Clever Geek Handbook
📜 ⬆️ ⬇️

Pocklington algorithm

The Pocklington algorithm is a technique for solving a congruent equation of the form

x2≡a(modp),{\ displaystyle x ^ {2} \ equiv a {\ pmod {p}}, \,} {\ displaystyle x ^ {2} \ equiv a {\ pmod {p}}, \,}

where x and a are integers and a is a quadratic residue .

The algorithm is one of the first effective methods for solving such an equation. The algorithm described by in 1917 [1] .

Content

Algorithm

( Note : All Signs≡ {\ displaystyle \ equiv}   mean(modp) {\ displaystyle {\ pmod {p}}}   unless otherwise stated.)

Entrance:

  • p , odd prime
  • a , an integer that is a binary residue(modp) {\ displaystyle {\ pmod {p}}}   .

Output:

  • x , integer satisfying identityx2≡a {\ displaystyle x ^ {2} \ equiv a}   . Note that if x is a solution, then - x is also a solution and, since p is odd,x≠-x {\ displaystyle x \ neq -x}   . Thus, there is always a second solution, if at least one is found.

Solution Method

Pocklington considers 3 different cases for p :

The first case isp=fourm+3 {\ displaystyle p = 4m + 3}   , withm∈N {\ displaystyle m \ in \ mathbb {N}}   , the decision is equalx≡±am+one {\ displaystyle x \ equiv \ pm a ^ {m + 1}}   .

Second case ifp=eightm+five {\ displaystyle p = 8m + 5}   , withm∈N {\ displaystyle m \ in \ mathbb {N}}   and

  1. a2m+one≡one{\ displaystyle a ^ {2m + 1} \ equiv 1}   , the decision is equalx≡±am+one {\ displaystyle x \ equiv \ pm a ^ {m + 1}}   .
  2. a2m+one≡-one{\ displaystyle a ^ {2m + 1} \ equiv -1}   , 2 is not a (quadratic) residue, sofour2m+one≡-one {\ displaystyle 4 ^ {2m + 1} \ equiv -1}   . It means that(foura)2m+one≡one {\ displaystyle (4a) ^ {2m + 1} \ equiv 1}   , so thaty≡±(foura)m+one {\ displaystyle y \ equiv \ pm (4a) ^ {m + 1}}   is the solutiony2≡foura {\ displaystyle y ^ {2} \ equiv 4a}   . Consequently,x≡±y/2 {\ displaystyle x \ equiv \ pm y / 2}   or, if y is odd,x≡±(p+y)/2 {\ displaystyle x \ equiv \ pm (p + y) / 2}   .

Third case ifp=eightm+one {\ displaystyle p = 8m + 1}   putD≡-a {\ displaystyle D \ equiv -a}   so the equation turns intox2+D≡0 {\ displaystyle x ^ {2} + D \ equiv 0}   . Now by trial and error we findtone {\ displaystyle t_ {1}}   anduone {\ displaystyle u_ {1}}   such thatN=tone2-Duone2 {\ displaystyle N = t_ {1} ^ {2} -Du_ {1} ^ {2}}   is not a quadratic residue. Next, let

tn=(tone+uoneD)n+(tone-uoneD)n2{\ displaystyle t_ {n} = {\ frac {(t_ {1} + u_ {1} {\ sqrt {D}}) ^ {n} + (t_ {1} -u_ {1} {\ sqrt {D }}) ^ {n}} {2}}}  
un=(tone+uoneD)n-(tone-uoneD)n2D{\ displaystyle u_ {n} = {\ frac {(t_ {1} + u_ {1} {\ sqrt {D}}) ^ {n} - (t_ {1} -u_ {1} {\ sqrt {D }}) ^ {n}} {2 {\ sqrt {D}}}}}   .

Now the following equalities hold:

tm+n=tmtn+Dumun{\ displaystyle t_ {m + n} = t_ {m} t_ {n} + Du_ {m} u_ {n}}  
um+n=tmun+tnum{\ displaystyle u_ {m + n} = t_ {m} u_ {n} + t_ {n} u_ {m}}  
tn2-Dun2=Nn{\ displaystyle t_ {n} ^ {2} -Du_ {n} ^ {2} = N ^ {n}}   .

