[ create a new paste ] login | about

Project: programmingpraxis
Link: http://programmingpraxis.codepad.org/dN59DMk0    [ raw code | output | fork ]

programmingpraxis - Scheme, pasted on Apr 21:
; modern elliptic curve factorization, part 2

(define (ilog b n)
  (if (zero? n) -1
    (+ (ilog b (quotient n b)) 1)))

(define prime-bits #f)

(define (load-primes n file-name)
  (with-input-from-file file-name
    (lambda ()
      (let ((k-max (+ (quotient n 30) (if (zero? (modulo n 30)) 0 1))))
        (set! prime-bits (make-vector k-max))
        (do ((k 0 (+ k 1))) ((= k k-max))
          (vector-set! prime-bits k (char->integer (read-char))))))))

(define max-prime 1000000181)
(load-primes 1000000200 "prime.bits")

(define (next-prime n)
  (define (next-bit n)
    (let ((index (quotient n 30))
          (offset (modulo n 30)))
      (case offset
        ((0)                 (values index 1))
        ((1 2 3 4 5 6)       (values index 2))
        ((7 8 9 10)          (values index 4))
        ((11 12)             (values index 8))
        ((13 14 15 16)       (values index 16))
        ((17 18)             (values index 32))
        ((19 20 21 22)       (values index 64))
        ((23 24 25 26 27 28) (values index 128))
        ((29)                (values (+ index 1) 1)))))
  (define (bit-value offset)
    (case offset
      ((1) 1) ((2)   7) ((4)  11) ((8)   13)
      ((16) 17) ((32) 19) ((64) 23) ((128) 29)))
  (define (last-pair xs)
    (if (null? (cdr xs)) xs
      (last-pair (cdr xs))))
  (define (cycle . xs)
    (set-cdr! (last-pair xs) xs) xs)
  (define (get-wheel n)
    (let ((base (* (quotient n 30) 30))
          (offset (modulo n 30)))
      (case offset
        ((0)                 (values (+ base  1) (cycle 6 4 2 4 2 4 6 2)))
        ((1 2 3 4 5 6)       (values (+ base  7) (cycle 4 2 4 2 4 6 2 6)))
        ((7 8 9 10)          (values (+ base 11) (cycle 2 4 2 4 6 2 6 4)))
        ((11 12)             (values (+ base 13) (cycle 4 2 4 6 2 6 4 2)))
        ((13 14 15 16)       (values (+ base 17) (cycle 2 4 6 2 6 4 2 4)))
        ((17 18)             (values (+ base 19) (cycle 4 6 2 6 4 2 4 2)))
        ((19 20 21 22)       (values (+ base 23) (cycle 6 2 6 4 2 4 2 4)))
        ((23 24 25 26 27 28) (values (+ base 29) (cycle 2 6 4 2 4 2 4 6)))
        ((29)                (values (+ base 31) (cycle 6 4 2 4 2 4 6 2))))))
  (cond ((< n 2) 2) ((< n 3) 3) ((< n 5) 5)
        ((< n max-prime)
          (let-values (((index offset) (next-bit n)))
            (let loop ((index index) (offset offset))
              (cond ((= offset 256) (loop (+ index 1) 1))
                    ((zero? (logand (vector-ref prime-bits index) offset))
                      (loop index (* offset 2)))
                    (else (+ (* index 30) (bit-value offset)))))))
        (else (let-values (((k wheel) (get-wheel n)))
                (let loop ((k k) (wheel wheel))
                  (if (prime? k) k (loop (+ k (car wheel)) (cdr wheel))))))))

