Abstract
<p style='text-indent:20px;'>Let <inline-formula><tex-math id="M1">\begin{document}$ p $\end{document}</tex-math></inline-formula> be a prime such that <inline-formula><tex-math id="M2">\begin{document}$ p = 1+2^nm $\end{document}</tex-math></inline-formula>, where <inline-formula><tex-math id="M3">\begin{document}$ n\geq 1 $\end{document}</tex-math></inline-formula> and <inline-formula><tex-math id="M4">\begin{document}$ m $\end{document}</tex-math></inline-formula> is odd. Given a square <inline-formula><tex-math id="M5">\begin{document}$ u $\end{document}</tex-math></inline-formula> in <inline-formula><tex-math id="M6">\begin{document}$ \mathbb{Z}_p $\end{document}</tex-math></inline-formula> and a non-square <inline-formula><tex-math id="M7">\begin{document}$ z $\end{document}</tex-math></inline-formula> in <inline-formula><tex-math id="M8">\begin{document}$ \mathbb{Z}_p $\end{document}</tex-math></inline-formula>, we describe an algorithm to compute a square root of <inline-formula><tex-math id="M9">\begin{document}$ u $\end{document}</tex-math></inline-formula> which requires <inline-formula><tex-math id="M10">\begin{document}$ \mathfrak{T}+O(n^{3/2}) $\end{document}</tex-math></inline-formula> operations (i.e., squarings and multiplications), where <inline-formula><tex-math id="M11">\begin{document}$ \mathfrak{T} $\end{document}</tex-math></inline-formula> is the number of operations required to exponentiate an element of <inline-formula><tex-math id="M12">\begin{document}$ \mathbb{Z}_p $\end{document}</tex-math></inline-formula> to the power <inline-formula><tex-math id="M13">\begin{document}$ (m-1)/2 $\end{document}</tex-math></inline-formula>. This improves upon the Tonelli-Shanks (TS) algorithm which requires <inline-formula><tex-math id="M14">\begin{document}$ \mathfrak{T}+O(n^{2}) $\end{document}</tex-math></inline-formula> operations. Bernstein had proposed a table look-up based variant of the TS algorithm which requires <inline-formula><tex-math id="M15">\begin{document}$ \mathfrak{T}+O((n/w)^{2}) $\end{document}</tex-math></inline-formula> operations and <inline-formula><tex-math id="M16">\begin{document}$ O(2^wn/w) $\end{document}</tex-math></inline-formula> storage, where <inline-formula><tex-math id="M17">\begin{document}$ w $\end{document}</tex-math></inline-formula> is a parameter. A table look-up variant of the new algorithm requires <inline-formula><tex-math id="M18">\begin{document}$ \mathfrak{T}+O((n/w)^{3/2}) $\end{document}</tex-math></inline-formula> operations and the same storage. In concrete terms, the new algorithm is shown to require significantly fewer operations for particular values of <inline-formula><tex-math id="M19">\begin{document}$ n $\end{document}</tex-math></inline-formula>.</p>
Publisher
American Institute of Mathematical Sciences (AIMS)
Subject
Applied Mathematics,Discrete Mathematics and Combinatorics,Computer Networks and Communications,Algebra and Number Theory,Applied Mathematics,Discrete Mathematics and Combinatorics,Computer Networks and Communications,Algebra and Number Theory
Reference15 articles.
1. L. M. Adleman, K. L. Manders and G. L. Miller, On taking roots in finite fields, in 18th Annual Symposium on Foundations of Computer Science (Providence, R.I., 1977), IEEE Computer Society, (1977), 175–178.
2. A. O. L. Atkin, Probabilistic primality testing, in INRIA Res. Rep., (1992), 159–163.
3. E. Bach, J. Shallit., Algorithmic Number Theory Volume 1, Efficient Algorithms, ${ref.volume} (1996).
4. D. J. Bernstein, Faster square roots in annoying finite fields, https://cr.yp.to/papers.html#sqroot, 2001.
5. D. J. Bernstein., Pippenger's exponentiation algorithm., https://cr.yp.to/papers.html#pippenger, 2002.
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献