Results

**11 - 20**of**20**### Divisibility, Smoothness and Cryptographic Applications

, 2008

"... This paper deals with products of moderate-size primes, familiarly known as smooth numbers. Smooth numbers play an crucial role in information theory, signal processing and cryptography. We present various properties of smooth numbers relating to their enumeration, distribution and occurrence in var ..."

Abstract
- Add to MetaCart

This paper deals with products of moderate-size primes, familiarly known as smooth numbers. Smooth numbers play an crucial role in information theory, signal processing and cryptography. We present various properties of smooth numbers relating to their enumeration, distribution and occurrence in various integer sequences. We then turn our attention to cryptographic applications in which smooth numbers play a pivotal role. 1 1

### Journal of Integer Sequences, Vol. 15 (2012), Article 12.3.2 On the Truncated Kernel Function

"... We study properties of the truncated kernel function γ2 defined on integers n ≥ 2 by γ2(n) = γ(n)/P(n), where γ(n) = ∏ p|n p is the well-known kernel function and P(n) is the largest prime factor of n. In particular, we show that the maximal order of γ2(n) for n ≤ x is (1 + o(1))x/log x as x → ∞ ..."

Abstract
- Add to MetaCart

We study properties of the truncated kernel function γ2 defined on integers n ≥ 2 by γ2(n) = γ(n)/P(n), where γ(n) = ∏ p|n p is the well-known kernel function and P(n) is the largest prime factor of n. In particular, we show that the maximal order of γ2(n) for n ≤ x is (1 + o(1))x/log x as x → ∞ and that ∑ n≤x 1/γ2(n) = (1 + o(1))ηx/log x, where η = ζ(2)ζ(3)/ζ(6). We further show that, given any positive real number u < 1, limx→ ∞ 1 x #{n ≤ x: γ2(n) < xu} = limx→ ∞ 1 x #{n ≤ x: n/P(n) < xu} = 1 − ρ(1/(1 − u)), where ρ is the Dickman function. We also show that n/P(n) can very often be 1 much larger than γ2(n), namely by proving that, given any c ∈ [1, ξ), where ξ is the unique solution to ξ log 2 = log(1 + ξ) + ξ log(1 + 1/ξ), then #{n ≤ x: γ2(n) ≥ n/(c log n)} = o (#{n ≤ x: n/P(n) ≥ n/(c log n)}) (x → ∞). 1

### A Refinement of the Function g(x) on Grimm’s Conjecture

, 811

"... In this paper, we refine the function g(x) on Grimm’s conjecture and obtain an analogical result of Erdös and Selfridge without using Hall’s theorem. Keywords: consecutive composite numbers, Grimm’s Conjecture, Cramér’s conjecture, binomial coefficient ..."

Abstract
- Add to MetaCart

In this paper, we refine the function g(x) on Grimm’s conjecture and obtain an analogical result of Erdös and Selfridge without using Hall’s theorem. Keywords: consecutive composite numbers, Grimm’s Conjecture, Cramér’s conjecture, binomial coefficient

### COARSE-GRAINED INTEGERS Smooth? Rough? Both!

, 2012

"... Abstract. We count]B,C]-grained,k-factor integers which are simultaneously B-rough and C-smooth and have a fixed number k of prime factors. Our aim is to exploit explicit versions of the prime number theorem as much as possible to get good explicit bounds for the count of such integers. This analysi ..."

Abstract
- Add to MetaCart

Abstract. We count]B,C]-grained,k-factor integers which are simultaneously B-rough and C-smooth and have a fixed number k of prime factors. Our aim is to exploit explicit versions of the prime number theorem as much as possible to get good explicit bounds for the count of such integers. This analysis was inspired by certain inner procedures in the general number field sieve. The result should at least provide some insight in what happens there. We estimate the given count in terms of some recursively defined functions. Since they are still difficult to handle, only another approximation step reveals their orders. Finally, we use the obtained bounds to perform numerical experiments that show how good the desired count can be approximated for the parameters of the general number field sieve in the mentioned inspiring application.

### L’ANNEAU Z ET SES QUOTIENTS RÉSUMÉ ET QUESTIONS

"... Un anneau est un ensemble A muni de deux lois de composition internes + et × telles que (A, +) est un groupe commutatif d’élément neutre noté 0 et la loi × est associative et distributive à gauche et à droite par rapport à +. Si × admet un élément neutre 1 on dit que l’anneau est unitaire. Si × est ..."

Abstract
- Add to MetaCart

Un anneau est un ensemble A muni de deux lois de composition internes + et × telles que (A, +) est un groupe commutatif d’élément neutre noté 0 et la loi × est associative et distributive à gauche et à droite par rapport à +. Si × admet un élément neutre 1 on dit que l’anneau est unitaire. Si × est commutative on dit que l’anneau est commutatif. L’anneau des matrices d × d pour d ≥ 2 est unitaire mais pas commutatif. Les ensemblesRet Z sont des anneaux. Soit A un anneau commutatif. Un idéal de A est un sous-ensemble non-vide I tel que (I, +) est un sous-groupe de (A, +) et AI ⊂ I. Par exemple 5Z est un idéal deZ. Si a ∈ A l’ensemble aA est un idéal souvent noté (a). Un tel idéal est dit principal. Tous les idéaux de Z sont principaux. Un anneau dont tous les idéaux sont principaux est dit principal. L’intersection d’une famille d’idéaux est un idéal. Si S est une partie de A alors le plus petit idéal de A contenant S est l’intersection de tous les idéaux contenant S. On le note (S). Si A = Z[X] alors l’idéal (2, X) n’est pas principal. La somme I + J de deux idéaux est par définition le plus petit idéal contenant I et J. L’anneau Z est principal. Cela se montre avec la division euclidienne. Si I est un idéal nonnul

### EULER’S CONSTANT: EULER’S WORK AND MODERN DEVELOPMENTS

, 2013

"... Abstract. This paper has two parts. The first part surveys Euler’s work on the constant γ =0.57721 ·· · bearing his name, together with some of his related work on the gamma function, values of the zeta function, and divergent series. The second part describes various mathematical developments invol ..."

