T
V
/
*
.
>
* > @+
;
0
/
$
R
!
9 5
9
+
+
$
/
)
#
"
¡¢
U
.
'$
£
3 ...
2 downloads
116 Views
772KB Size
Report
This content was uploaded by our users and we assume good faith they have the permission to share this book. If you own the copyright to this book and it is wrongfully on our website, we offer a simple DMCA procedure to remove your content from our site. Start by pressing the button below!
Report copyright / DMCA form
T
V
/
*
.
>
* > @+
;
0
/
$
R
!
9 5
9
+
+
$
/
)
#
"
¡¢
U
.
'$
£
3 >
=-
-3
:5
8
.
,
T/ 3
'
'
7
.
,/
7
3/
*
S
7
'
K
-7
/5
D
D
0
%
0
0K
K
K
* $
$
5
$
/
$
/
+
N
T+
&
'3
4+
.
-3
3
.
=
.
7
3
-3
'3
-.*
8
-3
'3
4+
./
3
,
%.
.
3
.
0K
0
+
+
*
5
/5
/
+
/
+
5
*$
/5
/
T'
3
/
;/
'
'
7
.
%,
;
;/
-
A
V
7/
-
-.
*
0 f (n) 6 cg(n) f (n) ≺ g(n) g(n) ≺ f (n) f (n) ≺ g(n) a b c
?
h m
g(n) f (n) =
{
j
= O(g(n)) n f (n)
N
&
k
E
%
E
'd
"C
"
"
m
d!m $
z
$
h`
c
#
! "
O(log N )
%
! " #
$
$
$
k
$
"
%
'k
"
$
C
C
C&
h
k
E%
$
#
d
$ "
k
E'
E
$
&
E
h
"
j
%
$
#
h'
dc
'
z"
( '
"
b
"%
C
h'
'd
dc
E
E
h
h'
'
B
N
n + bg(n) + dn, a
$
j
b
%
"
k
$
Cy "
b
%
$
'
E
E
'
k
E%
'
"
$
h
C&
h
'h
E
J
J
F
N
J
L
N
L
L
N
N
N
M
I
ML
z
$
y
m
$
y
#
'
'h
k
"
'
d
" m
k
"
%
'k
"
$
h
d
E
E
h
c
"
by
'
(
z
`
$
$
'dc
k
E
a
Cy
h%
B
m
E m
C
h
h
c
h
d
E
E l
/
7
1/
6
4
5 0
345
2
1/ 0
.-,+ /
j
'h
%
$
z
E
j
Cy
h%
b$
$
'
"
$
"C
'
"
"'
$ ¤
y
"
E
E%
l
$ B
%
C
%
'$
"
h
'
"
+
{~
~
{
&
c,
E
k
E
E
a
%
C$
%&
d
b
E%
D
$
d·n f (n) 6 = O(n), 1 − c/a f (n) = d · n · t = d · n · log n,
a
'
k
b
E
"
y
d
E
n = at
E%
w
E
'h
f (n) n>1
E
"
%
#
f (n) 6
(
$
#
%
%
$
#C
c'
h
k
E%
h
k
E
a
CE
k l
U
(
W
V
q
q
(
c
"
k
E
%
E
'd
`
n n a·f 6f a· = f (n), a a N
n 6 f (n) 6 O(n2 ).
1/N
R(n)
M (n) ≈ D(n) ≈ S(n) ≈ R(n).
1 −N 1 1 − N N +1
$
$
j
"
kb
"
Ej
%
d
$
"
CE
"
%
k
"
a
E
&
E
`
&
(
z
l
$
$
$
$
"
E
"
E
$
h
by
"
$
E
#
"
"
E
a
%
E
'
$
$
"
d
"
#
'
"`
'
C$
%
'$
s
'
"
b$
%
"
j
&
0
S
fk+1 = fk + fk−1 > Rk−2 + Rk−3 = Rk−3 (R + 1) = Rk−3 R2 = Rk−1 ,
z
a
%
E
C
h
E
k
E
a
"
#
{
√ 5
E
C$
k
$
k
$
"
C
#%
%
h
a
R= 1+2 k=2
&
%
h
&
E
b
"
C
#%
C
h
C
l
'
"
V
&
"
f0 , f1 , . . .
%
O(M (n)(k + 1)) = O(M (n) log n) 6 O(n2 log n).
m
"
%
'$
(
b$
%
"
E
h
a
f0 = 0 f1 = 1 fk = fk−1 + fk−2 k > 2 k >1 fk >Rk−2 n
%
k l
i=1, . . . , k rk+1 = 0
m
E
a
d
(
E
j
l
fi 6rk+1−i
&
bD
%
j
"`
"
E
E'
A > r−1 > fk+2 > Rk k + 1 6 1 + blogR N c
`
C
'
"
ri−2 =di ri−1 +ri
E
(
u
B 0N
Cy
C
" _
`
u
'
C
"
&
k
E
#
E
0 6 A, B < N
$
k
E
E%
'
'd
a
z
E
u
Cy
h%
C$
%
i=0
#
&
E
E
h%
m
CE
j
#
E
y
(
C
h
E
E
xi A + y i B = r i .
k
E
h
£
E
$ c
'
%
k
h
d
Ej
' h
(
i = −1, 0
C
E
a
%
h
d
'
E
"C
h
E
b
C$
"
E' $
'
"
S
R
#%
j
$
xi A + yi B = (xi−2 − di yi−1 )A + (yi−2 − di yi−1 )B = = (xi−2 A + yi−2 B) − di (xi−1 A + yi−1 B) = ri .
#
d
$
"
k
$
"
%#
"
"
%&
kj
b
%
g
b$
%
"
j
l
di = bri−2 /ri−1 c ri = ri−2 − di ri−1 xi = xi−2 − di xi−1 yi = yi−2 − di yi−1 i=i+1
d
E
z
"
$
m
&
E
E
bh
%
$
r−1 = A r0 = B x−1 = 1 y−1 = 0 x0 = 0 y0 = 1 i=0 ri > 0
E
E
"
E
E
#
%
E
%h
$
"
E
a
%
$
xi
" m
&h
g '
"
%
k
(
E
'h
#
'
"
E'
$
yi
'
O(M (log N ) log N ) = O(M (n)n) A B
%
$
#
ZN
y
%
$
"
$
h
"
c
bD
E
'
i
x
k
!
!
(
%
%
'k
%&
"
#b
rk = (A, B)
'
"
'd#
"
$
"
$
$
&
E
"
C
#%
B Ax + By = (A, B)
h
n = dlog2 N e
b
%
d
"
! #
$
%
b
d# m
'h
i
E
j
"
&
$
i −1 < i 6 k
(
%
b
%E
a
$
"
E
a
h
i
"C
%"
k'
$
*
h
E
$`
yk
$ u
"
h
" # %
$
xk
(
n = log N
a
"
C
h
d
E
ri A A−B+N
O(M (n))
R=R−N
2i ai = (. . . (2an−1 + an−2 )2 + . . . a1 )2 + a0
AB = a0 B + 2(a1 B + . . . 2(an−2 B + 2an−1 B) . . .).
z
$
S
X
p
Z
*
W
UV
$
%
'
"
E
'
%
$
#
E
a
%
$
D
b
]
=
u
$ v
"
"
S
(
U
*
X
V
Ut
S
p
T
S
88
/
5
4/
1
2
1/
6
4
5
,
1
5
4
5
1/
-+ / 6
-
,
0
0
`
$
`¢
m
z
$
k
$
"C
"
"
&
'
k
E
%
E
'd
%
k
h
"
b#
"
'h
&
m
z
b
%
z
&h
(
m
%
$
#
( d
"
'd#
Cy
'
$
_
"
'd#
"
%
&
%
$
#
d
"
E
%
$
#
k%
k'
"
$
a
h
"
'
z
$
'd#
k
"
C
$
y
$
h
"
%
$
y
k
E%
h
k
"
k%
E
'd
"
'
"
z
¢
j
'd
d
"
b
"%
C
%
$
#
d
E
h
c
$
# "
E
"
j
' $
%
$
g
z
$
$ $ %
k
"
k
$
E
"
#
%
$
#
%d
c
k
E%
$
'd#
u
!
!
"
"
(
$
$
$
$
by
"
E
a
%
a
"
k
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
U
s
=
=
'
"
'd#
b
%
'
E%
h
"
(
'dc
`
" m
j
b
"
%
j
E
'd
E
a
'
"
'd#
b
%
'
E
m
m
"
a
%
(
C
'
"
E' $
(
E
b
"j
k'
a
&
E
"
'
"
$
#
'
m
$
%
$
#
k
E
j h'
k
"
k
h
c
E
b
E%
"
"
%
$ g
%h
g '
"
%&
&
E
E
D
$
by
%
#
&
E
E
hj
k l
S
P
8
=
(
(
&
E
"
"
E
$
$
$
'
"
E'
k
"
k%
E
'd
d
"
"
m
¢
z
'
h%
$
"
'
j
`
"
'
h
%
k
hb
"C
$ u
E`
E%
$
'd#
$
$
b
" m
C
'
"
%$
'
(
y
k
'
"%
'
C
h
%
$
#
z
`
(
`
`
z
$
k
E%
$
'd#
b
"
C
h
"
D
C
#%
C
E
%
k
h
C
E
j
c
b"
"
E
%
$
a
C
E
C
$
E
%#
'
k
"
'
% E
$
#
E
k
E
h'
j
(
dc
E
#
'
"
k
$
w
`
"
j
"`
b
h
c
E
%
$
h
E
%#
'
k
$
"
'
E
m
'
E
'
" m
z
$
h
c
b
"
E
a
%
C$
"
j
$
$
E
dc
E
j
#
'
h
$
k
E%
bh
"
E
a
%
( '
z
&
" m
'
b
%"
j
$
'd#
a E
&
_
$
$
y
j
%
$
#
"'
E
dc
E
#
'
h
by
k
"
'
d
$
z
dc
E
#
'
h
k
$
by
j
&
$
"
E
a
%
$
"
k%
E
'd
a
"
"
%&
E
#
E
E
by
k
E
C
#%
b
"
E
c
E
kb
(
m
"
b
%
'
d
E
(
"
k%
E
%
$
#
`
%
b
"
%
$
E
"
'd#
'
&
'
h
h
$`
$
by
k
E
$
"
%
k
$
'd#
E
%
$
#`
E%
z
"
'
d
$
j
`
%
$
#
"
%&
d
E
E
h
(
%
,
(
$
$
%
$
#
'
%
%
$
g
E
C
%
$
#
z
'd
E
Ca
7
4
1
2
3
/ E
#
5
4/
1
2
1/
-+
/ 6
4
5
k
E%
$
'd#
k l
q
:
-
,
m
C
b
%
$ u
u
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(
&
E
'
'd
&
#
"'
"
'h
#
g
u
b
"
%
E
'd
k
$
%
E
C
#%
'$
k
`
$
'
b
"
h'
j
C
c'
E
&
`
$
(u1 , u2 , . . . , uk ) mi i=1, . . . , k
'h
"
"C
"
"
'
"
b
$
j
$
"
(
$
$
`
s
k = 2t
"
`
(
dc
E
#
'
h
h
'$
'
m
%
k'
`
E%
d
'
%
j '
E
%#
"
E
' h
"
:
'd
O(kM (b)) O(k 2 M (b))
E
a
%
$
k
(
E
a
c
bD
%
k
h
c
$
'd#
b
b
$
E%
Cy
h
u b
m
(
E
'
E
k
E
h'
j
"
d
'
E
$
"
E
a
E'
$
#
kb
E
k
j
z
E
$
%
'
C
#%
$
'h
"
"
dc
m
E
a
k
O(M (n)n)
m
$`
h
"
"
"
E
j
"
'
C
b
%
$
u1 = ut−1,1
dc
E
j
"
"
$
`
#` $
'
C
%
'
'
%
$
"
Ej E
C
'd
E
E
b
s
z
E%
$
'd#
d
b
$
C
#
ZM ∼ = Z m1 + Z m2 + . . . + Z mk .
k
dc
E
#
'
h
'
C
$
u 06u<M ui =u mod mi i=1, . . . , k
#%
"
"
E%
"
&h
%
j
"
m
%
k
h
M
#
"
$
"
'
j
$
"
$
h
%
j
E%
x mod N
'
$
"j
c
C
#%
h
a
'
"
$
"'
"
a
M −M/2 < N < M/2 ZM
"
Zmi i = 1, . . . , k
`
"
m
%
%
A 06A 1 A
b
'"
E
"
$
E`
%#
"
'
j
$
#
¢
2−n AB mod N
h
$
"
E
bD
E
b
$
$
$
#
A B1
'$
&
m
(u1 , u2 , . . . , uk ) u mod m
%
E
h B
m
#
E
(
E
"
#
j
E
E
kb
"'
$
06N <M
h
$
%
$
#
$
u
dc
"
M =m1 m2 . . . mk
c
b
%
'
E
a
E
"
j
A/B =
c
`
m
k
"C
'
"
$
"'
"
O(n2 )
E%
%
%
j
%
h
xA + yN = (A, N ) (A, N ) = 1
d
E
"
b
"
$
$
#
$
#
k
u
%
E
'd#
d
E
h
E%
u (mod m)
'd
'
$
c
$
M
"
b
"
h'
O(M (n)n)
( %
$
j b
%"
C
O(n2 ) mod N O(n2 )
22n mod N
(
#
$
2 2n
mi
m1 m2 , m3 m4 , . . . , mk−1 mk ,
m1 m2 m3 m4 , . . . , mk−3 mk−2 mk−1 mk , m1 m2 . . . mk/4 , . . . , m3k/4+1 . . . mk , m1 m2 . . . mk/2 , mk/2+1 . . . mk .
u11 = u mod (m1 m2 . . . mk/2 ), u12 = u mod (mk/2+1 . . . mk/2 ),
u21 = u11 mod (m1 m2 . . . mk/4 ), . . . , u24 = u12 mod (m3k/4+1 . . . mk/2 ), ut−1,1 = ut−2,1 mod (m1 m2 ), ut−1,2 = ut−2,1 mod (m3 m4 ), . . . . . . , ut−1,k/2 = ut−2,k/4 mod (mk−1 mk ), mod m1 , u2 = ut−1,1 mod m2 , . . . , uk = ut−1,k/2 mod mk .
2t−1 M (b) + 2t−2 M (2b) + . . . + 2M (2t−1 b) = O(tM (kb))
2M (2t−1 b) + 22 M (2t−2 b) + . . . + 2t−1 M (b) = O(tM (kb))
O(M (kb) log k)
0
0
u = q1 + q2 m1 + q3 m1 m2 + . . . + qk m1 . . . mk−1 ,
z
a
h
j
k
E
#
E
d
E
%#
z
$
c
k
'
$
E
c
k
'
'"
$
D
"
'
kj h
z
d
"
C
#
h
c
%E
$
#
%
k
h
"
#
'" c
D
%
k
b
D
h%
"
$
"
m
(
&
$
y
C %
a
c
k
"
k%
E
'd
E
m
£
$
$ "
%
'
dc
E
E
$
j
$
#
%dc
%
z
b
%
'
`
m
d
b
E%
'
j
h
'E
E%
#
&
E
b
%
'
k
E%
$
'd#
!
"
!
"
(
= O((k 2 M (b) + kTXEA (b) + M (kb))) =
"
# '
' E%
d #
&
E
c
$
*
h
$
"
E
k
E%
$
'E
&
E
C
a h
b
%
z
c
$
$
E%
$
'd#
C
c
"
k
E
by
"
%
E
k
E
'
E
$
&
E
h
`
E%
'
h
%d
C
E
h
$ c
C
#%
'$
k
'
a
`
" B
( &
D`
d
b
E%
"
E
m
z
j
$
%
h
E
h
&
'
b
"
%
$
E
'd
"
h m C
h
E
k
"
E
E`
E%
$
'd#
(
$
$
h
c
"
E
'
E
$
E
h
b
'"
h
$ "
%
k
E
D
&
g
m
z
k
E
C
#%
h
%
h
"
c
"
'dc
%
k
h
"j
E
'
E
$
`
m
$
C
c'
h
'dc
%
k
h
%
#
E
+ $
b
E%
"'
h%
$
'E
k
"
%
k'
"
$
C
$
`
u ≡ ui (mod mi ),
( )
%
$
#
'd#
j
E
'
k
E%
$
$
d
$ "
k
E
D
k
E%
'
E
"
$
'$
c
& $
`
m
w
z
j
$
$
"
#
"
E'
'd
"
(
E
C
h
%
k
$
"
'
dj
c
k
C
#%
m
j$
$
'd
'
h
$ "`
'
c
Cy
h%
z
E
'
C %
k
E
E
h`
dc
E
#
'
O(k 2 M (b) + kTXEA (b))
%d
C
E'
$
E E%
%# y
#
&
j
$ $
#
z
D
m
"
"
'd
"
%
k'
$
$
"
'"
E
E
h'
%d
C
E
h
c
$
%
k
h
`
`
$
a
k
"
%
C
"
k
E%
$
'd#
b
"
C
h
"
k
"
`
(
$
k
E
E
a
C
'
"
#
%
$
$
$
'
b
"
%
E
'd
k
"
&
%
h
C
h
E
by
k
"
h'
~{
{
}
{
{
{
z
~
{
{
}
$
$
#
k
E
h
a
c
E
"
%&
&
E
E
h
"
E
"
'
%$ "b
"j
l
{
(
&
%
;
?
>
{
;
;
;
>
{
}
;
c = 1 u = u1 mod m1 i=1 k−1
C
%
$
&
m
$
#
E
"
h
c
m
m
{
{
+
"
%&
%
$
#
h&
c
"
$
"
"
&
E
"
k
%
(
$ ` k
"
k
" $
E k
E
%
E
'd
%
k l
{}
}
~
S
V
#
z
$
y
$
Cy
h%
k
E
%
E
'd
$
$
'
k
"
%
k
$
'd#
q1 , q2 , . . . , qk
$
"
u
E%
j
$
Eb
k
$
"C
`
i, j = 1, . . . , k.
k
(
R E%
$
#
&
%#
"
%
b
$
"
E
a
%
"
%
C
~
di = c−1 mod mi , i
b
%
E
j
by
$
R
'd#
E
bE
`
"
bD
m
E
E
h
% &
'
"
u
'
C
#%
"'
z
h
$
j
E
#
E
= O(k 2 M (b) + kTXEA (b))
'$
E
C
E
a
b$
%
"
j
ci di ui mod M.
"
%d
C
`
E
$
c
"
kb
b
j
k
E
%+
$
#
l
~
ci = m1 . . . mi−1 mi+1 . . . mk = M/mi ,
#
j
$
"
j
#
E
k
E%
j 6= i,
%
E
E
"'
b
%
`
TXEA (b) Zmi log mi =b
$
#
k
&h
%
b
%
'$
s
'
(O((k − 1)M (b)) + TXEA (b)) + M (kb) =
E
O(M (kb) log k + kTXEA (b)) u E%
j
C
h
#
&h
$
ci di ≡ 0 (mod mj )
$
E
y
%h
'd#
m
dc
E
E
i = 1, . . . , k,
"
`
C
#%
(
"
E
%
&
E
m
%
k l
M
a
(
C$
g '
"
"
dc
E
#
ci di ≡ 1 (mod mi ),
'd#
%
E
d
h
a
k
C
dh
h
%&
k
E
u
k
h
k
$
"
C
#%
k
E
`
&
'
h
i=1
k X
%
C
'
"
E
#
&
%
h
a
u ≡ ui (mod mi ),
mi
%
$
%$
'
`
E
E
u=
C
k
C
#%
"
B
i=1
M = m 1 m2 . . . m k
(u1, u2, . . . , uk )
(
E
k X
C&
h
_
%
k
i = 1, . . . , k
"C
'
"
$
C
k=2 u
c = c · mi d = c−1 mod mi+1 q = d(ui+1 − u) mod mi+1 u = u + qc
u
i = 1, . . . , k,
/
5
4/
1
2
1/
6
4
5
,
/
/
-+
-
,
0
f (x) = (x − b) {
n−1 X i=0
pn−i−1 x i
E%
#
&
E
k
f (x)
+ f (b). "
$
bi = n−1 X j=0
ai ω ij ,
C
0 6 i 6 n − 1.
a = (a0 , a1 , . . . , an−1 ) ai ∈ R F (a) = b = (b0 , b1 , . . . , bn−1 )
z
b
%
"
>
E
n
~
`
"
E
%
&h
s
!
z
b
%
b
E%
'
j
j
%d
'
b$
'"
b
%
$
%
!
*
pn−i−1 bxi
(
E
$
h
b
%
%
k
h
$ u
i=0
}
m
{
{
d
"
i=0
$
pn−i−1 bxi
{
k
"
!
b
"C
*
C
`
h m
d
c
E
'
n−1 X
}
{
(
E
n−1 X
'
E
"
!