(define (prime? n)
  (define (expm b e m)
    (define (m* x y) (modulo (* x y) m))
    (cond ((zero? e) 1)
          ((even? e) (expm (m* b b) (/ e 2) m))
          (else (m* b (expm (m* b b) (/ (- e 1) 2) m)))))
  (define (digits n . args)
    (let ((b (if (null? args) 10 (car args))))
      (let loop ((n n) (d '()))
        (if (zero? n) d
            (loop (quotient n b)
                  (cons (modulo n b) d))))))
  (define (isqrt n)
    (let loop ((x n) (y (quotient (+ n 1) 2)))
      (if (<= 0 (- y x) 1) x
        (loop y (quotient (+ y (quotient n y)) 2)))))
  (define (square? n)
    (let ((n2 (isqrt n)))
      (= n (* n2 n2))))
  (define (jacobi a n)
    (if (not (and (integer? a) (integer? n) (positive? n) (odd? n)))
        (error 'jacobi "modulus must be positive odd integer")
        (let jacobi ((a a) (n n))
          (cond ((= a 0) 0)
                ((= a 1) 1)
                ((= a 2) (case (modulo n 8) ((1 7) 1) ((3 5) -1)))
                ((even? a) (* (jacobi 2 n) (jacobi (quotient a 2) n)))
                ((< n a) (jacobi (modulo a n) n))
                ((and (= (modulo a 4) 3) (= (modulo n 4) 3)) (- (jacobi n a)))
                (else (jacobi n a))))))
  (define legendre jacobi)
  (define (inverse x n)
    (let loop ((x (modulo x n)) (a 1))
      (cond ((zero? x) (error 'inverse "division by zero"))
            ((= x 1) a)
            (else (let ((q (- (quotient n x))))
                    (loop (+ n (* q x)) (modulo (* q a) n)))))))
  (define (miller? n a)
    (let loop ((r 0) (s (- n 1)))
      (if (even? s) (loop (+ r 1) (/ s 2))
        (if (= (expm a s n) 1) #t
          (let loop ((r r) (s s))
            (cond ((zero? r) #f)
                  ((= (expm a s n) (- n 1)) #t)
                  (else (loop (- r 1) (* s 2)))))))))
  (define (chain m f g x0 x1)
    (let loop ((ms (digits m 2)) (u x0) (v x1))
      (cond ((null? ms) (values u v))
            ((zero? (car ms)) (loop (cdr ms) (f u) (g u v)))
            (else (loop (cdr ms) (g u v) (f v))))))
  (define (lucas? n)
    (let loop ((a 11) (b 7))
      (let ((d (- (* a a) (* 4 b))))
        (cond ((square? d) (loop (+ a 2) (+ b 1)))
              ((not (= (gcd n (* 2 a b d)) 1))
                (loop (+ a 2) (+ b 2)))
              (else (let* ((x1 (modulo (- (* a a (inverse b n)) 2) n))
                           (m (quotient (- n (legendre d n)) 2))
                           (f (lambda (u) (modulo (- (* u u) 2) n)))
                           (g (lambda (u v) (modulo (- (* u v) x1) n))))
                      (let-values (((xm xm1) (chain m f g 2 x1)))
                        (zero? (modulo (- (* x1 xm) (* 2 xm1)) n)))))))))
  (cond ((or (not (integer? n)) (< n 2))
          (error 'prime? "must be integer greater than one"))
        ((even? n) (= n 2)) ((zero? (modulo n 3)) (= n 3))
        (else (and (miller? n 2) (miller? n 3) (lucas? n)))))

(define (add P1 P2 P1-P2 N)
  (define (square x) (* x x))
  (let* ((x0 (car P1-P2)) (x1 (car P1)) (x2 (car P2))
         (z0 (cdr P1-P2)) (z1 (cdr P1)) (z2 (cdr P2))
         (t1 (modulo (* (+ x1 z1) (- x2 z2)) n))
         (t2 (modulo (* (- x1 z1) (+ x2 z2)) n)))
    (cons (modulo (* (square (+ t2 t1)) z0) n)
          (modulo (* (square (- t2 t1)) x0) n))))

(define (double P An Ad N)
  (define (square x) (* x x))
  (let* ((x (car P)) (z (cdr P))
         (x+z2 (modulo (square (+ x z)) N))
         (x-z2 (modulo (square (- x z)) N))
         (t (- x+z2 x-z2)))
    (cons (modulo (* x+z2 x-z2 4 Ad) N)
          (modulo (* (+ (* t An) (* x-z2 Ad 4)) t) N))))

(define (multiply K P An Ad N)
  (cond ((zero? K) (cons 0 0)) ((= K 1) P) ((= K 2) (double P An Ad N))
    (else (let loop ((ks (cdr (digits K 2))) (Q (double P An Ad N)) (R P))
            (cond ((null? ks) R)
                  ((odd? (car ks))
                    (loop (cdr ks) (double Q An Ad N) (add Q R P N)))
                  (else (loop (cdr ks) (add R Q P N) (double R An Ad N))))))))

(define (curve12 N S)
  (let* ((u (modulo (- (* S S) 5) N))
         (v (modulo (* 4 S) N)) (v-u (- v u)))
    (values (modulo (* (* v-u v-u v-u) (+ u u u v)) N)
            (modulo (* 4 u u u v) N)
            (cons (modulo (* u u u) N)
                  (modulo (* v v v) N)))))

(define (ec-factor N B1 B2 S)
  (let-values (((An Ad Q) (curve12 N S)))
    (let stage1 ((p 2) (Q Q))
      (if (< p B1)
          (stage1 (next-prime p) (multiply (expt p (ilog p B1)) Q An Ad N))
          (let ((g (gcd (cdr Q) n))) (if (< 1 g n) g
            (let ((QQ (double Q An Ad N))
                  (R (multiply (- B1 1) q An Ad n))
                  (T (multiply (+ B1 1) q An Ad n)))
              (let stage2 ((p (next-prime B1)) (g g) (k (+ B1 1)) (R R) (T T))
                (cond ((< B2 p) (let ((g (gcd g n))) (if (< 1 g n) g #f)))
                      ((= k p) (stage2 (next-prime p) (modulo (* g (cdr T)) N)
                                       (+ k 2) t (add T QQ R N)))
                      (else (stage2 p g (+ k 2) t (add T QQ R N))))))))))))

(display
  (ec-factor 487903353968830182288869739868160321618914954114957033410672934232359
    50000 2000000 78783487582843128075889303898453910566586006279603880659175659032048))


Output:
1
with-input-from-file: cannot open input file: "/prime.bits" (No such file or directory; errno=2)


Create a new paste based on this one


Comments: