## On taking square roots and constructing quadratic nonresidues over finite fields (2007)

Citations: | 1 - 1 self |

### BibTeX

@MISC{Sze07ontaking,

author = {Tsz-Wo Sze},

title = {On taking square roots and constructing quadratic nonresidues over finite fields },

year = {2007}

}

### OpenURL

### Abstract

We present a novel idea to compute square roots over some families of finite fields. Our algorithms are deterministic polynomial time and can be proved by elementary means (without assuming any unproven hypothesis). In some particular finite fields Fq, there are algorithms for taking square roots with Õ(log2 q) bit operations. As an application of our square root algorithms, we show a deterministic primality testing algorithm for some form of numbers. For some positive integer N, this primality testing algorithm runs in Õ(log3 N).

### Citations

731 |
The art of computer programming, Volume2, Seminumerical algorithms
- Knuth
- 1973
(Show Context)
Citation Context ...ations only involve integers and β, but not α. The running time for computing a group operation is Õ(log q) since multiplication and division in finite fields can be done in Õ(log q) (see [11], [21], =-=[13]-=- and [26]). Then, the running time for computing [g] k for k < q is Õ(log2 q) for either of the methods described in the proof of the Lemma above. Let power(g, k, β) be a procedure computing [g] k . F... |

225 |
Riemann’s hypothesis and tests for primality
- Miller
- 1975
(Show Context)
Citation Context ...inistic tests. The running time of the AKS test [2] and Lenstra-Pomerance’s modified AKS test [12] are Õ(log7.5 N) and Õ(log6 N), respectively. Assuming the Extended Riemann Hypothesis, Miller’s test =-=[16]-=- is deterministic with running time Õ(log 4 N). 12 k−1sTheorem 6.1. (Proth’s Theorem) Let N = 2 e t + 1 for some odd t with 2 e > t. If for some a, then N is a prime. See [28] for the details of Proth... |

184 |
Elliptic curves over finite fields and the computation of square roots mod p
- Schoof
- 1985
(Show Context)
Citation Context ...egendre symbol � � r ≡ r (p−1)/2 (mod p) with the primes r = 2, 3, 5, 7, · · · p until a quadratic nonresidue is found. Such quadratic nonresidue must be the least one. Given β a square in Fp, Schoof =-=[22]-=- showed a deterministic algorithm for computing square roots of β in Fp with running time O((|β| 1/2+ɛ log p) 9 ) bit operations1 for all ɛ > 0. Thus, his algorithm is polynomial time with any constan... |

162 |
Factoring Polynomials over Large Finite Fields
- Berlekamp
- 1970
(Show Context)
Citation Context ...ilistic algorithms for taking square roots in finite fields. TonelliShanks [24, 23], Adleman-Manders-Miller [1] and Cipolla-Lehmer [10, 14] require a quadratic nonresidue as an input. Berlekamp-Rabin =-=[7, 19]-=- takes square roots by polynomial factoring over finite fields. The idea of Peralta [20] is similar to Berlekamp-Rabin. For other results, see [4], [5], [6], [8], [9], [15], [17] [18] and [25]. For th... |

129 |
Elliptic curves (Number theory and cryptography), 2nd edition
- Washington
- 2008
(Show Context)
Citation Context ..., y) ↦−→ 6 (y/x) + α (y/x) − αsis an isomorphism from Ens(Fq) to F × q . The inverse is τ −1 : F × q → Ens(Fq), 1 ↦−→ ∞, λ ↦−→ � 4α2λ (λ − 1) 2 , 4α3 (λ + 1) (λ − 1) 3 � . For proofs and details, see =-=[27]-=- p56 - p59. Together with the isomorphism ψ, we have Gα � F × q � Ens(Fq). The isomorphism from Ens(Fq) to Gα is surprisingly simple: ψ −1 ◦ τ : Ens(Fq) −→ Gα, ∞ ↦−→ [∞] , (x, y) ↦−→ [y/x] . It is pos... |