Ej
v
V
U
Z
V
t
V
]
−
"
C
"
*
`
E
C
"
%&
d
E
"
j ' $
SZ
'
'
%
n 'k
*
!
h
−
$ u
?
s
$
E%
'
"
h
Cy
E%
" m
"
b
pn−i xi
>
}
$
b
"C
$
h%
E
E'
£
D
c
TU
(
$
"
E
X n
k
+
'
k
"
z
%
`
$
E
E
#
&
E
k
E
p
Z
pn−i−1 xi+1
"
"
$
'
$
dj
E
y
$ "`
'
k
"
k%
E
'd
% b
%
$
(
E
(
#
"'
j
#
E
"
$
$ v
i=0
n−1 X
'
b
(
z
#
&
E
j
#
E
k
E%
(
$
a
%
$
Cy
#
! "
b
"
%#
"
d!m
"
( )
z
E%
#
$`
&
E
i=0
j
$
b
"
E
a
%
$
Cy
'
" m
Cy
Cy
b
"%
C
b
"
E
a
"
a E
"
%
"
g
$
$
'
b
"
E
a
%
k'
`
" m
E
"
j ' $
%
$
E
( )
z
C
E
%
&
E
#
j
E%
$
'd#
pn−i−1 x i
'
$
%"
j=0
ω 6= 1 ωn = 1 n−1 P ij ω =0 16i
f (x)
E k
"
a
E
xn − 1 = xn/2 − 1 xn/2 − ω n/2 .
z
E
k
E%
$
C
h
c
E%
E
#
x = ωi x−ω i
&
E
j
`
E
¤
2
"
#
&
E
j
?
F (a)
E'
b
%
d
$ "
(
d
E%
f (x) x − ωi 0 6 i 6 n − 1 xn − 1
dc
E
%E
k
(
(
k
E
"
#
E
f (x)
E
'
E%
#
&
h
"
¢
q
i=0
h
"
'
"
"
$
C
$
E
E
"
$
"
(
%
F −1 (F (a)) = a F (F −1 (b)) = b
$
"
' $
E
'
k%
E
j
h'
"
u
$
{
k
h
(
c
j=0
C
#%
j
'
'
`
(
"
h
Cy
E
bi ω −ij ,
E
E
$
c
d
k
E%
c
E
a
h
"
"
E
"
$
d
"
F −1 (b)
a
h
$
= −1 a
%
k
h
n−1 X
c
E%
h
"
'
k
E'
1 n
$
n/2
"
#
"
ci =
j
m
"
{
"
#
R
l
ω
E
xn/2 − 1 = xn/4 − 1 xn/4 − ω n/2 , xn/2 − ω n/2 = xn/4 − ω n/4 xn/4 − ω 3n/4 . "
"
%
'
$
a i xi
s
u
$
06i6n−1 "
n = 2k
%a
h
c
h
f (x) =
n−1 P
E
x − ωi f (x)
"
$
"
F −1 (b) = c
a i xi
(ai + cai+ n2 )xi .
i=0
R
0
q
S
n−1 X j=0
M = ω n/2 + 1 0 6= ω ∈ R j=1
k−1 Y
ω ij ≡ 0 (mod M ).
(
C
h
E
y
u
C
#%
u
16i
ZM
ZM
i=0
X
i=0
n 2 −1
a = (1 + a) i
k−1
C
(
'
"
b$
%
i=0
k−1 Y
#%
' E
E
%
g
"
j
l
ω = 2q 6= 1
j=0
k−2 Y
ai =
n−1 X
y
$
n−1 X
C
h
E
E
(
E
'h
#
'
"
¢
n = 2k ω
i=0
M
a2i =
b
X
(
n 2 −1
"j
a
%
h
u
2
m
$
E'
n = 2k
hb
%$
'
"
"
#
a M
2 j
1 + ω i2 ≡ 0 (mod M ).
= 1 + (ω n/2 )t ≡ 1 + (−1)t ≡ 0 (mod M ),
l
_
2
j
j
$
"j
E
#
"
"
h ,
%
E
%$
&
'
"
b$
%
"
"
%&
"C
b
(
z
$
h%
&
3
2
1
4/
- 7+
5
4/
r
1/
$
/ 6
4
5
1 "
&h
'
E
-
(
$
y
%
h
k
"
k%
E
'd
0
[d1 , d2 , . . . , dn ] = d1 , . . . , dk + Pn Qn Pn =an Pn−1 +Pn−2 Qn =an Qn−1 +Qn−2
Qn = an Qn−1 + Qn−2 > Qn−1 + Qn−2 > 2Qn−2 > 2 n−2 2
>
z
"
C
#%
{
{
}
k
$
$
C
'
"
E'
C
E
#
"
"C
'
"
$
"'
"
$
by
"
%
k
$`
E
D
E
$ "
d
Ej
'
k
m $
h
"
d
E
"
C&
h _ '
m
h`
'
E
d
E
%
k
"
h $
E'
kb
"
k%
$
E
'd
E
%a
h
$
C
'
"
E'
y
(
(
%
k
h
%
E
'h
#
E
$
g
z
C
h
E
y
E
a
%
h
"
E
%
E
'd
$
EC
h
"
b
"
b
E%
'"
h%
¢
(
z
"
s
$ v
&h
&h
"
z
$
$
#
"
b
E%
$
"
"'
&
'
%
h%
C
$
E
k
E
(
"b
C
h
E
h'
'
%$
"j
`
l
C
"
u
y
Cy
C
#%
b
"
$
(
l
&
%
'
$ " m
C
h
k l %
'
"
b$
%
"
j
E
h
a
(
P0 = 1 Q 0 = 0 n=1 '
C
#%
h
%
b
E%
"
E
"
$
$ "
k
E%
h
E
%
E
'd
b
E%
"'
Pn−1 , Qn−1
~
$
y
1 Xn−1 · 0 Yn−1 "
'
dj
E
"
#
E
a
'd
Xn−1 Yn−1
d
d
E
n = 1, 2, . . . `
m
m
$
&
"
b
"
#
1 Xn−1 = Yn−1 0
(
j "`
"
z
(
by
&
"
k
'
"%
$
"
(
n
h
c
k
h
c
h
&
x
h`
E
%
Cy
'
b
"
[a2 , . . . , an ] =
.
.
'
.
%
`
j
#
E
m
'
C
h
$
1 Pn = Qn 0
{
}
>
{
Pn Qn
(−1)k Qk Qk−1
a = 1 1
{
(−1)n Qn Qn−1
}
'k
"
'
{
'
(
(
'
'
E
d
1 a ... n 0 1
~
%
Pn−1 Qn−1
$
Eb
"'
C
%
%&
E
E
h'
k
1 a ... n 0 1
k=1
n P
Qn
h%
"
d
E
&` E $
y
"
"
'
b
dj
E
$
#
"
"
n−1
=
$ "`
'
(
"
$
E
(
" m
%
Pn Qn
$
'
z
hj
$
%
`
% $
$
m
$
%
% $
'
h m
1
$
[a1 , a2 , . . . , an ] = Ej
h
s
z
m
d m !
dc h
dc
j
C
#%
k
m
a2 1
{
d
m
$
"
"
#b
"
'h
1 a2 0 1
%
$
#
%
k
%"
h
&
&
D
m
z
$
h%
$
'
k
"
%# y
j
{
}
>
{
}
>
{
~
{
{
{
{
m
b
%
E
k
E
h
a
c
E
%
k
h
%h
'
g
"
%&
"
¢
>
z
E
#
!
!
!
Pn , Qn
= a1 +
l m
a
E
&
E
"
$
B #
(
(
(
"
#C
h
%
E '
d
E
k
s
k
h
c
%
h
d
'
E
d
%
k l
1
Pn Qn−1 − Pn−1 Qn = (−1)n n = 1, 2, . . . Pn Pn−1 Qn−1
'
E
$
$
E
'
{
`
m
"j
(
E
E
$ "
j
1
,
'd
%
w
[a1 , a2 , . . . , an ] =
}
−
¤
(
$
h
c
"
'
%
`
E
k
E
`
#
a1 1
{
Pn Qn
Pn Qn
|{
(
#
h'
(
$
$ "`
'
(
D
E
"
$
¢
{
f
$
D`
E
" m
j
d
dk+1
1 . [dk+1 , . . . , dn ] (
1 [d1 , d2 , . . . , dn ] = d1 + ; [d2 , . . . , dn ] 1 ; [d1 , d2 , . . . , dn ] = d1 , d2 , . . . , dn−2 , dn−1 + dn
d1 , d2 , . . . , dn
(
dc
b
E%
C
"
E
dc m
%y
$
"
d
"
... +
(
m
"
E
#
"
h
d3 +
(
k = 1, . . . , n − 1 2
&
%y
£
$
d2 +
{
%
k l
n 1
'
"
"
#
[d1 , d2 , . . . , dk+1 ] A = r−1 , B = r0 , r1 , r2 , . . . , rk rk+1 = 0 ri−2 = di ri−1 + ri i = 1, . . . , k (A, B) = rk d1 , d2 , . . . , dk+1
{
$
E'
A = d1 + B B A>B
rk−1 = dk+1 rk A
I
N
N
N
L
L
L
ML
I
>
~
{
a1 , a2 , . . . , an , . . . n = 1, 2, . . .
n = 2, 3, . . .
Xn−2 . Yn−2
Pn 1 Yn−1 a1 Xn−1 + Yn−1 = a1 + = [a1 , a2 , . . . , an ] = a1 + = , Qn [a2 , . . . , an ] Xn−1 Xn−1 Xn−2 . Yn−2
n = 1, 2, . . .
n = 1, 2, . . . n = 1, 2, . . . n=2, 3, . . .
n = 2, 3, . . .
(
hC
"
$
{
{
}
{
z
'
"
"'
$
"
b
E%
E
E
S
V
&
%
/
7
1/ 0
-+
>
{
{
(
Ej
h
s
(
z
&
$ "
E
E
"
E
C
%
'$
m
$
$
'
"
E'
kb
"
k%
E
'd
E
(
E
&h
c
k
$
"
b
E%
"'
h%
$
dc
E
E
s
(
b
"C
$ u
dc
*
ak 6= bk "
z
$
j
$
k
E%
'
"
h
dc
E
%#
'
h
k
"
"
#
u
(
j
$
k
E%
'
"
$
h
&
b"
"
E
#
E
E
h
b
%
"b
"j
$
$
h
c
E C
"
(
%
$
#
d
b
E%
E
k
"
%
k'
k
d
E
"
#
u
m
z
m
%
E
%d
b$
h
k
'
E
d
E
k
E
#
E
m
k m
%y
"
z
j
`
$
#
d
E
E
h
b$
"
h
'
$
"
C
h m
m
h
'
E
d
E
E
#
E
"
`
( %
k
%"
h
&
&
bD
%
E
E
h
$
a
c
E
k
"
#
E
j
m
m
m
h
z
'
d
E
k
E
"
$
$
$
D
'd
d
Ej E
C
%h
'
`
g
C
"
%&
(
%
'
"
$
b$
%
"
j
g
l
%$ E
&
$
"
%
$
#
b
E%
E
?
>
>
>
{
}
>
{
>
}
>
{
$
k
&
Cy
}
{
{
{
>
{
S
V
j
h
#
E
'
%
h'
E
'h
#
$
z
$
"
% (
$
#
d
b
E%
E
k
¢
m
$`
m
d
%
E
E
%d
h`
'
E
d
$
"
E`
E
#
E
E
#
E
k' %
k
d
E
"
#
%
h
j
E
'
"
$
E'
`
$ m
#
E
E
#
E
%
h
(
$
E'
$
E
%
E
'd
z
$
`
E
kb
"
k%
$
E
'd
d
E
%a
h
"
"
'h
EC
h
"
% E
h
b#
E
$ m
$ B
#
E
C
#%
'
"
¢
$
c
'
%
'
"
E'
$
m
(
Ej
E
$
$
"
E
E
k
"
#
E
j
$
$
%
+
k
C
#%
'
C
m
k
E
(
z
$
$
h
'
"
E'
E
dc
C
"j
E
h
k
"
k%
E
'd
m
j
$
$
j
&
%
"
'
d m
C
%
"
"
'
E
E
"
E
&
"
"
"
' $
'
"
#
#
(
>
>
{
h
>
{
}
B
d
a
j
'
"
E' $
E
%
$
(
k
"
' $
y
dj
`
$
'
"
E'
E
k'
d
"
#
`
E C
E
z
C
%
1 an+1
{
#
'
"
%
E
#
%a
h
%
a
%
h
¢
E
m
$
"
h
E
k
"
y
an < an + α1n < an +
{
{
{
>
> >
}
>
&
%
E
k
$
#
&
b
E%
α = [a1 , a2 , . . . , an ] = [b1 , b2 , . . . , bm ]
{
>
ak + ε = b k + δ
{
{
h'
%#
(
u
h
k
h
c
h
α
{
"
'
%
z
"
b
"%
C
j
( )
$
"
b
&
}
h
$
b
"
b
E%
"
`
$
b
E%
"'
h%
k
"
k%
E
'd
h
a
"
%
k
_
z
$
$
E
"
E
&
"
k
"
%
k'
k C
"
%
*&
m
(
(
z
%
j
'
h%
$
"
b
%"
C
'
C
#%
h
"
$
#
%
k
h
$
$
"
"
C
#%
"
%
$
(
'
"
E' $
(
k k
'
"
u
z
f (x) =
{
{
h
Ca
$
$
06δ {
S
n = 1, 2, . . .
# "
E
'h
£
f (x) = [a1 , a2 , . . . , an−1 , x] #
{
{
E
Pn Qn
(
"
b$
[a1 , a2 , . . . , an ] =
%
"
j
l
"
n
{
}
α = bαc + {α} {α} 6= 0 α xPn−1 + Pn−2 . xQn−1 + Qn−2
P1 P3 P4 P2 <
>
z
j
b
%
"
#
'
h
'
%$ "b
j
(
m
"j
h
"
,
{
{
{
}
{
{
(
Ej
h
s
% (
$
#
d
b
E%
E
$
$
( '
"
'd#
dc
E
#
"
h'
'
"`
'
D`
$ "
"
"
£
$
$
'
E
d
E
'h
'
%
$
#
k
E%
'
"
h
"
E
#
j
E
E
hC
%
'$
$
%
$
#
"
'
`
(
$
'
"
'd#
b
%
d
"
E
%
b
"'
$
"
E
a
z
$
$
$
#
d
b
E%
'"
$
$
"
"
"
'
$ "`
'
$ "`
h
k
"
%
k'
k
d
E
"
#
d
%
E
E
%d
m $
%
$
#
E
%
$
#
k
E%
h
C
"
p
E%
(
hj
"
"
'd#
( d
m
#
"
{
¤
E
z
E%
"
k
E
a
%
j
a
%
"
a
j
$
j
'
E
d
%y
C
h
"
'd#
d
E
#
"
h'
b
d m "
E
`
E`
E
#
E
`
m
$ m
%y
E
#
E
"
#b
"
"
k
"
$ " £
$
b
%
"
k
"
%
k
h
D
"
$
E%
'"
$
$
%
$
#
&
%
'
"`
'
"
"C
%
b
"
d m
~{
{
}
{
> h%
>
"`
h
$
k
(
E%
j
&
b
E%
'
k
&
E%
'
"
d
$
h
b
b
$
"
E
j
#
E
E £
h
h
E
#
&
%
E
k
$
"
'
i
dj
h
m
E
j
z
h`
'
E
d
E
'h
'
%
h
#
(
"`
a
E
a
$
`
&
%
u
d
E
'h
~
{
(
z
$ m
y
h
'
"
d
C
E
"
E
%# y
j
B
m
E
$
E
'
E
%
$
(
%
$
#
b$
"
h
'
$
E
%a
h
%
d
"
`
b
"C
$ u
>
{
{
{
$
?
{
}
}
'
"
l
{
%
(
b$
%
"
j
j
E
h&
E
m
h`
'
E
d
E
k
E
"
$
$
$
D
'd
" $
d
E
#
100
$
"'
"
E
"'
d
E
#
"
'
$
"b
%$
{
z
dc
'
z"
k
m
h
d
E
kb
$
$
p a
#
E
a
%
b$
"
E
D
`
h'
S
#
k
"
%
k'
k
"j
l
b
"
(
m
'
E
d
E
"
k
#
"'
dc
E
"
#
'
$
h
97
E
"
$
%"
"
#
(
WS
U
b
%
C
{
z
%
$
h
E
a
%
θ
"
%&
E
$
'd#
"
E
y
* V
q
$`
E
b
%
"
m
d
b
$
"
"
$
$
Zp Ker ϕ = {−1, 1}
33
$
$
$
a
%
h
"
%
k
'dh
E
h
d
'
E
E%
E
'
dj
C
dc
%
E
%
h
8
k
k
#
"
$
#
E
E
E
d# m
h
d
E
#
"
h'
$
d
D
C
#%
"
&
%
h
p
"C
$
$
dc
h
%
'
?
(
'
E
%
(mod p) a ≡ 0 (mod p)
'
k
$
$
h%
k
"C
'k
(
(
E
h%
≡ ±1 (mod p) Zp
h
m
$
$
"`
'
'
h
Cy
(
"
"
*
( ap1 ) ≡ ( ap ) p−1 2
%
k l
E
'
E
?
$ h%
w
j
$
p−1 2 (
¤
≡ 1 (mod p) ⇐⇒ j
( %
$
&
'
> "
{
(
'
"
g
( ap ) ≡ a
%
(st)2 −1 8
E
&
=
"`
f
p−1 2
#
E
D`
b
E%
(
$
a1 ≡ a (mod p)
$
>
z
S
h
%
k l
( 1p ) = 1 ( −1 p ) = (−1)
#
$
$ u
a
"
'
≡
#
t2 −1 8 st−1 2
"
&
% (a, p) = 1
#b
≡
"
"
&
% t−1 2
"
b$
m
'd#
( ap ) = 1
"
$
&
% (
'
p−1 2
"
%
+
'
(
2
a ap−1 ≡ 1 (mod p) θ
"
l
s2 −1 8
"
j
+
j
#` $
'
$
a
'
&h
s ≡ 1 (mod 8) s−1 2 2
h
E
k
E
'
E
$
$
( %
$
#
E
"
#
"
"
a
"
&
"
"
#` $
'
'
a ≡ 0 (mod p), 0, a ∃ x, x2 ≡ a (mod p), a mod p 6= 0, = 1, p −1, 6 ∃ x, x2 ≡ a (mod p), a mod p 6= 0. 1 2 2 1 (s t − s2 − t2 + 1) = (s2 − 1)(t2 − 1), 8 8 p2 −1 8
ω
f (j)ω j .
G = ω − ω 3 − ω 5 + ω 7 = 2(ω − ω 3 ),
+
j
m
'
d
E
E
h'
'
z
$
$
E
$
$
j
'
"
E'
"
"
'd
E
'
E
b
"
Cy
h%
k
"
%
k
h
"
`
4
, 5
¢
{
( & e
1
1
/
1
1
-+ 4
-
k=1
q−1 X k
q $
j=0
q−1 q−1 = (+1) + (−1) = 0. 2 2
4)
a = pa1 1 pa2 2 . . . pakk
a1 a2 ak p2 a pk p1 ... ; = p p p p
;
a
;
b
%
−1 p
%
E
%
"
a E
&
%
&
m
j
E
#
z
E
$
'd#
"
z
"
C
#%
%
y
j
k
k
'
h
E
$
C
%#
h
E
a
%
'
'
$
"`
$
$
(
$ $
Ck
'
bh
"
"
hy
$ £
m
b
E%
"'
h%
$
C
E
%#
E
h
'
_
(
%
'
z
"
$`
GF (pm ) Gp
"
a
E
$
#
E
$
a
$
k
E%
k
G
dc
h
a
'
C
kj
b
p−1 q−1 2 2
E
h'
j
$ "
"
%
k
(
E
G ≡ (−1)
a mod p
%y
Ej
a
'd
#
h u $
"
G 6= 0
'
y
p
E
%
'
p−1 2
&
E
h
q
E
'dh
+
$
p−1 q−1 2 2
"
"
'
i
d
5
,
E
"%
4
,
4
(
z
( &
'
"
d
`
ef
, 5
w
w
$
d
E
#
"
h'
'
dj
E
h
E
a
%
'
'
z
(
S
]
j
E
h
a
l
TS
T
S
TX
V
S
*
V
S
p
Z
X
S
*
8
c1 x>2 x x c1 < π(x) < c2 . ln x ln x
'
j
c>0
Cy
tp (n) = blogp nc
#
E
%
$ £
z
%
a
(
'
B
p6x
X
B
m
q
"
dc
"
$
%
h
%dc
?
