Is it possible to efficiently factor a semiprime given a bit-permutation relating the factors? For example, suppose we have $n = p * q = 167653$; in this case, $p = 359 = 101100111_2$ and $q = 467 = 111010011_2$ are related by the bit-permutation $K = (2 4) (5 7)$. If $K$ is known, can $n$ be factored in polynomial time?
2026-04-13 07:03:25.1776063805
Is it possible to efficiently factor a semiprime given a bit-permutation relating the factors?
781 Views Asked by Bumbble Comm https://math.techqa.club/user/bumbble-comm/detail At
1
There are 1 best solutions below
Related Questions in NUMBER-THEORY
- Maximum number of guaranteed coins to get in a "30 coins in 3 boxes" puzzle
- Interesting number theoretical game
- Show that $(x,y,z)$ is a primitive Pythagorean triple then either $x$ or $y$ is divisible by $3$.
- About polynomial value being perfect power.
- Name of Theorem for Coloring of $\{1, \dots, n\}$
- Reciprocal-totient function, in term of the totient function?
- What is the smallest integer $N>2$, such that $x^5+y^5 = N$ has a rational solution?
- Integer from base 10 to base 2
- How do I show that any natural number of this expression is a natural linear combination?
- Counting the number of solutions of the congruence $x^k\equiv h$ (mod q)
Related Questions in ALGORITHMS
- Least Absolute Deviation (LAD) Line Fitting / Regression
- Do these special substring sets form a matroid?
- Modified conjugate gradient method to minimise quadratic functional restricted to positive solutions
- Correct way to prove Big O statement
- Product of sums of all subsets mod $k$?
- (logn)^(logn) = n^(log10+logn). WHY?
- Clarificaiton on barycentric coordinates
- Minimum number of moves to make all elements of the sequence zero.
- Translation of the work of Gauss where the fast Fourier transform algorithm first appeared
- sources about SVD complexity
Related Questions in PERMUTATIONS
- A weird automorphism
- List Conjugacy Classes in GAP?
- Permutation does not change if we multiply by left by another group element?
- Validating a solution to a combinatorics problem
- Selection of at least one vowel and one consonant
- How to get the missing brick of the proof $A \circ P_\sigma = P_\sigma \circ A$ using permutations?
- Probability of a candidate being selected for a job.
- $S_3$ action on the splitting field of $\mathbb{Q}[x]/(x^3 - x - 1)$
- Expected "overlap" between permutations of a multiset
- Selecting balls from infinite sample with certain conditions
Related Questions in FACTORING
- Roots of a complex equation
- Solving for 4 variables using only 2 equations
- For any natural numbers a, b, c, d if a*b = c*d is it possible that a + b + c + d is prime number
- How can I calculate the remainder of $3^{2012}$ modulo 17?
- The complex equation $x^3 = 9 + 46i$ has a solution of the form $a + bi$ where $a,b\in \mathbb Z$. Find the value of $a^3 + b^3$
- Conversion factor
- How do I find roots of the 3rd order polynomial?
- How to find algorithm for integer factorization if the prime factorization of the integer is given?
- Define a binary operation * on the real numbers as $x * y=xy+x+y$ for all real numbers x and y.
- Computing $\lim_{x \to 1}\frac{x^\frac{1}{5}-1}{x^\frac{1}{6} -1}$
Trending Questions
- Induction on the number of equations
- How to convince a math teacher of this simple and obvious fact?
- Find $E[XY|Y+Z=1 ]$
- Refuting the Anti-Cantor Cranks
- What are imaginary numbers?
- Determine the adjoint of $\tilde Q(x)$ for $\tilde Q(x)u:=(Qu)(x)$ where $Q:U→L^2(Ω,ℝ^d$ is a Hilbert-Schmidt operator and $U$ is a Hilbert space
- Why does this innovative method of subtraction from a third grader always work?
- How do we know that the number $1$ is not equal to the number $-1$?
- What are the Implications of having VΩ as a model for a theory?
- Defining a Galois Field based on primitive element versus polynomial?
- Can't find the relationship between two columns of numbers. Please Help
- Is computer science a branch of mathematics?
- Is there a bijection of $\mathbb{R}^n$ with itself such that the forward map is connected but the inverse is not?
- Identification of a quadrilateral as a trapezoid, rectangle, or square
- Generator of inertia group in function field extension
Popular # Hahtags
second-order-logic
numerical-methods
puzzle
logic
probability
number-theory
winding-number
real-analysis
integration
calculus
complex-analysis
sequences-and-series
proof-writing
set-theory
functions
homotopy-theory
elementary-number-theory
ordinary-differential-equations
circles
derivatives
game-theory
definite-integrals
elementary-set-theory
limits
multivariable-calculus
geometry
algebraic-number-theory
proof-verification
partial-derivative
algebra-precalculus
Popular Questions
- What is the integral of 1/x?
- How many squares actually ARE in this picture? Is this a trick question with no right answer?
- Is a matrix multiplied with its transpose something special?
- What is the difference between independent and mutually exclusive events?
- Visually stunning math concepts which are easy to explain
- taylor series of $\ln(1+x)$?
- How to tell if a set of vectors spans a space?
- Calculus question taking derivative to find horizontal tangent line
- How to determine if a function is one-to-one?
- Determine if vectors are linearly independent
- What does it mean to have a determinant equal to zero?
- Is this Batman equation for real?
- How to find perpendicular vector to another vector?
- How to find mean and median from histogram
- How many sides does a circle have?
If K is composed of $k$ order 2 disjoint swaps (as suggested in a comment by Dan) and if $p,\ q$ are $u$ bits in length (ie, $u = \lceil \lg p \rceil$, where $\lg x$ denotes $\log_2 x$) then a naive search can be done in $\theta(3^k)$ time, as noted below. Only if $k$ is small and not dependent on $u$ (ie, is $O(1)$ and not $O(u)$) would naive search be useful. I don't know whether the special form of numbers would assist in any modern fast integer factorization algorithm, and in following merely work out the arithmetic of when naive search is feasible.
The $\theta(3^k)$ bound (vs. $2^{2k-1}$ suggested by Jyrki) arises as follows. We have $n = p\cdot q = (r-h)(r+h)$, where $p,\ q$ are primes, $r=(p+q)/2$, and $h$ is half of a delta of form dictated by K. Each delta is the sum of $k$ terms. The term for K-element $(a\ b)$ with LSB numbered as bit 1 has one of three forms: 0, $2^a-2^b$, or $2^b-2^a$. Thus, $3^k$ sums of terms $t_1+t_2+...t_k$ are possible. Half the set are negatives of the other half and need not be considered. Using naive searches (dividing by primes, vs. testing $3^k/2$ possible deltas) the same number of tests will arise when $\sqrt p / \ln\sqrt p = 3^k/2$, or [update 1] $k\approx u \lg2/(2\lg3) +\lg2/\lg3\approx 0.31\cdot u+0.63$, which is when roughly 2/3 of the bits of $p,\ q$ change places.
Of course, tests that solve quadratic equations are more expensive than those that just divide with remainder, but the general idea remains that $k$ must be $O(1)$ for feasibility.
Update 2: Previously I inadvertantly used $n$ two ways, as mentioned in comments below and illustrated in my first reply. Now $n = p\cdot q$ and $u$= number of bits in p.