Gradual sub-lattice reduction and a new complexity for factoring polynomials

We present a lattice algorithm specifically designed for some classical applications of lattice reduction. The applications are for lattice bases with a generalized knapsack-type structure, where the target vectors are boundably short. For such applications, the complexity of the algorithm improves traditional lattice reduction by replacing some dependence on the bit-length of the input vectors by some dependence on the bound for the output vectors. If the bit-length of the target vectors is unrelated to the bit-length of the input, then our algorithm is only linear in the bit-length of the input entries, which is an improvement over the quadratic complexity floating-point LLL algorithms. To illustrate the usefulness of this algorithm we show that a direct application to factoring univariate polynomials over the integers leads to the first complexity bound improvement since 1984. A second application is algebraic number reconstruction, where a new complexity bound is obtained as well

Construction of Self-Dual Integral Normal Bases in Abelian Extensions of Finite and Local Fields

Let $F/E$ be a finite Galois extension of fields with abelian Galois group $\Gamma$. A self-dual normal basis for $F/E$ is a normal basis with the additional property that $Tr_{F/E}(g(x),h(x))=\delta_{g,h}$ for $g,h\in\Gamma$. Bayer-Fluckiger and Lenstra have shown that when $char(E)\neq 2$, then $F$ admits a self-dual normal basis if and only if $[F:E]$ is odd. If $F/E$ is an extension of finite fields and $char(E)=2$, then $F$ admits a self-dual normal basis if and only if the exponent of $\Gamma$ is not divisible by $4$. In this paper we construct self-dual normal basis generators for finite extensions of finite fields whenever they exist. Now let $K$ be a finite extension of \Q_p, let $L/K$ be a finite abelian Galois extension of odd degree and let \bo_L be the valuation ring of $L$. We define $A_{L/K}$ to be the unique fractional \bo_L-ideal with square equal to the inverse different of $L/K$. It is known that a self-dual integral normal basis exists for $A_{L/K}$ if and only if $L/K$ is weakly ramified. Assuming $p\neq 2$, we construct such bases whenever they exist

The Factorization of the ninth Fermat Number

In this paper we exhibit the full prime factorization of the ninth Fermat number F9 = 2(512) + 1. It is the product of three prime factors that have 7, 49, and 99 decimal digits. We found the two largest prime factors by means of the number field sieve, which is a factoring algorithm that depends on arithmetic in an algebraic number field. In the present case, the number field used was Q(fifth-root 2) . The calculations were done on approximately 700 workstations scattered around the world, and in one of the final stages a supercomputer was used. The entire factorization took four months

The number field sieve

The number field sieve is an algorithm to factor integers of the form $r^e-s$ for small positive $r$ and $s$. The authors present a report on work in progress on this algorithm. They informally describe the algorithm, discuss several implementation related aspects, and present some of the factorizations obtained so far. They also mention some solutions to the problems encountered when generalizing the algorithm to general integers using an idea of Buhler and Pomerance. It is not unlikely that this leads to a general purpose factoring algorithm that is asymptotically substantially faster than the fastest factoring algorithms known so far, like the multiple polynomial quadratic siev

Chinese remaindering based cryptosystems in the presence of faults

We present some observations on public key cryptosystems that use the Chinese remaindering algorithm. Our results imply that careless implementations of such systems could be vulnerable. Only one faulty signature, in some explained context, is enough to recover the secret ke

Pattern formation driven by nematic ordering of assembling biopolymers

The biopolymers actin and microtubules are often in an ongoing assembling/disassembling state far from thermal equilibrium. Above a critical density this leads to spatially periodic patterns, as shown by a scaling argument and in terms of a phenomenological continuum model, that meets also Onsager's statistical theory of the nematic--to--isotropic transition in the absence of reaction kinetics. This pattern forming process depends much on nonlinear effects and a common linear stability analysis of the isotropic distribution of the filaments is often misleading. The wave number of the pattern decreases with the assembling/disassembling rate and there is an uncommon discontinuous transition between the nematic and the periodic state.Comment: 4 pages, 3 figure

On the String Consensus Problem and the Manhattan Sequence Consensus Problem

In the Manhattan Sequence Consensus problem (MSC problem) we are given $k$ integer sequences, each of length $l$, and we are to find an integer sequence $x$ of length $l$ (called a consensus sequence), such that the maximum Manhattan distance of $x$ from each of the input sequences is minimized. For binary sequences Manhattan distance coincides with Hamming distance, hence in this case the string consensus problem (also called string center problem or closest string problem) is a special case of MSC. Our main result is a practically efficient $O(l)$-time algorithm solving MSC for $k\le 5$ sequences. Practicality of our algorithms has been verified experimentally. It improves upon the quadratic algorithm by Amir et al.\ (SPIRE 2012) for string consensus problem for $k=5$ binary strings. Similarly as in Amir's algorithm we use a column-based framework. We replace the implied general integer linear programming by its easy special cases, due to combinatorial properties of the MSC for $k\le 5$. We also show that for a general parameter $k$ any instance can be reduced in linear time to a kernel of size $k!$, so the problem is fixed-parameter tractable. Nevertheless, for $k\ge 4$ this is still too large for any naive solution to be feasible in practice.Comment: accepted to SPIRE 201