~
~
( &
¥
e
B ,2
%
(
$
#
"
h
E
a
( & e
e¥
,
B
y
22n >
B
{
%
k
h
$
by
h
by
$
"
E
#
"`
`
`
θ(x) =
"
S
E
'
(
E
E
"
j
$
E
$
x>2
h'
'
"
j
m
m
E
%
k
Ch
%
C
h'
$
(
"
E
< c1 < 1 c 2 > 1
(
(
j
b$
%
"
%
%
x = 2m
l
{
}
>
"
E
x x < π(x) < 1,106 . ln x ln x
"
%
#
$
j
$
bD
%
%
'
532 −1 53 = (−1) 8 (−1)26·7 = 15 2 8 =− = −(−1)28 = −1. =− 15 15
_
dt x ∼ ln t ln x E
z
"
%
"
E
h
E
a
%
C
E
C
'
( )
2
n ; a1
C
&
E
$
%
`
h
E
Cy
h%
%
C
104 < x < 106
#%
l
x ln x %
(
C
E
k
%$
C
#%
m
k
"
C
k
x
d m
j ' $
j E
#
E
d
E
C
E
"
"
E
π(x)
h
π(x) k
E
E
C$
$ u
'
#
j
'
"
%
$
$ v
¢
C
E
"
z
$
$
#
D
n−1 a1 −1 2 2
"
#
by
"
£
"
"
a
%
E
5
1
l
u
$
j
"
E
'
E
d m
"
( '
(
(
j
b
"%
C
"
E
j
d
E
#
"
h'
k
E
&
( an1 ) 0
cx
x>2
tp (n) = max{k > 0 : pk 6 n},
op (n) = max{k > 0 : pk | n}.
1
1
/
- ,+ 1
-
,
'
$ "
E'
i Ej
(
E
k
k
E
a
C
#%
¤
d
%
by
(
Ej
h
8
E
k
E
'h
#
j E'
b
%
$
'
$
0 6 b2xc −
hy
$ £
θ(x) x >c . ln x ln x
π(x) >
{ {
{
?
{
}
{
z
d
"
'
%
C
C
#%
'
"
$
E'
E '
%
z
pn >
E
'
%
1 1 n ln pn > n ln n = c3 n ln n. c2 c2
(
"
E
}
?
c5 ln n < pn+1 − pn < c6 ln n.
>
{
{
}
{
{
{
{
>
n
}
~
{
√ 2θ(x) √ x x + x < 8 ln 2 + x < c2 ln x ln x ln x c2 > 1
$ "
E
`
"
E
π(x) 6
*
TX
(
U
C
#%
d
%
" C
#
$
b
E%
"'
h%
q
pn
0 < c 5 < c6
,
_
√ p> x
√ √ √ √ x(π(x) − π( x)) > ln x(π(x) − x).
(
s
1 2 n ln pn < n ln n = c4 n ln n. c1 c1 pn > n
E
k
k
E
a
ln p > ln
h'
"
¢
p<x X
θ(x) >
C
$ c
bD
%
E #
"
$
"
h
"
C
#% Ri
pn
0.
E
" '
$ "
b
%
j "
k
(
(
x−1 > c1 x, 2
l
θ(x) > θ(2n) > cn > c
2n < x 6 2n + 1
¢ "
E
"
$ E
k
"
E
c>0
√ 2n ln 2n > cn,
*
&h
θ(2n) > n ln 2 −
!
&
E
k
k
E
c
B
pn pn < n < c2 . ln pn ln pn
ln pn + ln c1 − ln ln pn < ln n,
'
$ "
E'
p> 2n
p
{
~
*
~
(
>
{
{
$
$
"
'
h
'
E
$
$
"
&h
%
$
{}
}
k
"
%
k
}
$
#
&
E
E
#
E
$ m
C
E
$
"C
'
"
$
C
"
#
"
{
{
z
%
,
g
&
%
(
S
T
V
'
"
%
$
2
(
k
E'
"
$
$
k
%
$
#
"
#
k "
'
&
"
E
'
E
k
"
k%
E
'
n z
j
"
b" $
$
$
"'
"
"
E
%
E
'd
E
E
'
E
%
z
E
a
;
'
E
"
$ $
* E
j
$
$
y
E
d
$
$
d
b
E%
k
"
'
d
" m
&
"
%
f
$
'
%
C
d
E
%
"
c
h%
$
y
$
'#
"
%
z
a
E
k
E'
m
$
¤
k
$
,
% ;&
k
E
'
E
b$
$
"'
"
"
k
"
k% "
E
'd
%
E
E
%
E
'd
'
& & & &
E
"
j
' $
E
"'
"
"
E
%
E
'd
E
'
E
$
d
'd
'
E
"
$
y
b
$
E
#
k
"
k%
"
'
$
E
Cy
Cy
$
)
]
U
h%
m
w
X
'd
B
dc
%$
'
%
C
&
E
C
(
5
¥5
q
$
*
%
k
h
k
"
j
$
Cy
b
%
k
'
$
'
%
C
%h
$
$
s
k
h
E
E
$
#
&
E
E
hj
d
"
"
( %
g '
"
%&
by
; ;
'
E
"
$
$
$
$
"
#
k
'
$
k
"
'E
'
m
m
%
k
h
k
E m
C
h
E
E
"
D
$
%
'
"
E
%
j
$
#
E
C
#%
`
m
'd
,
z
j
$
$
E
C
C
"
+
{
& >
E
$
d
E
"
( )
"
Cy
h%
b$
"
a
%
h
E
a
C
$
y
$
"
E
$ "
k
"
%
k'
k
%
h
C
h m
$
$
#
#
(
% E
'
"
E
E
k
E
`
'D
$
"
hj
'
%
$
#
dc
"
'
"
$
a
E
b
"
"
"
%
k
'
h
"
d
E
E l
E%
{1, 2, . . . , n − 1} (a, n) = 1
5
4
,
{
$
$
"
'
h
dc
b
E%
E
(
b
%$
( &
,
"
"
D
'd
`
u
u
d
E
E
"
'
C
b
%
$
$
C
%
$
#
&
E
h
%
k
d m ! h
"
%
'
"
E
'
{
}
>
{
{
'
E
"
$
$
(
*
m
" m
n
h%
_
g
{
{
z
l B
a (a, n) n (a, n) = (2, 341) 431=11·31
`
v
$
S
(
B
n
'
"
z
E
;
{
{
}
Cy
(
%
$
$
$
k
"
c
E
%
E
'd
E ,
E
'
E
%
"
#
"C
h%
d
"`
"j
$
$
#
k
'D
$ "
i
&
%
(
z
E
"
' E
E
E
h
a
'
C
"
'
d
'd
%
$
m
£
f
$
'
#
$
g
C
#%
E
E
h'
bD
"
f
E
E
%
k'
$
"
%
$
%
h
"
d
E
"
%
(
$
$
#
'
m
&
%
(
$
$
$
j
$
%
$
#
k
c
'D
"
d
E
"
%
$
#
'
'
d
'd
%
$
#
¤
¤
i
m
(
%
$
#
&
E
E
hj
&
"
E
c
k
h
c
'$
E%
$
#
dc
$ "
z
,
&
%
an−1 ≡ 1 (mod n).
(
%
(
'h
V
"
{1, 2, . . . , n − 1}
(
&
E
E
#
E
`
#
E
h
a
'
&
%
n
{
~
(2, n)
{
{
$ m
$
a 2 3 5 7
}
~
k
aa−1 ≡ −1 (mod n).
"
"
d
E
%#
"
%
−1
~
k
?
a =(2 ) ≡1 (mod n)
a
"
C
"
$ B
&
10 34
a>1 a (2, 2n−1) &
C
u
C
#%
'
E
`
1
b
%
a | (n − 1)!
"
%
(
"
b$
a
{
(
d
h
a
%
"
j
n=2
(
"
12
k'
k
$
n = ab (n − 1)! (n − 1)! 6≡ −1 (mod n)
n √ b Nc
N
$
y
j
$ c
'
k
E
"
$
h
"
Cy
h%
"
E
E'
E
"
`
h u
$
$
S
%
"
#
$
"
h
a
n
'
C
"
"
k%
z
%
'd
"
$ "
+
'
%
C
k
"
k
E
o
Y
T
VX
S
XV
{
}
a ∈ {2, 3, . . . , n − 1}
n
2340 =
a = 2, 3, 5, 7
n 341 = 11 · 31 91 = 7 · 13 217 = 7 · 31 25 = 5 · 5
!
S
p
V
X
UV
S
*
VT
V
S
TX
8
]
z
$
j
C
"`
bD
%
C
'h
'
a E
'
E
d
"
"
'
%
k
h
& ( )
"
k
E
b
$
J
L
"
h
N
IG
N
L
L
N
N
m
c'
%$ "b
"j
'
h
E m
C
h
`
d m !
"
'
E
z
&h
E
"
`
d
E
E l
4
1
1/
-.,,+
`
r
(
(
"
'
u
g (p−1)p m−2
a
%
"
C
h
E
b
`
(
$
E
j h'
kb
" "
E
k h
g0
s
h
s
%
≡ 1 (mod pm−1 ) g (p−1)p m−3
(
(
%y
u
m
6≡ 1 (mod pm−1 ).
E
g
u
"
E
`
"
y
k h
E
&
%
k
E
$
'h
'
'
"
h
"
E
%
C
b
%
$ u
%y
C
h
"
E
"`
"
E
"
E
%
%
$
%y
C
h
z
j
'
"
"
%
E
%
E
h
"
#
a
u
m
k
a
}
y
%y
C
h
(
k h
z
$
%
k
$
"
h
E
'
C
"
%
k
"
%
k'
k
b
%
`
j
( j
k h
%"
h
k h
m
&
k
$
"
%
k'
E
b
%
j
b
%
'
Z pm
%a
h
(
h
k
>
~
{
'd
$
$
"
'
"
E'
k
"
k%
E
z
"
m
y
&
"
( '
k h
c
E
j h'
r
;
{
k
d
k
"
$
(
$
k h
'
"`
'
$
d# m d
"
E E
E C
"
#
j
"
'
'
"
E
"
z
%
C
c'
h
$
%
k h
$ "
E
"
# B $
E'
k
E
h'
j
h
{
}
{
~
{
{
{
{
{
{
{
}
{
{
?
{
{
{
{
~
( W
(
$
$
%
$
#
dc
$ "
'
h
'
$ "`
'
h'
%
"
E
%
&
%y
k l
u
m
c
bD
E
%
$
#
dc
#
(
$
"
&
'
$
$
"C
'
"
$
C
$
# "
z
$
'
E
%
$
#
dc
$ "
'
h
$
$
?
{
{
{
}
>
{
{}
}
(
j
l
Ri
'
"
b$
%
"
{
}
}
~
}
~
?
{
( % ¢
b
E%
"
E
"
%
$
#
dc
$ "
'
h
k
'
a
h
E
" B
%y
C
h
k h
&
%
h
$
j
|Z∗pm | = ϕ(Zpm ) = pm−1 (p − 1). pk
k h
$
{
}
{
{
}
{}
X
& * "
' $
{
{
{
{
{
{
{
{
{
(
,
e¥
,
{
{
{
{
{
}
{
{
{
{
z
$
C$
S
{
{
{
&
%
{
k
E
E
a
C
'
"
$
#
'
b
$
"j
h
k
"
&
%
h
p
k h
"
g m>2 m=2 ordm−1 (g) = (
&
"
%y
(
k h
k
"
ordk (a) | ordk+1 (a)
E
%
C
%
$
C
h
j h'
~
{
{
;
{
}
{
}
y
Z pm
"
E
'
"
%
Z pm p−1 g0 g = (p + 1)g0 p(p − 1) p2 g0 p−1 p2 g p + 1, p p 2 (p + 1)p = 1 + pp + p + . . . ≡ 1 (mod p2 ), 2
p
#
a
z
'
h
$
{
{}
ordk ( )
"
%
h
k
h
$
{
&
a
"
E
E
h
d
$
>
}
}
~
{
16k<m a 7→ a mod pk Z pk k=1 Zp g0
#
y
p−1 p2 p(p − 1) m ordm (g) = pm−1 (p − 1) m−1
z
%
C
$
k
{
;
{
}
m
25 000 000 000
#
%
k
{
{
}
>
{
{}
}
{
%
m>1
h&
= pm−2 (p − 1)
{
dc
"
"
"
%
k'
h
%
$
?
{
{
}
{
u
m
$
$
$
E' y
E
%
$
#
dc
"
'
h
T
SZ
* TX
* V
k
S
U
S
S
¢
(
Cy
&
E
E
$ m
#
E
k
$
U
$
"
h%
k
$
"C
"
"
E
h
a
'
C
"
Cy
$
$
j
h%
kb
'"
b
%
'$
E
a
j
2
E
k'
E
j
}
$
y
%
% k
k
$
"
#
(
E
'
z
'
"
a
k
"
h
%
E
E
"C
h%
'h
{
&
a2p −1 a2 −1
z
;
ord2 (g) = p(p − 1)
z
$
&h
'
£
#
C
$
n
$
'
E
dj
E
E
$
#
(
"
#
a
'
$
"
; ; %
"
$
(
d
$
"
'
"
b$
%
{
'
}
{
n−1 n
"
E
"
D
'd
d
'
`
`
E
"
$
'#
"
%
b ∈ Z∗n
"
$
"
`
"
j
' $
c
k
E
%&
{
}
(a2 − 1, p) = 1
h&
$
n *
r
(
E'
$
"
'
h
$
E
E'
&
{
Fn ={a ∈ Zn : an−1 ≡ 1 (mod n)} Z∗n
"
&
E
E
$
$
"
$
y
k
$
E
l
%
a
%
E
"
E
$
"
%
k'
$
"
%
k'
(n − 1)/2
"'
'
$ c
'
"
$
$`
$
j
~
a a Zn
%
$
$
k
"
i
%&
~
a
"
"
&
%
k
"
"
C
j
&
% $
$
#
%
$
¢
"
'
E
"
$ "
=
]
]
z
s
(
'
E
$
$
"
a
m
2n − 1
h
#
k
&h
k
E
h
E
1 ∗ 2 |Zn |
"
$
$
"
%
E
E
d m
ab −1
$
1/2 "
$
$
+
C
#%
"
{
ab
#
'
"
"
k%
E
a
k'
C
E
a
% "
k
"
n 21853
%
k
E
$ "
%
$
$`
d m
£
d
E
a
k
bD
E
j
'd
$
$
( %
%
$
#
'
`
"`
'
$
r (
$
%
#
E
C
$
#j
'
"
"
c
"
k
E
"
$
%
k l
"
j
$
E
'
E
k
C
"
(
b
E%
'"
l $ "`
− 1 = 22tn − 1 = (2n − 1)(2(2t−1)n + . . . + 1) ≡ 0 (mod n).
$
b
k
"
"
dc
"
'
d
"
"
"
d
E
Ca
E
"
$
$`
$
'
$ "`
'
d
E
C
h
bE
E
#
k
"
%
k'
k
C
"
b
"
"
%#
C
k l %
"
"
$
"
&
E
E
h
(
"
E
¢
u
m
t
$
'
E
,
$
|Fn | 6
"
%
k'
k
"
#
}
1 091 987 405
(
E
"
E
m
'
}~
p
' $
'
$
$
"
> %&
{
{
a
E
c
C
$
s
c
n (a, n) = 1
j
n $
"b
C
"
E
$
n n
$
%
%
$
* $
n n
"
$
by
*
#
"
n
E
$
"
#
#
a>2
%
$
E
"
k
}
n
−2
"'
*
#
E
2
"
"
h
&h
22
2n − 2 = 2(2n−1 − 1) = 2tn
ordk (a) = min{t > 1 : at ≡ 1 (mod pk )}.
-
4
1
1/
-.,,+
1
4/
1
2
'
%
C
$
E
%
E
a $
(
b
'h
%y
C
h
z
$
h
a
'
C
"
C
'
$ "`
'
m
&
%
&h
(
$ "
s
$ u
b
b"
"C
(
h
E
a
%
'
'$
$ "`
'
C$
%
'$
(
%
'
"
$
g
z
$
#
E
'
E
E
E
h
"
$ "
¤
&
%
a ≡ (mod n). n
`
E
% "
m
d B
b
$ `
"
u
p1
(
n = p1p2 . . . pk pi 6= pj
`
&
%
b$
%
"
l
n
%
r
E
m
E
%
E
j
; ?
{
{
{
{
m
{
}
>
{
{
& &
{
{
}
{
% %
?
;
{
{
}
{
~
{
{
{
{
{
{
{
}
}
~
}
~
+
>
&
{
~
~
{
{
{
{
z
S
V
"
'd#
b
%
'
"
E
%
( '
n
n
"
%
E
'
%
$
'd
{
{
a n−1 2
'd#
$
$
#
k
"
%
k'
C
E
%
E
E
'h
?
{~
{
{
a ∈ Z∗n
d
E
b
"
k
C
n−1
#
¤
a
"
h'
E
%a
'd
%
$ u
{
}
>
&
,
&
'
E
"
z
S
T
T
S
X
*
UV
V
TX
$
$
$
'
"
$
C
C
"
Cy
Cy
h%
k
E
E
a
C
'
"
#
'
"
a
:
l
(
h
Ej
(
$
"
"C
h%
#
(
$ £ hy
"
( d
%#
E
j
by
$
%
%
$
#
%
$
#
d
$ "
"
"
D
'd
E
E
h'
' $ "
%
C
E
`
r
$
j
z
"
(
a E
'
k
"
%
k'
"
$
h
E
%
%
$
#
'
"
`
`
u
r
m
k
b
E%
"
'
h
"
d
"
$ "
'
#
hj
#`
E
a
%
$
%
m
(
d
E
"
C&
$`
j
j
"
j
$ k
"
%
'k
%k
$
#
#
hj
C
b
%
$ u
$
#
"
m
( %
s
j
$
$
"
%
"
a
E
d
"
E
%
$
#
k
E
z
(
(
a
%
k
E
h
a
c
E
`
"C
"
"`
Ej E
h
E
%$
&
% $
%
$
#
%
$
#
E
r
m
&
"
'
z
$
E
hj
%
k
"
%
k'
k
(
u
#
#
`
¥
,¥
r
C
h
"
'
$
Cy
$
%
$
$
y
h%
b
%
"
k
"
%
k'
k
%
%
$
¥
¥
¥
#
&
25 000 000 000 16 561 1105 1729 2465 2821 6601 8911 10585 15841 29341 41041 46657 52633 62745 63973 75361 (
c
k
h
c
'$
E
%
%
$
`
r
l
2163
h
E
n
k`
$
y
'
k
b
h
"C
{
{
~
¤
n
%
z
k
E
%
(
(
(
e¥
,
%
h _
$
"
"
$
$
y
h
E
#
"
"
h
k
"
%
'k
k
%
%
k
$
"
s
`
r
'
%
C
"
"
(
y
$
#
'
w
'
$
g
&
%
b
E%
'"
h%
_
(
"
#
(
#` "
"
s
(
c
¢
(
"
%
$
$
j
"C
h%
'k
%
C
&h
h
a
$
$
"
E
%
k
"
h
E
b
"
h
m
u
`
i=1, . . . , k ai ord1 (ai ) = pi − 1 ain−1 ≡ 1 (mod n) (pi − 1) | (n − 1) k=2 n=pq p1 p
%
(
'
$
l
(pi − 1) | (n − 1) n = p1 p2 . . . pk pi 6= pj
$ u
$
%
C
'
h
$
%
p2 | n p > 1 n n = p 1 p2 . . . pk pi = 6 pj
"C
b
"
E
#
"
"
"
E
k
$
%
"
hp ≡ 1 (mod pm−1 )
"
(
#
'
an−1 ≡ 1 (mod p2 ) p|n
$
&
%
k
2pm
#
C
#%
(pi − 1) | (n − 1)
"
l
m
% "
"
2 4 pm
k
E'
m
'd
a
E
$
&
%y
i ordm (g) | pm−1 (p − 1) h=g (p−1)p
n−1 2 a 2 = a 2 ≡ = 1 (mod n). n
"'
"
"
h
*
%
$
# *
%
$
#
(
%
$
$
$
bD
1/2 %
k
$
'd#
a (mod n) a ≡ ±1 (mod n) (
;
;
%
z
E
$ "
E
"
k
'
(
%
m
at ≡ 1 (mod n)
(
k
#
%
g
b
$
k
"
%
'k
%
{
{
}
n
"
"
j
n an−1 ≡ 1 (mod n) $
{
{}
}
{
{
~
{~
(
"
b
"%
C
j
'
E
"b
%$
"j
hj
{
u
m
h'
h
}
{
=
{
{
S
_
j
`
j
E
C
#%
' $
%E
d m !
"
b
"%
C
d
E
E l
$
$
$ c
'
%
k
h
d
"
'
h
'd
%
d
'
E
$
"
`
d m $
%
%
$
#
&
%
E
"
#
C
#%
d
"
D
`
`
r
(
{
{
{
}
>
{
{}
}
{
{
{
>
{
{
E
E
$
h B
%
C
%
'$
C
#%
h
y
k
'
"%
'
C
h
%
&
$
y
E
'
E
E
¤
&
>
{
{
{
{
k
"
' $
y
dj
#
'
"
(
b
;
> }
}
~
{
}
}
~
{
}
Fn = {a ∈ Zn : an−1 ≡ 1 (mod n)} {}
}
{
{
}
%&
(
u
d m !
