.S. around the world.
There is no way that a sane and responsible cryptographic community would want such a demonstration, so the rational among you may simply choose to believe that there is no validity to my mathematical research, no matter what I claim about mathematical proof.
Yet I suggest another explanation, where the reason the system can be broken so easily is that it was never really all that good of an idea, and the reason it went forward as supposedly a good idea is that the people who are known as experts in crucial areas, are not actually, and that through some kind of complicated things and others things not so complicated, some people who I consider con artists gained critical mass in key disciplines and used them to make money for nothing, but
got in way, way, way over their heads.
So now they just kind of sit because they have no clue what to do.
Now then, my problem is that many of you cannot be convinced by hard evidence—except the demonstration that could be so dangerous—because your critical faculties have been hijacked by a very twisted technique where people you trust can cause what I call a buffer overflow of the human mind by presenting you with seeming contradictions, so your brain just kind of assumes the neocortex is screwing up—the newest part of the brain—and awaits instructions from the group.
So you sit, and would not wake-up from this problem until overwhelming evidence, or a more powerful group over-rode the commands from the group you rely upon now.
It's a powerful technique that works only on people who trust you, which explains, to give you another context, how George W. Bush managed to not only invade Iraq, but maintain that invasion despite the pretext being shown to be false, and still maintain control with many in the US STILL believing that the original reasons for invasion were valid.
The hijacking is extremely powerful and cannot be broken by reason alone.
It is a way to gain complete control of otherwise highly intelligent people and maintain that control indefinitely.
But they have to trust you.
To break this double-bind and regain your critical faculties, you only have to suppose, just suppose, not believe, that maybe, just maybe top mathematicians and cryptographers are not who they claim to be, and that they are really con artists who are in way, way, way over their heads, willing to let millions of people around the world suffer for their failures, as that's what con artists would do, while in contrast, true experts with moral fiber would do the right thing with crucial mathematical research.
If you break the double-bind you may experience physical symptoms, along with psychological ones including mild to moderate depression. Physical symptoms may include headache and nausea. You may also feel a need to isolate yourself and withdraw from your loved ones temporarily and find your ability to trust others in general will be affected.
Those should all pass with time.
But what I've been challenged with is providing a demonstration.
That may seem reasonable to you unless you understand that my claim is that I found relatively simple mathematics that ends the viability of RSA encryption, which is a statement now mostly backed by mathematical proof.
So the request is to show that I did find mathematical proof, where that proof is fairly trivial algebra, and DEMONSTRATE the failure of the encryption system currently being used to move trillions of dollars U.S. around the world.
There is no way that a sane and responsible cryptographic community would want such a demonstration, so the rational among you may simply choose to believe that there is no validity to my mathematical research, no matter what I claim about mathematical proof.
Yet I suggest another explanation, where the reason the system can be broken so easily is that it was never really all that good of an idea, and the reason it went forward as supposedly a good idea is that the people who are known as experts in crucial areas, are not actually, and that through some kind of complicated things and others things not so complicated, some people who I consider con artists gained critical mass in key disciplines and used them to make money for nothing, but
got in way, way, way over their heads.
So now they just kind of sit because they have no clue what to do.
Now then, my problem is that many of you cannot be convinced by hard evidence—except the demonstration that could be so dangerous—because your critical faculties have been hijacked by a very twisted technique where people you trust can cause what I call a buffer overflow of the human mind by presenting you with seeming contradictions, so your brain just kind of assumes the neocortex is screwing up—the newest part of the brain—and awaits instructions from the group.
So you sit, and would not wake-up from this problem until overwhelming evidence, or a more powerful group over-rode the commands from the group you rely upon now.
It's a powerful technique that works only on people who trust you, which explains, to give you another context, how George W. Bush managed to not only invade Iraq, but maintain that invasion despite the pretext being shown to be false, and still maintain control with many in the US STILL believing that the original reasons for invasion were valid.
The hijacking is extremely powerful and cannot be broken by reason alone.
It is a way to gain complete control of otherwise highly intelligent people and maintain that control indefinitely.
But they have to trust you.
To break this double-bind and regain your critical faculties, you only have to suppose, just suppose, not believe, that maybe, just maybe top mathematicians and cryptographers are not who they claim to be, and that they are really con artists who are in way, way, way over their heads, willing to let millions of people around the world suffer for their failures, as that's what con artists would do, while in contrast, true experts with moral fiber would do the right thing with crucial mathematical research.
If you break the double-bind you may experience physical symptoms, along with psychological ones including mild to moderate depression. Physical symptoms may include headache and nausea. You may also feel a need to isolate yourself and withdraw from your loved ones temporarily and find your ability to trust others in general will be affected.
