Posts Tagged ‘pollard’

Programming Praxis – Extending Pollard’s P-1 Factorization Algorithm

March 19, 2010

In today’s Programming Praxis exercise we need to write an improved version of a factorization algorithm. I was on vacation when the original exercise was posted, so let’s see what we can do with it.

As usual, some imports:

import Data.Bits
import Data.List

We need the same expm function we have used in several previous exercises. Alternatively we could use the expmod function from Codec.Encryption.RSA.NumberTheory, but it’s a lot slower than this version.

expm :: Integer -> Integer -> Integer -> Integer
expm b e m = foldl' (\r (b', _) -> mod (r * b') m) 1 .
filter (flip testBit 0 . snd) .
zip (iterate (flip mod m . (^ 2)) b) .
takeWhile (> 0) \$ iterate (`shiftR` 1) e

The scheme solution has some duplication in it: the start of the pollard1 and pollard2 functions is nearly identical. Since programmers hate repeating themselves, let’s factor that out into a separate function.

pollard :: (Integer -> t) -> (Integer -> t) -> Integer -> Integer -> t
pollard found notFound n b1 = f 2 2 where
f a i | i < b1         = f (expm a i n) (i + 1)
| 1 < d && d < n = found d
| otherwise      = notFound a
where d = gcd (a - 1) n

pollard1 then becomes very simple: if we don’t find anything we stop, otherwise we return the result.

pollard1 :: Integer -> Integer -> Maybe Integer
pollard1 = pollard Just (const Nothing)

pollard2 is a bit more involved, because we now have an extra step if we don’t find anything. The structure of this is very similar to the pollard function, but there are enough differences that it’s not worth the bother of abstracting it.

pollard2 :: Integer -> Integer -> Integer -> Maybe (String, Integer)
pollard2 n b1 b2 = pollard (Just . (,) "stage1") (f b1) n b1 where
f j a | j == b2        = Nothing
| 1 < d && d < n = Just ("stage2", d)
| otherwise      = f (j + 1) a
where d = gcd (expm a j n - 1) n

And of course the test to see if everything’s working correctly:

main :: IO ()
main = do print \$ pollard1 15770708441 150
print \$ pollard1 15770708441 180
print \$ pollard2 15770708441 150 180

Programming Praxis – Monte Carlo factorization

June 19, 2009

In today’s Programming Praxis problem we have to implement John Pollard’s factorization algorithm. Our target is 16 lines (I’m not counting the code for the primality test, since we did that already).

First, we’re going to need to reuse the code from the Miller-Rabin primality test exercise, since we need to determine whether or not the number is prime:

import Control.Arrow
import Data.Bits
import Data.List
import System.Random

isPrime :: Integer -> StdGen -> Bool
isPrime n g =
let (s, d) = (length *** head) . span even \$ iterate (`div` 2) (n-1)
xs = map (expm n d) . take 50 \$ randomRs (2, n - 2) g
in all (\x -> elem x [1, n - 1] ||
any (== n-1) (take s \$ iterate (expm n 2) x)) xs

expm :: Integer -> Integer -> Integer -> Integer
expm m e b = foldl' (\r (b', _) -> mod (r * b') m) 1 .
filter (flip testBit 0 . snd) .
zip (iterate (flip mod m . (^ 2)) b) \$
takeWhile (> 0) \$ iterate (`shiftR` 1) e

There’s not much more to the factor function than simply writing down the algorithm. It’s just math with Haskell syntax, really. The only thing you have to take care of is not to calculate gcd (x-y) n when x and y are still 2, since that will give you an incorrect result.

factor :: Integer -> Integer -> Integer
factor c n = factor' 2 2 1 where
f x = mod (x * x + c) n
factor' x y 1 = factor' x' y' (gcd (x' - y') n) where
(x', y') = (f x, f \$ f y)
factor' _ _ d = if d == n then factor (c + 1) n else d

And factors does little more than recursively calling factor, while filtering out factors of two and making sure not to call factor on a prime (since the algorithm is not designed for that).

factors :: Integer -> StdGen -> [Integer]
factors n g = sort \$ fs n where
fs x | even x      = 2 : fs (div x 2)
| isPrime x g = [x]
| otherwise   = f : fs (div x f) where f = factor 1 x

And to test:

main :: IO ()
main = print . factors (2^98 - 1) =<< getStdGen

The end result is 9 lines of code, which was to be expected, given that it’s just a question of writing math in your language’s syntax.