Given a positive integer n, and that it is composite, find a divisor of it.
Example:
Input: n = 12;
Output: 2 [OR 3 OR 4]
Input: n = 187;
Output: 11 [OR 17]
Brute approach: Test all integers less than n until a divisor is found.
Improvisation: Test all integers less than ?n
A large enough number will still mean a great deal of work. Pollard’s Rho is a prime factorization algorithm, particularly fast for a large composite number with small prime factors. The Rho algorithm’s most remarkable success was the factorization of eighth Fermat number: 1238926361552897 * 93461639715357977769163558199606896584051237541638188580280321.
The Rho algorithm was a good choice because the first prime factor is much smaller than the other one.
Concepts used in Pollard’s Rho Algorithm:
- Two numbers x and y are said to be congruent modulo n (x = y modulo n) if
- their absolute difference is an integer multiple of n, OR,
- each of them leaves the same remainder when divided by n.
- The Greatest Common Divisor is the largest number which divides evenly into each of the original numbers.
- Birthday Paradox: The probability of two persons having same birthday is unexpectedly high even for small set of people.
- Floyd’s cycle-finding algorithm: If tortoise and hare start at same point and move in a cycle such that speed of hare is twice the speed of tortoise, then they must meet at some point.
Algorithm:
- Start with random x and c. Take y equal to x and f(x) = x2 + c.
- While a divisor isn’t obtained
- Update x to f(x) (modulo n) [Tortoise Move]
- Update y to f(f(y)) (modulo n) [Hare Move]
- Calculate GCD of |x-y| and n
- If GCD is not unity
- If GCD is n, repeat from step 2 with another set of x, y and c
- Else GCD is our answer
Illustration:
Let us suppose n = 187 and consider different cases for different random values.
1. An Example of random values such that algorithm finds result:
y = x = 2 and c = 1, Hence, our f(x) = x2 + 1.
2. An Example of random values such that algorithm finds result faster:
y = x = 110 and ‘c’ = 183. Hence, our f(x) = x2 + 183.
3. An Example of random values such that algorithm doesn’t find result:
x = y = 147 and c = 67. Hence, our f(x) = x2 + 67.
Below is implementation of above algorithm:
C++
#include<bits/stdc++.h>
using namespace std;
long long int modular_pow(long long int base, int exponent,
long long int modulus)
{
long long int result = 1;
while (exponent > 0)
{
if (exponent & 1)
result = (result * base) % modulus;
exponent = exponent >> 1;
base = (base * base) % modulus;
}
return result;
}
long long int PollardRho(long long int n)
{
srand (time(NULL));
if (n==1) return n;
if (n % 2 == 0) return 2;
long long int x = (rand()%(n-2))+2;
long long int y = x;
long long int c = (rand()%(n-1))+1;
long long int d = 1;
while (d==1)
{
x = (modular_pow(x, 2, n) + c + n)%n;
y = (modular_pow(y, 2, n) + c + n)%n;
y = (modular_pow(y, 2, n) + c + n)%n;
d = __gcd(abs(x-y), n);
if (d==n) return PollardRho(n);
}
return d;
}
int main()
{
long long int n = 10967535067;
printf("One of the divisors for %lld is %lld.",
n, PollardRho(n));
return 0;
}
|
Java
import java.util.*;
class GFG{
static long modular_pow(long base, int exponent,
long modulus)
{
long result = 1;
while (exponent > 0)
{
if (exponent % 2 == 1)
result = (result * base) % modulus;
exponent = exponent >> 1;
base = (base * base) % modulus;
}
return result;
}
static long PollardRho(long n)
{
Random rand = new Random();
if (n == 1) return n;
if (n % 2 == 0) return 2;
long x = (long)(rand.nextLong() % (n - 2)) + 2;
long y = x;
long c = (long)(rand.nextLong()) % (n - 1) + 1;
long d = 1L;
while (d == 1)
{
x = (modular_pow(x, 2, n) + c + n) % n;
y = (modular_pow(y, 2, n) + c + n) % n;
y = (modular_pow(y, 2, n) + c + n) % n;
d = __gcd(Math.abs(x - y), n);
if (d == n) return PollardRho(n);
}
return d;
}
static long __gcd(long a, long b)
{
return b == 0? a:__gcd(b, a % b);
}
public static void main(String[] args)
{
long n = 10967535067L;
System.out.printf("One of the divisors for " + n + " is " +
PollardRho(n));
}
}
|
Python3
import random
import math
def modular_pow(base, exponent,modulus):
result = 1
while (exponent > 0):
if (exponent & 1):
result = (result * base) % modulus
exponent = exponent >> 1
base = (base * base) % modulus
return result
def PollardRho( n):
if (n == 1):
return n
if (n % 2 == 0):
return 2
x = (random.randint(0, 2) % (n - 2))
y = x
c = (random.randint(0, 1) % (n - 1))
d = 1
while (d == 1):
x = (modular_pow(x, 2, n) + c + n)%n
y = (modular_pow(y, 2, n) + c + n)%n
y = (modular_pow(y, 2, n) + c + n)%n
d = math.gcd(abs(x - y), n)
if (d == n):
return PollardRho(n)
return d
if __name__ == "__main__":
n = 10967535067
print("One of the divisors for", n , "is ",PollardRho(n))
|
C#
using System;
class GFG
{
static long modular_pow(long _base, int exponent,
long modulus)
{
long result = 1;
while (exponent > 0)
{
if (exponent % 2 == 1)
result = (result * _base) % modulus;