"
E
%a
C
h
"
¤
&
%
(
$
$
C
'd
E
%$
&
$
"
"
B
m z
y
$
'
E
kb
"
k%
$
$
E
'd
E
%a
h
"
E
%
&
E
E
h
%
k
h
'
%
C
u
'
{
{
&
%
{
{
{
}
{
{
{}
}
{
{
;
$
$
'
"
m
E'
kb
"
k%
E
'd
E
%a
h
"
E
%
&
"
{
{
{
{
}
{
{
{}
}
{
{
&
%
a, b ∈ Z∗n
$
{
{
V
`
5
5
x
B
v
(
"
bE
$
j
'd
> "
E
;
{
{
{
}
{
{
{}
}
(
(
{
{
{
{
{
{
}
{
{
{}
}
{
{
?
{
{
{
(
y
E
h
a
'
C
"
&
# E
{
%
E
k
E
h
a
'
C
"
&
&
E
'h
#
&
q
~
W
(
X
& *
%
(
(
(
(
(
(
(
(
(
(
(
(
(
a ∈ Z∗n
"
E
"
#
(
*
E
S
U
U
'
S
1 < a < C log2 n
$
"`
E
$
$
E
'
E
k
"
k%
E
{
$
( &
4
,
5
h
%
d m
E
$
−1
d
a
S
TX
>
d
E
"
E
"
k
'
'
$
E
"
Cy
`
'
%
$
$
(
(
( &
h%
%
a
%
h
x
B
4
,
'
{
%
k l
a
;
`
t
'
Cy
s−1
at , a2t , . . . , a2 −1 (mod n)
'
'
"
E
j
E
"
#
{ (
`
Ej
ab
E
"
%
C
$
`
d
"
E
*
E
+
%
$
$ E
"
ab
$
$
n *
%h
b
@
%
j
n
a "'
'd
c
$
$ u
n−1=2s t t a>2
h%
d
'
E
%
'
"
"C
'
"
E
$
#
d
"
(
'
d
n−1 2
$
k
`
k'
$
$
"
C
d
;
'
$
"
_
|En | 6
h
'
g
%
E'
$
"
h
E
c
E
h
$
m
"
$
%
$
%
'
"
E
%
a
$
#
$
E
E
#
j
%
"
;
'
E
$
$ "
C
%h
a
"
`
"
u
*
'
g
$
#
`
'
%
Z∗n :
c
"
E
"
#
%
"'
"
E
$
%
v
a
"
$
%&
C
#%
+
d
"
¢
;
'
E
"
$
$
¤
;&
k
"
"
k
%&
C
#%
m
'd
k
h
E
En = a ∈
k
"
k%
E
by
$
$
*
E
'
E
b$
$
"
by
$
&
t
'd
m
&
"
d
%
"'
"
"
E
%
"
$
k%
%
E
'd
E
E
'd
,
C >0
n
,
t
$
'd
,
E
$
a
"
"
E
"
j
' $
E
E
'd
E
E
%
k
'
%
h "
n
;
z
"'
"
"
E
%
E
n
E
E
%
k
"`
"`
%
'
$
$
E
E
"
"
$
%
`
O(log3 n)
'
&
(
"
'd
E
'
E
k
'
¤
{1, 2, . . . , n − 1} (a, n) = 1
n
z
"b
$
$
j$
Cy
h%
"
"
'd
c
C
"
E
"
k
'
E
'
%$
"j
l
(
"
h
c
'$
E
%
$
#
&
$
"
E
%
k
"
h
E
c
"
$
"
"
`
m
"
"
k
$
E
'
"
`
$ u
$
%
'k
%
C
y
k
'
"%
'
C
h
z
j
$
'
E
$
$ "
'
"
bE
"
E
"
k
'
m
k 1/2k
$
¤
*
'
'
$
$
E
CE
"
"
E
#
&
%
E
&
E
'
E
$
$
(
n
"
"
$
y
E
by
"
( j
$
%
$
& & & &
"
l
a a a a b a ... = = = −1. = n p1 p2 pk p1 p1
& & & f
;
E
"
C
D
m
%#
'
&
E
E
hb
%
$
(
a ∈ Z∗n
E
E
j
' $
+
"
h%
"
$
k
$
"
'
b
"
n
c
C
C
"
$
'
h
%
E
"
$
"
E
a
_
$
a
$
E
E
%
f
n
by
E
"
'
$ b
%
" $
j
"
E
'
"
≡( na )≡−1 (mod p2 ) a ≡ 1 (mod p2 )
"
E
&
&h
'
"
"
"
$
$
"`
d
2
a
"
k
'
"
"
'
E
E
h
E
E l
'
"
a ≡ b (mod p1 ), a ≡ 1 (mod p ), 2 a ≡ 1 (mod pk ).
$
$
"
n
n
n−1 2
'
E
"
j
d
a
$
$
n n n $
E'
b
%
$
a n a
a
1
n
a ≡ (mod n) n a
1 ∗ |Z |. 2 n
{1, 2, . . . , n − 1} (a, n) = 1
-
4
1
1/
-.,,+
1
4/
1
2
h
$
d
"
n
j
(
%
%
"
b
"%
C
'
%
$
$
$
z
'
$
E
C
b
%
$ u
"
& $
4
,
B
&
b
%
"
kb
'"
$
*
%
"
u
m
%
'h
'
"
(
(
*
"
f4
4
,
;&
D
a l R
$ "
"
$
$
k
E'
E
$ "
'
h
b
E%
*
$
k
E'
$
;
"
E
"
$ "
'
h
b
E%
*
%
;
$
$ "
"
k
E'
a
h
%
m
_
E
;
"
$
$
%
e¥
$
$ "
'
h
b
E%
%
$
$
$
$ "
'
h
b
E%
n < 25 000 000 000 n = 3 215 031 751 n n < 2 152 302 898 747 2 3 5 7 11 n n < 3 474 749 660 383 2 3 5 7 11 13 n n < 341 550 071 728 321 2 3 5 7 11 13 17 n
$
$
$
$
k
E'
E
"
'
h
b
E%
$
"
k
E'
E
$ "
h
$
k
E'
*
"
%
$
$ "
$
%
;
$
"
z
$
%
%+
$
$
'
b
E%
$
j
$
$
y
b
"
' k
c
%
k
'
'
"
"
dc
$
"
E
h
k
%d
E
b
"
C
#%
#
dc
"
c
b
n < 1 373 653 n < 25 326 001 2 3 5 n 2 3 5 7 E
*
E%
C
"
$ "
`
j
$
$
E
a
j
E
#
E
c
b
%
E
%
k
h
d
"
"
k
k
E
h
` m
m
E £
h
(
$
$
$
$
E' y
E
%
$
#
dc
"
'
h
b
E%
&
E
E
#
E
$ m
"
%
$
$
#
&
h
a
%
k
% h
%
$
#
c
"
k
"
z
C
'
"
$
C
a > 1
b
$ "
p
X
%$ "b
"j
%
$
C"
"
E
$
"
+
'h
5
`
$
$
"
"
k
"
%
k'
"
$
h
%
$
#
c
2
¤
m
(
$
E' y
E
d
$ "
(
Ri
%
%
E
$
#C
#
`
r
f
¤
%
f
&
%
+
Cy
h
z
%
{
{
{
}
>
{
{}
}
{
(
"
%
k'
"
$
$
z
$
$
E
E'
"
$ $
"' $
"
$
%
y
%
k
"
%
k'
k
%
$
#
d
"
'
h
b
#
%
k
h
"
%
k
E%
'd
%
$
$
$
$
#
'
bD
E
¢
+
'
%
C
$
$
E
'h
#
"
$
$
"
&
E
E
bh
"
E
%
'k
$
k
%
$
#
E
E
h
dc
"
%
%
$
$
$
z
'
"
$
$
d
"
'
h
b
E%
k
"
%
%
$
#
k
h
%
$
#
k
h
E
" k
%
A
h
z
k'
$ "
$
$
a
%
k
#
! "
( j
b
& $
(
"
h
c
'$
E
%
$
#
z
j
'
"
E
$
a
"
"
E
"
' $
E
'"
"
"
%
&
"
h
d
%
$
5
z
E
£
D
C
#%
C
EC
'h
%
"
'
E
E %
m
$
&
'
E
$
$ "
'
"
Eb
"
E
"
$
E
C
E
E
h
d
y
%
$
C
"
bD
E
E
(
$
$ "
'
h
;
'
E
$
$ "
k
*
E'
j
"'
"
'
$
"
&
E
E
h
k
E
'
"
"
$
#
c
"j
E
h
E
%
$
& &
k
'"
k
;
$
h
j
$
%
$
#
%
k
h
"
#%
h
"
f u
% k
$
#
dc
"
%
k
k
$
"
%
'k
n
E%
TXV
a
"
k
E'
j
E
V\
{
}
C
#%
(
k
"
Cy
h%
$
y
"
$
"
'
h
(
2000436751 = 487 · 1531 · 2683
'
`
$
hj
m
h'
{
{
E
%# y
B
$
x
'$
k
"
c
a
'
$
"
E
E
a
k
j
3/4 652969351 = 271 · 811 · 2971
h
'
d
E
a
S
*
{
{
{
}
j
z
"
"
d m
j E
h
k
n
E
S
{
{
}
=
dc
m
*
k'
`
3
a
\
VT
S
?
>
E
h
y
%
%
$
"
%
k'
$
2
"
`
]
{
{
S
V
_
k
$
#
"
h
$
$
$
$
"
"
a ∈ Z∗n
%
j
%&
TX
X
{}
}
{
z
E
C
#%
$
k
"
$
E%
`
"
&
b
E%
u
a
d
b
E%
p
$
E'
$
&
$
'
$
561 = 3 · 11 · 17 561−1=16·35
¤
¥
¤¥
) U
S
?
%
E'
E
"
"
m
"
$
%
"`
$ `
k
"
0.7507
V
U
V
n
k 1/4k
( &
"C
$
%E
"
%
$
#
1 < a < 2 log2 n
'&
h'
u
'
$
$
y
E
h
"
k
' $
j
$
$
C
"
0.7513
'
k`
z
$
"
'
k
"
%h
$
'
E%
'
k
b
E
k
C
"
k
'
mod 561 263 166 67 1 1
'D
%
$
m
$
"
E
"
k
'
"
$
#
"
"
O(sn)
'
'
n
$
h
"
"`
k
'
C
"
#%
h'
"
r
∃ r, 0 6 r < s, a2 t ≡ −1 (mod n).
"
E
$
a
%
%y
( %
C
c
−1
%
$
d
E
E
h
%
j
5
&h
s
¢
a
a
#
%
h
"C
'
24
,
"
C
#
E%
k%
E
n
%
$`
$
&h
$
$
#
dc
h
( &
'
h m
'
C
#%
%
2
h
`
k
"
"
#
%
"
"
"
$
"
%
%
&
E
"
k
E
mod 17 8 13 −1 1 1
$
%
k'
j
£
D
$
$
C
E
%
'
h
$
'
E
−1
E
"
n
k
"
%
h
E
'd
&
a l R
%
k'
k
%
k
$
'd#
2
h
z
v
'
&
,
4
"
"
E
'
d
E
$
"
E
"
k
'
d
`
1
1/
E
E
%h
`
1
4/
1
2
-.,,+
-
a
%
h
e¥
4
,
E m
( &
(
E
c
"
(mod n)
(
k
h
(
E
E
h'
(
u
−1
#
! "
E
w
`
b
E%
$
mod 11 −1 1 1 1 1
C
%
h
b
cn0.133
E
(
( & ,
r
mod 3 −1 1 1 1 1
%
D
−1
C
E%
'
%
'$
$
#
2 (235 )2 (235 )4 (235 )8 (235 )16
e
4
,
B
k
h
"
E
`
"
E
35
%#
c
'$
$
$ $
E
at ≡ 1 (mod n)
C
'
$
#
−1
(
'
&
D
d
E
n
%
d
%
$
"
%
E
(−1, −1, −1) n
−1
s−1
k
O(n1/10.89 ) (
d
E
a O(n1/7 )
"
%&
(2, 2, 2) (at )2 , (at )4 , . . . (at )2
a
n 2047 = 23 · 89 121 = 11 · 11 781 = 11 · 71 25 = 5 · 5 a
(
¤
,
"
z
"
{
{
}
>
{
a1 a2 [a1 (log n)6 ,
{
>
{
}
E
~
S
?
{
~
{
{
~
{
{
{
n π1 (x) P (p − 1) > x2/3
{
~
{
~
{
}
j
#
E
%dc
`
&
%
j
"b ( '
%$
"j
z
(
%"
$
z
¤
b
'
E
k
$
$
"
' k
z
%
hj
`
j
"
%
#
¤
&
% f
m
h'
d
"
$
$
#
"`
#
$
$
y
+$ E
d &
k
"
m
m
E
k
E% %
j E
#
k
h
"j
E
#
E
k
h
c
h
(
z
j
j
E
'
C
"
j
b
"%
C
d
b
E%
E "
hC
n
g
E
k
$
C
b
%
$ B
(
$
b
"
E
a
%
$
¤
&
%
Cy
b
E%
%E
"
dc
"
j
d
h
a
'
&
D
%
$
#
b
E%
E
`
D
'h
%
kC
h
&
z
"
%
b
" m
"
C
h m
"
%&
C
"
'
&
$ £
C
b
"
%
E
'd
h
E
%
'
"
'
"
#b
"'
h%
$
"
h m
hy
"
$
$
&
%
j
$
c
'
k
E
#
E
b
%
E
$
b
"
%
D
E
'd
E
#
"
"
h
%
&
'
k
% &
E
E
'
C
"
( '
"
E
h'
&
k
$
$
y
,
%
( '
&
u
E
'
E
k
"
'
$
$
"
k
E
'
E
"
'
"
%&
z
j
D
'
%
k
h
"
a
%
#
E
#
(
"
%&
C
j
%
E
z
u
_
$
$
'd#
k
$
"C
"
'
"
E'
&
"
'
E
$
E'
"
h
$
E
`
u
m
( C
"
"
(
d
E
E
"
E
b
E%
"'
$
(
E
&h
s
z
$
&
D
Cy
h%
$
C
"
dc
"
h
"
#
z
$
%
C
E
'
E
'
E
$
$
$ u
"
b
"C
%"
h
j
$
$ "
E
'
(
u
*
kb
"'
#
E
$
j
"
a
%
"
'h
"
k
E
$
d
#` "
"
%
$
b#
%
%"
$
$
(
%
C
E
h`
E
d
"
E
'
(
'
"
$ "
$
y
Ca
E
E
k
"
'
dj
z
j
b
%
"
E
#
E
"
16 log2 n + 1>8 log n r=n
E
'
%
{
>
(
$ c
'
%
k
h ¤
O((log n)6 )
$
#
dc
"
$
r −1
E
y
{
$
$
n0
%$
_
'
%
{
&
u
p
&
&
%
N
(
$
y
n > n0
C
c
$
{
{
}
;
'
E
"
(
"
%&
$
h'
x=4 log n+
d
b
E%
k
?
r
#
π1 (x) > c
'
"%
{
'h
c>0
$
£
q | or (n) E
{
~
r n0
%
;
b
r−1 l
%
`
;
'
E
$
$ "
&
&
% ;
¤
a
"'
6≡ 1 (mod r) %"
h
$ "
`
m
(
(x − a)n ≡ (xn − a) (mod xr − 1, mod n),
dj
r−1 q
a n−q
n
bD
%
f
ab b > 1 n,
E
r←r+1
£
(
n
&
l
(n, r) 6= 1 xq n q
xi
&
E
$ "
% % ¢
r
b
(
"
(x − a)n ≡ (xn − a) (mod n).
'
*
q √ q > 4 r log n %"
$
(
h%
$
0 1
?
n
"
%&
k
&
E
'
(
(
(2 ) 6 n < (2
n
%
'
"
k p
}
bh
C
'
"
h
E%
$
h'
'
$
$
$
&
"j
"
"
'd
"
%&
&
D
&
'
b
"
b
E%
%E
# "
z
$
"
E
k
E
#
E
c
'
"
#
C
#%
u
j
h
E
#
E
(
E
%
k
(
z
$
b
'"
b
%
j
$
"
"
%
k
h
C
h
'
"
b$
%
"
j
l
$
'
"
E'
E
m
c
"
E
"
E
cd
"
k
"
%k
{
S
V
?
{
{
>
{
{
{
{
~
{
}
$
$
y
E
'd
E
'
D
d m
pol (x)
'
"
k
j
"
( '
&
c
bD
%
x
{
"
#b
$
b
E'
m
%
E
m
E'
E
#
d
%
"
C
#
C$
"
O∼ (f (n))
&
'
$ "
6
{
8
k
E
%
(
E
#
"
"
m
$
k
"
k%
E
'd
n
E
a
%
$
$
"
h
#
"
d
&
u
× pol (log log n))
~
"
a
E
C$
E
j
h'
b
E
'd
xk = 1
{
S
l
Π
d# B
z
c3 (log n) < N, log log n
r−1 q V
'd
E
`
'
k
d
$`
− 1)
r−1 r−1 6 2/3 < r1/3 < x1/3 , q r C$
E
E
"
C&
%"
log a1 > 0 log a2 < log log n n
p
{
(
$
"
%
` h _
%
&h
h
d
"
$
ca2 (log n)6 c2 a1 (log n)6 > − > log(a2 (log n)6 ) log(a1 (log n)6 ) ca2 (log n)6 c2 a1 (log n)6 > − > 7 log log n 6 log log n (log n)6 (log n)6 ca2 c2 a 1 > − , = c3 log log n 7 6 log log n
6≡ 1 (mod r). Ej
y
$
$
r
'
%
C
k
"
$
(
%"
h
dc
s
a E
h&
$
(
'
$
"
E
"
#
E
N > π1 (a2 (log n)6 ) − π(a1 (log n)6 ) >
{
`
`
#
$ "
$
"
u
x x < π(x) < c2 . c1 ln x ln x
or (n) %"
h
E
&
b
E%
b$
m
&
%
&h
n
h
y
k
'
E
%
k
"'
'
%
E
2/3
E
"
"%
'
C
h
h
"
"
$
C
$
"
Π = (n − 1)(n2 − 1) · . . . · (nx
#
> 4 r log n
j
b
√
E
"
(
%
$
#
E
%a
hC
x2/3 log n
0
(
$ "`
C&
h
n0
q
0 < c1 < 1 < c 2 O((log n)12 ×
O(f (n)pol (log log n))
xi 2 i , (2k + 2k−1 )p 6 n
√ O( r pol(log log n)) = O ∼ ((log n)3 )
O(r(log n)2 pol(log log n)) = O ∼ ((log n)5 ),
1
4/
1
2
4
1
1/
-.,,+
-
'
"
Xp
k
hy
$ £
pk ≡ 1 (mod r)
d|k (
(
*
"C
m
(
C
b
|G| > |S| =
$ u
%
E
d−1
Ig(x) = {m : g(x)m ≡ g(xm ) (mod xr − 1, mod p)}.
d
E
%#
"
j
'
j
E
d
E
y
Fp
(
"
%&
&
D
E
d
2
h
'
"
#C
"
"
$
#
'
"
"
"
%&
%
&
'
&
z
#
'd
C
%
'$
C
"
u
m
%
$
#
%
%"
%
$
√r r > q > 4 r log n > l n
%
C
"
#
"
d
"
E
%
%
'
" '
$
%
$
d m !
d m
(
d m
g
1 6 a, a0 6 l
$
Cy
'
"
"'
"
d
E
k
$
%
$
z
E
j
y
%
d
E
%#
"
hj
d
E%
#
$
&
E
"
'
"
#
a
u
z
b
"C
$ u
dc
"
C
f
&
%
$
'd
c
'
%
k
h
%
'
"
'
&
%
z
*
j
y
%&
" m d
"
b
"%
C
E
a
%
$
#
b
%
%"
h
$ "
k
"
h
`
`
(
%
k
h
%
$
h
C
#%
"
'
C
b
%
$
%"
h
E
%a
¢
£
b "
%
#
'
"
"
#
z
$
%"
h
dc
"
'
"
$
u
%"
h
$ "
"
`
E
%
E
k
$
"
%
'h
E%
#
&
E
dc
'
h
"
$
$ v
s
k'
&
"
k
"
(
b
k h
r
(
%
$
#`
%
"
h
y
a
b
%
(
(
(
"C
¤
$
$ "
E
h
E
"
C
`
h m
%
'
(
dc
"
$ u
z
'
"
j
E
%
k
$ "
$
'
"
$
a
E
h
C
&
'
$
d
"
E
%
"
#
a
u
b
C
C
&
(x − a) 1 6 a 6 l G h
Cy
%#
%
'
$
b
%
b"
"
d m !
