Results 1  10
of
21
Faster Square Roots in Annoying Finite Fields
"... Let q be an odd prime number. There are several methods known to compute square roots in Z=q: the quadraticextension methods of Legendre, Pocklington, Cipolla, Lehmer, et al., and the discretelogarithm methods of Tonelli, Shanks, et al. The quadraticextension methods use (3 + o(1)) lg q multiplic ..."
Abstract

Cited by 10 (0 self)
 Add to MetaCart
Let q be an odd prime number. There are several methods known to compute square roots in Z=q: the quadraticextension methods of Legendre, Pocklington, Cipolla, Lehmer, et al., and the discretelogarithm methods of Tonelli, Shanks, et al. The quadraticextension methods use (3 + o(1)) lg q multiplications and, on average, 2 + o(1) Jacobisymbol computations mod q. The discretelogarithm methods use only (1 + o(1)) lg q multiplications, after an easy precomputation of one element of Z=q, if ord2 (q 1) 2 o( p lg q). This paper presents an algorithm that uses only (1 + o(1)) lg q multiplications, after an easy precomputation of (lg q) O(1) elements of Z=q, if ord2 (q 1) 2 o( p lg q lg lg q). For example, the new algorithm can compute square roots in Z=q for q = 2 224 2 96 + 1 using 364 multiplications in Z=q and 1024 precomputed elements of Z=q. The same technique speeds up the SilverPohligHellman algorithm for computing discrete logarithms in any cyclic group of smooth order.
Implementation Of The AtkinGoldwasserKilian Primality Testing Algorithm
 RAPPORT DE RECHERCHE 911, INRIA, OCTOBRE
, 1988
"... We describe a primality testing algorithm, due essentially to Atkin, that uses elliptic curves over finite fields and the theory of complex multiplication. In particular, we explain how the use of class fields and genus fields can speed up certain phases of the algorithm. We sketch the actual implem ..."
Abstract

Cited by 9 (7 self)
 Add to MetaCart
We describe a primality testing algorithm, due essentially to Atkin, that uses elliptic curves over finite fields and the theory of complex multiplication. In particular, we explain how the use of class fields and genus fields can speed up certain phases of the algorithm. We sketch the actual implementation of this test and its use on testing large primes, the records being two numbers of more than 550 decimal digits. Finally, we give a precise answer to the question of the reliability of our computations, providing a certificate of primality for a prime number.
On the incompatibility of two conjectures concerning prime numbers
 Proc. Symp. Pure Math. (Analytic Number Theory
, 1972
"... Introduction. This talk is about the interplay between computers and theoretical research, as experienced by someone who is not a computer expert. The story involves, among other things, a measure of good luck. Several instances of this will emerge in due course, but one example now may give the ide ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
Introduction. This talk is about the interplay between computers and theoretical research, as experienced by someone who is not a computer expert. The story involves, among other things, a measure of good luck. Several instances of this will emerge in due course, but one example now may give the idea: The speaker and his coworker, Douglas Hensley,
On Solving Univariate Polynomial Equations over Finite Fields and Some Related Problems
, 2007
"... We show deterministic polynomial time algorithms over some family of finite fields for solving univariate polynomial equations and some related problems such as taking nth roots, constructing nth nonresidues, constructing primitive elements and computing elliptic curve “nth roots”. In additional, we ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
We show deterministic polynomial time algorithms over some family of finite fields for solving univariate polynomial equations and some related problems such as taking nth roots, constructing nth nonresidues, constructing primitive elements and computing elliptic curve “nth roots”. In additional, we present a deterministic polynomial time primality test for some family of integers. All algorithms can be proved by elementary means (without assuming any unproven hypothesis). The problem of solving polynomial equations over finite fields is a generalization of the following problems over finite fields • constructing primitive nth roots of unity, • taking nth roots, • constructing nth nonresidues, • constructing primitive elements (generators of the multiplicative group) for any positive n dividing the number of elements of the underlying field. By the TonelliShanks square root algorithm [21, 19] and its generalization for taking nth roots, constructing nth nonresidues
AN EXPLICIT TREATMENT OF CUBIC FUNCTION FIELDS WITH APPLICATIONS
"... Abstract. We give an explicit treatment of cubic function fields of characteristic at least five. This includes an efficient technique for converting such a field into standard form, formulae for the field discriminant and the genus, simple necessary and sufficient criteria for nonsingularity of th ..."
Abstract

