A set of primes involving numbers such as , where and , is defined. An algorithm for computing discrete logs in the finite field of order with is suggested. Its heuristic expected running time is for , where as , , and . At present, the most efficient algorithm for computing discrete logs in the finite field of order for general is Schirokauer's adaptation of the Number Field Sieve. Its heuristic expected running time is for . Using rather than general does not enhance the performance of Schirokauer's algorithm. The definition of the set and the algorithm suggested in this paper are based on a more general congruence than that of the Number Field Sieve. The congruence is related to the resultant of integer polynomials. We also give a number of useful identities for resultants that allow us to specify this congruence for some .
Suppose is a finite-dimensional linear space based on a triangulation of a domain , and let denote the -projection onto . Provided the mass matrix of each element and the surrounding mesh-sizes obey the inequalities due to Bramble, Pasciak, and Steinbach or that neighboring element-sizes obey the global growth-condition due to Crouzeix and Thomée, is -stable: For all we have with a constant that is independent of, e.g., the dimension of .
This paper provides a more flexible version of the Bramble-Pasciak- Steinbach criterion for -stability on an abstract level. In its general version, (i) the criterion is applicable to all kind of finite element spaces and yields, in particular, -stability for nonconforming schemes on arbitrary (shape-regular) meshes; (ii) it is weaker than (i.e., implied by) either the Bramble-Pasciak-Steinbach or the Crouzeix-Thomée criterion for regular triangulations into triangles; (iii) it guarantees -stability of a priori for a class of adaptively-refined triangulations into right isosceles triangles.
For each prime , let be the product of the primes less than or equal to . We have greatly extended the range for which the primality of and are known and have found two new primes of the first form ( ) and one of the second (). We supply heuristic estimates on the expected number of such primes and compare these estimates to the number actually found.
We prove the stability in of the projection onto a family of finite element spaces of conforming piecewise linear functions satisfying certain local mesh conditions. We give explicit formulae to check these conditions for a given finite element mesh in any number of spatial dimensions. In particular, stability of the projection in holds for locally quasiuniform geometrically refined meshes as long as the volume of neighboring elements does not change too drastically.
Deterministic polynomial time primality criteria for have been known since the work of Lucas in 1876-1878. Little is known, however, about the existence of deterministic polynomial time primality tests for numbers of the more general form , where is any fixed prime. When (p-1)/2$"> we show that it is always possible to produce a Lucas-like deterministic test for the primality of which requires that only modular multiplications be performed modulo , as long as we can find a prime of the form such that is not divisible by . We also show that for all with such a can be found very readily, and that the most difficult case in which to find a appears, somewhat surprisingly, to be that for . Some explanation is provided as to why this case is so difficult.
As in the earlier paper with this title, we consider a question of Byrnes concerning the minimal length of a polynomial with all coefficients in which has a zero of a given order at . In that paper we showed that for all and showed that the extremal polynomials for were those conjectured by Byrnes, but for that rather than . A polynomial with was exhibited for , but it was not shown there that this extremal was unique. Here we show that the extremal is unique. In the previous paper, we showed that is one of the 7 values or . Here we prove that without determining all extremal polynomials. We also make some progress toward determining . As in the previous paper, we use a combination of number theoretic ideas and combinatorial computation. The main point is that if is a primitive th root of unity where is a prime, then the condition that all coefficients of be in , together with the requirement that be divisible by puts severe restrictions on the possible values for the cyclotomic integer .
Boneh and Venkatesan have recently proposed a polynomial time algorithm for recovering a ``hidden' element of a finite field of elements from rather short strings of the most significant bits of the remainder modulo of for several values of selected uniformly at random from . Unfortunately the applications to the computational security of most significant bits of private keys of some finite field exponentiation based cryptosystems given by Boneh and Venkatesan are not quite correct. For the Diffie-Hellman cryptosystem the result of Boneh and Venkatesan has been corrected and generalized in our recent paper. Here a similar analysis is given for the Shamir message passing scheme. The results depend on some bounds of exponential sums.
We determine all of degree less than 40 that generate sequences under the iteration with this property. These sequences have asymptotic merit factor 3. The first really distinct example has a of degree 19.
In this paper we tabulate all strong pseudoprimes (spsp's) to the first ten prime bases which have the form with odd primes and There are in total 44 such numbers, six of which are also spsp(31), and three numbers are spsp's to both bases 31 and 37. As a result the upper bounds for and are lowered from 28- and 29-decimal-digit numbers to 22-decimal-digit numbers, and a 24-decimal-digit upper bound for is obtained. The main tools used in our methods are the biquadratic residue characters and cubic residue characters. We propose necessary conditions for to be a strong pseudoprime to one or to several prime bases. Comparisons of effectiveness with both Jaeschke's and Arnault's methods are given.
Let be the characteristic polynomial of the Hecke operator acting on the space of level 1 cusp forms . We show that is irreducible and has full Galois group over for and , prime.
Directional Newton methods for functions of variables are shown to converge, under standard assumptions, to a solution of . The rate of convergence is quadratic, for near-gradient directions, and directions along components of the gradient of with maximal modulus. These methods are applied to solving systems of equations without inversion of the Jacobian matrix.
Let be a product of two distinct primes and . We show that for almost all exponents with the RSA pairs are uniformly distributed modulo when runs through
- the group of units modulo (that is, as in the classical RSA scheme);
- the set of -products , , where are selected at random (that is, as in the recently introduced RSA scheme with precomputation).
Consider the pseudorandom number generator where we are given the modulus , the initial value and the exponent . One case of particular interest is when the modulus is of the form , where are different primes of the same magnitude. It is known from work of the first and third authors that for moduli , if the period of the sequence exceeds , then the sequence is uniformly distributed. We show rigorously that for almost all choices of it is the case that for almost all choices of , the period of the power generator exceeds . And so, in this case, the power generator is uniformly distributed.
We also give some other cryptographic applications, namely, to ruling-out the cycling attack on the RSA cryptosystem and to so-called time-release crypto.
The principal tool is an estimate related to the Carmichael function , the size of the largest cyclic subgroup of the multiplicative group of residues modulo . In particular, we show that for any , we have for all integers with , apart from at most exceptions.