# Fermat-Kraitchik Factorization Method for factoring large numbers: training for RMO

Reference: Elementary Number Theory, David M. Burton, 6th Edition.

In a fragment of a letter in all probability to Father Marin Mersenne in 1643, Fermat described a technique of his for factoring large numbers. This represented the first real improvement over the classical method of attempting to find a factor of n by dividing by all primes not exceeding $\sqrt{n}$. Fermat’s factorization scheme has at its heart the observation that the search for factors of an odd integer n (because powers of 2 are easily recognizable and may be removed at the outset, there is no loss in assuming that n is odd) is equivalent to obtaining integral solutions of x and y of the equation $n = x^{2} - y^{2}$.

If n is the difference of two squares, then it is apparent that n can be factored as $n = x^{2}-y^{2} = (x+y)(x-y)$.

Conversely, when n has the factorization $n=ab$, with $a \geq b \geq 1$, then we may write $n = (\frac{a+b}{2})^{2}-(\frac{a-b}{2})^{2}$

Moreover, because n is taken to be an odd integer, a and b are themselves odd, hence, $\frac{a+b}{2}$ and $\frac{a-b}{2}$ will be nonnegative integers.

One begins the search for possible x and y satisfying the equation $n=x^{2}-y^{2}$ or what is the same thing, the equation $x^{2}-n=y^{2}$ by first determining the smallest integer k for which $k^{2} \geq n$. Now, look successively at the numbers $k^{2}-n$, $(k+1)^{2}-n$, $(k+2)^{2}-n$, $(k+3)^{2}-n$, $\ldots$ until a value of $m \geq n$ is found making $m^{2}-n$ a square. The process cannot go on indefinitely, because we eventually arrive at $(\frac{n+1}{2})^{2}-n=(\frac{n-1}{2})^{2}$ the representation of n corresponding to the trivial factorization $n=n.1$. If this point is reached without a square difference having been discovered earlier, then n has no other factors other than n and 1, in which case it is a prime.

Fermat used the procedure just described to factor $2027651281=44021.46061$ in only 11 steps, as compared with making 4580 divisions by the odd primes up to 44021. This was probably a favourable case designed on purpose to show the chief virtue of this method: it does not require one to know all the primes less than $\sqrt{n}$ to find factors of n.

$\bf{Example}$

To illustrate the application of Fermat’s method, let us factor the integer $n=119143$. From a table of squares, we find that $345^{2}<119143<346^{2}$; thus it suffices to consider values of $k^{2}-119143$ for those k that satisfy the inequality $346 \leq k < (119143+1)/2=59572$. The calculations begin as follows:

$346^{2}-119143=119716-119143=573$

$347^{2}-119143=120409-119143=1266$

$348^{2}-119143=121104-119143=1961$

$349^{2}-119143=121801-119143=2658$

$350^{2}-119143=122500-119143=3357$

$351^{2}-119143=123201-119143=4058$

$352^{2}-119143=123904-119143=4761=69^{2}$

This last line exhibits the factorization $119143=352^{2}-69^{2}=(352+69)(352-69)=421.283$, where both the factors are prime. In only seven steps, we have obtained the prime factorization of the number 119143. Of course, one does not always fare so luckily — it may take many steps before a difference turns out to be a square.

Fermat’s method is most effective when the two factors of n are of nearly the same magnitude, for in this case, a suitable square will appear quickly. To illustrate, let us suppose that $n=233449$ is to be factored. The smallest square exceeding n is $154^{2}$ so that the sequence $k^{2}-n$ starts with:

$154^{2}-23449=23716-23449=267$

$155^{2}-23449=24025-23449=576=24^{2}$. Hence, the factors of 23449 are $23449=(155+24)(155-24)=131$

When examining the differences $k^{2}-n$ as possible squares, many values can be immediately excluded by inspection of the final digits. We know, for instance, that a square must end in one of the six digits 0,1,4,5,6,9. This allows us to exclude all the values in the above example, save for 1266, 1961, 4761. By calculating the squares of the integers from 0 to 99 modulo 100, we see further that, for a square, the last two digits are limited to the following 22 possibilities:

00; 01, 04; 09; 16; 21; 24; 25; 29; 36; 41; 44; 49; 56; 61; 64; 69; 76; 81; 84; 89; 96.

The integer 1266 can be eliminated from consideration in this way. Because 61 is among the last two digits allowable in a square, it is only necessary to look at the numbers 1961 and 4761; the former is not a square, but $4761=69^{2}$.

There is a generalization of Fermat’s factorization method that has been used with some success. Here, we look for distinct integers x and y such that $x^{2}-y^{2}$ is a multiple of n rather than n itself, that is, $x^{2} \equiv y^{2} \pmod {n}$
.
Having obtained such integers $d=gcd(x-y,n)$ (or, $d=gcd(x+y,n)$) can be calculated by means of the Euclidean Algorithm. Clearly, d is a divisor of n, but is it a non-trivial divisor? In other words, do we have $1?

