Kunerth's algorithm

Last updated January 21, 2025

Kunerth's algorithm is an algorithm for computing the modular square root of a given number.^[1]^[2] The algorithm does not require the factorization of the modulus, and uses modular operations that are often easy when the given number is prime.

Algorithm

To find $y$ from a given value

B=y^{2}{\bmod {N}},

it takes the following steps:

Find the modular square root $r\equiv {\sqrt {\pm N}}{\pmod {B}}$ . This step is quite easy when $B$ is a prime, irrespective of how large $N$ is.
Solve a quadratic equation associated with the modular square root of $w^{2}=A\cdot z^{2}+B\cdot z+C$ . Most of Kunerth's examples in his original paper solve this equation by having $C$ be a integer square and thus setting $z$ to zero.
Expand the left hand side of the following equation:
$((B\cdot z+r)^{2}+(B\cdot F\mp N))/B=w^{2}.$
Expanding the left hand side results in a quadratic form $A\cdot z^{2}+D\cdot z+C+F$ . One can then make sure that the equation can be solved by adjusting $F$ so as to make $C+F$ a square.
Having solved the associated quadratic equation we now have the variables $w$ and set $v$ = $r$ (if $C$ in the quadratic is a natural square).
Solve for variables $\alpha$ and $\beta$ the following equation:
$\alpha =w(v+w\beta ),$
Obtain a value for $X$ via factorization of the following polynomial:
$\alpha ^{2}\cdot x^{2}+(2\alpha \beta -N)x+(\beta ^{2}-(y^{2}{\bmod {N}}))$
obtaining an answer like
$(-37+9x)(1+25x)$
Obtain the modular square root by the equation. Remember to set $X$ such that the term above is zero. Thus $X$ would be 37/9 or -1/25.
$y\equiv \alpha X+\beta {\pmod {N}}.$

Example

To obtain ${\sqrt {41}}{\bmod {856}},$ first obtain ${\sqrt {-856}}\equiv 13{\pmod {41}}$ .

Then expand the polynomial:

((41z+13)^{2}+856)/41=w^{2}

into

25+26z+41z^{2}

Since, in this case the C term is a square, we take $w=5$ and compute $v=13$ (in general, $v=41\cdot z+13$ ).

Solve for

\alpha

and

\beta

the following equation

\alpha ==w(v+w\beta )

getting the solution

\alpha =15

and

\beta =-2

. (There may be other pairs of solutions to this equation.)

Then factor the following polynomial:

\alpha ^{2}x^{2}+(2\alpha \beta -856)x+(\beta ^{2}-41)

obtaining

(-37+9x)(1+25x)

Then obtain the modular square root via

15\cdot (37\cdot 9^{-1})+(-2)\equiv 345{\pmod {856}}.

Verify that

345^{2}\equiv 41{\pmod {856}}.

In the case that ${\sqrt {-856}}{\bmod {41}}$ has no answer, then $r\equiv {\sqrt {-856}}{\pmod {b\cdot 856+41}}$ can be used instead.

Related Research Articles

<span class="mw-page-title-main">Quadratic reciprocity</span> Gives conditions for the solvability of quadratic equations modulo prime numbers

In number theory, the law of quadratic reciprocity is a theorem about modular arithmetic that gives conditions for the solvability of quadratic equations modulo prime numbers. Due to its subtlety, it has many formulations, but the most standard statement is:

In algebraic number theory, an algebraic integer is a complex number that is integral over the integers. That is, an algebraic integer is a complex root of some monic polynomial whose coefficients are integers. The set of all algebraic integers $A$ is closed under addition, subtraction and multiplication and therefore is a commutative subring of the complex numbers.