exponent = exponent >> 1;
_base = (_base * _base) % modulus;
}
return result;
}
static long PollardRho(long n)
{
Random rand = new Random();
if (n == 1) return n;
if (n % 2 == 0) return 2;
long x = (long)(rand.Next(0, -(int)n + 1));
long y = x;
long c = (long)(rand.Next(1, -(int)n));
long d = 1L;
while (d == 1)
{
x = (modular_pow(x, 2, n) + c + n) % n;
y = (modular_pow(y, 2, n) + c + n) % n;
y = (modular_pow(y, 2, n) + c + n) % n;
d = __gcd(Math.Abs(x - y), n);
if (d == n) return PollardRho(n);
}
return d;
}
static long __gcd(long a, long b)
{
return b == 0 ? a:__gcd(b, a % b);
}
public static void Main(String[] args)
{
long n = 10967535067L;
Console.Write("One of the divisors for " + n + " is " +
PollardRho(n));
}
}
|
Javascript
<script>
function modular_pow(base,exponent,modulus)
{
let result = 1;
while (exponent > 0)
{
if (exponent % 2 == 1)
result = (result * base) % modulus;
exponent = exponent >> 1;
base = (base * base) % modulus;
}
return result;
}
function PollardRho(n)
{
if (n == 1)
return n;
if (n % 2 == 0)
return 2;
let x=(Math.floor(Math.random() * (-n + 1) ));
let y = x;
let c= (Math.floor(Math.random() * (-n + 1)));
let d=1;
while (d == 1)
{
x = (modular_pow(x, 2, n) + c + n) % n;
y = (modular_pow(y, 2, n) + c + n) % n;
y = (modular_pow(y, 2, n) + c + n) % n;
d = __gcd(Math.abs(x - y), n);
if (d == n) return PollardRho(n);
}
return d;
}
function __gcd(a,b)
{
return b == 0? a:__gcd(b, a % b);
}
let n = 10967535067;
document.write("One of the divisors for " + n + " is " +
PollardRho(n));
</script>
|
Output:
One of the divisors for 10967535067 is 104729
Time Complexity : O(sqrt(n)*logn)
Auxiliary Space: O(1)
How does this work?
Let n be a composite (non-prime). Since n is composite, it has a non trivial factor f < n. In fact, there is at least one f <= ?n .
Now suppose we have to pick two numbers x and y from the range [0, n-1]. The only time we get x = y modulo n is when x and y are identical. However, since f < ?n, there is a good chance x = y modulo f even when x and y are not identical (Birthday Paradox).
We begin by randomly selecting x with replacement from the set {0, 1, …, n-1} to form a sequence s1, s2, s3 … Defining śi = si mod f, our sequence now has each śi belonging to {0, 1, …, f-1}. Because both the sets are finite, eventually there will be a repeated integer in both. We expect to achieve the repeat earlier in śi, since f < n.
Now, say śi = śj for i ? j, then, si = sj modulo d. And hence, |si – sj| will be a multiple of f. As per assumed above, n is also a multiple of f. Together this means that GCD of |si – sj| and n will be positive integral multiple of f, and also our candidate divisor d! The catch here is that we just knew there had to be some divisor of n, and we didn’t even care of its value. Once we hit si and sj (our final x and y) then each element in the sequence starting with si will be congruent modulo f to the corresponding element in the sequence starting with sj, and hence, a cycle. If we graph the sequence si, we will observe the shape of Greek letter Rho (?).
At the heart of Rho algorithm is picking up random values and evaluating GCDs. To decrease the costly GCD calculations, we can implement the Pollard’s Rho with Floyd’s cycle detection (which can be understood with the tortoise-hare analogy where the tortoise moves through each element one at a time in order, and the hare starts at the same point but moves twice as fast as the tortoise). We shall have some polynomial f(x) for the same, start with random x0, y0 = x0, and compute xi+1 = f(xi) and yi+1 = f(f(yi)). Since we don’t know much about d, a typical choice for the polynomial is f(x) = x2 + c (modulo n) (Yes, ‘c’ is also be chosen randomly).
Note:
- Algorithm will run indefinitely for prime numbers.
- The algorithm may not find the factors and return a failure for composite n. In that case, we use a different set of x, y and c and try again.
- The above algorithm only finds a divisor. To find a prime factor, we may recursively factorize the divisor d, run algorithm for d and n/d. The cycle length is typically of the order ?d.
Time Complexity analysis:
The algorithm offers a trade-off between its running time and the probability that it finds a factor. A prime divisor can be achieved with a probability around 0.5, in O(?d) <= O(n1/4) iterations. This is a heuristic claim, and rigorous analysis of the algorithm remains open.
Please write comments if you find anything incorrect, or you want to share more information about the topic discussed above
Feeling lost in the world of random DSA topics, wasting time without progress? It's time for a change! Join our DSA course, where we'll guide you on an exciting journey to master DSA efficiently and on schedule.
Ready to dive in? Explore our Free Demo Content and join our DSA course, trusted by over 100,000 geeks!
Last Updated :
21 Jun, 2023
Like Article
Save Article