Factor Decomposition
The complete factor list can be derived according to the decomposition, and the power is incremented from zero until equal to this number. For example, because 45 = 3 2 × 5, 45 can be 3 0 × 5 0 , 3 0 × 5 1 , 3 1 × 5 0 , 3 1 × 5 1 , 3 2 × 5 0 , and 3 2 × 5 1 , or 1, 5, 3, 9, 15, and 45. Correspondingly, the decomposition is only included in factors.
actual application
gives two approximately, it is easy to multiply them. However, give their product, find out their factors, is not so easy. This is the key to many modern cryptographic systems. If you can find a quick way to solve an integer decomposition problem, several important password systems will be broken, including RSA public key algorithms, and Blum Blum SHUB random number generators.
Although rapid decomposition is one of the methods of attacking these systems, there will still be other methods that do not involve decomposition. So the situation is entirely like this: integer decomposition is still very difficult, but these password systems are able to quickly break. Some password systems provide stronger guarantee: If these cryptographic systems are quickly crackdron (ie, can be cracked with multiple time complexity), they can quickly (with polynomial time complexity) to decompose . In other words, a cryptographic system that cracks is not easier than an integer decomposition. Such a cryptographic system includes a Rabin cryptographic system (a variant of RSA) and a BLUM BLUM SHUB random number generator.
Today's new progress
2005, 663 binary bits of RSA-200, which have been used as a common study, has been decomposed by a general purpose method.
If a large, there is n number of binary number length lengths is the product of two almost different, and there is no good algorithm to complicate with polynomial time. Decompose it.
This means that there is no known algorithm to decompose it within the time of O ( n ) ( k as constant). However, the algorithm is also fast than θ (e). In other words, we are known that the best algorithm is fast than an index number of times, slower than a polynomial order time. It is known that the best progressive proximity line is a normal Digital Digital Filter (GNFS). Time is:
For normal computers, GNFS is our best to deal with n is approximately Number of methods. However, for quantum computers, Peter Xiuer found a algorithm that can solve this problem with a polynomial time in 1994. If the large quantum computer is established, this will have important significance for cryptography. This algorithm only needs O ( n ) in time, and the space is as long as O ( n ). It is only necessary to 2 n quantum bit. In 2001, the first 7 quantum quantum computer first runs this algorithm, and its decomposition is 15.
Difficulty and complexity
It is not exactly that integer decomposition belongs to which complexity class.
We know the form of judgment issues in this question ("Do you have any approximately number than m smaller than m ?") is in NP and NP. Because whether or not the answer is or not, we can verify this answer with a provenum of the number of factors, and the number of prime numbers. It is known from the Xiuer algorithm that this problem is in BQP. Most people suspect that this issue is not in P, NP, and the three complex categories of anti-NP. If this problem can be proven to be NP complete or anti-NP, we can push NP = anti-NP. This will be a very shocking result, and most people guess this problem is not in the above complex categories. There are also many people trying to find out the algorithms of the polynomial time to solve this problem, but they have not been successful, so this problem is also suspected of being in which.
Interesting is that it is simple to determine whether an integer is a prime number. The AKS algorithm proves that the former can be resolved in a polynomial time. Testing if a number is a very important ring in the RSA algorithm, because it needs a large number of prime to find at the beginning.
Integer Decomposition Algorithm
Special Use Algorithm
Running of a special factor decomposition algorithm relies on its own unknown factor: size, type, etc. The running time between different algorithms is also different.
-
Taxi
-
wheel decomposition
-
Polrad RHO algorithm
-
of the algebraic decomposition algorithm, including the Pollar's P -1 algorithm, Williams' P +1 algorithm and Lenstra Elliptic Curve Decomposition
-
马素 Judgment
-
Eura Decomposition
-
Special Digand Filter
General Use Algorithm
The runtime of the general purpose algorithm only relies on an integer to decompose length. This algorithm can be used to decompose the number of RSAs. Most general use algorithms are based on the same way.
-
Dixon algorithm
-
Connection Decomposition (CFRAC)
-
Secondary screening method
-
rational screening method
-
Ordinary Digital Screening method
-
Shanks' Square Forms Factorization (SQUFOF)
Other Algorithms
-
Xiul Algorithm
< / li>