In mathematics, a reciprocity law is a generalization of the law of quadratic reciprocity to arbitrary monic irreducible polynomials $with integer coefficients. Recall that first reciprocity law, quadratic reciprocity, determines when an irreducible polynomial splits into linear terms when reduced mod . That is, it determines for which prime numbers the relation$

In mathematics, a quadratic irrational number is an irrational number that is the solution to some quadratic equation with rational coefficients which is irreducible over the rational numbers. Since fractions in the coefficients of a quadratic equation can be cleared by multiplying both sides by their least common denominator, a quadratic irrational is an irrational root of some quadratic equation with integer coefficients. The quadratic irrational numbers, a subset of the complex numbers, are algebraic numbers of degree 2, and can therefore be expressed as

Lagrange's four-square theorem, also known as Bachet's conjecture, states that every nonnegative integer can be represented as a sum of four non-negative integer squares. That is, the squares form an additive basis of order four. $where the four numbers are integers. For illustration, 3, 31, and 310 can be represented as the sum of four squares as follows:$

The quadratic sieve algorithm (QS) is an integer factorization algorithm and, in practice, the second-fastest method known. It is still the fastest for integers under 100 decimal digits or so, and is considerably simpler than the number field sieve. It is a general-purpose factorization algorithm, meaning that its running time depends solely on the size of the integer to be factored, and not on special structure or properties. It was invented by Carl Pomerance in 1981 as an improvement to Schroeppel's linear sieve.

In mathematics, Hensel's lemma, also known as Hensel's lifting lemma, named after Kurt Hensel, is a result in modular arithmetic, stating that if a univariate polynomial has a simple root modulo a prime number $p$ , then this root can be lifted to a unique root modulo any higher power of $p$ . More generally, if a polynomial factors modulo $p$ into two coprime polynomials, this factorization can be lifted to a factorization modulo any higher power of $p$ .

In additive number theory, Fermat's theorem on sums of two squares states that an odd prime p can be expressed as:

In mathematics, a binary quadratic form is a quadratic homogeneous polynomial in two variables

In mathematics, the Eisenstein integers, occasionally also known as Eulerian integers, are the complex numbers of the form

In number theory, the law of quadratic reciprocity, like the Pythagorean theorem, has lent itself to an unusually large number of proofs. Several hundred proofs of the law of quadratic reciprocity have been published.

The Tonelli–Shanks algorithm is used in modular arithmetic to solve for r in a congruence of the form r² ≡ n, where p is a prime: that is, to find a square root of n modulo p.

In cryptography, the Rabin signature algorithm is a method of digital signature originally proposed by Michael O. Rabin in 1978.

Cubic reciprocity is a collection of theorems in elementary and algebraic number theory that state conditions under which the congruence x³ ≡ p (mod q) is solvable; the word "reciprocity" comes from the form of the main theorem, which states that if p and q are primary numbers in the ring of Eisenstein integers, both coprime to 3, the congruence x³ ≡ p is solvable if and only if x³ ≡ q is solvable.

Quartic or biquadratic reciprocity is a collection of theorems in elementary and algebraic number theory that state conditions under which the congruence x⁴ ≡ p is solvable; the word "reciprocity" comes from the form of some of these theorems, in that they relate the solvability of the congruence x⁴ ≡ p to that of x⁴ ≡ q.

In computational number theory, Cipolla's algorithm is a technique for solving a congruence of the form

In algebraic number theory the n-th power residue symbol is a generalization of the (quadratic) Legendre symbol to n-th powers. These symbols are used in the statement and proof of cubic, quartic, Eisenstein, and related higher reciprocity laws.

In algebraic number theory Eisenstein's reciprocity law is a reciprocity law that extends the law of quadratic reciprocity and the cubic reciprocity law to residues of higher powers. It is one of the earliest and simplest of the higher reciprocity laws, and is a consequence of several later and stronger reciprocity laws such as the Artin reciprocity law. It was introduced by Eisenstein, though Jacobi had previously announced a similar result for the special cases of 5th, 8th and 12th powers in 1839.