Cited by 3 (3 self)
 Add to MetaCart
Abstract. We give an explicit treatment of cubic function fields of characteristic at least five. This includes an efficient technique for converting such a field into standard form, formulae for the field discriminant and the genus, simple necessary and sufficient criteria for nonsingularity of the defining curve, and a characterization of all triangular integral bases. Our main result is a description of the signature of any rational place in a cubic extension that involves only the defining curve and the order of the base field. All these quantities only require simple polynomial arithmetic as well as a few squarefree polynomial factorizations and, in some cases, square and cube root extraction modulo an irreducible polynomial. We also illustrate why and how signature computation plays an important role in computing the class number of the function field. This in turn has applications to the study of zeros of zeta functions of function fields. 1.
On Taking Square Roots without Quadratic Nonresidues over Finite Fields
, 2009
"... We present a novel idea to compute square roots over finite fields, without being given any quadratic nonresidue, and without assuming any unproven hypothesis. The algorithm is deterministic and the proof is elementary. In some cases, the square root algorithm runs in Õ(log2 q) bit operations over f ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
We present a novel idea to compute square roots over finite fields, without being given any quadratic nonresidue, and without assuming any unproven hypothesis. The algorithm is deterministic and the proof is elementary. In some cases, the square root algorithm runs in Õ(log2 q) bit operations over finite fields with q elements. As an application, we construct a deterministic primality proving algorithm, which runs in Õ(log3 N) for some integers N. 1
NonParallelizable and NonInteractive Client Puzzles from Modular Square Roots
"... Abstract—Denial of Service (DoS) attacks aiming to exhaust the resources of a server by overwhelming it with bogus requests have become a serious threat. Especially protocols that rely on public key cryptography and perform expensive authentication handshakes may be an easy target. A wellknown coun ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
Abstract—Denial of Service (DoS) attacks aiming to exhaust the resources of a server by overwhelming it with bogus requests have become a serious threat. Especially protocols that rely on public key cryptography and perform expensive authentication handshakes may be an easy target. A wellknown countermeasure against DoS attacks are client puzzles. The victimized server demands from the clients to commit computing resources before it processes their requests. To get service, a client must solve a cryptographic puzzle and submit the right solution. Existing client puzzle schemes have some drawbacks. They are either parallelizable, coarsegrained or can be used only interactively. In case of interactive client puzzles where the server poses the challenge an attacker might mount a counterattack on the clients by injecting fake packets containing bogus puzzle parameters. In this paper we introduce a novel scheme for client puzzles which relies on the computation of square roots modulo a prime. Modular square root puzzles are nonparallelizable, i. e., the solution cannot be obtained faster than scheduled by distributing the puzzle to multiple machines or CPU cores, and they can be employed both interactively and noninteractively. Our puzzles provide polynomial granularity and compact solution and verification functions. Benchmark results demonstrate the feasibility of our approach to mitigate DoS attacks on hosts in 1 or even 10 GBit networks. In addition, we show how to raise the efficiency of our puzzle scheme by introducing a bandwidthbased cost factor for the client. Keywords—client puzzles, Denial of Service (DoS), network protocols, authentication, computational puzzles
New cube root algorithm based on third order linear recurrence relation in finite field, preprint, available from http://eprint.iacr
"... In this paper, we present a new cube root algorithm in finite field Fq with q a power of prime, which extends the CipollaLehmer type algorithms [4, 5]. Our cube root method is inspired by the work of Müller [8] on quadratic case. For given cubic residue c ∈ Fq with q ≡ 1 (mod 9), we show that there ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
In this paper, we present a new cube root algorithm in finite field Fq with q a power of prime, which extends the CipollaLehmer type algorithms [4, 5]. Our cube root method is inspired by the work of Müller [8] on quadratic case. For given cubic residue c ∈ Fq with q ≡ 1 (mod 9), we show that there is an irreducible polynomial f(x) = x 3 − ax 2 + bx − 1 with root α ∈ Fq3 efficient cube root algorithm based on third order linear recurrence sequence arising from f(x). Complexity estimation shows that our algorithm is better than previously proposed CipollaLehmer type algorithms. such that T r(α q2 +q−2 9) is a cube root of c. Consequently we find an