"
a
'
h&
`
C
#%
"
$
$ v
(
"
(
j
$
"
b
%"
C
k
"
#
E
j
%
k
%
k
d
"
E
$
%
'
"
#
E
"
%&
2
$ B
&
D
C
%
z
$
g
$
$
#
"
$
E
h
E
"
`
h m C
E
%
'
'
%
&
%
(
$
y
k
E
'
E
C
k
E
D
k
"
%
k'
* $
"
b
"C
$
$ u
"
b
"%
C
j
"
h
"
%&
"
#
a
%
h
(
'
E
"
$
u
"
E
%
&
h
a
%
k
h
%
k
E
'
E
$
E
%
E
'd
j
$
$
(
$
"
C
"
%
"
C
h m
j
"
b
"%
C
(
*
j
E
a
'
E
'
E
$ "
$
&
%
&
%
$ c
'
%
k
h
¤
B
$
E
'd
h&
'
a
"
E
'
E
$
%
'
"
*
"
b
"%
C
b
%
"
kb
"
#
E
j
"
a
"
%&
E
Fp (x)/(h(x))
$
#`
E%
#
&
"
%
d
"
( %
k
(
ua 6 d − 1.
"
$
¢
" m
d
"
s
&
X
$
u
E
"
'
(
"
b
"%
C
&
%
'
E
$
E
'
E
$
¤
%
h
k6d √ l = 2 r log n Fp (x)/(h(x)) = GF (pd ) √ |G| > n2 r G S
d
C
"
b
d m
"
#
j
j
&h
$
%
h
E
Ca
k
"
b
E%
"'
h%
$
"
(x − a)ua ,
j m E
C
%
$
"
h
c
'$
E%
bD
E
%
(
E%
#
&
`
'
$
$
"
E
'
Y
C
'"
_
%
p4 r log n q | or (n) pi 1 6 i 6 k (or (p1 ), . . . , or (pk )) q | or (p) n √ 1 6 a 6 2 r log n
√
(
%
$
$ "
'h
b
%
"
kb
b
%$
$ " £
E
n
C
(
*
E
b
'
"
&
"
k%
E
n=p k
E k
$
"b
%$
E
"
%
$
#C
b
%
'd
"
r =n n
$
'
h(x) r r
E
E
C
#%
E
$
n
k
y
%"
"j
$
"
"
%&
"
n
"
%
'k
k
d
"
*$ "
$
$
p
E
k
E%
#
&
bh
"
#
k
Cy
'D
( d
"
E
or (n)
"
h
m
b
d = or (p)
k h
E
C
'd
"C
$ u
$ " £
"
E
r −1
%
'
$
c
E
(
,
"
Fp (x)/(h(x))
"
%
_
C
$ u
a
h(x) | (x − 1) (n, r) = 1
(
j
r
%$
&
&
r
#
"
(
r n
E
%
"
r n
Fp (x)/(h(x)) − X = 0, r | (pk − 1)
k h
"
#
n r
n d
xp − x ≡ 0 (mod h(x), mod p)
≡ g(x) (mod h(x), mod p). d
Xp −
l+1
1
4/
1
2
4
7
1
1/
-.,,+
-
`
j
d
b
`
,
&
%
m
∃ a ∈ Z∗n , (an−1 ≡ 1 (mod n)) ∧ ∀ q | (n − 1), a n−1 q
{
>
{
}
( %
$
z
$
'
E
"
b
"
d m
d
"
$ "
"
'
`
n
z
k
y
Ej E
h
'd
'
"
k
E
"
j
' $
D
]
S
(
y
$
%
$
#
dc
"
j
C
h
k
E
"
$
c
"
%&
'
"
k
E
$
$
$
d! # m E
d
"
%
$
#
d
"
"
'k
%
C
d
E
#
"
"
h
"
$
$ v
(
E
"
$
%
$
#
$ "
$
$
"'
"
E
C
#%
%
( %
$
#
Cy
h%
k
$
"
g
$
$
"
"
*
$
h
"
"
k
$
"
k
E
z
$
m
'd
"
"
*
"
h
E
E
$
c
g
$
"
b
E%
"'
E
"'
"
"
"
%
$
`
h%
$
"
(
"'
"
d
b
E%
"
h
'
C
"
$ £
hy
"
(
"
%
j
$
#
"j
%
$
#
$ "
"
E
k
$
"C
"
dc
"
h
$
`
`
m
$ B
`
'd
$
$
'h
&
b
E%
%$
$
#b
"
b
E%
"'
h%
$
k
"
E
k
"
m
"
"
(
(
f
$ B
(
6≡ 1 (mod n)
+
'
"
C
#%
E
E
h'
c
k
%
$
$
$
#
dc
$ "
k
E
"
$
%
k
h
m
£
s
C
%
E
(
%
'
h
k
&
C$
"
h
E
'
C
dh
h
C
%
b
j
y
E
E
"
$ "
(
* $
$
$
k
$
"
k
E
'
"`
'
"
"
"b '
"
%$
"j
h
D
( d
w
'
"
d
"'
"
b
"'
h
C
"
&
E
C
"
( d
u
*
E z
$
$
$
%
C
dc
$
E
#
"
"
h
E
E
E
d
E'
E
d
"
"
d
E
E
h
E
"
j #
E
k
`
(
$ "
'
n
#
"
a
&
C
"
Cy
%
"
X
q
n
{
&
"
'
$
c
k
"
'
C
n
"
d
"
{
n
~
$ "
'
%
C
'
Cy
_
z
a
%
(
"
u
$ u
n
"b
%$
"j
E
#
5
h%
dj
"
E
"
"C
"
C
#%
C
h
"
$
# "
&
"b
"
E
$
&
%
E
h
C&
b
%
$
&
E
E
hj
D
'd
"
E
*
E
"
d
"'
"
%
'
h
z
*
$
"
k
'
%
y
$
d
"
$ "
'k
%
C
j
E
d
m E
j
c
E
%
'
b
%
h
j
$
%
"
E
d
"
%
h
&
m
$
z
$
y
d
$
C
dh
h
'
"
"
"
%#
"
$ "
k
"
%
'k
k
b
E%
'"
$ "`
h
( )
'
"
B
(
%
$
#
d
' k
"
"
h
a
'
C
"
E
'
C
"
$ "
%E
$
#
'
d m
$
$
b"
"
"
$
$ v
(
a
dc
"
E
E
#b
'd
%
h'
$
%
'
s
$ u
h&
b
"C
"
%
"
a
$
l
#
(
!
"
"
!
!
%
'
"
E
%
j
k h
#
#
j
E
m
£
y
$
$
#C
"
"
b
"'
dj
h
( %
g(xm1 )m2 ≡ g(xm1 m2 ) (mod xr − 1, mod p).
{
&
e
,
$
(
(
( C
h
"
z
*
*
$
$
$
v
x
j
%
k
'
%
%
E m
E
"
k'
%
'
"
"
D
'd
dc
E
_
z
E
"
$
$
m
h
E
d
"
%&
d
E
E'
j
h
E
d
'
E
"
z
$
j
%
b
"'
b
%
$
E
C
h
c
k
C
#%
c
&
E
'
"
¢
m
m
(
d
E
"
C&
$`
h _
"
%&
&
b
E%
E
j
c
k
h
E
#
E
%
&
E
E
hC
#
Cy
D
C
#%
E
Cy
C
z
%
"
#
$
b
"
C
h
"
$
j
$
dc
#
E
#
"
c
'
"
O(log nlog log log n )
{
}
>
~
h
"
%
k
k
b
E%
"
C
#%
"
n
{
(
%
$ "
( &
'
"
"
%
k'
$
%
%&
`
&h
C
#%
$
n
~
y
h
%
h
j
b
d
$
"
h
$
#
d
"
D
'd
d
E
'$
b
%
"
"
"
E'
n
{
S
E'
b
n
E
$`
$ "
E
Ej
$
#
" m "
'
E
"
h'
(
E
a
j
ni1 −i2 =pj2 −j1 k>1
{
r=n
%
`
"
E
'
#
k
"
c
'
m 1 ≡ m2
%
m
'd
hj
b
"
h
s
s
g(x)m1 g(x)kr = g(x)m2 = g(xm2 ) = g(xm1 +kr ) = g(xm1 ) = g(x)m1 .
V
b
%
u
E
"
#
$
"
#
"
#
og g(x) Fp (x)/(h(x)) og = |G| m1 , m2 ∈ Ig(x) m1 ≡ m2 (mod r) m1 ≡ m2 (mod og ) m2 = m1 + kr k > 0 Fp (x)/(h(x))
E
#
"
C
"
h
$
$
$
"
$
C
E
g(xm1 )m2 ≡ g(xm1 m2 ) (mod xm1 r − 1, mod p),
{
z
$
"
h
%
k
"
E
'd
b
%
"
E
"
%&
b
E%
B
g(x)m1 m2 ≡ (g(x)m1 )m2 ≡ g(xm1 )m2 (mod xr − 1, mod p).
(
z
$
"'
"
"
%h
`
Ej
'
k
w
&
E
E
bh
"
#
E ⊆ Ig(x) n i 1 p j 1 ni 2 p j 2
E%
d
%
E
d
"
(
E , #
$
% "
(
d
E
j
$
#
E
#
E
$
"
"
b
%E
og | kr
%E
`
h
b
E
n
$
$ "
%
"
a
m
k
$
"
$
√
og >n2 r n = pk
E
d
#
dc
$ "
C
j
#
c
bD
%
E
"
%
$
$
E
#
"
"
#
"
"
%
E
=1
E
"
c
b
#
$
`
h
%
k
r kr
' $
E%
%
k
h
"
h
b
"
ni1 −i2 ≡ pj2 −j1 (mod og ).
√ r
'
b
"
`
h
E
"
#
g(x)
j
#
E
"
%
"
E = {ni pj : 0 6 i, j 6 b rc} √ |E|=(1+b rc)2 >r E (i1 , j1 ) 6= (i2 , j2 ) ni1 pj1 ≡ ni2 pj2 (mod r) ni1 pj1 ≡ ni2 pj2 (mod og ) √
d
$`
E
"
C
$
h m
#
j
#
E
%&
n|i1 −i2 | p|j2 −j1 | 2q + 1 b
#
?
%
$
k
"
$ B
'
$
"
E'
"`
C
%
`
$ B
%
(
%y
C
h
E
#
(
s
(
'
"
Rl
S
h
t | pimi −1 (pi − 1)
&h
b$
%
"
j
'
E
$
'
%
"
#
n = qk R + 1 > 1
%
"
(
"
d
'
E
h
r
$
#
d
(
Ej
C
#%
V
n=qR+1>1 R < 4(q + 1) ≡ 1 (mod n) a(n−1)/q = 6 1 (mod n) n n
h'
_
dc
$ "
}
{
3 k 2 R+1
d m !
"
$ £ hy
"
n = pi Q
"
E
a
(
%
l
pi − 1 = q k r
#
&
%
E
#
E%
"
z
$
"
E
#
"
b#
%$
$
b
E%
"'
h%
"
y
"
R a(n−1)/q ≡ 6 1 (mod n) p = qk r + 1
'
h
j
"
k
'
$
C
h
%
"
#
(
#
`
i
h&
E
£
c
h
$
j
"%
'
C
h
b
"
#
k
E
E'
"
'
dj
'
"
k h
b"
$
(a(n−1)/q − 1, n) = 1
%
$
A
m
"
$
"
#
(
C
s
E
(
E
"
#
3(n−1)/2 ≡
'
(
#
3(n−1)/2 ≡ −1 (mod n).
"
#
&h
{
z
%$
'
h
h'
C
$ "
(
*
%
"
k
E
E l
i
Z∗pmi
( d
'
$
pi ≡ 1 (mod q) t > 2q + 1 Q #
s
=
D`
b
E%
"
$
b#
"'
"
E
R < 2 k 3 < 2k + 1
u
a(n−1)/2 6≡ 1 (mod n),
"
E
#
~
( d
h
b
"
h
y
p2 > (F + 1)2 > R(F + 1) > RF + 1 > n.
~
?
"`
E
E
c
'
E
%
"
n−1
E
&
u
$
c
a
"
5
h
k
C
#%
#
h
a
'
a
"
e
e
,
~
$
$
y
#
u
(n − 1)/q m | (p − 1)
a=3 q=2 3(n−1)/2 6= 1 (mod n) s
{
{
~
{
(
"
R < 2k
$
}
> {
{
{
% dc
E
"
#
q
h
{
&
{
u
R> n = FR + 1 > 1 0 {
%
b
`
h
Ca
$
$
j
"
"
'd
d
"
'k
%
C
&h
%
8
~
S
$
b#
%
%"
h`
"
?
{
{
}
{
{
T
&
C
ϕ(k) = ϕ(d) #%
$
$
"`
'
C
i
}
z
n
$ v
d
$
k | (p−1)/d
X
$
kj
b
%
'
"
d
(
(
s
(
z
$ u
*
b
"C
$ u
b
%
'
"
E
'
E
"
$
*$
b
"C
'
"
b$
%
"
j
%
k
C
`
E
(
*
w
{
{
{
{
{
(
"
h'
{
{
}
? ?
{
{
{
{
}
$
C
d
%
E
"
h m
E
E
"
"
'd#
d
E
#
"
h'
kb
"%
'k
k
"
C
h m
(
$
E
%
$
#
%
C
h
"
E
%
$
%
C
h
dc
"
c
b
E%
` g
{
c
b
%
E
%
k
h
h
E
a
%
'
$
'$
%
$
'd#
a E
"
h'
d
E
{
{
{ ~
~
~
>
{
~
}
>
?
S
}
>
{
{
{
{
}
{
{
{
=
(
k
E
&"
%E
u
d
z
$
$
%
k
"
%
k'
k
E
%
$
#
E
E
hj
"
#
kb
"
h m
C
"
#
"
(
(
$
Ej
h
%
C
E
%
"
h'
d
%
E
k
"
%
k'
z
"
$ $
"
C
#%
d
E
"
#
d
b
E%
$
$
k
"
%
'k
k
%
k
Cy
h%
_
%
(
%
k'
k
y
$
E
&"
%E
u
d
"
'
%
C
'
E
b
%$
C
h
C
h
%
$
#
b
"
# $
z
h%
$
$
$
$
C
'
"
(
(
C
&
$
_
E'
E
"
k
'
"
u
`
"%
'
C
#
$
E
C
#%
c
C
b
"
E
"
k
'
b
"
r
z
E
h
h
$
$
"
`
k
E
E'
j
u
h&
C
#%
E
E
&"
%E
u
d
"
E%
C
%
$
$
$
j
"
a
%
'
E
&
d
E
C
%#
c
%
$
#
dc
%
(
$
"
j
C
g
`
B
m
(
z
`
Ri
h
E
&
"
%&
d
"
4
m
d!m $
%
'
%
C
C
( &
24
,
B
%
C
#%
'"
b
%
"
'"
c%
$
$
$
#
%dc
'
k
E
D
$
"
k
E
'
E
C
&
E
"
h'
E k
k
"
b
(
B "
"
E%
'"
(
$
"
C
#%
E
E
'h
(
z
"
"
y
$ £
(
#
E
m1 m2 < F n > F3 m1 + m 2 > F F > m1 m2 > m1 (F − m2 ) > F − 1 m1 = F − 1 m 2 = 1 n = F3 + 1 m1 + m 2 < F m1 m2 = x m 1 + m 2 = y m 1 m2 m2 − ym + x = 0
S
S
(
VX
=
q
'
'
&h
s
(
(
z
j
'd
E
E
E
E
%
`
,
¥
¤¥
,¥
fv
s
d m !
_
£
&
E
$
y
$
¥
¥¤
,
"
h
E
"
"
"
$
( & ¤
%
k
"
#
"
(
k
"
h
c
m
%
n = 2RF + 1 = (m1 F + 1)(m2 F + 1)
'"
ϕ(k)ϕ(d) = ϕ(d) b
(
b$
%
"
j
l
(
"
$
E
E
"
%a
"`
%
C
%
h
y
y
d | (p − 1)
%
k | (p−1)/d
X
"
| (p−1)
ϕ(d∗ ) =
$
'
"
#
'
E B
$
y
$
$
%
$
#
E
"
'd
b
E
#
E
k
"
m
'd
(
(
(
z
$
`
f
m
(
b
"C
4
,¥
v
$ u
%
%"
h
dc
$ "
C
c'
h
%
b
_
'
%
y
$
#
dc
$ "
&
"
%&
'
£
$ E
'
"
$
s
w
% a
"
"
E
h
Cy
'
E
"
h
E
"
E
E'
"
$
#
"
'
$
%
$
#
%
C
"
u
'
E
b
"
"
a
E
E
$ "
"
*
$
n
#
T>
'"
C
#%
2
E
k | (p−1)/d
X %
X
E
>
p
d | d∗
E
"
a
%
h
$ B
"
#
C
#%
"
x ∈ Z∗p
'd
T=
'
√ F> 3 n
ϕ(x)
(
,
$
> "C
p > (2F + 1) > (2R + 1)(2F + 1) > 2RF + 1 = n.
"
?
(
%y
C
h
{
2
E'
g
`
y 2 − 4x
{
{
r
#
E
%
$
k
m
#
&
"
$
C $
a l R
(
E
h
a
'
C
"
pF +1
{
~
{
&
'
"
'
E
$
l
=
n
?
2R=xF +y
{
C
F
r
"b
%$
k h
`
`
q F an−1 ≡ 1 (mod n) (a(n−1)/q − 1, n) = 1 p n p = mF + 1 √ F> n F R
{
}
(
(
d
E
√ 3
&
{
~
"
g
"j
E
#
"
#
F>
(
h
a
%
k
h ,
Ej
%
$
√ p=mF +1> n
'
$
%
h
%
h
p
"
n F R a x>0 06y 1
E'
E
k
&
q
~
#
Cy
√ F> n
$
(
S
'
F
"
k%
E
h%
_
2
~
{
( &
¤
4
"
&h
n−1
'
4
,
s
a
'd
"
b$
%
? 2
y − 4x {
u
√ p6 n p > 2F + 1
%
"
{
'
"
F | (p − 1)
$
j
{
}
}
F
#
%
l
a
k
n
%"
h
R n6F 3 m 1 > m2 .
2R = m1 m2 F + m1 + m2 .
(d, (p − 1)/d) = 1.
ϕ(kd) > p−1 , d
1
4/
1
2
/
1/
1/
- ,+
-
$
"
&
$
$`
%
"
& z
&h
z
$
$
a
%
C
d
E
Ej
'
k
d
"
z
"
E
a
g
C
h
"
&
"
w
(
z
"b
$
$
%
,
$ ¤
%
by
d
"
"
'
%$
"j
l
( f
%
k
%
z
%
$
$
#
a
"
*
$
$
$
¤
v
u
%
%
E m
"
"
by
d
"
"
'
(
(
w
E
d
"`
Ej
h&
E
&
k
k
E
c
'
k
E
E
hj
(
*
z
b
E
#
k
$
"
'
dj
$
k
h
c
'$
%
$
#
d
"
E
k
E%
h
d
, u m
w
E
E
(
"
y
$
%
'
%
C
%
k
'
"%
'
C
h
"
$
"
'"
k
"
k%
E
'd
&
D
E`
d
k
E
d
"
(
$ s
$ "
"
d m
"
#
(
$
"
%
$
#
k
"
%
k
$
$
&
E
C
#%
%
k
h
%
$
#
d
`
(
z
$
E
"
$
Ca
k
i
x
$
$
$
&
#
! "
'
%
$
#
"
&
m
C$
"
"
%&
&
(
(
j
E
a
%
h
"
k
h
'd
'
%
f
x
$
%
$
#
E
C
#%
`
m
d B
&
%
t ∈ (2m−2 /F, 2m−1 /F − sm) `
z
C
#%
$
" ( '
C
$
%
b
"
a
%
a
E
&h
z
%
"
$
j
(
' ' $
E
"
' $
$
d
"
"
'k
%
C
$
&
E
#
"
"
$
h
k
E
"
h
E'
k
&
¤
,
$
"
k%
E
'd
"
'
%
d
(
"
`
`
$
"
%&
d
'
E
C$
Cy
h%
%$
a
%
'$
%
z
$
j
by
%
$
#
%
j
"
%
by
$
C$
E
"
&
"
k
"
(
&
¤
x
_
z
'
"
E
j
(
$
'
"
h
% $
$
#
E'
Ej
$
by
E
E
h
a
kj h
d
# E
&
"
`
"
'd
'
m
E
k
E%
h
dc
E
$
"
s
%
"
(
&
$
, g
x
%
$
$ u
b
`
(
Cy
h%
'$
"
"C
$
$ "
$ "
E
C
#%
"
E
"
E
d
b
E%
'"
%$ "`
$
$
h
( d
*
#
dc
E
h
k
j
"
'
'
"
%&
*
%
$
#
%
z
`
z
dc
$ "
j C
h
j
$
d
"
$ "
"
"
E
"
"
D
C
kj
b
%
$
%
$
#
dc
'
E
$
$ "
'
~{
(
%
}
{
{
{
{
}
~
{
&
E
"
%&
d
E %
E
*
v E m
>
{
{
{
~
}
* TX
(
U
{
u
~
a
%
h
m
$
#
$
"
u
c
%&
k
C
#%
$
"
j
m
(
%
%
$
Ch
"
D
$
#
dc
"
$
h
C
dc
'
%
k
h
d
"
$ "
B s
F
'
$
h
k
"
k%
E
'd
'
(
k
h
c
h
$
"
%&
'd#
$
c
bD
%
m
(
&h
1/3
m
%
"b
%$
"
%&
`
k
%
(
%
'$
h
a
E
E B
&
k
E
B >0
E
`
d
$ "
"j
d
E
E
hb
h
"
d!m $
b
"
"
`
%
C
dh
(
( &
,
4
4
,
h
E
'
1/2
"
'
$
h
d
C
" k
m
`
r
'
"
$
"
%
$
$
y
m
d
E
2εm < F < 2cεm ε
w
"
C ( C
h
Cy
(
r
(
"
%
$
#
#` $
"
E
'
E
( '
"
$
$
E'
E
Ca
E
"
C
C
h
%
'
j
"
&
E
z
%
m
E
k
%"
h
"
C
%
k
k
E
$
E
f
u
'
z
j
j
C
b
"'
b
%
$
C
%
%
'
" w
C
#%
$
'
E
c
'
$
$
`
j
`
k
j
"
E
"
' $
"
j
%
$
#
c
'
%
k
h
$
$
&
$
k h
"
"
b
E%
#C
n
"
E
$
E
C
$
h
k' %
k
%
$
d B
$
E'
E
#
`
E
#
k
"
"j
n−1
k
"
Cy
$
E
"'
j
#
k
"
%
k'
k
k
E
d
E
`
m
h
E
m
{
~
{
{
{
> {
~
{
{
{
{
(
z
$
y
u
"
'
C
% $
c
E
E
%
$
#
dc
"
j
C
h
E
&
,
(
?