Abstract
- Add to MetaCart

Abstract. This paper has two parts. The first part surveys Euler’s work on the constant γ =0.57721 ·· · bearing his name, together with some of his related work on the gamma function, values of the zeta function, and divergent series. The second part describes various mathematical developments involving Euler’s constant, as well as another constant, the Euler–Gompertz constant. These developments include connections with arithmetic functions and the Riemann hypothesis, and with sieve methods, random permutations, and random matrix products. It also includes recent results on Diophantine approximation and transcendence related to Euler’s constant. Contents

### 18.783 Elliptic Curves Spring 2013 Lecture #11 03/14/2013

"... 11.1 A generic lower bound for the discrete logarithm problem We now give a lower bound for solving the discrete logarithm problem with a generic group algorithm. We will show that if p is the largest prime divisor of N, then any generic group algorithm for the discrete logarithm problem must use Ω ..."

Abstract
- Add to MetaCart

11.1 A generic lower bound for the discrete logarithm problem We now give a lower bound for solving the discrete logarithm problem with a generic group algorithm. We will show that if p is the largest prime divisor of N, then any generic group algorithm for the discrete logarithm problem must use Ω ( √ p) group operations. In the case that the group order N = p is prime this bound is tight, since we have already seen that the problem can be solved with O ( √ N) group operations using the baby-steps giant-steps method. This lower bound applies not only to deterministic algorithms, but also to randomized algorithms. A generic Monte Carlo algorithm for the discrete logarithm problem must use Ω ( √ p) group operations in order to be correct with probability greater than 1/2, and the expected running time of any generic Las Vegas algorithm for the discrete logarithm problem is Ω ( √ p) group operations. The following theorem is due to Shoup [7]. It generalizes an earlier result of Nechaev [6] to a wider class of algorithms that includes all the methods we have seen for computing discrete logarithms. Our presentation here differs slightly from Shoup’s and gives a sharper bound, but the essential details are the same. Recall that in our generic group model, each group element is uniquely represented as a bit-string via an injective identification map id: G → {0, 1} n, where n = O(log |G|). Theorem 11.1 (Shoup). Let G = 〈α 〉 be group of order N. Let B be a black box for G supporting the operations identity, inverse, and compose, using a random identification map id: G → {0, 1} n. Let A: {0, 1} n × {0, 1} n → Z/NZ be a randomized generic group algorithm that makes at most m − 4⌈log 2 N ⌉ calls to B, for some integer m, and let x denote a random element of Z/NZ. Then m2 Pr [A(id(α), id(xα)) = x] < x,id,τ 2p, where τ denotes the random coin-flips made by A and p is the largest prime factor of N. Note that A can generate random elements of G by computing zα for random z ∈ Z/NZ (we assume that A is given the group order N). The theorem includes deterministic algorithms as the special case where A does not use any bits of τ. Bounding the number of calls A makes to B might appear to preclude Las Vegas algorithms, but we will derive a corollary that addresses this. Proof. To simply the proof, we will replace A by an algorithm A ′ that does the following:

### Computational Number Theory and Algebra June 27, 2012 Lecture 20

"... Today, we will discuss another application of smooth numbers, namely: • The Quadratic Sieve method for factoring integers. 1 The Quadratic Sieve method The Quadratic Sieve (QS), which was first proposed by Pomerance [Pom82, Pom84], is also based on Kraitchik’s scheme of finding ‘distinct ’ roots of ..."

Abstract
- Add to MetaCart

Today, we will discuss another application of smooth numbers, namely: • The Quadratic Sieve method for factoring integers. 1 The Quadratic Sieve method The Quadratic Sieve (QS), which was first proposed by Pomerance [Pom82, Pom84], is also based on Kraitchik’s scheme of finding ‘distinct ’ roots of a square modulo N. But unlike Dixon’s algorithm, this method is deterministic with a heuristic analysis showing a time bound of e (1+o(1))√ln N ln ln N operations. Although it has the same asymptotic complexity as the best (rigorous) randomized algorithm, the QS is much more efficient in practice. As for the assumptions made in the analysis of the QS, in Pomerance’s [Pom08] own words “...perhaps we should be more concerned with what is true rather than what is provable, at least for the design of a practical algorithm.”. The Quadratic Sieve method generates a sequence of squares modulo N using the polynomial x2 − N, by varying integer x from √ N to √ N + N o(1). We could say x2 mod N instead of x2 − N, they being the same as x ≤ √ N + N o(1). This step of deterministically generating squares modulo N is in contrast to Dixon’s algorithm where x is chosen randomly and then x 2 mod N is computed. As before, we are interested in those numbers in the sequence that are y-smooth (for some fixed y). Understanding the distribution of smooth numbers in this sequence is a difficult number theoretic problem. Instead, to make the analysis go through we assume that the sequence generates y-smooth numbers in the same frequency as numbers picked randomly from the range [0, 2N 1 2 +o(1)]. Since √ N ≤ x ≤ √ N + N o(1) , x2 − N is between 0 and roughly X = 2N 1 2 +o(1). In other words, we assume that a y-smooth number is encountered after about