Shanks-Tonelli algorithm

The Shanks-Tonelli algorithm is used within modular arithmetic to solve a congruence of the form

: $x^2 equiv n pmod p$

where "n" is a quadratic residue (mod "p"), and "p" is an odd prime; typically, $p equiv 1 pmod 4$ .

When $p equiv 3 pmod 4$ , it is much more efficient to use the following identity: $x equiv n^{frac{p+1}{4 pmod p$ .

Shanks-Tonelli cannot be used for composite moduli, which is a problem equivalent to integer factorization.

Once you have solved the congruence for "x" the second solution is simply $-x mod p$ .

If the Generalized Riemann hypothesis is true, the Shanks-Tonelli algorithm is guaranteed to run in polynomial time.

The algorithm was developed by Alberto Tonelli and refined by Daniel Shanks.

The algorithm

Inputs: "p", an odd prime. "n", an integer which is a quadratic residue (mod "p"), meaning that the Legendre symbol ("n"|"p") = 1.

Outputs: "R", an integer satisfying $R^2 equiv n pmod p$ .

# Factor out powers of 2 from ("p" − 1), defining "Q" and "S" as: $p-1 = Q2^S$ .
# Select a "W" such that the Legendre symbol ("W"|"p") = −1 (that is, "W" should be a quadratic non-residue modulo "p").
# Let $R = n^{frac{Q+1}{2 mod p$ .
# Let $V = W^Q mod p$ .
# Loop:
## Find the lowest "i", $0 leq i leq S-1$ , such that $(R^2n^{-1})^{2^{i equiv 1 pmod p$ . This can be done efficiently by starting with $R^2n^{-1}$ and squaring (mod "p") until the result is 1.
## If $i = 0$ , return "R".
## Otherwise, let $R' = RV^{2^{S-i-1 mod p$ and repeat the loop with "R"' as the new "R".

Uses

Modular square roots are used in, for example, the quadratic sieve and related integer factorization algorithms.

Generalization

Shanks-Tonelli can be generalized to any cyclic group (instead of $mathbb{Z}/pmathbb{Z}^*$ ) and to "k"th roots for arbitrary integer "k", in particular to taking the "k"th root of an element of a finite field.

References

* cite book
last=Niven
first=Ivan
authorlink=Ivan Niven
coauthors=Herbert S. Zuckerman, Hugh L. Montgomery
title=An Introduction to the Theory of Numbers
edition=5th edition
year=1991
publisher=Wiley
isbn=0-471-62546-9Pages 110–115 describe the algorithm and explain the group theory behind it.

External links

* [http://edmond.bf.rmit.edu.au/ecommerce/QS/QSNotes.htm Quadratic Sieve Algorithm] - contains a description of the Shanks-Tonelli algorithm.

Wikimedia Foundation. 2010.

Игры ⚽ Нужен реферат?

Look at other dictionaries:

Cipolla's algorithm — In computational number theory, Cipolla s algorithm is a technique for solving a congruence of the form x2 = n, where , so n is the square of x, and where p is an odd prime. Here denotes the finite field with p elements; . Th … Wikipedia
Daniel Shanks — Born January 17, 1917(1917 01 17) Chicago, Illinois Died … Wikipedia
Multiplication algorithm — A multiplication algorithm is an algorithm (or method) to multiply two numbers. Depending on the size of the numbers, different algorithms are in use. Efficient multiplication algorithms have existed since the advent of the decimal system.… … Wikipedia
Cornacchia's algorithm — In computational number theory, Cornacchia s algorithm is an algorithm for solving the Diophantine equation x2 + dy2 = m, where and d and m are coprime. The algorithm was described in 1908 by Giuseppe Cornacchia[1]. Contents 1 The algorithm … Wikipedia
Williams' p + 1 algorithm — In computational number theory, Williams p + 1 algorithm is an integer factorization algorithm, one of the family of algebraic group factorisation algorithms. It was invented by Hugh C. Williams in 1982. It works well if the number N to be… … Wikipedia
Quadratic sieve — The quadratic sieve algorithm (QS) is a modern integer factorization algorithm and, in practice, the second fastest method known (after the general number field sieve). It is still the fastest for integers under 100 decimal digits or so, and is… … Wikipedia
Generalized Riemann hypothesis — The Riemann hypothesis is one of the most important conjectures in mathematics. It is a statement about the zeros of the Riemann zeta function. Various geometrical and arithmetical objects can be described by so called global L functions, which… … Wikipedia
List of mathematics articles (S) — NOTOC S S duality S matrix S plane S transform S unit S.O.S. Mathematics SA subgroup Saccheri quadrilateral Sacks spiral Sacred geometry Saddle node bifurcation Saddle point Saddle surface Sadleirian Professor of Pure Mathematics Safe prime Safe… … Wikipedia
Jacobi symbol — The Jacobi symbol is a generalization of the Legendre symbol introduced by Jacobi in 1837 [C.G.J.Jacobi Uber die Kreisteilung und ihre Anwendung auf die Zahlentheorie , Bericht Ak. Wiss. Berlin (1837) pp 127 136] . It is of theoretical interest… … Wikipedia
Quadratisches Sieb — ist ein Begriff aus dem Bereich Zahlentheorie der Mathematik und bezeichnet einen der schnellsten bekannten Algorithmen zur Faktorisierung großer natürlicher Zahlen. Es ist ein allgemeines Faktorisierungsverfahren, d.h. die Laufzeit hängt nur von … Deutsch Wikipedia

Academic Dictionaries and Encyclopedias

Shanks-Tonelli algorithm

Look at other dictionaries:

Share the article and excerpts

Academic Dictionaries and Encyclopedias

Wikipedia

Shanks-Tonelli algorithm

Look at other dictionaries:

Share the article and excerpts

Direct link