Accelerating the Wheel Factoring Techniques

1. Introduction

2. Related Work

2.1. Traditional Wheel factorization method (WFM)

In this subsection, we present a quick explanation of the WFM’s central concept as well as its pseudocode for finding two factors for a composite integer. The WFM depends on picking the first k primes, known as the basis, say $B=\{b_1,b_2,...,b_k\}$, where k is a tiny number, say 3 or 4. Then, WFM creates a list T, referred to as the turn or wheel, of integers that are coprime with every number in B. The product of the basis integers equals the circumference of the wheel (also known as primorial) $s=b_1\times b_2...\times b_k$. Next, The integers in the wheel/turn are used by WFM to discover the lowest divisor of the integer to be factorised. To explain how WFM works to find a factor of n, B $=\{2,3,5\}$, and the circumference of a turn is $s=30=2\times 3\times 5$. n must be divided by 2, 3, 5, and all other numbers that are congruent to 1, 7, 11, 13, 17, 19, 23, and 29, modulo 30, until a factor is discovered or $\sqrt{n}$ is reached. We begin by dividing n by 2, 3 and 5, and if it is not divisible by any of them, we go to the first iteration. In the first iteration, we divide n by 7, 11, 13, 17, 19, 23, 29 and 31, and if it is not divisible by any of them, we go to the second iteration. In the second iteration, we divide n by 37, 41, 43, 47, 49, 53, 59 and 61, and if it is not divisible by any of them, we go to the third iteration and so on. The difference between the matching items in any two successive turns is 30. The loop ends when we find a factor of n or reach a $\sqrt{n}$. If we reach the $\sqrt{n}$ without encountering a factor, then n is a prime number.

WFM does not have to begin from 1. For instance, we can start at 11, making the first turn set as follows: $\{11,13,17,19,23,29,31,37\}$. In this situation, to begin, we must divide n by the elements of B and the number 7, i.e., 2, 3, 5, and 7. WFM checks whether n can be divided by the numbers in the following turn set, which are $\{41,43,47,49,53,59,61,67\}$.

The first 15 turn sets when WFM starts from 11 are shown in Table 1. The initial integer of the $k^{th}$ turn is clearly equivalent to $init=11+30(k-1)$ and the following components of the $k^{th}$ turn are $init+2,init+6,init+8,init+12,init+18,init+20$, and $init+26$. The disparities between two consecutive integers in any turn are 2, 4, 2, 4, 6, 2, and 6, respectively, however, the difference between the last number in any round and the first integer in the next turn is 4. To handle all turns, these differences can be kept in an array, say $inc$. Algorithm 1 displays WFM pseudocode. As seen in Algorithm 2, the algorithm employs a function called FactorBasis to determine whether or not n has a factor from the basis set B.

Algorithm 1: WFM [33]

2.2. Forward WFM (FWFM)

In WFM, every while−loop iteration, Lines 6−17 of Algorithm 1 checks if m may be divided by the integer f. The value of f fluctuates with each turn depending on the value of $inc\left[j\right],1\le j\le 7$, Lines 10−15. The value of $inc\left[8\right]$ is used to establish the following turn’s start. With the FWFM, complete the while–loop in a single iteration rather than

Algorithm 2: FactorBasis [33]

1 Input: A composite integer $m.$ 2 if $mmod2=0$ return 2 3 if $mmod3=0$ return 3 4 if $mmod5=0$ return 5 5 if $mmod7=0$ return 7 6 Otherwise return 1 7 Output: Either a prime number $f\in \{2,3,5,7\}$ or 1.

eight separate iterations for each turn. There’s no reason to utilize the array inc because the idea can be accomplished by doing eight tests during every while−loop iteration. Additionally, there is no need to run the while−loop repeatedly while updating the counter i and testing its value. As a result, we can get rid of Lines 11 − 15 from the while−loop. Forward WFM (FWFM) is shown in Algorithm 3. FWFM tests each turn j of length 30 starting from $11+30j,j\ge 1$ using the subroutine TurnTest, Algorithm 4. If a factor of m is present, the function TurnTest returns it; otherwise, it returns 1. The function begins with f, the initial element of each round, and updates f by the numbers 2, 4, 2, 4, 6, 2, accordingly. Algorithms 3 and 4 present the complete pseudocodes for the FWFM and TurnTest algorithms, respectively.  