In number theory, Berlekamp's root finding algorithm, also called the Berlekamp–Rabin algorithm, is the probabilistic method of finding roots of polynomials over the field $with elements. The method was discovered by Elwyn Berlekamp in 1970 as an auxiliary to the algorithm for polynomial factorization over finite fields. The algorithm was later modified by Rabin for arbitrary finite fields in 1979. The method was also independently discovered before Berlekamp by other researchers.$

In mathematics, in number theory, Gauss composition law is a rule, invented by Carl Friedrich Gauss, for performing a binary operation on integral binary quadratic forms (IBQFs). Gauss presented this rule in his Disquisitiones Arithmeticae, a textbook on number theory published in 1801, in Articles 234 - 244. Gauss composition law is one of the deepest results in the theory of IBQFs and Gauss's formulation of the law and the proofs its properties as given by Gauss are generally considered highly complicated and very difficult. Several later mathematicians have simplified the formulation of the composition law and have presented it in a format suitable for numerical computations. The concept has also found generalisations in several directions.

References

↑ Adolf Kunerth, "Sitzungsberichte. Academie Der Wissenschaften" vol 78(2), 1878, p 327-338 (for quadratic equation algorithm), pp. 338–346 (for modular quadratic algorithm), available at Ernest Mayr Library, Harvard University url="https://pdfhost.io/v/~OwxzpPNA_KUNERTH_1878" retrieved="09/09/2024"
↑ Leonard Eugene Dickson, "History of Numbers", vol 2, pp. 382–384.

Adolf Kunerth, "Sitzungsberichte. Academie Der Wissenschaften" vol 75, II, 1877, pp. 7–58
Adolf Kunerth, "Sitzungsberichte. Academie Der Wissenschaften" vol 82, II, 1880, pp. 342–375

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Adolf Kunerth, "Sitzungsberichte. Academie Der Wissenschaften" vol 78(2), 1878, p 327-338 (for quadratic equation algorithm), pp. 338–346 (for modular quadratic algorithm), available at Ernest Mayr Library, Harvard University url="https://pdfhost.io/v/~OwxzpPNA_KUNERTH_1878" retrieved="09/09/2024"

[2] Leonard Eugene Dickson, "History of Numbers", vol 2, pp. 382–384.

[1]

[2]

v t e Number-theoretic algorithms
Primality tests	AKS APR Baillie–PSW Elliptic curve Pocklington Fermat Lucas Lucas–Lehmer Lucas–Lehmer–Riesel Proth's theorem Pépin's Quadratic Frobenius Solovay–Strassen Miller–Rabin
Prime-generating	Sieve of Atkin Sieve of Eratosthenes Sieve of Pritchard Sieve of Sundaram Wheel factorization
Integer factorization	Continued fraction (CFRAC) Dixon's Lenstra elliptic curve (ECM) Euler's Pollard's rho p − 1 p + 1 Quadratic sieve (QS) General number field sieve (GNFS) Special number field sieve (SNFS) Rational sieve Fermat's Shanks's square forms Trial division Shor's
Multiplication	Ancient Egyptian Long Karatsuba Toom–Cook Schönhage–Strassen Fürer's
Euclidean division	Binary Chunking Fourier Goldschmidt Newton-Raphson Long Short SRT
Discrete logarithm	Baby-step giant-step Pollard rho Pollard kangaroo Pohlig–Hellman Index calculus Function field sieve
Greatest common divisor	Binary Euclidean Extended Euclidean Lehmer's
Modular square root	Cipolla Pocklington's Tonelli–Shanks Berlekamp Kunerth
Other algorithms	Chakravala Cornacchia Exponentiation by squaring Integer square root Integer relation (LLL; KZ) Modular exponentiation Montgomery reduction Schoof Trachtenberg system
Italics indicate that algorithm is for numbers of special forms

Kunerth's algorithm

Contents

Algorithm

Example

See also

Related Research Articles

References