Computing square roots faster than the Tonelli-Shanks/Bernstein algorithm
-
Published:2022
Issue:0
Volume:0
Page:0
-
ISSN:1930-5346
-
Container-title:Advances in Mathematics of Communications
-
language:
-
Short-container-title:AMC
Abstract
<p style='text-indent:20px;'>Let <inline-formula><tex-math id="M1">\begin{document}$ p $\end{document}</tex-math></inline-formula> be a prime such that <inline-formula><tex-math id="M2">\begin{document}$ p = 1+2^nm $\end{document}</tex-math></inline-formula>, where <inline-formula><tex-math id="M3">\begin{document}$ n\geq 1 $\end{document}</tex-math></inline-formula> and <inline-formula><tex-math id="M4">\begin{document}$ m $\end{document}</tex-math></inline-formula> is odd. Given a square <inline-formula><tex-math id="M5">\begin{document}$ u $\end{document}</tex-math></inline-formula> in <inline-formula><tex-math id="M6">\begin{document}$ \mathbb{Z}_p $\end{document}</tex-math></inline-formula> and a non-square <inline-formula><tex-math id="M7">\begin{document}$ z $\end{document}</tex-math></inline-formula> in <inline-formula><tex-math id="M8">\begin{document}$ \mathbb{Z}_p $\end{document}</tex-math></inline-formula>, we describe an algorithm to compute a square root of <inline-formula><tex-math id="M9">\begin{document}$ u $\end{document}</tex-math></inline-formula> which requires <inline-formula><tex-math id="M10">\begin{document}$ \mathfrak{T}+O(n^{3/2}) $\end{document}</tex-math></inline-formula> operations (i.e., squarings and multiplications), where <inline-formula><tex-math id="M11">\begin{document}$ \mathfrak{T} $\end{document}</tex-math></inline-formula> is the number of operations required to exponentiate an element of <inline-formula><tex-math id="M12">\begin{document}$ \mathbb{Z}_p $\end{document}</tex-math></inline-formula> to the power <inline-formula><tex-math id="M13">\begin{document}$ (m-1)/2 $\end{document}</tex-math></inline-formula>. This improves upon the Tonelli-Shanks (TS) algorithm which requires <inline-formula><tex-math id="M14">\begin{document}$ \mathfrak{T}+O(n^{2}) $\end{document}</tex-math></inline-formula> operations. Bernstein had proposed a table look-up based variant of the TS algorithm which requires <inline-formula><tex-math id="M15">\begin{document}$ \mathfrak{T}+O((n/w)^{2}) $\end{document}</tex-math></inline-formula> operations and <inline-formula><tex-math id="M16">\begin{document}$ O(2^wn/w) $\end{document}</tex-math></inline-formula> storage, where <inline-formula><tex-math id="M17">\begin{document}$ w $\end{document}</tex-math></inline-formula> is a parameter. A table look-up variant of the new algorithm requires <inline-formula><tex-math id="M18">\begin{document}$ \mathfrak{T}+O((n/w)^{3/2}) $\end{document}</tex-math></inline-formula> operations and the same storage. In concrete terms, the new algorithm is shown to require significantly fewer operations for particular values of <inline-formula><tex-math id="M19">\begin{document}$ n $\end{document}</tex-math></inline-formula>.</p>
Publisher
American Institute of Mathematical Sciences (AIMS)
Subject
Applied Mathematics,Discrete Mathematics and Combinatorics,Computer Networks and Communications,Algebra and Number Theory,Applied Mathematics,Discrete Mathematics and Combinatorics,Computer Networks and Communications,Algebra and Number Theory
Reference15 articles.
1. L. M. Adleman, K. L. Manders and G. L. Miller, On taking roots in finite fields, in 18th Annual Symposium on Foundations of Computer Science (Providence, R.I., 1977), IEEE Computer Society, (1977), 175–178.
2. A. O. L. Atkin, Probabilistic primality testing, in INRIA Res. Rep., (1992), 159–163.
3. E. Bach, J. Shallit., Algorithmic Number Theory Volume 1, Efficient Algorithms, ${ref.volume} (1996).
4. D. J. Bernstein, Faster square roots in annoying finite fields, https://cr.yp.to/papers.html#sqroot, 2001.
5. D. J. Bernstein., Pippenger's exponentiation algorithm., https://cr.yp.to/papers.html#pippenger, 2002.