108 |
zur Gathen and Jürgen Gerhard. Modern Computer Algebra
- von
- 2002
(Show Context)
Citation Context ...ly involve integers and β, but not α. The running time for computing a group operation is Õ(log q) since multiplication and division in finite fields can be done in Õ(log q) (see [11], [21], [13] and =-=[26]-=-). Then, the running time for computing [g] k for k < q is Õ(log2 q) for either of the methods described in the proof of the Lemma above. Let power(g, k, β) be a procedure computing [g] k . For our al... |

87 | Probabilistic algorithms in finite fields
- Rabin
- 1979
(Show Context)
Citation Context ...ilistic algorithms for taking square roots in finite fields. TonelliShanks [24, 23], Adleman-Manders-Miller [1] and Cipolla-Lehmer [10, 14] require a quadratic nonresidue as an input. Berlekamp-Rabin =-=[7, 19]-=- takes square roots by polynomial factoring over finite fields. The idea of Peralta [20] is similar to Berlekamp-Rabin. For other results, see [4], [5], [6], [8], [9], [15], [17] [18] and [25]. For th... |

85 |
Schnelle Multiplikation großer Zahlen
- Schönhage, Strassen
- 1971
(Show Context)
Citation Context ...on equations only involve integers and β, but not α. The running time for computing a group operation is Õ(log q) since multiplication and division in finite fields can be done in Õ(log q) (see [11], =-=[21]-=-, [13] and [26]). Then, the running time for computing [g] k for k < q is Õ(log2 q) for either of the methods described in the proof of the Lemma above. Let power(g, k, β) be a procedure computing [g]... |

49 | Faster integer multiplication
- Fürer
(Show Context)
Citation Context ...ecursion equations only involve integers and β, but not α. The running time for computing a group operation is Õ(log q) since multiplication and division in finite fields can be done in Õ(log q) (see =-=[11]-=-, [21], [13] and [26]). Then, the running time for computing [g] k for k < q is Õ(log2 q) for either of the methods described in the proof of the Lemma above. Let power(g, k, β) be a procedure computi... |

40 |
Five number-theoretic algorithms
- Shanks
- 1973
(Show Context)
Citation Context ...dratic nonresidue because the 2-part of the multiplicative group of the field is finite. Conversely, given a quadratic nonresidue as an input, there are deterministic polynomial time algorithms [24], =-=[23]-=- and [1] for computing square roots. There is no known deterministic polynomial-time algorithm for constructing quadratic nonresidues over a general finite field. However, the problem of deciding whet... |

37 |
On taking roots in finite fields
- Adleman, Manders, et al.
(Show Context)
Citation Context ...nresidue because the 2-part of the multiplicative group of the field is finite. Conversely, given a quadratic nonresidue as an input, there are deterministic polynomial time algorithms [24], [23] and =-=[1]-=- for computing square roots. There is no known deterministic polynomial-time algorithm for constructing quadratic nonresidues over a general finite field. However, the problem of deciding whether an e... |

33 |
The least quadratic non residue
- Ankeny
- 1952
(Show Context)
Citation Context ...results, see [4], [5], [6], [8], [9], [15], [17] [18] and [25]. For the following, let Fp be the finite field with p elements for some odd prime p. By assuming the Extended Riemann Hypothesis, Ankeny =-=[3]-=- showed that the least quadratic nonresidue in Fp is less than c log 2 p for some constant c. It leads to a deterministic polynomial 1stime algorithm for finding the least quadratic nonresidue in Fp. ... |

26 |
A simple and fast probabilistic algorithm for computing square roots modulo a prime number
- Peralta
- 1986
(Show Context)
Citation Context ...n-Manders-Miller [1] and Cipolla-Lehmer [10, 14] require a quadratic nonresidue as an input. Berlekamp-Rabin [7, 19] takes square roots by polynomial factoring over finite fields. The idea of Peralta =-=[20]-=- is similar to Berlekamp-Rabin. For other results, see [4], [5], [6], [8], [9], [15], [17] [18] and [25]. For the following, let Fp be the finite field with p elements for some odd prime p. By assumin... |