~
S
V
4
4
,
u
B
"
m
"
%&
d
`
d m $
%
%
a
%
h
C
% $
{
{
>
{
}
{
}
>
{
c
( &
a ∈ Z∗n ϕ(F )/F
'd
( %
$
#
d
"
"
$
$
≡ 1 (mod n) a(n−1)/qj ≡ 1 (mod n) a F n n a ∈ Z∗n j
T
U
S
[
(
XV
:q
'
'
F = q1k1 . . . qsks F > R
(
$
h
. . . , qs
"
(2R, F ) = 1 n = 2F R + 1 q 1 , . . . , qs
P = {n = n0 + ia : n0 = ta + 1, a = 2F, 0 6 i 6 s}. A
1
4/
1
2
7
/
1/
1/
- ,+
-
'"
b
E
#
"
>
{ (
z
b
%
'
%
` s
E
h
$
a
c
'E
k
" "
!
"
&
%
$
#
Ej
C
c
m
z
$
$
#
k
d
"
$
E
"
c
b
%
CE
E
'
`
1
k
"
E%
$
'd#
dc
E%
(
$
`
r
E'
E
j
&
%
d m !
'
C
E
E'
$
E
.
_
$
$
h
c
k%
a
"
"
'
dc
j
`
,
4 4 ( & 5
(
E
E
hC
B
m
£
h
z
a
"%
'
E
$
j
&
$
"
by
&
b
E%
E
%
k E
&
C
0.
d
z
q
p
Cy
"
%
{
$
"
b
E%
"'
E
d
d
p2 − 4q)/2
E
a
'
"
%
%
h%
"%
E
E'
$
$
{
d
E
xp− px + q = 0 r = (p + p2 − 4q)/2
2
#
z
Cy
n
(n − 1) b
"'
j
E
=
>
"
{}
k
Cy
h%
_
&
j
h'
k
$
'd#
c
y
E
E l
p
b
%
~{
{
{
{Uk }
#
&
%
?
>
{
(
$
V 2k = V k2 − 2q k ,
{
}
}
"
$
{
( )
'
%
q
{
{
#
n
"
h'
j k
'
rk =(Vk +Uk
h
$
{
E m
#
n
by
"
$
'
p
E
$
"
>
b
E%
a b p 2rn = a − b p2 − 4q (mod n) {Uk } Un+1 ≡ 0 (mod n)
~
{
{
"`
%
b
u
%
{
} {
(n − 1) (n + 1) (n + 1) p2 −4q
"
E
a
>
{
~
q
r
&
E
Un+1 ≡ 0 (mod n),
#
'"
"'
h%
S
p q
E
#
&
{
$
{
}
y
U1 = 1, V 1 = p,
b
%
=
=
E%
r {Uk } {Vk }
%
E
%
}
c
E
U2k = Uk Vk ,
z
{Vk }
~
8
n n>1 n+1
k
E
n
a
A
~
S
?
p = 1 q = −1
E
"
{
S
" B
p2 − 4q (mod n) n
c
&
?
"'
U0 = 0, V 0 = 2,
s
(
h
"
Cy
E
q
(
z
(n − 1) $
{
V
p
"
}
r
b
"
{
p2 − 4q
E%
k
E
E l
n
y
{
p
d
+b
h%
$
(n − 1) (n + 1)
0 6 m < n.
k
1
4/
1
2
5
/
5
41
2
1
- ,+
-
3 &
& @
' #
I
'$
I
H
-
- & ?
%(
*
F
F
.
A
{
?
¢
(
$
'
E
"
(
"`
Cy
h%
E
E'
$
E
E
£
(
z
"
%&
k
$
"
k%
E
$
&
'
b
"
E
a
%
C$
"
j
d
E%
'd
E
h
&
h
a
%
k
h
&
#
y
$
&
E
"
C
"
'd
%
k
%"
h
&
$ "
&
b
E%
E
k
E
h
a
c
E
%
k
h
u
$
$
$
`
(
#
E
$
c
a
$
$
%
"
a
E
dc
E
%E
'
"
#
'
b
%
$
"
k
`
`
'
E
E%
"
x
u
&
d
E
E'
E
"
h
k
"
%
k'
k
E
"
A
k%
E
"
*
h
%
%
"
%&
V
z
j
'd
b
"`
E
#
E
E%
$
d# B
$
S
T
T
S
X
S
(
S
U
U
V
X
Ut
q
8
(
$
b
"
E
$
$
u
'
"
E
k
E
h
a
c
bE
"
E
a
%
C
"
?
z
y
$
$
j
$
y
a
%
"
$
$
"
E%
h
E
a
CE
"
C
"
'd
b
h
{
{
(
$
j
j
k
E
#
E
b
"
E
E
#
"
"
h
E
{
{
}
'
"
$
`
B #
f (j) mod t
E
m
*
h
m
"
k%
√ 4
"
%
k
( '
j
h
%
%
E
d
E
u
E
"
dc
$
&
"
(
$
"
E
a
%
"
(x−1), . . . , (x−z) O(z log2 z log2 t) j
$ "
c
bD
%
"
`
u
h
a
,
1÷2
h
k
E
¤¢
'd
E
#
E
a
'd
'
C$
E
$
"
"
%
$
#
%dc
k
E
a
CE
k
E
a
%
#
(
b
"
k
E
{
{
{
{
{
{
{
{
{
{
{
{
}
{
{
(
z
$
%
'd
h
c
E
E
%
E
'd
&
c
#
`
! "
>
{
{
{
~
S
V
?
{
~
~
{
$
s
Ej
{
d h
(
{
#
#
E
%#
'
Ca
k
$
"
'
E
u
m
`
(
D
C
#%
h
&
"
j
$
d
%E
bh
"
b
E%
"
$
"
d
%E
bh
"
b
E%
"
(
(
$
$
k
$
"
C
#%
&
"
h
"
"
%&
&
'
b
"
E
a
%
"
u
B
z
$`
"j
E
"
'
'
h%
$
h
c
EC
"
%&
C
'
m
`
$`
E
"
'
"
'
E%
#
&
E
E
j h'
1
2
`
z
'
E%
#
&
E
E
j h'
`
5
7
/
5
41
- ,+
1
4/
1
2
n
m
-
h
E
b
E%
"'
h%
$
b
C
'
h%
$
k
$
"C
"
C
"
%&
m
z
$
j
C
'
"
%
s
7
z/2
"
%&
m
E
(
w
"
$
u
%
{
~
S
O(z log2 z log2 t)
"
$
`
dc
b
E%
a
h
c
w
"
$
%
k
Ch
"
2 log z O(z log t log z) n
%
h
a
m
"
(
"
"
z
(
"
a
E
$
?
{}
log t
S
c
E
%
k l
%
'$
E
a
%
C
C
& _
>
V
i−1
$
`
E
E
m $
C
j$
&
'
k
n
h
%
E
C
#%
$
#
%
k
%"
h
&
(
'
{
{
}
C
log Xz
#
h
Q
S
XV
S
( f
w
j
k
m
m
$
"
"
l
z/4
%dc
E
'
"
h%
j$
k
$
"
z
"
E%
h
+
$
$
&
j
b$
%
"
O(log2 t)
$
k
"
%
"
(t, y!)
88
"
C
h m
%
$
#
'
d
(t, f (j))
E
h
u
h
k
E
bD
t=n
k'
$ B
f (x) = ((x − 1)z + 1) . . . ((x − 1)z + z). b
E
'h
#
E
(
j
#
E
E
k
E
log t
k
(
(
E
Cy
h
a
y! = (1 · 2 · . . . · z)[(z + 1) · . . . · (2z + 1)] . . . [((z − 1)z + 1) · . . . · z ] = z Y (jz)! = f (1)f (2) . . . f (z), = ((j − 1)z)! j−1
z
%
'd
%
k l
&
%
k'
( %
k
%"
h
&
b
%
k %
k
h%
$
$
j
>
e−λ
j
j
m
(
%
%
"
$
C
$
$
$
kb
"'
b
t ∈ N
k
E
b
E%
E%
'
d# B
,
x
d# B
f (j) = ((j − 1)z + 1) . . . ((j − 1)z + z) j = 1, . . . , z (t, y!)
E'
E%
D
&
%
k
%
(j − 1)z + 1, . . . , (j − 1)z + z (t, f (j)) h
'"
(
&
f (1), . . . , f (z) (t, f (j)) j = 1, 2, . . . , z
$
#
%
h%
"
¤
x
%&
λ
#
h
a
%"
%
$ u
(
"
√ √ O( λ 4 n log3 n)
&
&
k
$
#
E
&
(t, y!)
E
E
d
"
E
% E
h
d E
$
" 'd
b
'
f
x
ρ√ √ C λ 4 n log3 n
"
$
$
"
E
a
"
E
&
(
&h
√ O( 4 n log4 n) z ∈ N y = z2
h
&
"
h
d
b
E%
E
E
&
n
d!m $
`
%
E
b$
&
D
"
£
c
E
n
&
'
E
%
O(λ n log3 n)
"
$
k
E
E
O(z log2 z log2 t)
%&
k
C
b
%
$ B
√
l+1 4l + 1 z i 2 log 2i 6 z log2 z 2i
O(z log t)
n
x2 −n=y 2 %
%
$
( g
m
j
b2 mod n =
k
p∈B
Y pαp (b) .
j "
z
$
z
C
"
'
m
"
k
%
%
$
$
#
(
d
'
B ={p1 , p2 , . . . , ph } p1 , p2 , . . . , ph M h = π(M ) B "
$
a
E
$
( dj
E
` m
"
"
k
E
k
( '
z
"
"
'
h
n
"
"
$
E
E'
m
m
%
$
'k
%
C
c
$
y
k
'
"%
'
C
h
h
E
a
k
k $
y
#% y
j
4
, 5
&
z
$
h
j
a
c
E
%
k
h
"
c
"
%&
dc
E
k
h
k
$
E
'
c
&
j
"C
b
%
$
%
%"
( & e
%
V
8
S
T
V
X
Ut
=
$
y
C
'
"
E'
"
k
'
"%
'
C
h
#
%
$
j
j
"
%
$
b
#
"'
"
"
%
k
'
a
"
E%
'
"
$
h
$ %
"
#
√ √ (b knc + i + x), (b knc + i − x)
(0, n) √ √ (b knc + i + x)(b knc + i − x) = kn.
%
'
"
E
'
"
'
"
E
#
j
n
%
$
#
dc
%
"
$
#
j
k
&
&
#
%dc
`
E
a
$
E
$
E%
'
"
h
'
`
k
j
(
#
$
c
C
C
#%
'$
"
u
(
z
j
j
C
"
E
#
E
$
"
%
k
'
"
`
m
c
k
E
E
#
E
&
z
j
$
E
#
E
%dc
"
#
"'
k
"
%# y
m
C
"
E
E
a
n
j
h
"
E
'h
#
'
"
b$
%
"
j
l
(
c
k
B
`
m
$
k
E
'
E
C
h
c
c
k
C
#%
c
&
E
"
'
"
#
$
"
b
"
E
a
m
"
%
z
j
E
#
E
%dc
kn √ (b knc + i)2 − kn = x2 x
%
(
k
h
c
'$
E
√
z
$
E
`
C
b
%
'$
%
$
$
"
%
k'
k
B
$
j
h
"
kb
"'
b
%
'$
E
a
E'
c
'E
`
z
j
$
b#
%
%"
h`
bD
%
Eb
"
h
c
m
z
$
`
h`
bD
E
E
k
"
h
c
E
&
"
by
$
E
`
E%
h
dc
E
"
%
k
'
h
"
d
E
E
%
hb
%"
?
{
{
}
{
{
{
{
{
~
{
{
m
C
`
E £
h
E
'
"
h m
h
"
"
%#
"
'
(
%
%"
h
dc
E
a
$
j
E
#
E
bD
%
`
"
"
(
j
a E
'
dc
E
m
z
'
%
j
$
#
bD
%
m
n0
"
&
`
m
$
d
$
by
`
`
Ej
"
h
h
E
k=1
k'
b∈N
"
E
`
"
x2 ≡ y 2 (mod n),
'
£
j
h
w
$ "
E
"
k
'
m
E
&
h
a
%
k
$
'
"
S
V
=
"
z
$
$
b
%
%"
$
'd#
dc
E
"
E
j
#
"
k
"
%
k
h
{
{
{
u
~
~{
{
(
(
$
j
$
E
%#
'
k
$
"
'
E
"
%&
&
b "
"
E
a
%
%
`
` _
( '
"
h'
C
c'
h
"
E
'h
'
%
$
#
E%
'
"
z
(
(
$
$
j
$
j
%"
h
dc
a E
'
c
'
h
"
by
"
E
'h
E
k
"
%
k'
k
m
j
%
"
E
E'
w
C
"
$
z
u
E%
h
dc
E
C
h
"
`
`
E
h
"
%&
d
E
E
h
m
m
u
h
"
k
"
%
k'
k
$
E%
`
£
E
"
'
'd
$
'
u n
`
'h
C
z
E
E
d
E
E
E
"
C
"
$
(
E
D
E
"
$
(
%"
h
d
b
E%
'
(
%
$
$
#
%
"
Eb
"
"
%
$ g
(
%
$
#
&
D
E
C
Cy
h%
%
$ g
,
"
h'
"
`
`
d
%
E
"
*
E
t = x2 − n x
E
E
d# m !
%
#
c
E
%
c
h
"
"
y
"
(
E
"
"
E
'd
$
x
%
E
k
h
$
#
dc
"
$
k
"C
dc
$ "
m
bD
%
$
j
#
E
%
$
E
"
"
dc
E
a
k
E
z
k
c
bD $ E%
Ej
&
%
$
'd#
C
"
k
"
E
h
$
%
m
h
k
√ √n n
j h'
$
#
%
$
c
'$
$
'
%
k l
'
( %
%
k
h
h'
k
"
%
k'
'
k
'
i
'
k
"
#b
"
c
j
`
$
#
d
"
$
m
' k
"
k
E%
"
%
k l
$
h
b=x−y
"
&
%
b2 mod n
m
E
bD
%
&
%
'd#
$
#
%
n0
%
E
bD
%
m
(
h
bE
%
%"
g
E
'
d
E
#
"
h'
"
k k = 3, 5, . . .
'
$
#
d
¢
i = 1, . . . , k.
&
C
z
'
b
%"
$
'd#
h
"
h
%
*
(
h
E
a
$ "`
'
$
$
E
h%
$ u
C
h m
√ (b nc + i)2 − n = y 2 .
h
E
j
(
%
%
'
&
%
(x, √ y) √ b nc + 1, b nc + 2, . . .
%
$
$
#
E
"
#
E
(
n
+
`
"
E
h
E
%
E
'd
*
$
Cy
'
"
a−b , 2 b = x − y.
B
B
y=
$
#
$
,
$
n=a·b n = x2 − y 2
dj
E
C
#%
'
E
"
b
"
u
+
h
{
x 6≡ ±y (mod n) n
(
h
"
√ b nc + n0
"
h'
n=a·b a=x+y
d
%
E
i = 1, . . . , k
'
E
%
&
E
h
%
k
h
ti = t mod pi ,
&
'
¥
x
x
"
&
h
a
p1 , . . . , pk pi | n i = 1, . . . , k √ x b nc + 1
D
x
;
%"
h
d
%
k l
(
&
#
x
$
E
C
Cy
h%
d m !
k
"
c
E
%#
,
x
"
n=x2 −y 2
$
E
+`
%
g
'
a+b , 2 a = x + y,
+
'
%
C
(
&
$
x=
*
t = x2 − n n
C f
$
t
"'
$
(
"
p2i ( ptii ) = −1
"
k
"
%
k'
*
t = x2 − n,
b
"
`
*
$
¤
x
"
#
n>1
'dh
&
D
`
ti = 0 ti 6= 0
kb
"
$
n
"
u
"
(
&
p
f
x
y
'
"'
E
a>b>0 x>y>0
"
(
&
c
$
#
"
(x + y, n)
x2 ≡ y 2 (mod n) (x − y, n) O(n0 log2 n)
x 6≡ ±y (mod n).
1
4/
1
2
5
77
/
5
41
2
1
- ,+
-
7
x = b i1 . . . b it , y= p∈B
Y $
z
E
a
%
m
%
'
% j
z
C
%
$
"
$ "
#
E
'
{
}
>
{
}
{
E
u
>
z
(
D
&
k
Cy
h%
$
"
(
(
$
z
`
4
,
r
g
v
D
h w
%
h
E
l
' ¢
&
%
z
$
y
j
a
E
%
$
#
dc
$ "
E
h'
j
'
k
c
'
d
h%
£
#
#
#
j
(
%
$
#
%dc
%
$
%
'
"
E
'
$
bD
E
E
%
k
%"
h
k
E
h
a
c
E
h
"
&
E
E
bh
"
E
a
h
E
"
# h
m
E
$
d
E
Ca
E
k
E
C
#%
%
k
h
CE
C
`
C
#%
d
j
z
k k
'
"
b
E%
"'
h%
$
d
k
E%
'
k
b
"
E
k
'
C
"
k
_
(
E
E
a
C
"
(
"
h
c
'$
$
'
"
#
u
&
z
'
"
"
a
h
k
`
`
%
$
%
$
#
%
"
#
"
E
'
E
C
"
'
E
"
$
*$
x2 ≡ a 2
E
D
E
"
E
D
E
"
$
(
$
h
b
E
#
kb
%"
k'
k
C
"
C
h m
%
(
%
dc
E
"
j
$
' $
E
%
$
#
&
bD
%
b
E
#
"
d
" $
z
$ $ #
z
$
$
"
E
%E
k
"
k%
E
'd
`
z
'
"
g
m
j
$
%
"
*
z
r
b
"
D
"
h m C
h
E
&
"
( )
d
b
E%
'
d
C
%#
E
%
$
#
" "
C
"
h m C
%
h m C
$
#
h
a
a
E
"b
"
h
"
$
$
%
z
b
g
m
m
m
$
%
$
#
%
( dj
E
"
`
g
m
"
#
"
E
'd m
$
k
E
'
E
"
"
#
"
√ n 2
"
E
"
k
'
k
x
$
"
dc
m
%
$
#
{
h w
%
h
(
j
m
$
h
%&
'
"
$
#
'
E
E
#
j
(
"
b
j
E
a
,
b
j h'
E
&
E
&
%
#
k
&
D
E
%
'd
'
E
a
%
4 fe
,
i
'
$
1
M≈
(
B "
$ k
"
'd
"%
C
j
"
$
`
k
"
k%
E
'd
%
$
#
$
$
¢
$
'd
"
%k
'
E
E'
"
$
C
E
Rl $
"
%&
b
"
C
h
"
m
%y
C
h
"
E
h
¤
j
' "
d
E
E
C
#%
"
'
d
E
#
'
a h
&
"
E
h'
u = (x + y, n),
`
&
r
`
u
'
"
E'
%
"j
1/2
$
$
u→∞
k
E
C
#%
C
#%
}
%
E
E
' "
k
k
z
"
%
$
`
`
j
E
a
%
E
&
C
C
h
k
E
a
g
z
(
(
z
j
j
b
"
'
&
%
&
"
%
"j
"
'
C
%
$
#
C
h
a
'
"
$
_
`
2
u
x
$
b
E%
'
"
E
E
h
E
"
"
E
%
( )
`
b
"
'
"
"
"
"
%
$ g
x ≡ ±y (mod n)
z
E
C
E
%#
m
Ψ x, x1/u = x · u−u(1+o(1)) .