Those should all pass with time.
JSH: Seems correct
A burst of research activity has lead me to a set of relatively simple congruences that change everything with factoring by allowing you to calculate z mod p and y mod p, when z^2 = y^2 + nT, and the first thing that happens when I get to a new research result is that I look for problems in my reasoning or anything that might mean that I'm just wishing for an answer versus having found one.
Thanks to some arguing back and forth on the newsgroups where some people did notice problems I was pushed to find a full existence proof and now have a complete theory, so I can puzzle over all the details.
Importantly as well, as I argued the ideas simplified, so that, for instance, for a while I thought you had to resolve quadratic residues to find y, but with the existence proof I got congruences that just give you y.
Also, importantly, I can now begin a full evaluation of resistance to my mathematical research across the board with the continuing silence from the official mathematical community with this result giving important clues.
So certain theories I was considering can now be finalized and the most important conclusion I can now deliver is that, yes, there has been deliberate suppression of my mathematical research by people who had to know what they were doing who were known to the world as tops in their field.
To give you some local perspective on the problem, many of you seem to respect Phil Carmody as both an expert and someone who gives a damn about cryptography and important results, but there has been just one brief post from that person telling people to ignore me.
I've been up against a club, a group of mostly men who decided that they would suppress my research and felt confident they could get away with it indefinitely.
With this latest result they must know they are done, but they still can't bring themselves to do anything until forced, at which time I suppose they will come up with rationalizations and expect to retain their current positions—as well as your respect and admiration.
Lots of mysteries getting resolved and quickly. My assessment that I was dealing with cons is gaining greater and greater reinforcement, and it appears, finally, that yes, there is a conspiracy.
A conspiracy of silence.
Thanks to some arguing back and forth on the newsgroups where some people did notice problems I was pushed to find a full existence proof and now have a complete theory, so I can puzzle over all the details.
Importantly as well, as I argued the ideas simplified, so that, for instance, for a while I thought you had to resolve quadratic residues to find y, but with the existence proof I got congruences that just give you y.
Also, importantly, I can now begin a full evaluation of resistance to my mathematical research across the board with the continuing silence from the official mathematical community with this result giving important clues.
So certain theories I was considering can now be finalized and the most important conclusion I can now deliver is that, yes, there has been deliberate suppression of my mathematical research by people who had to know what they were doing who were known to the world as tops in their field.
To give you some local perspective on the problem, many of you seem to respect Phil Carmody as both an expert and someone who gives a damn about cryptography and important results, but there has been just one brief post from that person telling people to ignore me.
I've been up against a club, a group of mostly men who decided that they would suppress my research and felt confident they could get away with it indefinitely.
With this latest result they must know they are done, but they still can't bring themselves to do anything until forced, at which time I suppose they will come up with rationalizations and expect to retain their current positions—as well as your respect and admiration.
Lots of mysteries getting resolved and quickly. My assessment that I was dealing with cons is gaining greater and greater reinforcement, and it appears, finally, that yes, there is a conspiracy.
A conspiracy of silence.
Friday, January 11, 2008
Latest advances with factoring congruences
There has been a burst of research lately on an outgrowth of mathematical research I've pioneered for about four years into the question of whether or not factoring one number could be used to factor another.
That there has been a steady and persistent achievement of milestones over a period of years may surprise many of you who just know about the effort from cases when a flurry of newsgroup postings show up, where a lot of people criticize a particular research effort.
The latest and most important chapter though to cap years of basic research is the remarkable discovery of just a few basic equations—factoring congruences:
Given z^2 = y^2 + nT
at least 50% of the time, you can solve for z modulo a given prime p coprime to y, z and odd nT coprime to 3, with the following congruence relations:
z = (2a)^{-1}(1 + 2a^2)k mod p
and
k^2 = (a^2+1)^{-1}(nT) mod p
where 'a' is chosen such that k exists i.e. (a^2+1)^{-1}(nT) is a quadratic residue modulo p, and k is coprime to nT.
Where also, y = (1+2a^2)^{-1} z mod p, or y = -(1+2a^2)^{-1} z mod p.
And I've included some of the latest research found just yesterday from the existence proof, which shows the relations will work for a particular prime p at least 50% of the time, and from which I also found the equations giving y.
That y is given in that way versus my prior belief that you had to solve for y, from
y^2 = z^2 - nT
removes the one area where speed might have been an issue. That is because for any particular 'a' that you choose, 'n' can be chosen such that (a^2+1)^{-1}(nT) is a quadratic residue modulo p, which means you can force solutions easily. The one warning there is that n cannot be divisible by 3, should not be even and should not contain small primes e.g. primes under 100.
