The quadratic sieve factoring algorithm
Proc. of the EUROCRYPT 84 workshop on Advances in cryptology: theory and application of cryptographic techniques
Efficiency considerations in using semi-random sources
STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
| Hi-index | 0.00 |
Finding small quadratic residues modulo n, when n is a large composite number of unknown factorisation is almost certainly a computationally hard problem. This problem arises in a natural way when factoring n by the use of congruences of squares. We construct here a polynomial-time algorithm based on the use of lattices, which finds in a near uniform way quadratic residues mod n that are smaller than O(n2/3). In this way, we derive a class of integer factorisation algorithms, the fastest of which provides the best rigorously established probabilistic complexity bound for integer factorisation algorithms.