1) Nigel Smart’s e-book “Cryptography: An Introduction” (3rd E) describes the algorithm in this way > Suppose the amount we want to variable is given by > N = p q. > Suppose on top of that that we know (by a fair guess) an integer B these kinds of that **p−1 is B-ability smooth**, but that q − 1 is not B-electrical power sleek. 2) Silverman’s Mathematical Cryptography book describes it like this > What is the probability that a randomly decided on integer of magnitude about n B divides! (B-school) > Note in particular that if n divides B!, then any primary l that divides n ought to satisfy l ≤ B. A amount whose primary elements are all much less than or equivalent to B gets to be a **Termed B-smooth number**. So it’s normal to request about the probability that a randomly decided on integer of magnitude about n is a **B-clean quantity**. In the algorithm by itself we check out to compute gcd(a^B! – 1, N) to come across p. As much as I can see, this functions if (p – 1) is B-sleek. Nigel Smart’s e book works by using this example N = 15770708441 = 135979*115979 He goes on to come across 135979 by **B = 180** gcd(2^**180!** – 1, N) = 135979 p – 1 in this case is 135978 sage: component (135978) 2 * 3 * 131 * 173 So in this scenario p – 1 is in fact **180 powersmooth** but that is only since the greatest factor is a trivial primary , which is 173^1 If instead we take an instance from Silverman’s Ebook N = 13927189 = 3823 * 3643 So if we try **B = 14**, we get gcd(2^**14!** – 1, N) = 3823 Factoring p – 1 sage: variable(3822) 2 * 3 * 7^2 * 13 So p – 1 is **14 clean**, but is not 14 powersmooth for the reason that 7^2 is not less than 14 is. ie we applied 14! but (p – 1) is not 14-powersmooth. Silverman’s terminology (p – 1 is B-easy) operates for equally his case in point and Smart’s. Although Smart’s terminology (p – 1 is B-powersmooth) would not operate for Silverman’s case in point. So is the description of Nigel Wise completely wrong? Or am I lacking anything?

About Cryptoplatforming.com

Cryptoplatforming.com is a news websites which gets news around the globe on investing in Crypto. Our news has no backgroundcheck.

Powersmooth is the right answer. That is why you build the exponent as `LCM([1..B])` and not `product(primes_up_to(B))`.