The relations are easily derived, and I've made that derivation available so that others can look it over to see if it contains mistakes, and none have been noted. The existence proof was worked out by me mostly yesterday so there is a possibility that there is some error in it, but I doubt that at this time.
Then the mathematics says that the factoring congruence relations are valid, and that they will work with a given prime p when all the conditions listed are met, about 50% of the time.
There has been a push for me to develop a working algorithm from them, and demonstrate that they work by factoring a large number, which may seem like a reasonable request to many of you.
But in the meantime while I work at making sure that my current research is correct, and later work at writing a computer program, the proof that they work is freely available, so it would be a remarkable part of this story for a refusal of the mathematical community to accept proof to be a large part of the delay in informing the world of the situation.
I have sent an early paper to a math journal, which might have been a bit too early as it did not have the existence proof, some of the conditions or the information that they work 50% of the time for a given prime, but there is that to have some hope on.
Also I have emailed some mathematician directly.
If the factoring congruences are correct, and if they do factor about 50% of the time when you use a p>sqrt(nT), then they could allow factoring of what is generally called a public key, which is part of the encryption system developed by RSA. If that is true, then they would probably allow rapid factoring of it as well, which would mean a system that was thought to be capable of protecting information for decades, will have been proven defunct, almost literally overnight.
Of course, there are those who would rather that be demonstrated first, and not left as a claim based solely on mathematical proof, so there is a call for me to factor a public key, and show that RSA encryption is over.
And that covers all the key items and should bring you up to speed on the the latest.
That there has been a steady and persistent achievement of milestones over a period of years may surprise many of you who just know about the effort from cases when a flurry of newsgroup postings show up, where a lot of people criticize a particular research effort.
The latest and most important chapter though to cap years of basic research is the remarkable discovery of just a few basic equations—factoring congruences:
Given z^2 = y^2 + nT
at least 50% of the time, you can solve for z modulo a given prime p coprime to y, z and odd nT coprime to 3, with the following congruence relations:
z = (2a)^{-1}(1 + 2a^2)k mod p
and
k^2 = (a^2+1)^{-1}(nT) mod p
where 'a' is chosen such that k exists i.e. (a^2+1)^{-1}(nT) is a quadratic residue modulo p, and k is coprime to nT.
Where also, y = (1+2a^2)^{-1} z mod p, or y = -(1+2a^2)^{-1} z mod p.
And I've included some of the latest research found just yesterday from the existence proof, which shows the relations will work for a particular prime p at least 50% of the time, and from which I also found the equations giving y.
That y is given in that way versus my prior belief that you had to solve for y, from
y^2 = z^2 - nT
removes the one area where speed might have been an issue. That is because for any particular 'a' that you choose, 'n' can be chosen such that (a^2+1)^{-1}(nT) is a quadratic residue modulo p, which means you can force solutions easily. The one warning there is that n cannot be divisible by 3, should not be even and should not contain small primes e.g. primes under 100.
The relations are easily derived, and I've made that derivation available so that others can look it over to see if it contains mistakes, and none have been noted. The existence proof was worked out by me mostly yesterday so there is a possibility that there is some error in it, but I doubt that at this time.
Then the mathematics says that the factoring congruence relations are valid, and that they will work with a given prime p when all the conditions listed are met, about 50% of the time.
There has been a push for me to develop a working algorithm from them, and demonstrate that they work by factoring a large number, which may seem like a reasonable request to many of you.
But in the meantime while I work at making sure that my current research is correct, and later work at writing a computer program, the proof that they work is freely available, so it would be a remarkable part of this story for a refusal of the mathematical community to accept proof to be a large part of the delay in informing the world of the situation.
I have sent an early paper to a math journal, which might have been a bit too early as it did not have the existence proof, some of the conditions or the information that they work 50% of the time for a given prime, but there is that to have some hope on.
Also I have emailed some mathematician directly.
If the factoring congruences are correct, and if they do factor about 50% of the time when you use a p>sqrt(nT), then they could allow factoring of what is generally called a public key, which is part of the encryption system developed by RSA. If that is true, then they would probably allow rapid factoring of it as well, which would mean a system that was thought to be capable of protecting information for decades, will have been proven defunct, almost literally overnight.
Of course, there are those who would rather that be demonstrated first, and not left as a claim based solely on mathematical proof, so there is a call for me to factor a public key, and show that RSA encryption is over.
And that covers all the key items and should bring you up to speed on the the latest.