24 |
Computer technology applied to the theory of numbers
- LEHMER
- 1969
(Show Context)
Citation Context ...ding a quadratic nonresidue in Fq. There are several efficient probabilistic algorithms for taking square roots in finite fields. TonelliShanks [24, 23], Adleman-Manders-Miller [1] and Cipolla-Lehmer =-=[10, 14]-=- require a quadratic nonresidue as an input. Berlekamp-Rabin [7, 19] takes square roots by polynomial factoring over finite fields. The idea of Peralta [20] is similar to Berlekamp-Rabin. For other re... |

20 |
Bemerkung über die Auflösung quadratischer Congruenzen. Göttinger Nachrichten
- Tonelli
(Show Context)
Citation Context ... a quadratic nonresidue because the 2-part of the multiplicative group of the field is finite. Conversely, given a quadratic nonresidue as an input, there are deterministic polynomial time algorithms =-=[24]-=-, [23] and [1] for computing square roots. There is no known deterministic polynomial-time algorithm for constructing quadratic nonresidues over a general finite field. However, the problem of decidin... |

10 | Faster square roots in annoying finite fields
- Bernstein
(Show Context)
Citation Context ...sidue as an input. Berlekamp-Rabin [7, 19] takes square roots by polynomial factoring over finite fields. The idea of Peralta [20] is similar to Berlekamp-Rabin. For other results, see [4], [5], [6], =-=[8]-=-, [9], [15], [17] [18] and [25]. For the following, let Fp be the finite field with p elements for some odd prime p. By assuming the Extended Riemann Hypothesis, Ankeny [3] showed that the least quadr... |

10 | An analysis of Shanks’s algorithm for computing square roots in finite fields. Number theory
- Lindhurst
- 1996
(Show Context)
Citation Context ...n input. Berlekamp-Rabin [7, 19] takes square roots by polynomial factoring over finite fields. The idea of Peralta [20] is similar to Berlekamp-Rabin. For other results, see [4], [5], [6], [8], [9], =-=[15]-=-, [17] [18] and [25]. For the following, let Fp be the finite field with p elements for some odd prime p. By assuming the Extended Riemann Hypothesis, Ankeny [3] showed that the least quadratic nonres... |

9 |
A Note on Square Roots in Finite Fields
- BACH
- 1990
(Show Context)
Citation Context ...quadratic nonresidue as an input. Berlekamp-Rabin [7, 19] takes square roots by polynomial factoring over finite fields. The idea of Peralta [20] is similar to Berlekamp-Rabin. For other results, see =-=[4]-=-, [5], [6], [8], [9], [15], [17] [18] and [25]. For the following, let Fp be the finite field with p elements for some odd prime p. By assuming the Extended Riemann Hypothesis, Ankeny [3] showed that ... |

9 |
Un metodo per la risoluzione della congruenza di secondo
- Cipolla
- 1903
(Show Context)
Citation Context ...ding a quadratic nonresidue in Fq. There are several efficient probabilistic algorithms for taking square roots in finite fields. TonelliShanks [24, 23], Adleman-Manders-Miller [1] and Cipolla-Lehmer =-=[10, 14]-=- require a quadratic nonresidue as an input. Berlekamp-Rabin [7, 19] takes square roots by polynomial factoring over finite fields. The idea of Peralta [20] is similar to Berlekamp-Rabin. For other re... |