In practice, n is usually the product of two primes p and q, with $p so that d is equal to 1, p, q, or pq. Now, the congruence $x^{2} \equiv y^{2} \pmod{n}$ translates into $pq|(x-y)(x+y)$. Euclid's lemma tells us that p and q must divide one of the factors. If it happened that $p|x-y$ and $q|x-y$, or expressed as a congruence $x \equiv y \pmod{n}$. Also, $p|x+y$ and $q|x+y$ yield $x \equiv -y \pmod{n}$. By seeking integers x and y satisfying $x^{2} \equiv y^{2} \pmod{n}$, where $x \not\equiv \pm \pmod{n}$, these two situations are ruled out. The result of all this is that d is either p or q, giving us a non-trivial divisor of n.

$\bf{Example}$

Suppose we wish to factor the positive integer $n=2189$ and happen to notice that $579^{2} \equiv 18^{2} \pmod{2189}$. Then, we compute $gcd(579-18,2189)=gcd(561,2189)=11$ using the Euclidean Algorithm:

$2189=3.561+506$
$561=1.506+55$
$506=9.55+11$
$55=5.11$

This leads to the prime divisor 11 of 2189. The other factor, namely 199, can be obtained by observing that $gcd(579+18,2189)=gcd(597,2189)=199$

The reader might wonder how we ever arrived at a number, such as 579, whose square modulo 2189 also turns out to be a perfect square. In looking for squares close to multiples of 2189, it was observed that $81^{2} -3.2189 = -6$ and $155^{2}-11.2189=-54$ which translates into $81^{2} \equiv -2.3 \pmod{2189}$ and $155^{2} \equiv -2.3^{3} \pmod{2189}$.

When these congruences are multiplied, they produce $(81.155)^{2} \equiv (2.3^{2})^{2} \pmod{2189}$. Because the product $81.155 = 12555 \equiv -579 \pmod{2189}$, we ended up with the congruence $579^{2} \equiv 18^{2} \pmod{2189}$.

The basis of our approach is to find several $x_{i}$ having the property that each $x_{i}^{2}$ is, modulo n, the product of small prime powers, and such that their product’s square is congruent to a perfect square.

When n has more than two prime factors, our factorization algorithm may still be applied; however, there is no guarantee that a particular solution of the congruence $x^{2} \equiv y^{2} \pmod{n}$, with $x \not\equiv \pm \pmod{n}$ will result in a nontrivial divisor of n. Of course, the more solutions of this congruence that are available, the better the chance of finding the desired factors of n.

Our next example provides a considerably more efficient variant of this last factorization method. It was introduced by *Maurice Kraitchik* in the 1920’s and became the basis of such modern methods as the *quadratic sieve algorithm*.

$\bf{Example}$

Let $n=12499$ be the integer to be factored. The first square just larger than n is $112^{2} = 12544$. So. we begin by considering the sequence of numbers $x^{2}-n$ for $x=112, 113, \ldots$. As before, our interest is in obtaining a set of values $x_{1}, x_{2}, x_{3}, \ldots x_{k}$ for which the product $(x_{1}-n)(x_{2}-n)\ldots (x_{k}-n)$ is a square, say $y^{2}$. Then, $(x_{1}x_{2}\ldots x_{k})^{2} \equiv y^{2} \pmod{n}$, which might lead to a non-factor of n.

A short search reveals that $112^{2}-12499=45$; $117^{2}-12499=1190$; $121^{2}-12499=2142$; or, written as congruences, $112^{2} \equiv 3^{2}.5 \pmod{12499}$ ; $117^{2} \equiv 2.5.7.17 \pmod{12499}$; $121^{2} \equiv 2.3^{2}.7.17 \pmod{12499}$. Multiplying these together results in the congruence: $(112.117.121)^{2} \equiv (2.3^{2}.5.7.17)^{2} \pmod{12499}$, that is, $1585584^{2} \equiv 10710^{2}\pmod{12499}$. But, we are unlucky with this square combination. Because $1585584 \equiv 10710 \pmod{12499}$ only a trivial divisor of 12499 will be found. To be specific,

$gcd(1585584+10710,21499)=1$

$gcd(1585584-10710,12499)=12499$

After further calculation, we notice that

$113^{2} \equiv 2.5.3^{3} \pmod{12499}$

$127^{2} \equiv 2.3.5.11^{2} \pmod{12499}$

which gives rise to the congruence $(113.127)^{2} \equiv (2.3^{2}.5.11)^{2} \pmod{12499}$.

This reduce modulo 12499 to $1852^{2} \equiv 990^{2} \pmod{12499}$ and fortunately, $1852 \not\equiv \pm {990}\pm\pmod{12499}$. Calculating

$gcd(1852-990,12499)=gcd(862,12499)=431$ produces the factorization $12499 =29.431$

Problem to Practise:

Use Kraitchik’s method to factor the number 20437.