E
l
r
b
(
Cy
$
"
%
k
E
j
h'
n
#
E
a
C
'
"
z
S
V
(
b
"
(
j %"
$
'd#
a
%
h%
'$
$
h
dc
h
k
E%
1 < t 6 m.
y
> 0 x > 10 u 6 (log x)1−ε
m
$
k
"
#% y
Ψ(n, M)
'
'
d
h%
{
{
{
`
kb
"
`
j
{
z
E
B
'
b
j
( dj
E
"
d
%
%
k
' c
n = u · v,
k
E
%#
"'
b
$
#
log x log y
$
'
C
u=
'
$ £ hy
"
%
$
"
j
E
C
#%
b$
"
m
. . .>αk
d
b
d# B
"C
k
E%
,
%"
¢
'
%
k
$
"
m
%
$
M (k)=
(
'
(
'
%
y
E
%
$
j
c
'
%
k
h+
'
"
2
b − ac = n.
¤
x
h
j
$
#
$
$
$
C
'
%
C
"
#
E
0 6 b < a.
h%
$
"
"
a
E
"
E
#
E
Cy
h%
b$
"'
m
#
2n . M
(
m
$
$
'
"
#
'
(
$
j
"
√
x
C
E
E'
z
$
"C
'
"
C
#
E
k
"
x
$
$
z
E
'd
E
j
h'
%
$
#
$
'
"
#
'
E
d# m
C
k%
E
E
¢
−b/a
z
fab (x)
'
"
#C
"
'd
a
"
E
j
C
"
%
$
# m
u
a
'
E%
#
&
E
k
m
"
`
a
9
& z
*
' $
h
"
h
9
-
*
l
h
"
&
E "
"
z
9
9
9
9
(
f (x)
%
j
`
%
"
D
&
E
#
"
h'
h
"
k
$
"
'
dj
E
E
h
u
"
C+
E
d
E
a
%
'
"
E
%#
'
E
%y "
j
C
E
E
k
E
#
E
b
"
m
'd
C
h
(
z
z
#
d
'
E
%
$
m
d m
%
$
$
%
k
h
d
b
E%
"
"
#
h
%
d
%E
C"
$
"
b
E%
E
b
E%
u
d m
"
#
"
j
"
B
&
C
'
j
E
`
%
%
M
$
#
'E
( dj
(
a
"
[−M, M]
E
"
"
E'
E
$
E
'
E
h
c
b2 ≡ n (mod a),
%&
E
"
"
h'
`
d
%
m
$
a≈
&
E
"
y
k
'
"%
'
m
"
j
E
%
( nq ) = 1
h
c
$
C
'd
%
$
#
$
c
C
#
D
h
u
dc
"
−M
&
√ 1 |fab (x)| 6 √ M n, 2
√ 2 2 √ M n √ √ √ |fab (x)| 6 2 + 2x n ≈ 2x n 6 2M n. j
[−M, M] E
E
h
%
'
"
q|a b
m
a, b, c fab (x)
2M (k) ≡ 1 (mod p).
2M (k) 6≡ 1 (mod n),
mi = cM (i) mod n
1
4/
1
2
5
/
5
41
2
1
- ,+
-
%# y
"
$
$ $
(
E
a
%
k
"
%
`
m
z
D
z
'
+
"
%
k
$
'd#
C
&
%
"
&
"
E m E
"
%
k
$
'd#
c
E
b$
%"
$
"
#
m
z
'd
E
"
C
"
E m E
(
C
$
$
E
#
"
"
h
k
E'
D
%
k l
( d
E
a
"
#
C
E
b
"
d m !
C
"
&
d
E
b
$ " £
% ( &
"
`
d
"
d
z
D`
b
E%
%
$
#
d
'h
$
"
'
k
"
E% %
$
#
"
"
#% y
`
d
E
"
#
(
$
"
Cy
j
m
(p, q, ϕ(n), d) (p, q, ϕ(n))
&
E
m
m
"
d
B
"
E
$
+
E
"
E m E
b
Ca
E
E
(
'k
u
E
j
'
$
%# y
d
"
d
"
k
"
%
k'
k m
%
$
#
"
E
$
$ "
`
z
%
C
$
j
d
/
!
E
j
%
g
"
j
(
"
%
$
#
E
C
#%
b$
"j
k'
k
$
"C
"
"
E
j
h'
m
`
$
%
$
#
dc
"
c
bD
%
'
h
"C
E
&
E
&
"
m
z
%
k
$
'd#
q
d
'
E
E
$
E
'h
C
#%
$
"
$
E
p
'$
#
te ≡ s (mod n)
hj
d
E
E'
B
dc
"
$`
$
$ "
#
!
"
"
t
"
&
"
E m E
(n, e)
'
d
j
E
C
#j
A
m
n = pq ϕ(n) = (p − 1)(q − 1) ed ≡ 1 (mod ϕ(n)) (n, e)
m
"
m
p q e
&
%y
k
E
h
a
c
E
'd
k
u
D
A
k'
k
$
"
%
k'
k
B
k
E
'
$
$
(
y
$
$
`
%
k l
#% y
dc
E
"
(
z
d
h
a
d
`
r
m
$ $ "
dc
d
m
" m
"
%&
`
¢
d "
"
C
'
"
'
d
E
" m
'd
"
E
E
/
%#
'
E
E
C
&
b
"
m
d m !
"
a
"
%&
b
k
$
"C
m
(
(
$
b
%
`
c
#
u
! "
"
s
"%
k'
"
$
C
$
k
E%
$
'd#
%
k
h
(
j
`
m
$ E
k
$
$
"
"
#
C
"
$
$
y
E
E'
b
%
j
$
b
E%
'
d
c
E%
%
k
h'
m
d
$
y
'
"
d
E
d
Ej
C
dc
"
'
'
$ "`
'
E
C
#j
m
" m
z
j
h'
'
k
E
h'
'
&
E
'
"
h
"
b
%
'
b
%&
E
%
E
'd
u
$
z
#
"
d
E
$
E%
$
#
&
E
E
k
"
$
(
E
E
$ "
'
%
C
$
E
%
E
'd
b
"
d m !
j
$
¢
h
E
b
E
"
'
E
h'
'
"
z
D
b
E
#
%
C
#%
k
'
$
k
"
'E
¥
" m 2
'
E
a
%
h
(
E
h
`
$`
$
%
d m !
E
( )
%# y
d
"
d
"
d
$ "
$
#
&
"
£
$
bD
%
b
"
a
E
#
E
kb
"
# E
u
m
m
'd
E
E
%a
h
"
"
h m C
% Eb
%"
h
(
b
E%
(
"
" s
z
r
$
$
$
#
$
$
%$
k
"
%
k'
k
$ "
k
#
&
"
b
%
(
/
z
¤
'
"
E
E
h
E
"
`
h m C
&
D
E
(
"
%"
h`
d
b
%
"
C
"
u
J
L
J
N
L
N
J
G
N
(p − 1) | M (i)
%
b
t (p, q, ϕ(n), d) E%
E
k
z
$
"
E
m
"
(mi − 1) mod n Zn
E
(
$
a
%
k
"
Zn log M (i) 6 i log i O(i log i) cM (i)
E
`
mi ≡ 1 (mod n)
"
O(k 2 log k log3 n) (
$
j
E'
E
dc
E
%#
b
%
`
c (c, p) = 1 p | (mi − 1)
E
(c, n) = 1 mi ≡ 1 (mod p) n k
e
(n, d)
s ≡ te (mod n).
t ≡ sd (mod n)
z
$
E
E E
'
E
h
C
kj
b
%
$
"
%&
b
"'
h
E
a
-
1
4/
1
2
(
`
"
$
≡ −1 (mod n),
s0 −1
r
"
r
|Bn | = |Bn0 | +
≡ −1 (mod p) s0 − 1 < i
s0 =1
i X
|Bns |.
0
s0 6 i
b
E%
"
#b
"j
(
j
"
"
y
`
y
j
"
E
"
%
k
'
ϕ(n) = 2i m2j l,
%
k
h
$ "
E
"
k
'
d
'
E
`
"
d
"
$
E
E
k
E
h
a
c
"C
$ u
(
E
j
h&
y
j
%
$
#
"
`
"
E
"
%
k
'
1 − 2−k n Z∗n = An ∪ Bn s0 −1 s0 r An = a ∈ Z∗n : ∃s0 6 s, a2 6≡ ±1 (mod n), a2 r ≡ 1 (mod n) , Bn = Z∗n \An . b
"
%
$
#b
"
%
$
#
z
$
$
E
c
C
$
by
"
E
"
k
'
"
%&
d
E
E
h
"
#
a
`
u
z
c
E
&
%
(
j
E
h
E
E
E
a
%
(
`
%h
g '
"
%&
&
j$
$
k
E
'
E
k
"
h
c
E
&
%
$
E
d
"
%
%"
h
`
$
$
%
"
$
#
c
'
%
k
h
%
g
$
"
E
D
$
C
%
D
&
D
E
"
¤
by
(
z
j
%
$
#
d
$
C
"
C
h m
E
£
(
b $
"
j
%
$
b#
'"
a
d
%
E%
'"
"`
$
l
(
E'
(
f
x
`
%
$
# ¤
&
D
E
&
E
E
h
E
k l %
&
%
k
$
'd#
z
$
$
`
$
b
'"
"
$
$
C
%# y
`
d
E
"
"
E
a E
"
$
%
$
#j
%y
"
Eb
"
$
`
m
E
#
"
E
h
p
TX
T
S E
a
X
S
\S
( W
*) T
V
S
j
'
k
$
"
%
"
#
a
u
`
=
7
/
/
/
1/
1
,
,
"
/ 1/
4/
1
2
1
4
1
- ,+
-
≡ 1 (mod n).
'h
d
"
E
$
"
k
E
"
%&
h
c
E
a
d
&
"
r
j
h
n
"
%
E
d
"
'
%
s
z
"
k
$
+
E
E
p
'
%
C
#
_
i6j
E
"b
%$
"j
h
=
'
'
"
$
u
~
~
>
{
}
|Bn |
"
k
Cy
%
%
6≡ ±1 (mod n),
(
a2
Bn
(
a2
1/2
"
&h
Bn0 = {a ∈ Zn : ar ≡ 1 (mod n)},
0 s0 −1 s0 r ≡ −1 (mod n), a2 r ≡ 1 (mod n) , Bns = a ∈ Zn : a2
{
{
j
a ∈ An
E
"C
$
E
'
$
p−1=2i m q−1=2j l 0 Bns "
h&
z
"
E
{
}
"
h%
$
E
a1 , . . . , ak
"
(
b
"C
(
"
{
"
'
dj
E
r
%
a
E
$ u
$
E
"
#
E
*
?
"
%&
"
s0 −1
b
$
b
E%
"
#
kb
"
k%
E
'
"
s
>
~
S
D
(b + 1, n)
%
"
kb
"
k%
"'
#
C
"
≡ 1 (mod n).
E
&
$
"`
d
'd
s>1
'd
h%
$
ar
"
b
h
a
E
#
&
%
$
E'
(
'
{
$
$
n
i
r 2s−1
"
a
$
%
k
h
E
%a
h
&h
$ u
$
"
{
{
{
(n, e) n
"
b
E%
E
"
b
"C
E
"
%
(
kb
"
k%
b$
%
}
d
C
h
%
g
(
E
`
&
h
a
j
' $
E
'd
j
~
k
$
ϕ(n) = (p − 1)(q − 1) ed ≡ 1 (mod ϕ(n))
h m
"
%&
d
E
$
"
E
"
k
&
"
"
l
"
k
h
q
"
"'
w
E
%a
ed ≡ 1 (mod ϕ(n))
b
j
Z∗n
%"
%
$
(
%
k
`
b
r
C
¤
`
a 1 , . . . , ak ∈
E
#
'
b
h
%
h
¢
p
$
−1 (mod n)
D
$
(
&
D
E
v
E m
+
$
ed − 1 = kϕ(n),
ed−1=2s r Z∗n
h%
C
%
D
(
$
C
*
"
`
p + q = n − ϕ(n) + 1, p p − q = (p + q)2 − 4n.
'
$
%
k
"
%
E
"
"
#%
$
"
#
V
d
E
ϕ(n)
"
(a ) , (a ) , . . . , (a ) r 22
'E
$
$
"
%
%
{
q
"
E
%
k
k
'
m
k
%
g
'd#
"
$
'd#
c
d B
E
p
$
$
a a ≡ 1 (mod n) ar ≡ 6 1 (mod n) &
E
E
h
Ej
"
$
$ v
~
d
k
r 2
%
k l
2s r
"
"
r
%
g
d
"
{
n = pq
E
$
#
"'
%
$
,
x
q
D
$
g
a
C
%
' k
$
(
&
k'
%
p
(
$
D
"
¤
x
'
E
"
u
d
"
"
$
k
(
&
$
"
(p, q, ϕ(n), d) b = a2
s0
(b − 1, n) q
|ϕ(n)| 2
Bns ,
0
s0 =1
gi = gi−1 gi−1 /hi−1 , hi = (gi , eA ),
`
&
dc
E
"
j ' $
(
k
E'
b
"
`
d
E
"
b$
%"
h
`
/
j
%
$
#
"
#
hj
z
j
n
%
$
$
E
"
"
%
k
E
'd
E
h
C
E
D
U
T
Z
(
E
E
c
%# y
c
%
$
(
A
j
E
"
#
'
m
$ m
#% y
b
'"
"
$
C
$
y
%
k
'
k
E
$
t s1 ≡ teA (mod n)
"
#
c
"
%
z
$
"
$
"
E
(
' "
C %
'
$
$`
%# y
C
%
D
E
'
h m C
"
&h
s
(eA , eB ) = 1
%
$
#
&
E
'
c
b$
Vp R
"
E
&
$
$
%# y
dc
"
d
"
$
%
"
d
"
#
a
%
h
( y
C
#%
`
u
$
C
E
E
h
k
$
$ k
E
"
E
#
j
E
h
%
h
E
#% y
j
B
z
(
E
j
Ej
h
s
&h
(
"
$ £
hy
"
(t, ϕ(n)) = 1
E
$
m
q
kb
c
$
D
p
a
*
"
#
%
l
s
( %
$
#
$
$
'k
%
C
$
c
E
%
k
h
%h
'
g
"
%&
d
E
$
E
D
b
"
k
j
z
j
C
b
%
$ B
%
$
#
k
E
h
a
"
C
#%
E
#
&
%
d
(
E'
D
%
E
"
%
E
'd
"
%&
#
m
%
"'
&
$
%
d
C
&
h
k h
' y
C
z
%
C
b
$
k "
'
"%
'
C
h
"
h m
%
$
#
"
b#
"
'h
&
(
d
$
"
h m C
j
j
k'
d
"
#
j
%
$
# ¤
&
D
k
E
%
E
'd
"
b
"%
C
'
E
E
C
#%
C
#%
u
E
'h
#
t
n
"%
k'
'$
$ "
'd
%
"'
sx1 sy2 ≡ t (mod n)
%
k
kb
`
E
k
m
*
S
xeA + yeB = 1
d
$
y
"
E'
$
#
E
D
"
E
E'
E m E
c
$
%
E
%a
b ≡ dA (mod n) hi | eA (eA , ϕ(n)) = 1 e d −1 B B ϕ(n) . t
E
%a
$
$
E
a
E
*
$
$
#
bh
E
k
h
Ca
$
$ v
"
t = h 0 h1 . . . h i eB dB − 1 , eA = 1, t
E
"
a
h
$
"
d
D
$
C
TUV
$
#
%
'
z
C
h
"
d
E
%
j
`
(
hy
2 log n
E
$
d
E
%a
dc
$ "
q
h
E
C E
u
b
"
h
by
C
p
"
"
p
%
$
h
h'
$ "
b
%
E
k
h
j
E
#
"
E'
"'
b
%
d
h
a
"
#
"
#
m
%
E
q
D
D
E
dc
E
C
c'
h
%
"
$
" m
k
h
$
$
h
d m
'
m
j
Ej
a
%
E
%
j
b$
"'
j
E
&
k
%
"
c
# $
m
dc
$ "
E
h
0
b
$
(
$
E
'd
$ u
{
E
&
$
d
E
"
B
{a ∈ Zp : ar ≡ 1 (mod p)}
"
%
%
(
k
E'
"
"
s2 ≡ teB (mod n)
$
"
a
$
=
?
>
%
%# y
j
t = h 0 h1 × . . . × h i
E
#
dc
#
u
%
k
`
$
$
a
#
'dc
dc
%# y
/
j
$
b#
"%
h
kb
%
k
"
c i
0
E
E
'h
$ "
z
B
'
z
E
"
x, y
j
b
"
&
b
c
bD
*
eB ϕ(n)
E%
D
`
{
a
{
~
{
(
d
E`
p
d
%
"
"
b
{
{
{
}
"
$
$`
%
j
4i − 1 2k = 2 ml = ml 1 + 3
$
z
eB dB − 1
k
$
$
E
E
j
B q
%
"'
b
= {
"'
b
C
&
|Bn0 | = |Bp0 | · |Bq0 | = (r, p − 1)(r, q − 1) = ml,
(
t = thi .
&h
$
%
~{
0
'd#
"
u
a
{
{
{
{
{
S
V
p
eA
'
A eB dB − 1 = kϕ(n)
&
"
%
(
"
E m E
u
}
~
q
(
$
b#
%
(
'
"
b$
%
~
>
{
p
&
%&
`
(
%"
C
"
E
j
l
$ £
0
%
hi > 1
d
C
E
%#
'
b
%"
E
$
"
"
0
m
q0 = eB dB − 1 h0 = (g 0 , eA ) t = h0
E
E'
h`
d
b
E%
k
E
$
'd#
Cy
E
"
s
0
$
$ "
j
(
j
#
E
C
"
a
n = pq
E
'
E
j
E
dA
E
"
h
"C
'
"
#
j
' $
− (2s −1 r, q − 1)) = (2s m − 2s −1 m)(2s l − 2s −1 l) = 22(s −1) ml. 0
$
$
C
"
#
d
E
"
' $
(
0
j
#
£
t (eB dB − 1)/t A
m
0
%
E
%
k=0
c
$
{
4i + 2 2i+j + 2 2i+j ϕ(n) = ml 6 ml < ml = . 3 3 2 2 i−1 X
"
a
u
}
|Bn | = ml +
h ,
i "
u
(
$
0
E
c
&
,
x
"
0
'
%
B
$
(
&
|Bns | = |Bps ||Bqs | = ((2s r, p − 1) − (2s −1 r, p − 1))((2s r, q − 1)−
%a
%
k l
¤
x
E
0
r, p − 1) = m
h
(
#
"
#
dB
&
k
E%
q Zp
Zn ∼ = Zp + Z q
hi > 2
i 6 log2 (eB dB − 1) 6 2 log2 n.
eB dB − 1 + beA = 1. t
q
/ ,
/
1/
4/
1
2
1
4
,
/
,
/
1/
1
1
- ,+
-
` m
b
z
%
j
{
(
r s
>
p ≡ 1 (mod r), p ≡ s − 1 (mod s)
{ '
"
$ 'h
%
&
%
$
( d
"
$ "
d
"
"
%
$
#
$
%
$
#
d
$ "
b
E%
E`
E'
C
&
$
D
E
#
&
%
E
C
kj
E%
,
(
$
%
$
#
"
"
&
¤
x
_
'h
%
$
#
m
z
E
'
l
$
u(r, s) = (sr−1 − rs−1 ) mod rs
"j
C#
u(r, s) = 2g, g ∈ Z.
{
u(r, s) = 2g + 1,
u(r, s) + rs,
'
u(r, s),
E
h
"
k
'D
(
/
£
¢
r
£
$
$
"
"
'
"
$
"j
(
k
$
$
C
"
"
E
%
$
#
k
'D
$
"
'
%
%"
h
c
E
h
( d
z
d
E
"
$
E%
'
'
b
"
&h
` u
z
y
b
E%
"
E
d
"
%
$
#
"
b
%
"
$
$
%
'
"
E
'
%
k'
"
E%
h
dc
E
by
`
m
%
`
'
E
%
j
$
#
E
Ca
E
y
j
z
`
C
n $
(
h
"
Cy
h%
$
C
b
$
%
$
#
d
E
C
#%
$
d
c
"
$ "
(
&
Ej
&
h
a
%
$
#
E
C
#%
$
$
m
&h
'
"
d
E
"
#
`
,
x
_
(
k
E
"
$
%
k l
t
k
%
k'
"
$
C
% b
$
m
2lt+1
" m
Cy
$
h%
E
h
dc
%
'
"
b
%
#
$
r
s
>
{
}
$
$ "
E
r
"
by
'
k
(
'
%
z
'
b$
"
D
E
#
"
$ "
h
d
"
$
E
E
k
E
h
a
c
E
%
k
hC
"
u
r
¢
£
dc
"
E
E
%
$
#
c
"
'
"
"
E
$
$ "
k
"
k%
$
+
'
"
E'
d
E
%
E
b
"
d m
d
E
%a
h
E
'd
b
%
&
%
C
#%
d
E
"
#
%
'
k h
'd
$
#
"
k'
d
"
#
#
z
E
e
4
,
r = 2lt + 1.
p = 2jr + 1, p = 2ks − 1, E
&
"
%&
a
%
h
E
h
( &
(
a l R
t
$
%
"j
k
k
$
z
m
m
¢
%
x
k
a
%
%
$
#
%
E
k
"
#
E
c
'$
b
E%
E
'
E
$
(ordp (a1 ), ordq (a2 )).
