1

Given a number and a modulus with its factors I want to compute its 4 square roots.

So if the number is 177 and the modulus is 893 with factors 47 and 19.
With the help of the extended euclidean algorithm i can find $W_{19}=-94$ and $W_{47}=95$.

Because 47 and 19 are both one less than a multiple of four, I can use the following lemma: $x_1=a^{\frac{p+1}{4}}$ and $x_2=a^{\frac{p+1}{4}}$ where $x_1$ and $x_2$ are the square roots.
For 19 $a=177\equiv 6 \bmod 19$, so one of the roots will be $6^5=5 mod 19$.
And for 47 $a=177\equiv 36 \bmod 47$ and $36^{12}= 6 \bmod 47$.

So for example one of the roots is $w_{19}*5+w_{47}*6=100$ using the CRT.

Now my question is how to compute the square roots if the factors (say $p$ and $q$) are not $\equiv 3 \bmod 4$ eg $113$ and $157$ (edit: not $149$ my bad). Am I still able to use this algorithm with a little tweak or will I need a different approach?

Thank you in advance for your response.

bartos92
  • 33
  • 4

1 Answers1

1

You can't use a similar way of finding the square root, because for a prime modulus of the form $p\equiv 1 \bmod 4$, if you have $b\equiv a^2$ (and $b\not\equiv \{0,1\}$), then you have no guarantee that there is any $k$ giving $b^k \equiv a$. If you are lucky and $b^s\equiv 1 \bmod p$ where $s$ is the largest odd factor of $p{-}1$, you will find a root at $b^{\large\frac{s+1}{2}}$.

So with a modulus of $16837=113\cdot 149$, you will get a root of $177 \equiv 28 \bmod 149$ from $28^{19}$ but not from $177 \equiv 64 \bmod 113$ and examining $64^4$ (although a root is obvious there by inspection).

For the example given in the comment here, finding roots of $6504 \bmod 17741$, we have $17741 = 113\cdot 157$ with $6504 \equiv 63 \bmod 113$ and $6504 \equiv 67 \bmod 157$.

The largest odd factor of $113{-}1$ is $7$, and $63^7\not\equiv 1$. So the easiest way then to find a root of $63$, excluding "lucky" observations like $63+2\cdot 113 = 289$, is probably to find a primitive root mod $113$ like $3$ and then just calculate to find $3^k\equiv 63$ (which is $k=10$) and then get $3^{k/2} \equiv 17$ as a root from that.

By constrast the largest odd factor of $157{-}1$ is $39$, and $67^{39}\equiv 1 \bmod 157$ so we can get a root by $67^{20}\equiv 99 \bmod 157$

Joffan
  • 39,627
  • First of thanks for your answer. So for 113, biggest odd factor of 112 is 7. And $63^7 !=1 mod 113$. So what should I do in this case were I am unlucky? I have to calculate the roots of 6504 mod 17741(113*157), – bartos92 Feb 11 '17 at 18:00