Lenstra’s integer factorization algorithm is asymptotically one of the fastest known algorithms, and is also ideally suited for parallel computation. We suggest a way in which the algorithm can be speeded up by the addition of a second phase. Under some plausible assumptions, the speedup is of order log(p), where p is the factor which is found. In practice the speedup is significant. We mention some refinements which give greater speedup, an alternative way of implementing a second phase, and the connection with Pollard’s “p − 1” factorization algorithm. 1

The problem of finding the prime factors of large composite numbers has always been of mathematical interest. With the advent of public key cryptosystems it is also of practical importance, because the security of some of these cryptosystems, such as the Rivest-Shamir-Adelman (RSA) system, depends on the difficulty of factoring the public keys. In recent years the best known integer factorisation algorithms have improved greatly, to the point where it is now easy to factor a 60-decimal digit number, and possible to factor numbers larger than 120 decimal digits, given the availability of enough computing power. We describe several algorithms, including the elliptic curve method (ECM), and the multiple-polynomial quadratic sieve (MPQS) algorithm, and discuss their parallel implementation. It turns out that some of the algorithms are very well suited to parallel implementation. Doubling the degree of parallelism (i.e. the amount of hardware devoted to the problem) roughly increases the size of a number which can be factored in a fixed time by 3 decimal digits. Some recent computational results are mentioned – for example, the complete factorisation of the 617-decimal digit Fermat number F11 = 2211 + 1 which was accomplished using ECM.

The diameter of a group G with respect to a set S of generators is the maximum over g 2 G of the length of the shortest word in S [ S 1 representing g. This concept arises in the contexts of efficient communication networks and Rubik's cube type puzzles. "Best" generators (giving minimum diameter while keeping the number of generators limited) are pertinent to networks, "worst" and "average" generators seem a more adequate model for puzzles. We survey a substantial body of recent work by the authors on these subjects. Regarding the "best" case, we show that while the structure of the group is essentially irrelevant if |S| is allowed to exceed (log |G|) 1+c (c > 0), it plays a heavy role when jSj = O(1). In particular, every nonabelian nite simple group has a set of 7 generators giving logarithmic diameter. This cannot happen for groups with an abelian subgroup of bounded index. { Regarding the worst case, we are concerned primarily with permutation groups of degree n and obtain a tight exp((n ln n) 1=2 (1 + o(1))) upper bound. In the average case, the upper bound improves to exp((ln n) 2 (1 + o(1))). As a rst step toward extending this result to simple groups other than An , we establish that almost every pair of elements of a classical simple group G generates G, a result previously proved by J. Dixon for An . In the limited space of this article, we try to illuminate some of the basic underlying techniques.

. We describe the complete factorization of the tenth and eleventh Fermat numbers. The tenth Fermat number is a product of four prime factors with 8, 10, 40 and 252 decimal digits. The eleventh Fermat number is a product of five prime factors with 6, 6, 21, 22 and 564 decimal digits. We also note a new 27-decimal digit factor of the thirteenth Fermat number. This number has four known prime factors and a 2391-decimal digit composite factor. All the new factors reported here were found by the elliptic curve method (ECM). The 40-digit factor of the tenth Fermat number was found after about 140 Mflop-years of computation. We discuss aspects of the practical implementation of ECM, including the use of special-purpose hardware, and note several other large factors found recently by ECM. 1. Introduction For a nonnegative integer n, the n-th Fermat number is F n = 2 2 n + 1. It is known that F n is prime for 0 n 4, and composite for 5 n 23. Also, for n 2, the factors of F n are of th...

Lectures given by Prof. J.W.P. Hirschfeld. Abstract Curves over finite fields not only are interesting structures in themselves, but they are also remarkable for their application to coding theory and to the study of the geometry of arcs in a finite plane. In this note, the basic properties of curves and the number of their points are recounted.

and P. Bikker (University of Groningen). The subjects of the talks covered a wider area than the title of the seminar suggests: Gröbner bases, polynomial maps, algebraic geometry, transcendental numbers, linear algebra, linear differential equations, graphs and (even) finite elements. Nevertheless, ‘algebraic algorithms ’ was the connecting principle. There was also a great variety in style and goal: some talks were overviews or introductions, other ones reports on ongoing research. These lecture notes of the seminar form a snapshot of interests and activities of part of

Deterministic algorithms are presented for the efficient solution of diagonal homogeneous equations in many variables over finite fields. As auxiliary algorithms, it is shown how to compute a field generator that is an nth power, and how to write elements as sums of nth powers, for a given integer n. All these algorithms take polynomial time in n and in the logarithm of the field size, and are practical as stated.

The number of solutions of an equation related to a product of multilinear polynomials

Abstract. Both a general and a diagonal u-invariant for forms of higher degree are defined, generalizing the u-invariant of quadratic forms. Both old and new results on these invariants are collected.