Algorithm 3: Forward Wheel Factoring Method (FWFM) [33]

2.3. Backward WFM (BWFM)

In several public-key cryptosystems, lowest prime factor is near to $\left[\sqrt{m}\right]$, like RSA [25], where the public modulus m is the product of two equal-sized prime numbers. Therefore, it is preferable to look for the factor between $\left[\sqrt{m}\right]$ and 2. (backward direction).

$nTurns=(\left[\sqrt{m}\right]-10)/30$ is the total number of turns in the search space, counting from 11. The algorithm begins with the turn that was made at $i=30(nTurns-1)+11$. The algorithm comes to an end if it discovers the factor of m. Otherwise, the algorithm searches in reverse order for a factor of m in the following turn by subtracting the circumference of turn 30 from i, $i.e.,i=i-30$, This process is repeated for all turns. The algorithm looks for the factors 7, 5, 3, and 2 if the $nTurns$ iterations do not yield a factor. Algorithm 5 provides the whole pseudocode for the backward wheel factoring method (BWFM).  

Algorithm 4: TurnTest [33]

Algorithm 5: Backward Wheel Factoring Method (BWFM) [33]

3. The Modified Wheel Factorization Method (MWFM)

NewFactorBasis algorithm runs in $O\left(1\right)$ because there are $lb$ comparisons and divisions

Algorithm 6: NewFactorBasis

and $lb$ does not depend on n. Also NewTurnTest algorithm runs in $O\left(1\right)$ because there are l comparisons and divisions and l does not depend on n. MWFM algorithm runs in $O\left(\sqrt{n}\right)$ because the while loop in line 10 performs $\sqrt{n}$ iterations in the worst case.  

Algorithm 7: NewTurnTest

Algorithm 8: Modified Wheel Factorization Method (MWFM)

4. An Example

5. Experiments

6. Discussion

• MWFM takes less time to execute than BWFM, except when the size equals 11 digits. See Table 2.
• On average, the percentage of improvement for MWFM over BWFM is $75\%$. For all cases, the minimal and highest improvements are $0\%$ and $81\%$, respectively. See Table 3.
• The running time of MWFM decreases as the wheel size increases from 4 to 8. See Table 4.
• The main disadvantage of MWFM is that it requires an array T, which will be rather huge if we use more than 8 prime integers as a basis.
• Another flaw is that the method does not employ a theoretical foundation to identify the optimal number of prime integers to use as a basis.