Cheers,
Nalin Pithwa

# Is there a “Fermat” in you? ? :-)

Fermat’s problem:

Pierre de Fermat (1601-65), the great French mathematical genius, is described as the “Prince of Amateurs” as he was not a professional mathematician and never published any work during his lifetime. As a civil servant, he served in the judiciary and spent his leisure with mathematics as his hobby. He corresponded with the best of mathematicians of his time. He teased the contemporary English mathematicians, Wallis and Digby, with the following problem, who had to admit defeat.

Problem:

26 is a number that is sandwiched between a perfect square (25) and a perfect cube (27). Prove that there is no other such number.

Please do try and let me know your solutions. Even partial solutions are welcome.

Cheers,

Nalin Pithwa.

# A note on Diophantine problems

In solving Diophantine problems, one must guard against falling into certain formal traps. The identity{}

$(a+b)^{2}=a^{2}+2ab+b^{2}$

might lead one to think that, because all numbers of the form $a^{2}+2ab+b^{}{2}$ are squares, any number of say, the form $a^{2}+3ab+b^{2}$ could never be a perfect square because it is not an algebraic square. But, numbers are more versatile than that. Try $a=7, b=3$ in the expression $a^{2}+3ab+b^{2}$.

It was once proposed as a theorem that “the product of four consecutive terms of an AP of integers plus the fourth power of the common difference is always a perfect square but never a perfect fourth power.” If a is the first term of the four and b the common difference, we have $a(a+b)(a+2b)(a+3b)+b^{4}$ which works out to be the same thing as $(a^{2}+3ab+b^{2})^{2}$.

The truth of the first assertion of the theorem is now evident, but we have already given a counter example showing the second assertion to be incorrect.

Ref: Excursions in Number Theory, C. Stanley Ogilvy and John T. Anderson,

http://www.amazon.in/Excursions-Number-Theory-Dover-Mathematics/dp/0486257789/ref=sr_1_4?s=books&ie=UTF8&qid=1491402900&sr=1-4&keywords=excursion+in+mathematics

Nalin Pithwa.

# A Congruence Problem for RMO basics

Problem:

Find the solution of the congruence $x^{24}+7x \equiv 2 \pmod {13}$.

Solution:

It is clear that $x \equiv 0 \pmod {13}$ is not a solution. So, let $1 \leq x \leq 12$. Then, from Fermat’s Little Theorem, we have that $x^{12} \equiv 1 \pmod{13}$ and this is why $x^{24}= 1 \pmod{13}$. The congruence to be solved can therefore be reduced to $7x \equiv 1 \pmod{13}$which leads to solution $x \equiv 2 \pmod{13}$.

Nalin Pithwa

# A geometry and algebra problem — RMO training

Several Olympiad problems deal with functions defined on certain sets of points. These problems are interesting in that they combine both geometrical and algebraic ideas.

Problem.

Let $n>2$ be an integer and $f:P \rightarrow \Re$ a function defined on the set of points in the plane, with the property that for any regular n-gon $A_{1}A_{2} \ldots A_{n}$

$f(A_{1})+f(A_{2})+ \ldots + f(A_{n})=0$.

Prove that f is the zero function.

Proof:

Core Concept:

In Euclidean geometry, the only motions permissible are rigid motions — translations, rotations, and reflections.

Solution:

Let A be an arbitrary point. Consider a regular n-gon $AA_{1}A_{2}\ldots A_{n-1}$. Let k be an integer, $0 \leq k \leq n-1$. A rotation with center A of angle $\frac{2\pi k }{n}$ sends the polygon $AA_{1}A_{2}\ldots A_{n-1}$ to $A_{k0}A_{k1} \ldots A_{k,n-1}$, where $A_{k0}=A$ and $A_{ki}$ is the image of $A_{i}$ for all $I=1, 2, \ldots, n-1$

From the condition of the statement, we have

$\sum_{k=0}^{n-1} \sum_{i=0}^{n-1}f(A_{ki})=0$.

Observe that in the sum the number $f(A)$ appears n times, therefore,

$nf(A)+ \sum_{k=0}^{n-1} \sum_{i=1}^{n-1}f(A_{kl})=0$

On the other hand, we have

$\sum_{k=0}^{n-1} \sum_{i=1}^{n-1}f(A_{ki})=\sum_{i=1}^{n-1} \sum_{k=0}^{n-1}f(A_{ki})=0$

since the polygons $A_{0i}A_{1i} \ldots A_{n-1,i}$ are all regular n-gons. From the two equalities above we deduce $f(A)=0$, hence, f is the zero function.

More later,

Nalin Pithwa

# Brain teasers based on Bezout’s identity — RMO training

Problem 1.

In a special football game, a team scores 7 points for a touch-down and 3 points for a field goal. Determine the largest mathematically unreachable number of points scored by a team in an (infinitely) long game.

Problem 2.

There is an ample of supply of milk in a milk tank. Mr. Fat is given a 5 litre (unmarked) container and a 9-litre (unmarked) container. How can he measure out 2 litres of milk?

The above two are classic brain teasers based on Bezout’s identity.

More later,

Nalin Pithwa