$
$
d# B
f
x
z
*
E
bD
%
"
"
[1, log t]
c
"
#
(
&
` h m C
d
"
E
E
$
$
#
s
p q r
h
m
z
"
&h
E
D
dc
E
"
E%
'
[x, x + log x]
( d
z
y
_
%
k
h
(
%
$
#
%
"
j
j
C
%
'$
"
#
"
?
>
{
}
{
z
z
j
y
a
E
d
$ "
E
k
E
a
%
"
&
b
%
Cy
E
&
bc
"
" B
.
"
%&
&
"
"
$
p0 + 2krs
=
&
u
k
$
"
p0 = (
E
E
z
k
E
E
b
C
'
"'
h%
D
j k l
E
h
% h
'
'
j
$
E
#
E
&
"
'
#%
E
p r s t
~
S
$ E
'
"
$
'
b
% $
z
j
#
'
&
%
E
d
h%
"
$
'
%
C
$
ed ≡ 1 (mod ϕ(n)).
{
B
$
d m !
%
a
h
E
j
a
E
'
b
"
%# y
$
E'
(p − 1, q − 1)
b
E%
$
%
m
(
l
ed ≡ 1 (mod (p − 1, q − 1))
$
%
"
a
%
$
#
j
$
"
$
E
E
Zn ∼ =Zp +Zq
{ V
q+1 2 ~
'"
k
"
%# y
¢
$
E
dc
%
E
(p + 1)
"
d
j
( %
$
$
"
$
c
b
#
$
s t
a
E
%a
h
q2 =
h
$
5
#
£
(p − 1, q − 1) (p−1, q−1)=2 p=2t+1 q=2s+1 (s, t) = 1 (p − 1) p q p−1 p+1 q−1 q+1
d
E
%a
4
, ( & e
'
D
B
d +
( %
E
a
q−1 , 2
$
% h
q1 =
2
C
#%
"
'
d
`
(
%
$
ϕ(n) (p − 1, q − 1) . 2
d
$
$
"
d m
D
p−q 2
#
"
q1 − 1 #
p+1 , 2
"
u
$ "
"
' $
"
¢
a = a 1 + a2
dc
$ "
p1 − 1
m
d!m
#
D
−n=
bD
%
E
E%
"
#
d
E
q−1
bD
h
d m
k
"
'
h
ordn (a) =
v
c
%
k
"
a
"'
2
%
%
E
E'
%
C
m
E
E
h
p+q 2
c
b
p2 =
%
$
$
$
p−1
E%
#
p−1 , 2
#
E'
"
q −1
%"
%
$
#
d m
"
#
p−1
hj
E
h'
d
$ "
%
d m !
p1 =
&
j
h E
'
kb
$
$
"
&
'
"
#
'
$
j
n
j
{
~
{
}
>
+
E
'
E
C
b
"
D
"
h
"
kb
"'
b
%
'$ B
\
>
>
{
}
{
/ 1
/ ,
/
1/
1
- ,+
,
1
/ 1/
4/
2
1
4
{
{
{
U
(
P
m
-
j
a E
#
E
%
b
"
d m
d
E
%a
h
E
E
"
dc
'
z"
p
p ≡ 1 (mod r),
p ≡ s − 1 (mod s), r ≡ 1 (mod t),
p
bD
$ c
'
j
e∈ Z∗ϕ(n) E
$
"
%
d m
"
#b
"'
(
b0i = j=1
2i Y
pijij ,
α
ordordn (ω) (e)
i = 1, . . . , r,
b0i b00i = j=1
2i Y
b00j qijij ,
β
£
$
j
C
#%
$
i = 1, . . . , r, j = 1, . . . , s,
j = 1, . . . , s.
"C
h%
E
E'
"
$
h
$
E
'
%
C
`
$
%
k'
"
y
h
'
"
E
"
$
'$
%
$
#
'd
by
m
"
%
$
(
{x ∈ Z∗p : Fp | ordp (x)} > (p − 1) ϕ(Fp ) , Fp ϕ(F q) {x ∈ Z∗q : Fq | ordq (x)} > (q − 1) . Fq
r
¢
s
%
%
$
'
%
C
C
E
E
h
c
y
$
y
k
'
"%
'
C
h
%
$
k
( +
j
¤
,
f
( )
d
$
y
$
k
"
%
k'
j
$
E
k
z
%
'
Ej E
l
$ B
C
b
%
'
"
b$
%
"
j
`
h`
(
C
#%
~
r
¢
£
{
{
{
{
{
{
>
>
{
~
>
{
{
(
j
$ B
d
n
"`
%
C
%
'
"
b$
%
"
l
{
~
S
{
{
h=pq p−1=2Rp Fp q−1=2Rq Fq Fp Fq
~
#
"
"
#
x ∈ Z∗n
?
>
b
"
"
k h
%d
Fp | ordn (x) Fq | ordn (x) (Fp , Fq ) | ordn (x)
#
k'
d
"
i=1
s Y
qj0 − 1 = 2a00j b00j ,
(
"
#
%
c
C&
'h
Fq =
p0i − 1 = 2a0i b0i ,
"
#
j
E
E
a
k
E
$
&
E
Ej
E
$
#
h
%
C
#
α
(
"
#
$
hy
$ £
p0i i ,
{
C
%
"
'
/
h
"
C#
"
i=1
r Y
~
n = pq
(
{x ∈ Z∗ : [Fp , Fq ] | ordn (x)} > (p − 1)(q − 1) ϕ(Fp ) ϕ(Fq ) , n Fp Fq dj
z
$ m
"
%
$`
s
*
a
u
u
Fp =
= ω (mod n). {
B
E
(
g
"
f>
~
S
`
#
m
a
j
`
%
$
"
f (Fp , Fq )
{
eu ≡ 1 (mod ordn (ω)),
4
h
(
y
&
bD
'
hy
(
E
>
m
c
%
g
$ £
sr−1 ≡ 1 (mod r),
{
V
"
j
' $
k
E
m
%#
Eb
E
h
"
p − p0 ≡ 0 (mod r) p − p0 ≡ 0 (mod s) p0 ≡ u(r, s) (mod rs) p0 p q ω ∈ Z∗n ordn (ω) ω
j
E
k
$
d!m "
"
a
'h
rs−1 ≡ 1 (mod s).
"
#
k
E'
D
$
E
d
"
d
"
c
u(r, s) = (sr−1 + rs−1 ) mod rs.
(
k
E'
D
j
$
$
h
b
%
$
"
b
E%
"
'
z
E
"
d
"
$
$ "
"
$
y
Cy
b$
"
E
$
"
c
j Cy
u(r, s) = 2g + 1, u(r, s) = 2g, g ∈ Z,
h
a
c
E
%
k
h
C
#%
$
sr−1 ≡ 0 (mod s) rs−1 ≡ 0 (mod r) ( u(r, s) ≡ 1 (mod r), u(r, s) ≡ −1 (mod s).
h
m
'
E
$
"
h
"
`
/
{
{
{
~
{
{
{
{
'
%
C
'
&
C
$
Ej E
( &
z
E
#
"
h
$
"
h
h'
4
42
,
u
p = p0 + 2krs
z
ordordn (ω) (e)
k
3
d m
m
ω "
'
$
$
s = ω e , (ω e )e = ω e , (ω e )e = ω e , . . . , ω e , . . . 2
h
E
c
C
#%
eu
%
C
k
"
%
2
E
'd
E
c
"
h
p = p0 + 2krs
E
'h
&
D
b
E%
"'
h%
$
u(r, s), u(r, s) + rs,
%#
k
=ω
'
%
eu −1 E'
$
#
b
E%
E
s
p0 p ≡ p0 (mod rs) p0 + 2k 0 rs
D
x∈ Z∗n
$
m
$
%
k
h
"
#
E
"
`
m
"
#
%
k
h
E
(
%
E
#
"
p0 = (
qi0 i .
β
ordn (x) >
r s X X ϕ(Fp ) ϕ(Fq ) 1 1 · >1− − . Fp Fq p q i=1 i i=1 i
/ ,
/
1/
4/
1
2
1
4
/
,
/
1/
1
1
- ,+
-
(
j
`
#
$
$
%
k
a
E
m
(
`
b
z
'
a
%
z
b
%
CE
$
(
b
%
Z
"
"
'
$
C
'
"
E'
z
C
"
C
j
h m
%
$
#
bD
%
E
#
"
"
$
h
m
j
h`
E
#
E
%dc
h
m
(
z
$
$
$
d
E
"
k
"
%
k'
k
%d
%
`
` g
m
%
'
"
%dc
z
$
E
k
j
m
"
%
k'
"
$
h
(
"
by
&
b
E%
"
E
C
d
"
$
E
E
E
`
&
bD
%
#
"
b
%
h%
'
C
m
$
k
E'
b
%
j
$
E'
"
k
"
%
k'
k
d
E
$
$
E'
"
"
#
"
dc
m
z
$`
E
E
a
"%
dc
E
E
j
% "
"
d
/
j
E
#
E
%
b
"
b
E%
(
¢
E'
b
%
j
$
$
dc
"
'
C
"
h
b k
"'
$
j
E
a E
"
k
E'
D
`
(
j
k
E
#
E
s
k
E'
z
D
k
'
"
%
k
j
y
h
z
k
E'
D
"
$
$
$
E
E
'd
'
b
*
V
X
S
m
8
=
Vp
\S
"
"
$
$ v
(
k
E
%
E
'd
c
E'
"
E
&
E
"
"j
c
bD
%
$
Cy "
"
E
%
$
#
dc
"
E
&
d
C
h
`
m
h
bD
%
E
k
"
'
$
(
'
$
y
`
m
$ m
#
E
E
C
C$
u
$
a
%
E
d
"
'k
%
C
C
"
'
"
E
$
E
&"
%E
u
d
"
by
%$
$
#
d
"
"
'
%$ "b
"
pij
'
"
h
b
E
"
b
"
E
a
d
"
E
j #
E
k
m
k
E'
%
$
#
b"
"j
k'
$
%
$
#
d
"
E
j
'
E
z
j
h
%
k
hb
j
%$
'
b
%
$
"
z
$
D
d
"
$
E
E
'
"
#
'
z
$
j
b
"j
k'
E
#
"
"
h
k
E'
D
$
$
k
E'
"
h
"
$ m
b
E%
"
$
E
"
"
$
`
$`
$
"
'd
k
E
#
%
k
h
%
$
#
C$
'
E
C
'
"
E
E
d
E
E'
$ E
&
"
E
%$
&
_
(
p00ij
`
E
$ #
e6k
"
E
$
E
"
E k
n
$
'
u
$
h&
kb
"
"
√ e
"
u
e C
"
(
"
E
E
t< te = s
$
E
c
(
E
m
d
E
E
'$ "
e
a
%
k
E
#%
'
"
e
%
$
$
"
a
y
%
$
E
$
c
bD
%
d
Cy
E
k
'
"%
$
#
'd
k
"%
D
d
k'
j
j
h'
'
k
"
%
k'
C$
h
k
E £
00 qij
'
'
`
E
a
d
"
E'
%
$
#
E
C$
y
k
$
"
k
"
b$
'
E
C
'
E
d
E
E'
$
$
h
#
'
j
E
&
k
"
Cy
b
%
'$
d
"
$
E
&
%
k
h
(
$
"
c`
d
'
E
C$
"
E
E
%
$
#
dc
$ "
k
E
"
$
£
z
$
j
C
h
"
b
"'
b
%
$
a E
h
"
&
"
b
E%
"
$
E
"
b
"
%
$
z
$
y
"
$
Cy
E
#
"
"
h
c
h
%
$
#
dc
"
E
&
k l
{
{
~
{
{
{
}
{
{
{
`
q
C
'
C
h
"
E
a
{
+
~{
{
p
$
%
$
d
&
$
k
E
C
d
C
k
C
"
`
$ "
k
g
m
$ $
e
#
j
E
m
%d
%
E
"
h
e
k
$
E
h
"
"
$
E
dc
"
d
h
e
k
"
h
c
$
$
$
E
$
E
a E
E
&"
%E
u
p00ij x
k%
E
k
k
E
kb
"
j #
E
?
>
{
{
qi0
"
j
"C
b
%
E
E
a
"'
'd
e
Cy
j
#
&
%
c
C
#%
_
p0i
'd
b
%
$
'
E
l
$
b
E%
"'
h%
>
}
{
{
q
$
'
"
k
C&
j
m
"
E
#
A
l
£
{
p
h&
"
E
s1 ≡te1 (mod n1 ), . . . , sk ≡tek (mod nk ) (ni , nj )=1 ni , nj ) '
"
E m E
E m E
"
"
(
&
%
E
e=t
' $
D
d
"
$
k
E
y
"
"
r s X X 1 1 1− + . 0 p q0 i=1 i i=1 i
c
(b01 , . . . , b0r ) | ordFp (t),
"
(Fp ,Fq ) (t) | ordordn (x) (t),
#
z
%
C
$
(Fq ,Fp ) (t).
%
& %
k
h
d m
$
(b001 , . . . , b00s ) | ordFq (t),
k
d
k
"
k%
s
b0i | ordp0αi (t) i
$
"
#
D
E
'd
dc
"
%
k
%
k
(
'
"
b$
%
l
¢
1 qi0
%
E
(
h
"
j
~
j = 1, . . . , si ,
"
h
£
"
#b
"j
i = 1, . . . , s,
j
m
#
b
r
¢
6≡ 1 (mod qi0 ),
h
c
"
"
d m
E
"
%
£
a
"
i=1
$
E
%
"
' $
r
¢
C
#%
E
#
A
i
k
$
v
'
(
E
%a
k'
r
£
&
%
E
ordordn (x) (t) r s P P 1 p0 +
$
$
"
%
#
&
%
k'
%
%
C
Ej
h
$
"
%
k
h
¢
hy
$ £
i=1
k
bE
%
$
p1 − 1 q1 − 1
$
$
%
E
%$
_
(b01 , . . . , b0r , b001 , . . . , b00s ) | ord
&
"
r
£
&
"
i = 1, . . . , r i = 1, . . . , r
"
#
p q
p 1 q1
%"
%
h`
#
h
c
"
%
k
Ch
¢
x ∈ Z∗n
j
"
'
dj
s
m
b
%
$ u
x ∈ Z∗n
E'
b
(
C
"
ord
%
%
k
%"
"
k
C
(Fp , Fq ) | ordn (x)
$ "
`
h
&
"
$
E
E l
#%
'
(b01 , . . . , b0r , b001 , . . . , b00s ) x ∈ Z∗n
m
&
bD
j = 1, . . . , ri ,
"
$
bD
%
%
m
b0i | ordFp (t) b0i | ordp0i (t)
$
h
%
a
i = 1, . . . , r,
z
j
"
"
d
"
%
"
q0 −1 qij
6≡ 1 (mod p0i ),
C
$
k
h
t
p0 −1 pij
(p − 1)(q − 1)
#%
k
E'
t
t
00 qij
qij
d
d
e
/ ,
/
1/
4/
1
2
1
4
/
7
,
/
1/
1
1
- ,+
-
(
%
c
2 ,
,
z
y
$
C
%
E
a
d
$ "
k
E
a
%
¤
2
2
E
Cy
b
E%
/
j
$
(
z
%
b
"
"
a
$
"
C
&
E
E
k
"
%
h
5
l
4
f
f f
,
v (
C
5
f
kb
"
z
$
j
E
E
a
'
"
%&
'dc
%
$
#
E
z
"
m
(
(
z
$
"
k
'"
j
$ "
%
k
&
'
%
$
#
"
D
'
$ E
`
& _
e
f
%
$
y
j
E
d
h
"
k
"
%
k'
k
"
m
'
h
"
dc
E
E'
$ "`
h
%
E
$
j
E
h
k
'
k
"
E B $
( % )
%"
h
bD
%
E
#
"
"
bh
"
h
c
m
j
$
E
"
%
k
'
'dc
c
#
"
%
%
h
"
$
#`
%
z
%
%"
h
dc
$ "
$
$
c
b
E%
$
E
d
E'
"
E
d
"
E
"
*
h
%
%
x
u
(
h
%
%
'
h
"
"
%#
"
'
d
E
E
$
E
h
%
$
`
,¥
u
B
m
z
$
$
#
"
$
`
j
%
k
h
'dc
c
#
"
%
%
h
"
k%
"
%
$
C$
"
E
" i
E
"
'$
EC
"
$
E E
%
h
(
$
$
#
dc
"
z
'dc
$
k
"
d
"
$ "
k
E
k
E
E
h'
u
m
(
¤
' 2
E'
5
h
'
E
a
%
h
"
D
&
E
#
"
h'
d
h
"
(
z
$
'
d
E
m
¥
4
f
$
E
h
%
$
#
dc
"
k
E
"
$
d
h
"
$
`
$
( )
$
h
'
"
h
E
"
&
`
$ `
$
$
&
'
%# y
k
E
"
(
(
z
¢
$
"
%&
'
E
'
"
% a
"
¥
f
Rl
¤
,
s
$
d
"
(
(
z
$
m
E
" m
'
d
E
$
h
& g R
%
$
#
c
#
%&
$
`
%dc
"
E`
d
E
E'
E
C
"
$ "
E
'
h
"
d
E
E'
(
z
"
E
E
"
%h
a
%
h
E
%
h
¥e
4
,
B
" i
E
'
EC
( &
(
$ "
h
w
9
9
4
24
,
%
(
(
(
(
'
h
&
%
(
z
%
%
C
C$
d
E
h'
%
$
#
dc
$ "
c
b
E%
%
k
h
`
r
r
(
,
$ s
d
"
$ "
d
"
4
" m
'
E
$ "
E
"
k
'
'
"j
'
"
E
'
*
v
$
E
E'
E
"
'h
%
#
E
E'
%
C
m
E m
%
%
"
$ s
(
(
*
*
$
$
"
$
E
%
E
h
b
"
'$
E
"
2
f
2
x
_
f
$ s
k'
%
"
'
(
`
d
E'
%
C
%
%
$
#
'
`
$ "`
'
'
b
"
C
#%
E
a
E
r
m
_
4
(
z
j
$
h'
dc
b
E%
"
%
E
h
&
E
c
&
E
E
E'
$ E
v
f
,¥
% f
h
(
&
E
j
d
"j
k'
e
,
f
(
j
$
$
$
k
E
h'
#
,
,¥
v
" i
&
E
'
$
E
E
E
$
E ¤
%
h
C
"
k
$
(
z
$
'
%
#
hj
E
E
a
C
%
$
#
bD
%
a
"
c
a
h
C
C
#%
E
E
j
$
$
`
,
m
h B
"
"
#
c
&
E
'
a E
"
%&
h
Eb
(
$
k
E
a
"
E
h
,
f
y
j
b
C
E'
C
E
"
$
h
%h
'
`
n
g
'
"
%&
%
E
k
$
m
E l
C
4
d
"
$
"
d
E
h
c
"
(
$
$
E%
'
"
E m E "
'
&h
b
'"
E
"
'$
m
"
$
'
"
$
E' E k
k
E
%
E
"
E
'd
'
E
j
"
E
#%
'
C
"
b
"
C
#%
a
E
%
$
#
m
%
$
m
c
# $
! "
"
E
a
%
$
y
E
E
Cy
E
h
%
C
E
E
(
j
j
&
E
b
% $
'
b
%
$
%
h
E
$
E
,
f
4
¤
,
u
(
E
&h
C
#%
'$
C
"
b
%"
$
'd#
a
u
(
%
"
' $
j
"
#
"
$
#
%
"
Cy
'
"
m
$
#
s
$
$
C
c
"
$
"
"
z
$
#
"
d
E
N
N
J
ML
t ≡ ti (mod ni )
&
E
'
j
e
Eb
"
"
D
"
%
$
#
%dc
(
n1 · . . . · nk
C
#%
b
%
'$
E
'h
#
t1 , . . . , t k
te < n 1 · . . . · nk e
E
m
'
E
$
E
%
kC
√ e
s s 1 , . . . , sk
"
E
'
E
C
t =s t t