Project:
 ```1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 ``` ```; modern elliptic curve factorization, part 2 (define (ilog b n) (if (zero? n) -1 (+ (ilog b (quotient n b)) 1))) (define prime-bits #f) (define (load-primes n file-name) (with-input-from-file file-name (lambda () (let ((k-max (+ (quotient n 30) (if (zero? (modulo n 30)) 0 1)))) (set! prime-bits (make-vector k-max)) (do ((k 0 (+ k 1))) ((= k k-max)) (vector-set! prime-bits k (char->integer (read-char)))))))) (define max-prime 1000000181) (load-primes 1000000200 "prime.bits") (define (next-prime n) (define (next-bit n) (let ((index (quotient n 30)) (offset (modulo n 30))) (case offset ((0) (values index 1)) ((1 2 3 4 5 6) (values index 2)) ((7 8 9 10) (values index 4)) ((11 12) (values index 8)) ((13 14 15 16) (values index 16)) ((17 18) (values index 32)) ((19 20 21 22) (values index 64)) ((23 24 25 26 27 28) (values index 128)) ((29) (values (+ index 1) 1))))) (define (bit-value offset) (case offset ((1) 1) ((2) 7) ((4) 11) ((8) 13) ((16) 17) ((32) 19) ((64) 23) ((128) 29))) (define (last-pair xs) (if (null? (cdr xs)) xs (last-pair (cdr xs)))) (define (cycle . xs) (set-cdr! (last-pair xs) xs) xs) (define (get-wheel n) (let ((base (* (quotient n 30) 30)) (offset (modulo n 30))) (case offset ((0) (values (+ base 1) (cycle 6 4 2 4 2 4 6 2))) ((1 2 3 4 5 6) (values (+ base 7) (cycle 4 2 4 2 4 6 2 6))) ((7 8 9 10) (values (+ base 11) (cycle 2 4 2 4 6 2 6 4))) ((11 12) (values (+ base 13) (cycle 4 2 4 6 2 6 4 2))) ((13 14 15 16) (values (+ base 17) (cycle 2 4 6 2 6 4 2 4))) ((17 18) (values (+ base 19) (cycle 4 6 2 6 4 2 4 2))) ((19 20 21 22) (values (+ base 23) (cycle 6 2 6 4 2 4 2 4))) ((23 24 25 26 27 28) (values (+ base 29) (cycle 2 6 4 2 4 2 4 6))) ((29) (values (+ base 31) (cycle 6 4 2 4 2 4 6 2)))))) (cond ((< n 2) 2) ((< n 3) 3) ((< n 5) 5) ((< n max-prime) (let-values (((index offset) (next-bit n))) (let loop ((index index) (offset offset)) (cond ((= offset 256) (loop (+ index 1) 1)) ((zero? (logand (vector-ref prime-bits index) offset)) (loop index (* offset 2))) (else (+ (* index 30) (bit-value offset))))))) (else (let-values (((k wheel) (get-wheel n))) (let loop ((k k) (wheel wheel)) (if (prime? k) k (loop (+ k (car wheel)) (cdr wheel)))))))) (define (prime? n) (define (expm b e m) (define (m* x y) (modulo (* x y) m)) (cond ((zero? e) 1) ((even? e) (expm (m* b b) (/ e 2) m)) (else (m* b (expm (m* b b) (/ (- e 1) 2) m))))) (define (digits n . args) (let ((b (if (null? args) 10 (car args)))) (let loop ((n n) (d '())) (if (zero? n) d (loop (quotient n b) (cons (modulo n b) d)))))) (define (isqrt n) (let loop ((x n) (y (quotient (+ n 1) 2))) (if (<= 0 (- y x) 1) x (loop y (quotient (+ y (quotient n y)) 2))))) (define (square? n) (let ((n2 (isqrt n))) (= n (* n2 n2)))) (define (jacobi a n) (if (not (and (integer? a) (integer? n) (positive? n) (odd? n))) (error 'jacobi "modulus must be positive odd integer") (let jacobi ((a a) (n n)) (cond ((= a 0) 0) ((= a 1) 1) ((= a 2) (case (modulo n 8) ((1 7) 1) ((3 5) -1))) ((even? a) (* (jacobi 2 n) (jacobi (quotient a 2) n))) ((< n a) (jacobi (modulo a n) n)) ((and (= (modulo a 4) 3) (= (modulo n 4) 3)) (- (jacobi n a))) (else (jacobi n a)))))) (define legendre jacobi) (define (inverse x n) (let loop ((x (modulo x n)) (a 1)) (cond ((zero? x) (error 'inverse "division by zero")) ((= x 1) a) (else (let ((q (- (quotient n x)))) (loop (+ n (* q x)) (modulo (* q a) n))))))) (define (miller? n a) (let loop ((r 0) (s (- n 1))) (if (even? s) (loop (+ r 1) (/ s 2)) (if (= (expm a s n) 1) #t (let loop ((r r) (s s)) (cond ((zero? r) #f) ((= (expm a s n) (- n 1)) #t) (else (loop (- r 1) (* s 2))))))))) (define (chain m f g x0 x1) (let loop ((ms (digits m 2)) (u x0) (v x1)) (cond ((null? ms) (values u v)) ((zero? (car ms)) (loop (cdr ms) (f u) (g u v))) (else (loop (cdr ms) (g u v) (f v)))))) (define (lucas? n) (let loop ((a 11) (b 7)) (let ((d (- (* a a) (* 4 b)))) (cond ((square? d) (loop (+ a 2) (+ b 1))) ((not (= (gcd n (* 2 a b d)) 1)) (loop (+ a 2) (+ b 2))) (else (let* ((x1 (modulo (- (* a a (inverse b n)) 2) n)) (m (quotient (- n (legendre d n)) 2)) (f (lambda (u) (modulo (- (* u u) 2) n))) (g (lambda (u v) (modulo (- (* u v) x1) n)))) (let-values (((xm xm1) (chain m f g 2 x1))) (zero? (modulo (- (* x1 xm) (* 2 xm1)) n))))))))) (cond ((or (not (integer? n)) (< n 2)) (error 'prime? "must be integer greater than one")) ((even? n) (= n 2)) ((zero? (modulo n 3)) (= n 3)) (else (and (miller? n 2) (miller? n 3) (lucas? n))))) (define (add P1 P2 P1-P2 N) (define (square x) (* x x)) (let* ((x0 (car P1-P2)) (x1 (car P1)) (x2 (car P2)) (z0 (cdr P1-P2)) (z1 (cdr P1)) (z2 (cdr P2)) (t1 (modulo (* (+ x1 z1) (- x2 z2)) n)) (t2 (modulo (* (- x1 z1) (+ x2 z2)) n))) (cons (modulo (* (square (+ t2 t1)) z0) n) (modulo (* (square (- t2 t1)) x0) n)))) (define (double P An Ad N) (define (square x) (* x x)) (let* ((x (car P)) (z (cdr P)) (x+z2 (modulo (square (+ x z)) N)) (x-z2 (modulo (square (- x z)) N)) (t (- x+z2 x-z2))) (cons (modulo (* x+z2 x-z2 4 Ad) N) (modulo (* (+ (* t An) (* x-z2 Ad 4)) t) N)))) (define (multiply K P An Ad N) (cond ((zero? K) (cons 0 0)) ((= K 1) P) ((= K 2) (double P An Ad N)) (else (let loop ((ks (cdr (digits K 2))) (Q (double P An Ad N)) (R P)) (cond ((null? ks) R) ((odd? (car ks)) (loop (cdr ks) (double Q An Ad N) (add Q R P N))) (else (loop (cdr ks) (add R Q P N) (double R An Ad N)))))))) (define (curve12 N S) (let* ((u (modulo (- (* S S) 5) N)) (v (modulo (* 4 S) N)) (v-u (- v u))) (values (modulo (* (* v-u v-u v-u) (+ u u u v)) N) (modulo (* 4 u u u v) N) (cons (modulo (* u u u) N) (modulo (* v v v) N))))) (define (ec-factor N B1 B2 S) (let-values (((An Ad Q) (curve12 N S))) (let stage1 ((p 2) (Q Q)) (if (< p B1) (stage1 (next-prime p) (multiply (expt p (ilog p B1)) Q An Ad N)) (let ((g (gcd (cdr Q) n))) (if (< 1 g n) g (let ((QQ (double Q An Ad N)) (R (multiply (- B1 1) q An Ad n)) (T (multiply (+ B1 1) q An Ad n))) (let stage2 ((p (next-prime B1)) (g g) (k (+ B1 1)) (R R) (T T)) (cond ((< B2 p) (let ((g (gcd g n))) (if (< 1 g n) g #f))) ((= k p) (stage2 (next-prime p) (modulo (* g (cdr T)) N) (+ k 2) t (add T QQ R N))) (else (stage2 p g (+ k 2) t (add T QQ R N)))))))))))) (display (ec-factor 487903353968830182288869739868160321618914954114957033410672934232359 50000 2000000 78783487582843128075889303898453910566586006279603880659175659032048)) ```
 ```1 ``` ```with-input-from-file: cannot open input file: "/prime.bits" (No such file or directory; errno=2) ```