If p isfourm+one {\ displaystyle 4m + 1}   (which is true if p iseightm+one {\ displaystyle 8m + 1}   ), D is a quadratic residue andtp≡tonep≡tone,up≡uonepD(p-one)/2≡uone {\ displaystyle t_ {p} \ equiv t_ {1} ^ {p} \ equiv t_ {1}, \ quad u_ {p} \ equiv u_ {1} ^ {p} D ^ {(p-1) / 2 } \ equiv u_ {1}}   . Now equality

tone≡tp-onetone+Dup-oneuone{\ displaystyle t_ {1} \ equiv t_ {p-1} t_ {1} + Du_ {p-1} u_ {1}}  
uone≡tp-oneuone+toneup-one{\ displaystyle u_ {1} \ equiv t_ {p-1} u_ {1} + t_ {1} u_ {p-1}}  

give a solutiontp-one≡one,up-one≡0 {\ displaystyle t_ {p-1} \ equiv 1, \ quad u_ {p-1} \ equiv 0}   .

Let bep-one=2r {\ displaystyle p-1 = 2r}   . Then0≡up-one≡2trur {\ displaystyle 0 \ equiv u_ {p-1} \ equiv 2t_ {r} u_ {r}}   . That means eithertr {\ displaystyle t_ {r}}   eitherur {\ displaystyle u_ {r}}   divided by p . If is dividedur {\ displaystyle u_ {r}}   putr=2s {\ displaystyle r = 2s}   and carry out similar calculations with0≡2tsus {\ displaystyle 0 \ equiv 2t_ {s} u_ {s}}   . Not allui {\ displaystyle u_ {i}}   divided by p souone {\ displaystyle u_ {1}}   not divided. Happeningum≡0 {\ displaystyle u_ {m} \ equiv 0}   with odd m is impossible because it is executedtm2-Dum2≡Nm {\ displaystyle t_ {m} ^ {2} -Du_ {m} ^ {2} \ equiv N ^ {m}}   and that should mean thattm2 {\ displaystyle t_ {m} ^ {2}}   congruently non-counting quadratic, obtained a contradiction. Thus, the cycle is interrupted whentl≡0 {\ displaystyle t_ {l} \ equiv 0}   for some l . This gives-Dul2≡Nl {\ displaystyle -Du_ {l} ^ {2} \ equiv N ^ {l}}   as well-D {\ displaystyle -D}   is a square residue, l must be even. Setl=2k {\ displaystyle l = 2k}   . Then0≡tl≡tk2+Duk2 {\ displaystyle 0 \ equiv t_ {l} \ equiv t_ {k} ^ {2} + Du_ {k} ^ {2}}   . So, solving the equationx2+D≡0 {\ displaystyle x ^ {2} + D \ equiv 0}   we obtain by solving a linear equationukx≡±tk {\ displaystyle u_ {k} x \ equiv \ pm t_ {k}}   .

Examples

Below are 3 examples corresponding to 3 different cases. In the examples all signs≡ {\ displaystyle \ equiv}   means modulo comparison .

Example 1

Solve the congruent equation

x2≡18(mod23).{\ displaystyle x ^ {2} \ equiv 18 {\ pmod {23}}.}  

The modulus is 23. Because23=four⋅five+3 {\ displaystyle 23 = 4 \ cdot 5 + 3}   ,m=five {\ displaystyle m = 5}   . Solutions must be valuesx≡±186≡±eight(mod23) {\ displaystyle x \ equiv \ pm 18 ^ {6} \ equiv \ pm 8 {\ pmod {23}}}   , and these are really solutions:(±eight)2≡64≡18(mod23) {\ displaystyle (\ pm 8) ^ {2} \ equiv 64 \ equiv 18 {\ pmod {23}}}   .

Example 2

Solve the congruent equation

x2≡ten(mod13).{\ displaystyle x ^ {2} \ equiv 10 {\ pmod {13}}.}  

The modulus is 13. Because13=eight⋅one+five {\ displaystyle 13 = 8 \ cdot 1 + 5}   ,m=one {\ displaystyle m = 1}   . Check thatten2m+one≡ten3≡-one(mod13) {\ displaystyle 10 ^ {2m + 1} \ equiv 10 ^ {3} \ equiv -1 {\ pmod {13}}}   . So the solution will bex≡±y/2≡±(foura)2/2≡±800≡±7(mod13) {\ displaystyle x \ equiv \ pm y / 2 \ equiv \ pm (4a) ^ {2} / 2 \ equiv \ pm 800 \ equiv \ pm 7 {\ pmod {13}}}   . And these are really solutions:(±7)2≡49≡ten(mod13) {\ displaystyle (\ pm 7) ^ {2} \ equiv 49 \ equiv 10 {\ pmod {13}}}   .

Example 3

Solve the congruent equationx2≡13(mod17) {\ displaystyle x ^ {2} \ equiv 13 {\ pmod {17}}}   . We write the equation in the formx2-13=0 {\ displaystyle x ^ {2} -13 = 0}   . First we findtone {\ displaystyle t_ {1}}   anduone {\ displaystyle u_ {1}}   such thattone2+13uone2 {\ displaystyle t_ {1} ^ {2} + 13u_ {1} ^ {2}}   is a quadratic non-reading. Take, for example,tone=3,uone=one {\ displaystyle t_ {1} = 3, u_ {1} = 1}   . Findteight {\ displaystyle t_ {8}}   ,ueight {\ displaystyle u_ {8}}   starting with

t2=tonetone+13uoneuone=9-13=-four≡13(mod17),{\ displaystyle t_ {2} = t_ {1} t_ {1} + 13u_ {1} u_ {1} = 9-13 = -4 \ equiv 13 {\ pmod {17}}, \,}   ,
u2=toneuone+toneuone=3+3≡6(mod17).{\ displaystyle u_ {2} = t_ {1} u_ {1} + t_ {1} u_ {1} = 3 + 3 \ equiv 6 {\ pmod {17}}. \,}  

We continue in the same waytfour=-299≡7(mod17)ufour=156≡3(mod17) {\ displaystyle t_ {4} = - 299 \ equiv 7 {\ pmod {17}} \, u_ {4} = 156 \ equiv 3 {\ pmod {17}}}   ,teight=-68≡0(mod17)ueight=42≡eight(mod17). {\ displaystyle t_ {8} = - 68 \ equiv 0 {\ pmod {17}} \, u_ {8} = 42 \ equiv 8 {\ pmod {17}}.}  

Insofar asteight=0 {\ displaystyle t_ {8} = 0}   get0≡tfour2+13ufour2≡72-13⋅32(mod17) {\ displaystyle 0 \ equiv t_ {4} ^ {2} + 13u_ {4} ^ {2} \ equiv 7 ^ {2} -13 \ cdot 3 ^ {2} {\ pmod {17}}}   that leads to the equation3x≡±7(mod17) {\ displaystyle 3x \ equiv \ pm 7 {\ pmod {17}}}   . The latter has solutionsx≡±eight(mod17) {\ displaystyle x \ equiv \ pm 8 {\ pmod {17}}}   . Really,(±eight)2=64≡13(mod17) {\ displaystyle (\ pm 8) ^ {2} = 64 \ equiv 13 {\ pmod {17}}}   .

Notes

  1. ↑ Pocklington, 1917 , p. 57–58.

Literature

  • HC Pocklington. The direct solution of the quadratic and cubic binomial congruences with prime moduli // Proceedings of the Cambridge Philosophical Society. - 1917. - T. 19 .
Source - https://ru.wikipedia.org/w/index.php?title=Algorithm_Pocklington&oldid=86275202


More articles:

  • Hermitage (Pavilion)
  • Sultanbeev, Viktor Ivanovich
  • Samokhina, Natalia Vladimirovna
  • Talisman (village)
  • ADI-code
  • 4th Cossack Corps named after Comrade Budyonny
  • Yu Zhidin
  • Matt Song
  • 1903 in Russia
  • Wimbledon 2017 tournament

All articles

Clever Geek | 2019