Prescribing the binary digits of squarefree numbers and quadratic residues

We study the equidistribution of multiplicatively defined sets, such as the squarefree integers, quadratic non-residues or primitive roots, in sets which are described in an additive way, such as sumsets or Hilbert cubes. In particular, we show that if one fixes any proportion less than $40\%$ of the digits of all numbers of a given binary bit length, then the remaining set still has the asymptotically expected number of squarefree integers. Next, we investigate the distribution of primitive roots modulo a large prime $p$, establishing a new upper bound on the largest dimension of a Hilbert cube in the set of primitive roots, improving on a previous result of the authors. Finally, we study sumsets in finite fields and asymptotically find the expected number of quadratic residues and non-residues in such sumsets, given their cardinalities are big enough. This significantly improves on a recent result by Dartyge, Mauduit and S\'ark\"ozy. Our approach introduces several new ideas, combining a variety of methods, such as bounds of exponential and character sums, geometry of numbers and additive combinatorics

On Gaps Between Primitive Roots in the Hamming Metric

We consider a modification of the classical number theoretic question about the gaps between consecutive primitive roots modulo a prime $p$, which by the well-known result of Burgess are known to be at most $p^{1/4+o(1)}$. Here we measure the distance in the Hamming metric and show that if $p$ is a sufficiently large $r$-bit prime, then for any integer $n \in [1,p]$ one can obtain a primitive root modulo $p$ by changing at most $0.11002786...r$ binary digits of $n$. This is stronger than what can be deduced from the Burgess result. Experimentally, the number of necessary bit changes is very small. We also show that each Hilbert cube contained in the complement of the primitive roots modulo $p$ has dimension at most $O(p^{1/5+\epsilon})$, improving on previous results of this kind.Comment: 16 pages; to appear in Q.J. Mat

Divisibility, Smoothness and Cryptographic Applications

This paper deals with products of moderate-size primes, familiarly known as smooth numbers. Smooth numbers play a crucial role in information theory, signal processing and cryptography. We present various properties of smooth numbers relating to their enumeration, distribution and occurrence in various integer sequences. We then turn our attention to cryptographic applications in which smooth numbers play a pivotal role

Elementary Attestation of Cryptographically Useful Composite Moduli

This paper describes a non-interactive process allowing a prover to convince a verifier that a modulus $n$ is the product of two primes ($p,q$) of about the same size. A further heuristic argument conjectures that $p-1$ and $q-1$ have sufficiently large prime factors for cryptographic applications. The new protocol relies upon elementary number-theoretic properties and can be implemented efficiently using very few operations. This contrasts with state-of-the-art zero-knowledge protocols for RSA modulus proper generation assessment. The heuristic argument at the end of our construction calls for further cryptanalysis by the community and is, as such, an interesting research question in its own right

Estimating the Φ(n) of Upper/Lower Bound in its RSA Cryptosystem

The RSA-768 (270 decimal digits) was factored by Kleinjung et al. on December 12 2009, and the RSA-704 (212 decimal digits) was factored by Bai et al. on July 2, 2012. And the RSA-200 (663 bits) was factored by Bahr et al. on May 9, 2005. Until right now, there is no body successful to break the RSA-210 (696 bits) currently. In this paper, we would discuss an estimation method to approach lower/upper bound of Φ(n) in the RSA parameters. Our contribution may help researchers lock the Φ(n) and the challenge RSA shortly

Magnetic RSA

In a recent paper Géraud-Stewart and Naccache \cite{gsn2021} (GSN) described an non-interactive process allowing a prover $\mathcal P$ to convince a verifier $\mathcal V$ that a modulus $n$ is the product of two randomly generated primes ($p,q$) of about the same size. A heuristic argument conjectures that $\mathcal P$ cannot control $p,q$ to make $n$ easy to factor. GSN\u27s protocol relies upon elementary number-theoretic properties and can be implemented efficiently using very few operations. This contrasts with state-of-the-art zero-knowledge protocols for RSA modulus proper generation assessment. This paper proposes an alternative process applicable in settings where $\mathcal P$ co-generates a modulus $n=p_1q_1p_2q_2$ with a certification authority $\mathcal V$. If $\mathcal P$ honestly cooperates with $\mathcal V$, then $\mathcal V$ will only learn the sub-products $n_1=p_1q_1$ and $n_2=p_2q_2$. A heuristic argument conjectures that at least two of the factors of $n$ are beyond $\mathcal P$\u27s control. This makes $n$ appropriate for cryptographic use provided that \emph{at least one party} (of $\mathcal P$ and $\mathcal V$) is honest. This heuristic argument calls for further cryptanalysis

RSA, DH, and DSA in the Wild

This book chapter outlines techniques for breaking cryptography by taking advantage of implementation mistakes made in practice, with a focus on those that exploit the mathematical structure of the most widely used public-key primitives