7. Conclusion

References

1. Akchiche O., Khadir O. Factoring RSA moduli with primes sharing bits in the middle. Appl Algebra Eng. Commun. Comput. 2018, 29(3), 245–259. [CrossRef]
2. Atanassov E., Georgiev D., Manev N. Number theory algorithms on GPU clusters. Modeling and Optimization in Science and Technologies, Springer 2014, (2), 131–138.
3. Bahig HM., Nassr DI., Bhery A. Factoring RSA modulus with primes not necessarily sharing least significant bits.Appl Math Inform Sci2017, (11), 243 – 249. [CrossRef]
4. Bahig HM., Nassr DI., Bhery A., Nitaj A. A unified method for private exponent attacks on RSA using lattices. Int J. Found. Comput. Sci. 2020, 31(2). 207 – 231. [CrossRef]
5. Bahig HM., Mohammed A., Khaled A., AlGhadhban A., Bahig HM. Performance analysis of fermat factorization algorithms.Int J Adv Comput Sci Appl2020, 11(12), 340–350. [CrossRef]
6. Bahig HM, Bahig HM, Kotb Y. Fermat factorization using a multi-core system. Int. J. Adv. Comput. Sci. Appl.2020, 11(4). [CrossRef]
7. Brent RP. Some parallel algorithms for integer factorisation. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinfor-matics)1999,(1685), 1–22.
8. Durmus O., Cabuk UC., Dalkilic F. A study on the performance of base-m polynomial selection algorithm using GPU. 2020.
9. Fathy K., Bahig H., Farag M. Speeding up multi- exponentiation algorithm on a multicore sys-tem. J. Egypt Math. Soc.2018, (26).
10. Fathy KA., Bahig HM., Ragab AA. A fast parallel modular exponentiation algorithm. Arab. J. Sci. Eng.2018, (43). [CrossRef]
11. Fujioka A., Suzuki K., Xagawa K., Yoneyama K. Strongly secure authenticated key exchange from factoring, codes, and lattices.Design Codes Cryptogr2015,(76), 469–504. [CrossRef]
12. GMP. library, GNU multiple precision arithmetic library. https://gmplib. org/.
13. Gulida KR., Ultanov IR. Comparative analysis of integer factorization algorithms using CPU and GPU. MANAS J Eng 2017, (5), 53–63.
14. Varadharajan S., Raddum H. Factorization using binary decision diagrams. Cryptogr Commun. 2019, (11), 443–460. [CrossRef]
15. Koundinya AK., Harish G., Srinath NK., Raghavendra GE., Pramod YV., Sandeep R., Punith KG. Performance analysis of parallel pollard^′s RHO factoring algorithm. Int. J. Comput. Sci. Inform. Technol. 2013, (5). [CrossRef]
16. Lenstra AK. Integer factoring. Designs Codes Cryptogr. 2000, (19), 101–128. [CrossRef]
17. Menezes AJ., Katz J., van Oorschot PC., Vanstone SA. Handbook of Applied Cryptography. CRC Press1996.
18. Montgomery PL. A survey of modern integer factorization algorithms. CWI Quart1994, (7), 337–366.
19. Nassr DI., Bahig HM., Bhery A., Daoud SS. A new rsa vulnerability using continued fractions. In AICCSA 08 - 6th IEEE/ACS International Conference on Computer Systems and Applications2008, 694–701.
20. Nimbalkar AB.. The digital signature schemes based on two hard problems: factorization and discrete logarithm.In: In: Bokhari M, Agrawal N, Saini D (eds) Cyber Security 2018, (729), 493–498. [CrossRef]
21. OpenMP. https://www.openmp.org/.
22. Peng WC., Wang BN., Hu F., Wang YJ., Fang XJ., Chen XY., Wang C. Factoring larger integers with fewer qubits via quantum annealing with optimized parameters.Sci. China Phys. Mech. Astron. 2019, (62). [CrossRef]
23. Poulakis D. A public key encryption scheme based on factoring and discrete logarithm. J. Discrete Math. Sci. Cryptogr.2009, (12), 745–452. [CrossRef]
24. Pritchard P. Explaining the wheel sieve. Acta Inform. 1982, (17), 477–485. [CrossRef]
25. Rivest RL., Shamir A., Adleman LM. A method for obtaining digital signatures and public key cryptosystems.Commun ACM1987, 120–126. [CrossRef]
26. Rubinstein-Salzedo S. Clever factorization algorithms and primality testing. 2018.
27. Shor PW. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer.SIAM J. Comput. 1997, (26), 1484–1509. [CrossRef]
28. Valenta L., Cohney S., Liao A., Fried J., Bodduluri S., Heninger N. Factoring as a service. In: Grossklags J., Preneel B. (eds) Financial cryptography and data security. 2017, (6903), 321–338.
29. Wu L., Cai HJ., Gong Z. The integer factorization algorithm with pisano period. IEEE Access 2019, (7), 167250–167259. [CrossRef]
30. Yan SY. Primality testing and integer factorization in public-key cryptography. advances in information security. Springer 2009 ,(11).
31. Yan SY. Factoring Based Cryptography.2019, 217–286.
32. Yan SY., James G. Can integer factorization be in p?. In: International Conference on Computational Inteligence for Modelling Control and Automation and International Conference on Intelligent Agents Web Technologies and International Commerce (CIMCA^′06) 2006, 266–266. [CrossRef]
33. Bahig HM., Nassr DI., Mohammed A., Khaled A., Bahig HM. Speeding up wheel factoring method. The Journal of Supercomputing2022. [CrossRef]
34. Bahig, H.M.; Nassr, D.I.; Mahdi, M.A.; Bahig, H.M. Small Private Exponent Attacks on RSA Using Continued Fractions and Multicore Systems. Symmetry 2022, 14, 1897. [CrossRef]
35. Hazem M. Bahig, Hatem M. Bahig and Yasser Kotb, Fermat Factorization using a Multi-Core System. International Journal of Advanced Computer Science and Applications(IJACSA), 2020, 11(4). [CrossRef]
36. Zheng, M. Revisiting the Polynomial-Time Equivalence of Computing the CRT-RSA Secret Key and Factoring. Mathematics, 2022, 10, 2238. [CrossRef]