9 |
On the computation of square roots in finite fields
- Müller
- 2004
(Show Context)
Citation Context ...rlekamp-Rabin [7, 19] takes square roots by polynomial factoring over finite fields. The idea of Peralta [20] is similar to Berlekamp-Rabin. For other results, see [4], [5], [6], [8], [9], [15], [17] =-=[18]-=- and [25]. For the following, let Fp be the finite field with p elements for some odd prime p. By assuming the Extended Riemann Hypothesis, Ankeny [3] showed that the least quadratic nonresidue in Fp ... |

8 | Constructing nonresidues in finite fields and the extended Riemann hypothesis
- Buchmann, Shoup
- 1996
(Show Context)
Citation Context ... as an input. Berlekamp-Rabin [7, 19] takes square roots by polynomial factoring over finite fields. The idea of Peralta [20] is similar to Berlekamp-Rabin. For other results, see [4], [5], [6], [8], =-=[9]-=-, [15], [17] [18] and [25]. For the following, let Fp be the finite field with p elements for some odd prime p. By assuming the Extended Riemann Hypothesis, Ankeny [3] showed that the least quadratic ... |

5 | Édouard Lucas and Primality Testing, volume 22 - Williams - 1998 |

4 |
Note on taking square-roots modulo N
- Bach, Huber
- 1999
(Show Context)
Citation Context ...atic nonresidue as an input. Berlekamp-Rabin [7, 19] takes square roots by polynomial factoring over finite fields. The idea of Peralta [20] is similar to Berlekamp-Rabin. For other results, see [4], =-=[5]-=-, [6], [8], [9], [15], [17] [18] and [25]. For the following, let Fp be the finite field with p elements for some odd prime p. By assuming the Extended Riemann Hypothesis, Ankeny [3] showed that the l... |

4 |
Primality testing with gaussian periods, 2005. Preliminary version. Available at http://www.math.dartmouth.edu/∼carlp/PDF/complexity12.pdf
- Pomerance
(Show Context)
Citation Context ...the algorithm above runs in Õ(log3 N). For this kind of numbers, our algorithm is faster than other deterministic tests. The running time of the AKS test [2] and Lenstra-Pomerance’s modified AKS test =-=[12]-=- are Õ(log7.5 N) and Õ(log6 N), respectively. Assuming the Extended Riemann Hypothesis, Miller’s test [16] is deterministic with running time Õ(log 4 N). 12 k−1sTheorem 6.1. (Proth’s Theorem) Let N = ... |

4 |
Square roots mod p
- Turner
- 1994
(Show Context)
Citation Context ...abin [7, 19] takes square roots by polynomial factoring over finite fields. The idea of Peralta [20] is similar to Berlekamp-Rabin. For other results, see [4], [5], [6], [8], [9], [15], [17] [18] and =-=[25]-=-. For the following, let Fp be the finite field with p elements for some odd prime p. By assuming the Extended Riemann Hypothesis, Ankeny [3] showed that the least quadratic nonresidue in Fp is less t... |

3 |
and José Felipe Voloch. Efficient computation of roots in finite fields
- Barreto
(Show Context)
Citation Context ...nonresidue as an input. Berlekamp-Rabin [7, 19] takes square roots by polynomial factoring over finite fields. The idea of Peralta [20] is similar to Berlekamp-Rabin. For other results, see [4], [5], =-=[6]-=-, [8], [9], [15], [17] [18] and [25]. For the following, let Fp be the finite field with p elements for some odd prime p. By assuming the Extended Riemann Hypothesis, Ankeny [3] showed that the least ... |

3 |
On probable prime testing and the computation of square roots mod n
- Muller
- 2001
(Show Context)
Citation Context ...t. Berlekamp-Rabin [7, 19] takes square roots by polynomial factoring over finite fields. The idea of Peralta [20] is similar to Berlekamp-Rabin. For other results, see [4], [5], [6], [8], [9], [15], =-=[17]-=- [18] and [25]. For the following, let Fp be the finite field with p elements for some odd prime p. By assuming the Extended Riemann Hypothesis, Ankeny [3] showed that the least quadratic nonresidue i... |